You can configure security settings for the service provider and service consumer for the runtime of Web services.
To edit the security settings for service providers:
Click the (Edit binding) icon for a selected binding.
The Provider Security settings are displayed on the first tab.
Security Settings
You can edit the following settings:
Security Area | Description |
---|---|
Transport Level Security | The level of security provided for the transport layer, that is, the transport of messages. You can either use HTTP or HTTPS. |
Message Level Security |
The level of security provided for each message. Messages can be secured using an XML signature/certificate and XML encryption with either symmetric or asymmetrical keys. Using Secure Conversation, messages are secured with a pre-defined symmetrical key. The key is re-used in further calls. |
More information: SAP Help Portal: SAP NetWeaver > Security Guide > Network and Communication Security.
Authentication Method | Description |
---|---|
No Authentication | Select whether authentication is required to use the Web service or not. You can use Transport Channel Authentication or Message Authentication (but not both). |
Transport Channel Authentication |
Authentication information is found in the HTTP header.
More information: SAP Help Portal: SAP NetWeaver > Security Guide > SAP NetWeaver Single Sign-On. |
Message Authentication |
Authentication information is found in the SOAP header.
More information: SAP Help Portal: SAP NetWeaver > Security Guide > SAP NetWeaver Single Sign-On. |
Recommended WS Security Scenarios
SAP has put together recommendations for you on combining authentication and transport guarantee mechanisms. You can also get information on what prerequisites you have to fulfill to implement the scenario in your systems.
More information: SAP Help Portal: SAP NetWeaver > Security Guide.
Configuration Examples for AS ABAP
More information about secure Web services scenarios: Configuration Examples for AS ABAP