Show TOC

 Integration of SNC and an External Security Product in SAP SystemsLocate this document in the navigation structure

The SNC functions are integrated in the SAPsystem components (for example, the AS ABAP system kernel, SAPGUI, or the RFC library) as a layer between the kernel layer and the library provided by an  external security product, such as SAPNetWeaver Single Sign-On. See the figure below.

Integration of SNC andan External Security Product in SAP Systems

Communication Process Flow
  1. When SNC is initialized, the system dynamically loads the functions provided by the external library.
  2. Afterwards, when two components communicate using SNC:
    1. The SNC layer processes the messages being sent.
    2. It applies the security functions to the messages.

      During this step, the SNC layer uses the functions provided by the external library to process the messages accordingly (for example, to apply encryption). The SNC layer accesses the external library using the GSS-API V2 interface.

    3. After processing the messages, the system sends them over the SAP network interface in the usual manner.
    4. Upon receipt, the SAP system component receiving the messages applies the corresponding external library functions in a similar manner, but reverses the process (for example, decryption).
      Note

      All of the components involved in the communication need to use a library that implements the same GSS-API V2 functions. We cannot guarantee interoperability if different components use different security products with different implementations.