Start of Content Area

Background documentation Transport Security for Web Services  Locate the document in its SAP Library structure

Design in Java

Runtime Configuration in the NetWeaver Administrator

Integrity and Confidentiality

Transport Protocol HTTPS

or

Message Security, Incoming Request

      Require Signature

      Require Encryption

Message Security, Outgoing Response

      Add Signature

      Add Encryption

Design of Web Services in the Java Application Server

In the Java application server, you can provide specifications on the authentication level when designing Web services.

You set the level of transport security through the specification Integrity and Confidentiality.

Runtime Configuration in NetWeaver Administrator

You can display the minimum security level for authentication that you have defined in the Java application server in NetWeaver Administrator under Authentication.

Find the pre-settings for service definitions under SOA Management   Business Administration Web Services Administration under Service Endpoints on tab page Service Definition Details.

To ensure integrity and confidentiality, you enter your settings under Security:

      Under Transport Protocol, choose HTTPS.

      Alternatively, under Message Security, choose Require Signature and Require Encryption for the incoming request and Add Signature and Add Encryption for the outgoing response.

For more information, refer to the sections Using Strong Document Authentication, Communication Security for Web Services

 

 

End of Content Area