SAP BO network security
Hi,
I need to raise network security in SAP systems.
We already have SAP ERP systems and they all hidden behind saprouter in other subnet.
But what about SAP BO?
SAP BI platform server, FC, Intercompany, FIM, DataServices, BPC - I want to move these system to another subnet and hide behind Webdispatcher + saprouter.
Anyone have tried to do so? Or please offer other variants.
Thanks...
Hi,
These links can help you:
HTTP Based tools
https://service.sap.com/sap/support/notes/1787981
WTS
https://service.sap.com/sap/support/notes/605795
If you encounter an issue with the install or configuration of SAPRouter.
A ticket can be created under (or transferred to) CSS component: XX-SER-NET-HTL.
Best regards,
Siwar
Similar Messages
-
Network security for EP server
Hi,
If i have a portal server which talks to SAPR3 systems how should the network security be achieved, if the portal has to open to internet?
where all will the firewall come into picture? How many DMZs to be there? Is there any SAP recommendation document on this...any info would be of great help
regards,
SujeshHi Sujesh,
Normally SAP recommend (on their courses) that you have a reverse proxy in the DMZ, then a firewall, then portal, then a firewall, then backend SAP etc.
However, it also depends on what you already have network architecture wise.
Paul -
Sap CRM 2007 Security related issue
Hi All,
I am working on SAP CRM 2007 security.
I have scenario, which we are trying to fix.
There are two users A and B.
A is assigned to role X
B is assigned to role y
Business Partner 123 is created for user A
Business Partner 456 is created for user B
These Business Partners are assigned to Authorization Groups.
See below:
1)Authorization Group (LK01) is assigned to Business Partner --123.
2) Authorization Group (LK02) is assigned to Business Partner --456
3) Authorization groups LK01 is assigin to user A in PFCG role X
4) Authorization groups LK02 is assigin to user B in PFCG role Y
a) User A assigned with PFCG role X>Authorization Group (LK01)>BP 123.
b) User B assigned with PFCG role Y>Authorization Group (LK02)>BP 456.
Note:
1) Authorization Groups are assigned to BPs under the Control tab.
2) These Auth Groups are assigned in Authorization Object in PFCG role.
Now, USER 'A' should not be able to work under the BP 456 as this BP is assigned to authorization group LK02.
The issue is when we open the WEB UI and login with user A role X, He can search for the BP 456 assigned to Auth Group LK02.
User A can open the Interaction History and edit the Service Order created using the BP 456.
He can Edit the following in Service Order details:
1) General Data Status (from created to complete), Contact person, Sale Rep name.
2) Organization Data like Sales Office, Sales Org Unit, Distribution Channel
3) Business Partner.
However, one good thing is he cannot edit the Account details like Account ID, House No, Employee Resposible, the message he get is "No authorization to change partner with authorization group" which is a
good thing.
I have tried to be precise, please let me know if you require more information.
Regards,
Dave.I suggest the following:
Please, check whether the system works if you activate the implementation BUPA_F4_AUGRP.
In addition check the notes 559662, 674869 and 782927. Maybe the notes are already implemented but you can try then the implementation of the BADI (SE19). It should resolve your issue.
I have implemented this Badi solution before, and after activation; the search help ; nor search result list did NOT show any Business partners anymore that had an authorization group I was not allowed to see.
kind regards
Davy Pelssers
SAP CRM/Security consultant -
Network Security Requirement : Confidential - Not Enforced
I am having a perplexing problem with the network security requirement feature in SJSAS 8 Update 1.
In deploytool, under my WAR, in the security tab, for my only SecurityConstraint, I set the Network Security Requirement to CONFIDENTIAL. This should cause any access to thse objects over port 80 to be redirected to https via for 443.
The failure is that it does not redirect clients accessing over port 80 to a secure connection. The tricky part is that it fails in a completely random way. Sometimes for some WARs it will work as expected, then after X number of server restarts / redeployments, some of the same WARs will not do the redirect as expected. Through continuous redeploys and restarts during development, all WARs will or will not do the redirect in any given situation.
