The standard authentication procedure supported by the Enterprise Portal is the common procedure involving user IDs and passwords. The Portal Server verifies the user ID and password supplied by the user against the user ID and password that are stored in the corporate LDAP directory. This verification is performed by a security filter in the Microsoft Internet Information Server (IIS) of the Portal Server.

This authentication mechanism is based on the Basic Authentication feature of the HTTP protocol.

This is the default method of authentication for the Enterprise Portal, therefore you should not need to make any settings, but you can verify that the following applies:

This is how this method of authentication works:

1. The user enters the URL for the Enterprise Portal in his or her Web browser.
2. A HTTP request is sent to the portal Web server.
3. The Web server does not find any user information in the HTTP header and sends back a response (status code 401) to the client saying that it needs user credentials.
4. The client then displays a dialog box asking the user to enter his or her user ID and password.
5. The credentials entered by the user are sent with the HTTP request to the portal Web server.
6. The security filter in the IIS tries to authenticate the user against the user directory used for authentication. If the user exists in the directory with the entered password, he or she is successfully authenticated.

If the authentication was successful, the user is assigned a SAP logon ticket and can use it to access the component systems and data sources in the Enterprise Portal.