Communication Channel Security 

Communication Flow

The AS Java is an application middleware component in your system landscape and communicates with a number of communication partners. Deployed applications and the components of the AS Java can negotiate communication using several protocols, depending on the AS Java container where they reside. The primary communication protocols include HTTP, Telnet, P4 and IIOP, as well as, LDAP, JDBC and RFC for SAP specific communications. P4 and IIOP are the protocols that are used for Java specific Remote Method Invocations communication. In addition, the AS Java supports SOAP for Web Services communication.

The AS Java containers represent an abstract logical grouping of runtime services and life cycle management functions for application components. The AS Java containers include the Web Container, EJB Container, Web Services Container and Persistence Container. The security aspects vary according to the container that processes the application.

Communication Security

In the following topics we describe in more detail the relevant security considerations for each of the communication channels for the AS Java:

●      Using and Intermediary Server to Connect to the AS Java

Gives an overview of the security aspects associated with using intermediary devices such as the SAP Web Dispatcher, Microsoft IIS and other servers, for example, the Apache reverse proxy.

●      Communication Security for the Web Container

Presents an overview of the security aspects of the communication between the AS Java and Web clients, for example Web browsers and Web Dynpro applications.

●      Communication Security for the EJB Container

Discusses the security aspects of the communication between application servers acting as clients or servers and the AS Java.

●      Communication Security for Web Services

Provides an overview of the security aspects of the communication channels relevant to Web Services.

●      Communication Security for Persistence Layer

Provides an overview of the security aspects of connecting the AS Java to backend systems and user persistency stores.

●      Communication Security for the Software Deployment

Provides an overview of the communication channel security when deploying applications on the AS Java using the Software Deployment.

See also:

Data integrity

·        Configuring Network and Transport Layer Security in the Administration Manual

Communication Security

●      Security Guide for Connectivity with the AS Java