on 08-20-2008 10:13 PM
Hi all
We're creating a portal system for our clients which requires high security, and we've been asked to look into the options available for two-factor authentication.
Has anyone tried this before? Does anyone from SAP know what the intended direction is with the Portal product in this area (I don't want to go down a completely different route to that which SAP intends on using)?
Thanks in advance
Stuart
Two-factor authentication requires that two different authentication factors are required to complete the authentication process. With NetWeaver AS Java (and therefore with the Portal on top) you can configure the authentication to include as many authentication mechanism as necessary and thus achieve two-factor or three-factor authentication. You only need JAAS login modules for each authentication mechanism. NetWeaver AS Java comes with login modules for the most commonly used mechanisms, such as user-name and password, X.509 certificate, SPNego, etc. It also provides the infrastructure to help you develop and deploy custom login modules.
The Portal uses the default set of logon screens provided with NetWeaver AS Java. They allow for customization so you can add new UI elements to request for additional credentials.
What you need to do is to:
- ensure the login modules for each authentication factor you want to have in the authentication process. Create a custom one if there is not an already provided one.
- change the authentication stack configuration of the Portal (or any application you want to protect) to include the login modules with the correct JAAS control flags.
- customize the logon application so that the end-user is asked for the different authentication factors.
You can find additional information related to the three steps above on help.sap.com.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Donka,
Is it possible to have Digital Certificate and login/password as two factor authentication for SAP SRM?
Rgds
Rpert
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Gunter,
As part of the SAP Single Sign-On 2.0 product we offer two-factor authentication with Time-Based One-Time Password solution. More information is available in this blog:
Strong Two-Factor Authentication with One-Time Password Solution
With the latest support package of the SAP Single Sign-On 2.0 product we offer also risk based authentication solution. More details you will be able to find in my blog: Risk-Based Authentication for Your Critical Business Processes
Best Regards,
Donka Dimitrova
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.