Configure the Authentication
In this task, you learn how to configure the authentication settings for your launchpad.
Prerequisites
-
You have configured the general settings of your launchpad in Configure the Settings.
Procedure
-
In the Cockpit, go to Administration and click Launchpad.
Result: The table of existing launchpads open.
-
Click on the launchpad you want to configure.
Result: The settings of the launchpad open in the General tab.
-
Click Edit.
-
Go to the Authentication tab.
-
In the Settings tab, set the server URL. You can connect to your DXP using the SAP Mobile Platform or using the Neptune RESTful internet service.
-
To connect using the SAP Mobile Platform, specify the URL of your SMP server.
-
To connect using the Neptune RESTful internet service on an ABAP stack, provide the URL of the SAP ABAP Web Application Server where your DXP is installed. You can provide the name of the main Neptune internet service node or a sub-node.
-
-
In the SAP-Client tab, set the client number of the SAP system.
-
In the SAP-Language tab, you can set the default language of your SAP System.
-
In the Login Page tab, you can link a login page layout to your login page.
You can create templates and layouts for login pages with Login Page. -
In the ICF Subnode tab, you can choose to run your mobile client in a dedicated ICF subnode. Your subnode must be created in the /neptune/ ICF node.
-
In the External Alias tab, you can configure an external alias. An External Alias will allow you to create an additional entry node which you can map to the general /neptune/ ICF node.
You can find additional information about external alias in the SAP documentation. -
In the CSRF Protection tab, you can enable CSRF protection.
When the launchpad is initially opened, a CSRF token is requested from the Neptune Server and stored inside a cookie. This token will be sent to the Neptune Server with an HTTP Header field in every ajax call triggered by your applications running inside Neptune Desktop Launchpad. If the token sent with the HTTP Header does not match the value stored inside the cookie, the server will reply with an error. -
In the Same Origin Protection tab, you can disable same origin protection.
The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin. It helps isolate potentially malicious documents, reducing possible attack vectors. -
In the Two Factor Authentication tab, you can enable two-factor authentication.
When you enable Two Factor Authentication, users must authenticate with an additional code. As a default the code is sent during the logon process. The default delivery is a 6-digit code sent to the user’s email specified in the user master record in SAP. -
Click Save.
Next steps
-
Optional: Add a Launchpad layout to your Launchpad
-
Optional: Add a policy to your Launchpad