HTTPS (SSL) for an internal application: benefits? costs?

Similar Messages

• Why an organization require SSL for Shared Web Applications?

  Hi
  what is ssl and why an organization  require SSL for Shared Web Applications?
  adil

  Hi adil,
  Secure Socket Layer (SSL) is an encrypted communication protocol which uses encryption certificates. For more information about SSL in SharePoint, please refer to:
  http://technet.microsoft.com/en-us/magazine/2009.09.insidesharepoint.aspx
  http://technet.microsoft.com/en-us/library/cc262366(v=office.15).aspx
  SSL is supported for server-to-server authentication and app authentication.
  Regards,
  Rebecca Tu
  TechNet Community Support

• ECXpert3.5- How to setup HTTP-SSL for xml protocol

  Hi,
  We are using ECXpert3.5 on Solaris box. One of our Trading Partner want to communicate through HTTP-SSL and we are doing XML/EDI mapping. Could you guide us what steps we need to take care to implement this.
  How the external system will talk to ECXpert for transferring files.(We need the syntax for the URL). Could you suggest how to setup the HTTP SSL for XML protocol to receive xml files from remote system.
  Thanks in advance for your help!
  Regards,
  Ravi.

  Hi,
  We are using ECXpert3.5 on Solaris box. One of our Trading Partner want to communicate through HTTP-SSL and we are doing XML/EDI mapping. Could you guide us what steps we need to take care to implement this.
  How the external system will talk to ECXpert for transferring files.(We need the syntax for the URL). Could you suggest how to setup the HTTP SSL for XML protocol to receive xml files from remote system.
  Thanks in advance for your help!
  Regards,
  Ravi.

• Get HTTPS URL for Web dynpro application

  We are using SSL. By default the URL generated for the Web dynpro application is HTTP.
  We went to SICF, and deactivated the HTTP service. That made the URL point to HTTPS.
  But few problems started coming because of it:
  - Our Content server became inaccessible.
  - Every time server is re-started, we need to manually go and de-activate HTTP Service.
  We even tried to set the parameter icm/icm/HTTP/redirect_0. But problem is not solved.
  I know this question is asked before, but every time the answer is to read the help document on ICM.
  What's the correct way for any webdynpro application to point to HTTPS? I don't think de-activating HTTP service is the right way.
  Any suggestions please?
  Thanks in adv.

  Thanks a lot Thomas. I'd ask the Portal Admin to try it out.
  There is another similar problem we are facing: I have embedded Webdynpro in R/3 screen. Then used the cl_gui_wdr_viewer class's load_application method passing HTTPS protocol.
  It returns HTTPS URL only, but is not showing up on users' laptops.
  Earlier we were not passing HTTPS protocol, so generated URL was HTTP, and it was not showing on users' screen (can show in ours). Reason we found out is that users' site has HTTP port blocked. They cannot show any HTTP url.
  So we changed to get HTTPS URL, but that also gives the same problem. It is still trying to get HTTP url.
  Here is the URL that the users got: (when they right click to see the URL generated)
  res://ieframe.dll/dnserrordiagoff_webOC.htm#http://abc.def.jil:8000/sap/public/myssocntl?sap-client=220
  Can give any clues on why this is going wrong? Cannot raise OSS as I know embedding Webdynpro in R/3 is not supported
  Thanks in adv.

• E-Recruiting EHP4 WebDynpro link for create internal application and portal

  Hallo there,
  we have installed ehp4 with web Dynpro and I am searching the link for creating an *internal* application.
  The external Aplication I found in the se80 ERC_C_APPL_MGMT_UI. But this link is only for external applications.
  The other Links I try to find is for the portal. I need it in the ESS and the MSS.
  I didn't find them in the package PAOC_RCF_UI_SELF_SERVICES.

