Professional Documents
Culture Documents
SAP - How To SNC Client Config
SAP - How To SNC Client Config
SNC Client Encryption uses Secure Network Communications (SNC) to provide encryption
and secure communication for the communication channel between the client and the AS
ABAP. This protects the business user operating the client from eavesdroppers, who seek to
capture or manipulate information, such as logon data or business data. In a standard setup,
users enter their user name and password into the logon screen of the SAP GUI. SAP GUI
transfers data, such as user names and passwords, through the network without encryption.
For Single Sign-On (SSO) scenarios, we offer SAP NetWeaver Single Sign-On. SAP
NetWeaver Single Sign-On centralizes and greatly simplifies the way users log on to systems
and applications in your IT landscape. Seamlessly integrated into your existing authentication
processes, it offers enhanced security through state-of-the-art technology. But that is not the
only benefit SAP NetWeaver Single Sign-On has to offer. Reduce your operating costs by
eliminating password-related helpdesk calls, and improve user productivity — more than
enough reasons to start thinking about implementing a single sign-on solution in your
company.
Prerequisites
SAP GUI with SNC Client Encryption installed on a computer running Microsoft
Windows
SAP NetWeaver Application Server (AS) ABAP with the Secure Login Library
Microsoft Windows Domain Controller
Structure
Process
1. User logs on to the Windows client (domain logon) and starts an SAP GUI connection
to an AS ABAP system protected with SNC Client Encryption.
2. SNC Client Encryption recognizes the request for an SNC connection and requests a
service ticket for the AS ABAP from the Microsoft Active Directory server.
3. The Microsoft Active Directory server returns the ticket to SNC Client Encryption.
4. SAP GUI requests a user ID and password from the user.
5. Encrypted channel established.
SAP GUI sends encrypted user ID and password to AS ABAP for authentication. All
further communication during the current session is secure.