Authentication 
Use
Authentication provides a way of verifying the user’s identity before he or she is granted access to the portal. Once the user has been authenticated, he or she is issued a SAP logon ticket that allows him or her to access all the applications, information and services in the Enterprise Portal using Single Sign-On. Since many of these applications may contain sensitive data, it is imperative that the user in question can be identified and this identity authenticated.
The process of authentication is based on each user having a unique set of credentials for gaining access. For example, with user ID and password authentication, the authentication server compares a user’s authentication credentials with other user credentials stored in a data repository. If the credentials match, the user is granted access to the Enterprise Portal. Otherwise, the authentication fails and portal access is denied.
The Enterprise Portal 5.0 offers the following integrated authentication mechanisms:
· Authentication with User ID and Password
· Authentication with X.509 digital certificates
· Authentication using external mechanisms
¡ Authentication Against User Data in SAP R/3 System
¡ External Web access management tools, such as Netegrity SiteMinder
¡ COM interface allowing you to use any kind of external authentication service
Note that you must use one method of authentication for all users. The only exception is authentication with digital certificates. Digital certificates can be used as an additional method of authentication. This means that users that have a client certificate use it to log on while other users have to provide credentials using a different authentication mechanism.
The Enterprise Portal can also be set up to provide anonymous access to the portal. This means that users can access the portal without providing any authentication. For more information, see Anonymous Logon with Named Guest Users.
To log on to the Enterprise Portal, users must enter the full URL in the browser including the full qualified domain name, otherwise the browser will not get the correct SAP logon ticket. If the portal is running in the intranet only, you can configure your Web server to change a host name to a full URL.