Network and Communication Security 
Visual Composer is deployed to a single Application Server Java (AS Java) or to a cluster, rather than to a distributed environment. Therefore, there are no specific network security considerations other than those that apply to SAP NetWeaver Portal, AS Java or any other Java-based NetWeaver application server or application.
The network topology for Visual Composer is based on the topology used by the SAP NetWeaver platform. Therefore, the general security guidelines and recommendations described in the SAP NetWeaver Security Guide also apply to Visual Composer. Details that specifically apply to Visual Composer are described in the topics that follow.
The following table provides detailed information about the communication paths used by Visual Composer, the protocols used for the connection and the type of data transferred.
Communication Paths
Communication Path |
Protocol Used |
Type of Data Transferred |
Data Requiring Special Protection |
|---|---|---|---|
Storyboard (client) to services in development server (Visual Composer server, Visual Composer builder and so on |
XML over HTTP (or HTTPS) |
Model data, requests from the Visual Composer server, requests for data services |
|
Check in model from development server to DTR |
Standard SAP SDIC protocol |
.gml files, .xgl files and other related files |
|
Deploy application to local AS Java runtime repository |
Standard API of AS Java deployment mechanism |
.ear file containing a set of modules (.war files or other types) |
|
Web Dynpro client to AS Java |
As specified in the Security Aspects of Web Dynpro for Java guide |
As specified in the Security Aspects of Web Dynpro for Java guide |
As specified in the Security Aspects of Web Dynpro for Java guide |