Security

Changes in Documentation

Change	More Information
The documentation for identity management has been restructured to provide an integrated view of the functions available for SAP NetWeaver.	Identity Management
The authentication and SSO documentation was reorganized to align the configuration and administration tasks in enabling an authentication or SSO mechanism to the user interface used for authenticated access. The reorganized authentication and SSO documentation contains the following major sections: Authentication concepts Explains the concepts involved in using and configuring the supported authentication and SSO mechanisms. Authentication infrastructure Provides information about common security and administration functions to support configuration and management of supported authentication and SSO mechanisms. Integration in SSO environments Contains information about configuration and management tasks to integrate SAP NetWeaver systems in SSO environments that use a supported authentication and SSO mechanism. Developing authentication enhancements Provides information about necessary tasks to use authentication and SSO in custom development. In addition provides information about developing custom authentication mechanisms. This section is structured according to the underlying technology stack used for the custom development. This section also contains information about integrating third party systems in SSO environments using custom development.	User Authentication and Single Sign-On

Change

More Information

The documentation for identity management has been restructured to provide an integrated view of the functions available for SAP NetWeaver.

Identity Management

The authentication and SSO documentation was reorganized to align the configuration and administration tasks in enabling an authentication or SSO mechanism to the user interface used for authenticated access. The reorganized authentication and SSO documentation contains the following major sections:

Authentication concepts

Explains the concepts involved in using and configuring the supported authentication and SSO mechanisms.
Authentication infrastructure

Provides information about common security and administration functions to support configuration and management of supported authentication and SSO mechanisms.
Integration in SSO environments

Contains information about configuration and management tasks to integrate SAP NetWeaver systems in SSO environments that use a supported authentication and SSO mechanism.
Developing authentication enhancements

Provides information about necessary tasks to use authentication and SSO in custom development. In addition provides information about developing custom authentication mechanisms. This section is structured according to the underlying technology stack used for the custom development. This section also contains information about integrating third party systems in SSO environments using custom development.

User Authentication and Single Sign-On

Changes in Documentation (AS ABAP)

Change	More Information
Updated the definition of ABAP user types	Logon Data Tab Page
A new list of the advantages and disadvantages of the tRFC destinations A decision-making aid for the decision of whether tRFC destinations or RFC destinations with users and passwords are more suitable for your system landscape.	Advantages and Disadvantages of Trusted RFC Destinations
Restructured the documentation for administrating users, groups, and roles.	Administration of Users and Roles
Added example configurations for the recommended Web services security scenarios for AS ABAP systems.	Configuration Examples for AS ABAP
License Administration Workbench The documentation explains that: You should use the Note Assistant to copy the plug-in report from SAP Notes 766822 (for releases 4.6C, 4.6D, 6.10, and 6.20, in which it already exists) and 777163 (for releases 3.1, 4.0, 4.5, and 4.6B, in which the report did not previously exist). You can start the plug-in report from the system measurement menu (transaction USMM). You can call the BAPIs of the LAW interface from the LAW by choosing Goto Information Systems to use the LAW data for internal automated processing.	For more information, see: Prerequisites for Using LAW Collecting Measurement Data in the Component System Consolidating Contractual User Types
The documentation for Secure Network Communications (SNC) is now available in the SAP Library.	Secure Network Communications (SNC)
Guidelines for Secure Programming in ABAP are now available in the SAP Library.	Secure Programming - ABAP

Changes in Documentation (AS Java)

Change	More Information
Self-registration and self-management topics rewritten and added as new topics under UME Configuration. Restructured the documentation for user management engine (UME) configuration to use the UME configuration user interface.	Configuring User Management
Expanded and rewrote portions of the security policy topic.	Configuring the Security Policy for User ID and Passwords
Expanded and rewrote portions of the standard UME actions topic.	Standard UME Actions
Removed multitenant portal documentation from Identity Management.	Identity Management
Introduced a Secure Programming Guide for Java development	Secure Programming - Java
Restructured the section about user management engine (UME) data sources. Included new topics for SAP NetWeaver Application Server (AS) ABAP as the data source. Reorganized examples for LDAP directory as data source, including an example for attribute mapping for custom attributes.	UME Data Sources
Restructured UME e-mail notification topics and added a new topic for configuration.	Notification by E-Mail
Added topics for finding an repairing inconsistencies in the UME database.	UME Cache
Restructured delegated administration and company documentation.	Configuring Delegated User Administration Using Companies
Moved troubleshooting topics to a troubleshooting structure.	Troubleshooting
In the authentication and Single Sign-On documentation, clarified the user management engine configuration for Kerberos.	Configuring the UME
In the user management for AS Java documentation, removed restriction on import of multiple principal types in the same import. UME action for batch import does not include the permissions to import users. Removed outdated link to developer documentation. Reformatted the reference documentation. Removed restart requirement from configuration of security policy and explained the interaction between failed logon attempts and the auto unlock function. Corrected the offline download of the UME configuration data. Unified all user management topics under one structure. Retitled entry section from User Management Engine. Added sections for authorization concepts and developer documentation. Reordered presentation.	User Management of the Application Server Java
Guidelines for Secure Programming in Java are now available in the SAP Library.	Secure Programming - Java