- SAP HANA Tutorial
- SAP HANA - Home
- SAP HANA Introduction
- SAP HANA - Overview
- In-Memory Computing Engine
- SAP HANA - Studio
- Studio Administration View
- SAP HANA - System Monitor
- SAP HANA - Information Modeler
- SAP HANA - Core Architecture
- SAP HANA Modeling
- SAP HANA - Modeling
- SAP HANA - Data Warehouse
- SAP HANA - Tables
- SAP HANA - Packages
- SAP HANA - Attribute View
- SAP HANA - Analytic View
- SAP HANA - Calculation View
- SAP HANA - Analytic Privileges
- SAP HANA - Information Composer
- SAP HANA - Export and Import
- SAP HANA Reporting
- SAP HANA - Reporting View
- Bi 4.0 Connectivity to HANA Views
- SAP HANA - Crystal Reports
- SAP HANA - Excel Integration
- SAP HANA Security
- SAP HANA - Security Overview
- User Administration & Management
- SAP HANA - Authentications
- SAP HANA - Authorization methods
- SAP HANA - License Management
- SAP HANA - Auditing
- SAP HANA Data Replication
- SAP HANA - Data Replication Overview
- SAP HANA - ETL Based Replication
- SAP HANA - Log Based Replication
- SAP HANA - DXC Method
- SAP HANA - CTL Method
- SAP HANA - MDX Provider
- SAP HANA Monitoring
- SAP HANA - Monitoring and Alerting
- SAP HANA - Persistent Layer
- SAP HANA - Backup & Recovery
- SAP HANA - High Availability
- SAP HANA - Log Configuration
- SAP HANA SQL
- SAP HANA - SQL Overview
- SAP HANA - Data Types
- SAP HANA - SQL Operators
- SAP HANA - SQL Functions
- SAP HANA - SQL Expressions
- SAP HANA - SQL Stored Procedures
- SAP HANA - SQL Sequences
- SAP HANA - SQL Triggers
- SAP HANA - SQL Synonym
- SAP HANA - SQL Explain Plans
- SAP HANA - SQL Data Profiling
- SAP HANA - SQL Script
- SAP HANA Useful Resources
- SAP HANA - Questions and Answers
- SAP HANA - Quick Guide
- SAP HANA - Useful Resources
- SAP HANA - Discussion
SAP HANA - Authentications
All SAP HANA users that have access on HANA database are verified with different Authentications method. SAP HANA system supports various types of authentication method and all these login methods are configured at time of profile creation.
Below is the list of authentication methods supported by SAP HANA −
- User name/Password
- Kerberos
- SAML 2.0
- SAP Logon tickets
- X.509
User Name/Password
This method requires a HANA user to enter user name and password to login to database. This user profile is created under User management in HANA Studio → Security Tab.
Password should be as per password policy i.e. Password length, complexity, lower and upper case letters, etc.
You can change the password policy as per your organization’s security standards. Please note that password policy cannot be deactivated.
Kerberos
All users who connect to HANA database system using an external authentication method should also have a database user. It is required to map external login to internal database user.
This method enables users to authenticate HANA system directly using JDBC/ODBC drivers through network or by using front end applications in SAP Business Objects.
It also allows HTTP access in HANA Extended Service using HANA XS engine. It uses SPENGO mechanism for Kerberos authentication.
SAML
SAML stands for Security Assertion Markup Language and can be used to authenticate users accessing HANA system directly from ODBC/JDBC clients. It can also be used to authenticate users in HANA system coming via HTTP through HANA XS engine.
SAML is used only for authentication purpose and not for authorization.
SAP Logon and Assertion Tickets
SAP Logon/assertion tickets can be used to authenticate users in HANA system. These tickets are issued to users when they login into SAP system, which is configured to issue such tickets like SAP Portal, etc. User specified in SAP logon tickets should be created in HANA system, as it does not provide support for mapping users.
X.509 Client Certificates
X.509 certificates can also be used to login to HANA system via HTTP access request from HANA XS engine. Users are authenticated by certificated that are signed from trusted Certificate Authority, which is stored in HANA XS system.
User in trusted certificate should exist in HANA system as there is no support for user mapping.
Single Sign On in HANA system
Single sign on can be configured in HANA system, which allows users to login to HANA system from an initial authentication on the client. User logins at client applications using different authentication methods and SSO allows user to access HANA system directly.
SSO can be configured on below configuration methods −
- SAML
- Kerberos
- X.509 client certificates for HTTP access from HANA XS engine
- SAP Logon/Assertion tickets