search

SAP / node-rfc

Asynchronous, non-blocking SAP NW RFC SDK bindings for Node.js
Apache License 2.0
251 stars 73 forks source link

Is the data encrypted in RFC communication #81

Closed kunhuanglexicon closed 5 years ago

kunhuanglexicon commented 5 years ago

Hi,

I have one question regarding data encryption.

According the example code:

`const rfcClient = require('node-rfc').Client;

// ABAP system RFC connection parameters const abapSystem = { user: 'demo', passwd: 'welcome', ashost: '10.68.104.164', sysnr: '00', client: '620', lang: 'EN', }; ` There are user, passwd, ashost in the source code, when the client make the connection to server, are those sensitive data be encrypted. And also for the response from server, are the data be encrypted? As those data my contain business sensitive data as well.

Thanks!

bsrdjan commented 5 years ago

This particular example illustrates the plain connection, without data encryption.

For secured/encrypted communication, additional configuration is required, both on nodejs system and on ABAP system, including setting-up a trust between these two systems.

This configuration is standard in production systems, usually implemented by SAP NetWeaver Network/Security consultants. When configured, different connection parameters can be used.

For more info on SAP Secure Network Communication (SNC) and SNC configuration please check links in SAP/PyRFC#87.