We use the terms in the table below frequently when describing SNC.
Term |
Definition |
---|---|
canonical name |
Because an X.500 name can have different forms that are all equivalent, the SAP system converts such names into a standard format, called the canonical name. The SAP system uses a GSS-API V2 function for the conversion. |
credentials |
Credentials are user or component-specific information that allow the users or components to access their security information. The credentials may be located for example, in a protected file in the file system. They often have a limited life span. For example, the credentials of a user may be created when the user logs on to a security product and deleted when he or she logs off. |
|
The terms, external security product’s library, external library, SNC_LIB, or gssapi library refer to the library that contains the functions provided by the external security product. When the file name of the library is required for the configuration of a component, we recommend you use a local copy of the library and include the complete path and file name in the reference. |
external name |
The external name is the identification that a user or other component (for example, an application server) has with the external security system. The external security product assigns and maintains the external name of the user. For examples of external names, see External Security Products. |
Generic Security Services Application Programming Interface Version 2 (GSS-API V2) |
The GSS-API V2 is a standard interface to security functions that was developed by the Internet Engineering Task Force (IETF). SNC uses the GSS-API V2 as the standard interface for the function calls to external security products. |
|
The protection level indicates what level of security should be applied to a communication (authentication only, integrity, or privacy). |
SNC name |
The SAP system refers not to the external name, but to an extended version of the external name, called the SNC name. You create the SNC name by providing a prefix with the external user name that designates the name type. You can also use an optional <product> indicator in the prefix. See below for the SNC formats:
Note When specifying or referring to SNC names, make sure you include the name type prefix. End of the note. Example Examples of SNC names:
End of the example. Recommendation We do not recommend using SNC names that are longer than 80 printable characters. For more information, see SAP Note 184277. End of the recommendation. |
|
SNC-protected communication or SNC protection refers to a communication between two components, where all of the transferred information and data are protected using the SNC functions. |