Has anyone else experienced this problem and worked around it? Any help is greatly appreciated! Thanks in advance!
mod_criticalThe following is the deployment descriptor for one of the WARs (this problem affects them all, on multiple different machines with different setups).
The following is from the Security Contraint:
<security-constraint> <display-name>SecurityConstraint</display-name> <web-resource-collection> <web-resource-name>WRCollection</web-resource-name> <url-pattern>/participant/*</url-pattern> <url-pattern>/assetmodel/*</url-pattern> <url-pattern>/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>asadmin</role-name> <role-name>cvbdataentry</role-name> <role-name>cvbadmin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
The rest is as follows:
<?xml version='1.0' encoding='UTF-8'?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" version="2.4" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" > <display-name>CVBadmin</display-name> <servlet> <display-name>assetmodel/OpenRecord</display-name> <servlet-name>assetmodel/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Lookup</display-name> <servlet-name>participant/personell/account/Lookup</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Lookup</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/record</display-name> <servlet-name>participant/personell/account/record</servlet-name> <jsp-file>/participant/personell/account/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/Remove</display-name> <servlet-name>assetmodel/line/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Remove</servlet-class> </servlet> <servlet> <display-name>participant/location/record</display-name> <servlet-name>participant/location/record</servlet-name> <jsp-file>/participant/location/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/Save</display-name> <servlet-name>assetmodel/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Save</servlet-class> </servlet> <servlet> <display-name>syncError</display-name> <servlet-name>syncError</servlet-name> <jsp-file>/syncError.jsp</jsp-file> </servlet> <servlet> <display-name>participant/Search</display-name> <servlet-name>participant/Search</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Search</servlet-class> </servlet> <servlet> <display-name>participant/location/List</display-name> <servlet-name>participant/location/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.List</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Create</display-name> <servlet-name>participant/personell/account/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/listresults</display-name> <servlet-name>participant/personell/listresults</servlet-name> <jsp-file>/participant/personell/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>participant/record</display-name> <servlet-name>participant/record</servlet-name> <jsp-file>/participant/record.jsp</jsp-file> </servlet> <servlet> <display-name>participant/personell/account/Passwd</display-name> <servlet-name>participant/personell/account/Passwd</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Passwd</servlet-class> </servlet> <servlet> <display-name>participant/location/Create</display-name> <servlet-name>participant/location/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Create</servlet-class> </servlet> <servlet> <display-name>Logout</display-name> <servlet-name>Logout</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.Logout</servlet-class> </servlet> <servlet> <display-name>participant/location/Remove</display-name> <servlet-name>participant/location/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Remove</servlet-class> </servlet> <servlet> <display-name>participant/Save</display-name> <servlet-name>participant/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Save</servlet-class> </servlet> <servlet> <display-name>assetmodel/listresults</display-name> <servlet-name>assetmodel/listresults</servlet-name> <jsp-file>/assetmodel/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/record</display-name> <servlet-name>assetmodel/line/record</servlet-name> <jsp-file>/assetmodel/line/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/List</display-name> <servlet-name>assetmodel/line/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.List</servlet-class> </servlet> <servlet> <display-name>participant/personell/Save</display-name> <servlet-name>participant/personell/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Save</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/Create</display-name> <servlet-name>assetmodel/line/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/List</display-name> <servlet-name>participant/personell/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.List</servlet-class> </servlet> <servlet> <display-name>assetmodel/Create</display-name> <servlet-name>assetmodel/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Create</servlet-class> </servlet> <servlet> <display-name>participant/Remove</display-name> <servlet-name>participant/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Remove</servlet-class> </servlet> <servlet> <display-name>participant/Create</display-name> <servlet-name>participant/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Create</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/listresults</display-name> <servlet-name>assetmodel/line/listresults</servlet-name> <jsp-file>/assetmodel/line/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>participant/personell/Remove</display-name> <servlet-name>participant/personell/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Remove</servlet-class> </servlet> <servlet> <display-name>assetmodel/List</display-name> <servlet-name>assetmodel/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.List</servlet-class> </servlet> <servlet> <display-name>assetmodel/record</display-name> <servlet-name>assetmodel/record</servlet-name> <jsp-file>/assetmodel/record.jsp</jsp-file> </servlet> <servlet> <display-name>participant/searchresults</display-name> <servlet-name>participant/searchresults</servlet-name> <jsp-file>/participant/searchresults.jsp</jsp-file> </servlet> <servlet> <display-name>menu</display-name> <servlet-name>menu</servlet-name> <jsp-file>/menu.