  Hello,
  For creating manual internal and external applications, the WebDynpro application is the same - ERC_A_APPL_MGMT. The component is the same ERC_C_APPL_MGMT_UI as you have said in your e-mail. In this component you can also check the view V_APPL_DATA and see that both fields for internal and external are available. The fields are determined at runtime based on whether you have selected 'Internal' or 'External' link in the portal. In the recruiter portal role, when configuring the pages for internal or external you use Application Parameter IS_INTERNAL. If IS_INTERNAL=X then this parameter will be passed to the component mentioned above and the system will know that it should display internal candidate fields. If  IS_INTERNAL=' ' then system will display for external and this is the default.
  You can click package PAOC_RCF_WD_UI > Web Dynpro > Web Dynpro Applicat and right click ERC_A_APPL_MGMT to test. When the page opens, you can add parameter &IS_INTERNAL=X to the URL and you will see it will change to internal application page.
  Hope this helps.
  Regards,

• How to enable http trace for a mobile application??

  Hi ,
  SSO(single Sign On) is failing in my client's application.And it is an android application.So,we are not able to enable the http trace and see where its failing/where the cookie is getting wiped out. Please let me know if there is any alternative way to trace this mobile application.
  Cheers & regards
  Priyadarshini

  Interesting
  android - Capturing mobile phone traffic on wireshark - Stack Overflow
  Check if any of the method mentioned on above link helps
  To replicate the issue you can also use the emulator. Emulator can be downloaded from Android Developers

• How to enable https or SSL for login page only?

  Hi,
  My application is runnnin in iPlanet web server 4.1 version.
  how to make my login page only secured (SSL)?
  previously we have done https enable for the whole application. but client specifically wants for login page only, not for the whole application. how can i make SSL for login page only in iPlanet 4.1.
  I searched through iPlanet console, but i didn't get any option such.
  i found one more thing console,i.e., "encrypt on or off". if i put encrypt "on" means, it will be for the whole application? How can i make it for login page only.
  Do i need to do any code changes for that?
  i tried through web.xml security constraints tags, but it is not working and taking that file as we are doing everything in servlet.properties and rules.properties files.
  can anybody help me in this regard?
  Regards,
  Chandu

  You specify SSL in web.xml of your application. So, in that case other web applications in same server would not be affected.
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>myresources</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>Following link will help you to setup SSL in tomcat:
  [http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/|http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/]
  Thanks,
  Mrityunjoy

• HTTPS mode for OC4J - Very Urgent

  Hi,
  I am trying to implement HTTPS mode with OC4J for our internal application. The Server Configuration and how I tried to implement is detailed below.
  The Server Configuration :
  Operating System     :     Linux 7.1
  Java Development Kit     :     j2sdk1.3 with j2sse 1.0.3
  Web Server          :     Oracle9iAS Containers for J2EE (OC4J) OC4J build# 020712.1645.
  The command for generating the CSR (for test certificate from Entrust)
  1. keytool -genkey -keyalg "RSA" -keystore keystore -storepass 123456 -keysize 512
  2. keytool -certreq -keyalg "RSA" -file gisl-dev -keystore keystore
  I had generated a CSR from the server and submitted the CSR online for a test certificate. On submission freecert.entrust.com had issued the web server certificate and the CA certificate successfully.
  After this I tryed to import the Web Server Certificate with this command:
  3. keytool -keystore -keyalg "RSA" -import -trustcacerts -file gisl-dev.cer
  I am getting an error:
  keytool error: java.security.cert.CertificateException: Unsupported encoding
  Is there anyway to come out of this problem, I think I can use Apache Server and tunnel the request for OC4J through Apache. But the sad thing is that I don't know how do it.
  Please help me out to solve this problem

  1/ try to add a LF to your reply certicate. (there is a bug on keytool import)
  2/ Also you need to check if your CA provider certicate is known on cacerts file. If not you need to import it.
  Hope this help

• Application for both internal and external use

  Hi,
  I am looking to develop an application for a small company that will be an order tracking system. The app would need to be accessible externally over the web for customers to log in and check their order status, but also internally by the company staff to update statuses, enter comments etc.
  Does anyone have any suggestions or best practices regarding security when pushing an app to the external world?
  One thing I considered was having two apps, one for the internal usage and one for the external usage, both with separate parsing schemas. Then create everything under the internal schema and grant select up to the external schema. That way it ensures at the DB level that the application can only read from certain tables. Then anything which the external site does need to update, either do it through a staging table, or grant up the appropriate tables to have insert allowed. Then put triggers on the tables which will raise an exception if columns are updated from a user who isn't authenticated etc.
  Does this all sound ok? Is it overkill? Anyone any other suggestions? I want to avoid having multiple databases or instances, simply because for the size of the company it doesn't warrant such complexity (or cost/resources). We won't be storing any "sensitive" data so to speak, but obviously need to protect against malicious intruders.
  Thanks

