Show TOC

Background documentationAuthentication for Web Services (AS ABAP) Locate this document in the navigation structure

 

Design

You can set the authentication level for Web Services.

More information: Creating a Service Definition

Using the security profile settings for high, medium, and low, you can set strong or basic authentication levels.

  • Security profile High means authentication level Strong

    Strong authentication (X.509 Client Certificate)

    Strong Authentication authenticates the user through mutual SSL authentication. An SSL client certificate must be provided for this.

    Strong authentication can refer to the HTTP header or the document.

    More information: Using X.509 Client Certificates

  • Security profile Medium or Low means Authentcation level Basic

    Basic authentication (user name and password)

    • Authenticates the user based on the user ID and password in the HTTP header.

      This option is supported for HTTP and HTTPS.

    • The user is authenticated on the basis of the user name and the password in the document. (Document Authentication)

  • Security profile None means Authentication level None.

    No authentication during transport or in the document

These settings are default values for setting the runtime configuration in SOA Management (transaction SOAMANAGER) or, if available, in the SAP NetWeaver Administrator. Here you can specify the minimum security setting that is to apply to the appropriate Web service at runtime. In the runtime configuration settings, it is not possible to fall below these values.

Delayed Logon to Internet Communication Framework (ICF)

The Internet Communication Framework requires a logon. If you perform your logon using a WS security user name token, a user switch will be executed in SOAP runtime.

For this purpose, the service user DELAY_LOGON is used. Do not assign any roles or profiles to this user.