Authentication Against an ABAP System
To access a Web application, AS ABAP uses the HTTP framework from Internet Communication Manager (ICF) that provides functions for defining the logon procedure. For more information, see Maintaining Logon Procedures.
A simple process is available for configuring the system logon. In addition, you can customize the logon information according to your needs, for example, system ID, client, language, system messages, logon, and system information. For more information, see Creating and Configuring ICF Services under Communication between ABAP and Non-ABAP Technologies below.
With this, authentication against an ABAP system reduces to the normal authentication process as is standard for all Web-based applications on an ABAP stack, for example, BSP and Web Dynpro ABAP.
Settings for the Configuration for SSL support are particularly important for security with AS ABAP. For more information, see Configuring the AS ABAP for Supporting SSL under Network and Communication Security below. The logon ticket cache function is provided for increasing performance when multiple logons exist.
Install and configure SAPCRYPTOLIB.
Configure SSL in the Trust Manager (STRUST) transaction.
Run the following test calls through a browser to verify that the HTTPS settings are configured correctly: https://<server>:<port>/
.More Information
User Authentication and Single Sign-On
Transport Layer Security (containing links to Secure Sockets and SNC, Configuring the AS ABAP for Supporting SSL
Security Guides for the Application Server:
Security Guides for ASAP:
SAP NetWeaver Application Server for ABAP Security Guide:
User Administration and Authentication, Integration in Single Sign On Environments, Logon Tickets, Using Logon Tickets with AS ABAP
Authentication Against a Portal System
NWBC uses the Ticket Issuer to log on to the J2EE server. The logon must be properly configured in the J2EE engine for this to work correctly.
Call the SAP NetWeaver Administrator.
Go to Configuration Management.
Choose Authentication.
Select component sap.com/tc~sec~sso~app*ticketissuer.
Enter the following as the assigned login modules:
Login Module Name |
Flag |
---|---|
EvaluateTicketLoginModule |
SUFFICIENT |
ClientCertLoginModule |
OPTIONAL |
CreateTicketLoginModule |
SUFFICIENT |
BasicPasswordLoginModule |
REQUISITE |
CreateTicketLoginModule |
OPTIONAL |
This may appear as shown in the figure below:
Alternatively, you can search for the above terms directly in the SAP Help Portal.