| Table of Contents |
|---|
...
Send us your SNC Partner Name of the respective SAP system (Link: Help Desk)
Error (Unable to load GSS-API DLL)
...
You can use Kerberos to overcome the security weakness characteristic of more basic authentication mechanisms such as user ID and password authentication.
The Kerberos authentication process relies on the exchange of session tickets. The session tickets are issued by a Kerberos Key Distribution Center (KDC) when the user attempts to connect to the AS ABAP. The KDC itself establishes and verifies the user identity and the user is not required to interactively provide a user ID and password for the AS ABAP logon.
As a result of the use of session tickets, the AS ABAP authentication credentials of users are not communicated over the network for the connection between the SAP GUI and the AS ABAP. Thereby, the credential confidentiality and integrity protection are guaranteed.
In addition, Kerberos makes use of several systems in your landscape, which may result in additional administrative effort and costs.
You can use X.509 client certificates to enable secure authentication instead of using the traditional user ID and password-based authentication. The authentication credentials are protected during their transport over the network due to the use of public-key technology in X.509 client certificates.
Users need to receive their client certificates from a Certification Authority (CA), using a Public Key Infrastructure (PKI). If you do not have an established PKI then you can use a Trust Center Service to obtain certificates.
...