on 06-23-2010 6:55 PM
Dear Friends,
SAP PI 7.1 EHP1
Context:
CUSTOMER would like to accept inbound web service (WS*) requests
CUSTOMER's security policy states that all inbound calls must be
challenged and authenticated in the DMZ
Question :
Does SAP provide a security proxy which can authenticate users
in the DMZ as well as supports WS* security (Username/Token, x509
certificates, etc)?
Renu
Hi Renu,
I don't know of any specific SAP security proxy for athentcaition in the DMZ but SAP WEB AS does support Reverse Proxy functionality (do some reading up on it) that Web Servers generally offer. This can serve many purposes., i.e. load balancing webservice request, it adds an additonal security layer.
In terms of challenging & authenticating (using user-id?) against (LDAP? Active Directory?) I'm not sure...But at some stage a trust relationship needs to be setup between calling system & SAP Web AS anyway using certs. Then you could also employ SAML assertions for user authentcaition in the Abap backend to ensure that the user has the necessary auths to perform a specific funtion & do encryption at message level or transport level (SSL).
There are loads of options.
Regards, Trevor
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.