cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP service security

Go to solution
Former Member

on ‎06-23-2010 6:55 PM

0 Kudos

Dear Friends,

SAP PI 7.1 EHP1

Context:

  • CUSTOMER would like to accept inbound web service (WS*) requests

  • CUSTOMER's security policy states that all inbound calls must be

challenged and authenticated in the DMZ

Question :

  • Does SAP provide a security proxy which can authenticate users

in the DMZ as well as supports WS* security (Username/Token, x509

certificates, etc)?

Renu

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎06-24-2010 9:36 AM
0 Kudos

Hi Renu,

I don't know of any specific SAP security proxy for athentcaition in the DMZ but SAP WEB AS does support Reverse Proxy functionality (do some reading up on it) that Web Servers generally offer. This can serve many purposes., i.e. load balancing webservice request, it adds an additonal security layer.

In terms of challenging & authenticating (using user-id?) against (LDAP? Active Directory?) I'm not sure...But at some stage a trust relationship needs to be setup between calling system & SAP Web AS anyway using certs. Then you could also employ SAML assertions for user authentcaition in the Abap backend to ensure that the user has the necessary auths to perform a specific funtion & do encryption at message level or transport level (SSL).

There are loads of options.

Regards, Trevor

Show replies
Show replies

Answers (0)

Ask a Question