Hello All,
Our team has a specific requirement that I am unable to find a solution for and I would like to know if anyone else has found a solution or if this is a planned development for the future.
Requirement: Use SAML (via SAPID) to authenticate users for an XS Application. If the users are not in the HANA db as restricted/unrestricted user after the return from SAPID the ICM or web dispatcher (what ever it is called now) should forward the user to an anonymous authentication application where they would perform self service to enter in their employee information and an administrator would later validate the information and if okay create the restricted user in the db.
Question: Is there a setting in .xsaccess or a change that can be made to sap/hana/xs/saml/login.xscfunc that will send the user to the anonymous access .xsapp instead of showing the generic error "Database user does not exist(StatusCode: , StatusMessage: )".
Additional Notes:
1. We cannot do automatic db user creation via SAML administration because (a) it creates a non-restricted user and (b) anybody in the world can create an SCN id and then surf to the site where a user would be automatically created.
Thanks for reading and any responses,
Derek Winters