Communication Security for Persistency Stores (SAP Library - SAP NetWeaver Application Server Java Security Guide)

Communication Security for Persistency Stores

As middle-tier software, the J2EE Engine communicates with a number of external data sources. The external data sources include SAP ABAP systems, databases, and LDAP-compliant directory servers.

For an overview of the communication flow, see the figure below.

This graphic is explained in the accompanying text

Communication Flow for Persistency Stores

The table below presents an overview of the security-relevant information for each of the communication paths.

Communication Path	Protocols Used	Type of Data Transferred	Available Security Protection
J2EE Engine to LDAP directory server	LDAP	· Authentication data · Application data for directory management · Directory entries	Secure Socket Layer (SSL)
J2EE Engine to RDBMS user store	JDBC 1.x JDBC 2.x	· Authentication data · Application data · User management data	Driver-provided encryption
J2EE Engine to SAP ABAP systems	RFC	· Authentication data · Application data	Secure Network Communications (SNC)

See also:

Security Aspects of the Database Connection in the Administration Manual