Start of Content Area

Background documentation Integration with Single Sign-On Environments  Locate the document in its SAP Library structure

Use

SAP ERP Central Component supports the single sign-on (SSO) mechanisms provided by SAP NetWeaver Application Server for ABAP Technology. Therefore, the security recommendations and guidelines for user management and authentication that are described in the security guide for SAP NetWeaver Application Server also apply to SAP ERP Central Component.

The supported mechanisms are listed below.

Secure Network Communications (SNC)

SNC is available for user authentication and provides an SSO environment when using SAP GUI for Windows or Remote Function Calls.

For more information, see SAP Service Marketplace at service.sap.com/securityguide ® SAP NetWeaver Security Guide ® Security Guides for the SAP NetWeaver Products ® SAP Web Application Server Security Guide ® SAP Web AS Security Guide for ABAP Technology ® User Authentication ® Authentication and Single Sign-On ® Secure Network Communications (SNC).

SAP Logon Tickets

SAP ERP Central Component supports the use of logon tickets for SSO when using a Web browser as the front-end client. In this case, users can be issued a logon ticket after they have authenticated themselves with the initial SAP system. The ticket can then be submitted to other systems (SAP or external systems) as an authentication token. The user does not need to enter a user ID or password for authentication, but can access the system directly once it has checked the logon ticket.

For more information, see SAP Logon Tickets in the SAP NetWeaver Application Server security guide.

Client Certificates

As an alternative to user authentication using a user ID and passwords, users using a Web browser as a front-end client can also provide X.509 client certificates to use for authentication. In this case, the user is authenticated on the Web server using the Secure Sockets Layer Protocol (SSL protocol). . User authorizations are valid in accordance with the authorization concept in the SAP system.

For more information see Client Certificates in the SAP NetWeaver Application Server security guide.

 

End of Content Area