Show TOC

Background documentationTransport Security for Web Services (AS ABAP) Locate this document in the navigation structure

 

For the purpose of transport security (integrity and confidentiality), the SSL protocol is supported by the AS ABAP. In this way, all the data for a Web service call can be transmitted between client and server in encrypted form.

Alternatively, you can achieve transport security through a signature and message encryption (SOAP body).

More information: Configuring SAP Web AS for SSL Support.

Designing Web Services

When designing Web services, you create a transport security level that is to serve as the minimum security level for all end points defined for the Web service.

To ensure safe transfer for all configurations of the Web service, configure the following setting:

  • In the Wizard: Create Service Definition under Configure Service, select the profile PRF_DT_IF_SEC_HIGH (high) or PRF_DT_IF_SEC_MEDIUM (medium).

  • Alternatively, proceed to the Service Provider on the Configuration tab and select High or Medium under Security Profile.

If integrity and confidentiality do not have to be guaranteed, select the profile PRF_DT_IF_SEC_LOW or PRF_DT_IF_SEC_NONE.

These settings are default values for setting the runtime configuration in SOA Management or, if available, in the SAP NetWeaver Administrator.