Van Mulders Frank wrote:
Does it mean that the endpoints of the communication channel (SAP GUI and Server in my case) mutually authenticate? How? Via certificates?
Frank.
Yes, it means 'mutual authentication'. The mutual authentication will be via certificates if the SNC library uses certificates, or via Kerberos if the SNC library uses Kerberos protocol.
Van Mulders Frank wrote:
Does it mean that in the communication flow between SAP GUI and Server only the user ID and password are encrypted and the rest is in clear?
Frank.
When using SNC, there is no password sent over the network during SAP GUI logon. Instead, a Kerberos ticket or certificate is used (depending on which SNC library you use) and this is used to determine who the user is who authenticated.