on 09-13-2010 5:11 PM
Hi Expert,
I canu2019t login min my web dispatcher with with http://sapeht1:8100/sap/admin. That was working for some dag befor.
I get this error.
*trc file: "dev_webdisp", trc level: 1, release: "701"
-
sysno 00
sid WDP
systemid 562 (PC with Windows NT)
relno 7010
patchlevel 0
patchno 68
intno 20020600
make: multithreaded, Unicode, 64 bit, optimized
pid 804
[Thr 3320] started security log to file dev_icm_sec
[Thr 3320] SAP Web Dispatcher running on: wdpeht1
[Thr 3320] MtxInit: 30001 0 2
[Thr 3320] IcmInit: listening to admin port: 65000
[Thr 3320] IcrCoreInitSessionTable: Session table initialized
[Thr 1252] *** WARNING => HttpPlugInInit: Parameter icm/HTTPS/trust_client_with_issuer or icm/HTTPS/trust_client_with_subject not set => do not trust any intermediary
X.509 cert data will be removed from header [http_plgrt.c 723]
[Thr 1252] HttpSubHandlerAdd: Added handler HttpRedirectHandler(slot=0, flags=4098) for /:0
[Thr 1252] HttpSubHandlerAdd: Added handler HttpRedirectHandler(slot=1, flags=4098) for /:0
[Thr 1252] HttpSubHandlerAdd: Added handler HttpRedirectHandler(slot=2, flags=4098) for /:0
[Thr 1252] HttpExtractArchive: files from archive E:\usr\sap\WDP\SYS\exe\nuc\NTAMD64/wdispadmin.SAR in directory
E:/usr/sap/WDP/W00/data/icmanroot are up to date
[Thr 1252] HttpSubHandlerAdd: Added handler HttpAdminHandler(slot=3, flags=4101) for /sap/admin:0
[Thr 1252] CsiInit(): Initializing the Content Scan Interface
[Thr 1252] PC with Windows NT (mt,unicode,SAP_CHAR/size_t/void* = 16/64/64)
[Thr 1252] CsiInit(): CSA_LIB = "E:\usr\sap\WDP\SYS\exe\nuc\NTAMD64\sapcsa.dll"
[Thr 1252] HttpSubHandlerAdd: Added handler HttpAuthHandler(slot=4, flags=12293) for /:0
[Thr 1252] HttpSubHandlerAdd: Added handler HttpWebDispHandler(slot=5, flags=28677) for /:0
[Thr 1252] Started service 80 for protocol HTTP on host "wdpeht1"(on all adapters) (processing timeout=60, keep_alive_timeout=30)
[Thr 3320] IcmCreateWorkerThreads: created worker thread 0
[Thr 3320] IcmCreateWorkerThreads: created worker thread 1
[Thr 3320] IcmCreateWorkerThreads: created worker thread 2
[Thr 3320] IcmCreateWorkerThreads: created worker thread 3
[Thr 3320] IcmCreateWorkerThreads: created worker thread 4
[Thr 3320] IcmCreateWorkerThreads: created worker thread 5
[Thr 3320] IcmCreateWorkerThreads: created worker thread 6
[Thr 3320] IcmCreateWorkerThreads: created worker thread 7
[Thr 3320] IcmCreateWorkerThreads: created worker thread 8
[Thr 3320] IcmCreateWorkerThreads: created worker thread 9
[Thr 2904] IcmWatchDogThread: watchdog started
[Thr 2164] Mon Sep 13 16:10:53 2010
[Thr 2164] *** ERROR => NiPConnect2: SiPeekPendConn failed for hdl 8 / sock 32872
(SI_ECONN_REFUSE/10061; I4; ST; 192.168.50.11:8100) [nixxi.cpp 2835]
[Thr 2164] *** ERROR => Connection request from (-1/65535/0) to host: sapeht1.ssi.ad, service: 8100 failed (NIECONN_REFUSED) [icxxconn.c 2738]
[Thr 2164] *** ERROR => IcmConnClientRqCreate() failed (rc=-8) [icrxx.c 5284]
[Thr 2164] *** ERROR => Could not connect to SAP Message Server at sapeht1.ssi.ad. URL=/msgserver/text/logon?version=1.2 [icrxx.c 2634]
[Thr 2164] *** ERROR => rc=-1, HTTP response code: 0 [icrxx.c 2635]
[Thr 2164] *** ERROR => see also OSS note 552286 [icrxx.c 2636]*
Any help,
Regard
Hello,
as per the error the web dispatcher is not able to connect in message server:
ERROR => Could not connect to SAP Message Server at sapeht1.ssi.ad. URL=/msgserver/text/logon?version=1.2
The message server host is sapeht1.ssi.ad and the port is 8100 as per your profile.
