SAP NW SSO 2.0 Password Manager For SAP NetWeaver Single Sign-On Implementation Guide

PUBLIC
SAP NetWeaver Single Sign-On 2.0 SP0 Document Version: 1.0 - 2013-04-08
Password Manager for SAP NetWeaver Single SignOn Implementation Guide
Table of Contents
1 2 2.1 2.2 2.3 2.4 2.5 2.6 3 3.1 3.2 Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Password Manager Installation Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 System Requirements for Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Installing Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Installing Password Manager with Custom Security Questions for Resetting the Master Password. . . . . . 7 2.3.1 Default Security Questions for Resetting the Master Password. . . . . . . . . . . . . . . . . . . . . . . . 8 Performing an Unattended Installation of Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Upgrading Enterprise Single Sign-On to Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Removing Your Personal Data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Password Manager User Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12 Starting Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Password Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.2.1 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 3.3 3.4 3.5 3.6 3.7 Adding Passwords for Web Sites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Adding Passwords for Windows Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Displaying Passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 Generating Passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Ignoring Applications and Web Sites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Adding Additional Passwords for an Existing Application or Web Site. . . . . . . . . . . . . . . . . . . 18 Logging On With Drag and Drop Passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Password Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Adding Credit Card Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Adding Identities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Adding Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Disabling Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Advanced Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 3.7.1 3.7.2 3.7.3 3.7.4 3.7.5 3.7.6 Application Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 Master Password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 Importing Password Manager Data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Exporting Password Manager Data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Setting the Default Web Browser. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Enabling Automatic Logon to Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Auditing and Logging for Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Password Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Password Policy Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 Credit Card Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
3.8 3.9
Troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 3.8.1 3.9.1 3.9.2 3.9.3 Appendix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Table of Contents
3.9.4 3.9.5 4 4.1 4.2 4.3
Identity Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Note Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Password Manager Admininstrator Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Distributing Applications, Web Sites, and Password Policies to Users. . . . . . . . . . . . . . . . . . . . . . . . . . 39 Configuring Policy Files for Password Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 Options of the Password Manager Group Policy File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 4.3.1 4.3.2 4.3.3 Password Manager Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Soft Token Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Terminal Emulator Host Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
5 5.1 5.2 5.3 5.4 6 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 6.10 6.11 7
Password Manager Security Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Technical System Landscape. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Data Storage Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Password Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48 Security Relevant Logging and Tracing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Open Source Licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Sun Java Platform Standard Edition SDK (J2SDK) (JDK). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50 Windows Template Library. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Code Project - Pretty IE Toolbar in C#, Code Project - Adding Icons to System Tray. . . . . . . . . . . . . . . .55 RSA Cryptoki: Cryptographic Token Interface Standard API (PKCS #11). . . . . . . . . . . . . . . . . . . . . . . .58 SSLeay. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 zlib. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 libxml2, JQuery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Java Access Bridge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 SHA, Flex. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Google GSON. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 AES-NI Sample Library. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Disclaimer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Table of Contents
PUBLIC
2013 SAP AG or an SAP affiliate company. All rights reserved.
Password Manager
Password Manager helps you store strong passwords in a secure store for single sign-on (SSO) to applications and web sites, without the need to remember every password or click a specific logon dialog. After you have logged on to the Password Manager application, logon to applications running under the control of the system happen automatically. The Password Manger application is a component of SAP NetWeaver Single Sign-On (SAP NetWeaver SSO).
PUBLIC
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Password Manager
Password Manager Installation Guide
Install Password Manager on your Windows PC to make logging on to web sites and Windows applications easier. This guide enables administrators or business users with administrative rights on their PC to install Password Manager. Related Links
System Requirements for Password Manager [page 5] The host system for Password Manager for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) must meet the hardware and software requirements listed in the following sections. Installing Password Manager [page 6] You want to perform a single installation of Password Manager on your computer. Installing Password Manager with Custom Security Questions for Resetting the Master Password [page 7] When installing Password Manager you can change the security questions for resetting the master password to something that is more relevant to you. Performing an Unattended Installation of Password Manager [page 9] You want to install SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) Password Manager on workstations in your landscape. Upgrading Enterprise Single Sign-On to Password Manager [page 9] Enterprise Single Sign-On is a part of SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) release 1.0. You can upgrade Enterprise Single Sign-On to Password Manager as part of SAP NetWeaver SSO release 2.0. Removing Your Personal Data [page 10]
2.1
System Requirements for Password Manager
The host system for Password Manager for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) must meet the hardware and software requirements listed in the following sections.
Hardware Requirements
You have 50 MB of free space on your hard drive.
Note
Other required software components, such as the Secure Login Client, require additional space. For more information, see the documentation of the respective software components.
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Password Manager Installation Guide
PUBLIC
Software Requirements
Table 1: Software Requierments for Password Manager Area Operating system Requirement Microsoft Windows 7 Microsoft Windows 8 Ensure that you have tuned on the Windows feature .NET Framework 3.5. The .NET Framework is available for download from the Microsoft web site. You have downloaded and installed the Oracle Java Runtime Environment or Oracle Java Development Kit 1.6, 32-bit or 64-bit. You have downloaded and installed Oracle Java Access Bridge 2.0.2, 32-bit or 64-bit.
Support for Java applications
For more information, see the vendor documentation. Secure Login Client You have downloaded and installed Secure Login Client, a component of SAP Netweaver Single Sign-On 2.0. Download SAP software from the SAP Service Market Place at https://service.sap.com/swdc. For more information, see the Secure Login for SAP NetWeaver Single Sign-On Implementation Guide. Related Links
SAP Software Download Center Secure Login for SAP NetWeaver Single Sign-On on SAP Help Portal
2.2
Installing Password Manager
You want to perform a single installation of Password Manager on your computer. 1. 2. 3. You have administrator rights on the host computer. You have closed all SAP applications running on your computer. Download the SAP NetWeaver Single Sign-On Password Manager software from the Software Download Center at SAP Service Market Place. Start SAPSetupESC.exe as administrator. Follow the on-screen instructions. An initialization dialog appears.
4. 5.
Enter a master password and a security question and answer for resetting the master password. Save your entries.
Related Links
Software Download Center System Requirements for Password Manager [page 5] The host system for Password Manager for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) must meet the hardware and software requirements listed in the following sections. Master Password [page 28] When you install Password Manager, Password Manager creates a key from the master password you enter. Password Manager uses this key to encrypt and decrypt the data that Password Manager saves, such as passwords for applications and web sites, credit card information, identity information, and notes.
2.3 Installing Password Manager with Custom Security Questions for Resetting the Master Password
When installing Password Manager you can change the security questions for resetting the master password to something that is more relevant to you. You have not installed Password Manager on the host computer. Password Manager delivers a set of security questions. During installation, the installer prompts you to choose one question and enter an answer. Password Manager uses the security question and answer to reset you master password in case you forget it. By default, the answer must be at least 8 characters long. The system administrator can change the default length of the security answer. If you cannot come up with an answer that meets the minimum requirements, consider changing the security questions to something to which you can give a longer answer that you can remember. 1. 2. 3. Download the SAP NetWeaver Single Sign-On Password Manager software from the Software Download Center at SAP Service Market Place. Execute the following command in a command shell: <path_to_installation_files> \SAPSetupESC.exe /X="<extraction_path>" Edit the file <extraction_path>\SAPSetupEsc\Shared\SAP\signon\QuestionsList.xml. Change the questions as required. Be sure to translate the questions into the other languages you want to support.
Note
If you make a formatting error, Password Manager loads the default questions or ignores lines with syntax errors. 4. 5. 6. Save your entries. Execute the following command in a command shell: <extraction_path>\Setup\NwSapSetup.exe Follow the on-screen instructions. An initialization dialog appears.
PUBLIC
7. 8.
Enter a master password and a security question and answer for resetting the master password. Save your entries.
Related Links
Software Download Center System Requirements for Password Manager [page 5] The host system for Password Manager for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) must meet the hardware and software requirements listed in the following sections. Master Password [page 28] When you install Password Manager, Password Manager creates a key from the master password you enter. Password Manager uses this key to encrypt and decrypt the data that Password Manager saves, such as passwords for applications and web sites, credit card information, identity information, and notes. Default Security Questions for Resetting the Master Password [page 8] The following is a list of the security questions delivered by Password Manager.
2.3.1 Default Security Questions for Resetting the Master Password

The following is a list of the security questions delivered by Password Manager. During installation, the installer prompts you to choose one security question and enter an answer. Password Manager uses the security question and answer to reset you master password in case you forget it. What is your mother's maiden name? What is the name of your favorite uncle or aunt? What is the last name of your favorite musician? What is the last name of your favorite teacher? What is the last name of your best childhood friend? What is the name of the hospital where you were born? What is the name of the town in which you grew up? What is the name of your favorite book?
In addition to English, Password Manager delivers these questions in Chinese, French, German, Japanese, Portuguese, Russian, and Spanish. Related Links
Installing Password Manager with Custom Security Questions for Resetting the Master Password [page 7] When installing Password Manager you can change the security questions for resetting the master password to something that is more relevant to you. Master Password [page 28] When you install Password Manager, Password Manager creates a key from the master password you enter. Password Manager uses this key to encrypt and decrypt the data that Password Manager saves, such as passwords for applications and web sites, credit card information, identity information, and notes.
2.4 Performing an Unattended Installation of Password Manager

You want to install SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) Password Manager on workstations in your landscape. 1. 2. Download the SAP NetWeaver Single Sign-On Password Manager software from the Software Download Center at SAP Service Market Place. Configure your tools to distribute the installation files to your workstations and start the following command in a command shell: <path_to_installation_files>\SAPSetupESC.exe /silent /Product="ESC" For more information about further installation options with SAPSetupESC.exe, see SAP Setup Guide in the archive. You can download the latest version from SAP Service Market Place. After installation, an initialization dialog appears. The user must enter a master password and password recovery question and answer. Related Links
Software Download Center System Requirements for Password Manager [page 5] The host system for Password Manager for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) must meet the hardware and software requirements listed in the following sections. Master Password [page 28] When you install Password Manager, Password Manager creates a key from the master password you enter. Password Manager uses this key to encrypt and decrypt the data that Password Manager saves, such as passwords for applications and web sites, credit card information, identity information, and notes. Password Manager Admininstrator Guide [page 39] System administrators use these functions to configure Password Manager for all users in a Windows domain. Software Logistics Toolset
Software Logistics Toolset <Release> SAPSetup SAPSetup
Software Logistics Toolset <Release>
2.5 Upgrading Enterprise Single Sign-On to Password Manager

Enterprise Single Sign-On is a part of SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) release 1.0. You can upgrade Enterprise Single Sign-On to Password Manager as part of SAP NetWeaver SSO release 2.0. You have exported your credentials to a soft token file. For more information, see User Guide SAP NetWeaver Single Sign-On 1.0 Enterprise Single Sign-On. You know the master password used for Enterprise Single Sign-On.
Note
You do not need to uninstall Enterprise Single Sign-On.
Caution
PUBLIC
Password Manager overwrites any entries with the same description. 1. 2. 3. 4. 5. 6. 7. Install SAP NetWeaver SSO release 2.0 Secure Login Client. Install SAP NetWeaver SSO release 2.0 Password Manager. Start Password Manager. Choose Advanced Settings .
Choose the Import 1.0 Data pushbutton. Select the soft token file you exported from Enterprise Single Sign-On. The default folder for the file is <User name>\AppData\Roaming\SAP\signon. Enter the master password used to export the soft token file from Enterprise Single Sign-On.
Related Links
System Requirements for Password Manager [page 5] The host system for Password Manager for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) must meet the hardware and software requirements listed in the following sections. SAP NetWeaver Single Sign-On 1.0 on SAP Help PortalLinks to documentation on SAP Help Portal Links to documentation on SAP Help Portal
2.6

