cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Possible to restrict HTTP access to specific client IP addresses?

Go to solution
Former Member

on ‎06-28-2006 10:02 AM

0 Kudos

As written in the subject, only special clients should be able to access WEBAS Java / Netweaver Portal applications. Documenation and SDN researches brought no result.

The preferred way would be to use a built in feature of ICM. How about WebDispatcher? Would it also be possible to use this kind of software?

Possible but not a nice solution would be to use apache reverse proxy in front of webas and to distribute the url to the clients. This should be the last solution if WebDispatcher or ICM config does not do the trick.

Regards,

Christian

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎07-04-2006 6:52 PM
0 Kudos

Hi Christian,

you can use the so called authentication subhandler.

Additional information can be found in the Help-Portal :

<a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/16/12e34143b15f24e10000000a1550b0/frameset.htm">Documentation for authentication subhandler</a>

Kind Regards,

Thomas

Show replies
Show replies
Former Member
‎07-05-2006 9:45 AM
0 Kudos

Hi Thomas,

Thank you for the answer. Unfortunately this setting is available as of NW 2004s and we currently have NW 2004.

Regards,

Christian

Answers (2)

Answers (2)

Former Member
‎07-05-2006 10:16 AM
0 Kudos

Hi Christian,

as the SAP Web Dispatcher does not depend on the backend

system you can use the 7.00 Web Dispatcher in front of

your system and use the functionality as described in the documentation.

Kind Regards

Thomas

Show replies
Show replies
Former Member
‎07-05-2006 10:28 AM
0 Kudos

Hi Thomas,

You are right, we could use the new web dipatcher.

The only drawback I see when using webdispatcher/reverse proxy in general is that one can bypass these components by using the "normal" webas/portal url (port) in browser. Thats some kind of problem because most users will have bookmarks which directs them directly to portal.

Do you know of any solution to restrict webas to only accept web dispatcher connections?

Regards,

Christian

Former Member
‎07-05-2006 2:28 PM
0 Kudos

Hi Christian,

there is no way to configure such a restriction ..

Possibly you can get this feature with setting up your network accordingly or you can check if somehow with HTTPS this can be reached by only allowing certain client certificates ..

Kind Regards

Thomas

Former Member
‎07-05-2006 7:53 AM
0 Kudos

Hi,

perhaps you could have a look and use the BindAddress attribute of the Ports property of the HTTP Provider Service on Web AS Java. Using this attribute you can bind the server socket to a specific IP address. In my opinion this should work in your case.

More info about property and configuration steps <a href="http://help.sap.com/saphelp_nw04/helpdata/en/5b/82d3c3ee9691418e6b0281f933a37d/frameset.htm">here</a>.

Hope that helps!

Show replies
Show replies
Former Member
‎07-05-2006 9:55 AM
0 Kudos

Hi,

Thank you for the answer but I don't think this will help for my case. This attribute is server side, meaning you can bind the j2ee server to a specific IP address (that is the "listening" IP address). What I want is to restrict client IP addresses.

Regards,

Christian

Ask a Question