Entering content frame

Background documentation Prerequisites Locate the document in its SAP Library structure

Checklist for configuration in the system

The following settings must be made in your AS-ABAP system:

Short instructions for configuring the security functionality (SSO2)

Note

You only need these settings if you want to support SSO2. This means they are optional.

Also note that the SAP Cryptographic Library is not needed. For SSO2 the SAP Security Library is sufficient. This is delivered in the standard AS-ABAP system.

...

       1.      The profile parameter login/accept_sso2_ticket is set to 1 and login/create_sso2_ticket set to 1 or 2.

You can find details in Structure linkconfiguring the system so that is displays logon tickets.

       2.      The system is now restarted.

       3.      The AS-ABAP is configured for Structure linkusing SSL (optional, but recommended):

...

                            a.      A PSE was generated.
You can find details in Structure linkCreating SSL Server PSE.

                            b.      A certificate requirement was created for the PSE.
You can find details in Structure linkCreating Certificate Requirements for the SSL Server PSEs.

                            c.      The certificate requirement was sent to a certification authority (CA)
You can find details in Structure linkSending Certificate Requirements to a CA.

                            d.      The generated PSE was imported.
You can find details in Structure linkImporting Certificate Replies.

                            e.      The certificate list of the PSE was entered.
You can find details in Structure linkMaintaining the SSL Server PSE Certificate List

Note

These settings are all explained in Security on the SAP Web Application Server.
See also Note 51007 “Setting Up SSL On the Web Application Server”.

Configuring the Internet Communication Manager (ICM)

In the Structure linkInternet Communication Manager (ICM) you have configured the HTTPS service (in Goto ® Services in Transaction SMICM), see also Structure linkDisplaying and Changing Services.

Browser

End users have the option to have browser cookies activated in their browser’s security settings.

When the user ID and password is sent, the activation of cookies in the browser is checked. If it is determined that the browser does not accept cookies, which is why SS02 is not supported and cannot be used, the user receives a confirmation with the option of performing the logon once again using Basic Authentication.

 

 

Leaving content frame