SAP Business Client was originally
designed to enable users to access data using multiple UI technologies from a single ABAP
back-end system. To make data access secure, SAP recommends combining SAP Business Client with SAP Single Sign-On.
This solution is both simple and secure.
As of release SAP Single Sign-On 2.0, SAP Single Sign-On offers support for SPNEGO for ABAP.
Prerequisites
SAP NetWeaver Business Client 4.0, SAP Single Sign-On 2.0, SAP NetWeaver 7.3
Procedure
Setting up SPNEGO for ABAP is a simple and straightforward process that involves the
following, manual configuration steps:
- Install the Secure Login Library on the SAP NetWeaver AS for ABAP
backend.
- Set the system parameters spnego/enable and
spnego/krbspnego in the SAP NetWeaver Application Server for ABAP, and
configure the key Tab generated by the Active Directory Server in
transaction SPNEGO.
- Map the user’s Kerberos principal name to the ABAP user name using
transaction SU01.
Leveraging this Kerberos-based SSO technology, you can implement an
SAP Single Sign-On solution for your
SAP Business Client quickly and
easily, and without the need for a Java stack.
With SAP Single Sign-On 2.0 and SAP Business Client, you can simply
reuse your Windows domain authentication for SSO, even across different domains.
Connecting Securely to Single and Multiple ABAP Backend Systems
To do this, search for NWBC Meets Single Sign-On on SCN.