Removing Your Personal Data
You have removed Password Manager from your computer. You have backed up the system registry of your computer.
Note
This procedure requires you to edit the system registry. Editing the system registry can damage your computer. Removing Password Manager with the installer does not remove all user data and files, for example, the password store. Keeping the user data enables you to remove one release of Password Manager and install a higher release without losing passwords and other information in the password store. To remove all your data you must use this procedure. Although your personal data is encrypted on your computer, a malicious user with sufficient skill and time could break the encryption or your master password and gain access to your password data. So before you give up ownership of a computer with your personal data, you should backup and delete that data. 1. 2. 3. 4. Navigate to the installation directory. The default installation directory is C:\Program Files\SAP\FrontEnd. Delete the signon directory. Open the Registry Editor. To open the Registry Editor, choose Start and enter regedit in the search field. Delete the following keys:
10
HKEY_LOCAL_MACHINE\SOFTWARE\SAP\signon HKEY_CURRENT_USER\Software\SAP\signon
PUBLIC
11
Password Manager User Guide
This guide enables business users of the Password Manager application to operate and configure the application.
3.1
Starting Password Manager
Use this procedure to start the Password Manager application. From the Windows Start menu, choose All Programs SAP Front End Password Manager .
3.2
Password Management
Password Manager enables you to save user names and passwords for Windows applications and web sites. Related Links
Adding Passwords for Web Sites [page 13] Use Password Manager to save your user name and password for web sites so that Password Manager can automatically log you on next time you visit the page. Adding Passwords for Windows Applications [page 15] This procedure saves your user name and password for a Windows application so Password Manager can log you on next time you start the application. Displaying Passwords [page 17] You can display the password you set for an application or web site. Generating Passwords [page 17] Generated passwords are harder to remember, but if you only access particular applications or web sites from a set of computers where you have installed Password Manager, then this can be a very safe way to protect access to these applications and web sites. Password Manager remembers the passwords so you do not have to. Ignoring Applications and Web Sites [page 18] Use this procedure if you have applications or web sites for which you do not want Password Manager to ask you, if Password Manager should register the application or web site. Adding Additional Passwords for an Existing Application or Web Site [page 18] You already have a password configured for an application or web site. You want to be able to log on with another account. Perhaps you have an account for work and an account for private use or you share this computer with another person. Logging On With Drag and Drop Passwords [page 21] There are thousands of ways that applications and web sites can implement log on. Password Manager can automatically log on to many of them, but not all. Password Policies [page 22] Password Manager uses password policies to regulate what kind of passwords you can use. Use password policies to ensure you create safe passwords.
12
PUBLIC
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Password Manager User Guide
3.2.1
Adding Passwords for Web Sites
Use Password Manager to save your user name and password for web sites so that Password Manager can automatically log you on next time you visit the page. You know your user name and password for the web site. Web detection has not been disabled for your web browser.
Note
If you are using Microsoft Internet Explorer, some web sites open a Windows Security dialog box in additon to the Password Manger dialog box. Enter your user name and password in the Password Manager dialog box. As long as you have automatic logon enabled, Password Manager automatically enters your user name and password in the Windows Security dialog box. Otherwise you must enter this information yourself. 1. 2. 3. 4. Open a web site in your browser. Go to the logon screen. Enter your user name and password and submit. In the Password Manager dialog that appears, choose how you want to register the site. 5. Domain name (example.com) Fully-qualified domain name (hostname.example.com) URL (http://host.example.com/resource)
Choose the Register Now pushbutton.
Password Manager adds a password entry for this web site. Next time you navigate to the logon page of the web site, Password Manager can log you on automatically. Related Links
Ignoring Applications and Web Sites [page 18] Use this procedure if you have applications or web sites for which you do not want Password Manager to ask you, if Password Manager should register the application or web site. Choosing Between Domain Name, Fully-Qualified Domain Name, and URL [page 14] When you save a web site for Password Manager, you must choose how to register the web site. The following table explains the options. Disabling Detection of New Passwords for Web Sites [page 15] You do not want Password Manager attempt to add new passwords when you log on to a web site. As an alternative, you can choose the Register Later or Never Register pushbuttons, when Password Manager attempts to add a new password. Disabling Automatic Logon to Web Sites [page 15] You do not want Password Manager to automatically you log on to web sites. This gives you a chance to select from multiple passwords you have saved for the web site.
PUBLIC
13
3.2.1.1 Choosing Between Domain Name, Fully-Qualified Domain Name, and URL
When you save a web site for Password Manager, you must choose how to register the web site. The following table explains the options. Table 2: Registration Options for Passwords Option Domain name Example example.com Description Password Manager performs Single Sign-On anytime it gets a logon dialog from any URL with the matching domain name. This is good if the web site only offers one service, but bad if it you have different user IDs for different hosts or services. For example photos.example.com and mail.example.com and calendar.example.com. Fully-qualified domain name hostname.example.com This option enables you to separate your services, but it only makes sense if you have different logons for each service. With this option you have a different logon for each individual application the web site has to offer. For example, you have different users for applications at the following URLs: http:// host.example.com/resource/ mail/login and http:// host.example.com/resource/ photos/login. Unfortunately, every time there is a change in the application URL you must reregister the password with Password Manager. For example, the owner of the photo application changes the login application and the URL is now as follows: http:// host.example.com/resource/ photos/login2.
URL
http://host.example.com/ resource
14
3.2.1.2
Disabling Detection of New Passwords for Web Sites
You do not want Password Manager attempt to add new passwords when you log on to a web site. As an alternative, you can choose the Register Later or Never Register pushbuttons, when Password Manager attempts to add a new password. 1. 2. You are using a web browser that supports the SAP NetWeaver Single Sign-On Password Manager toolbar. You installed the SAP NetWeaver Single Sign-On Password Manager toolbar for your web browser during installation. You display the SAP NetWeaver Single Sign-On Password Manager toolbar in your web browser. Open a web browser. From the SAP NetWeaver Single Sign-On toolbar, choose Settings Turn on Web Detection .
The menu entry changes to Turn off Web Detection. When you log on to a new web site, Password Manager does not offer you the option to save the password.
3.2.1.3
Disabling Automatic Logon to Web Sites
You do not want Password Manager to automatically you log on to web sites. This gives you a chance to select from multiple passwords you have saved for the web site. 1. 2. You are using a web browser that supports the SAP NetWeaver Single Sign-On Password Manager toolbar. You installed the SAP NetWeaver Single Sign-On Password Manager toolbar for your web browser during installation. You display the SAP NetWeaver Single Sign-On Password Manager toolbar in your web browser. Open a web browser. From the SAP NetWeaver Single Sign-On toolbar, choose Settings Automatic Login .
The menu entry changes from a green check mark to a red X. When you log on to a web site for which you have a password, Password Manager enters the default password, but does not submit the information.
3.2.2
Adding Passwords for Windows Applications
This procedure saves your user name and password for a Windows application so Password Manager can log you on next time you start the application. 1. 2. You know your password and user name, if required, for the application. You have enabled Password Manager Learning Wizard. Start an application that requires logon. In the Password Manager dialog box, choose the Register Now pushbutton. The SAP NetWeaver Single Sign-On Password Manager Registration dialog box appears.
PUBLIC
15
3.
Determine if the logon dialog of the application asks for just a password or whether it asks for user name and password. If the logon dialog only has a field for a password, select the Login dialog only has password field checkbox.
4.
For each find icon ( ), click and drag the icon to the relevant field or button in the logon dialog of the application. For example, drag the find icon for Password to the password field of the logon dialog of the application. The icon becomes a crosshair. When Password Manager highlights the correct field or pushbutton, drop the icon. If you drop the find icon in the wrong place, use the trash icon ( ) to remove the setting a try again. Do this until you cannot find any more fields or buttons with corresponding find icons in the Password Manager Registration dialog.
5. 6. 7.
Choose the Next pushbutton. Enter data as required and choose the Next pushbutton. Choose the Finish pushbutton.
Password Manager enters your password and logs you on to the application.
Note
If you have disabled automatic logon for Windows applications, Password Manager enters your password information automatically, but you must submit the logon data yourself. Related Links
Disabling Detection of New Passwords for Applications [page 16] You do not want Password Manager to attempt to add new passwords when you log on to an application. Ignoring Applications and Web Sites [page 18] Use this procedure if you have applications or web sites for which you do not want Password Manager to ask you, if Password Manager should register the application or web site.
3.2.2.1 Disabling Detection of New Passwords for Applications

You do not want Password Manager to attempt to add new passwords when you log on to an application. As an alternative, you can choose the Register Later or Never Register pushbuttons, when Password Manager attempts to add a new password. In the context menu of the Password Manager icon ( ) in the notification area of the task bar, choose Disable Password Manager Learning Wizard.
Note
Your system administrator can disable this function in the policy files. If the icon is not does not appear or you cannot enable the menu item, contact your system administrator. When you start an application with a logon dialog, Password Manager does not offer you the option to save the password.
16
Note
You can always manually start the Learning Wizard, by choosing Register New Application from the context menu of the Password Manager icon ( ) in the notification area of the task bar.
3.2.3
Displaying Passwords
You can display the password you set for an application or web site. You know the master password for your Password Manager installation. 1. 2. 3. 4. Start Password Manager. Choose Passwords. Choose a password. Choose (Show and change password).
Caution
Be aware that the application shows the password on the screen in clear text (unencrypted). 5. Enter the master password. If you forget the master password you can reset it. The password appears for 5 seconds. You can now edit the <Password> and <Confirm Password> fields. Related Links
Resetting the Master Password [page 30] You need the master password to start Password Manager and to carry out some of its more important functions. If you forget the master password, use this procedure to reset it.
3.2.4
Generating Passwords
Generated passwords are harder to remember, but if you only access particular applications or web sites from a set of computers where you have installed Password Manager, then this can be a very safe way to protect access to these applications and web sites. Password Manager remembers the passwords so you do not have to. Generated passwords tend to be much safer than passwords created by human beings. Human beings often rely on words and phrases that a hacker can guess. 1. 2. In the context menu of the Password Manager icon ( ) of the notification area in the task bar, choose Open Password Generator. Select a password policy or adjust the password policy as required. If you change the password policy, enter a new description and choose 3. Choose the Generate pushbutton. To view the password, choose (Show and hide password). (Save password policy) to save it.
PUBLIC
17
Caution
Make sure no one can look over your shoulder at the screen. 4. 5. Choose (Copy to clipboard).
Paste the password in any password fields. For example, paste the password in the change password dialog of the application or web site. Then update the password entry in Password Manager with the same password.
6. 7.
To close the window, choose the Cancel pushbutton. Clear the clipboard cache. To clear the clipboard cache select a string of text from a document and copy the text to the clipboard ( CTRL + C ). This overwrites the password in the memory of the clipboard.
Caution
It is important to remove the password form the clipboard, because other applications, possibly malicious ones, can access this information. Related Links
Enabling Automatic Change of Passwords for Applications [page 27] The security policies of some applications require you to periodically change your password. Applications do this to limit the amount of time someone can misuse your account. Password Manager can change your password for you automatically.
3.2.5
Ignoring Applications and Web Sites
Use this procedure if you have applications or web sites for which you do not want Password Manager to ask you, if Password Manager should register the application or web site. The application or web site is not already saved in your password list. 1. 2. Start the application or web site. When the Password Manager dialog appears, choose the Never Register pushbutton.
The application or web site appears on the Ignored Applications and Web Sites list. To view the list, choose Advanced Ignored Applications and Websites .
3.2.6 Adding Additional Passwords for an Existing Application or Web Site

You already have a password configured for an application or web site. You want to be able to log on with another account. Perhaps you have an account for work and an account for private use or you share this computer with another person. You know your user name and password for the web site or application.
18
PUBLIC
1. 2. 3. 4.
Start Password Manager. Choose Passwords. Choose the New pushbutton. Enter the required data. Required fields indicated by an asterisk (*).
5. 6. 7.
Choose
(Add application).
Select a registered application or website and choose the Add pushbutton. Save your entries.
The application or web site now has more than one password registered by Password Manager. Password Manager enters the default password, when you open the application or web site. To prevent Password Manager from logging you on automatically, disable automatic log on. For applications you can enable a multiple password dialog. Related Links
Working With Multiple Passwords for the Same Application or Web Site [page 20] You share access to a single computer with one or more people, such as your coworkers. Or you have multiple accounts for the same web site; one for private use and one for business. In both cases you have multiple passwords for the same application or web site. Enabling the Multiple Password Selection for Applications [page 27] If you have multiple passwords for a single application, you can configure Password Manager to offer a list of passwords to log on with. Password Attributes [page 34] The following table describes the attributes for passwords.
3.2.6.1 Changing the Default Password for an Application or Web Site