Try open a browser in the web dispatcher server and open the URL below:
http://sapeht1.ssi.ad:8100/msgserver/text/logon?version=1.2
You should get something like that in the browser:
version 1.2
<instance>
DIAG <server> 3200 LB=6
RFC <server> 3300
HTTP <server> 8000
HTTP <server> 8000 VHOST=0
This is only an example.
You should check if there is network connectivity between the web dispatcher server and the message server.
Cheer, Clebio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Clebio,
Thanks for help.
There is network connectivity between the web dispatcher server and the message server.
I can ping web dispatcher server from message server and ping message server from web dispatcher server .
Is it possible that OS windows opdate mack problem for my web dispatcher?
Regard
Hello,
The command ping is not a good test because you will check only the ICMP protocol.
Sometimes you have firewall only for TCP protocol and not ICMP.
The better connectivity test is with the browser with the URL mentioned.
You also can try test with the telnet command, that will test the TCP protocol:
telnet sapeht1.ssi.ad 8100
Clebio
Hi Clebio,
I did tried with telnet sapeht1.ssi.ad 8100
I get this error :
*HTTP/1.0 400 BAD REQUEST
Date: Tue, 14 Sep 2010 06:41:09 GMT
SAP Message Server, release 701 (EHT)
content-type: text/html
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>400 BAD REQUEST</TITLE>
</HEAD><BODY>
<H1>400 BAD REQUEST</H1>
<p>The following error occured:
<p>MsHttpGenHeader: required field ~server_protocol not found (msxxhttp.c [7763])
<p>SAP Message Server, release 701 (EHT)
</BODY></HTML>*
And form web dispatcher with this url http://sapeht1.ssi.ad:8100/msgserver/text/logon?version=1.2
I get this info.:
*version 1.2
sapeht1_EHT_00
DIAG sapeht1 3200 LB=10
RFC sapeht1 3300
HTTP sapeht1 8000
HTTPS sapeht1 8400
SMTP sapeht1 25025
HTTP sapeht1 8000 VHOST=0
HTTPS sapeht1 8400 VHOST=0
SMTP sapeht1 25025 VHOST=0*
There is no web dispatcher and message server are on DMZ so there is no firewall between this to servere.
Regard
Any help.
I use this web dispatcher for load balancing ours web shop on test environment.
The communication from internet to web dispatcher and from web dispatcher to MS server working fine.
But my problem is that I cannot use
http://sapeht1:8100/sap/admin to login on to web dispatcher.
Pleas Any idea
sorry.. dumb answer in the first post here since the URL you're calling isn't the web dispatcher admin screen.
Can you post your DEFAULT profile that shows your message server profile parms?
also, to check the profile you'll need to use the profile name:
sapwebdisp pf=WDP_W00_wdpeht1 -checkconfig
run this from the directory the profile is in.
Edited by: William Smallwood on Sep 14, 2010 5:45 PM
Hi William.
Her is info from profile file.
*SAPSYSTEMNAME = WDP
SAPGLOBALHOST = wdpeht1
SAPSYSTEM = 00
INSTANCE_NAME = W00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_CT_RUN)
DIR_PROFILE = $(DIR_INSTALL)\profile
PF = $(DIRPROFILE)\WDP_W00_wdpeht1
#----
Start webdispatcher
#----
WD = $(DIREXECUTABLE)\sapwebdisp$(FT_EXE)
Start_Program_00 = local $(_WD) pf=$(_PF)
SAPSYSTEMNAME = WDP
SAPGLOBALHOST = wdpeht1
SAPSYSTEM = 00
INSTANCE_NAME = W00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_CT_RUN)
Regard
Hi William.
when I run *sapwebdisp pf=WDP_W00_wdpeht1 -checkconfig * og command prop on web dispatcher <i get this error.
*C:\Documents and Settings\wdpadm>sapwebdisp pf=WDP_W00_wdpeht1 -checkconfig
sapwebdisp=>sapparam(2): fopenU("WDP_W00_wdpeht1","r"): No such file or directory
Checking SAP Web Dispatcher Configuration
=========================================
maximum number of sockets supported on this host: 8192
Server info will be retrieved from host: : with protocol: http
Checking connection to message server...
ERROR: Connection to message server failed: NIESERV_UNKNOWN
Check ended with 1 errors, 0 warnings*
And her my MS profile:
#.*****************************************************************************************************************************
#.* *
#.* Default profile DEFAULT *
#.* *
#.* Version = 000001 *
#.* Generated by user = REJ_1 *
#.* Generated on = 06.05.2010 , 15:17:50 *
#.* *
#.******************************************************************************************************************************
SAPDBHOST = sapeht1
j2ee/dbtype = ora
j2ee/dbname = EHT
j2ee/dbhost = sapeht1
SAPSYSTEMNAME = EHT
SAPGLOBALHOST = sapeht1
#----
SAP Message Server for ABAP
#----
rdisp/mshost = sapeht1
rdisp/msserv = sapmsEHT
rdisp/msserv_internal = 3900
login/system_client = 001*
And her is Start profile from MS server.:
#.*****************************************************************************************************************************
#.* *
#.* Instance profile EHT_DVEBMGS00_SAPEHT1 *
#.* *
#.* Version = 000015 *
#.* Generated by user = REJ *
#.* Generated on = 16.06.2010 , 16:59:26 *
#.* *
#.******************************************************************************************************************************
#parameter created by: REJ_1 15.06.2010 08:31:10
icm/server_port_2 = PROT=SMTP, PORT=25025
#parameter created by: REJ_1 15.06.2010 08:22:49
#old_value: PROT=HTTPS,PORT=443 changed: REJ_1 15.06.2010 08:33:33
#old_value: PROT=HTTPS,PORT=8001 changed: REJ 16.06.2010 09:33:36
#old_value: PROT=HTTPS,PORT=443 changed: REJ 16.06.2010 16:59:10
icm/server_port_1 = PROT=HTTPS,PORT=8400
SAPSYSTEMNAME = EHT
SAPGLOBALHOST = sapeht1
SAPSYSTEM = 00
INSTANCE_NAME = DVEBMGS00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_INSTANCE)\exe
#parameter created by: REJ_1 06.05.2010 15:23:06
#old_value:
sapehp1\sapmnt\trans changed: REJ_1 06.05.2010 15:43:27
#old_value: f:\usr\sap\trans changed: TEST 06.05.2010 16:29:22
DIR_TRANS =
sapehp1\sapmnt\trans
rdisp/wp_no_dia = 10
rdisp/wp_no_btc = 3
icm/server_port_0 = PROT=HTTP,PORT=80$$
#----
SAP Message Server parameters are set in the DEFAULT.PFL
#----
ms/server_port_0 = PROT=HTTP,PORT=81$$
rdisp/wp_no_enq = 1
rdisp/wp_no_vb = 1
rdisp/wp_no_vb2 = 1
rdisp/wp_no_spo = 1
DIR_CLIENT_ORAHOME = $(DIR_EXECUTABLE)
ssl/ssl_lib = $(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL)
#old_value: $(ssl/ssl_lib) changed: REJ_1 07.05.2010 09:15:01
sec/libsapsecu = F:\usr\sap\EHT\SYS\exe\uc\NTAMD64\sapcrypto.dll
#old_value: $(ssl/ssl_lib) changed: REJ_1 07.05.2010 09:13:34
ssf/ssfapi_lib = F:\usr\sap\EHT\SYS\exe\uc\NTAMD64\sapcrypto.dll
login/accept_sso2_ticket = 1
login/create_sso2_ticket = 2*
Regard
Right.. that's the profile for the Web Dispatcher though.
