Web Dispatcher with Windows Intgrated Authentication
Hello,
We are setting up the relay of Browser ==> IISProxy ==> Web Dispatcher ==> Cluster. We plan to use Windows Integrated Authentication and terminate the SSL connection at the IIS. We are wondering how smoothly this will go as we have read differences in the order between IISProxy and WebDispatcher (in these forums) and have found nothing on the combination with SSL. I assume that the IISProxy will encrypt, authenticate, provide the cookie and then forward the request to the Web Dispatcher for further routing to the cluster.
Needless to say, has anyone done this successfully? Can anyone provide information, warnings, caveats, etc... so that we can decide to use the Web Dispatcher or another software-based NLB solution. We understand the technical benefits - especially in an SAP shop, but if there are richer features for authentication in latter releases we may consider putting it on hold and going with a known solution.
We have seen some appliances that can perform the SSL termination, 3rd party authentication, etc, etc,... are there any plans for the Web Dispatcher to be able to perform the authentication with windows (NTLM or Kerberos)?
All of the other features are grat and a breeze to work with however authentication on the MS domain is a must here and it may be the missing functionality.
Thanks and kind regards,
Judson
Hi Judson,
currently there is no plan to enhance web dispatcher into that direction. Instead we started to work together with network technology providers to offer the funtcionality of web dispatcher together with additional security and authentication stuff.
network is not our business, so there are no plans to boldly go into that direction. Because of that such combinations like authentication with wd are sometimes hard to do.
If you want a tip for the future I'd say, what you will see is boxes that have everything in there and two plugs for the internet and the sap network -everything else (firewalls, authentication, load balancing with automatic recognition of the sap cluster) would be in the box.
Regards,
Benny
Similar Messages
-
Hello All,
Please share your expert ideas how me can do HTTP getRequest() with windows NTLM authentication from OBPM..??
I am not sure even whether its possible or not, if not what could be the alternative way to do integration with MS SharePoint ??
Version : Oracle BPM v 10.3.1
Cheers
Parveen JaswalYou are only as secure as web browsing to the LogMeIn website is (which appears to use HTTPS). If your login on that site is compromised, they will have a list of your computers that they can attempt to connect to. As long as you don't save the login credentials, they would then also need to know what username and password to use to connect to the computer. Granted, a little social engineering, and they could probably get some good ideas what to try for those, but if you chose to make your computers secure with complex and hard to guess passwords then it should be fine.
I've been using LogMeIn from my Mac to my mom's Windows XP system from July 2009, and to my wife's Thinkpad running Win 7 since Oct 2009. None of the computers involved have had any security issues at all, let alone any caused by LogMeIn. For my wife's PC, it sits behind our NAT Firewall in our LinkSys Router (although I did have it behind a CheckPoint VPN Edge router for a while). My Mom's PC sits behind a Netgear Router providing its NAT Firewall. When my Mac isn't at home, it's generally behind that CheckPoint VPN router at my office now. It all works nicely from behind one router to behind another. The Piece that you install on the PC will log it into the LogMeIN website and that is how it gets through the router to the PC. You login to the website, select the PC to control, then login to that PC. -
Java webservice client with windows domain authentication
I'm writing (well attempting to) a Java web service client using netbeans that consumes a web service written in C#, that uses NTLM authentication.
If I consume the webservice from a .NET client, authentication isn't a problem; I can just pass the crediantails in on an engine object.
eg engine.Credentials = System.Net.CredentialCache.DefaultCredentials.
Upon consuming this webservice in java the Credentials method doesn't appear on the engine object like it doesn't with it's C# counterpart.
I assume that Java goes about a different way of doing windows domain authentication?
Cheersfor what ever reason it just seemed to start working.
-
Problem with Web Dispatcher with Double Stack
We have the latest version of Web Dispatcher - 7.0 with latest patch.
