Showing results for 
Search instead for 
Did you mean: 

.NET Connector and security

0 Kudos


We suspect that some "smart" users/developers outside the IT department could use the .NET platform to create some unauthorized web applications in order to publish or to permit access to datas contained in our SAP system.

Is this possible? If yes, is there a way to prevent them from connecting?

Please note that those developers can be real SAP users with a valid username/passowrd but they never own an SAP developement key


Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

If their user access is restricted to authorized data and all your RFC functions check the user's authorizations you have little to fear...

The only other way would be to enforce SSL communications and not give those users an SSL ticket accessible outside of SAPGUI.... but then at some point you have to trust your employees .....

If you do not trust the people to do right don't give them access to your SAP System...

Answers (0)