Show TOC Start of Content Area

Function documentation Developing Authentication Enhancements on the AS Java  Locate the document in its SAP Library structure

Use

The development capabilities of AS Java enable you to create and implement customized JAAS login modules to authenticate access to your applications.

You can develop login modules to customize access protection to your specific business requirements.

Prerequisites

      SAP NetWeaver Developer Studio is installed

      AS Java is installed.

      You have administrative privileges to manage the configuration of the login modules on the AS Java.

Features

The use of Java Authentication and Authorization Services on the AS Java enables you to enforce security in your applications in a pluggable and application-independent manner. When users or an application requests access to an application, the AS Java follows the sequence of steps defined in JAAS login modules to authenticate access.

The JAAS login modules implement authentication logic and enable pluggable and extensible authentication configuration during server runtime. The AS Java is shipped with a set of standard login modules that you can use for configuring most user authentication and SSO scenarios. In addition, you can develop custom login modules to adapt the authentication capabilities of the AS Java technology stack of SAP NetWeaver to your needs and business requirements.

For more information about the JAAS authentication flow, see Overview of the Login Process in JAAS.

For more information about the development time integration between the AS Java authentication and authentication against the UME, see Integration of AS Java and UME Authentication.

Activities

      Using Login Modules to Protect Web Applications

Gives information about the development and configuration tasks to enable during development time the use of authentication for Web applications. You can find information about SAP-specific callbacks that are used to communicate data to and from a Web application, security session management, SSO to applications.

      Security Aspects for Web Services

Provides information about the Web service-specific tasks to enable authentication for WS access.

      Remote Authentication

Provides information about authentication for remote clients that use Java Remote Method Invocations. 

      Propagation of Security Principals between AS Java Containers

Provides information about the process of propagating authentication credentials among applications running in different AS Java containers.

 

 

End of Content Area