When you have multiple passwords for the same Windows application or web site, the last password you created for the application or web site is automatically the default password. Password Manager attempts to log on with the default password first. You have multiple passwords for the same application or web site. 1. 2. 3. 4. 5. 6. Start Password Manager. Choose Passwords. Select the password that is not the default password. Choose (Show and hide details of this application).
Select the Default Password checkbox. Save your entries.
Related Links
Working With Multiple Passwords for the Same Application or Web Site [page 20] You share access to a single computer with one or more people, such as your coworkers. Or you have multiple accounts for the same web site; one for private use and one for business. In both cases you have multiple passwords for the same application or web site.
PUBLIC
19
3.2.6.2
Choosing Between Multiple Passwords for Web Sites
You have multiple passwords for a web site. By default, Password Manager automatically logs you on with the default password for that web site. You want to decide which one you log on with. 1. 2. 3. You are using a web browser that supports the SAP NetWeaver Single Sign-On Password Manager toolbar. You installed the SAP NetWeaver Single Sign-On Password Manager toolbar for your web browser during installation. You display the SAP NetWeaver Single Sign-On Password Manager toolbar in your web browser. You have disabled automatic logon for your web browser. Open the web site in your web browser. From the SAP NetWeaver Single Sign-On toolbar, choose Passwords. Select a password.
Related Links
Working With Multiple Passwords for the Same Application or Web Site [page 20] You share access to a single computer with one or more people, such as your coworkers. Or you have multiple accounts for the same web site; one for private use and one for business. In both cases you have multiple passwords for the same application or web site. Disabling Automatic Logon to Web Sites [page 15] You do not want Password Manager to automatically you log on to web sites. This gives you a chance to select from multiple passwords you have saved for the web site.
3.2.6.3 Working With Multiple Passwords for the Same Application or Web Site
You share access to a single computer with one or more people, such as your coworkers. Or you have multiple accounts for the same web site; one for private use and one for business. In both cases you have multiple passwords for the same application or web site.
Caution
If you share the same computer account with multiple people, do not create password entries for applications or web sites that you do not want others to see. Password Manager does not have any way to protect these applications or web sites from others sharing your computer account. If you have passwords to accounts others should not see, we recommend you install Password Manager in a separate computer account or separate computer to which only you have access. Related Links
Disabling Automatic Logon to Web Sites [page 15] You do not want Password Manager to automatically you log on to web sites. This gives you a chance to select from multiple passwords you have saved for the web site. Disabling Automatic Logon for Applications [page 26] By default Password Manager logs you on to Windows applications for which you have registered a password as soon as the logon screen apears. You can disable automatic log on. Password Manager then enters the user name and password as appropriate, but does not submit the information to the application. You decide when to submit
20
the logon data. Use this function when you have multiple accounts for the application and you want to be able to enter an alternative user name and password.
Changing the Default Password for an Application or Web Site [page 19] When you have multiple passwords for the same Windows application or web site, the last password you created for the application or web site is automatically the default password. Password Manager attempts to log on with the default password first. Adding Additional Passwords for an Existing Application or Web Site [page 18] You already have a password configured for an application or web site. You want to be able to log on with another account. Perhaps you have an account for work and an account for private use or you share this computer with another person.
3.2.7
Logging On With Drag and Drop Passwords
There are thousands of ways that applications and web sites can implement log on. Password Manager can automatically log on to many of them, but not all. You have added a password which allows drag & drop. You have opened the application or web site to which you want to log on.
To make log on easier to the applications and web sites for which Password Manager cannot use automatic log on, use Drag & Drop Passwords. 1. In the context menu of the Password Manager icon ( Drag & Drop Passwords. ) in the notification area of the task bar, choose Open
Note
Your system administrator can disable this function in the policy files. If the icon is not does not appear or you cannot enable the menu item, contact your system administrator. 2. From the Drag & Drop Passwords dialog box, drag the relevant key icons to the relevant fields on application or web site. Table 3: Controls for Drag & Drop Passwords Icon Name User Name & Password Use From the Drag & Drop Passwords dialog box, drag the relevant key icons to the relevant fields on application or web site. Use this icon to enter only the user name in a field. Use this icon to enter only the password in a field.
User Name
Password
Related Links
Adding Additional Passwords for an Existing Application or Web Site [page 18]
PUBLIC
21
You already have a password configured for an application or web site. You want to be able to log on with another account. Perhaps you have an account for work and an account for private use or you share this computer with another person.
Password Attributes [page 34] The following table describes the attributes for passwords.
3.2.8
Password Policies
Password Manager uses password policies to regulate what kind of passwords you can use. Use password policies to ensure you create safe passwords. With the password policy you define how long or short the password can be, what special characters you can use, whether numbers are required, and other settings. A good password policy means that Password Manager generates safe passwords. A bad password policy results in passwords that are easy to guess. Password Manager checks passwords against password policies in the following instances: You use Password Manager to generate a password for an application or web site. Password Manager automatically generates a new password for an expired password of an application. Automatic password generation is disabled by default. You must enable this feature to use it.
Note
Password Manager cannot automatically generate new passwords for expired passwords of web sites. Applications and web sites can have their own password policies. When you use Password Manager to generate passwords for these applications and web sites, ensure that your password policy of the Password Manager matches the policy of the application or web site. For example, if you have a password policy that requires numbers (0-9), but the application or web site does not allow numbers in passwords then you will get an error from the application or web site.
Tip
We recommend that you try and match the security policy of the application or web site as much as possible. Related Links
Adding Password Policies [page 22] Password Manager uses password policies to define the rules for generating passwords. Adding Password Policies to Applications [page 23] To enable Password Manager to generate new passwords to replace the expired passwords of applications, ensure that Password Manager has an appropriate password policy assigned. Only then can Password Manager automatically generate passwords that will be accepted by your application.
3.2.8.1
Adding Password Policies
Password Manager uses password policies to define the rules for generating passwords.
22
PUBLIC
1. 2. 3. 4.
Start Password Manager. Choose Advanced Password Policies .
Choose the New pushbutton. Enter the required data. Required fields indicated by an asterisk (*).
5.
Save your entries.
The password policy appears in the list of password policies. Related Links
Password Policy Attributes [page 35] The following table describes the attributes for password policies.
3.2.8.2
Adding Password Policies to Applications
To enable Password Manager to generate new passwords to replace the expired passwords of applications, ensure that Password Manager has an appropriate password policy assigned. Only then can Password Manager automatically generate passwords that will be accepted by your application. 1. 2. 3. 4. 5. 6. You have created a password entry for your application. You have created a password policy that matches the password policy of your application. Start Password Manager. Choose Passwords. Choose an application (not web site). Choose (Show and hide details of this application).
Enter a password policy. Save your entries.
Related Links
Enabling Automatic Change of Passwords for Applications [page 27] The security policies of some applications require you to periodically change your password. Applications do this to limit the amount of time someone can misuse your account. Password Manager can change your password for you automatically.
3.3
Adding Credit Card Information
Use Password Manager to store your credit card information on your computer. Once stored on your computer, you no longer need to pull out your wallet to look up your credit card information. Storing your credit card information on your computer also provides you a backup of your credit card information, should you ever lose your credit card.
Note
PUBLIC
23
Password Manager stores your information in an encrypted format, protected by the master password of the Password Manager. 1. 2. 3. 4. 5. Start Password Manager. Choose Credit Cards. Choose the New pushbutton. Enter the required data. Required fields indicated by an asterisk (*). Save your entries.
Related Links
Credit Card Attributes [page 36] The following table describes the attributes for credit cards.
3.4
Adding Identities
Add identities so that you can remember private information about yourself or other people.
Note
Password Manager stores your information in an encrypted format, protected by the master password of the Password Manager. 1. 2. 3. 4. 5. Start Password Manager. Choose Identities. Choose the New pushbutton. Enter the required data. Required fields indicated by an asterisk (*). Save your entries.
Related Links
Identity Attributes [page 37] The following table describes the attributes for identities.
3.5
Adding Notes
Use Password Manager to save private text messages.
Note
Password Manager stores your information in an encrypted format, protected by the master password of the Password Manager.
24
1. 2. 3. 4. 5.
Start Password Manager. Choose Notes. Choose the New pushbutton. Enter the required data. Required fields indicated by an asterisk (*). Save your entries.
Related Links
Note Attributes [page 38] The following table describes the attributes for notes.
3.6
Disabling Password Manager
You want to stop all functions of the Password Manager. You do not want Password Manager to learn new passwords or log you on automatically to any applications or web sites. In the context menu of the Password Manager icon ( Password Manager. ) in the notification area of the task bar, choose Disable
Note
Your system administrator can disable this function in the policy files. If the icon is not does not appear or you cannot enable the menu item, contact your system administrator.
3.7
Advanced Settings
The advanced settings are either one time configurations that change the behavior of Password Manager or emergency recovery operations. Related Links
Application Settings [page 26] Application settings determine the behavior of Password Manager during logon to Windows applications. Master Password [page 28] When you install Password Manager, Password Manager creates a key from the master password you enter. Password Manager uses this key to encrypt and decrypt the data that Password Manager saves, such as passwords for applications and web sites, credit card information, identity information, and notes. Importing Password Manager Data [page 30] Use this procedure to import your password data from another computer, where you are using SAP NetWeaver Single Sign-On Password Manager or to restore a backup of your password data. Exporting Password Manager Data [page 30] Use this procedure to copy your password data to another computer, where you are using SAP NetWeaver Single Sign-On Password Manager or to create a backup of your password data.
PUBLIC
25
Setting the Default Web Browser [page 31] From the list of passwords you can directly launch the relevant web sites. Which web browser Password Manager opens depends on what you have set as the default browser. Enabling Automatic Logon to Password Manager [page 31] You can log on to Password Manager automatically when you log on to your Windows session by enabling this feature.
3.7.1
Application Settings
Application settings determine the behavior of Password Manager during logon to Windows applications. Related Links
Disabling Automatic Logon for Applications [page 26] By default Password Manager logs you on to Windows applications for which you have registered a password as soon as the logon screen apears. You can disable automatic log on. Password Manager then enters the user name and password as appropriate, but does not submit the information to the application. You decide when to submit the logon data. Use this function when you have multiple accounts for the application and you want to be able to enter an alternative user name and password. Enabling the Multiple Password Selection for Applications [page 27] If you have multiple passwords for a single application, you can configure Password Manager to offer a list of passwords to log on with. Enabling Automatic Change of Passwords for Applications [page 27] The security policies of some applications require you to periodically change your password. Applications do this to limit the amount of time someone can misuse your account. Password Manager can change your password for you automatically.
3.7.1.1
Disabling Automatic Logon for Applications
By default Password Manager logs you on to Windows applications for which you have registered a password as soon as the logon screen apears. You can disable automatic log on. Password Manager then enters the user name and password as appropriate, but does not submit the information to the application. You decide when to submit the logon data. Use this function when you have multiple accounts for the application and you want to be able to enter an alternative user name and password. You have added a password entry for an application registered the change password screen of the application in Password Manager. 1. 2. 3. 4. Start Password Manager. Choose Advanced Settings .
Clear the Enable automatic logon for Windows applications checkbox. Save your entries.
Related Links
Working With Multiple Passwords for the Same Application or Web Site [page 20]
26
You share access to a single computer with one or more people, such as your coworkers. Or you have multiple accounts for the same web site; one for private use and one for business. In both cases you have multiple passwords for the same application or web site.
Enabling the Multiple Password Selection for Applications [page 27] If you have multiple passwords for a single application, you can configure Password Manager to offer a list of passwords to log on with.
3.7.1.2 Enabling the Multiple Password Selection for Applications

If you have multiple passwords for a single application, you can configure Password Manager to offer a list of passwords to log on with. 1. 2. 3. 4. Start Password Manager. Choose Advanced Settings .
Select the Show multiple passwords dialog checkbox. Save your entries.
The next time you start a Windows application for which you have multiple passwords saved in Password Manager, Password Manager offers you a choice of which password to log on with. Related Links
Working With Multiple Passwords for the Same Application or Web Site [page 20] You share access to a single computer with one or more people, such as your coworkers. Or you have multiple accounts for the same web site; one for private use and one for business. In both cases you have multiple passwords for the same application or web site. Adding Additional Passwords for an Existing Application or Web Site [page 18] You already have a password configured for an application or web site. You want to be able to log on with another account. Perhaps you have an account for work and an account for private use or you share this computer with another person.
3.7.1.3 Enabling Automatic Change of Passwords for Applications

