Hide user and password in URL

Hi Experts,
I need a help on portal URL. We are using SSA (Spend Analytics) in Portal. One of the option in portal is that you can generate an E-mail Link of a report which goes to users.
Link looks like this for end user (They receive it via E-Mail)
http://Host:Port/irj/servlet/prt/portal/prtrootxapps.analytics.ds_par.inbounds?guid=CC1E61FF_7B3F_45CB_A3BE_B00F6BD487B7&objType=REPO&objId=0DA4575B_3C28_E6D8_66C5_04008115C625
Users should be able to view this link as soon as they click on it. If a user is already logged into portal and copy and paste the link, it works fine. However, if a user is not logged in and copy and past this link to IE, It automatically changes URL to something else and shows user & password 
This is how it looks like. URL changes to the following link..
http://HOST:PORT/irj/portal?j_user=XYZ_USER&j_password=XYZ_PASS&submit_logon=true
So I'm not sure what is making portal to redirecting the link to (http://HOST:PORT/irj/portal?j_user=XYZ_USER&j_password=XYZ_PASS&submit_logon=true) when they enter generated link (http://Host:Port/irj/servlet/prt/portal/prtrootxapps.analytics.ds_par.inbounds?guid=CC1E61FF_7B3F_45CB_A3BE_B00F6BD487B7&objType=REPO&objId=0DA4575B_3C28_E6D8_66C5_04008115C625) and why is it showing user/pass and from where is it picking user & password.
I kindly request all experts to please help me in this. I want to hide users/pass and make sure the link works fine without getting redirected it.
Your help is much appreciated
Thanks in Advance!!
Afi

Hi Sinivasan,
I thought about it but I do not see User Mapping Field stating anything. It's empty.
Here is how it looks like:
Authentication Ticket Type : SAP Assertion Ticket
Logon Method : SAPLOGONTICKET
User Mapping Fields : <empty>
User Mapping Type : admin,user
So.. I really don't know why and from where is it picking up user/pass to URL. We are not even using Anonymous Login. Any other thing you could think of the possibility?
Thanks
Afi

Similar Messages

  • Hide login and password in URL after running script - how?

    Folks, I've got a script that gets webalizer data.
    I've embedded the login and password in the script, but don't want it to show up in the URL as it currently does. Is there any way for me to do this?
    I am using the code from an example script:
    property target_URL : "http://finance.yahoo.com/q?s=AAPL&d=v1"
    open location target_URL

    the following only works if the URL has no relational links, try this:
    set target_URL to "http://www.apple.com"
    set dest_file to ((path to desktop as string) & "temp.html")
    -- down load it to your desktop first
    tell application "URL Access Scripting" to download target_URL to dest_file replacing yes
    -- do shell script "curl " & target_URL & " -o ~/desktop/temp.html" -- alternative is curl
    -- then open, the URL will be your desktop
    open location ("file://" & POSIX path of dest_file)

  • URL in sender SOAP channel with user and password

    Hi Expert,
    I have developed SOAP to proxy scenario.The serder WSDL is generated by using sender agreement. In the WSDL we are using default below URL.
    http://host:port/XISOAPAdapter/MessageServlet?channel=party:service:channel
    But the client requirement is that he want SAP user and password also in above url.
    Is this possible in sender SOAP channel?
    Any body can please help me for above issue?
    Thanks.
    Edited by: darshana-PI on Feb 1, 2012 5:26 PM

    Thanks prateek,
    we have used HTTP plain adapter for this and used below link to call that interface in PI. And its working.
    http://server:port/sap/xi/adapter_plain?service=<xxx>&namespace=<xxx>&interface=<xxx>&sap-user=<xxx>&sap-password=<xxx>&qos=BE
    I can understand the security related problem, but that was the requirement for end application.
    Thanks,
    Darshana.

  • Linking to an OBIEE report without showing the user and password

    Hi!
    we are trying to access to an obiee report from an external portal (coded with php).
    The idea is that the user clicks on a link an gets the report in pdf format. For that purpose we are using this url:
    http://ttivobiee01:7001/analytics/saw.dll?Go&Path=/shared/Prueba/ogp_obi&Action=Print&P0=1&P1=eq&P2="Criteria"."Key"&P3=1402&NQuser=user&NQPassword=pass&format=pdf
    But this url is expossing OBIEE's user and password.
    In order to avoid this security issue we tried to do an wget of the url but it doesn't return the report. Instead we get an html, which seams to download the report chunk by chunk (using javaScript).
    The question is, is there any way that we could let our portal ussers access to an obbie report without expossing the user and password?
    I have been looking into oracle forums and have found this: OBIEE Go URL with password protected
    but we couldn't use this aproach due to security issues.
    Thanks!
    Nuria

