Show TOC

SAP Gateway Authentication and Single Sign-OnLocate this document in the navigation structure

Concept

Your SAP NetWeaver AS ABAP provides the user authentication and single sign-on (SSO) functions for SAP Gateway.

SAP Gateway supports the use of the following authentication mechanisms:

  • X.509 client certificates

    SAP Gateway recommends the use of client certificates for user authentication. Users need to receive their client certificates from a Certification Authority (CA) as part of a public-key infrastructure (PKI).

  • Security Assertion Markup Language

    SAP Gateway also supports the use of SAML assertions for user authentication. The assertions can be issued by an Identity Provider (IdP) system, or by the SAP NetWeaver host with single sign-on capabilities.

Scenarios for Supported and Recommended Authentication Methods

The following is a list of the supported and recommended authentication methods and providers for use in SAP Gateway scenarios:

Consumer and Authentication Option

Basic

X.509 Certificate

SAML 2.0

SAP NetWeaver Portal

Web application (HTML5, Silverlight, Flex)

Recommended

Desktop application (Microsoft .NET, Java)

Recommended

Mobile application

Recommended

 

Cloud application

 

Recommended

 

Social network integration

 

Recommended

   

Web server side (PHP/ASP.NET)

 

Recommended

 

A check mark (√) indicates the supported authentication method for the consumer scenario. Empty spaces do not have any comments.

SAP Gateway can use the SAP NetWeaver Portal as an authentication provider, trusting the portal to handle authentication.