Enabling Single Sign-on for Mobile Business Object Packages

Enable single sign-on (SSO) over secure paths for mobile business object (MBO) packages.

  1. Single Sign-on for SAP MBO Package Prerequisites
    Before implementing SSO for SAP MBO packages, configure the MBOs so client credentials can be propagated to the EIS and, if enabling SSO for a Workflow application, add the appropriate starting point.
  2. Preparing Your SAP Environment for Single Sign-on
    Verify that the SAPĀ® enterprise information system (EIS) is configured correctly to accept SSO connections from Unwired Server.
  3. Installing the SAPCAR Utility
    Unzip and install the latest SAPCAR utility on your Unwired Server or Unwired WorkSpace host, which you can use to extract the contents of compressed SAP files, for example RFC and cryptographic library files.
  4. Installing the SAP Cryptographic Libraries on Unwired Platform
    Installation and configuration is required if you want to configure Secure Network Communications (SNC) for Unwired Platform SAP JCo connections. SNC may be required by the SAP EIS in question, if SSO2 tokens or X.509 certificates are used for connection authentication.
  5. Configuring X.509 Certificates for SAP Single Sign-on
    Import, export, and generate the X.509 certificates that secure communication paths between Unwired Server and the SAP enterprise information system (EIS), and for client authentication, including single sign-on (SSO) with X.509 or SSO2 tokens.
  6. Creating Connections and Connection Templates
    Create a new connection or connection template that defines the properties needed to connect to a new data source.
  7. Security Configurations That Implement Single Sign-on Authentication
    Use the CertificateAuthenticationLoginModule authentication module to implement X.509 authentication or HttpAuthenticationLoginModule to implement SSO2.
  8. Provisioning Security Artifacts
    Typically, you must preprovision Unwired Platform security artifacts before applications can be used. The manner by which an artifact is provisioned depends on the artifact.
  9. Single Sign-on for SAP MBO Package Postrequisites
    After configuring SSO for SAP MBO packages on Unwired Server, install certificates on the mobile device and test them.
Parent topic: Security Task Flows
Related concepts
SAP Single Sign-on and Mobile Business Object Package Overview
Single Sign-on Authentication