Portal login : switch http - https - http
Our customer has the following requirement :
- users navigates to the portal using http.
-> The protocol needs to be switchted to https, so that when he submits his password, the communication between browser and WAS is secured.
-> Next, the protocol needs to be switched back to http
Currently, this has been done by a previous developer on the project in a copy of the com.sapportals.logon.par, and in the masthead. This is not a 'clean' solution, and we wish to do this the proper way.
I did some research, and this seems likely to be achieved via the webdispatcher. Anybody already tried this?
http://wiki.sdn.sap.com/wiki/display/BSP/Using+Proxies
SAP Web Dispatcher Configuration
The Web Dispatcher will always preserve the Host header, and no further configuration is required for this aspect.
For HTTPS to HTTP protocol switching, the Web Dispatcher must be configured to also set the ClientProtocol HTTP header. This is done with the option in profile:
wdisp/add_clientprotocol_header = 1
For more information about wdisp/add_clientprotocol_header, see the corresponding section of the table in Parameterization of the SAP Web Dispatcher, and see also Setting the SSL Profile Parameters for the SAP Web Dispatcher.
Recommended is to also activate Access Points, as this is the best and simplest way to get a consistent configuration complete(starting 620>=SP57, 640>=SP16 and 700>=SP06). This is achieved with the following profile option:
wdisp/handle_webdisp_ap_header = 1
Hi - Benjamin - Long time ... and all that!
This is indeed not easy to do. In one customer installation I used an Apache as reverse proxy before the web dispatcher but that was mainly to serve up some static content as well as handle SSL before. You could perhaps come up with some complex re-writing and stuff in Apache, but in the end our solution was basically the same as outlined here - a custom coded logon function.
You could investigate the [redirect parameter|http://help.sap.com/saphelp_nw70ehp1/helpdata/en/48/3d993fb08c72d1e10000000a42189c/content.htm] in the web dispatcher, it has some possibilities to arrange that only certain URL's get redirected to HTTPS. If you can organise that the logon screen has a unique URL then I think that could work for you - but I dont know if that URL arrangement is possible.
One thing though, make sure that you configure the web dispatcher as the SSL termination point, if you send volumes of SSL through to J2EE, basically it will die.
Similar Messages
-
When I am trying to change the url it is coming following error .
An exception has occurred : oracle.portal.wcs.transport.http.HttpTransportException WCS-519 -- HTTP Proxy Authentication failed for int.domain.co.in:8080 with authentication of type "Basic" at realm "realm1". Update your proxy login information in the Edit Defaults / Personalize page to
authenticate.
Can anybody please help me regarding this issue it is very urgent.so pleaseI have a similar setup on Linux boxes (MT and Infra) and having the same problem. I can add external application, also able to register Web clipping provider successfully using the external application ID.
But when I try to clip the external application. It shows me on the page "User authentication failed. Please use the following link to update the information."
And, The application.log shows in addition to WCS-514 error code 404
Raising SOAP fault code: AuthenticationFailure
I get provider Test page without any error. http://xyz.abc.com:7778/portalTools/webClipping/providers/webClipping
Your help is highly appreciated.
Thanks,
-Dhiren Desai
[email protected] -
Hi!,
I have Mid Tier installed on one of the Linux box and Infrastructure installed on a separate Linux box. Both of these boxes are behind firewall. I have successfully compeleted portal configuration for Reverse Proxy. I can access portal via internet. Users don't have to put port numbers (7777 or 7778) to access the portal. Users just enters http://www.abc.com, which takes them to portal builder page.
However, Both of my Web providers are not working. As described by the document to configure seeded provider. I changed to port in the URL from 80 to 777. http://www.abc.com:7777/portalTools/webClipping/providers/webClipping. I can access these two web provider applications from the internet, with both the ports 80 as well as 7777. I also edited the provider.xml to use proxy.
When I try to personalize web clipping portlet. and provide URL Location. It is giving me following error.
An exception has occurred : oracle.portal.wcs.transport.http.HttpTransportException WCS-514 -- Get status code 400 to URL http://www.xyz.com by method get
It seems to me I may be missing one of the configuration step, don't know which?
