You can choose from several different logon procedures when you use a HTTP request to log on to SAP Web AS. You can configure the procedure individually for each service or for an entire service node, including all its services.
At least one HTTP request handler must have been entered for the service or service node.
You can specify for every ICF service what logon procedure must be used to execute it. The following options are available:
Standard (default): When you log on, multiple checks are run in a specified order.
Alternative Logon Procedure: When you select this option, you can choose the checks yourself, and the order in which they run.
Logon Data Required: Only the logon data specified in the service (User, Password, Client, and Language) is used to check the logon.
SSL Certificate Required: Logons are performed using X 509 Certificate only.
You can use only one of these options for each service or service node.
If you use the Standard or Alternative Logon Procedures, you can use the All Logons checkbox to specify whether the appropriate checks are run (in the specified order) until one of the logon procedures is successful (checkbox activated), or whether the logon is rejected with a message as soon as a logon procedure fails (checkbox not activated).
A logon procedure is then only checked when the corresponding logon data is also provided by the HTTP request.
An HTTP request can also contain logon data for multiple logon procedures, for example, for Basic Authentication and SAP Logon Ticket.
For each service, you can also choose the Logon via SAML option. With SAML (Security Assertion Markup Language), you can use XML-based single sign-on mechanisms for your services.
For each service, you can define an individual response page that appears if the logon fails.
For information about making ICF communications secure, see the following: