cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

No switch to HTTPS occurred, so it is not secure to send a password

Former Member

on ‎09-13-2010 3:54 AM

0 Kudos

We have implemented SSO and it was working fine, but after applying the latest support packs

we have noticed that going from ESS Applications (ITS based) to Webdynpro in SAP Portal stops with logon screen and the message: No switch to HTTPS occurred, so it is not secure to send a password.

There is no any errors produced in the logs (WP log, java logs). The only what visible in HTTP trace files that

ITS issues command "logoff" and therefore the login screen appears with the message "No switch to HTTPS occurred..."

The problem only happens when switching from ESS ITS based applications to Webdynpro applicaions inside the portal.

It does not happen when switching from Webdynpro to ESS (ITS). ALL SSO ceritificates are fine as we can work with Webdynpro applications or ESS applicatons without any issues, but as soon as we switch from ESS (ITS) to Webdynpro the error occures.

I have logged the call with SAP, and after 10 days of investigating the logs and not finding any errors, SAP replies:

"Please read through the note 870126 that we can't support these services on the integrated ITS, as they have been designed for the external ITS instead."

Any help is much appreciated.

Thanks and regards

Val.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

cris_hansen
Advisor
Advisor
‎09-13-2010 7:09 PM
0 Kudos

Hello Val,

Probably the ITS application is sending a "&sap-sessioncmd=USR_ABORT&~SAPSessionCmd=USR_ABORT&SAPWP_ACTIVE=1", causing the "logoff". You may see this doing an HttpWatch trace (probably already did for the OSS message).

If the "SAPWP_ACTIVE=1" is indeed there, then the ITS is NOT the culprit - the session management, in this case, is done by the Portal (component EP-PIN-AI-SRA). You may find SAP note 1029194 (Portal - Integrated ITS - Session Management) very helpful. SAP note 596698 (Session Release Agent - Typical Problems & Troubleshooting) will help you settings things correctly.

You may see that, after the logoff takes place, the MYSAPSSO2 is deleted or overwritten by a blank one - so the authentication popup should be expected.

So, SAP notes 1029194 and 596698 should provide you with the necessary help to have this solved.

I hope this helps.

Best regards,

Cristiano

Show replies
Show replies
Former Member
‎09-14-2010 12:07 AM
0 Kudos

Oisin and Cristiano,

Thanks for your prompt replies.

Oisin, we are running standaone Java portal and standalone abap system, 2 systems running on the same host and the same domain.

Cristiano,

The problem we have is exactly as you described in your reply.

going through the notes now.

Thanks and regards,

Val.

Former Member
‎09-15-2010 1:05 AM
0 Kudos

Hi all,

the solution has been found. On one of the ESS (ITS) service ZEMP "Error Page"-> "Logoff Page" radio button redirect toURL:

/sap/bc/bsp/sap/zess/logoff.htm was selected. This selected option was causing the problem. Unselecting this option resolved the issue. As I mentioned before our dev system is on support pack 21 and prod system is on support pack 20.

This option is still selected in prod system and it is not causing any issues. So, something was changed in the system behaviour after applying support pack 21.

Thanks to everyone for their help.

Regards,

Val.

former_member194364
Active Contributor
‎09-13-2010 12:37 PM
0 Kudos

Can you provide more details for your landscape

Are the ITS Services on an Integrated WAS or Standalone ITS 6.20?

Where do the ESS Webdynpro services reside? ABAP or J2EE stack?

ITS may not be the best forum for this issue; from your initial description - the Webdynpro forum(Java/ABAP) might be more suitable

Show replies
Show replies
Ask a Question