I'm having a problem where I am trying to use the web dispatcher for load balancing in a double stack (ABAP/JAVA) system. The person who did the install pointed the installation to the wrong server (which I assume can be easily changed in the profile). However, on the page where it indicates to activate the SICF services he left the box unchecked (but I checked that necessary ones were activated per note 552286). I now get these kind of errors when pointing to the http message server on a different system (he installed it assuming it was just for portal (java):
[Thr 5] *** ERROR => ICP_StructValue: illegal struct reference: wdisp_host_info.capacityIsFi
xed [icpvalue_mt. 257]
[Thr 5] *** ERROR => caught ICP exception (eval): ICP_StructValue: illegal struct reference:
wdisp_host_info.capacityIsFixed [icpvalue_mt.cpp 257] [http_adm_mt. 1488]
I get the above error when I go to "monitor server" groups in the web dispatcher admin console.
Here is my profile:
SAPSYSTEMNAME = PW4
SAPSYSTEM = 01
INSTANCE_NAME = W01
DIR_CT_RUN = $(DIR_EXE_ROOT)/run
DIR_EXECUTABLE = $(DIR_CT_RUN)
Accesssability of Message Server
rdisp/mshost = <fully qualified hostname>
ms/http_port = 8101
Configuration for medium scenario
icm/max_conn = 500
icm/max_sockets = 1024
icm/req_queue_len = 500
icm/min_threads = 10
icm/max_threads = 50
mpi/total_size_MB = 80
SAP Web Dispatcher Ports
icm/server_port_0 = PROT=HTTP,PORT=81$$
Any insight is greatly appreciated!!Hi,
I've never seen this error but some thing seems strange to me :
You use the same port (8101) for the listening port of the web dispatcher and the listening port of the message server of you back office system.
Is it really the case ?
Is PW4 the SID of you web disptcher ?
Is SAPSYSTEM = 01 the sysnr of your web dispatcher ?
I hope that the info of the web disptcher is not mixed up with the back office info ?
Regards,
Olivier -
Web Dispatcher with SSL termination for EP
Hi All,
I want to configure SAP Web Dispatcher (installed on windows) for SSL
termination scenario. I did all the configuration steps, SSL Basic,
SSL termination steps without Metadata Exchange scenario.
But , when i am trying to access the portal using "<b>
https://<DispatcherHost>:<Port>/irj/portal</b>", its giving <b>page
can not be displayed</b> error
<i>This is how the profile file of the dispatcher looks like,</i>
profile file **************
Profile generated by sapwebdisp bootstrap
unique instance number
SAPSYSTEM = 2
Accessibility of Message Servers
rdisp/mshost = <portal server>
ms/http_port = 8101
SAP Web Dispatcher Parameter
wdisp/auto_refresh = 120
wdisp/max_servers = 100
wdisp/shm_attach_mode = 6
configuration for large scenario
icm/max_conn = 16384
icm/max_sockets = 16384
icm/req_queue_len = 6000
icm/min_threads = 100
icm/max_threads = 250
mpi/total_size_MB = 500
mpi/max_pipes = 21000
#maximum number of concurrent connections to one server
wdisp/HTTP/max_pooled_con = 2000
wdisp/HTTPS/max_pooled_con = 2000
SAP Web Dispatcher Ports
SAP Web Dispatcher Web Administration
icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=./admin
icm/server_port_0 = PROT=HTTPS,PORT=5000
icm/server_port_1 = PROT=HTTP,PORT=0
icm/HTTPS/verify_client = 0
DIR_INSTANCE=D:\SAP_SSL\secudir
ssl/ssl_lib=D:\SAP_SSL\secudir\sapcrypto.dll
sss/server_pse=D:\SAP_SSL\secudir\SAPSSL.pse
wdisp/ssl_encrypt = 0
wdisp/add_client_protocol_header = true
profile file **************
After modifying the profile file, restarting the dispatcher gives the
following information in the command prompt,
Information in command prompt *******
D:\SAP_SSL\sapwebdisp\sapwebdisp pf=sapwebdisp.pfl
**Warning: Could not start service 5000 for protocol HTTPS on host
<hostname>" <on all adapters>
*SAP Web Dispatcher up and operational <pid: 1700>*
Information in command prompt *******
What may be problem? Did i miss out any steps ?