How about the default profile for the instance you are connecting to?
You defined the following in the Web Dispatcher profile.
rdisp/mshost = sapeht1.ssi.ad
ms/http_port = 8100
Look at the definition in the instance/default profile of the instance you are connecting to (either the SCS or ABAP server) on sapeht1.ssi.ad.
Hi William.
when I run *sapwebdisp pf=WDP_W00_wdpeht1 -checkconfig * og command prop on web dispatcher
I get this error.
C:\Documents and Settings\wdpadm>sapwebdisp pf=WDP_W00_wdpeht1 -checkconfig
sapwebdisp=>sapparam(2): fopenU("WDP_W00_wdpeht1","r"): No such file or director
y
Checking SAP Web Dispatcher Configuration
=========================================
maximum number of sockets supported on this host: 8192
Server info will be retrieved from host: : with protocol: http
Checking connection to message server...
ERROR: Connection to message server failed: NIESERV_UNKNOWN
Check ended with 1 errors, 0 warnings
C:\Documents and Settings\wdpadm>
And MS profle file:
#.******************************************************************************************************************************
#.* *
#.* Default profile DEFAULT *
#.* *
#.* Version = 000001 *
#.* Generated by user = REJ_1 *
#.* Generated on = 06.05.2010 , 15:17:50 *
#.* *
#.******************************************************************************************************************************
SAPDBHOST = sapeht1
j2ee/dbtype = ora
j2ee/dbname = EHT
j2ee/dbhost = sapeht1
SAPSYSTEMNAME = EHT
SAPGLOBALHOST = sapeht1
#----
SAP Message Server for ABAP
#----
rdisp/mshost = sapeht1
rdisp/msserv = sapmsEHT
rdisp/msserv_internal = 3900
login/system_client = 001
Regard
K. next I would look at the dev_ms in your work directory and make sure that it started the message server port again. You can also try one of two things:
Add ms/http_port = 81$$ or 8100 to the DEFAULT profile. Looks like you have redundant profile paramaters for the message server.
or move ms/server_port_0 to the DEFAULT profile for the message server.
ms/server_port_0 should be starting the http service for the message server. confirm this by looking at the dev_ms and seeing if it started listing with an http process.
And her is Start profile from MS server.
#.* Instance profile EHT_DVEBMGS00_SAPEHT1
icm/server_port_1 = PROT=HTTPS,PORT=8400
SAPSYSTEMNAME = EHT
SAPGLOBALHOST = sapeht1
SAPSYSTEM = 00
INSTANCE_NAME = DVEBMGS00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_INSTANCE)\exe
#parameter created by: REJ_1 06.05.2010 15:23:06
#old_value:
sapehp1\sapmnt\trans changed: REJ_1 06.05.2010 15:43:27
#old_value: f:\usr\sap\trans changed: TEST 06.05.2010 16:29:22
DIR_TRANS =
sapehp1\sapmnt\trans
rdisp/wp_no_dia = 10
rdisp/wp_no_btc = 3
icm/server_port_0 = PROT=HTTP,PORT=80$$
#----
SAP Message Server parameters are set in the DEFAULT.PFL
#----
ms/server_port_0 = PROT=HTTP,PORT=81$$
rdisp/wp_no_enq = 1
rdisp/wp_no_vb = 1
rdisp/wp_no_vb2 = 1
rdisp/wp_no_spo = 1
DIR_CLIENT_ORAHOME = $(DIR_EXECUTABLE)
ssl/ssl_lib = $(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL)
#old_value: $(ssl/ssl_lib) changed: REJ_1 07.05.2010 09:15:01
sec/libsapsecu = F:\usr\sap\EHT\SYS\exe\uc\NTAMD64\sapcrypto.dll
Regard.
one more test to see if it is working. Try http://sapeht1.ssi.ad:8100 and see if you get a response from a web browser. that will tell you if the message server is up and listening on that port.
