SAP Graphical User Interface

SAP GUI
	SAP GUI for Windows version 6.40
Developer(s)	SAP
Stable release	8.00 / January 27, 2023;8 months ago
Written in	C, C++
Operating system	Microsoft Windows , Java Virtual Machine

Last updated October 13, 2023

SAP GUI is the graphical user interface client in SAP ERP's 3-tier architecture of database, application server and client. It is software that runs on a Microsoft Windows, Apple Macintosh or Unix desktop, and allows a user to access SAP functionality in SAP applications such as SAP ERP and SAP Business Information Warehouse (BW). It is used for remote access to the SAP central server in a company network.

Family

SAP GUI for the Windows environment and Apple Macintosh
SAP GUI for the Java(TM) environment
SAP GUI for HTML / Internet Transaction Server (ITS)
- Requires Internet Explorer or Firefox as a browser; other browsers are not officially supported by SAP.

Microsoft Windows releases

Release	Release date	Latest patch	End of life	Features
1.0				First "GUI" for SAP software; no graphical elements like checkboxes, radiobuttons and icons
1.1				Field length indicated by background colors; fast paths in menus
2.0				New GUI for Windows 3.1; System and Application Toolbar added; icons in System Toolbar
2.1				New graphical elements: checkboxes, radiobuttons, group boxes and push buttons on screen
3.0				Table control introduced; icons added to buttons
3.1	1996			Windows95-look with flat buttons; tabstrip control and ABAP List Viewer (ALV) introduced
4.0				Screens contain more information to reduce navigation
4.5				Active X elements introduced; ALV is now based on grid control
4.6D	July 2000			GUI is re-designed; multiple-areas are introduced to reduce need for screen changes
6.10	July 2001
6.20	March 2002		December 31, 2010	Scripting added ^[2]
6.40	June 2004		December 31, 2010	Unicode support extended; accessibility and usability improved
7.10	February 2007		April 12, 2011	Support for Microsoft Vista and Office 2007; new "Tweak SAP GUI" tool; new ABAP front-end editor
7.20	April 2010	17 (final)	April 09, 2013^[3]	Support for Windows XP; Windows 2003 Server; Windows Vista; Windows 2008 Server; Windows 7 and Office 2010; Built with Visual Studio 2008^[4]
7.30	June 2012	15	July 15, 2015	Usability enhancements; new customization features; built with Visual Studio 2010
7.40	October 2014	19	November 9, 2019	Replaces Corbu with Blue Crystal; integrates SAP GUI for Windows 7.40 and Netweaver Business Client 5.0
7.50	May 2017	15 (final)	April 9, 2019
7.60	February 2019	15	April 12, 2022	Introduces Belize theme, aligning GUI's visual design with the rest of SAP's Fiori applications. Retires Enjoy / Streamline / Tradeshow / SystemDependent themes.
7.70	January 29, 2021	14	April 09, 2024
8.00	January 27, 2023	4	January 12, 2027	The 64bit version; Quartz themes: Modernization of rendering engine and some additional features; HTML Control based on Microsoft Edge: Improvements; Usability improvements in many components; Improvements for SAP Logon; Branding images per system and client

Java releases – for other operating systems

Release	Release date	Latest patch	End of life	Features
7.10	October 2007	21
7.20	December 2009	10	January 31, 2013	Supported OS – openSUSE, Fedora Core, Mac OS X, Microsoft Windows, AIX, OS X Lion, Fedora, Ubuntu
7.30	December 2012	10	March 31, 2015
7.40	December 2014	13	March 31, 2018
7.50	February 2020	9^[5]
7.70	March 2021			New themes with HiDPI support

Single sign-on

SAP GUI on Microsoft Windows or Internet Explorer can also be used for single sign-on. There are several portal-based authentication applications for single sign-on. SAP GUI can have single sign-on with SAP Logon Ticket as well. Single sign-on also works in the Java GUI.^[6]

Criticism of using SAP GUI for authentication to SAP server access

SAP is a distributed application, where client software (SAP GUI) installed on a user's workstation is used to access the central SAP server remotely over the company's network. Users need to authenticate themselves when accessing SAP. By default, however, SAP uses unencrypted communication, which allows potential company-internal attackers to get access to usernames and passwords by listening on the network. This can expose the complete SAP system, if a person is able to get access to this information for a user with extended authorization in the SAP system. Information about this feature is publicly accessible on the Internet.

