20 March 2009

Security Troubleshooting Guide For NetWeaver J2EE 640/700

I found a very nice security troubleshooting guide attached to note 1296330.
Below is the index of the document :

Chapter 1 - Authentication

Read this chapter if you have general problems logging in to a resource on the SAP J2EE Engine (NetWeaver Administrator, User Management, System Information) or to standalone SAP applications which connect to the SAP J2EE Engine (Visual Administrator). No single sign-on must be active on the system.

Chapter 2 - Authorization

Read this chapter if you see error messages saying that the user is not authorized to access the requested resource.

Chapter 3 - Session Management

Read this chapter if you think that the security sessions of the user expire when they should not or if a user is incorrectly logged in to the SAP J2EE Engine as another user.

Chapter 4 - Single Sign-On

Read this chapter if you have a single sign-on scenario and it fails.

Chapter 5 - SPNego

Read this chapter if you have setup the SAP J2EE Engine to use Kerberos authentication via SAP's SPNego mechanism.

Chapter 6 - SSL

Read this chapter if you have enabled communication over the SSL protocol and it fails.

Chapter 7 - Key Storage

Read this chapter if you see error messages saying that there are problems with Key Storage views or if you have problems importing/exporting certificates.