Please help !
Regards,
SandipHi Sandip,
Please check this thread..
/thread/41459 [original link is broken]
cheers,
Prashanth
P.S : Please mark helpful answers -
Login error with windows AD authentication in IDT (Infomation Desugn Tool)
HI,
In IDT (Information Design Tool) I was not able to publish objetcs ( OLAP connections, Business View layer etc) to corresponding repository using windows AD authentication, but with enterprise I was able to do so.
With the same AD authentications I was able to open universe design tool, BI launch pad .
Please advise how to correct
Error----
Error:
Failed to log on host com.crystaldecisions.sdk.exception.SDKException$SecurityError: Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006)
cause:java.lang.SecurityException: Unable to locate a login configuration
detail:Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006) Unable to locate a login configuration
Cause of Error:
Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006)
Error----
Thanks in advance
Regards
KrishnaHad the same problem and found note '1588487 - Active Directory authentication failed with InfoDesignTool'
Problem solved for me. -
How do you use the wdeploy tool in iPlanet Web Server with Windows 2000 Server?
I found this on the knowledge base, but only described how to use this with Unix. Does this work with Windows? How do you set the IWS_SERVER_HOME environment variable as well? I don't see it in the file.
ThanksHi,
This is pretty common scenario. The best way to achieve this is to split your servers using a collection and deploy a different client settings. You could target your collection using the OS or an OU in AD. There are many option there.
You could also limit the access to the Server collection using Role Based Access to avoid any human "errors" on these collections. Users without rights to these collection just won't see them.
https://technet.microsoft.com/en-us/library/gg682067.aspx?f=255&MSPPError=-2147217396
http://blogs.technet.com/b/configmgrteam/archive/2011/09/23/introducing-role-based-administration-in-system-center-2012-configuration-manager.aspx
Benoit Lecours | Blog: System Center Dudes -
Hi,
We have EP 6.0 SP16 paltform on win2003/oracle.
We configured SSL, so we connect using https protocol.
We have two application servers for our portal platform.
For load balancing we use SAP Web Dispatcher.
we didn't configure SSL for the host where Web dispatcher resides. So we want web dispather to convert http requests to https.
For this purpose we used parameters
icm/server_port_0 = PROT=HTTP, PORT=8003
wdisp/ssl_encrypt = 2
as said in
http://help.sap.com/saphelp_nw04/helpdata/en/d8/a922d7f45f11d5996e00508b5d5211/frameset.htm
we get error:
Detail: no valid destination server available for '!ALL' rc=7
How can we solve this error ?
Best regardsHello ..,
By defining wdisp/ssl_encrypt = 2 in your pfl file is not enough. I'm assuming you ahve missed the following steps:-
1. Install the SAP Cryptographic Library on the SAP Web Dispatcher.
2. Set the profile parameters.
3. Create the SAP Web Dispatchers PSE(s) and certificate request(s).
4. Send the certificate request(s) to a CA to be signed.
5. Import the certificate request response(s) into the PSE.
6. Create credentials for the SAP Web Dispatcher.
7. Restart the SAP Web Dispatcher.
8. Test the connection.
You need to perform all the above mentioned steps for the SSL. Please refer this link:-
http://help.sap.com/saphelp_nw04/helpdata/en/39/09a63d7af20450e10000000a114084/frameset.htm
Regards
Vaib -
Securing SOA 11g Web Services with OWSM AD authentication
I have SOA 11g with Weblogic 10.3.5 installed and running a Web Service and a Client I want to protect with Active Directory auth and perhaps some other access rules. As I read, I can use OWSM policies to do that. Most guides I found concern OWSM 10g.
How can I make WL use AD authentication? Do I have to use Access Manager?I finally figured it out. The nullpointer exception is related to the SAML assertion. The SAML assertion in my requests is signed with embedded signature and this seems to be not supported with the used OWSM policy. Without the signature is the exception gone.
Marian -
Can I downgrade to Windows 2008 Web edition with Windows 2012R2 Standard?
