>

> No, Kerberos is currently not supported by SAP for BSP. I don't know if this will change in the future.
> 
> You CAN use X.509 certificates to enable SSO.

That's true (SSL authentication, X.509 Tokens for WS-Security).

Kerberos support is not planned for NWAS ABAP, but SAML 2 support is planned (with a future Enhancement Pack). Enabling Kerberos authentication (and other authentication schemes) at the SAML 2 Identity Provider (IdP) will then enable to utilize Kerberos authentication also (indirectly) at an NWAS ABAP (in the future).

"MS Kerberos" authentication at an NWAS ABAP is possible (if the ABAP server is operated on the Windows platform) using SNC (for SAP GUI and RFC clients serving as user agent), as you obviously already know. If you intend to invoke the BSP application via SAP GUI (using the HTML control technology), then SAP note 612670 might be of interest for you.

I wish you a Happy New Year 2009,

Wolfgang

Edited by: Wolfgang Janzen on Dec 26, 2008 7:57 PM

>

> "MS Kerberos" authentication at an NWAS ABAP is possible (if the ABAP server is operated on the Windows platform) using SNC (for SAP GUI and RFC clients serving as user agent), as you obviously already know. If you intend to invoke the BSP application via SAP GUI (using the HTML control technology), then SAP note 612670 might be of interest for you.

It is also possible if ABAP server is on UNIX or Linux, but this requires a solution available from a SAP partner. For example, one of them is described on SAP EcoHub at https://ecohub.sdn.sap.com/irj/ecohub/solutions/trustbrokersecureclient