SAP NetWeaver Gateway Authentication and Single Sign-On
Your SAP NetWeaver Application Server ABAP provides the user authentication and single sign-on (SSO) functions for SAP NetWeaver Gateway.
SAP NetWeaver Gateway supports the use of the following authentication mechanisms:
-
X.509 client certificates
SAP NetWeaver Gateway recommends the use of client certificates for user authentication. Users need to receive their client certificates from a Certification Authority (CA) as part of a public-key infrastructure (PKI).
-
Security Assertion Markup Language
SAP NetWeaver Gateway also supports the use of SAML assertions for user authentication. The assertions can be issued by an Identity Provider (IdP) system, or by the SAP NetWeaver host with single sign-on capabilities.
Scenarios for Supported and Recommended Authentication Methods
The following is a list of the supported and recommended authentication methods for use in SAP NetWeaver Gateway scenarios:
|
Consumer and Authentication Option |
Basic |
X.509 Certificate |
SAML 2.0 |
SAP Enterprise Portal |
|
Web application (HTML5, Silverlight, Flex) |
√ |
√ |
Recommended |
√ |
|
Desktop application (Microsoft .NET, Java) |
√ |
Recommended |
√ |
√ |
|
Mobile application |
√ |
Recommended |
√ |
|
|
Cloud application |
√ |
Recommended |
||
|
Social network integration |
Recommended |
|||
|
Web server side (PHP/ASP.NET) |
Recommended |
√ |
A checkmark (√) indicates the supported authentication method for the consumer scenario. Empty spaces do not have any comments. SAP NetWeaver Gateway can use the SAP NetWeaver Gateway Portal as an authentication provider, trusting the portal to handle authentication.