    Hi!
    We have finally done this (and it works!)
    <?php
    $urlInforme='http://obi:7001/analytics/saw.dll?Go&Path=/shared/Prueba/ogp_obi&Action=Print&P0=1&P1=eq&P2="Criterios"."Clave oficial"&P3=1402&NQuser=user&NQPassword=pass&format=pdf';
    $ch = curl_init($urlInforme);
    $ckfile = tempnam ("./", "CURLCOOKIE");
    $ch = curl_init ($urlInforme);
    curl_setopt ($ch, CURLOPT_COOKIEJAR, $ckfile);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
    $output = curl_exec ($ch);
    $ch = curl_init ($urlInforme);
    curl_setopt ($ch, CURLOPT_COOKIEFILE, $ckfile);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
    $fp = fopen("salida.pdf", "w");
    curl_setopt($ch, CURLOPT_FILE, $fp);
    $output = curl_exec ($ch);
    curl_close($ch);
    fclose($fp);

  • WebService in XI with user and password

    Hello,
    I´ve created a webservice in XI. When I call this webservice without user and password from an external tool (soapUI 1.7.5), the following error appears:
    +Logon Error Message
    Der Aufruf der URL http:... wurde aufgrund fehlerhafter Anmeldedaten abgebrochen.+
    (means: the call failed because of missing authorization)
    Ok, but where can I implement the user and passwort, that this webservice can be called automatically from an other application?
    Thanks for your assistence.
    Kind regards
    Martin

    Hi Huber,
    <b>but where can I implement the user and passwort, that this webservice can be called automatically from an other application?</b>
    open the WSDL  ....and in the left side (bottom) u can see option of user name and password...but i guess its not possible to login automaticaly.
    u have to provide the username and password evrytime....
    regards
    biplab

  • User and Password for JMS-Adapter

    Hi all,
    when configuring JMS-Adapter e.g. for IBM MQSeries i do not find field where to specify the user and password for the MQ. We configure e.g. a receiver communication channel.
    In 2.0 JMS-Adapter we can put user and password like this
    JMS.QueueConnectionFactoryImpl.user=YTEST
    JMS.QueueConnectionFactoryImpl.password=<!%YTEST%!>
    in the property file. We can also hide the passwort with
    the mechanism of password token.
    How can this be done in JMS 3.0 Adpater? Is it possible?
    Thanks,
    Ly-Na Phu

    Oh, sorry. Now i see the field for user and passwort.
    Thanks,
    Ly-Na Phu

  • UCM Administration Applets request the user and password confirmation

    I want to ask if someone has experienced in the UCM Administration Applets, that request the user and password confirmation for each time the applets are executed,
    Is there any configuration in the UCM that activates this behavior?
    I’m trying to reproduce this behavior in the development environment but with not much success
    The UCM version is 10.350
    Thanks for your support.

    Is there any configuration in the UCM that activates this behaviorNo. It's more likely that you are accessing the applets via a URL that does not match the one you originally used to log in to the Content Server.
    For example, you logged into "http://myserver/cs" or "http://<ip address>/cs". However, your HttpServerAddress variable is defined in Content Server as "http://myserver.mydomain.com". (Any absolute links to the applets use the variable to build the URL.) The browser "thinks" this is a new domain, and doesn't forward credentials to the different address. So the applet must prompt again for credentials. (Are you using a load balancer by chance? Does your HttpServerAddress variable in Content Server match the DNS entry being used for the load balancer?)
    I've also seen some versions of the Sun client JRE do this by design as a security "feature". If you using IE, make sure your server address is in the "trusted" or "intranet" security zone.

  • Pass the username and password in URL to auto log in the application from SharePoint List

    how to Pass the  username and password in URL to auto log in the application from SharePoint List  
    I have a link  in my SharePoint list  when user try to open the link its asking username and password .i want to put username and password in URL to auto log in into that external URL from sharepoint
    please help me it is possible

    Check out
    http://serverfault.com/questions/371907/can-you-pass-user-pass-for-http-basic-authentication-in-url-parameters
    Kind regards,
    Margriet Bruggeman
    Lois & Clark IT Services
    web site: http://www.loisandclark.eu
    blog: http://www.sharepointdragons.com

  • How to pass user and password in workspace when open a bqy

    hello,
    how to pass user and password of workspace when refresh a bqy for a query in DB2.
    I don't know where to insert the properties in order to use user and password of workspace,
    I want to use user of login of workspace,
    I don't want to make to appear the mask of login newly when the user refresh the query.
    I don't want to set a default user and password
    thanks
    massimo

