Hi JC, you could do
- SPNego Authentication (SSO) from Domain-PCs to Gateway Server (Fiori). This would need a SAP SSO license
- You could integrate Fiori into an existing SAML2 SSO Scenario if you already have an existing SAML2 Identity Provider (IDP) up and running. This would do without a SAP SSO license.
- You could use an SAP Secure Login Server as SAML2 IDP that process LDAP Authentication and provides SAML2 SSO to the Gateway Server. This would need a SAP SSO license.
- You could integrate Fiori into a Portal and use MYSAPSSO2 ticket based SSO. This would do without a SAP SSO license
- You could rollout client certificates to your domain PCs and do X.509 Authentication. This would do without an SAP SSO license
There are probably a few more options that currently do not come to my mind.
To have some kind of demo access you could setup a new SICF service or alias and provide it with fixed demo credentials.
Cheers,
Lutz