The security policies of some applications require you to periodically change your password. Applications do this to limit the amount of time someone can misuse your account. Password Manager can change your password for you automatically. You have added a password entry for an application registered the change password screen of the application in Password Manager.
Note
Password Manager can only automatically change your passwords for application, not web sites.
PUBLIC
27
When Password Manager generates new passwords for you, Password Manager uses the password policy that you assigned to the application. If you have not assigned a password policy, Password Manager uses the default password policy. 1. 2. 3. 4. Start Password Manager. Choose Advanced Settings .
Select the Change my password automatically when required checkbox. Determine if you want to be notified when Password Manager changes the password. To enable notification, select the Notify me about password changes checkbox. When enabled, Password Manager displays a dialog box informing you that it has changed your password.
5.
Save your entries.
Related Links
Adding Password Policies to Applications [page 23] To enable Password Manager to generate new passwords to replace the expired passwords of applications, ensure that Password Manager has an appropriate password policy assigned. Only then can Password Manager automatically generate passwords that will be accepted by your application.
3.7.2
Master Password
When you install Password Manager, Password Manager creates a key from the master password you enter. Password Manager uses this key to encrypt and decrypt the data that Password Manager saves, such as passwords for applications and web sites, credit card information, identity information, and notes.
Caution
Use a strong password. If someone can open your Password Manager and guess your master password, that person has access to all the other passwords and information that you have saved. You can find plenty of advice on how to create strong passwords on the Internet. Password Manager uses the master password to protect some functions. Starting Password Manager Viewing or changing passwords Change or resetting the master password Exporting your data to a file
Note
You need the master password used to save the file to import that data back into Password Manager. You can configure Microsoft Windows to log you on automatically to Password Manager during your Windows logon. When Password Manager requests your master password, you have 3 chances to enter the password correctly. If you fail, Password Manager deletes the key it used to encrypt your data. If you forget the master password, you can reset the master password and regenerate the key with the security question and answer.
28
PUBLIC
Related Links
Changing the Master Password [page 29] We recommend that you periodically change the master password to limit the time someone can compromise your account. If you forget the master password, you can use the security question to reset it. Changing the Security Question [page 29] Password Manager uses the security question to reset the master password. Resetting the Master Password [page 30] You need the master password to start Password Manager and to carry out some of its more important functions. If you forget the master password, use this procedure to reset it.
3.7.2.1
Changing the Master Password
We recommend that you periodically change the master password to limit the time someone can compromise your account. If you forget the master password, you can use the security question to reset it. You know the current master password. 1. 2. 3. 4. 5. 6. Start Password Manager. Choose Advanced Settings .
Under Master Password, choose Password Options. Choose the Change Master Password pushbutton. Enter data as required. Save your entries.
Related Links
Resetting the Master Password [page 30] You need the master password to start Password Manager and to carry out some of its more important functions. If you forget the master password, use this procedure to reset it.
3.7.2.2
Changing the Security Question
Password Manager uses the security question to reset the master password. You know the master password. 1. 2. 3. 4. 5. 6. Start Password Manager. Choose Advanced Settings .
Under Master Password, choose Password Options. Choose the Change Security Question for Resetting Master Password pushbutton. Enter data as required. Save your entries.
PUBLIC
29
3.7.2.3
Resetting the Master Password
You need the master password to start Password Manager and to carry out some of its more important functions. If you forget the master password, use this procedure to reset it. You know the security question and answer. 1. 2. 3. 4. 5. 6. Start Password Manager. Choose Advanced Settings .
Under Master Password, choose Password Options. Choose the Reset Master Password pushbutton. Enter data as required. Save your entries.
3.7.3
Importing Password Manager Data
Use this procedure to import your password data from another computer, where you are using SAP NetWeaver Single Sign-On Password Manager or to restore a backup of your password data. You have a password data file from Password Manager. You know the master password used to encrypt the password data file.
Caution
Password Manager overwrites any entries, for example passwords, notes, identities, and credit cards, with the same description. 1. 2. 3. 4. 5. Start Password Manager. Choose Advanced Settings .
Choose the Import Storage File pushbutton. Enter a file name and path. Enter the master password used to export the file.
3.7.4
Exporting Password Manager Data
Use this procedure to copy your password data to another computer, where you are using SAP NetWeaver Single Sign-On Password Manager or to create a backup of your password data. 1. 2. 3. 4. 5. Start Password Manager. Choose Advanced Settings .
Choose the Export Storage File pushbutton. Enter a file name and location. Enter the master password for Password Manager.
30
Password Manager saves the file with the *.sso extension in an encrypted format.
Caution
When you import this file back into Password Manager, you must have the master password with which you saved this file. Otherwise you cannot recover this information.
3.7.5
Setting the Default Web Browser
From the list of passwords you can directly launch the relevant web sites. Which web browser Password Manager opens depends on what you have set as the default browser. 1. 2. 3. 4. Start Password Manager. Choose Advanced Settings .
Choose a default web browser. Save your entries.
3.7.6
Enabling Automatic Logon to Password Manager
You can log on to Password Manager automatically when you log on to your Windows session by enabling this feature.
Caution
Do not enable this feature unless you protect your Microsoft Windows account with a strong password or similar logon method. By default you must enter the master password when you start Password Manager. This is a security measure taken to ensure that no one but you can start your computer and automatically have access to a list applications or web sites with the passwords. Such a person cannot view your passwords, because Password Manager requires the master password to show passwords, but the person could connect to a web site, such as your online banking web site, and view your data. 1. 2. Start Password Manager. In the context menu of the Password Manager icon ( Password Options. ) in the notification area of the task bar, choose
Note
Your system administrator can disable this function in the group policy files. If the icon is not does not appear, contact your system administrator. 3. Choose the Enable Automatic Logon to SSO Password Manager pushbutton.
The next time you log on to your Microsoft Windows account, you also log on to Password Manager automatically.
PUBLIC
31
3.8
Troubleshooting
If an errors occur while using Password Manager, troubleshooting provides your first clues to fixing problems yourself. If you cannot solve the problem yourself, contact your system administrator. Table 4: SSO is not working for my registered web site Reason or Action The password is on the list of ignored web sites. Web detection is disabled. Description or Solution
Ignoring Applications and Web Sites [page 18] Disabling Detection of New Passwords for Web Sites [page 15] Disabling Password Manager [page 25] Logging On With Drag and Drop Passwords [page 21]
Password Manager is disabled. Try logging on with drag and drop.
Table 5: Password Manager does not recognize the login dialog or the change password dialog of my Windows application Reason or Action Detection of new passwords is disabled. Description or Solution
Disabling Detection of New Passwords for Applications [page 16]

1. In the context menu of the Password Manager icon ( ) in the notification area of the task bar, choose Register New Application. 2. Follow the onscreen instructions.
Start Password Manager Learning Wizard manually.
The Windows application runs at a higher integrity level This is part of the security architecture of Microsoft than Password Manager (medium) according to the Windows. You cannot use Password Manager for this Windows Integrity Mechanism. application. Microsoft provides a tool to check if an application runs at a higher integrity level on its web site. Download and install the Process Explorer from Microsoft to determine if the application has a higher integrity level. Table 6: Drag and Drop data from Password Manager to an application and nothing happens Reason or Action Description or Solution
The Windows application runs at a higher integrity level This is part of the security architecture of Microsoft than Password Manager (medium) according to the Windows. You cannot use Password Manager for this Windows Integrity Mechanism. application. Microsoft provides a tool to check if an application runs at a higher integrity level on its web site. Download and install the Process Explorer from
32
PUBLIC
Reason or Action
Description or Solution Microsoft to determine if the application has a higher integrity level.
3.8.1
Auditing and Logging for Password Manager
To troubleshoot or log user activities, enable the user activity trace for Password Manager. You have administrator rights on your computer. Password Manager uses the logging function of the Secure Login Client to record user activity. 1. 2. Enable the Password Manager user activity trace and log option of the Password Manager group policy file. Restart your computer.
View the logs in a text editor at <%AppData%>\Local\SAP\SecureLogin\Traces. Related Links
Security Relevant Logging and Tracing [page 48] The Secure Login Client for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) logs security relevant events on the client. The tables below list the relevant security events. Secure Login for SAP NetWeaver Single Sign-On on SAP Help Portal
3.9
Appendix
Use the reference information to understand how to create passwords, identities, and such in Password Manager or understand the configuration options. Related Links
Password Attributes [page 34] The following table describes the attributes for passwords. Password Policy Attributes [page 35] The following table describes the attributes for password policies. Credit Card Attributes [page 36] The following table describes the attributes for credit cards. Identity Attributes [page 37] The following table describes the attributes for identities. Note Attributes [page 38] The following table describes the attributes for notes.
PUBLIC
33
3.9.1
Password Attributes
The following table describes the attributes for passwords. Table 7: Passwords Attributes Name <Description> Description Enter a unique name or title for this password entry. Required entry. There are thousands of ways that applications and web sites can implement log on. Password Manager can automatically log on to many of them, but not all. To make log on easier to the applications and web sites for which Password Manager cannot use automatic log on, select the Allow Drag&Drop checkbox. Use Drag & Drop Passwords to log on. Some applications or web sites also require that you end the user name and password with a simulated keystroke. You define that keystroke in the fields that follow User Name and Password. Default value is No key. <User Name> Enter the name you use to log on to the application or web site. Required entry. Enter the password that you use to log on to the application or web site. The password must satisfy the password policy of Password Manager and the policy of the web site or application. Required entry. To ensure that you have entered the password correctly, Password Manager requires you to enter the password a second time. Required entry. The optional fields for additional parameters other than user name and password.
<Allow Drag&Drop>
<Password>
<Confirm Password>
<Password Parameter 1> <Password Parameter 2> <Password Parameter 3> <Application/Web Site>
This field displays the name of the application or web site that uses this password.
Related Links
Password Policies [page 22] Password Manager uses password policies to regulate what kind of passwords you can use. Use password policies to ensure you create safe passwords. Logging On With Drag and Drop Passwords [page 21]
34
There are thousands of ways that applications and web sites can implement log on. Password Manager can automatically log on to many of them, but not all.
3.9.2
Password Policy Attributes
The following table describes the attributes for password policies. Table 8: Password Policy Attributes Name <Description> Description Enter a unique name or title for this policy entry. Required entry. Determines the minimum and maximum length of generated passwords. Default value is a minimum length of 6 characters and a maximum length of 8 characters. Determines if uppercase characters are allowed, required, or forbidden. If you choose Required, set the minimum number of characters that must be uppercase. Uppercase characters are allowed by default. <Lowercase Characters (a-z)> Determines if lowercase characters are allowed, required, or forbidden. If you choose Required, set the minimum number of characters that must be lowercase. Lowercase characters are allowed by default. <Numbers (0-9)> Determines if numbers are allowed, required, or forbidden. If you choose Required, set the minimum number of numbers that must be included. Numbers are allowed by default. <Special Characters> Determines if special characters are allowed, required, or forbidden. If you choose Required, set the minimum number of special characters that must be included. Special characters are allowed by default. <Allowed Special Characters> The number of possible special characters is quite large. This attribute determines, which special characters are allowed. The list of default characters is !@#$%^&*()_-+=?><,./:;'~`|{}[]. Enable this attribute to only allow passwords that start with an upper case character.
<Password Length>
<Uppercase Characters (A-Z)>
<Must Start with an Uppercase Character>
PUBLIC
35
Name < Allow Sequential Characters (123abc)>
Description Enable this attribute to allow passwords that contain a sequence of ASCII characters, such as 1234 and ABCD. Enable this attribute to allow passwords that contain a duplicate characters in the password. For example, ACDA contains duplicate characters and ACDa does not. Enable this attribute to allow passwords that contain a repeated characters- For example, AA19zx contains repeated characters and A19zxA does not.
<Allow Duplicate Characters (abcabc)>
<Allow Repeated Characters (aabbcc)>
Related Links
Password Policies [page 22] Password Manager uses password policies to regulate what kind of passwords you can use. Use password policies to ensure you create safe passwords.
3.9.3
Credit Card Attributes
The following table describes the attributes for credit cards. Table 9: Credit Card Attributes Name <Description> Description Enter a unique name for this credit card. Required entry. Enter the type of credit card: American Express, Diners Club, Discover, JCB, Master Card, VISA. Name of person to the credit card is issued. Required entry. Bank identification number. Required entry. The month and year that the credit card expires. Use the format MM/YYYY. Required entry. Enter the three to four-digit number located on the back of the card to help prevent credit card fraud when using the card on the Internet. Required entry. Telephone number of the service organization for the credit card company.
<Card Type>
<Card Holder>
<Card Number> <Valid Thru>
<Security Code>
<Service Phone>
36
Name <Additional Code>
Description Enter any additional codes that appear on the back of the credit card. Enter the web site of the service organization for the credit card company. Free text field for any additonal information. Free text field for any comments about this credit card.
<Service URL>
<Additional Info> <Comments> Related Links
Credit Card Attributes [page 36] The following table describes the attributes for credit cards.
3.9.4
Identity Attributes
The following table describes the attributes for identities. Table 10: Identity Attributes Name <Description> <E-Mail Address> <First Name> <Last Name> <Date of Birth> Description Enter a unique name for this identity. Required entry. Enter an e-mail address. Required entry. Required entry. Enter when the person was born. Use the format DD/MM/YYYY. Name of the company the person works for. First line of the person's mailing address. Second line of the person's mailing address. Self-explanatory. State or province. ZIP or postal code. Self-explanatory.
<Company> <Address 1> <Address 2> <City> <State> <Zip> <Country>
PUBLIC
37
Name <Phone> <Mobile> <Fax> <Web Site> <Comments> Related Links
Description Self-explanatory. Mobile or cell phone number. Self-explanatory. Enter the personal web site of the person. A free text field for your comments.
Adding Identities [page 24] Add identities so that you can remember private information about yourself or other people.
3.9.5
Note Attributes
The following table describes the attributes for notes. Table 11: Note Attributes Name <Description> <Comments> Related Links Description Enter a unique name or title for your note. Required entry. Enter the text of your note.
Adding Notes [page 24] Use Password Manager to save private text messages.
38
PUBLIC
Password Manager Admininstrator Guide
System administrators use these functions to configure Password Manager for all users in a Windows domain. Related Links
Options of the Password Manager Group Policy File [page 41] The policy file for Password Manager enables you to control the configuration options of Password Manager. You can distribute the policy file to all workstations in your Microsoft Windows domain. Configuring Policy Files for Password Manager [page 40] Use this procedure to set the configuration settings of Password Manager for all Microsoft Windows systems in your network. Distributing Applications, Web Sites, and Password Policies to Users [page 39] You want to preconfigure installations of Password Manager for users in your network with specific applications, web sites, and password policies. Create a dummy installation and define the data you want to distribute. Then distribute this data in your Windows landscape.
4.1 Distributing Applications, Web Sites, and Password Policies to Users

