Credential Types for Supported Authentication Providers

Different security providers allow users to supply different user credentials. If your security policy mandates that a specific credential type or strength be used, review the providers that are available to you.

Table 73: Credentials Types and Providers
Client Credentials Providers that Can Authenticate Credentials Credentials Produced for Single Sign-on
Basic: user name and password, or e-mail address and password.
  • No Authentication Challenge
  • System Login
  • HTTP/HTTPS Authentication
  • Directory Service (LDAP/AD)
  • None
  • BASIC and cookie (such as, MYSAPSSO2)
X.509 certificates X.509 certificate X.509 certificate
SAML2 Trusted identity provider SAML2 passes the specified SSO provider the credential provided by the trusted identity provider.
HTTP header or cookie HTTP/HTTPS authentication Cookie
  • Kerberos
  • Populate JAAS Subject From Client
  • Principal Propagation
  • SAPSSO2 Generator
  • Kerberos access ticket
  • HTTP cookie or header
  • SAPSSO2 token