Skip to Content
0
Former Member
Jul 05, 2011 at 10:08 PM

Logon authentication in REST web service

1250 Views

Hi Experts,

I have a requirement here,i used a SAP function module that authenticate the SAP user name and password to authenticate user.

Now the end user sends a https call from his mobile device like this:

http://xx.xxx.xxx.xxx/sap/USERNAME=myusername&PASSWORD=mypassword.

I am extracting the the user name and password then try to authenticate the user name and password in my web service.

In this form of URL anyone can easily hack the user name and password.

Can anyone tell me how can i secure user name and password in this scenario????

I don't want to use Basic authentication settings because if end user try with a wrong password its gets user locked.

I would really thankful to you!!!

Thanks,

Sanjay@tpc

Edited by: Gourav Khare on Jul 6, 2011 10:23 AM: Message Subject changed