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/OpenRecord</display-name> <servlet-name>assetmodel/line/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/location/listresults</display-name> <servlet-name>participant/location/listresults</servlet-name> <jsp-file>/participant/location/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>exception</display-name> <servlet-name>exception</servlet-name> <jsp-file>/exception.jsp</jsp-file> </servlet> <servlet> <display-name>participant/OpenRecord</display-name> <servlet-name>participant/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/location/Save</display-name> <servlet-name>participant/location/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Save</servlet-class> </servlet> <servlet> <display-name>participant/personell/OpenRecord</display-name> <servlet-name>participant/personell/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/personell/Create</display-name> <servlet-name>participant/personell/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Remove</display-name> <servlet-name>participant/personell/account/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Remove</servlet-class> </servlet> <servlet> <display-name>participant/personell/record</display-name> <servlet-name>participant/personell/record</servlet-name> <jsp-file>/participant/personell/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/Remove</display-name> <servlet-name>assetmodel/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Remove</servlet-class> </servlet> <servlet> <display-name>assetmodel/PreRecord</display-name> <servlet-name>assetmodel/PreRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.PreRecord</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/Save</display-name> <servlet-name>assetmodel/line/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Save</servlet-class> </servlet> <servlet> <display-name>participant/location/OpenRecord</display-name> <servlet-name>participant/location/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.OpenRecord</servlet-class> </servlet> <servlet-mapping> <servlet-name>assetmodel/OpenRecord</servlet-name> <url-pattern>/assetmodel/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Lookup</servlet-name> <url-pattern>/participant/personell/account/lookup</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/record</servlet-name> <url-pattern>/participant/personell/account/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Remove</servlet-name> <url-pattern>/assetmodel/line/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/record</servlet-name> <url-pattern>/participant/location/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Save</servlet-name> <url-pattern>/assetmodel/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>syncError</servlet-name> <url-pattern>/syncError</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Search</servlet-name> <url-pattern>/participant/search</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/List</servlet-name> <url-pattern>/participant/location/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Create</servlet-name> <url-pattern>/participant/personell/account/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/listresults</servlet-name> <url-pattern>/participant/personell/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/record</servlet-name> <url-pattern>/participant/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Passwd</servlet-name> <url-pattern>/participant/personell/account/passwd</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Create</servlet-name> <url-pattern>/participant/location/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Logout</servlet-name> <url-pattern>/logout</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Remove</servlet-name> <url-pattern>/participant/location/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Save</servlet-name> <url-pattern>/participant/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/listresults</servlet-name> <url-pattern>/assetmodel/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/record</servlet-name> <url-pattern>/assetmodel/line/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/List</servlet-name> <url-pattern>/assetmodel/line/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Save</servlet-name> <url-pattern>/participant/personell/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Create</servlet-name> <url-pattern>/assetmodel/line/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/List</servlet-name> <url-pattern>/participant/personell/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Create</servlet-name> <url-pattern>/assetmodel/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Remove</servlet-name> <url-pattern>/participant/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Create</servlet-name> <url-pattern>/participant/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/listresults</servlet-name> <url-pattern>/assetmodel/line/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Remove</servlet-name> <url-pattern>/participant/personell/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/List</servlet-name> <url-pattern>/assetmodel/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/record</servlet-name> <url-pattern>/assetmodel/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