on 08-18-2014 5:30 PM
Dear Experts,
Can anyone help me on securing all OData services present at SAP Gateway . Currenly I have used Basic authentication in all the apps.
I think its not a secure way to do because all the codes are easily vulnerable and can be taken via chrome developer tools(F12).
Since we are using web apps(HTML5) and mobile apps we want to go with "Browser-based Security Assertion Markup Language (SAML) 2.0 authentication" as this is recommended by SAP for both web apps and mobile apps. I also read in SAP documentation
that SAP Fiori used SSO SAML 2.0 to implement security.
Q1:Can you provide any documentation/how-to-guides to achieve this from both backend(BASIS) and UI(SAPUI5) perspective.
Q2:What is the approximate estimated timeline to complete this and deploy it in customer base?
Q3:Is there any prerequisites/challenges/complexities involved in implementing this?
Regards
Prabaharan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Prabaharan,
Here are other reference documents.
Regards, Masa
SAP Customer Experience Group - CEG
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Prabaharan,
SSO configuration is not application specific. Also, it is such a big topic that can't be explained on forum post. In simple, it is a generic configuration that is done between you application server and a SAML ticket provider, and on additional components like Web Dispatcher / Proxy.
Check this Wiki
Br,
Nadh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.