  When looking to design your application in this scenario it is best to assume the worst and see what impact it has on your environment. There are several attack scenarios that immediately spring to mind
  A problem in the Apex framework leads to running arbitrary SQL statements.
  A problem in the code leads to running arbitrary SQL statements.
  A problem in the code leads to cross-site scripting attacks.
  Configuration problems mean Apex components are available to the Internet.
  Obviously if cost is an issue there will always be a compromise in security so make sure you can do the the absolute best with the resources available to you. Separating the Internet side from the Internal side as much as you can is always a good idea.
  Sony was recently fined in the UK for not doing enough to protect personal data, so you should have evidence to ensure you have done the absolute best you can.
  Two things available over the internet currently to help you;
  https://secure.recx.co.uk/ApexSecUI/ - ApexSec Security Scanner
  http://www.enkitec.com/products/esert_cloud - eSert cloud
  Both provide free credits to scan your application for security problems for free.
  Edited by: Recx Ltd on Feb 6, 2013 12:12 PM

• Https / SSL needed for my website

  I hope someone can help me.
  I have a website
  http://www.to-shea.com
  I purchased a SSL package from register.com (they host my
  site too). They told me "anyone who sees my site would see the
  https prefix. I received an email from them stating that they could
  not put the https prefix on my site, although it is on their secure
  servers. needless to say, I was quite upset. Anyone on the web
  knows that an https prefix means it is a secure site. Is there ANY
  thing I can do to fix this problem. (it only cost me $28.00)
  Is there a program I can use to force the https prefix.
  I am on a Mac (OSX) and I use Dreamweaver CS3. I am a LITTLE
  familiar with html code but not a alot.
  Can someone there help me???

  What exactly are you asking a question about?
  https and SSL are usually only used for secure transfer of
  information when
  ordering and sending sensitive information. You do not want
  people viewing
  the web site using https and not completing an order to be in
  https SSL
  because it slows things down. It involves encoding/decoding
  of everything in
  the page including graphics.
  In other words- I shop at the site. I add things to the cart.
  I am viewing
  the site in http until it's time to check out and i am asked
  for my card
  numbers.
  Does the certificate not work or throw an error?
  Do you understand how to change links from https to http?
  When to use http or https?
  And if you want to force https, what is the server side
  scripting language.
  What's the question please.
  Alan
  Adobe Community Expert, dreamweaver
  http://www.adobe.com/communities/experts/

• Commercial Application - Licensing costs for J2ME

  Folks,
  Sorry for my ignorance. Are there any licensing costs , if I use J2ME environmnent in smartphone environment for commercially available application.
  Thx
  QM

  No, there are no costs
  See: http://www.sun.com/software/communitysource/j2me/
  Come on.. one second of google, and you would have found that yourself

• HTTP/1.1 500 Internal Server Error for SAOAP Sender Adapter

  Hi,
  I am veera, i am getting the below error. I doing the SOAP Syn interface, While executeing the soap client i got the below error..
  Please help me .. how to retry the this error. 
  HTTP/1.1 500 Internal Server Error
  Set-Cookie: JSESSIONID=(tam00_PID_70)ID1513783250DB21066821525219634633End; Version=1; Domain= 150.208.226.90; Path=/
  Set-Cookie: saplb_*=(tam00_PID_70)703524750; Version=1; Path=/
  Server: SAP J2EE Engine/7.00
  Content-Type: text/xml; charset=utf-8
  Content-Encoding: gzip
  Date: Tue, 23 Feb 2010 13:07:00 GMT
  Transfer-Encoding: chunked
  <?xml version='1.0'?>
  <!-- see the documentation -->
  <SOAP:Envelope xmlns:SOAP='http://schemas.xmlsoap.org/soap/envelope/'>
    <SOAP:Body>
      <SOAP:Fault>
        <faultcode>SOAP:Server</faultcode>
        <faultstring>Server Error</faultstring>
        <detail>
          <s:SystemError xmlns:s='http://sap.com/xi/WebService/xi2.0'>
            <context>XIAdapter</context>
            <code>CPAException</code>
            <text><![CDATA[
  com.sap.aii.af.service.cpa.CPAException: invalid channel (party:service:channel) = <null>
       at com.sap.aii.af.mp.soap.web.MessageServlet.getChannel(MessageServlet.java:481)
       at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:415)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:160)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
            ]]></text>
          </s:SystemError>
        </detail>
      </SOAP:Fault>
    </SOAP:Body>
  </SOAP:Envelope>
  Thanks & Regards,
  Veera