I appreciate your help in advance.
ThanksI have a similar setup on Linux boxes (MT and Infra) and having the same problem. I can add external application, also able to register Web clipping provider successfully using the external application ID.
But when I try to clip the external application. It shows me on the page "User authentication failed. Please use the following link to update the information."
And, The application.log shows in addition to WCS-514 error code 404
Raising SOAP fault code: AuthenticationFailure
I get provider Test page without any error. http://xyz.abc.com:7778/portalTools/webClipping/providers/webClipping
Your help is highly appreciated.
Thanks,
-Dhiren Desai
[email protected] -
Redirect to Portal Login page from portlet
We have lots of applications on the portal and many of them need the logged in user information to provide the right display context. For example, "My Notes" where notes are stamped with the user's login id. Our portlet applications show exception messages when the user id is unavailable. Pressing a refresh button takes them to the portal login page.
Does anyone know how to redirect to the portal login page? Here is how I would like it to work: A user has the application up beyond the session timeout period and does something that causes the page to submit. At the application server we look for the logged in user ID which is missing due to session timeout and we send them to the portal login page.
Thanks! MikeHi James,
<br />
<br />I fear this isn´t possible to do with ADDT, as it will - when using its Restrict Access To Page behaviour - always redirect to the page you specified in the Control Panel.
<br />
<br />However you can help yourself with a simple custom PHP redirect script
<i>(place it @ @ line 1 of your document)</i> which checks whether the "kt_login_id" Session Variable is set, and if it´s not set, redirect to a different login page:
<br />
<br /><?php<br />if (!isset($_SESSION['kt_login_id'])) {<br />header('Location: http://www.example.com/directory/login.php') ;<br />}<br />?>
<br />
<br />Hint: users who login via a different login page will still be redirected to ADDT´s default login page when logging out
<br />
<br />Cheers,
<br />Günter Schenk
<br />Adobe Community Expert, Dreamweaver -
Not able to pass portal login page with valid credentials using WebDispatch
Hi,
We are implementing SAP BillerDirect Portal. To make BillerDirect Portal available over the internet, we Configured SAP WebDispatcher with SSL termination. We followed the steps mentioned in SAP Help Documentaion for SAP WebDispatcher with SSL termination.
http://help.sap.com/saphelp_nw2004s/helpdata/en/76/6d4fa247d0d647b5bd40745400d873/frameset.htm
We created certificate and send it to CA (TrustCenter CA). We received the CA response and we imported the certificate.
AS mentioned in the help document, we configured the SAP Web Dispatcher profile to support SSL termination
We tried to access our BillerDirect Portal over the internet using below link
https://company.com/bd
We are getting login page, once we enter correct user ID and Password, portal is not loading (not going to next page) portal remains on same login page.
If we enter invalid credentials portal login page is giving u201CUser Authentication Failedu201D error.
If we try to access any portal login pages which brings a pop-up for login, login gets succeeded and we are able to see next pages
Examples
1) https://company.com/bd/admin/xcm/init.do
2) https://company.com/monitoring/SystemInfo
All pages which bring up portal login page without pop-up, not able to pass through portal login screen.
We Tried the ProxyMapping option on Dispatcher using Visual admin. This option also didnu2019t work for us.
