SAP GUI is the

graphical user interface The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, inste ...

client in

SAP ERP SAP ERP is an enterprise resource planning software developed by the German company SAP SE. SAP ERP incorporates the key business functions of an organization. The latest version of SAP ERP (V.6.0) was made available in 2006. The most recent SA ...

's 3-tier architecture of

database In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases sp ...

application server An application server is a server that hosts applications or software that delivers a business application through a communication protocol. An application server framework is a service layer model. It includes software components available to a ...

and

client Client(s) or The Client may refer to: * Client (business) * Client (computing), hardware or software that accesses a remote service on another computer * Customer or client, a recipient of goods or services in return for monetary or other valuable ...

. It is software that runs on a

Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...

Apple Macintosh The Mac (known as Macintosh until 1999) is a family of personal computers designed and marketed by Apple Inc. Macs are known for their ease of use and minimalist designs, and are popular among students, creative professionals, and software en ...

Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...

desktop A desktop traditionally refers to: * The surface of a desk (often to distinguish office appliances that fit on a desk, such as photocopiers and printers, from larger equipment covering its own area on the floor) Desktop may refer to various compu ...

, and allows a user to access SAP functionality in SAP applications such as

and

SAP Business Information Warehouse SAP Business Warehouse (SAP BW) is SAP’s Enterprise Data Warehouse product. It can transform and consolidate business information from virtually any source system. It ran on industry standard RDBMS until version 7.3 at which point it began to t ...

(BW). It is used for remote access to the SAP central server in a company network.

Family

* SAP GUI for the Windows environment and Apple Macintosh * SAP GUI for the Java(TM) environment * SAP GUI for HTML / Internet Transaction Server (ITS) ** Requires

Internet Explorer Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a series of graphical user interface, graphical web browsers developed by Microsoft which was used in the Microsoft Wind ...

Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and ...

as a browser; other browsers are not officially supported by SAP.

Microsoft Windows releases

Java releases – for other operating systems

Single sign-on

SAP GUI on

can also be used for

single sign-on Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-enterin ...

. There are several portal-based authentication applications for single sign-on. SAP GUI can have single sign-on with

SAP Logon Ticket SAP Logon Tickets represent user credentials in SAP systems. When enabled, users can access multiple SAP applications and services through SAP GUI and web browsers without further username and password inputs from the user. SAP Logon Tickets can al ...

as well. Single sign-on also works in the Java GUI.

Criticism of using SAP GUI for authentication to SAP server access

SAP is a distributed application, where client software (SAP GUI) installed on a user's workstation is used to access the central SAP server remotely over the company's network. Users need to authenticate themselves when accessing SAP. By default, however, SAP uses ''unencrypted communication'', which allows potential company-internal attackers to get access to usernames and passwords by listening on the network. This can expose the complete SAP system, if a person is able to get access to this information for a user with extended authorization in the SAP system. Information about this feature is publicly accessible on the Internet.

SAP Secure Network Communications

SAP offers an option to strongly protect communication between clients and servers, called

Secure Network Communications SAP NetWeaver is a software stack for many of SAP SE's applications. The SAP NetWeaver Application Server, sometimes referred to as WebAS, is the runtime environment for the SAP applications and all of the mySAP Business Suite runs on SAP WebAS: s ...

(SNC).

Security

In total, the vendor has released 25 security patches (aka SAP Security Notes). One of the most notorious vulnerabilities was closed among the set of fixes released in March 2017. The vulnerability in the SAP GUI client for Windows allows remote code execution. Also, researchers who identified the security issues pointed out that the vulnerability allows an attacker to download ransomware on the SAP server that would be automatically installed on every workstation within a company.

Screen editing with Personas

Since 1998 SAP GUI screens (so-called "DynPros") can be adjusted and customized with

GuiXT GuiXT is a software component which allows the customization of the SAP user interface. It was developed as a standalone solution in 1998 by Synactive GmbH, Germany, and shortly thereafter integrated into SAP GUI by SAP. Additional tools based on ...

. Now this can also be achieved with "SAP Screen Personas". Personas is installed on one of the SAP

NetWeaver SAP NetWeaver is a software stack for many of SAP SE's applications. The SAP NetWeaver Application Server, sometimes referred to as WebAS, is the runtime environment for the SAP applications and all of the mySAP Business Suite runs on SAP WebAS: s ...

ABAP 7.0x or 7.3x servers in the system landscape. Then it can be used on all SAP NetWeaver ABAP servers with a kernel of 7.21 or higher, including on NetWeaver ABAP 7.11 systems (on which Personas cannot be installed directly).

iOS and Android implementations

Native iOS and Android implementations of SAP GUI are available from

References

{{reflist

External External may refer to: * External (mathematics), a concept in abstract algebra * Externality In economics, an externality or external cost is an indirect cost or benefit to an uninvolved third party that arises as an effect of another party' ...
links

SAP Support Portal
(User-ID required).

GUI The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, inste ...

Clients (computing) Enterprise resource planning terminology