Hi Thanks for help.
her is my profile file from command line:
E:\usr\sap\WDP\SYS\profile>sapwebdisp pf=WDP_W00_wdpeht1 -checkconfig
Checking SAP Web Dispatcher Configuration
=========================================
maximum number of sockets supported on this host: 8192
Server info will be retrieved from host: sapeht1.ssi.ad:8100 with protocol: http
Checking connection to message server...OK
Retrieving server info from message server...OK
Message Server instance list:
----
+
instance name | hostname | HTTP port | HTTPS port |
----
+
sapeht1_EHT_00 | sapeht1 | 8000 | 8400 |
----
+
Checking ABAP servers with URL "/sap/public/icman/ping":
Checking ABAP server sapeht1:8000...OK
no server group "!J2EE" defined
Retrieving group info from server sapeht1:8000...OK
Defined server groups:
----
+
group name | #entries |
----
+
!DIAG | 1 |
!DIAGS | 1 |
!ALL | 1 |
----
+
Retrieving url info from server sapeht1:8000...OK
Url map info file "/sap/public/icf_info/icr_urlprefix" is OK
Contents of url map file:
----
+
URL | Group | virtual host |
----
+
/sap/public/formgrap | :; | |
/sap_java/ | :; | |
/applicon/ | :; | |
/test30/ | :; | |
/nwbc/ | :; | |
/sap/ | :; |
----
+
Check ended with 0 errors, 0 warnings
I did tried http://sapeht1.ssi.ad:8100 .
I got lonon box but when I used wedadm and my password it do not accept password.
Is it some way to ching og check the password. ?
Regards
The connection check connects to the message server successfully. How are you starting the web dispatcher?
You might start it from the command line using
sapwebdisp pf=E:\usr\sap\WDP\SYS\profile\WDP_W00_wdpeht1
or sapwebdisp pf=WDP_W00_wdpeht1
and check the output. the check you ran connected to the message server just fine so it might be where you're starting it from can't see the profile correctly.
The fact you get a logon prompt means that the message server is OK. That and you got a clean report from the Web Dispatcher check profile command. The URL you should be trying now is:
http://wdpeht1/sap/public/icman/ping
or the one you are having trouble with:
These will use the web dispatcher to connect after you have started it. Try starting it using the commands I gave you able then use these to try and connect.
I can't help with the user name and password other than to tell you it is the same password you'd use to log into your SAP system (not the web dispatcher).
A whole other suggestion is to make sure you really have everything you need in your profile. You've posted several but none of them have a icm/server_port_0 = PROT=HTTP, PORT=80
Run the command:
sapwebdisp -bootstrap and enter the info. save off your profile before you do it and you might need to delete a couple files. Compare the output (which will be like webdisp.pfl or something like that) to what you have in your web dispatcher profile. Also, make sure you use the whole host name when defining host parameters, not just the short name. SAP doesn't like this much.
below is an example of the output for my system using the command. It's a Unix system though so the paths will be different.
Profile generated by sapwebdisp bootstrap
unique instance number
SAPSYSTEM = 80
add default directory settings
DIR_EXECUTABLE = .
DIR_INSTANCE = .
Accessibility of Message Servers
rdisp/mshost = sapeht1.ssi.ad # i added this based on your profile
ms/http_port = 8100
SAP Web Dispatcher Parameter
wdisp/auto_refresh = 120
wdisp/max_servers = 100
wdisp/shm_attach_mode = 6
configuration for large scenario
icm/max_conn = 16384
icm/max_sockets = 16384
icm/req_queue_len = 6000
icm/min_threads = 100
icm/max_threads = 250
mpi/total_size_MB = 500
mpi/max_pipes = 21000
#maximum number of concurrent connections to one server
wdisp/HTTP/max_pooled_con = 2000
wdisp/HTTPS/max_pooled_con = 2000
SAP Web Dispatcher Ports
icm/server_port_0 = PROT=HTTP,PORT=80,TIMEOUT=360,PROCTIMEOUT=1800,HOST=wdpeht1.ssi.ad #please change this if it isn't correct
SAP Web Dispatcher Web Administration
icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=./admin,AUTHFILE=icmauth.txt
Hi Guys,
From reading this post I can see that no one recommended the "icm/server_port_0 = PROT=HTTP,PORT=80" parameter in this thread. This needs to be set for the webdisp to accept connections.
