Configure a Custom Identity Provider with SAP HANA Cloud Platform

  • by Ameya Pimpalgaonkar, Senior SAP Architect
  • May 26, 2015
See how to configure SAP HANA Cloud Platform to switch from the standard identity provider (IDP) or SAP ID Service to instead authenticate users using your own custom identity provider. Learn how to configure a local IDP that you can create on the fly within Eclipse. You can create temporary users within Eclipse so that you can test the custom IDP-based authentication without any additional configuration. You can then use these users to run applications deployed on SAP HANA Cloud Platform.
Learning Objectives

After reading this article you will be able to:

  • Understand what a local identity provider (IDP) is and how it is relevant to SAP HANA Cloud Platform
  • Set up a local IDP in your Eclipse-integrated development environment (IDE) and configure it to work with SAP HANA Cloud Platform
  • Understand the trust and authentication process between IDP and SAP HANA Cloud Platform
  • Configure SAP HANA Cloud Platform to authenticate users defined in your local IDP
  • Understand the importance of pre-defined roles in the context of a local IDP
Key Concept
SAP HANA Cloud Platform is an in-memory, platform-as-a-service offering from SAP. It not only powers applications with the SAP HANA engine, but it also allows SAP users to build and deploy applications or even extend on-premise applications over the cloud. In addition, SAP HANA Cloud Platform provides integration possibilities with cloud extensions, mobile collaboration, and even analytics capabilities to track and monitor applications and servers in real time.

When you sign up for a trial SAP HANA Cloud Platform account, by default SAP ID Service is enabled to authenticate users and manage access to content published or deployed on SAP HANA Cloud Platform. However, while working in a productive scenario, you are often required to use a custom or local identity provider (IDP) that acts as a user store. When you want to provide roles and authorizations to internal users or customers who exist in a custom user store of a particular organization, you have to set up a custom trust provider on the SAP HANA Cloud Platform Portal that authenticates organization users and not SCN users.

I am going to discuss IDPs and show how to configure SAP HANA Cloud Platform to switch from the standard IDP or SAP ID Service to instead authenticate users using your own custom IDP, which could be a local IDP, Lightweight Directory Access Protocol (LDAP), or Active Directory. However, for this article, I am using the local IDP. If you want to use LDAP or Active Directory, the process remains the same.

Ameya Pimpalgaonkar

Ameya Pimpalgaonkar is a senior SAP architect. He specializes in SAP Netweaver Portal, SAP BPM, BRM, MDM, and SAP Mobile. His interests include UI and front-end technologies, SAPUI5, Responsive Design, and integration of modern technologies with SAP UI. He has also worked on HTML5, CSS3, and jQuery. Ameya is also a certified usability analyst from HFI, USA.

See more by this author


Comments

No comments have been submitted on this article. 


Please log in to post a comment.

To learn more about subscription access to premium content, click here.