Help Center>Foundation Help

Applies to:

Configuring SAP SSO

Additional Information

SSO (Single-Sign On) gives users secure access to applications and business information across all systems with a single password.

Winshuttle Server Workers connect with SAP to upload and download data. Server Workers can use SSO logins to automatically post data to SAP, or use published Winshuttle Transaction and Winshuttle Query web services used by Winshuttle Forms.

SSO methods supported by Winshuttle products

Supported SSO types

In Studio

In SAPIS

Authentication type

How it works

Configuration information

Kerberos SSO This SSO is based on token authentication. This SSO is based on token authentication. User-specific token

Using Kerberos technology via SNC or SPNEGO, a trust relationship is established between the user’s front end (SAP GUI for Windows or a web browser, for example) and the back-end Application Server ABAP or Java. Employees log in once when they start their computers by signing on to their Windows domain. Any subsequent authentication processes are left to a Kerberos token mechanism provided by SAP Single Sign-On and based on Microsoft Active Directory.

No additional server is required in this scenario.

Configuring Kerberos SAP SSO
X.509 SSO This SSO is based on user or group certificates. This SSO is based on user or group certificates. User-based certificates    
SAP SSO This SSO is based on token authentication via SLC client installed on the client machine. This SSO is based on machine-level certificates where a tunnel gets created between the machine and SAP. Machine-level certificate   Configuring Winshuttle Foundation SAP Integration Server 11.2.12 to work with SAP Single Sign-On
CyberSafe This SSO is based on token authentication via SLC client installed on the client machine. This SSO is based on machine-level certificates where a tunnel gets created between the machine and SAP. Machine-level certificate   Configuring Cybersafe SSO