Hi Experts,
I have a requirement here,i used a SAP function module that authenticate the SAP user name and password to authenticate user.
Now the end user sends a https call from his mobile device like this:
http://xx.xxx.xxx.xxx/sap/USERNAME=myusername&PASSWORD=mypassword.
I am extracting the the user name and password then try to authenticate the user name and password in my web service.
In this form of URL anyone can easily hack the user name and password.
Can anyone tell me how can i secure user name and password in this scenario????
I don't want to use Basic authentication settings because if end user try with a wrong password its gets user locked.
I would really thankful to you!!!
Thanks,
Sanjay@tpc
Edited by: Gourav Khare on Jul 6, 2011 10:23 AM: Message Subject changed