Show TOC Start of Content Area

Background documentation Authentication Schemes  Locate the document in its SAP Library structure

Authentication schemes are used for UME programmatic authentication only.

Authentication schemes are defined in the authschemes.xml file, which you can change using the AS Java Config Tool. For more information, see Changing the authschemes.xml File.

Use

An authentication scheme is a definition of what is required for an authentication process. This includes:

      The login module stack that is used to determine whether a user is granted access to an application

      The user interfaces that are used to gather the information required to authenticate a user

      Priority, allowing authentication schemas to be ordered

You use authentication schemes to define what type of authentication is required for a certain application. Portal iViews and Web Dynpro applications always use authentication schemes. Web applications may use them when they use UME programmatic authentication.

By assigning an authentication scheme to an application, you specify the type of authentication required for that application. You can also use authentication schemes enable pluggable authentication for applications using UME authentication. You can easily ‘plug in’ additional authentication schemes without having to change each individual application.

Integration

      All Web Dynpro applications are automatically assigned to a default authentication scheme, which in turn references the ticket login module stack.

      In the portal, each shipped iView template is assigned a reference to an authentication scheme. Initially all authentication scheme references point to the same authentication scheme. If you have special authentication requirements, you can define custom authentication schemes and then change the configuration of the portal so that the references point to your custom authentication schemes. This allows you to change the authentication schemes without having to modify the iViews or iView templates.

Caution

If you change the authentication scheme referenced by default, you automatically change the authentication scheme used by all Web Dynpro applications as well. For more information, see Authentication Scheme.

Standard Authentication Schemes

The AS Java is shipped with a set of authentication schemes. These are defined in the authschemes.xml file.

The following authentication schemes are shipped with SAP NetWeaver Application Server Java:

Name of Authentication Scheme

Description

Login Module Stack

Referenced by

uidpwdlogon

Requires form-based logon with user ID and password.

ticket

default, UserAdminScheme

certlogon

Requires authentication using client certificates.

client

 

basicauthentication

Uses the Basic Authentication feature of the HTTP protocol.

ticket

 

header

Allows authentication using external Web access management products.

header

 

anonymous

Provides a very basic form of anonymous logon. A logon ticket is not issued.

 

 

 

 

See also:

Administration Manual:

      Defining References to Authentication Schemes

      Defining an Authentication Scheme

 

 

End of Content Area