Question: What is Single Sign-On (SSO)?
The term Single Sign-ON (SSO) describes a solution that enables the system to determine the identity of a user without the user having to explicitly specify a user name and password in each application. It is a one-time logon to the system. However, there may be different technical conversions. Several different SSO solutions also exist for SAP.
 Question: How do I implement Single Sign-On?
Different technical options are available to implement SSO.
Some of the solutions that are available in SAP systems include:
-Logon tickets (Workplace)
For more information, see note 138498.
 Question: Why does Single Sign-On no longer work after one year?
You are using a certificate that was issued by SAP_CA. For more information, see note 389186. These types of certificates are issued with a validity period of one (1) year only. Logon tickets are still issued after the validity period expires; however, an error is triggered when the logon tickets received are checked. In principle, the problem is not restricted to CA certificates; however, "self-signed" certificates are generated with a considerably longer validity period (up to the year 2038).
 Question: Do all systems have to have the same password?
The current SSO methods enable you to assign different passwords for different systems.
 Question: Where can I find further documentation on SSO?
Further documentation is available in the SAP Marketplace: