Showing results for 
Search instead for 
Did you mean: 

How to encrypt user credentials when he logs on the Enterprise Portal

Former Member
0 Kudos

Hi all,

I want to use a cookie approach on SAP Enterprise Portal i.e. when the user first logs on, i would create a cookie and store the encrypted password in it so that next time he hits the portal, he is directly authenticated with the help of the cookie.

For this above functionality, i need to know how the encryption & decryption techniques can be achieved by using the SAP Encryption libraries.

Would be highly appreciative if i get some info on this.

Thanx & regards,

Jitendra Chaudhari


Accepted Solutions (0)

Answers (2)

Answers (2)

Active Contributor
0 Kudos

You can use logon ticket for the implementation you want to do. For security issues you are talking about then you can use the SSL connection for the client who is accessing the SAP Enterprise portal. For SAP Logon Ticket see the login modules CreateTicketLoginModule and EvaluateTicketLoginModule

Initially set the = true

For the security related issues ypu can set the following properties in the login modules

1) to TRUE.

Marks the SAP logon ticket as a secure cookie, to enforce that the client browser sends the cookie only when an SSL connection to the J2EE Engine or the reverse proxy is established.

2) ume.logon.httponlycookie to TRUE

If true, the SAP logon ticket is set to HttpOnly. This prevents it from being read by malicious client-side script code such as JavaScript. The setting is only effective for clients that use Microsoft Internet Explorer 6.0 SP1 or higher.

I would suggest to use the 1st option as SAP also recommend the use of SSL connection for Logon Tickets.

I wish this could help you a bit.

Thanks and with regards


Active Contributor
0 Kudos


Please check the following link, I think what you are looking for is Single sign on or SSO

Hope that helps.


Siddhesh Ghag