You want to preconfigure installations of Password Manager for users in your network with specific applications, web sites, and password policies. Create a dummy installation and define the data you want to distribute. Then distribute this data in your Windows landscape. You have a dummy installation to create content to distribute. You have administrator rights in your network to distribute and overwrite business user data. You know the domain and user ID of your business users.
You can distribute the following Password Manager data to users in your network: Application information Web site information Ignored applications and webs sites Password policies
Distributing this data ensures that all users in your network have a common starting point.
Caution
When you distribute data, you overwrite the any existing data the user has configured. We recommend that you only distribute data to business users, whose accounts or Password Manager configurations are in an initial state. 1. 2. Create a dummy installation of Password Manager. Add passwords for applications and web sites, ignored applications and web sites, and password policies.
Note
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Password Manager Admininstrator Guide
PUBLIC
39
Although you are adding passwords to your dummy installation, this procedure does not copy user ID and password data. The user ID and passwords that you enter do not need to function, but you can use real password data to test that you have set up the information correctly. 3. Copy the data files from your dummy installation. The data files are named as follows: <domain>_<user ID>_APP.xml <domain>_<user ID>_PLC.xml
The files are located at <%APPDATA%>\SAP\signon\AppInfo 4. Distribute and rename files in the network to fit the location and naming convention described in the previous step.
Once distributed, business users should restart their Password Manager application. After restart, users can add passwords to the applications and web sites in the new files. Related Links
Adding Additional Passwords for an Existing Application or Web Site [page 18] You already have a password configured for an application or web site. You want to be able to log on with another account. Perhaps you have an account for work and an account for private use or you share this computer with another person. Password Policies [page 22] Password Manager uses password policies to regulate what kind of passwords you can use. Use password policies to ensure you create safe passwords. Ignoring Applications and Web Sites [page 18] Use this procedure if you have applications or web sites for which you do not want Password Manager to ask you, if Password Manager should register the application or web site.
4.2
Configuring Policy Files for Password Manager
Use this procedure to set the configuration settings of Password Manager for all Microsoft Windows systems in your network. You must work with the administrator of your Windows domain. This procedure uses the standard tools for managing policies in Microsoft Windows. For more information, refer to the relevant Microsoft documentation. Work with your Microsoft Windows domain administrator to prepare and configure the policy file. <package path>\SAPSetupESC\ESC\ADM\PasswordManager.adm Depending on the tool you use, the template appears under Administrative Templates (ADM) SAP AG Administrative Template Classic
Password Manager .
Have your domain administrator import the file into the Windows domain and allow the policy file to be distributed to the domain users. Related Links
Password Manager Options [page 41]
40
PUBLIC
Soft Token Settings [page 43] The password store settings configure the minimum length of the answers to the security question and the master password. It also sets the location of the password storage file. Terminal Emulator Host Configuration [page 44]
4.3
Options of the Password Manager Group Policy File
The policy file for Password Manager enables you to control the configuration options of Password Manager. You can distribute the policy file to all workstations in your Microsoft Windows domain. Related Links
Password Manager Options [page 41] Soft Token Settings [page 43] The password store settings configure the minimum length of the answers to the security question and the master password. It also sets the location of the password storage file. Terminal Emulator Host Configuration [page 44] Configuring Policy Files for Password Manager [page 40] Use this procedure to set the configuration settings of Password Manager for all Microsoft Windows systems in your network.
4.3.1
Password Manager Options
Table 12: Password Manager Options Option <Disable Password Manager Wizard> Description Enable this option to prevent Password Manager from detecting and adding new passwords for Windows applications. Enabling this option also prevents single sign-on to Windows applications. Enabling this option has no effect on single sign-on or learning passwords for web sites. Determines the speed with which Password Manager sends character to the destination window during a drag and drop operation. Some applications, such as terminal service clients on slow bandwidth connections, need a slower send speed to guarantee that all characters reach the destination. For such applications increase the interval in this setting. The default value is 40 ms.
<Interval between characters in ms>
PUBLIC
41
Option
Description During a drag and drop operation, Password Manager sends a character KeyDown, then waits half the latency period until Password Manager sends a KeyUp. Then Password Managerwaits the second half of the latency period until Password Manager sends the next character KeyDown.
<Pre-erase Drag Drop destination fields>
Enable this option to have Password Managererase the content of a destination field before it inserts drag and drop content into the field. Some application supply sample text in these fields. Enabling this option ensures that all the sample text is removed before Password Manager enters the Drag & Drop data. Otherwise users can drop their credentials in the middle of the sample text.
<Password Manager trace and log>
Only enable this option at the request of SAP Support. The trace provides additional information for the localization of problems. Enable this option to log user activities to the logs of the Secure Login Client for SAP NetWeaver Single Sign-On. For more information, see Auditing and Logging for Password Manager [page 33].
<Password Manager user activity trace and log>
<Hide Password Manager taskbar context menu>
Enable this option to hide the Password Manager icon of the notification area of the task bar. If enabled, users cannot do the following: Enable or disable automatic logon to Password Manager Log on with Drag & Drop passwords Enable or disable detection of new passwords for applications. Enable or disable Password Manager
<Disable auto-registration and single sign-on>
Enable this option to disable the recognition of unregistered Windows applications and web sites. This option also disables single sign-on to registered Windows applications and web sites. You can still edit entries in Password Manager.
<Disable Password Manager Learning Wizard> Enable this option to prevent Password Manager from detecting and adding new passwords for Windows applications. Disabling the Password Manager Learning
42
Option
Description Wizard has no effect on single sign-on or learning passwords for web sites.
<Disable Drag & Drop passwords submenu>
Enable this function to disable the Open Drag & Drop Passwords menu item in the context menu of the notification area of the task bar for Password Manager. Some security policies do not allow drag & drop methods, since it can be considered an open means of transmitting the password. Drag & drop uses SendKey, which can be considered unsafe.
<Online help URL>
Determines the URL used for the online help. If your security policy does not allow you to access the default URL on SAP Help Portal, you can download the online help and access from a local file share. Or you can write your own custom online help that supports the features you have enabled.
Related Links
Configuring Policy Files for Password Manager [page 40] Use this procedure to set the configuration settings of Password Manager for all Microsoft Windows systems in your network.
4.3.2
Soft Token Settings
The password store settings configure the minimum length of the answers to the security question and the master password. It also sets the location of the password storage file. These options are divided between the following settings: Minimum character of answer or password string Password store path
Table 13: Options for Password Store Option <Minimum character of answer> Description Determines the minimum length of an answer to a security question for resetting the master password. Default value is 8. The value range is from 8-125. Determines the minimum length of the master password. The default value is 8. The value ranges from 8-20. Determines the path to folder where Password Manager stores the password files. The default value or
<Minimum character of password>
<Password store path>
PUBLIC
43
Option
Description the value used if there is no configuration is < %APPDATA%>\SAP\signon\Softtoken.
Restriction
Every user requires read and write access to this folder. Choose a network or local folder depending on your security and backup policies.
Related Links
4.3.3
Terminal Emulator Host Configuration
You can configure up to five terminal emulator hosts under the following options: Configure the first host Configure the second host Configure the third host Configure the fourth host Configure the fifth host
Table 14: Options for Terminal Emulator Host Configuration Option <Hostname or IP:> <The string to detect Username:> Description The host name or IP address of the host to connect to. The title of the user name field. This string must be the same as the label of the field in which the user enters his or her user name for the host machine. The title of the password field. This string must be the same as the label of the field in which the user enters his or her password for the host machine. The key a user enters after he or she enters his or her user name. For example, If the user enters the Enter key after entering his or her user name, enter {ENTER}. If the user enters the Tab after entering his or her user name, enter {Tab}.
<The string to detect Password:>
<Control key after Username:>
44
Option <Control key after Password:>
Description The key a user enters after he or she enters his or her password. For example, If the user enters the Enter key after entering his or her password, enter {ENTER}. If the user enters the Tab after entering his or her password, enter {Tab}.
<MaxLength of Username field:>
The maximum number of characters a user can enter into the user name field. The maximum number of characters a user can enter into the password field.
<MaxLength of Password field:>
Related Links
PUBLIC
45
Password Manager Security Guide
The security guide provides an overview of the security-relevant information that applies to Password Manager. Related Links
Technical System Landscape [page 46] The following figure shows an overview of the technical system landscape for the Password Manager. Data Storage Security [page 47] Password Manager stores private data. Password Security [page 48] Password manager stores and manipulates password, which are the keys to your identity and data in a computer network. Handle this data with utmost care. Security Relevant Logging and Tracing [page 48] The Secure Login Client for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) logs security relevant events on the client. The tables below list the relevant security events.
5.1
Technical System Landscape
The following figure shows an overview of the technical system landscape for the Password Manager.
46
PUBLIC
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Password Manager Security Guide
Figure 1: Technical System Landscape of Password Manager
Password Manager resides on a Windows PC. When the user access applications, web sites, or terminal emulators, Password Manager can recognize the access and capture or provide credentials for single sign-on. Password Manager stores the credentials in an encrypted file, labeled here Password Store.
5.2
Data Storage Security
Password Manager stores private data. The user's private data is encrypted with a private key generated from a master password entered by the user during initial configuration of the client installation. The user has full control over this data and can delete it with the Password Manager application. By default, Password Manager stores credential data locally. The default directory is in the user-specific directory of the Users folder of Microsoft Windows operating system. The operating system protects this folder from unauthorized access. You can configure Password Manager to store user data in a network location. You must ensure that the network configuration restricts access to the user who owns the data. The option <Password store path> of the Password Manager policy file controls this configuration. Whether local or at a network location, ensure that the files at the storage location are backed up regularly.
PUBLIC
47
Related Links
5.3
Password Security
Password manager stores and manipulates password, which are the keys to your identity and data in a computer network. Handle this data with utmost care. Always use the strongest possible passwords, especially for your master password. Your master password protects all other passwords you store with Password Manager. As system administrator, you can define the minimum length of the master password in the group policy files. For other passwords, you can define password policies appropriate to the sensitivity of the application or web site you access. You can cause Password Manager to display passwords in plain text. Use this feature sparingly and always check that no one can view your screen while you do. Be careful how you use the drag & drop feature. If you drag & drop your user ID and password into a text editor, the stystem reveals the password in plain text. Similarly, the terminal emulator function uses the SendKey method. Related Links
Soft Token Settings [page 43] The password store settings configure the minimum length of the answers to the security question and the master password. It also sets the location of the password storage file. Password Policies [page 22] Password Manager uses password policies to regulate what kind of passwords you can use. Use password policies to ensure you create safe passwords. Displaying Passwords [page 17] You can display the password you set for an application or web site. Logging On With Drag and Drop Passwords [page 21] There are thousands of ways that applications and web sites can implement log on. Password Manager can automatically log on to many of them, but not all.
5.4
Security Relevant Logging and Tracing
The Secure Login Client for SAP NetWeaver Single Sign-On (SAP NetWeaver SSO) logs security relevant events on the client. The tables below list the relevant security events.
48
Table 15: Security Events of Password Manager Event Register new application or web site Description Log application name, password processing information, and register application processing information Log application name, password (except password entry information) and login processing information Log application name, and change password processing information Log new entry information Log removed entry information Log updated entry information Log success or error code Log success or error code Log success or error code Log status change
Log on to application or web site
Change password for application
Add new password, identity, credit card, or notes Remove password, identity, credit card, or notes Update password, identity, credit card, or notes Change master password Reset master password Change security question Enable or disable automatic log on to Password Manager Import, export, or migration of data Initialize master password Log on or log off from Password Manager
Log status for import or export Log success or error code Log error code and description when user enters wrong, invalid, or locked master password
Related Links
Auditing and Logging for Password Manager [page 33] To troubleshoot or log user activities, enable the user activity trace for Password Manager.
PUBLIC
49
6
6.1
Open Source Licenses