/searchresults</servlet-name> <url-pattern>/participant/searchresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>menu</servlet-name> <url-pattern>/menu</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/OpenRecord</servlet-name> <url-pattern>/assetmodel/line/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/listresults</servlet-name> <url-pattern>/participant/location/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>exception</servlet-name> <url-pattern>/exception</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/OpenRecord</servlet-name> <url-pattern>/participant/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Save</servlet-name> <url-pattern>/participant/location/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/OpenRecord</servlet-name> <url-pattern>/participant/personell/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Create</servlet-name> <url-pattern>/participant/personell/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Remove</servlet-name> <url-pattern>/participant/personell/account/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/record</servlet-name> <url-pattern>/participant/personell/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Remove</servlet-name> <url-pattern>/assetmodel/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/PreRecord</servlet-name> <url-pattern>/assetmodel/prerecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Save</servlet-name> <url-pattern>/assetmodel/line/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/OpenRecord</servlet-name> <url-pattern>/participant/location/openrecord</url-pattern> </servlet-mapping> <session-config> <session-timeout>60</session-timeout> </session-config> <error-page> <error-code>500</error-code> <location>/exception.jsp</location> </error-page> <security-constraint> <display-name>SecurityConstraint</display-name> <web-resource-collection> <web-resource-name>WRCollection</web-resource-name> <url-pattern>/participant/*</url-pattern> <url-pattern>/assetmodel/*</url-pattern> <url-pattern>/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>asadmin</role-name> <role-name>cvbdataentry</role-name> <role-name>cvbadmin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>ldap</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/loginFail.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>asadmin</role-name> </security-role> <security-role> <role-name>cvbdataentry</role-name> </security-role> <security-role> <role-name>cvbadmin</role-name> </security-role> <security-role> <role-name>customer</role-name> </security-role> <security-role> <role-name>accountant</role-name> </security-role> <security-role> <role-name>participant</role-name> </security-role> <ejb-local-ref> <ejb-ref-name>ejb/DataAccessBean</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>com.deerteck.cvb.ejb.session.DataAccessLocalHome</local-home> <local>com.deerteck.cvb.ejb.session.DataAccessLocalObject</local> <ejb-link>ejb-jar-ic1.jar#DataAccessBean</ejb-link> </ejb-local-ref> <ejb-local-ref> <ejb-ref-name>ejb/LDAPBean</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>com.deerteck.cvb.ejb.session.LDAPLocalHome</local-home> <local>com.deerteck.cvb.ejb.session.LDAPLocalObject</local> <ejb-link>ejb-jar-ic1.jar#LDAPBean</ejb-link> </ejb-local-ref> </web-app> -
Network security:LAN manager authentication level setting on GPO
Hi,
We have a requirement from project team to change the one of the security setting on default domain policy for all computers in domain. Below are the security setting which we need to modify.
computer configuration-->windows settings-->security settings-->local policies-->security options-->
Network security: LAN manager authentication level
this setting need to be changed to - Send LM & NTLM - use NTLMv2 session security if negotiated.
The project team facing issue with Apache web server and they found the solution on below link.(we have tested this by changing local group policy and this solution works as expected)
https://www.sysaid.com/Sysforums/posts/list/9065.page
We need to know what is the impact after enabling this on domain computers.
Need help on this to go-head on this.Hi,
you have a weaker domain security overall. "
LM Hash Generation
The algorithm introduces several weaknesses that attackers can exploit. First, all lowercase characters are set to uppercase, reducing the number of possible characters. Second, it splits a long, strong, password into two seven-character chunks.
Both the LM and NTLM protocols operate essentially the same way; the only difference is the password hash.
REF: The Most Misunderstood Windows Security Setting of All Time
This post is provided AS IS with no warranties or guarantees, and confers no rights.
~~~
Questo post non fornisce garanzie e non conferisce diritti -
SAP Portal Network - WebDynpro iView and SAP Application iView sharing
Hello All,
I've read about the restrictions in SAP Portal supporting the WSRP standard for application sharing. Mainly WebDynpro iViews and SAP application iViews sharing is not supported. That is in the case of a SAP Portal as producer and Non-SAPPortal as consumer.
I'm interested in a WebDynpro iViews and SAP application iViews sharing in a only-SAP Portals Network, where SAP Portals act as producer and consumer.
I've heard about the Remote Role Assignment and Remote Content Copy that are used in such case. I would like to ask if anyone knows if these can help overcome the restriction in sharing WebDynpro iViews and SAP application iViews that is present with WSRP? And if the advantage of WSPR, that is the application execution and rendering on the producer side, and as follows decreasing of bandwidth usage, is remaining in the case of the Remote Role Assignment and Remote Content Copy.
