Show TOC

Basic Authentication Against an SSO-Integrated ServiceLocate this document in the navigation structure

With basic authentication to an SSO-integrated back end, a user name and password are sent to SAP Mobile Platform Server, and the security profile uses the HTTP/HTTPS Authentication provider to pass the credentials to an SSO-enabled Web server for validation, which returns an SSO cookie to the security profile. Basic authentication against an SSO-integrated service is the least secure and the least common SAP Mobile Platform SSO scenario.

To ensure that SAP Mobile Platform Server knows who a user is after a successful SSO-based login, in Management Cockpit, select Check Impersonation in the security profile settings. When using the basic authentication scenario, SAP Mobile Platform already has the user name, but additional principals can be returned as well.

Note Although you can disable impersonation checking, be aware that logging, notifications, and auditing will also be disabled as a result, providing less information to administrators about who their users are and what they are doing. In addition, attackers can steal and use SSO cookies without a user's knowledge.