I read through 2012R2 licensing guide. It tells 2012 Standard can downgrade to 2008 Essential, Standard and Enterprise edition. Whereas 2012 Datacenter can downgrade to any prior editions.
So I can only buy a most expensive 2012 Datacenter to downgrade a cheapest 2008 Web edition? It seems not making sense to user, isn't it?
Ok, there is no web edition in 2012, then at least I should be allowed to downgrade with Standard edition? Make sense? Anyone can help or comment? Thanks a lot.Please contact MS licensing team to get more info.
OS Licensing:
For licensing questions, I suggest contact Microsoft Licensing Center for detailed explanation.http://www.microsoft.com/licensing/contact-us.aspx
Please call 1-800-426-9400 (select option 4), Monday through Friday, 6:00 A.M. to 5:30 P.M. (PST) to speak directly to a Microsoft licensing specialist. Worldwide customers can use the Guide to Worldwide Microsoft Licensing Siteshttp://www.microsoft.com/licensing/index/worldwide.asp to
find contact information in their locations.
You may be knowing of below info anyway check
Win 2012 License FAQ link and find info why Win server 2012 have only two (DC & STD) versions.
Is web server going away as part of Windows Server 2012 and why?
Yes, The Web Server product was designed primarily for end customers and service providers that wanted to host web sites. However, consistent feedback from these customers and partners has been that they prefer to use an edition of Windows Server that does
not restrict usage to running web workloads.
Despite the removal of Web Server edition, web workloads running on a Windows Server 2012 edition will continue to receive the “CAL waiver” that is in effect for these workloads today. Windows Server CALs will not be required to access the licensed server if
it is only being used to run web workloads. See
Product Use Rights for details
Regards, Ravikumar P -
How do you use web inspector with Windows 7
I plug in the USB cable from my Windows desktop to my phone, The drivers are loaded successfully, but where can I find the Windows equal to Safari's advanced preferences.
You can't. Web Inspector can only be enabled from a Mac computer. Not Windows. As it requires the Safari browser on the computer, and the last version of Safari for Windows was discontinued years ago and did not have that feature any way.
-
Calling Web Service with Http Basic authentication in SOA 11g
I am calling a webservice which has http basic authentication attached to it. Thus i am adding 'oracle/wss_http_token_client_policy' OWSM policy to the WS refrence in my composite in Jdeveloper,but it doesn't showme the option of providing the http Username and http Password. The only key it is showing me is cf.key.
Am i missing some steps?
Please let me know.
Note - I am working on SOA 11.1.1.4.
Regards
AyushHi Ayush,
Please refer -
http://biemond.blogspot.com/2010/08/http-basic-authentication-with-soa.html
Regards,
Anuj -
Issues with our SSL connection to the Web dispatcher
HI Alle,
I having issues with our SSL connection to the Web dispatcher with SAP Web AS. Below is the error in the log files form dev_webdisp:
Started service 80 for protocol HTTP on host "wdpeht1"(on all adapters) (processing timeout=120, keep_alive_timeout=30)
[Thr 368] =================================================
[Thr 368] = SSL Initialization on PC with Windows NT
[Thr 368] = (701_REL,Jan 28 2010,mt,ascii-uc,SAP_UC/size_t/void* = 16/64/64)
[Thr 368] profile param "ssl/ssl_lib" = "E:\usr\sap\WDP\W00\sec\sapcrypto.dll"
resulting Filename = "E:\usr\sap\WDP\W00\sec\sapcrypto.dll"
[Thr 368] profile param "ssl/server_pse" = "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
resulting Filename = "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
[Thr 368] = found SAPCRYPTOLIB 5.5.5C pl29 (Jan 30 2010) MT-safe
[Thr 368] = current UserID: WDPEHT1\SAPServiceWDP
[Thr 368] = found SECUDIR environment variable
[Thr 368] = using SECUDIR=E:\usr\sap\WDP\W00\sec
[Thr 368] * ERROR => secudessl_Create_SSL_CTX(): PSE "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" not found! [ssslsecu.c 1354]
[Thr 368] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --
secude_error 4129 (0x00001021) = "The PSE does not exist"*
[Thr 368] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 368] ERROR in SSL_CTX_set_default_pse_by_name: (4129/0x1021) The PSE does not exist : "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
ERROR in ssl_set_pse: (4129/0x1021) The PSE does not exist : "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
ERROR in af_open: (4129/0x1021) The PSE does not exist : "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
ERROR in secsw_open: (4129/0x1021) The PSE does not exist : "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
ERROR in secsw_open_pse_or_extension: (4129/0x1021) The PSE does not exist : "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
ERROR in sec_get_PSEtype: (4129/0x1021) The PSE does not exist : "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
[Thr 368] << -
End of Secude-SSL Errorstack -
[Thr 368] * ERROR => SapISSLAddCredential(): Error SSSLERR_PSE_ERROR trying to create SERVER Credential
for "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" [ssslxxi.c 2278]*
[Thr 368]* ERROR => Initialization of SSL library failed -- NO SSL available!