Also can you goto SMMS on the backend and note the rdisp/mshost and ms/http_port parameters and add them to the webdisp (not default or start or instance but the webdisp profile) and restart the webdisp !
Also the webdisp admin is available at http://<webdisp host>:<http listening port>/sap/wdisp/admin/default.html
Hope this helps
Michael
Hi Reza,
To change the webdispatcher admin password please follow the steps below:_
You can run sapwebdisp.exe -bootstrap and create a new profile. Please note the user and password as displayed after the profile generation has run as this is the only time that the user and password is shown for the webdisp.
After you have created the new profile you will have a file called icmauth.txt with the user and password in hashed format.
Copy this newly created file to your old webdisp folder and you can access the admin interface and logon with the password shown from Bootstrap.
Hi,
Her is my web dispatcher parameter from ICM.
From Core System
-
Parameter Settings Refresh
Services
icm/server_port_0 PROT=HTTP,PORT=80
icm/server_port_1 PROT=SMTP,PORT=0
......
From Dispatching Module
-
Parameter Settings Refresh
Message Server
rdisp/mshost sapeht1.ssi.ad
ms/http_port 8100
ms/https_port
.......
Regard
Hi Reza,
Installing the cryprolib for webdispatcher. I have uploaded the following files at the URL below:-
(1) webdisp700_e.pdf - Webdispatcher help.sap.com in pdf format
(2) icm700_e.pdf - ICM help.sap.com in pdf format
(3) HowToWebDispatcher_and_SSL.pdf - Complete steps on how to enable SSL on the webdispatcher for Unix (Including cryptolib installation)
(4) AUTHENTICATIONANDSSO_OVERVIEW.pdf - Overview of Authentication and Single Sign-On in SAP
(5) SAP Web Application Server Security - All you need to know to install and configure SSL on the Backend.
Points 1 & 2 are for reference however 3, 4 & 5 will provide you with all the information required to enable SSL on the webdispatcher and backend !
http://www.sendspace.com/file/pjgzi7
Michael
Hi Michael,
Thanks for that. I did fund this doc.
http://wiki.sdn.sap.com/wiki/pages/viewpage.action?pageId=198739578
regards
Hi is any body know, what is explening for this parameter?
*Session Dispatching
wdisp/HTTP/session_tab_store_hash TRUE
wdisp/HTTP/max_session_tab_entries 50000
wdisp/HTTP/max_session_tab_len 64
wdisp/HTTP/max_session_tab_logon_groups 32
wdisp/HTTP/context_timeout 3600*
My web dispatcher can just have 120 session at the time. If it is more than 120 I get message that no more sission is fri.
Thanks
Hi Reza,
The parameter wdisp/HTTP/max_session_tab_entries is the one that stores the session dispatching. The dafault value is 50000.
From the document I attached in my last reply:-
wdisp/HTTP/max_session_tab_entries = Maximum number of entries in the session ID table. If this limit is exceeded, requests that are not contained in the table are forwarded to a default server (for each logon group). This means there is no longer any load balancing.
So if this table is full then there is no load balancing...
P.S. I don't think this is the answer to the question that you are asking.
P.S.S. Can you show your complete webdisp.pfl in this thread
Michael
Hi Micheal,
Her is my WD.profile.
