Show TOC

Background documentationUser Administration and Authentication Locate this document in the navigation structure

 

SAP NetWeaver Business Process Management (BPM) uses the user management and authentication mechanisms provided with the SAP NetWeaver platform, in particular the Application Server Java (AS Java). Therefore, the security recommendations and guidelines for user administration and authentication as described in the SAP NetWeaver Application Server Java Security Guide also apply to BPM. For example, the same tools, user types, and password policies are used.

User Management

SAP NetWeaver Business Process Management uses the user management engine (UME) for user management. The UME is integrated as a service of the AS Java. Therefore you can use the user management tools of the AS Java to manage users.

The Identity Management tool enables you to manage users, groups, roles, and user-related data. It is integrated in SAP NetWeaver Administrator and in the System Administration role of SAP NetWeaver Portal.

More information: Identity Management

Authentication

SAP NetWeaver Business Process Management offers the same authentication mechanisms as the AS Java. For an overview of the available mechanisms and how to configure them, see AS Java Authentication Infrastructure.

This authentication mechanism is based on the Basic Authentication feature of the HTTP protocol. We strongly recommend using Secure Sockets Layer (SSL), since this will encrypt all information exchanged between client and server including the authentication credentials.

More Information

SAP NetWeaver Application Server Java Security Guide

User Management Engine

Authorizations and Roles

Configuring BPM Users