Dear Experts,
Can anyone help me on securing all OData services present at SAP Gateway . Currenly I have used Basic authentication in all the apps.
I think its not a secure way to do because all the codes are easily vulnerable and can be taken via chrome developer tools(F12).
Since we are using web apps(HTML5) and mobile apps we want to go with "Browser-based Security Assertion Markup Language (SAML) 2.0 authentication" as this is recommended by SAP for both web apps and mobile apps. I also read in SAP documentation
that SAP Fiori used SSO SAML 2.0 to implement security.
Q1:Can you provide any documentation/how-to-guides to achieve this from both backend(BASIS) and UI(SAPUI5) perspective.
Q2:What is the approximate estimated timeline to complete this and deploy it in customer base?
Q3:Is there any prerequisites/challenges/complexities involved in implementing this?
Regards
Prabaharan