Show TOC Start of Content Area

Background documentation Configuration of Principal Propagation  Locate the document in its SAP Library structure

Principal propagation means the ability to forward the user context of a message unchanged from the sender to the receiver. It enables authentication of a message in the receiver system with the same user that issued the message in the corresponding sender system. Thus, the receiver application is virtually part of the sender application, and the permissions and audit functions of the receiver application can be applied to the original user of the sender application.

Principal propagation is implemented using authentication between the involved messaging components. You can use SAP assertion tickets or the Security Assertion Markup Language (SAML) for this purpose.

      SAP assertion tickets are supported by the following runtimes and adapters:

       XI (for both ABAP and Java proxies)

       SOAP

       RFC

       WS

      SAML is supported by the WS runtime only. More information: Configuring SSO with SAML Token Profiles.

To enable principal propagation, you have to perform the following steps:

      Enable principal propagation for the ABAP messaging components      

      Configure a trust relationship for SAP assertion tickets    

      Modify the configuration of your sender     

      Configure principal propagation in the Integration Directory       

      Maintain your users         

 

End of Content Area