Thanks,
MladenHi Manish,
for sharing content between SAP and non-SAP Portals, your case, refer to
http://help.sap.com/saphelp_nw2004s/helpdata/en/43/23fb36cad10d23e10000000a1553f7/frameset.htm
All the possibilities and restrictions of WSPR in the case of SAP EP are explaind there.
For sharing content between only SAP Portals refer to my other thread:
Portal Network - Content Sharing
Hope it helps you!
Mladen -
How to Make Wirless Network SECURE
I am running my desktop hard line to a comcast modem which runs XP Pro. My Laptop which is running Vista is set up wireless via the WRT54GS Linksys Router.
The wireless network is running great but it is identified as UNSECURED!
After three 30 minute waits last night, 2 disconnects when I was not understanding them ( not a computer whiz but I do ok) and 1 live chat tech that copy and pasted the directions on how to set it up but not how to make it secure and then a quick disconnect .
Can anyone tell me exactly HOW TO MAKE THIS NETWORK SECURED and WHAT computer shall I use to perform this?
Thank you for any help you can give me,
SWAT
JohnDoe sorry for violating any rules.
(Edited post for guideline compliance. Thanks!)
Message Edited by JOHNDOE_06 on 08-27-2007 11:04 AM
Message Edited by SWAT on 08-27-2007 11:13 AMSWAT wrote:
Sbatch...you click on the pull down window to the settings.....I click on WPA then I input the code I wanted (only room for 1 code) then scroll all the way down to click on save settings.
That method does not secure my laptop wireless settings?
**No, that secures your router's wireless settings.
or
Is this the only method to secure the network?
With some investigation I can find have found the following:
If I right click on my Network Icon in my tool bar and then click Connect to Network and then right click on the Network and right click Properties I get a box with the following:
Tab for connection and a tab for security with pull down bars which can be changed...
1) Security Types -No Authentication (open), shared, wpa2 personal, wpa personal, wpa2 enterprise, wpa enterprise and 802.1x
2) Encryption Types -WEP
Current settings on my laptop Linksys wireless network security is
Security Type- OPEN
Encryption- NONE
sBatch when I perform the WPA on my desktop my laptop must be off or not on the network correct?
Doesn't matter, once you change the security settings onthe router, you will be prompted for the settings to reconnect to it.
Has anyone found the LinkSys hyperlink for setting the WRT54GS router as SECURED?
Define "secured". Wired, only physical connection have access.
Wireless, once you add WPA or WEP (WPA is better) it's secured.
Sincerely,
SWAT
Does that help? -
How to locate my network security key
I wrote this same request a month or so ago and can no longer locate my 'saved' message. Would someone please forward me the link again on how to locate the network security key so I may add another computer to my wi-fi.
And another question, will there be any change that more than one security key will appear and if so, how will I determine which key is the proper key to use?
Thank you much.The "key" is another word for your normal wireless network "password", sometimes called a "pass phrase".
The password generates a 64 character code of random letters and numbers. I doubt that this would be of any use to you, but if you want to see it.....
Open AirPort Utility on your Mavericks Mac
Click the AirPort icon, the click Edit
Click the Base Station icon at the top of the screen
Click Show Passwords
More likely, you have a Windows Firewall issue, or Microsoft Security Essentials...if installed....is blocking the connection. The anti-virus program can do the same thing. -
Access denied (Object: com.sap.portal.system/security/no_safety)
We are implementing EP 6.0, currently with SP11. We have developed some iViews, which are using RFC functions to get information from backend system, in this case SRM.
Everything worked fine, till the day weve transported those developments into other systems (production and testing systems). We are getting the following error Access denied (Object: com.sap.portal.system/security/no_safety). This error only comes out if the iView is called from inside another one, if called isolated it works fine.
Does any one have any idea about how to solve this?Hi AA, you can find in the log file in order to identify what is the object that you need to add in the security zone.
You can find information for the security zones on:
http://help.sap.com/saphelp_nw04/helpdata/en/25/85de55a94c4b5fa7a2d74e8ed201b0/content.htm
Regards. -
How to search my own posts/threads in "SAP Community Network Forums"?
