Hello,
I am a partner services advisor asking this question on behalf of a partner who has an OData-Integrated mobile application through SUP 2.2 sp05.
I am thinking that this is a Gateway issue, which is why I am posting here:
Currently their NetWeaver Gateway (URL) is unable to authenticate with LDAP before providing the SSO Token.
Unfortunately SAP Unwired/Mobile Platform (SUP / SMP) is unable to generate a SSO token based on LDAP authentication. SUP/SMP relies on the HTTP URL specified in the HTTP Authentication Module to authenticate the user and generate the SSO token.
We are trying a couple of things and wanted to get your opinion on it or suggestions for other ideas:
- It is believed that a Web application can be written on top of NetWeaver Gateway that can authenticate against LDAP and generate the SSO token. How would this be implemented?
- We generated an x.509 certificate. How do we integrate the certificate from IOS Application using OData SDK? Is there any sample code URL that we can refer to?
- Do you have any other suggestions?
Thanks for your insights, and apologies if I am posting to the wrong forum!
FYI, here is a bit more of a back-story:
The partner is trying to configure LDAP and SSO2 authentication as follows:
- They have two authentication modules stacked.
- The SSO HTTP authentication module is set to "Optional" meaning the user does or does not have to successfully authenticate.
- The LDAP login module indicates REQUIRED which means regardless of success or failure on the SSO HTTP module, LDAP must succeed.
Now when they are trying to connect through SSO2 security configuration from mobile by disabling password on Gateway which is integrated with AD, they are not able to communicate with Gateway. It is throwing "401 Unauthorized" error.