User Authentication and Single Sign-On

Purpose

There are several mechanisms available for authenticating users on the SAP NetWeaver platform. In addition, if you have many systems in your system landscape, then a Single Sign-On environment is also desirable to reduce the number of passwords that users have to remember.

Features

The SAP Web Application Server (SAP Web AS) is the underlying technology for authenticating users with SAP NetWeaver. See the tables below for an overview of the mechanisms available for each SAP Web Application Server personality and whether the mechanism is used directly for user authentication or for Single Sign-On.

User Authentication and Single Sign-On Mechanisms

Mechanism

User Authentication

Single Sign-On

SAP Web AS ABAP

SAP Web AS Java / SAP J2EE Engine

User ID and password

X

X

X

X

Secure Network Communications (SNC)

X

X

X

SAP logon tickets

X

X

X

SSL and X.509 client certificates

X

X

X

X

Pluggable Authentication Services (PAS)

X

X

Security Assertion Markup Language (SAML)

X

X

Java Authentication and Authorization Service (JAAS)

X

X

X

For more information about how these mechanisms work and how to configure them on the SAP Web AS, see:

?     Authentication on the SAP Web Application Server ABAP

?     Authentication on J2EE Engine

?     Authentication on the Portal