    Dear Friend,
    What you mean?
    1. Do you mean how to pass login page on workspace ?
    2. or Do you mean how you can use a connection file to connect to db that is hide from user?
    3. or You mean how to use user & password to login to doc on workspace
    Answer for 1:
    use link
    http://HyperServer:45000/workspace/browse/get/MyFolder/MyIR.bqy?user=admin&pass=password
    Answer for 2:
    a) Upload or import connection file ( MyConn.oce ) to DB2 into workspace,
    b) for IR doc properties change file connection ( MYConn.oce )
    Answer for 2:
    use link without user & pass parameter
    http://HyperServer:45000/workspace/browse/get/MyFolder/MyIR.bqy <?user=admin&pass=password>
    regards
    siyavuş

  • I tried to upgrade the ios on the phone and I was asked for my icloud user and password. I don't remember these exactly and I tried several times with different options but unsuccessfully. I also forget my email used to configurate the phone.

    How i said on the question. I tried to upgrade the ios on the phone and I was asked for my icloud user and password. I don’t remember these exactly and I tried several times with different options but unsuccessfully. I also forget my email used to configurate the phone. I have the phone box and the bill. I sent you an email with my problem and attachments with the box informations, the bill and the reset request. What to do? You said to me:
    Your request comes from an unrecognized email domain. Apple accepts email requests only from email domains for Apple-authorized carriers.
    Please re-submit your request using your official carrier domain.
    but this email is authorized, what to do??
                                                                                                              respectfully, Beba

    If you have forgotten then these links are the only way to resolve
    http://www.apple.com/support/appleid/
    As long as you have owned the iPhone from new and your Apple id is the one used to activate when new
    OR have you recently purchased the iPhone secondhand ?

  • External Web Service - User and password in HTTP header

    Hi!
    How is it possible to add user and password in the HTTP header in a external web service call? 
    I have created a "Portal Service from WSDL file - Client side" with the wizard in SAP Developer Studio.  I following the Java Development Guide - Web Service Security, and use the <i>secured service connection</i>.  I have also created a new <i>System Landscape</i>, but should the new system be based on HTTP, my own PAR or what?
    How can I check that the user and password is added to the HTTP header or the SOAP envelope? Do I have to scan http traffic with a proxy as Paros or can I find the request sent from SAP EP in the logs?
    Cheers
    Asle

    Hello All,
    I have been struggling a bit while putting a reasonable security framework on a jax-rpc style web service. I'm using JWSDP1.2 to set up the webservice. I've tried to outline my problem below. Please correct me where I'm wrong.
    I've been through the Sun's WS tutorials, but they are not really clear on security. However, from them I surmised that there are two decent authentication techniques. HTTP Basic and mutual authentication (MA) . Both have their drawbacks though. HTTP Basic suffers from poor encryption while MA is a bit difficult to set up on both client and server sides. Another problem with MA is that there is no central repository for users/passwords.
    OK, what I would really like to do is use my own user database to verify users/passwords i.e. use a HTTP Basic like authentication (but at application level) but run it over SSL for encryption. It seems simple, but is it possible?
    Also, I have noted that when I use HTTP Basic on the service side, and use a java client, then setting username/password has no effect. In other words, I can always access the web-service, even with wrong username/password.
    Sorry for the long post. Hope someone can help. Thanks.

  • HT1600 I have an Apple TV 2nd Gen, iPad 2 and can't get the icon to appear when i swipe from left to right. What am I missing? I am able to get the 'Home sharing' 'user and password on my Mac.

    I have an Apple TV 2nd Gen, iPad 2 and can't get the icon to appear when i swipe from left to right. What am I missing?
    I am able to get the 'Home sharing' 'user and password on my Mac.
    Also using IPad 2 I am able to get the ITunes to accept the user name and same password as the Mac.
    However, the only way I can see the 'Home sharing; icon is in Music on the Ipad. When I tap on the Icon it asks for a password.
    When I give the same password, it is rejected.
    Help!!!!
    Jaxxdiggs

    Personally I think the iOS devices are poor at reconnecting  - Airplay establishes that a link is available but when the iPhone/iPad has been away from the house and rejoins the network i think AppleTV already thinks it's connected with a different IP address and fails to recognise it has joined the network again with new credentials.
    Something along those lines anyway.
    I find that a combination of restarting AppleTV, router and iOS device tends to fix it, but not for everyone.
    AC

  • Link to folder with user and password

    Hi all!
    From my action I want to redirect to a file in order to download it but the problem is that this file is in a web folder with user/password
    How can I redirect to it to downlad it directly without introducing user and password manually by the customer?
    Thanks!
    T

    Do you understand where this user/password restriction comes from? It look like just a HTTP based authentication. A Servlet can access the local file system directly without issueing a new HTTP request for that. Or is that file located at another server?

