Show TOC

User Authentication and Single Sign-OnLocate this document in the navigation structure


User authentication and Single Sign-On (SSO) is an element of your security policies that you can use to protect access to your system infrastructure by securely establishing and propagating the identity of a sender of an access request.

  • User authentication includes the process of securely establishing the identity of a user as a client requesting access to a server system.
  • SSO complements user authentication and includes the process of authenticating an access request once and transparently propagating the identity of an already authenticated user for access to multiple back-end systems.

You can use authentication and SSO to enable secure points of access to your systems in open environments, such as the Internet.


User authentication and SSO is closely related to the following security functions in SAPNetWeaver:


SAPNetWeaver supports a number of mechanisms to enable user authentication and integration in SSO. SAPNetWeaver Application Server (AS) Java and AS ABAP provide the underlying technology for authenticating users.

For more information about the conceptual, administrative, and development aspects relevant to user authentication and SSO in SAPNetWeaver, see the following sections:

  • Authentication Concepts

    Information about the security aspects that apply when using the authentication mechanisms that are supported by SAPNetWeaver.

  • Authentication Infrastructure

    Information about the underlying ABAP and Java technology stack infrastructure to support the authentication and SSO in SAPNetWeaver.

  • Integration in Single Sign-On (SSO) Environments

    Information about configuring the use of mechanisms for authenticating user access, as well as, their integration in SSO environments.

  • Developing Authentication Enhancements

    Information about enhancing the standard SAP NetWeaver authentication and SSO functions with custom development. You can also find information about developing custom authentication enhancements for SSO to non-SAP systems.