Sun Java Platform Standard Edition SDK (J2SDK) (JDK)
Sun Java Platform Standard Edition SDK (J2SDK) (JDK)
Sun Microsystems, Inc. Binary Code License Agreement for the JAVA SE DEVELOPMENT KIT (JDK), VERSION 6
SUN MICROSYSTEMS, INC. ("SUN") IS WILLING TO LICENSE THE SOFTWARE IDENTIFIED BELOW TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT"). PLEASE READ THE AGREEMENT CAREFULLY. BY USING THE SOFTWARE YOU ACKNOWLEDGE THAT YOU HAVE READ THE TERMS AND AGREE TO THEM. IF YOU ARE AGREEING TO THESE TERMS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE LEGAL AUTHORITY TO BIND THE LEGAL ENTITY TO THESE TERMS. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT WISH TO BE BOUND BY THE TERMS, THEN YOU MUST NOT USE THE SOFTWARE ON THIS SITE OR ANY OTHER MEDIA ON WHICH THE SOFTWARE IS CONTAINED. 1. DEFINITIONS. "Software" means the identified above in binary form, any other machine readable materials (including, but not limited to, libraries, source files, header files, and data files), any updates or error corrections provided by Sun, and any user manuals, programming guides and other documentation provided to you by Sun under this Agreement. "General Purpose Desktop Computers and Servers" means computers, including desktop and laptop computers, or servers, used for general computing functions under end user control (such as but not specifically limited to email, general purpose Internet browsing, and office suite productivity tools). The use of Software in systems and solutions that provide dedicated functionality (other than as mentioned above) or designed for use in embedded or function-specific software applications, for example but not limited to: Software embedded in or bundled with industrial control systems, wireless mobile telephones, wireless handheld devices, netbooks, kiosks, TV/STB, Blu-ray Disc devices, telematics and network control switching equipment, printers and storage management systems, and other related systems are excluded from this definition and not licensed under this Agreement. "Programs" means Java technology applets and applications intended to run on the Java Platform Standard Edition (Java SE) platform on Javaenabled General Purpose Desktop Computers and Servers. LICENSE TO USE. Subject to the terms and conditions of this Agreement, including, but not limited to the Java Technology Restrictions of the Supplemental License Terms, Sun grants you a non-exclusive, nontransferable, limited license without license fees to reproduce and use internally Software complete and unmodified for the sole purpose of running Programs. Additional licenses for developers and/or publishers are granted in the Supplemental License Terms. RESTRICTIONS. Software is confidential and copyrighted. Title to Software and all associated intellectual property rights is retained by Sun and/or its licensors. Unless enforcement is prohibited by applicable law, you may not modify, decompile, or reverse engineer Software. You acknowledge that Licensed Software is not designed or intended for use in the design, construction, operation or maintenance of any nuclear facility. Sun Microsystems, Inc. disclaims any express or implied warranty of fitness for such uses. No right, title or interest in or to any trademark, service mark, logo or trade name of Sun or its licensors is granted under this Agreement. Additional restrictions for developers and/or publishers licenses are set forth in the Supplemental License Terms.
2.
3.
50
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Open Source Licenses
4.
LIMITED WARRANTY. Sun warrants to you that for a period of ninety (90) days from the date of purchase, as evidenced by a copy of the receipt, the media on which Software is furnished (if any) will be free of defects in materials and workmanship under normal use. Except for the foregoing, Software is provided "AS IS". Your exclusive remedy and Sun's entire liability under this limited warranty will be at Sun's option to replace Software media or refund the fee paid for Software. Any implied warranties on the Software are limited to 90 days. Some states do not allow limitations on duration of an implied warranty, so the above may not apply to you. This limited warranty gives you specific legal rights. You may have others, which vary from state to state. DISCLAIMER OF WARRANTY. UNLESS SPECIFIED IN THIS AGREEMENT, ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT THESE DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED TO THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event will Sun's liability to you, whether in contract, tort (including negligence), or otherwise, exceed the amount paid by you for Software under this Agreement. The foregoing limitations will apply even if the above stated warranty fails of its essential purpose. Some states do not allow the exclusion of incidental or consequential damages, so some of the terms above may not be applicable to you. TERMINATION. This Agreement is effective until terminated. You may terminate this Agreement at any time by destroying all copies of Software. This Agreement will terminate immediately without notice from Sun if you fail to comply with any provision of this Agreement. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right. Upon Termination, you must destroy all copies of Software. EXPORT REGULATIONS. All Software and technical data delivered under this Agreement are subject to US export control laws and may be subject to export or import regulations in other countries. You agree to comply strictly with all such laws and regulations and acknowledge that you have the responsibility to obtain such licenses to export, re-export, or import as may be required after delivery to you. TRADEMARKS AND LOGOS. You acknowledge and agree as between you and Sun that Sun owns the SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET trademarks and all SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET-related trademarks, service marks, logos and other brand designations ("Sun Marks"), and you agree to comply with the Sun Trademark and Logo Usage Requirements currently located at http:// www.sun.com/policies/trademarks. Any use you make of the Sun Marks inures to Sun's benefit.
5.
6.
7.
8.
9.
10. U.S. GOVERNMENT RESTRICTED RIGHTS. If Software is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Software and accompanying documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 11. GOVERNING LAW. Any action related to this Agreement will be governed by California law and controlling U.S. federal law. No choice of law rules of any jurisdiction will apply. 12. SEVERABILITY. If any provision of this Agreement is held to be unenforceable, this Agreement will remain in effect with the provision omitted, unless omission would frustrate the intent of the parties, in which case this Agreement will immediately terminate. 13. INTEGRATION. This Agreement is the entire agreement between you and Sun relating to its subject matter. It supersedes all prior or contemporaneous oral or written communications, proposals, representations and warranties and prevails over any conflicting or additional terms of any quote, order, acknowledgment, or other communication between the parties relating to its subject matter during the term of this Agreement. No
PUBLIC
51
modification of this Agreement will be binding, unless in writing and signed by an authorized representative of each party.
SUPPLEMENTAL LICENSE TERMS

These Supplemental License Terms add to or modify the terms of the Binary Code License Agreement. Capitalized terms not defined in these Supplemental Terms shall have the same meanings ascribed to them in the Binary Code License Agreement . These Supplemental Terms shall supersede any inconsistent or conflicting terms in the Binary Code License Agreement, or in any license contained within the Software. A. Software Internal Use and Development License Grant. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the Software "README" file incorporated herein by reference, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Sun grants you a non-exclusive, non-transferable, limited license without fees to reproduce internally and use internally the Software complete and unmodified for the purpose of designing, developing, and testing your Programs. B. License to Distribute Software. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the Software README file, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Sun grants you a non-exclusive, non-transferable, limited license without fees to reproduce and distribute the Software, provided that i. you distribute the Software complete and unmodified and only bundled as part of, and for the sole purpose of running, your Programs, ii. the Programs add significant and primary functionality to the Software, iii. you do not distribute additional software intended to replace any component(s) of the Software, iv. you do not remove or alter any proprietary legends or notices contained in the Software, v. you only distribute the Software subject to a license agreement that protects Sun's interests consistent with the terms contained in this Agreement, and vi. you agree to defend and indemnify Sun and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Software. C. License to Distribute Redistributables. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the Software README file, including but not limited to the Java Technology Restrictions of these Supplemental Terms, Sun grants you a non-exclusive, non-transferable, limited license without fees to reproduce and distribute those files specifically identified as redistributable in the Software "README" file ("Redistributables") provided that: i. you distribute the Redistributables complete and unmodified, and only bundled as part of Programs, ii. the Programs add significant and primary functionality to the Redistributables, iii. you do not distribute additional software intended to supersede any component(s) of the Redistributables (unless otherwise specified in the applicable README file), iv. you do not remove or alter any proprietary legends or notices contained in or on the Redistributables, v. you only distribute the Redistributables pursuant to a license agreement that protects Sun's interests consistent with the terms contained in the Agreement,
52
vi. you agree to defend and indemnify Sun and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Software. D. Java Technology Restrictions. You may not create, modify, or change the behavior of, or authorize your licensees to create, modify, or change the behavior of, classes, interfaces, or subpackages that are in any way identified as "java", "javax", "sun" or similar convention as specified by Sun in any naming convention designation. E. Distribution by Publishers. This section pertains to your distribution of the Software with your printed book or magazine (as those terms are commonly used in the industry) relating to Java technology ("Publication"). Subject to and conditioned upon your compliance with the restrictions and obligations contained in the Agreement, in addition to the license granted in Paragraph 1 above, Sun hereby grants to you a non-exclusive, nontransferable limited right to reproduce complete and unmodified copies of the Software on electronic media (the "Media") for the sole purpose of inclusion and distribution with your Publication(s), subject to the following terms: i. You may not distribute the Software on a stand-alone basis; it must be distributed with your Publication(s); ii. You are responsible for downloading the Software from the applicable Sun web site; iii. You must refer to the Software as JavaTM SE Development Kit 6; iv. The Software must be reproduced in its entirety and without any modification whatsoever (including, without limitation, the Binary Code License and Supplemental License Terms accompanying the Software and proprietary rights notices contained in the Software); v. The Media label shall include the following information: Copyright 2006, Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Sun, Sun Microsystems, the Sun logo, Solaris, Java, the Java Coffee Cup logo, J2SE, and all trademarks and logos based on Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. This information must be placed on the Media label in such a manner as to only apply to the Sun Software; vi. You must clearly identify the Software as Sun's product on the Media holder or Media label, and you may not state or imply that Sun is responsible for any third-party software contained on the Media; vii. You may not include any third party software on the Media which is intended to be a replacement or substitute for the Software; viii. You shall indemnify Sun for all damages arising from your failure to comply with the requirements of this Agreement. In addition, you shall defend, at your expense, any and all claims brought against Sun by third parties, and shall pay all damages awarded by a court of competent jurisdiction, or such settlement amount negotiated by you, arising out of or in connection with your use, reproduction or distribution of the Software and/or the Publication. Your obligation to provide indemnification under this section shall arise provided that Sun: a. provides you prompt notice of the claim; b. gives you sole control of the defense and settlement of the claim; c. provides you, at your expense, with all available information, assistance and authority to defend; and d. has not compromised or settled such claim without your prior written consent; and ix. You shall provide Sun with a written notice for each Publication; such notice shall include the following information: 1. 2. title of Publication, author(s),
PUBLIC
53
3. 4.
date of Publication, and 4. ISBN or ISSN numbers.
Such notice shall be sent to Sun Microsystems, Inc., 4150 Network Circle, M/S USCA12-110, Santa Clara, California 95054, U.S.A , Attention: Contracts Administration. F. Source Code. Software may contain source code that, unless expressly licensed for other purposes, is provided solely for reference purposes pursuant to the terms of this Agreement. Source code may not be redistributed unless expressly provided for in this Agreement. G. Third Party Code. Additional copyright notices and license terms applicable to portions of the Software are set forth in the THIRDPARTYLICENSEREADME.txt file. In addition to any terms and conditions of any third party opensource/freeware license identified in the THIRDPARTYLICENSEREADME.txt file, the disclaimer of warranty and limitation of liability provisions in paragraphs 5 and 6 of the Binary Code License Agreement shall apply to all Software in this distribution. H. Termination for Infringement. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right. I. Installation and Auto-Update. The Software's installation and auto-update processes transmit a limited amount of data to Sun (or its service provider) about those specific processes to help Sun understand and optimize them. Sun does not associate the data with personally identifiable information. You can find more information about the data Sun collects at http://java.com/data/. For inquiries please contact: Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A.
6.2
Windows Template Library
Windows Template Library
Microsoft Public License (Ms-PL)

This license governs use of the accompanying software. If you use the software, you accept this license. If you do not accept the license, do not use the software. 1. Definitions The terms "reproduce," "reproduction," "derivative works," and "distribution" have the same meaning here as under U.S. copyright law. A "contribution" is the original software, or any additions or changes to the software. A "contributor" is any person that distributes its contribution under this license. "Licensed patents" are a contributor's patent claims that read directly on its contribution. Grant of Rights (A) Copyright Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free copyright license to reproduce its contribution, prepare derivative works of its contribution, and distribute its contribution or any derivative works that you create. (B) Patent Grant- Subject to the terms of this license, including the license conditions and limitations in section 3, each contributor grants you a non-exclusive, worldwide, royalty-free license under its licensed
2.
54
PUBLIC
patents to make, have made, use, sell, offer for sale, import, and/or otherwise dispose of its contribution in the software or derivative works of the contribution in the software. 3. Conditions and Limitations (A) No Trademark License- This license does not grant you rights to use any contributors' name, logo, or trademarks. (B) If you bring a patent claim against any contributor over patents that you claim are infringed by the software, your patent license from such contributor to the software ends automatically. (C) If you distribute any portion of the software, you must retain all copyright, patent, trademark, and attribution notices that are present in the software. (D) If you distribute any portion of the software in source code form, you may do so only under this license by including a complete copy of this license with your distribution. If you distribute any portion of the software in compiled or object code form, you may only do so under a license that complies with this license. (E) The software is licensed "as-is." You bear the risk of using it. The contributors give no express warranties, guarantees, or conditions. You may have additional consumer rights under your local laws which this license cannot change. To the extent permitted under your local laws, the contributors exclude the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
6.3 Code Project - Pretty IE Toolbar in C#, Code Project Adding Icons to System Tray
Code Project - Pretty IE Toolbar in C#, Code Project - Adding Icons to System Tray
The Code Project Open License (CPOL) 1.02 Preamble

