Administrator

SAP Mobile Platform Authentication Quick Start

This quick-start task flow identifies security setup activities in an SAP Mobile Platform environment. Activities performed by the SAP Mobile Platform administrator, may also require the collaboration or participation of mobile application developers, or Afaria, security, or database administrators, depending on the role distribution within your organization.

Prerequisites

Plan your security landscape based on your required authentication and client types, as well as the single sign-on (SSO) requirements to your back-end systems. See Planning Your Security Landscape.

Context

SAP Mobile Platform supports the following authentication types:
  • Anonymous authentication – provides no user authentication, and allows access to application data, such as applications that allow users to browse read-only information without logging in by assigning the anonymous security configuration to the application.
  • Basic authentication – user name and password only. Less secure than token-based and certificate-based authentication types.
  • Token-based authentication – also called single sign-on. Enables access control for multiple, independent systems, affording the user a single login to access multiple secure systems. This is the most common authentication type.
  • Certificate-based authentication – uses X.509, a standard for digital certificates. X.509 provides the strongest form of authentication security in SAP Mobile Platform by managing authentication across platforms and out to the network edge.
Table 53: Securing Platform Administration Tasks
Task Anonymous Authentication Basic Authentication Token-Based Authentication Certificate-Based Authentication
Configure security profiles Configuring Security Profiles
Map logical roles to physical roles Not applicable Mapping a Logical Role to a Physical Role
Integrate your SSO solution into the platform Not applicable Basic Authentication Against an SSO-Integrated Service Token-Based SSO Authentication Integrating with Single Sign-On Solutions
Manage keystore and truststore certificates Not applicable Not applicable Not applicable Managing Keystore and Truststore Certificates
Deploy applications Deploy Applications