Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Security at SAP Portal login screen

Former Member
0 Kudos

Hi all.

Considering that I do not have SSL installed into SAP Portal and also do not have SSO implemented between Portal and SO.

Could someone let me know what is the process when an user type his user and password? I mean, is this informations send to authentication module of Portal by http? How secure are this informations for both intranet and internet?

tks.

Daniel Silva

4 REPLIES 4

Former Member
0 Kudos

Daniel,

Unless you are constructing a public portal, do not use http for anything over the internet. Usernames and passwords are transmitted in clear text. SSL is a MUST.

If you are internal only, then you could consider http if you were in a bind. We only have about 1,000 employees at 3 locations but, we have wireless connections so EVERYTHING is SSL.

0 Kudos

David.

Tanks for all explanation about internal and external access.

tks,

Daniel Silva

0 Kudos

Thank you for the points!

You just put me over the 1000 mark!

I am glad that I could be of help, that is what SDN is all about!

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
0 Kudos

It's not only UID/PWD that are send as plaintext information when using http.

It's also all (access restricted) business content that is send unencrypted - which should motivate you to use SSL / https.

Regards, Wolfgang