[Thr 368] =================================================
[Thr 368] <<- ERROR: SapSSLInit(read_profile=1)==SSSLERR_PSE_ERROR*
[Thr 368] *** ERROR => IcmAddService: SapSSLInit (rc=-40): SSSLERR_PSE_ERROR [icxxserv.c 319]
[Thr 2128] IcmCreateWorkerThreads: created worker thread 0
RegardsHi Olivier,
Thanks for replay,
The PSE does exist in my SEC "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" .
I did tried Again I get this error. I think I missing som parameter
= SSL Initialization on PC with Windows NT
[Thr 2292] = (701_REL,Jan 28 2010,mt,ascii-uc,SAP_UC/size_t/void* = 16/64/64)
[Thr 2292] profile param "ssl/ssl_lib" = "E:\usr\sap\WDP\W00\sec\sapcrypto.dll"
resulting Filename = "E:\usr\sap\WDP\W00\sec\sapcrypto.dll"
[Thr 2292] profile param "ssl/server_pse" = "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
resulting Filename = "E:\usr\sap\WDP\W00\sec\SAPSSL.pse"
[Thr 2292] = found SAPCRYPTOLIB 5.5.5C pl29 (Jan 30 2010) MT-safe
[Thr 2292] = current UserID: WDPEHT1\SAPServiceWDP
[Thr 2292] = found SECUDIR environment variable
[Thr 2292] = using SECUDIR=E:\usr\sap\WDP\W00\sec
[Thr 2292] -*ERROR => secudessl_Create_SSL_CTX(): PSE "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" not found! [ssslsecu.c 1354]
[Thr 2292] secudessl_Create_SSL_CTX: SSL_CTX_set_default_pse_by_name() failed --
secude_error 1281 (0x00000501) = "open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned"*-
[Thr 2292] >> -
Begin of Secude-SSL Errorstack -
>>
[Thr 2292] -*ERROR in SSL_CTX_set_default_pse_by_name: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"*-
-*ERROR in ssl_set_pse: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"
ERROR in af_open: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"*-
ERROR in secsw_open: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"
ERROR in secsw_open_pse_or_extension: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"
ERROR in sec_get_PSEtype: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"
ERROR in aux_read_PSEFile: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"
ERROR in aux_file2OctetString: (1281/0x0501) open("E:\usr\sap\WDP\W00\sec\SAPSSL.pse") returned : "Permission denied"
[Thr 2292] << -
End of Secude-SSL Errorstack -
[Thr 2292] *** ERROR => SapISSLAddCredential(): Error SSSLERR_PSE_ERROR trying to create SERVER Credential
for "E:\usr\sap\WDP\W00\sec\SAPSSL.pse" [ssslxxi.c 2278]
[Thr 2292] *** ERROR => Initialization of SSL library failed -- NO SSL available!