This License governs Your use of the Work. This License is intended to allow developers to use the Source Code and Executable Files provided as part of the Work in any application in any form. The main points subject to the terms of the License are: Source Code and Executable Files can be used in commercial applications; Source Code and Executable Files can be redistributed; and Source Code can be modified to create derivative works. No claim of suitability, guarantee, or any warranty whatsoever is provided. The software is provided "as-is". The Article accompanying the Work may not be distributed or republished without the Author's consent
This License is entered between You, the individual or other entity reading or otherwise making use of the Work licensed pursuant to this License and the individual or other entity which offers the Work under the terms of this License ("Author").
PUBLIC
55
License
THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CODE PROJECT OPEN LICENSE ("LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HEREIN, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. THE AUTHOR GRANTS YOU THE RIGHTS CONTAINED HEREIN IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS. IF YOU DO NOT AGREE TO ACCEPT AND BE BOUND BY THE TERMS OF THIS LICENSE, YOU CANNOT MAKE ANY USE OF THE WORK. 1. Definitions a. "Articles" means, collectively, all articles written by Author which describes how the Source Code and Executable Files for the Work may be used by a user. b. "Author" means the individual or entity that offers the Work under the terms of this License. c. "Derivative Work" means a work based upon the Work or upon the Work and other pre-existing works. d. "Executable Files" refer to the executables, binary files, configuration and any required data files included in the Work. e. "Publisher" means the provider of the website, magazine, CD-ROM, DVD or other medium from or by which the Work is obtained by You. f. "Source Code" refers to the collection of source code and configuration files used to create the Executable Files. g. "Standard Version" refers to such a Work if it has not been modified, or has been modified in accordance with the consent of the Author, such consent being in the full discretion of the Author. h. "Work" refers to the collection of files distributed by the Publisher, including the Source Code, Executable Files, binaries, data files, documentation, whitepapers and the Articles. i. "You" is you, an individual or entity wishing to use the Work and exercise your rights under this License. Fair Use/Fair Use Rights. Nothing in this License is intended to reduce, limit, or restrict any rights arising from fair use, fair dealing, first sale or other limitations on the exclusive rights of the copyright owner under copyright law or other applicable laws. License Grant. Subject to the terms and conditions of this License, the Author hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below: a. You may use the standard version of the Source Code or Executable Files in Your own applications. b. You may apply bug fixes, portability fixes and other modifications obtained from the Public Domain or from the Author. A Work modified in such a way shall still be considered the standard version and will be subject to this License. c. You may otherwise modify Your copy of this Work (excluding the Articles) in any way to create a Derivative Work, provided that You insert a prominent notice in each changed file stating how, when and where You changed that file. d. You may distribute the standard version of the Executable Files and Source Code or Derivative Work in aggregate with other (possibly commercial) programs as part of a larger (possibly commercial) software distribution. e. The Articles discussing the Work published in any form by the author may not be distributed or republished without the Author's consent. The author retains copyright to any such Articles. You may use the Executable Files and Source Code pursuant to this License but you may not repost or republish or otherwise distribute or make available the Articles, without the prior written consent of the Author. Any subroutines or modules supplied by You and linked into the Source Code or Executable Files this Work shall not be considered part of this Work and will not be subject to the terms of this License.
2.
3.
56
4.
Patent License. Subject to the terms and conditions of this License, each Author hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, import, and otherwise transfer the Work. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions: a. You agree not to remove any of the original copyright, patent, trademark, and attribution notices and associated disclaimers that may appear in the Source Code or Executable Files. b. You agree not to advertise or in any way imply that this Work is a product of Your own. c. The name of the Author may not be used to endorse or promote products derived from the Work without the prior written consent of the Author. d. You agree not to sell, lease, or rent any part of the Work. This does not restrict you from including the Work or any part of the Work inside a larger software distribution that itself is being sold. The Work by itself, though, cannot be sold, leased or rented. e. You may distribute the Executable Files and Source Code only under the terms of this License, and You must include a copy of, or the Uniform Resource Identifier for, this License with every copy of the Executable Files or Source Code You distribute and ensure that anyone receiving such Executable Files and Source Code agrees that the terms of this License apply to such Executable Files and/or Source Code. You may not offer or impose any terms on the Work that alter or restrict the terms of this License or the recipients' exercise of the rights granted hereunder. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties. You may not distribute the Executable Files or Source Code with any technological measures that control access or use of the Work in a manner inconsistent with the terms of this License. f. You agree not to use the Work for illegal, immoral or improper purposes, or on pages containing illegal, immoral or improper material. The Work is subject to applicable export laws. You agree to comply with all such laws and regulations that may apply to the Work after Your receipt of the Work. Representations, Warranties and Disclaimer. THIS WORK IS PROVIDED "AS IS", "WHERE IS" AND "AS AVAILABLE", WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES OR CONDITIONS OR GUARANTEES. YOU, THE USER, ASSUME ALL RISK IN ITS USE, INCLUDING COPYRIGHT INFRINGEMENT, PATENT INFRINGEMENT, SUITABILITY, ETC. AUTHOR EXPRESSLY DISCLAIMS ALL EXPRESS, IMPLIED OR STATUTORY WARRANTIES OR CONDITIONS, INCLUDING WITHOUT LIMITATION, WARRANTIES OR CONDITIONS OF MERCHANTABILITY, MERCHANTABLE QUALITY OR FITNESS FOR A PARTICULAR PURPOSE, OR ANY WARRANTY OF TITLE OR NON-INFRINGEMENT, OR THAT THE WORK (OR ANY PORTION THEREOF) IS CORRECT, USEFUL, BUGFREE OR FREE OF VIRUSES. YOU MUST PASS THIS DISCLAIMER ON WHENEVER YOU DISTRIBUTE THE WORK OR DERIVATIVE WORKS. Indemnity. You agree to defend, indemnify and hold harmless the Author and the Publisher from and against any claims, suits, losses, damages, liabilities, costs, and expenses (including reasonable legal or attorneys? fees) resulting from or relating to any use of the Work by You. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL THE AUTHOR OR THE PUBLISHER BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK OR OTHERWISE, EVEN IF THE AUTHOR OR THE PUBLISHER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Termination. a. This License and the rights granted hereunder will terminate automatically upon any breach by You of any term of this License. Individuals or entities who have received Derivative Works from You under this License,
5.
6.
7.
8.
9.
PUBLIC
57
however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 6, 7, 8, 9, 10 and 11 will survive any termination of this License. b. If You bring a copyright, trademark, patent or any other infringement claim against any contributor over infringements You claim are made by the Work, your License from such contributor to the Work ends automatically. c. Subject to the above terms and conditions, this License is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, the Author reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above. 10. Publisher. The parties hereby confirm that the Publisher shall not, under any circumstances, be responsible for and shall not have any liability in respect of the subject matter of this License. The Publisher makes no warranty whatsoever in connection with the Work and shall not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. The Publisher reserves the right to cease making the Work available to You at any time without notice 11. Miscellaneous a. This License shall be governed by the laws of the location of the head office of the Author or if the Author is an individual, the laws of location of the principal place of residence of the Author. b. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this License, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable. c. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent. d. This License constitutes the entire agreement between the parties with respect to the Work licensed herein. There are no understandings, agreements or representations with respect to the Work not specified herein. The Author shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Author and You.
6.4 RSA Cryptoki: Cryptographic Token Interface Standard API (PKCS #11)
RSA Cryptoki: Cryptographic Token Interface Standard API (PKCS #11)
RSA Security Cryptoki License

License to copy and use this software is granted provided that it is identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki)" in all material mentioning or referencing this software. License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki)" in all material mentioning or referencing the derived work.
58
RSA Security Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind.
6.5
SSLeay
SSLeay
SSLeay License Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
This package is an SSL implementation written by Eric Young (eay@cryptsoft.com). The implementation was written so as to conform with Netscapes SSL. This library is free for commercial and non-commercial use as long as the following conditions are aheared to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com). Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. 2. 3. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. All advertising materials mentioning features or use of this software must display the following acknowledgement: "This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)". The word 'cryptographic' can be left out if the rouines from the library being used are not cryptographic related :-). If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
4.
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.The licence and distribution terms for any publically available version or derivative of this code cannot
PUBLIC
59
be changed. i.e. this code cannot simply be copied and put under another distribution licence [including the GNU Public Licence.
6.6
zlib
zlib
The zlib/libpng License

Copyright (c) 1995-2012 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. This notice may not be removed or altered from any source distribution.
2. 3.
6.7
libxml2, JQuery
libxml2, JQuery
The MIT License

Copyright (c) 1998-2003 Daniel Veillard. All Rights Reserved Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
60
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
6.8
Java Access Bridge
Java Access Bridge
Oracle Binary Code License Agreement for the Java SE Platform Products
ORACLE AMERICA, INC. ("ORACLE"), FOR AND ON BEHALF OF ITSELF AND ITS SUBSIDIARIES AND AFFILIATES UNDER COMMON CONTROL, IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT"). PLEASE READ THE AGREEMENT CAREFULLY. BY SELECTING THE "ACCEPT LICENSE AGREEMENT" (OR THE EQUIVALENT) BUTTON AND/OR BY USING THE SOFTWARE YOU ACKNOWLEDGE THAT YOU HAVE READ THE TERMS AND AGREE TO THEM. IF YOU ARE AGREEING TO THESE TERMS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE LEGAL AUTHORITY TO BIND THE LEGAL ENTITY TO THESE TERMS. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT WISH TO BE BOUND BY THE TERMS, THEN SELECT THE "DECLINE LICENSE AGREEMENT" (OR THE EQUIVALENT) BUTTON AND YOU MUST NOT USE THE SOFTWARE ON THIS SITE OR ANY OTHER MEDIA ON WHICH THE SOFTWARE IS CONTAINED. 1. DEFINITIONS. "Software" means the Java SE Platform Products in binary form that you selected for download, install or use from Oracle or its authorized licensees, any other machine readable materials (including, but not limited to, libraries, source files, header files, and data files), any updates or error corrections provided by Oracle, and any user manuals, programming guides and other documentation provided to you by Oracle under this Agreement. "Programs" means Java technology applets and applications intended to run on the Java Platform, Standard Edition platform on Java-enabled General Purpose Desktop Computers and Servers. Commercial Features means those features identified in Table 1-1 (Commercial Features In Java SE Product Editions) of the Software documentation accessible at http://www.oracle.com/technetwork/java/javase/ documentation/index.html. README File means the README file for the Software accessible at http://www.oracle.com/technetwork/ java/javase/terms/readme/index.html. LICENSE TO USE.Subject to the terms and conditions of this Agreement including, but not limited to, the Java Technology Restrictions of the Supplemental License Terms, Oracle grants you a non-exclusive, nontransferable, limited license without license fees to reproduce and use internally the Software complete and unmodified for the sole purpose of running Programs. THE LICENSE SET FORTH IN THIS SECTION 2 DOES NOT EXTEND TO THE COMMERCIAL FEATURES. YOUR RIGHTS AND OBLIGATIONS RELATED TO THE COMMERCIAL FEATURES ARE AS SET FORTH IN THE SUPPLEMENTAL TERMS ALONG WITH ADDITIONAL LICENSES FOR DEVELOPERS AND PUBLISHERS. RESTRICTIONS. Software is copyrighted. Title to Software and all associated intellectual property rights is retained by Oracle and/or its licensors. Unless enforcement is prohibited by applicable law, you may not
2.
3.
PUBLIC
61
modify, decompile, or reverse engineer Software. You acknowledge that the Software is developed for general use in a variety of information management applications; it is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use the Software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle disclaims any express or implied warranty of fitness for such uses. No right, title or interest in or to any trademark, service mark, logo or trade name of Oracle or its licensors is granted under this Agreement. Additional restrictions for developers and/or publishers licenses are set forth in the Supplemental License Terms. 4. DISCLAIMER OF WARRANTY. THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. ORACLE FURTHER DISCLAIMS ALL WARRANTIES, EXPRESS AND IMPLIED, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT. LIMITATION OF LIABILITY. IN NO EVENT SHALL ORACLE BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES, OR DAMAGES FOR LOSS OF PROFITS, REVENUE, DATA OR DATA USE, INCURRED BY YOU OR ANY THIRD PARTY, WHETHER IN AN ACTION IN CONTRACT OR TORT, EVEN IF ORACLE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. ORACLE'S ENTIRE LIABILITY FOR DAMAGES HEREUNDER SHALL IN NO EVENT EXCEED ONE THOUSAND DOLLARS (U.S. $1,000). TERMINATION. This Agreement is effective until terminated. You may terminate this Agreement at any time by destroying all copies of Software. This Agreement will terminate immediately without notice from Oracle if you fail to comply with any provision of this Agreement. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right. Upon termination, you must destroy all copies of Software. EXPORT REGULATIONS. You agree that U.S. export control laws and other applicable export and import laws govern your use of the Software, including technical data; additional information can be found on Oracle's Global Trade Compliance web site (http://www.oracle.com/products/export). You agree that neither the Software nor any direct product thereof will be exported, directly, or indirectly, in violation of these laws, or will be used for any purpose prohibited by these laws including, without limitation, nuclear, chemical, or biological weapons proliferation. TRADEMARKS AND LOGOS. You acknowledge and agree as between you and Oracle that Oracle owns the ORACLE and JAVA trademarks and all ORACLE- and JAVA-related trademarks, service marks, logos and other brand designations ("Oracle Marks"), and you agree to comply with the Third Party Usage Guidelines for Oracle Trademarks currently located at http://www.oracle.com/us/legal/third-party-trademarks/ index.html. Any use you make of the Oracle Marks inures to Oracle's benefit. U.S. GOVERNMENT LICENSE RIGHTS. If Software is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Software and accompanying documentation shall be only those set forth in this Agreement.
5.
6.
7.
8.
9.
10. GOVERNING LAW. This agreement is governed by the substantive and procedural laws of California. You and Oracle agree to submit to the exclusive jurisdiction of, and venue in, the courts of San Francisco, or Santa Clara counties in California in any dispute arising out of or relating to this agreement. 11. SEVERABILITY. If any provision of this Agreement is held to be unenforceable, this Agreement will remain in effect with the provision omitted, unless omission would frustrate the intent of the parties, in which case this Agreement will immediately terminate. 12. SEVERABILITY. If any provision of this Agreement is held to be unenforceable, this Agreement will remain in effect with the provision omitted, unless omission would frustrate the intent of the parties, in which case this Agreement will immediately terminate.
62
SUPPLEMENTAL LICENSE TERMS

