on 09-21-2008 3:38 PM
Dear Experts,
We have installed SRM 5.0 Business Package (BP) in our portal 7.0 and connected it to our SRM 5.0 (SRM_SERVER 550 ) as backend system. The BP contains a set of IAC iviews to run in the SRM system.
However, when we try to display the BP IAC iviews from the portal we get an error message in the SRM system:
ITS, User session could not be created
Transaction Canceled ITS_P 018 ( illegal host in ~designbaseurl )
Thanks for your help,
Eyal
Easiest solution is to patch the kernel of the backend system. Kernel 177 is advised, but as a complete set is not avaiable yet. You can update the DISP+WORK only, this is sufficient. (worked for me)
A workaround is described in note 1455048.
Goodluck, Toine.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Toine,
I searched in the marketplace and I get a message
that note 1455048 does not exist, is it the correct number?
Thank You,
Eyal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Dear Mukesh,
Please read notes in this order:
1245048
19466
1236729
It helped us maybe it will help you,
If you not sure maybe consult OSS,
Regards,
Eyal
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
were you able to resovle this issue. I m facing the same one. Can you please suggest the solution.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Check this SAP Note# 889454
*************
Both the integrated ITS and the external ITS contain some checks for averting possible cross-site scripting attacks. A possible attack could entail infiltration of a CSS file from an external host (in this case a cascading style sheet) via the parameter ~designbaseurl.
To prevent this, the ITS, by default, allows only the current host on which the integrated or external ITS is running to be specified in ~designbaseurl. To extend this to a complete domain, proceed as follows:
For the external ITS:
In the "Security/AllowDesignsFrom" key in the register, enter a list of permitted hosts or domains separated by commas, for example: <key name="Security">
< value name="AllowDesignsFrom" type="text">myhost,.company.com</value> </key>
For the integrated ITS:
Set the parameter in the profile file as follows, for example:
itsp/Security/allow_designs_from = myhost,. company.com
Enter the parameter blank in the local profile file to avoid possible error messages due to a parameter not being set. The error message does not occur and the system does not perform a check.
Caution: Depending on the kernel patch used, this behavior may differ. It may only be reached as of a certain patch level. On this topic, see Note 1245048.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
9 | |
8 | |
6 | |
6 | |
6 | |
5 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.