SAP Secure Network Communications

SAP offers an option to strongly protect communication between clients and servers, called Secure Network Communications (SNC).^[7]

Security

In total, the vendor has released 25 security patches (aka SAP Security Notes). One of the most notorious vulnerabilities was closed among the set of fixes released in March 2017. The vulnerability in the SAP GUI client for Windows allows remote code execution.^[8] Also, researchers who identified the security issues pointed out that the vulnerability allows an attacker to download ransomware on the SAP server that would be automatically installed on every workstation within a company.^[9]

Screen editing with Personas

Since 1998 SAP GUI screens (so-called "DynPros") can be adjusted and customized with GuiXT. Now this can also be achieved with "SAP Screen Personas". Personas is installed on one of the SAP NetWeaver ABAP 7.0x or 7.3x servers in the system landscape. Then it can be used on all SAP NetWeaver ABAP servers with a kernel of 7.21 or higher, including on NetWeaver ABAP 7.11 systems (on which Personas cannot be installed directly).

iOS and Android implementations

Native iOS and Android implementations of SAP GUI are available from GuiXT.

Related Research Articles

<span class="mw-page-title-main">Malware</span> Malicious software

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.

VBScript is an Active Scripting language developed by Microsoft that is modeled on Visual Basic. It allows Microsoft Windows system administrators to generate powerful tools for managing computers without error handling and with subroutines and other advanced programming constructs. It can give the user complete control over many aspects of their computing environment.

SAP R/3 is the former name of the enterprise resource planning software produced by the German corporation SAP AG. It is an enterprise-wide information system designed to coordinate all the resources, information, and activities needed to complete business processes such as order fulfillment, billing, human resource management, and production planning.

ABAP is a high-level programming language created by the German software company SAP SE. It is currently positioned, alongside Java, as the language for programming the SAP NetWeaver Application Server, which is part of the SAP NetWeaver platform for building business applications.

Independent Computing Architecture (ICA) is a proprietary protocol for an application server system, designed by Citrix Systems. The protocol lays down a specification for passing data between server and clients, but is not bound to any one platform. Citrix's ICA is an alternative to Microsoft's Remote Desktop Protocol (RDP).

Client-side refers to operations that are performed by the client in a client–server relationship in a computer network.

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft Corporation which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.

<span class="mw-page-title-main">Microsoft Defender Antivirus</span> Anti-malware software

Microsoft Defender Antivirus is an antivirus software component of Microsoft Windows. It was first released as a downloadable free anti-spyware program for Windows XP and was shipped with Windows Vista and Windows 7. It has evolved into a full antivirus program, replacing Microsoft Security Essentials in Windows 8 or later versions.

In computing, Java Web Start is a deprecated framework developed by Sun Microsystems that allows users to start application software for the Java Platform directly from the Internet using a web browser. The technology enables seamless version updating for globally distributed applications and greater control of memory allocation to the Java virtual machine.

SAP NetWeaver Application Server or SAP Web Application Server is a component of SAP NetWeaver which works as a web application server for SAP products. All ABAP application servers including the message server represent the application layer of the multitier architecture of an ABAP-based SAP system. These application servers execute ABAP applications and communicate with the presentation components, the database, and also with each other, using the message server.

Cisco NAC Appliance, formerly Cisco Clean Access (CCA), was a network admission control (NAC) system developed by Cisco Systems designed to produce a secure and clean computer network environment. Originally developed by Perfigo and marketed under the name of Perfigo SmartEnforcer, this network admission control device analyzes systems attempting to access the network and prevents vulnerable computers from joining the network. The system usually installs an application known as the Clean Access Agent on computers that will be connected to the network. This application, in conjunction with both a Clean Access server and a Clean Access Manager, has become common in many universities and corporate environments today. It is capable of managing wired or wireless networks in an in-band or out-of-band configuration mode, and Virtual Private networks (VPN) in an in-band only configuration mode.

A web desktop or webtop is a desktop environment embedded in a web browser or similar client application. A webtop integrates web applications, web services, client–server applications, application servers, and applications on the local client into a desktop environment using the desktop metaphor. Web desktops provide an environment similar to that of Windows, Mac, or a graphical user interface on Unix and Linux systems. It is a virtual desktop running in a web browser. In a webtop the applications, data, files, configuration, settings, and access privileges reside remotely over the network. Much of the computing takes place remotely. The browser is primarily used for display and input purposes.

