In parts 1 and 2 of this blog series, I showed how to secure your SCC with a trusted UI Certificate as well as how to further secure your SCC with a trusted System Certificate, put your CA certificate in the Trust Store, install a SCC CA Certificate and with that enable Principal Propagation. As a result, we got 4 green boxes in the SCC General Security Status:
Therefore, in the final blog of this series, I will show how to configure local LDAP for authentication of Cloud Connector administrators.
This configuration is JNDIRealm based and pretty straight forward given your directory setup:
However, I found it useful to test the settings in an LDAP tool with the configured user to ensure that access is permitted and the correct results retrieved for both the user:
As well as for the role search:
Also, it is good to know, that as of SCC version 2.8.0 and higher, you can always easily revert back to the file based user store.
Since the Administrator is a pure service user, I can confirm this and get an all green General Security Status:
If you followed me until here, then you got a fully secured HANA Cloud Connector now.
Source: scn.sap.com
No comments:
Post a Comment