Start of Content Area

Background documentation Authentication for Web Services  Locate the document in its SAP Library structure

Design in AS Java

Runtime Configuration in NetWeaver Administrator

Strong

HTTP Authentication

      X.509 Client Certificate

      Logon Ticket

Or

Message Authentication

      X.509 Client Certificate

      SAML Assertion

Basic

HTTP Authentication

      User ID/Password

Or

Message Authentication

      User ID/Password

None

 

Design of Web Services in the Java Application Server

In the Java application server, you can provide specifications for the authentication level when designing Web services.

For strong authentication, specify security level High. For basic authentication, specify security level Medium or Low.

Runtime Configuration in NetWeaver Administrator

You can display the minimum security level for authentication that you have defined in the Java application server in the NetWeaver Administrator under Authentication.

Find the pre-settings for service definitions under SOA Management  ® Business Administration ® Web Services Administration under Service Endpoints on tab page Service Definition Details.

Make the following entries:

      To set strong authentication, go to the Security tab and choose X.509 Client Certificate or Logon Ticket either for HTTP authentication or message authentication.

More information:

Configuring Transport Authentication with X.509 Certificates

Configuring Transport Authentication with Assertion Tickets

Single Sign-On with X.509 Certificate Token Profiles

      To set basic authentication, go to the Security tab and choose UserID/Password either for HTTP authentication or message authentication.

For more information, refer to the section Integration in Single Sign-On Environments

 

 

End of Content Area