[Thr 2292] =================================================
[Thr 2292] <<- ERROR: SapSSLInit(read_profile=1)==SSSLERR_PSE_ERROR
[Thr 2292] *** ERROR => IcmAddService: SapSSLInit (rc=-40): SSSLERR_PSE_ERROR [icxxserv.c 319]
Her is my profile parameter for https.
h6*#Https parameters for Web dispatcher E:\usr\sap\WDP\W00\sec
#icm/server_port_0 = PROT=HTTPS,PORT=443$$
DIR_INSTANCE = E:\usr\sap\WDP\W00\sec
ssl/ssl_lib = E:\usr\sap\WDP\W00\sec\sapcrypto.dll
ssl/server_pse = E:\usr\sap\WDP\W00\sec\SAPSSL.pse
wdisp/ssl_cred = E:\usr\sap\WDP\W00\sec\SAPSSL.pse
ssf/ssfapi_lib = E:\usr\sap\WDP\W00\sec\sapcrypto.dll
sec/libsapsecu = E:\usr\sap\WDP\W00\sec\sapcrypto.dll
ssf/name = SAPSECULIB
wdisp/ssl_encrypt = 0
icm/server_port_1=PROT=HTTPS, PORT=8400, TIMEOUT=120
###icm/server_port_1=PROT=HTTPS, PORT=44302, TIMEOUT=900 (old)
########icm/server_port_0 = PROT=HTTP,PORT=80, TIMEOUT=120
icm/HTTPS/verify_client=0
wdisp/add_client_protocol_header = true
wdisp/auto_refresh = 120
wdisp/max_servers = 100
wdisp/ssl_auth= 0
ms/https_port = 8400
wdisp/HTTP/use_pool_for_new_conn=1
wdisp/HTTPS/dest_logon_group = HTTPS
#wdisp/server_info_protocol = https
#wdisp/group_info_protocol = https
#wdisp/url_map_protocol = https
wdisp/ssl_ignore_host_mismatch = fals
icm/HTTPS/forward_ccert_as_header = true
icm/HTTPS/trust_client_with_issuer = CN = SAP CA,*
icm/HTTPS/trust_client_with_subject = CN = sapwebdisp,*h6
Regards -
Remote Connection to SAP with SAP Web Dispatcher
Dear Experts,
i have installed a SAP Router + SAP ECC 6.0 IDES + SAP Portal 7.0 + SAP Solution Manager 7.0. The remote connection works.
SAP Router is in a DMZ
SAP ECC 6.0 IDES + SAP Portal 7.0 + SAP Solution Manager 7.0 are in another network only for SAP Systems
Fo security reason, i would like to install a SAP Webdispatcher with the SAP Router's Server.
I already:
have extracted the icmadmin.sar file
have executed the sapwebdisp -bootstrap command
have started the web dispatcher with sapwebdisp pf=sapwebdisp.pfl
have activated /sap/public/icman and /sap/public/icf_info/* services inthe SAP Solution Manager
As the saprouttab file for the saprouter, i would like to establish the connection to SAP withe the SAP WebDispatcher.
My questions are:
What are the parameters i have to put in the sapwebdisp.pfl file?
Do i have to create the PERMFILE and the AUTHFILE?
Any example of profil file? (another than the SAP Library example)
Thank you very much for your help in advance.
Best regards.
Pascal Tran.
PS: Here is the sapwebdisp.pfl file
Profile generated by sapwebdisp bootstrap
unique instance number
SAPSYSTEM = 50
add default directory settings
DIR_EXECUTABLE = .
DIR_INSTANCE = .
Accessibility of Message Servers
rdisp/mshost = <Solution_Manager_hostanme>
rdisp/msserv = sapms<Solution_Manager_SID>
ms/http_port = 81<Solution_Manager_Instance_Number>
SAP Web Dispatcher Parameter
wdisp/auto_refresh = 120
wdisp/max_servers = 100
wdisp/shm_attach_mode = 6
configuration for default scenario (medium size)
icm/max_conn = 500
icm/max_sockets = 1024
icm/req_queue_len = 500
icm/min_threads = 10
icm/max_threads = 50
mpi/total_size_MB = 80
#maximum number of concurrent connections to one server
wdisp/HTTP/max_pooled_con = 500
wdisp/HTTPS/max_pooled_con = 500
SAP Web Dispatcher Ports
icm/server_port_0 = PROT=HTTP,PORT=8050
SAP Web Dispatcher Web Administration
icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=./admin,AUTHFILE=icmauth.txt
Hostname per default
icm/host_name_full = <SAP_Router_Hostname>Hello,
The two important paramters are covered in your profile.
