Index page of Web Application Server / Security

Former Member · ‎02-20-2006

Hi all

We are running EP 6.0 and I realized that an end user

can change the Portal URL

to

and gets the index page of the web application server

with all options like user management etc.

The end user can then even login with his user name/password.

How can I prevent end users from using this index page?

Thanks for your help

Paul

Former Member · ‎11-28-2008

Hi

In Visual Admin , go to HTTP provider > Runtime >

Set Root Directory = /usr/sap/<System ID>/<Instance Id>/j2ee

Set Start page = /irj

Save and restart the server.

Regards

Manish Gupta

Former Member · ‎02-23-2006

The index.html file is found here:

/usr/sap/<instance>/JC<sys number>/j2ee/cluster/server<0..x>/apps/sap.com/com.sap.engine.docs.examples

/servlet_jsp/_default/root

You can rename index.html to index2.html and create an index.jsp there with this:

<%@ page language="java" %>
<html>
<body>
<% response.sendRedirect("/irj/portal"); %>
</body>
</html>

IMPORTANT 1: If you or any other administrator ever need to access the system info, user mgt, then you'll have to go to:

IMPORTANT 2: After you apply a service pack, you may need to re-do this. So for our site I scripted this process.

IMPORTANT 3: If you are on a machine that has multiple server nodes, then you will have to do this under each server directory:

/usr/sap/<instance>/JC<sysnumber>/j2ee/cluster/server0

/usr/sap/<instance>/JC<sysnumber>/j2ee/cluster/server1

/usr/sap/<instance>/JC<sysnumber>/j2ee/cluster/server2

and if you have multiple machines in a J2EE cluster, you will have to do this on every machine, and in each server node directory.

Ray

P.S. If helpful, please award points

Finding a Service in SPROXY transaction created in...