Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
October, 2013
Security Development
Enabling Authentication for Browser-based Applications
Browser
User
Authenticate
Public
Security Development
Standards-based SSO for Browser-based Applications with SAML 2.0
Browser
2 4
SAML Request
SAML Response
3
Authenticate
Public
Security Development
Enabling Authentication for Browser-based Applications
Public
Security Development
Enforcing Authorizations
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { PrintWriter out = response.getWriter(); if(!request.isUserInRole("Administrator")){ response.sendError(403, "Logged in user does not have role Administrator"); return; } else { out.println("Hello administrator"); } }
Public
Security Development
What Youve Learned in This Unit
How SAML 2.0 works How to enable authentication for your Web applications How to work with roles
Public
Public
Public
How to configure users and roles in a local environment How to test the security settings in a local environment
Public
Security Testing in the Cloud Test SSO in the Cloud with the Local Test Identity Provider
Developers Local System
Browser Your SAP HANA Cloud Application
Public
How to set up your local test environment with the local test IdP How to conduct end-to-end testing in the cloud with the local test IdP
Public
Browser
User
SAP HANA Cloud Platform
SAP ID Service
~4.2 Million Users
2013 SAP AG. All rights reserved.
Public
Employees
Public
john.doe
Public
How to implement SSO and identity federation with a productive IdP (either SAP ID Service or your corporate IdP) How to assign roles in the cloud How to use groups to assign roles indirectly
Public
Security Troubleshooting
Network Protocol Analyzers
110000111
Public
Security Troubleshooting
Activating Debug Logs
Public
Security Troubleshooting
What Youve Learned in This Unit
How to use different tools to debug security issues How to filter log files to identify authentication-relevant issues
Public
Thank you
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. National product specifications may vary. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Please see http://www.sap.com/corporate-en/legal/copyright/index.epx#trademark for additional trademark information and notices.
Public