Show TOC

 Authentication SchemesLocate this document in the navigation structure

Authentication schemes are used for UMEprogrammatic authentication only.

Authentication schemes are defined in the authschemes.xml file, which you can change using the AS Java Config Tool.

For more information, see Changing the authschemes.xml File in the portal documetation.

Use

An authentication scheme is a definition of what is required for an authentication process. This includes:

  • The login module stack that is used to determine whether a user is granted access to an application
  • The user interfaces that are used to gather the information required to authenticate a user
  • Priority, allowing authentication schemas to be ordered

You use authentication schemes to define what type of authentication is required for a certain application. Portal iViews and Web Dynpro applications always use authentication schemes. Web applications may use them when they use UME programmatic authentication.

By assigning an authentication scheme to an application, you specify the type of authentication required for that application. You can also use authentication schemes enable pluggable authentication for applications using UME authentication. You can easily 'plug in' additional authentication schemes without having to change each individual application.

Integration
  • All Web Dynpro applications are automatically assigned to a default authentication scheme, which in turn references the ticket login module stack.
  • In the portal, each shipped iView template is assigned a reference to an authentication scheme. Initially all authentication scheme references point to the same authentication scheme. If you have special authentication requirements, you can define custom authentication schemes and then change the configuration of the portal so that the references point to your custom authentication schemes. This allows you to change the authentication schemes without having to modify the iViews or iView templates.
    Caution

    If you change the authentication scheme referenced by default , you automatically change the authentication scheme used by all Web Dynpro applications as well.

    For more information, see the portal documentation.

Standard Authentication Schemes

The AS Java is shipped with a set of authentication schemes. These are defined in the authschemes.xml file.

The following authentication schemes are shipped with SAP NetWeaver Application Server for Java:

Name of Authentication Scheme Description Login Module Stack Referenced by

uidpwdlogon

Requires form-based logon with user ID and password.

ticket

default, UserAdminScheme

certlogon

Requires authentication using client certificates.

client

 

basicauthentication

Uses the Basic Authentication feature of the HTTP protocol.

ticket

 

header

Allows authentication using external Web access management products.

header

 

anonymous

Provides a very basic form of anonymous logon. A logon ticket is not issued.