Anonymous_User Absent Member.
Absent Member.
647 views

redirect to SSPR bypass or auto login


Hi,

After the user is logged in to SAP and if they have not set up their
Challenge questions and answers, they will be redirect to this SSPR
application. We would like to bypass the login or auto log the user in.
Is it possible? Any one have any suggestions?

Much appreciated.


--
tammai
------------------------------------------------------------------------
tammai's Profile: https://forums.netiq.com/member.php?userid=7082
View this thread: https://forums.netiq.com/showthread.php?t=50343

0 Likes
3 Replies
Anonymous_User Absent Member.
Absent Member.

Re: redirect to SSPR bypass or auto login

If you are using something like Novell/NetIQ Access Manager (NAM) as the
reverse proxy for both SAP's web interface as well as Self Service
Password Reset (SSPR) you could probably use NAM to inject the user's
credentials into SSPR's login page to have it automatically bypassed. How
you'll detect to send them there when they have not yet setup their
responses is not something I know offhand, but that may be a question
better-asked in the NAM forum. Worst case most organizations adding
something like SSPR to their environment will either e-mail out the link
to the application for people to use for setup once, and then ongoing the
application itself is often used for the initial password change for new
users (so they change from the first assigned password and setup challenge
response at the same time).

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: redirect to SSPR bypass or auto login


ab;242454 Wrote:
> If you are using something like Novell/NetIQ Access Manager (NAM) as
> the
> reverse proxy for both SAP's web interface as well as Self Service
> Password Reset (SSPR) you could probably use NAM to inject the user's
> credentials into SSPR's login page to have it automatically bypassed.
> How
> you'll detect to send them there when they have not yet setup their
> responses is not something I know offhand, but that may be a question
> better-asked in the NAM forum. Worst case most organizations adding
> something like SSPR to their environment will either e-mail out the
> link
> to the application for people to use for setup once, and then ongoing
> the
> application itself is often used for the initial password change for
> new
> users (so they change from the first assigned password and setup
> challenge
> response at the same time).
>
> --
> Good luck.
>
> If you find this post helpful and are logged into the web interface,
> show your appreciation and click on the star below...


To expound upon what Aaron wrote:

IF you're using NAM, and you have the contract setup for "expired
password servlet" as per the SSPR 3.x docs, then, when the user is
Single Signed onto (via NAM Identity Injection Policy), the users will
be prompted to fill out their challenge/response questions via SSPR
before being prompted to change their password.

I just tested this, but note: You need to be at the 3.0.0.2 codebase.
The 3.0.0.0 codebase of SSPR 3 doesn't force the challenge response
questions to be answered.

SSPR login page defaults to username/password, so if you have "something
else" that can stuff in the eDir/AD userid/password, it should work as
well.

I can only speak to SSPR 3.0.0.2 with eDir as the user source, and
front-ending with NAM for SSO and expired password integration.

--Kevin


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=50343

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: redirect to SSPR bypass or auto login


You will need some type of SSO framework/gateway such as NetIQ Access
Manager to make this work.


--
jrivard
------------------------------------------------------------------------
jrivard's Profile: https://forums.netiq.com/member.php?userid=541
View this thread: https://forums.netiq.com/showthread.php?t=50343

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.