Hi Krunal
Thank you. It gives a way to do sso, but I don't think secure enough, cannot let external system to store sap's accounts and password.
I'm thinking whether we can setup a certificate authentication trust between customized sap java applications and EP, then from that customized applications, I can write code to verify external authentication cookies (ie, smsession), then from the token I can get who is authenticated, the sap account id. and EP generate the sap logon ticket based on the trust and account id.
