Got a quick portal security question 
We are doing a new implementation where the main backends are 2 x ECC and 1 x BOBJ.
We intend to use the Fiori Launch Pad for the central access point and navigation hub. We have the option to deploy the FLP on either its own ABAP Frontend server, or on a Portal instance (we don't currently have one).
We know from this page that both methods provide the same options for Single Sign On to the backend systems, i.e. SAML, SAP Logon Tickets or Basic. We also know from this page that if we host FLP on the Gateway, we can only use URL integration for BOBJ, whereas on the Portal we can use (I guess) dedicated BOBJ iViews.
What we don't know, is if we save the cost of a Portal and host the FLP on the GW, would those SSO options work with BOBJ reports if integrated with URL integration?
I can't see any other reason why we would implement the portal... since the FES would be able to handle the navigation and the SSO.
Any thoughts?