Here is the WebDispatcher Profile
SAPSYSTEMNAME = xxx
SAPGLOBALHOST = xxxxx
SAPSYSTEM = 00
INSTANCE_NAME = W00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTI386
DIR_EXECUTABLE = $(DIR_CT_RUN)
Accesssability of Message Server
rdisp/mshost = hostnameofportalserver with FQDN
ms/http_port = 8101
Configuration for medium scenario
icm/max_conn = 500
icm/max_sockets = 1024
icm/req_queue_len = 500
icm/min_threads = 10
icm/max_threads = 50
mpi/total_size_MB = 80
SAP Web Dispatcher Ports
icm/server_port_0 = PROT=HTTPS,PORT=443
icm/server_port_1 = PROT=HTTP,PORT=80
icm/HTTPS/verify_client = 0
SAP Web Dispatcher Web Administration
icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=D:\usr\sap\xxx\W00\data\icmanroot\admin,AUTHFILE= D:\usr\sap\xxx\SYS\global\security\data\icmauth.txt
Parameters for the SAP Cryptographic Library
ssl/ssl_lib = D:\usr\sap\xxxW00\sapcrypto.dll
ssl/server_pse = D:\usr\sap\xxx\W00\sec\SAPSSLS.pse
ssf/name = D:\usr\sap\xxx\W00\sec\SAPSSLS.pse
ssf/ssfapi_lib = D:\usr\sap\xxx\W00\sapcrypto.dll
sec/libsapsecu = D:\usr\sap\xxx\W00\sapcrypto.dll
wdisp/ssl_cred = D:\usr\sap\xxx\W00\sec\SAPSSLC.pse
Parameters for Using SSL to the backend server
wdisp/ssl_encrypt = 1
wdisp/ssl_auth = 1
wdisp/ssl_cred = D:\usr\sap\xxxW00\sec\SAPSSLC.pse
wdisp/ssl_certhost = hostnameofportalserver with FQDN
wdisp/ssl_ignore_host_mismatch = true
#ICM Parameters
icm/HTTP/j2ee_0 = PREFIX=/, HOST =hostnameofportalserver with FQDN PORT=50000,SPORT=50001, SSLENC=1,TYPE=1, CRED =D:\usr\sap\xxx\W00\sec\SAPSSLC.pse
We also tried below options in WebDispatcher profile but we are getting same problem.
wdisp/add_client_protocol_header = true
wdisp/add_clientprotocol_header = 1
wdisp/ssl_ignore_host_mismatch = true
#ICM Parameters
icm/HTTPS/forward_ccert_as_header = true
icm/HTTPS/trust_client_with_issuer = *
icm/HTTPS/trust_client_with_subject = *
we also tried
wdisp/ssl_encrypt = 0
wdisp/ssl_auth = 0
we also tried
wdisp/ssl_encrypt = 2
wdisp/ssl_auth = 2
We are not able to resolve issue. Please help us on resolving this issue.
Thanks
Praveen' in Host Names is not allowed. Our hosname has '_'.
http://help.sap.com/saphelp_nw70ehp1/helpdata/en/67/be9442572e1231e10000000a1550b0/frameset.htm -
Publishing a site through UAG without using the Portal login
Good Day -
I'd like to ask if there is a way to publish access to an internal site through UAG without users having to use the Portal login - say by providing a link -Hello,
The portal app is mandatory even if you not use it, indeed if you delete this app UAG stop to work as expected.
In order to publish your internal site without going through the portal, in select application select the following options:
Type: Web
Web: Other Web Application (application specific hostname)
With this you could bind a direct DNS name to your publication without using the portal in order to access to it.
Regards,
Follow me on Twitter http://www.twitter.com/liontux | My Blog (French/English) :
http://security.sakuranohana.fr/ -
Portal theme switcher generates scroll error in RTL
Portal theme switcher using standard objects generates scroll error in RTL
Following the Blog for Switching Themes by Topic - A Color Code System for the Portal [https://www.sdn.sap.com/irj/sdn/weblogs?
blog=/pub/wlg/2053]
I developed a portal application and placed it in the page framework.
It works fine using Left To Right (LTR) languages but when using a Right To Left (RTL) languages like Hebrew and Arabic a long scroll appears in the lower part of the portal window and the masthead is moved a bit with no relation to the position of the other sections (iViews) of the screen.
I know its a custom development but it uses a standard SAP API.
The system version of the portal is NW 7 SP 14Hi Yolanda,
it´s as you already figured out - 0FISCPER is the problem.
When you want to create new lines, there can not be a dynamic characteristic in the columns. Each column has to be defined with single values.
Try to create restricted key figures for the periods you need to show.
regards
Cornelia -
Custom portal login application...?
Hi Experts..
Can any one tell me how to create a custom login application so that a user can change his portal login password.......
