Prerequisites
Checklist for Configuration in the System
The following settings must be made in your AS-ABAP system:
Short Instructions for Configuring the Security Functions (SSO2)
You only need these settings if you want to support SSO2. This means they are optional.
Also note that the SAP Cryptographic Library is not needed. For SSO2 the SAP Security Library is sufficient. This is delivered in the standard AS-ABAP system.
-
Profile parameter login/accept_sso2_ticket is set to 1, and login/create_sso2_ticket is set to 1 or 2.
For details, see Configuring the AS ABAP for Issuing Tickets for Logon.
-
The system is now restarted.
-
The AS-ABAP is configured for Using SSL (optional, but recommended):
-
A PSE was generated. You can find details in Creating SSL Server PSE.
-
A certificate requirement was created for the PSE. You can find details in Creating Certificate Requirements for the SSL Server PSEs.
-
The certificate requirement was sent to a certification authority (CA) You can find details in Sending Certificate Requirements to a CA.
-
The generated PSE was imported. You can find details in Importing Certificate Replies.
-
The certificate list of the PSE was entered. You can find details in Maintaining the SSL Server PSE Certificate List.
NoteSee also SAP Note 510007
Setting Up SSL On the Web Application Server.
-
Configuring the Internet Communication Manager (ICM)
In the Internet Communication Manager (ICM) you have configured the HTTPS service (in 
Goto 
Services 
in transaction SMICM. See also Displaying and Changing Services.
Browser
End users have the option to have browser cookies activated in their browser's security settings.
When the user ID and password is sent, the activation of cookies in the browser is checked. If it is determined that the browser does not accept cookies, which is why SS02 is not supported and cannot be used, the user receives a confirmation with the option of performing the logon once again using Basic Authentication.