Dear Friends,
How to search my own posts/threads in "SAP Community Network Forums"?Dear Pierre DOMINIQUE,
Thanks for your information, but I know It very well. Lets say I have around 200 posts in the forum, some are unsolved and rest are solved. Now I want to find a old solved/answered post/thread by a key-word, how to do it? ... Actually I asked for this.
Thanks in advance for your right answers. -
Virus Barrier X4 question and a Top 10 Network/Security question
I am currently running Norton AV/Mac. It runs fine, no problems, no slow down, am happy! However, I know that there are some very experienced Mac users who are very down on Norton AV as far as causing problems/hogging resources/slowing things down...again, I don't have any problem, but I am still a newbie. I see however that one of the top 10 Network/Security downloads is Virus Barrier X4. If I want to run an AV program, could someone shed some light on wht this would be a better application? Also the number 1 download in this category is Mac Scan. I am confused, Forget virus's, I thought there was no Spyware/Malware? Why would so many people make this such a popular download..Curious! Thanks, Bill
Bostonfan49,
Spyware is a self-inflicted injury.
To prevent drive-bys, remember to uncheck the Open "safe" files after downloading box in the Safari>Preferences>General tab and make sure that you're blocking pop-up windows.
Configure your firewall correctly (turn off ALL unused services) and stealth it.
Don't use P2P (Limewire and the like) or visit "dodgy" (unknown, copyright infringing, skanky, pr0n, etc.) Web sites.
Never, ever install any program or give any installer your admin password unless you are certain that you know and trust the source.
Create a separate administrator account for installing software and updates and make your normal user account an ordinary, nonadminstrative user.
OS X is not immune to spyware: The spyware would still have to be coded to run in OS X. Requiring an administrator account and click-the-"Yes"-box user permission to install and run didn't prevent KaZaa (and its bundled nasties) from being downloaded and installed by millions, so this OS X "barrier" to malware is subject to the same vulnerability. That said, I'm not aware of much of anything in the way of spyware for Macs.
-Wayne -
I cannot get my iMac with built-in airport wi-fi to allow internet connections to Nook and PS3. The devices access the network, but internet connection fails. Internet sharing is enabled, network security (WEP, WPA) is disabled. What to check next?
On an additional note, I've purchased a wireless router and everything connected on the first attempt. It just vexes me that the built-in wireless isn't working as a router. Is this another example of "Mac only plays with Mac"?
-
Is my home Wi-Fi network secure?
I have used a first-generation Time Capsule to establish my in-home Wi-Fi network. The network works well, but I'm not sure that it's secure. When I go into AirPort Utility, it shows that my wireless network is secure (WPA/WPA2 Personal). Moreover, when I access the list of networks-to-join in the tool bar, my network has a lock beside it, indicating that it is secure. However, when I go into System Preferences>Network>Advanced>Wi-Fi, my network name appears in the list on the left, but the screen indicates that my network has no security ("None"). Recently I installed Apple's firmware upgrade and I wonder if this has anything to do with the "contradiction" between AirPort Utility and System Preferences. Is my home Wi-Fi network secure? If not, what do I do to secure it?
Here is what I would try:
Open System Preferences > Network > AirPort > Advanced
Click on the name of the network to highlight it, then click the - (minus) button at the bottom of the list to remove it
Click OK, then click Apply
Open Macintosh HD > Applications > Utilities > KeyChain Access
Locate the entry with the name of the wireless network and click to highlight it, then click the Delete key on your computer
Close KeyChain Access
Restart the computer
Click the fan shaped AirPort icon at the top of the screen, then click Join Other Network, then click Show Networks and select the network and enter the password. Click to have the Mac "remember" the password and make sure that the connection working.
Then go back into Sys Pref > Network > AirPort > Advanced and check the name of the network. Make sure that it is at the top of the connection list if you want your Mac to connect to that network first. If it is not at the top, you can drag it there.
Then make sure that there is a check mark next to "Remember networks this computer has joined". No other boxes should be checked....and click OK and Apply.
