Logon and Security  

Use

On the Logon and Security tab page in transaction SM59, you can configure various logon data, authentication methods and security options, depending on the connection type.

Procedure

Make the following settings on the tab page:

Connection types: ABAP, R/2, Logical, TCP/IP (2, 3, L, T)

●      Trusted system (for type 3 only) if the target system is a trusted system, choose Yes.

○       Logon screen

Here, you can determine whether a logon screen should appear the first time the destination is called.

You should not use this option with background programs.

The logon screen cannot be used together with a trusted system relationship.

●      SNC ( Secure Network Communications, available for types 3 and T only) If you have an active SNC-supported security system, you can activate additional security options that you have to set by choosing Edit → SNC Options

●       Authorization

If you enter a literal in this field, the system performs a check on the client side at runtime to check whether the caller has the relevant authorization to call via this destination. The specified literal must be entered in the caller’s authorization profile in authorization object S_ICF.

 

Example

○       For the destination in transaction SM59, enter the following data:

■       Value in field AUTHORITY of destination: "CHECK".

○       In authorization object S_ICF, define the following:

■       Value in field ICF_FIELD: "DEST"

■       Value in field ICF_VALUE: "CHECK".

●      Logon

○       Language

System language to be used

○       Client

Client code

○       User

User name to be used for remote logon, if different from current user name

○       Password status

Whether a user password has already been saved

○       Password

User password

○       Current user

The logon to the remote system should be performed using the currently logged on user name.

 

Connection types: Internal, CMC, ABAP Driver (I, M, X)

●      Authorization

If you enter a literal in this field, the system performs a check on the client side at runtime to check whether the caller has the relevant authorization to call via this destination. The specified literal must be entered in the caller’s authorization profile in authorization object S_ICF.

 

Example

○       For the destination in transaction SM59, enter the following data:

■       Value in field AUTHORITY of destination: "CHECK".

○       In authorization object S_ICF, define the following:

■       Value in field ICF_FIELD: "DEST"

■       Value in field ICF_VALUE: "CHECK".

 

Connection types HTTP/External and HTTP/ABAP (G, H)

●      Logon Procedure

In this section, you can determine what type of authentication to use for the destination.

●      SSL Options

Here, you can determine whether to use SSL for the destination, and enter the relevant SSL client certificate if applicable.

You can also determine whether to use the SAP logon ticket for the authentication.

●      Authorization for the Destination

If you enter a literal in this field, the system performs a check on the client side at runtime to check whether the caller has the relevant authorization to call via this destination. The specified literal must be entered in the caller’s authorization profile in authorization object S_ICF.

 

Example

○       For the destination in transaction SM59, enter the following data:

■       Value in field AUTHORITY of destination: "CHECK".

○       In authorization object S_ICF, define the following:

■       Value in field ICF_FIELD: "DEST"

■       Value in field ICF_VALUE: "CHECK".

●      Logon

○       Language (HTTP/ABAP only)

System language to be used

○       Client (HTTP/ABAP only)

Client code

○       User

User name to be used for remote logon, if different from current user name

○       Password status

Whether a user password has already been saved

○       Password

User password

○       Current user (HTTP/ABAP only)

The logon to the remote system should be performed using the currently logged on user name.