Authentication and Single Sign
Authentication and Single Sign Authentication and Single Sign
Pluggable Authentication Service: WGate Windows NT LAN Manager (NTLM) SSL and X.509 client certificates Arbitrary mechanism on the Web server that sets HTTP header variable User External ID Mapping Table (USREXTID) External Auth. Mech. User ID SAP System User ID Authentication (User ID and Password) Alice Web server WGate Alice AGate sapextauth User ID SAP System User ID © SAP AG 2005, Authentication and Single Sign On / Patrick Hildenbrand / 30
Pluggable Authentication Service: AGate Verifying user ID and password on the Windows domain controller LDAP bind Arbitrary mechanisms provided by a partner User External ID Mapping Table (USREXTID) External Auth. Mech. User ID SAP System User ID Alice Authentication (User ID and Password) Web server WGate Alice AGate sapextauth User ID SAP System User ID © SAP AG 2005, Authentication and Single Sign On / Patrick Hildenbrand / 31
- Page 1 and 2: Authentication and Single Sign-On P
- Page 3 and 4: Authentication Identifies a Subject
- Page 5 and 6: Why Use Single Sign-On? Typical sit
- Page 7 and 8: What the Administrator Wants … Ce
- Page 9 and 10: Web-Based Authentication Methods
- Page 11 and 12: Authentication and SSL with X.509 C
- Page 13 and 14: Obtaining a X.509 Certificate Digit
- Page 15 and 16: SAP Logon Tickets - SSO Process Por
- Page 17 and 18: What is a SAP Logon Ticket • SAP
- Page 19 and 20: SSO to Non-SAP Components Using SAP
- Page 21 and 22: Multi Domain SSO Recommendation:
- Page 23 and 24: Adding the User Name Header • The
- Page 25 and 26: Header Based Authentication Best Pr
- Page 27 and 28: SAML - SSO Process Authentication A
- Page 29: Pluggable Authentication Service (P
- Page 33 and 34: JAAS Authentication J2EE Browser Wi
- Page 35 and 36: Single Sign-On for SAP GUI for Wind
- Page 37 and 38: SSO From Web to Traditional - ITS
- Page 39 and 40: Prerequisites 1) Users have the sam
- Page 41 and 42: System Preparation 1. Export Portal
- Page 43 and 44: Agenda Authentication and Identitie
- Page 45 and 46: Single Sign-On Possibilities Authen
- Page 47 and 48: Further Information Public Web: ww
Pluggable <strong>Authentication</strong> Service: AGate<br />
Verifying user ID <strong>and</strong> password on the Windows domain controller<br />
LDAP bind<br />
Arbitrary mechanisms provided by a partner<br />
User External ID Mapping<br />
Table (USREXTID)<br />
External<br />
Auth.<br />
Mech.<br />
User ID<br />
SAP<br />
System<br />
User ID<br />
Alice<br />
<strong>Authentication</strong><br />
(User ID <strong>and</strong> Password)<br />
Web<br />
server<br />
WGate<br />
Alice<br />
AGate<br />
sapextauth<br />
User ID<br />
SAP<br />
System<br />
User ID<br />
© SAP AG 2005, <strong>Authentication</strong> <strong>and</strong> <strong>Single</strong> <strong>Sign</strong> On / Patrick Hildenbr<strong>and</strong> / 31