Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Security problem in System logon via web in BW 3.5

Hi gurus,

We can reach our bw reports via web browser. When the user tries to run a bw report, a simple logon screen is displayed. The user enters the username and password, he/she reaches a menu of bw reports.

But we realized that, when the user's password expires, user can still logon the system without problem. This is a big hole in our security.

Is there a way in standarts to make the logon screen be displayed whenever the user tries to logon the system through web without any development(BSP etc.)?

I tried to change the Bex service properties from sicf, but I couldn't succeed it.

Any suggesstions

Tolga

replied

No it's not.

You can use the parameter &bspdontshowhttpswarning=X (not mentioned in the note) to hide the warning message.

There's also a useful [How to Guide|https://webservice.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/aaa1a890-0201-0010-eb93-ae3d2bb74a78], information on [SAP Help|http://help.sap.com/saphelp_nw04/helpdata/EN/54/3d372c9705ae44b6c028858bfbd71f/content.htm] and a [nice blog item|http://sapport.blogspot.com/2008/05/customizing-of-logon-screens-for-bw-web.html] about this issue.

kr,

Lodewijk

0 View this answer in context
Not what you were looking for? View more on this topic or Ask a question