Understand how to secure communication ports and enable single sign-on (SSO) for packages that contain mobile business objects (MBOs) bound to an SAP enterprise information system (EIS).
SAP MBOs bound directly to SAP BAPIs and RFCs, as well as SAP BAPIs exposed as Web services. Once deployed, SAP Mobile Platform supports Java connector (JCo) connections and Secure Network Communications (SNC) for SAP MBOs, and HTTP(S) connections to Web services.
Once deployed, connection information, and other application- and package-specific information is maintained by SAP Mobile Server. SAP Mobile Server packages that contain SAP MBOs support message-based and replication-based applications and perform queue handling, data caching, and synchronization services.
Typical data flow for SAP MBO packages that use data change notification (DCN) as a refresh mechanism.
In an SSO configuration, the client provides credentials to SAP Mobile Server (username and password or X.509 user certificate) that are authenticated by the security configuration's authentication module (CertificateAuthenticationLoginModule for X.509 or HttpAuthenticationLoginModule for SSO2). Once authenticated by SAP Mobile Server, and assuming that SAP Mobile Server and the EIS have a secure communication path, SSO is enabled.