Setting up SSO for Lumira Server – The Magic Switch

Another request from a customer of ours that I thought I would share with every-one to make your lives easier when you are faced with setting up Single Sign-on (SSO) for Lumira Server .

When I looked for a solution to this there is nothing that I could find that outlines exactly what you need to do to get this working and hence the blog post.

From a version point of view I am using:

  • SAP HANA Rev 92
  • SAP Lumira Server 1.22
  • SAP HANA Administration Guide SPS09 – 2004-11-26

A key point to remember up front is that Lumira Server runs on your HANA Platform and relies on the XS engine for it’s authorisations.

In the SAP Lumira Server Installation Guide 1.22 there is no current section on SSO but through some searching I managed to find this line in Section 13.1.1 (Page 55)  that referred to the Fiori Catalog:

“Perform the procedure outlined in Configure SSO with SAP Logon Tickets for SAP HANA XS Applications in the SAP HANA Administration Guide.”

This lead me to believe that you need to set up SSO on HANA first and then Lumira Server will follow.

This blog post is not intended to be about how to set up SSO. The SAP HANA Administration Guide section 5.10 covers all the ways to set up SSO for the XS Engine:

admin_guide_510

If you have got SSO working on your HANA box then the Lumira Server set-up is super simple .

Taking a step back here let’s remember that your Lumira Server will run off the following url/path  http://:80/sap/bi/launchpad. The key here is that Lumira Server files and configurations are at /sap/bi/launchpad.

What you need to do next is log into your SAP HANA Admin Console which would be at http://:80/sap/hana/xs/admin. Then on the LHS navigate to sap/bi and the click on launchpad and you will get presented with the following screen:

xs_admin

 

This is the default Security and Authentication that Lumira Server get’s installed with and will result in your end users getting prompted for their login credentials every time they access the Lumira Server URL

All you need to do now, and once again assuming you have SSO working, is to click on the Edit link on the bottom RHS and choose which Authentication method you have implemented for SSO. In the below screenshot I have chosen SPNGEO as an example:

xs_admin_edit

 

Once you have done this just click Save. Also – in case you missed it the check box above is the “magic switch”

Once that is done you should see the following screen and your users should be able to access the Lumira Server URL with SSO – this is also assuming their user account has the correct access to Lumira Server… but that’s another blog post.

xs_admin_final

Let me know how you go. I’m happy to try answer and questions that arise.

Leave a Reply