Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Using logon tickets to authenticate Enterprise Service

Former Member
0 Kudos
113

Hi,

I want to use logon-tickets for authenticating Enterprise Services.

(The same) Enterprise Services are called by a user (Person2Application using the Portal bypassing XI) or by an application (A2A using XI in between).

It seems I can authenticate P2A-consuming by using SAP Logon Tickets and A2A-consuming by using SAP Assertions Tickets (Principal Propagation).

When I create an Enterpise Service (SE80) I have to select a profile. What profile do I have to select in order to authenticate using both types of tickets?

Greetings Theo

1 ACCEPTED SOLUTION

martijndeboer
Advisor
Advisor
0 Kudos
63

Hi Theo,

In the SE 80 you specify design time levels for authentication and transport guarantee. The meanings of the profiles are:

High: Strong authentication(SSL+ client certificates or ticket) and HTTPS

Medium: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTPS

Low: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTP or HTTPS

None: provider may use authentication and HTTP or HTTPS

Authentication using logon or assertion tickets is done in ICF framework. When configured to accept tickets, the ICF accepts both assertion an logon tickets.

When using assertion tickets, please ensure that when System ID and target client are specified, they have the correct values (->those of the provider system).

Regards,

Martijn de Boer

1 REPLY 1

martijndeboer
Advisor
Advisor
0 Kudos
64

Hi Theo,

In the SE 80 you specify design time levels for authentication and transport guarantee. The meanings of the profiles are:

High: Strong authentication(SSL+ client certificates or ticket) and HTTPS

Medium: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTPS

Low: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTP or HTTPS

None: provider may use authentication and HTTP or HTTPS

Authentication using logon or assertion tickets is done in ICF framework. When configured to accept tickets, the ICF accepts both assertion an logon tickets.

When using assertion tickets, please ensure that when System ID and target client are specified, they have the correct values (->those of the provider system).

Regards,

Martijn de Boer