Authentication: When users access the portal, they must provide some form of identification in the form of user ID and password, client certificates, and so on. The portal supports authentication with user ID and password, X.509 certificates, integrated Windows authentication, external Web access management tools.
Single Sign-On: Once users have successfully logged on to the portal, they can access all information, applications, and services without repeatedly having to log on.
Authorization: ACL-based permissions ensure that users can only access portal objects for which they have the required authorization. Authorization for applications integrated in the portal is handled by the systems on which the applications run.
User Management: Existing corporate LDAP directories in your system landscape can be leveraged by the portal. Alternatively user data can be retrieved from a SAP Web Application Server ABAP or from a database.
Secure Communications: Secure Sockets Layer (SSL) and Secure Network Communications (SNC) can be used to build a secure channel between the user's Web browser, the portal server, and back-end systems.
Secure network architecture: Recommendations for secure network architecture for the portal are available in the Portal Security Guide.
Security logging: Security-relevant events such as user logon, or changes to permissions, are logged.