With basic authentication to an SSO-integrated back end, the user name and password of the basic credentials are sent to SAP Mobile Platform where the security profile uses the HTTP/HTTPS Authentication provider to pass the credentials to the SSO-enabled Web server for validation.
In response, the security profile receives the SSO cookie used by other SSO-enabled back ends.
Basic authentication against an SSO-integrated service is the least secure and the least common SAP Mobile Platform SSO scenario.
The Check Impersonation option in the security profile settings in Management Cockpit ensures that SAP Mobile Platform knows who the user is after successful SSO-based login. When using the basic authentication scenario, SAP Mobile Platform already has the user name, but additional principals can be returned as well.