*SAPSYSTEMNAME = WDP
SAPGLOBALHOST = wdpeht1
SAPSYSTEM = 00
INSTANCE_NAME = W00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_CT_RUN)
#----
Accesssability of Message Server
#----
rdisp/mshost = sapeht1.ssi.ad
ms/http_port = 8100
#----
Configuration for medium scenario
#----
icm/max_conn = 500
icm/max_sockets = 1024
icm/req_queue_len = 500
icm/min_threads = 10
icm/max_threads = 50
mpi/total_size_MB = 80
#-rej-15-09-10--
#Https parameters for Web dispatcher E:\usr\sap\WDP\W00\sec
#----
#icm/server_port_0 = PROT=HTTPS,PORT=443$$
DIR_INSTANCE = E:\usr\sap\WDP\W00\sec
ssl/ssl_lib = E:\usr\sap\WDP\W00\sec\sapcrypto.dll
#ssl/server_pse = E:\usr\sap\WDP\W00\sec\SAPSSL.pse
#wdisp/ssl_cred = E:\usr\sap\WDP\W00\sec\SAPSSL.pse
ssf/ssfapi_lib = E:\usr\sap\WDP\W00\sec\sapcrypto.dll
sec/libsapsecu = E:\usr\sap\WDP\W00\sec\sapcrypto.dll
ssf/name = SAPSECULIB
wdisp/ssl_encrypt = 0
icm/server_port_1=PROT=HTTPS, PORT=44302, TIMEOUT=900
#######icm/server_port_1 = PROT=HTTP,PORT=0
icm/HTTPS/verify_client=0
wdisp/add_client_protocol_header = true
wdisp/auto_refresh = 120
wdisp/max_servers = 100
#----
*
#----
SAP Web Dispatcher Redirects
#----
Certificate
icm/HTTP/redirect_0 = PREFIX=/,FOR=certifikat.test.ssi.dk,TO=/sap/bc/webdynpro/sap/zwda_cert_download?user_language=DA
icm/HTTP/redirect_1 = PREFIX=/,FOR=encertifikat.test.ssi.dk,TO=/sap/bc/webdynpro/sap/zwda_cert_download?user_language=EN
E-shop
icm/HTTP/redirect_2 = PREFIX=/,FOR=*shop.test.ssi.dk,TO=/sap/bc/webdynpro/applicon/wda_applishop
#----
SAP Web Dispatcher Ports
#----
icm/server_port_0 = PROT=HTTP,PORT=80
Unless you have a requirement to terminate SSL at the Web Dispatcher and re-encrypt it (or send it on as HTTP), I'd recomment setting the service type to ROUTER instead of HTTPS for icm/server_port_1. You should be able to find some documentation on this.
So you'd have:
icm/server_port_0 = PROT=HTTP, PORT=80, TIMEOUT=120
icm/server_port_1 = PROT=ROUTER, PORT=443, TIMEOUT=120
You'll also need to name and create a logon group if appropriate.
For number of connections you use the following params:
icm/max_conn = 16384
icm/max_sockets = 16384
icm/req_queue_len = 6000
icm/min_threads = 100
icm/max_threads = 250
mpi/total_size_MB = 500
mpi/max_pipes = 21000
These are the memory and thread parameters used by the dispatcher... and are only examples. The -bootstrap with ask if you wand a small, medium or large install and set these accordingly. You can then tune them how you want.
If you're going to go HTTP to your back end (from Web Dispatcher to the SAP Instance) then you'll need to terminate SSL at the Web Dispatcher which can get a little tricky. It does buy you more load balancing options though since the state of the session is saved.
Hi Willian,
Thanks again,
AS I told I am new on WD, My WD and MS server on DMZ. Du you any exsample to how can I use HTTPS to WD and from WD to MS (backend ) use HTTP?
I am not sure I did understand last part of your answer.
If you're going to go HTTP to your back end (from Web Dispatcher to the SAP Instance) then you'll need to terminate SSL at the Web Dispatcher which can get a little tricky. It does buy you more load balancing options though since the state of the session is saved.
Regards
Hi Reza,
Williams answer above is good as this approach sets up the complete webdispatcher for a large number of connections.
However can you explain this in other terms or maybe give an example of how you hit this limit?
My web dispatcher can just have 120 session at the time. If it is more than 120 I get message that no more sission is fri
The parameters below control the number of concurrent connections that the webdispatcher can handle however you should be able to accept more connections than 120 using the parameters you have specified in the profile.
icm/max_conn = This parameter determines the maximum number of (simultaneous) open connections in the
ICM or in the SAP Web dispatcher.
icm/max_sockets = This parameter determines the maximum number of sockets open (at the same time) in the
ICM or in the SAP Web dispatcher.The SAP Web Dispatcher always requires two sockets for each connection.