Pls give me details......Hi Sumit,
please check this blog
Portal Customizations Intro - Login Part 1
http://help.sap.com/saphelp_nw04/helpdata/en/23/c0e240beb0702ae10000000a155106/frameset.htm
Thanks n Regards
Santosh
Reward if helpful !!! -
Portal Login id and Credatinal pass to dot net application
Hi Experts,
I want to know is it possible to pass the portal login id and other details like Name and organization to an dotnet application.
If it is then how can we do it.
Please do the needfull. Important
Regards,
SwapnilHi Sarbjeet,
I first thought of creating URL Iview and passing the user id and other required details as parameter to that URL Iview.
Then reading your mail i thought of creating a web dynpro java application and then pass all the required values to the url in the application only but i am confussed how i will call the dot net application.
If you have a better suggestion please let me know how to do it.
Regards
Swapnil -
ADF Application and Oracle Portal Login Page
We have developed ADF application and deployed it in Oracle AS 10.1.2 along with the custom JAAS module, which is working fine with the application custom login page. As a next page, I want to use Oracle Portal login page for the authentication and authorization.
How can I accomplished it? Any idea?
Thanks,
APShay,
1. I created blank ADF project
2. I copied myreport.jsp file (this one was generated by Oracle Report Builder) under ..ViewController/public_html directory
3. Created directory 'lib' under ViewController/public_html/WEB-INF/lib
4. Copied reports_tld.jar file under the directory created in 3.
5. Created simple jspx page with the af:link (btw af:goLink does not exists in JDev 12c), set 'destination' to myreport.jsp
After the steps above I could not even compile the application, many problems too many to list here, Basically JDev is trying to build the project with .jsp file generated in Report Builder and is unable to.
So to be sure we are on the same page: I am trying to embed JSP report files generated by Report Builder into ADF project, then create EAR file and deploy on standalone WLS. Finally execute JSP web only report. -
How to access Sap portal login user in ejb web service
Hi,
I wnt to access SAP Portal login user in my ejb application which resides on the same server.
I am using following code
try {
IUser user =null; IWDClientUser wdUser = WDClientUser.getCurrentUser();
user = wdUser.getSAPUser();
} catch (WDUMException e) {
// TODO Auto-generated catch block
e.printStackTrace();
Some additional jar files are required for this?
The same code works fine with webDynpro but not with ejb.
Thanks in advance
Best regards,
NileshThanks for reply.
I have already added com.sap.security.api in my EJB module project classpath. How to add the same in EJB application Project (application-j2ee-engine.xml)?
Best regards,
Nilesh -
Dynamic Text in SAP portal login page
Hi All,
I want to display some text information in the SAP Portal login page.Is it possible to display dynamic text in the login page?
Can anybody help in this?
Regards,
V KarthiCheck the following links as well.
[Customizing Portal Login Page;
[Portal Login Page Customization;
Check all 3 weblogs.
Regards
Puneet -
Portal Login Broke after Db Upgrade to 9.0.1.3
Hi -- My portal web page login doesn't work after upgrading my portal database version from 8.1.7.1 to 9.0.1.3. All the scripts I ran (Note 159657.1 and Chap. 7 of 9i Database Migration Manual) ran ok. I also applied whatever patches/fixes required to get Oracle 9iAS 1.0.2.2.2 working with database version 9 per the certification matrix pages. I am still using Oracle 9iAS 1.0.2.2.2 on the middle tier and have only upgraded the database version. Also, I am not using LDAP for authentication.
