2007 Dec 28 10:54 AM
Hi,
I want to use logon-tickets for authenticating Enterprise Services.
(The same) Enterprise Services are called by a user (Person2Application using the Portal bypassing XI) or by an application (A2A using XI in between).
It seems I can authenticate P2A-consuming by using SAP Logon Tickets and A2A-consuming by using SAP Assertions Tickets (Principal Propagation).
When I create an Enterpise Service (SE80) I have to select a profile. What profile do I have to select in order to authenticate using both types of tickets?
Greetings Theo
2007 Dec 28 1:08 PM
Hi Theo,
In the SE 80 you specify design time levels for authentication and transport guarantee. The meanings of the profiles are:
High: Strong authentication(SSL+ client certificates or ticket) and HTTPS
Medium: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTPS
Low: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTP or HTTPS
None: provider may use authentication and HTTP or HTTPS
Authentication using logon or assertion tickets is done in ICF framework. When configured to accept tickets, the ICF accepts both assertion an logon tickets.
When using assertion tickets, please ensure that when System ID and target client are specified, they have the correct values (->those of the provider system).
Regards,
Martijn de Boer
2007 Dec 28 1:08 PM
Hi Theo,
In the SE 80 you specify design time levels for authentication and transport guarantee. The meanings of the profiles are:
High: Strong authentication(SSL+ client certificates or ticket) and HTTPS
Medium: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTPS
Low: any kind of authentication (basic authentication, or X.509 + client certificate or ticket) and HTTP or HTTPS
None: provider may use authentication and HTTP or HTTPS
Authentication using logon or assertion tickets is done in ICF framework. When configured to accept tickets, the ICF accepts both assertion an logon tickets.
When using assertion tickets, please ensure that when System ID and target client are specified, they have the correct values (->those of the provider system).
Regards,
Martijn de Boer