cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to restrict the URL access of Web Dynpro Application

Go to solution
Former Member

on ‎10-30-2008 6:31 PM

0 Kudos

Hi,

Is there a way to restrict the URL access of a Web Dynpro Application. We just want our users to acess some of the ouf of the box WDs thru Portal only, not thru any direct URL.

e.g.

We want our users to view this ENdUserApp only thru Portal iView.

[http://Portal:port/webdynpro/dispatcher/sap.com/tcsecumewdumeadmin/MaintainUserDetailApp]

They should not be able to access the application thru its URL.

This is because, we have applied some implicit WD personalization to these WD apps thru Portal iView, but somehow these personalization does not come into effect when you access the same app thru URL. Hence we would like to restrict the URL access to these apps.

Any help is appreciated.

Thanks

Edited by: Aakash Jain on Oct 30, 2008 7:31 PM

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎10-31-2008 7:07 AM
0 Kudos

Hi,

Following suggestion might be of use for you



 if(!WDPortalUtils.isRunningInPortal())
		 //TODO: Stop your application or dont render the right views or through an error message

Regards

Ayyapparaj

Show replies
Show replies
Former Member
‎10-31-2008 1:52 PM
0 Kudos

Thanks for your reposnses,

but none of them work, its a ouf of the box application. So I can not modify it in any sense.

Also I forgot to mention, i want to restrict it from the user admins also. They should not be able to access this thru the URL....

The reason I have to do it, I have applied some implicit personalization to the User Admin View in Portal. It works pretty well as long as the user admin access the UME application thru Portal. However if they access the application thru the the direct URL, the personalization doesnot work.

Is there any better way to acheive this?

Thanks

former_member194668
Active Participant
‎10-31-2008 6:02 PM
0 Kudos

Hi Aakash,

What is the "personalization" that you have applied that can only work in portal?

Is it related to themes?

If so, you can try the following...

1. Go to visual administrator and server > services > Configuration Adapter > WebDynpro > sap.com > tcwddispwda > Property Sheet Default. Open it in edit mode.

Select the property sap.theme.default and set the following custom value.

http://<server>:<port>/webdynpro/resources/sap.com/tcwddispwda/global/SSR/themes/<theme name>

And sap.useWebDynproStylesheet = false

2. Restart the server (optional: if theme works, restart is not needed).

-Aarthi

Former Member
‎10-31-2008 6:16 PM
0 Kudos

Thanks Aarthi,

Its not the themes, its the iplicit personalization.

The Visual aspects pf personalization, hiding/showing some UI elemnts thru configuration.

Thanks

former_member194668
Active Participant
‎10-31-2008 6:42 PM
0 Kudos

Hi Aakash,

There is way to restrict direct access to URLs, thru gateway.

I'm searching for it. The Basis in my company did it, I'm trying to find out how they did it.

You can access only the main websiste, if you try to access url like /useradmin... or /index.html... it says invalid url.

I hope this is the kind of solution you are looking for.

I'll let you know, if I find out.

-Aarthi

former_member194668
Active Participant
‎10-31-2008 8:06 PM
0 Kudos

Hi Aakash,

This is a basis kind of configuring solution...

We need have a Web Dispatcher to restrict urls,

The following link describes how to ...

http://help.sap.com/saphelp_nw70/helpdata/EN/42/5cfd3b0e59774ee10000000a114084/frameset.htm

Hope this helps.

-Aarthi

Former Member
‎11-03-2008 4:15 PM
0 Kudos

Thanks Aarthi,

It surely will help me.

Your points are on their way

Aakash.

Answers (3)

Answers (3)

Former Member
‎11-03-2008 4:54 PM
0 Kudos

Aakash,

If you restrict direct URL access to a Webdynpro application using SAP Web Dispatcher as a URL Filter

can you allow certain urls but restrict other? our requirement might be to allow URL access for some Webdynpro's but restrict for others.

Show replies
Show replies
Former Member
‎11-04-2008 10:43 PM
0 Kudos

Hey KF,

I think it should be possible to restrict certain apps but allow others.

Did you see the SAP help, http://help.sap.com/saphelp_nw70/helpdata/EN/42/5cfd3b0e59774ee10000000a114084/frameset.htm

It is mentioned, 

Even if users are able to log onto the SAP System without permission, you can set explicitly which applications can be executed.

So I would think it should be possible to do what you are looking for.

Thanks

Edited by: Aakash Jain on Nov 4, 2008 11:43 PM

Former Member
‎10-31-2008 6:53 AM
0 Kudos

Hi,

In webdynpro java, when you create new application using wizard there you can see a check box called authentication. If you check that checkbox then whenever you run your application it will ask for portal user credentials that way you can authenticate your WD4J application.

Regards

Raghu

Show replies
Show replies
Former Member
‎10-30-2008 6:37 PM
0 Kudos

HI,

First of all users won't be aware of this URL unless and until you provide them the correct url.

Just to make it work from Portal, you can set parameter applicaiton properties for your WD iView in portal. In your WD Application read this parameter and if you find its value then go ahead with further processing else just navigate to a different page displaying a message to the user that they are not authorized to use it in this way.

Regards,

Murtuza

Show replies
Show replies
Former Member
‎10-30-2008 6:47 PM
0 Kudos

Hey Murtuza,

Thanks for your reply.

Well, my users are pretty clever, they know of these URLs already

So I have to block the URL access.

And about reading the iView parameter, I cant do it. Its a ouf of the box WD App.

Thanks

Aakash

Former Member
‎10-30-2008 8:50 PM
0 Kudos

In netweaver developer studio if you select the webdynpro application, in the properties window you can set the authentication property to true, so that users get a prompt to authenticate before running the webdynpro application outside portal. By default it is false. This works good for custom. But out of box webdynpro applications have authentication setup to true by default. If your end user tries to access the UME URL they need to authenticate and still they cannot do anything if they don't have the user admin role assigned to them. It should not be an issue as long as they don't have the user admin role.

Ask a Question