After the database upgrade, the portal web login page comes up fine, but after I execute a login attempt I get a "Page Not Found" in my browser. This error shows up in apache's error_log:
[Mon Oct 7 03:54:41 2002] [error] mod_plsql: /pls/ssodad/portal30_sso.wwsso_app_admin.ls_login ORA-1403
ORA-01403: no data found
ORA-06512: at "PORTAL30_SSO.WWSSO_APP_ADMIN", line 391
ORA-06512: at "PORTAL30_SSO.WWSSO_APP_ADMIN", line 669
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "PORTAL30_SSO.WWSSO_LS_PRIVATE", line 358
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at line 8
[Mon Oct 7 03:56:07 2002] [warn] mod_plsql: Stale Connection due to Oracle error 1400
[Mon Oct 7 03:56:07 2002] [error] mod_plsql: /pls/ssodad/portal30_sso.wwsso_home.home ORA-1400
ORA-01400: cannot insert NULL into ("PORTAL30_SSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
ORA-06512: at "PORTAL30_SSO.WWCTX_SSO", line 2215
ORA-06512: at "PORTAL30_SSO.WWCTX_SSO", line 1053
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "PORTAL30_SSO.WWCTX_SSO", line 1261
ORA-06512: at "PORTAL30_SSO.WWCTX_API", line 179
ORA-06512: at "PORTAL30_SSO.WWSEC_APP_PRIV", line 529
ORA-06512: at "PORTAL30_SSO.WWSSO_HOME", line 322
ORA-06512: at line 8
Everything worked fine prior to the upgrade. There are no invalid objects causing this and I can log into the portal database fine through a sqlplus session. Does anyone know why portal login is broke after database upgrade? Has anyone upgraded their portal database versions in place with this issue afterwards?
Thanks for any help anyone can offer...!
KateHi Benjamin,
Thanks for your reply. I already had a working 9iAS Release 1 with a 8.1.7.1.0 database. All I did was upgrade the database from 8i to 9i on the database server. I also applied the jdbc patch on the 9iAS app server so a connection with the 9i database could be established. As far as I know, there's no portal configuration assistant step here because I already had a complete fully-functioning portal install before the database upgrade to 9i. Is there something I'm missing about your suggestion?
Thanks. -
SAP HR ID has SAP Login ID / Portal Login ID
Hi ,
We are thinking of using the SAP HR ID has the SAP Login ID and the Portal Login ID, ... Did anyone had the same approach ? Any feedback will be welcome .
If my HR ID is 1234567 , my user ID will be 1234567 .
Or, (I'm a HR guy), what is SAP recommended approach and User ID ( How to generated the SAP User ID ) .
Regard'sHi,
While creating the logon id instead of creating the user id via tcode su01 try creating it via tcode HRUSER.
Select the HR ids for which u want to create users and create the users. U can define the initial password there and even assign roles there too.
Other wise if u want to assign different roles to different users then only create the users via tcode HRUSER and assign the roles via SU01.
If users are created via tcode HRUSER the user name will be P<hr id> ie like P99003114.
First name and last name will be picked form hr
master data automatically.
Hope this will solve your purpose.
Pl dont forget to award points if resolved
Regards -
Hi,
consider a scenario.
I am login into Enterprise portal using - admin_it.
I want to know by which user has login into portal.
By which method or function can i read this login id into abap.
Regards,
PriyaHi,
I am getting the SAP login name not portal login name.
Consider,
Portal Login : priya
ABAP Login : amitd (In connection string written username = amitd and password, IP,Client etc in J2EE).
I want priya not amitd.
Regards,
Maybe you are looking for
-
Lenovo G550 Windows 7 Professional Upgrade
This Notice refers to 2958-A5U and 2958-A4U models of the Lenovo G550 notebook PC’s only. The 2958-A5U and 2958-A4U G550 systems ship preloaded with Windows XP Professional, and include a Windows 7 Professional upgrade disk. Issue: When upgrading f
-
In Snow Leopard, I had somehow set the two finger tap to open a new tab either from a link on a page or from my bookmarks bar, without having to select "Open a new tab" from the context menu. I recently upgraded to Lion and I can't remember how I set
-
Deltas in changing Classic scenarios to Extended Classic Scenario
Hi All, Currently my client has Classic scenario partially implemented and work in progress. Now a idea of changing to ECS is proposed because in the first place Classic/ECS for Pre-Encumberance is not standard SAP 5.0 unless applying OSS which i
-
I need my CD-based Flash presentation to launch PDF files. I have a link to launch the file, but for some reason it always defaults to the browser rather than the stand-alone Adobe Reader. How can I change this? From another user I now know I can get
-
Hello everyone, Whenever i am installing any s/w from source by compiling,its executable is getting stored in /usr/local/bin.Now im unable to use the s/w by just typing its executable name in the terminal,its giving me an error as "command not found"