Security for the Client Programming Model 

This section describes security issues for calls from a Java Application to an SAP Application Server.

JCA, as part of the J2EE Architecture, uses services of J2EE standard authentication comprised in

JAAS (Java Authentication and Authorization Service).

This standard authentication contains authentication methods like

·        BasicPassword and

·        Kerbv5

These authentication methods are Container Managed Authentication procedures.

The type of authentication is given through the configuration of application descriptors.

When a connection is established, the SAP system checks the validity of the user credentials provided, regardless of the security mechanisms used.

Further Information

For details on the different authentication types see:

·        BasicPassword

·        Kerbv5 (SSO)

·        DefaultAuthentication

·        Application Managed Authentication

·        Secure Network Connection (SNC)