09-11-2008 6:55 AM
Hi gurus,
We can reach our bw reports via web browser. When the user tries to run a bw report, a simple logon screen is displayed. The user enters the username and password, he/she reaches a menu of bw reports.
But we realized that, when the user's password expires, user can still logon the system without problem. This is a big hole in our security.
Is there a way in standarts to make the logon screen be displayed whenever the user tries to logon the system through web without any development(BSP etc.)?
I tried to change the Bex service properties from sicf, but I couldn't succeed it.
Any suggesstions
Tolga
09-11-2008 10:39 AM
Hi Tolga,
You might have a look at [OSS Note 498936|https://service.sap.com/sap/support/notes/498936].
This will certainly get you on the right track.
Kind regards,
Lodewijk Borsboom
09-11-2008 10:39 AM
Hi Tolga,
You might have a look at [OSS Note 498936|https://service.sap.com/sap/support/notes/498936].
This will certainly get you on the right track.
Kind regards,
Lodewijk Borsboom
09-12-2008 7:22 AM
Hi Lodewijk Borsboom,
I searched the note. Thanks alot. I want to clear a point here.
Is setting up https a prerequisite for this issue?
Thanks alot
Tolga
09-12-2008 8:05 AM
No it's not.
You can use the parameter &bspdontshowhttpswarning=X (not mentioned in the note) to hide the warning message.
There's also a useful [How to Guide|https://webservice.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/aaa1a890-0201-0010-eb93-ae3d2bb74a78], information on [SAP Help|http://help.sap.com/saphelp_nw04/helpdata/EN/54/3d372c9705ae44b6c028858bfbd71f/content.htm] and a [nice blog item|http://sapport.blogspot.com/2008/05/customizing-of-logon-screens-for-bw-web.html] about this issue.
kr,
Lodewijk