Accessibility of Message Servers
rdisp/mshost = <Solution_Manager_hostanme>
rdisp/msserv = sapms<Solution_Manager_SID>
ms/http_port = 81<Solution_Manager_Instance_Number>
And the port on which your webdispatcher listens from outside world.
icm/server_port_0 = PROT=HTTP,PORT=8050
For additional security you can use the https port also.
I dont think you need to maintain any other file manually.
I had configured web dispatcher but for 640 stack. It should be more or less the same.
An example file sapwebdisp.pfl
Profile generated by sapwebdisp bootstrap
unique instance number
SAPSYSTEM = 1
Accessibility of Message Servers
rdisp/mshost = <hostname>
ms/http_port = 8101
ms/https_port = 8005
SAP Web Dispatcher Parameter
wdisp/auto_refresh = 120
wdisp/max_servers = 100
wdisp/shm_attach_mode = 6
configuration for default scenario (medium size)
icm/max_conn = 500
icm/max_sockets = 1024
icm/req_queue_len = 500
icm/min_threads = 10
icm/max_threads = 50
mpi/total_size_MB = 80
#maximum number of concurrent connections to one server
wdisp/HTTP/max_pooled_con = 500
wdisp/HTTPS/max_pooled_con = 500
wdisp/shm_attach_mode = 6
SAP Web Dispatcher Ports
icm/server_port_0 = PROT=HTTPS,PORT=1443
icm/server_port_1 = PROT=HTTP,PORT=1081
icm/HTTPS/verify_client = 0
SAP Web Dispatcher Web Administration
icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=./admin
DIR_INSTANCE = C:\Secudir
ssl/ssl_lib = C:\Secudir\sapcrypto.dll
ssl/server_pse= C:\Secudir\SAPSSLS.pse
wdisp/ssl_cred = SAPSSLS.pse -
UCM 11g web services with HTTP authentication
Is it possible to setup UCM 11g web services with HTTP authentication?
I did setup UCM 11g web services using OWSM policies and are working well.
But my development team wants to consume web services with only HTTP authentication (simple user name and password), do not want to use Keystore files and encryption.
Please help me guys.
Thank you in advanceHi ,
If you are looking to use the WSDL to execute ucm services then use SoapUI IDE on development , there it requires only the http authentication method .
Let me know if this is the actual requirement which you were looking for or if I have missed the point .
I use this to quickly test WSDL and verify if the service being invoked is actually correct or not .
Thanks,
Srinath
Edited by: Srinath Menon on Apr 26, 2013 11:32 AM
Maybe you are looking for
-
I have downloaded ios 6 on my iphone 4s and now all incoming calls go straight to VM any tips?
Hello I have just installed IOS 6 on my Iphone 4s and now when I try to call my iphone all the calls go straight to Voice mail. Any tips or hints?
-
I can't figure out how to add my soundcloud iframe code.etc in my site in cc 2014?
Im having trouble adding codes to my animated site.i have everything ready,i just need to add forms and players from others sites and what not,but i cant figure out how to make a div a iframe, and no one is making videos on this problem or asking abo
-
How can I link Apple TV (Gen1) to Time Capsule (Gen 4)?
Everyone I am using a the above mentioned Time Capsule as privat WiFi Network for our devices at home (MacBook Pro, iPhones & iPads). The Time Capsule itself is connected to a DSL Modem by means of an ethernet cable. So far so good. Newly I have got
-
I have the latest Xcode build and I commonly place ivars in both the @interface section and the @implementation section. This is actually very useful to bridge from Objective-C to C++. I keep all the C++ definintions in the .mm, allowing the .h fil
-
My "mail" on my ipad is not accepting my password but it is correct
can you please let me know how to fix this. i enter the correct password (i checked on my laptop and it says it is correct) but my app "mail" on my ipad keeps telling me it is wrong.