This page is a comparison of notable remote desktop software available for various platforms.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection. RDS was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition, a stand-alone edition of Windows NT 4.0 Server that allowed users to log in remotely. Starting with Windows 2000, it was integrated under the name of Terminal Services as an optional component in the server editions of the Windows NT family of operating systems, receiving updates and improvements with each version of Windows. Terminal Services were then renamed to Remote Desktop Services with Windows Server 2008 R2 in 2009.

Web Dynpro (WD) is a web application technology developed by SAP SE that focuses on the development of server-side business applications. For modern releases the user interface is rendered according to the HTML5 web standard. Since Netweaver 754 a touch enabled user interface is available. The newly released versions usually follow the SAP Fiori design principles. One of its main design features is that the user interface is defined in an entirely declarative manner. Web Dynpro applications can be developed using either the Java or ABAP development infrastructure.

A software widget is a relatively simple and easy-to-use software application or component made for one or more different software platforms.

The Linux Schools Project is an operating system designed for schools. It is a Linux distribution based on Ubuntu. The project maintains two custom distributions, with one designed for use on servers and the other for use with the server version on client machines. The server distribution is the official Karoshi, while the client is known as Karoshi Client.

SAP Logon Tickets represent user credentials in SAP systems. When enabled, users can access multiple SAP applications and services through SAP GUI and web browsers without further username and password inputs from the user. SAP Logon Tickets can also be a vehicle for enabling single sign-on across SAP boundaries; in some cases, logon tickets can be used to authenticate into 3rd party applications such as Microsoft-based web applications.

ERP Security is a wide range of measures aimed at protecting Enterprise resource planning (ERP) systems from illicit access ensuring accessibility and integrity of system data. ERP system is a computer software that serves to unify the information intended to manage the organization including Production, Supply Chain Management, Financial Management, Human Resource Management, Customer Relationship Management, Enterprise Performance Management.

References

↑ "SAP GUI for Windows 8.00 is coming on 27th of January 2023: New Features & Lifecycle Information" . Retrieved April 21, 2023.
↑ "The SAP GUI Scripting API How to Automate User Interaction -Technology, Examples and Integration" . Retrieved January 27, 2022.
↑ "Lifetime and Support Matrix for SAP GUI for Windows" . Retrieved July 22, 2018.
↑ "Supported SAP GUI platforms". April 25, 2018. Retrieved July 22, 2018.
↑ "SAP GUI Family - Additional Topics - Community Wiki". wiki.scn.sap.com. Retrieved February 11, 2020.
↑ "Single Sign-on for SAP Java GUI". January 10, 2009. Retrieved July 22, 2018.
↑ "Secure Network Communications (SNC)" . Retrieved July 22, 2018.
↑ Michael Mimoso (March 22, 2017). "SAP Vulnerability Puts Business Data at Risk for Thousands of Companies". Threatpost | The first stop for security news. Retrieved July 22, 2018.
↑ "Can SAP Be Affected By Ransomware? | SAP Cyber Security Solutions". erpscan.com. Retrieved July 22, 2018.

External links

SAP Support Portal (User-ID required).

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "SAP GUI for Windows 8.00 is coming on 27th of January 2023: New Features & Lifecycle Information" . Retrieved April 21, 2023.

[2] "The SAP GUI Scripting API How to Automate User Interaction -Technology, Examples and Integration" . Retrieved January 27, 2022.

[3] "Lifetime and Support Matrix for SAP GUI for Windows" . Retrieved July 22, 2018.

[4] "Supported SAP GUI platforms". April 25, 2018. Retrieved July 22, 2018.

[5] "SAP GUI Family - Additional Topics - Community Wiki". wiki.scn.sap.com. Retrieved February 11, 2020.

[6] "Single Sign-on for SAP Java GUI". January 10, 2009. Retrieved July 22, 2018.

[7] "Secure Network Communications (SNC)" . Retrieved July 22, 2018.

[8] Michael Mimoso (March 22, 2017). "SAP Vulnerability Puts Business Data at Risk for Thousands of Companies". Threatpost | The first stop for security news. Retrieved July 22, 2018.

[9] "Can SAP Be Affected By Ransomware? | SAP Cyber Security Solutions". erpscan.com. Retrieved July 22, 2018.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]