  • Problem in getting Portal Mapped user and password in Web Dynpro iView

    I am developing a webdynpro iview.My app need to read mapped user and password form a system in Portal runtime.
    I used the following codes in my Web Dynpro java program:
         IWDClientUser user = WDClientUser.getCurrentUser();
         IUser iuser = user.getSAPUser();
         IUserMappingService iums = (IUserMappingService)WDPortalUtils.getServiceReference(IUserMappingService.KEY );
    //     IUserMappingService iums = (IUserMappingService)
    //     PortalRuntime.getRuntimeResources().getService(IUserMappingService.KEY);
         IUserMappingData iumd = iums.getMappingData (systemalias, iuser);
         Map map = new HashMap ();
         iumd.enrich(map);
         String userid = (String)map.get( "user" );
         String pwd = (String)map.get ("mappedpassword");
    I've add a sharing references in project properties,the value is "PORTAL:sap.com/com.sapportals.portal.prt.service.usermapping.IUserMappingService"
    But when I run the iview on my Portal, it goes wrong, the message is:
    com.sap.engine.services.deploy.container.DeploymentException: Clusterwide exception: Failed to prepare application ''local/HomePage'' for startup. Reason= Clusterwide exception: Failed to start dependent library ''com.sapportals.portal.prt.service.usermapping.IUserMappingService'' of application ''local/HomePage''. Status of dependent component: STATUS_MISSING. Hint: Is the component deployed correctly on the engine?
        at com.sap.engine.services.webdynpro.WebDynproContainer.prepareStart(WebDynproContainer.java:1490)
        at com.sap.engine.services.deploy.server.application.StartTransaction.prepareCommon(StartTransaction.java:231)
        at com.sap.engine.services.deploy.server.application.StartTransaction.prepareLocal(StartTransaction.java:184)
        at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhasesLocal(ApplicationTransaction.java:365)
        at com.sap.engine.services.deploy.server.application.ParallelAdapter.runInTheSameThread(ParallelAdapter.java:117)
    Anybody can help me?And are there anyother methods can get mapped user and password of Portal systems in Web Dynpro JAVA.

    Hi Wayne,
          Did you added com.sap.security.api.jar to your webdynpro project. if not follow this steps.
    1. Right-click the project in Eclipse or SAP NetWeaver Developer Studio.
    2. Select Properties.
    3. Choose Java build path -> Libraries -> Add Variable -> Select variable WD_RUNTIME -> Extend -> com.sap.security -> lib -> com.sap.security.api.jar.
    I hope this should solve your problem.
    Regards, Suresh KB

  • Reset the user and password in the config tool

    Dear All,
    how can I reset the user and password in the config tool ?
    Regards
    ertas

    how can I reset the user and password in the config tool ?
    Section from help:
    http://help.sap.com/saphelp_nw70/helpdata/en/1c/129d440bbe4b7d8ae8b82879808d7e/content.htm
    Section from SDN Wiki:
    https://www.sdn.sap.com/irj/scn/wiki?path=/display/ep/to%252breset%252badministrator%252bpassword%252bthrough%252bconfig%252btool
    Regards,
    Abhishek.

Maybe you are looking for

  • Cannot deploy VM from VMM and AppController

     Hi All, I have been installing the VMM and AppController. Initially all went well. After I install RU5 there occurs a problem where I can not deploy vm of VMM and AppController with error messages like that : host A kuilab01 on kuilab01 still availa

  • Secondary Site Install Stuck at "Pending"

    I have tried installing on 3 servers with the same result. The install stays at "Pending" after passing Prerequisite checks. This is Configuration Manager 2012 R2 CU3 the site is Server 2012. ConfigMgrPrereq.log <10-29-2014 13:01:40> ***************

  • Address book no longer communicates with phone

    My Address Book has stopped being able to dial my phone and sent text. It seemed to happen at the last OS automated update (perhaps). Address book can link to phone via link button, but does not dial or initiate text. Phone still announces incoming c

  • Workflow in PR release procedure

    Dear All, Can anybody help me to know, the config steps used in PR release workflow and also the front end process of WF , how it works, any ref doc?? Thanks Rajeev

  • TS4079 siri is not on my iphone 4s

    no siri in general settings languages restriction or after resets please help ios 5.1.1 iphone 4s