  Hi Prateek,
  Thanks for Response.
  Regenerating  the wsdl in IR/ESR or ID  Please tell me .
  am generating wsdl file for ID --> define webservice and follwing parameters like sender interface name, namespace,communication channel,business systemname.
  Regards,
  Veera.

• Internal Order Report - For the documnets when the cost ele. was not create

  Hi,
  We created internal orders for tracking capital expenditure relating to assets. At that time, we were not created asset GL's as cost element. Recently we created asset GL's as cost elements (category 90).
  Now we are getting the internal order report after creation of cost element for the transactions done thereafter. We mentioned the internal order number in PO but not in accounting document earlier. Now we are maintaining internal order number in accounting document also.
  So when we run OKBA we are getting CO document but, it is not tracking against internal order (since order number was not mentioned earlier). We executed one MM document in which internal order was mentioned through OKBB but there is no change in the internal order report.
  Is there any possibility to get the internal order report for the transactions done before creation of cost element.
  Please guide me
  Best Regards
  Madhusekhar Gupta G

  Hi,
  Thanks for your quick replies.
  Can we get the report as follows.
  1. Total Po's value for the internal Order (through Table EKKN)                                                      xxx
  Less: Value already posted to Internal order after creation of cost elements (S_alr_87013019)  xxx
  Less: Total Value to be invoiced (Tcode -ME2N)                                                                             xxx
  Net amount to be posted to Internal Order manually                                                                        xxx
  Is it correct?
  Regards
  Madhusekhar Gupta G
  Edited by: gms gupta on Feb 20, 2012 4:33 PM

• BAPI KPF6 POST PLAN COST FOR INTERNAL ORDER AND COST ELEMENT

  Hi all gurus,
  I would like to use in a custom report a BAPI/Function Module that help me to simulate KPF6 in order to post planning costs for internal order and cost element (layout 1-401).
  So the input should be:
  1) Version
  2) period from
  3) periodo to
  4) year
  5) internal order n.
  6) cost element n.
  7) value
  I found a lot of BAPI but don't know the correct one and how to use it (example how to fill the input value).
  Can anyone help me on that?
  Kind Regards

  In additio  to the previous I found the BAPI_COSTACTPLN_POSTPRIMCOST but don't know if it's the correct one and how to use it (some example fitting the my case will be very appreciated).
  If the quoted BAPI is correct.
  I tested it filling all fields as following:
  HEADERINFO:
  CO_AREA=FFCA
  FISC_YEAR=2008
  PERIOD_FROM=001
  PERIOD_TO=012
  DOC_HDR_TX='blank'
  INDEXSTRUCTURE:
  OBJECT_INDEX=000001
  VALUE_INDEX=000004 (hope this point at Interna Order)
  ATTRIB_INDEX=000000
  COOBJECT:
  OBJECT_INDEX=000001
  ORDERID=ZO53-08IMZ
  TOTVALUE:
  VALUE_INDEX=000004
  COST_ELEM=3224048
  FIX_VALUE= 200,0000
  DIST_KEY_FIX_VAL=2
  The Return table is set to 0. Nothing happens.....I suspect something related to indexstructure or index is wrong..
  Could anyone help me on that?
  Kind Regards

• Make cost center default for an internal order

  Hi friends,
  I want to make the cost center default for an internal order type. Can you please tell me how can i achieve that.
  Regards,
  Wasim.

  Hi Atif,
  thanks for your valuable reply but i am having different cost element depending on what is ordered. Is there anyway we can achieve this.
  Regards,
  Wasim.