Skip to Content

Is it safe to set sap.default.authentication to false in external internet facing portal?

Hi experts,

I was wondering if it would be safe to disable


in an internet facing portal as the password reset application in the login page (user self service) is a web dynpro application and so it would be nonsense if you first need to authenticate if you don't know your password anymore and want to reset it.

I can assure that all customer web dynpro applications have the authenticate flag but i don't know if all SAP applications are safe or if this is creating possible security issues?

Thanks for your feedback!



Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

0 Answers