Communication Security for Persistency Stores
As middle-tier software, the J2EE Engine communicates with a number of external data sources. The external data sources include SAP ABAP systems, databases, and LDAP-compliant directory servers.
For an overview of the communication flow, see the figure below.
Communication Flow for Persistency Stores
The table below presents an overview of the security-relevant information for each of the communication paths.
Communication Path |
Protocols Used |
Type of Data Transferred |
Available Security Protection |
J2EE Engine to LDAP directory server |
LDAP |
· Authentication data · Application data for directory management · Directory entries |
Secure Socket Layer (SSL) |
J2EE Engine to RDBMS user store |
JDBC 1.x JDBC 2.x |
· Authentication data · Application data · User management data |
Driver-provided encryption
|
J2EE Engine to SAP ABAP systems |
RFC |
· Authentication data · Application data |
Secure Network Communications (SNC) |
See also:
Security Aspects of the Database Connection in the Administration Manual