“Security is like adding brakes to cars.
The purpose of brakes is not to stop you:
it’s to enable you to go fast!”
This documentation provides an overview of how to develop secure applications based on the SAP NetWeaver platform. It describes common security errors and weaknesses to watch out for as well as approved procedures so that your application functions “securely”.
The target group of this documentation is ABAP developers who are developing applications based on the SAP NetWeaver platform. This guide is primarily aimed at developers in the IT departments of customers, consulting houses, and partners.
This documentation is divided into the following sections:
For each topic mentioned above the security vulnerability is described. Then any standard solutions that exist from the SAP NetWeaver platform are presented, including functions and interfaces that need to be used. If no solution is available from the SAP NetWeaver platform, recommendations are provided about appropriate security measures to take. In addition, example code is provided where appropriate and links to existing documentation are given.
All descriptions of secure programming and all sample code (for the purposes of this clause hereinafter referenced together as the "Examples") contained in this document are for illustrative purposes only. These Examples have not been thoroughly tested under all conditions. SAP, therefore, cannot guarantee or imply reliability, serviceability, or function of these Examples. Any use of these Examples is at your own risk and responsibility and SAP shall not be liable for any damages caused by the use of such Examples unless such damages have been caused by SAP's gross negligence or willful misconduct.