Hierarchy
SAP_BASIS (Software Component) SAP Basis Component⤷
BC-SEC (Application Component) Security⤷
SOAP_SECURITY_RD (Package) Release-Dependent Parts of SOAP_SECURITY
Basic Data
| Data Element | SEC_WSS_SETUP_ICF_CFG |
| Short Description | ICF update |
Data Type
| Category of Dictionary Type | Direct Type Entry | |
| Type of Object Referenced | No Information | |
| Domain / Name of Reference Type | ||
| Data Type | CHAR | Character String |
| Length | 1 | |
| Decimal Places | 0 | |
| Output Length | 1 | |
| Value Table |
Further Characteristics
| Search Help: Name | ||
| Search Help: Parameters | ||
| Parameter ID | ||
| Default Component name | ||
| Change document | ||
| No Input History | ||
| Basic direction is set to LTR | ||
| No BIDI Filtering |
Field Label
| Length | Field Label | |
| Short | 10 | Provider |
| Medium | 20 | Provider |
| Long | 20 | Provider Setup |
| Heading | 50 | Provider Configuration for Secure Conversation |
Documentation
Definition
When a WS consumer uses message based authentication like a UsernameToken, a SAML-Token oder an X.509-certificate, the ICF will first authenticate with a technical user DELAY_L_<SID> (7.0X systems) or DELAY_LOGON (7.1 and later).
A direct logon with the authentication data contains in the SOAP document is not possible, since the ICF cannot access SOAP data. The report wss_setup creates the DELAY_L_<SID> user, which does not have any authorizations. The report also stores the user password in the secure storage. If the user DELAY_L_<SID> then accesses the WS provider, the provider evaluates, for example, the sent UsernameToken. If the user name and password match, the WS provider performs a user exchange and logs on the user specified in the UsernameToken.
In case the password has been changed, please select the option to update the password of the technical user in the ICF nodes.
History
| Last changed by/on | SAP | 20110908 |
| SAP Release Created in | 702 |
