Hi,

A few things needs to be considered/performed to achieve this as Java Dynpro can have security managed at component level.

1.) Export your ABAP stack certificate (or if it is a 3rd party system consider other logon stack options - such as http header login module etc. refer to documentation for intergation SSO options).

http://help.sap.com/saphelp_nw70/helpdata/en/f8/9636eedafe8b4589cd6e9e4e73fd3c/frameset.htm

2.) Import the certificate into the portal via NWA --> Configuration --> Trusted Systems.

3.) Consider JCo connection definitions and security depending on application requisites.

4.) Consider role based access. If you create a role in EP for the access to the Dynpro you can further increment component level access by managing security Zones for users/groups/roles accessing these. This is particularly of importance if you are extending/referencing other portal components as part of the solution.

5.) Session managment and termination. depending on yoru security model and architechture you may not want users to iteratively hop between systems. As such you need to architecht your solutions to exclusively terminate or redirect sessions depending on where they have been accessed from e.g https/http redirects and terminations. You also need to consider session managment in your scenario if you have a solution that is xapp modelled accross the landscape where you may have load balancing in place (for these reverse proxy / web dispatchers are required for session mgt).

Additonal considerations:

There are std function modules in the new NW ABAp stacks that allows you to populate/retrieve values from the RSPOR_T_PORTAL tables for your landscape to allow dynamic referencing when you use appliactions taht reference the portal for calls from ABAP in your landscapes (search for RSPORTAL in SE37). Ensure these values are maintained to make your life easy.

Hope this helps.