Configuring Strong Encryption for User
Mapping
Use
If you installed SAP NetWeaver Application Server (AS) 7.0 up to SPS 9, you should make sure that you are using strong encryption for your user mapping data. Do this even if you have upgraded to SPS 9 and higher.
● Weak encryption
User mapping data is stored with weak encryption (base64 encoded).
● Strong encryption
○ For user mapping with user ID and password, the password is stored in encrypted form.
○ For user mapping for logon tickets, where the password is not stored, the user ID is stored once in plain text and once in encrypted form to enable one to test whether the user ID has been manipulated.
We strongly recommend that you use strong encryption.
The only exception is if you choose to store the mapped user IDs for logon tickets in the LDAP directory. In this case, the user ID is not encrypted, regardless of whether you have configured for strong encryption or not. This is because the user ID may be used by other systems or is replicated to the LDAP directory from an ABAP system.
Procedure
...
1. Start user management configuration.
For more
information, see
Configuring User
Management.
2. Choose the User Mapping tab.
3. Choose Start Conversion.
This converts all existing user mapping data from weak to strong encryption.
As soon as the conversion process starts, any new user mapping entries are stored with strong encryption.