These Supplemental License Terms add to or modify the terms of the Binary Code License Agreement. Capitalized terms not defined in these Supplemental Terms shall have the same meanings ascribed to them in the Binary Code License Agreement. These Supplemental Terms shall supersede any inconsistent or conflicting terms in the Binary Code License Agreement, or in any license contained within the Software. A. COMMERCIAL FEATURES. You may not use the Commercial Features for running Programs, Java applets or applications in your internal business operations or for any commercial or production purpose, or for any purpose other than as set forth in Sections B, C, D and E of these Supplemental Terms. If You want to use the Commercial Features for any purpose other than as permitted in this Agreement, You must obtain a separate license from Oracle. B. SOFTWARE INTERNAL USE FOR DEVELOPMENT LICENSE GRANT. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the README File incorporated herein by reference, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Oracle grants you a non-exclusive, non-transferable, limited license without fees to reproduce internally and use internally the Software complete and unmodified for the purpose of designing, developing, and testing your Programs. C. LICENSE TO DISTRIBUTE SOFTWARE. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the README File, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Oracle grants you a non-exclusive, non-transferable, limited license without fees to reproduce and distribute the Software, provided that i. you distribute the Software complete and unmodified and only bundled as part of, and for the sole purpose of running, your Programs, ii. the Programs add significant and primary functionality to the Software, iii. you do not distribute additional software intended to replace any component(s) of the Software, iv. you do not remove or alter any proprietary legends or notices contained in the Software, v. you only distribute the Software subject to a license agreement that: a. is a complete, unmodified reproduction of this Agreement; or b. protects Oracle's interests consistent with the terms contained in this Agreement and that includes the notice set forth in Section G, and vi. you agree to defend and indemnify Oracle and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Software. D. LICENSE TO DISTRIBUTE REDISTRIBUTABLES. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the README File, including but not limited to the Java Technology Restrictions of these Supplemental Terms, Oracle grants you a non-exclusive, non-transferable, limited license without fees to reproduce and distribute those files specifically identified as redistributable in the README File ("Redistributables") provided that: i. you distribute the Redistributables complete and unmodified, and only bundled as part of Programs, ii. the Programs add significant and primary functionality to the Redistributables, iii. you do not distribute additional software intended to supersede any component(s) of the Redistributables (unless otherwise specified in the applicable README File),
PUBLIC
63
iv. you do not remove or alter any proprietary legends or notices contained in or on the Redistributables, v. you only distribute the Redistributables pursuant to a license agreement that: a. is a complete, unmodified reproduction of this Agreement; or b. protects Oracle's interests consistent with the terms contained in the Agreement and includes the notice set forth in Section G, vi. you agree to defend and indemnify Oracle and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Software. E. DISTRIBUTION BY PUBLISHERS. This section pertains to your distribution of the JavaTM SE Development Kit Software with your printed book or magazine (as those terms are commonly used in the industry) relating to Java technology ("Publication"). Subject to and conditioned upon your compliance with the restrictions and obligations contained in the Agreement, Oracle hereby grants to you a non-exclusive, nontransferable limited right to reproduce complete and unmodified copies of the Software on electronic media (the "Media") for the sole purpose of inclusion and distribution with your Publication(s), subject to the following terms: i. You may not distribute the Software on a stand-alone basis; it must be distributed with your Publication(s); ii. You are responsible for downloading the Software from the applicable Oracle web site; iii. You must refer to the Software as JavaTM SE Development Kit; iv. The Software must be reproduced in its entirety and without any modification whatsoever (including with respect to all proprietary notices) and distributed with your Publication subject to a license agreement that is a complete, unmodified reproduction of this Agreement; v. The Media label shall include the following information: Copyright 2011, Oracle America, Inc. All rights reserved. Use is subject to license terms. ORACLE and JAVA trademarks and all ORACLE- and JAVA-related trademarks, service marks, logos and other brand designations are trademarks or registered trademarks of Oracle in the U.S. and other countries. This information must be placed on the Media label in such a manner as to only apply to the Oracle Software; vi. You must clearly identify the Software as Oracle's product on the Media holder or Media label, and you may not state or imply that Oracle is responsible for any third-party software contained on the Media; vii. You may not include any third party software on the Media which is intended to be a replacement or substitute for the Software; viii. You agree to defend and indemnify Oracle and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of the Software and/or the Publication; ; and ix. You shall provide Oracle with a written notice for each Publication; such notice shall include the following information: (1) title of Publication, (2) author(s), (3) date of Publication, and (4) ISBN or ISSN numbers. Such notice shall be sent to Oracle America, Inc., 500 Oracle Parkway, Redwood Shores, California 94065 U.S.A , Attention: General Counsel. F. JAVA TECHNOLOGY RESTRICTIONS. You may not create, modify, or change the behavior of, or authorize your licensees to create, modify, or change the behavior of, classes, interfaces, or subpackages that are in any way identified as "java", "javax", "sun", oracle or similar convention as specified by Oracle in any naming convention designation.
64
PUBLIC
G. COMMERCIAL FEATURES NOTICE. For purpose of complying with Supplemental Term Section C.(v)(b) and D. (v)(b), your license agreement shall include the following notice, where the notice is displayed in a manner that anyone using the Software will see the notice: Use of the Commercial Features for any commercial or production purpose requires a separate license from Oracle. Commercial Features means those features identified Table 1-1 (Commercial Features In Java SE Product Editions) of the Software documentation accessible at http://www.oracle.com/technetwork/java/
javase/documentation/index.html
H. SOURCE CODE. Software may contain source code that, unless expressly licensed for other purposes, is provided solely for reference purposes pursuant to the terms of this Agreement. Source code may not be redistributed unless expressly provided for in this Agreement. I. THIRD PARTY CODE. Additional copyright notices and license terms applicable to portions of the Software are set forth in the THIRDPARTYLICENSEREADME file accessible at http://www.oracle.com/technetwork/java/ javase/documentation/index.html. In addition to any terms and conditions of any third party opensource/ freeware license identified in the THIRDPARTYLICENSEREADME file, the disclaimer of warranty and limitation of liability provisions in paragraphs 4 and 5 of the Binary Code License Agreement shall apply to all Software in this distribution. J. TERMINATION FOR INFRINGEMENT. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right. K. INSTALLATION AND AUTO-UPDATE. The Software's installation and auto-update processes transmit a limited amount of data to Oracle (or its service provider) about those specific processes to help Oracle understand and optimize them. Oracle does not associate the data with personally identifiable information. You can find more information about the data Oracle collects as a result of your Software download at http://www.oracle.com/ technetwork/java/javase/documentation/index.html. For inquiries please contact: Oracle America, Inc., 500 Oracle Parkway, Redwood Shores, California 94065, USA. Last updated May 17, 2011
6.9
SHA, Flex
SHA, Flex
BSD 2.0
Copyright (c) 1993-2012 - Aaron D. Gifford - All Rights Reserved All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
PUBLIC
65
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. Neither the name of the <ORGANIZATION> nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
6.10 Google GSON

Google GSON
Apache License Version 2.0, January 2004

http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as
66
a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a crossclaim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: a. You must give any other recipients of the Work or Derivative Works a copy of this License; and b. You must cause any modified files to carry prominent notices stating that You changed the files; and c. You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and d. If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
3.
4.
PUBLIC
67
5.
Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
6.
7.
8.
9.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work

To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http:// www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
68
6.11 AES-NI Sample Library

AES-NI Sample Library
BSD Two Clause License

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. 2. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PUBLIC
69
Disclaimer
SAP Library document classification: PUBLIC. This document is for informational purposes only. Its content is subject to change without notice, and SAP does not warrant that it is error-free. SAP MAKES NO WARRANTIES, EXPRESS OR IMPLIED, OR OF MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE.
Coding Samples
Any software coding and/or code lines/strings (Code) included in this documentation are only examples and are not intended to be used in a productive system environment. The Code is only intended better explain and visualize the syntax and phrasing rules of certain coding. SAP does not warrant the correctness and completeness of the Code given herein, and SAP shall not be liable for errors or damages caused by the usage of the Code, except if such damages were caused by SAP intentionally or grossly negligent.
Accessibility
The information contained in the SAP Library documentation represents SAP's current view of accessibility criteria as of the date of publication; it is in no way intended to be a binding guideline on how to ensure accessibility of software products. SAP specifically disclaims any liability with respect to this document and no contractual obligations or commitments are formed either directly or indirectly by this document.
Gender-Neutral Language
As far as possible, SAP documentation is gender neutral. Depending on the context, the reader is addressed directly with you, or a gender-neutral noun (such as sales person or working days) is used. If when referring to members of both sexes, however, the third person singular cannot be avoided or a gender-neutral noun does not exist, SAP reserves the right to use the masculine form of the noun and pronoun. This is to ensure that the documentation remains comprehensible.
70
Password Manager for SAP NetWeaver Single Sign-On Implementation Guide Disclaimer
www.sap.com/contactsap
No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. National product specifications may vary. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Please see http://www.sap.com/corporate-en/legal/copyright/ index.epx for additional trademark information and notices.

SAP NW SSO 2.0 Password Manager For SAP NetWeaver Single Sign-On Implementation Guide

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

SAP NW SSO 2.0 Password Manager For SAP NetWeaver Single Sign-On Implementation Guide

Încărcat de

Drepturi de autor:

Formate disponibile

PUBLIC

Password Manager for SAP NetWeaver Single SignOn Implementation Guide

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

3.9.4 3.9.5 4 4.1 4.2 4.3

Identity Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Note Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Password Manager Installation Guide

System Requirements for Password Manager

Support for Java applications

Installing Password Manager

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

2.3.1 Default Security Questions for Resetting the Master Password

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

2.4 Performing an Unattended Installation of Password Manager

Software Logistics Toolset <Release>

2.5 Upgrading Enterprise Single Sign-On to Password Manager

Removing Your Personal Data

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

Password Manager User Guide

Starting Password Manager

Adding Passwords for Web Sites

Choose the Register Now pushbutton.

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

Disabling Detection of New Passwords for Web Sites

Disabling Automatic Logon to Web Sites

Adding Passwords for Windows Applications

3.2.2.1 Disabling Detection of New Passwords for Applications

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

Ignoring Applications and Web Sites

3.2.6 Adding Additional Passwords for an Existing Application or Web Site

3.2.6.1 Changing the Default Password for an Application or Web Site

Select the Default Password checkbox. Save your entries.

Choosing Between Multiple Passwords for Web Sites

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

Logging On With Drag and Drop Passwords

Adding Password Policies

Start Password Manager. Choose Advanced Password Policies .

Save your entries.

Adding Password Policies to Applications

Enter a password policy. Save your entries.

Adding Credit Card Information

Use Password Manager to save private text messages.

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

Disabling Password Manager

Disabling Automatic Logon for Applications

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

3.7.1.2 Enabling the Multiple Password Selection for Applications

3.7.1.3 Enabling Automatic Change of Passwords for Applications

Save your entries.

Changing the Master Password

Changing the Security Question

Resetting the Master Password

Importing Password Manager Data

Exporting Password Manager Data

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.

Setting the Default Web Browser

Choose a default web browser. Save your entries.

Enabling Automatic Logon to Password Manager

Password Manager is disabled. Try logging on with drag and drop.

Disabling Detection of New Passwords for Applications [page 16]

Start Password Manager Learning Wizard manually.

Auditing and Logging for Password Manager

View the logs in a text editor at <%AppData%>\Local\SAP\SecureLogin\Traces. Related Links

PUBLIC 2013 SAP AG or an SAP affiliate company. All rights reserved.