SAP Web Application Server SecurityUsing the Secure Sockets Layer ProtocolThe Application Server's Personal Security EnvironmentsSSL Server PSESSL Client PSEsThe SAP Cryptographic Library Installation PackageInstalling the SAP Cryptographic Library on the SAP Web ASSetting the Profile Parameters for Using SSLConfiguring the SAP Web AS for Supporting SSLCreating the SSL Server PSEGenerating Certificate Requests for the SSL Server PSEsSending the Certificate Requests to a CAImporting the Certificate Request ResponseMaintaining the SSL Server PSE's Certificate ListCreating the Standard SSL Client PSECreating the Anonymous SSL Client PSECreating Individual SSL Client PSEsSpecifying that a Connection Should Use SSLTesting the SSL ConfigurationMaking Sure the SSL Port is Set up CorrectlyTesting the Connection for SSL Server AuthenticationTesting the Connection for SSL Client AuthenticationUser AuthenticationUsing Logon TicketsConfiguring the System for Issuing Logon TicketsObtaining a Certificate Signed by the SAP CAUsing a Self-Signed CertificateChanging from a Self-Signed Certificate to a Certificate SignedConfiguring the System for Accepting Logon TicketsProtecting User InformationUsing X.509 Client CertificatesConfiguring the System for Using X.509 Client CertificatesPluggable Authentication Services for External AuthenticationAuthentication Mechanisms Supported by the PASAuthentication Using Windows NTLMVerifying User ID/Password on the Windows NT Domain ControllerAuthentication Using X.509 Client CertificatesAuthentication Using an LDAP Bind to a Directory ServerAuthentication Using an Arbitrary Mechanism on the Web ServerAuthentication Using a Mechanism Provided by a PartnerPrerequisites for Using PASLogon TicketsPrerequisites for Using Windows NTLM AuthenticationPrerequisites for Verifying Users on the Domain ControllerPrerequisites for Using X.509 Client CertificatesPrerequisites for Using an LDAP Bind to a Directory ServerPrerequisites for Using an Arbitrary Mechanism on the Web ServerPrerequisites for Using a Partner MechanismSecure Network CommunicationsConfiguring the PASConfiguring the Use of Logon TicketsConfiguring Windows NTLM Authentication on the Web ServerConfiguring SNCConfiguring SNC on the Application ServerConfiguring SNC on the AGateConfiguring SNC on the WGateInstalling the PASConfiguring the PAS Service FileExamplesSpecifying the HTTP Header Variable to UseMaintaining the User Mapping in the SAP SystemConfiguring the PAS for Providing the SAP User ID DirectlyTroubleshootingTesting the Configuration Using the ITS Administration ToolTesting the Use of SNCTesting Logon Tickets and PASChecking the HTTP Header VariableSample Trace File: SNC InitializationSample Trace File (AGate): Successful PAS Using NTLMSample Trace File (AGate): SAP User ID not Found
Using the Trust ManagerTerminology and AbbreviationsCertificate ListCertification Authority (CA)CredentialsLogon TicketPersonal Security Environment (PSE)Private KeyPublic KeyPublic-Key CertificatePublic-Key Infrastructure (PKI)Public-Key TechnologySAP Cryptographic Library (SAPCRYPTOLIB)SAP Security Library (SAPSECULIB)Secure Sockets Layer (SSL) ProtocolSecure Store & Forward (SSF)SSO Personal Security Environment (SSO PSE)System PSEVerification PSE