The AS Java is an application middleware component in your system landscape and communicates with a number of communication partners. Deployed applications and the components of the AS Java can negotiate communication using several protocols, depending on the AS Java container where they reside. The primary communication protocols include HTTP, Telnet, P4 and IIOP, as well as, LDAP, JDBC and RFC for SAP specific communications. P4 and IIOP are the protocols that are used for Java specific Remote Method Invocations communication. In addition, the AS Java supports SOAPfor Web Services communication.
The AS Java containers represent an abstract logical grouping of runtime services and life cycle management functions for application components. The AS Java containers include the Web Container, EJB Container, Web Services Container and Persistence Container. The security aspects vary according to the container that processes the application.
In the following topics we describe in more detail the relevant security considerations for each of the communication channels for the AS Java:
Gives an overview of the security aspects associated with using intermediary devices such as the SAP Web Dispatcher, Microsoft IIS and other servers, for example, the Apache reverse proxy.
Presents an overview of the security aspects of the communication between the AS Java and Web clients, for example Web browsers and Web Dynpro applications.
Discusses the security aspects of the communication between application servers acting as clients or servers and the AS Java.
Provides an overview of the security aspects of the communication channels relevant to Web Services.
Provides an overview of the security aspects of connecting the AS Java to backend systems and user persistency stores.
Provides an overview of the communication channel security when deploying applications on the AS Java using the Software Deployment.
See also:
Data integrity