Please post on your results if you try this. -
Officejet 6000 wireless and WPA2-Enterprise network security
I own an Officejet 6000 wireless printer. The manual says that it should be compatible with a wireless network with WPA2-Enterprise network security but when setting up the connection (I am using a macbook and am setting the printer up via usb connection) the newtork is listed but the security type is "unsupported." For whatever its worth it is listed 5 or 6 times but probably thats a different issue.
I can still select the right network but it only asks for a security key, but my network security requires a log-in name and password.
What can I do to get my printer connected to the network?I get the feeling that most of the people replying here don't know the difference between WPA2-Personal and WPA2-Enterprise.
Personal has a passkey.
Enterprise uses both a username and password, usually in conjunction with a Radius server (802.1X athentication).
What we've had to do solve this problem is create a second SSID on the network that authenticates on WPA2-Personal. We use a really long password to secure the network, one that I will never be able to memorize in my lifetime.
All we can hope for is that these enterprise-level vendors will, perhaps, gain a greater understanding of wireless authentication processes and the needs of actual enterprise customers who at least a percieved need for wireless printer capabilities. It used to be that customer was always right, though. Perhaps those days are gone...
The other problem that probably ought to be addressed on consumer end is the fact that multicast tools that make AirPrint work (such as Bonjour), are being blocked from crossing between your wired and wireless networks, perhaps by the wireless controller or due to inefficient routing hierarchy or NAT/PAT issues. Solve this issue and you won't have a need for wireless printers. -
Network Security - Need a recommendation
Hi there!
I'm currently running a wireless network in my apartment that is passworded on a regular bare bones LinkSys router. Currently I have both my PC desktop and my MBPro on this network. Both are running just fine.
What I am concerned about is people in the apartment complex using my network. I know I could bump up the security on my router but what I really want is a program that lets me A) see the IP's of people connecting to my network, if any, and B) single them out and block them. I have no idea whether such a program exists for Leopard. I'm actually fairly computer-savvy, but network security is a new arena for me.
I'm just wondering if anyone could recommend a program to use that is only moderately complex. Also, I'm willing to pay money, but free is always better. Or any other information would be great, e.g. if the MBP already has the propensity for this type of activity on its own. I know it does a great many things .
Thanks for any help!
Message was edited by: demosthenes_demosthenes_ wrote:
A) see the IP's of people connecting to my network, if any
Your router should provide this via the web based administration interface.
B) single them out and block them
In stead of monitoring the router for rogue connections, you could setup your Linksys router to perform MAC address filtering. MAC Address filtering involves setting up a whitelist of MAC addresses that can connect to the router and any MAC address that isn't in the list you can explicitly deny access.
What you would need to do is to add the MAC address for each device you have that you want to connect to the network.
To be honest though, if you're at all concerned about the security of your data, http traffic, if you do any online banking, shopping etc you should really enable the encryption features of your router. With the way you have things setup at the moment, even with MAC Address filtering enabled your wireless connection can still be snooped on which means your passwords, account numbers etc are potentially travelling in the clear over the airwaves.
Personally I would just configure the router to use the highest encryption level that all your computers can support and secure the Wireless network with a 10+ digit authentication key (utilising alphanumeric, punctuation and number characters). Doing this will ensure that your network is secure and minimise the risk of someone getting hold of any sensitive data.
Maybe you are looking for
-
Two entries found in TFS DB for one user, how do I know which one to remvoe?
We had issue with an account that TFS reported to there are multiple users with the same display name. I searched the database and found two entries with the same 'displayname'. First weird thing is that the account names are only different in some l
-
Just got a new Intel iMac and transfered all my files from my old machine, using a firewire connection. My old machine is a iMac G4/700/40. Now the old machine won't start up anymore. When pushing the power button I get the chorus and the screen star
-
4s with white spots -pixels- at top of screen
Purchased from Verizon 6 months ago. Do I take back to Verizon or to Apple?
-
If I try any sort of overclocking of my ti-4200-8 64mb everytime my pc restarts the programmes will load up then the monitor will click off and then come back on again. Im sure its something other people experience so im hoping theres a fix? Its not
-
while updating my ipod touch something happened and now the screen only shows the apple logo that goes on-off. i dont know what to do,please somebody help me!