Michael
Here is my parameter from ICM
*Parameter Settings Refresh
Services
-
icm/server_port_0 PROT=HTTP,PORT=80
icm/server_port_1 PROT=HTTPS, PORT=44302, TIMEOUT=900
Hard limits
icm/max_services 30
icm/listen_queue_len 512
icm/req_queue_len 500
icm/max_conn 500
icm/max_sockets 8192
handling
-
icm/min_threads 10
icm/max_threads 50
icm/min_spare_threads 3
Tracing and statistic
-
rdisp/TRACE 1
rdisp/TRACE_LOGGING on, 20 m
icm/trace_file dev_webdisp
icm/log_level 0
icm/stat_level 1
icm/security_log LOGFILE=dev_icm_sec,MAXSIZEKB=500
icm/accept_remote_trace_level 0
Timeout handling
-
icm/keep_alive_timeout 60
icm/conn_timeout 5000
icm/max_timeout_net 2000
icm/min_timeout_mpi 5000
HTTP settings
-
icm/HTTP/max_request_size_KB 102400
icm/HTTP/redirect_0 PREFIX=/,FOR=certifikat.test.ssi.dk,TO=/sap/bc/webdynpro/sap/zwda_cert_download?user_language=DA
icm/HTTP/redirect_1 PREFIX=/,FOR=encertifikat.test.ssi.dk,TO=/sap/bc/webdynpro/sap/zwda_cert_download?user_language=EN
icm/HTTP/redirect_2 PREFIX=/,FOR=*shop.test.ssi.dk,TO=/sap/bc/webdynpro/applicon/wda_applishop
icm/HTTP/server_cache_0 PREFIX=/, CACHEDIR=E:\usr\sap\WDP\W00\sec\data\cache
icm/HTTP/admin_0 PREFIX=/sap/admin,DOCROOT=E:\usr\sap\WDP\W00\sec\data\icmanroot/admin,AUTHFILE=E:\usr\sap\WDP\SYS\global\security\data\icmauth.txt
icm/HTTP/auth_0 PREFIX=/,FILTER=SAP
HTTP(S) error handling
is/HTTP/show_detailed_errors TRUE
icm/HTTP/error_templ_path
HTTPS (SSL) settings
icm/HTTPS/verify_client 0
icm/HTTPS/forward_ccert_as_header
icm/HTTPS/trust_client_with_issuer
icm/HTTPS/trust_client_with_subject
ssf/name SAPSECULIB
ssf/ssfapi_lib E:\usr\sap\WDP\W00\sec\sapcrypto.dll
sec/libsapsecu E:\usr\sap\WDP\W00\sec\sapcrypto.dll
ssl/ssl_lib E:\usr\sap\WDP\W00\sec\sapcrypto.dll
Context Quotas
-
icm/HTTP/context_quota 90
icm/HTTPS/context_quota 90
icm/SMTP/context_quota 90
Memory Pipe settings
-
mpi/total_size_MB 80
mpi/buffer_size 65536
J2EE settings
-
rdisp/j2ee_start 0
is/HTTP/default_root_hdl J2EE
Content Filter settings
csi/enable TRUE
csi/SAP/csa_lib E:\usr\sap\WDP\SYS\exe\nuc\NTAMD64\sapcsa.dll
Misc
-
icm/host_name_full wdpeht1
icm/cancel_strategy cancel requests without session (stateless)
rdisp/plugin_auto_logout 1800
is/HTTP/virt_host_0 :;
is/SMTP/virt_host_0 :;
is/use_uds 1
*
Because HTTPS is a stateless protocol the server does not have any information as to the state of the client and can't track where it goes like a normal Dialog Request. Because of this, when it is load balancing your connection it only does it the first time and saves that information to an internal table. The table refreshes based on a timeout parameter but really you are only load balanced the first time you log in. It only load balances up front.
If you terminate SSL at the web dispatcher and use HTTP to the back end the load balancing is different and will be based on individual POSTS (I think it uses POST... I might be mistaken here). So each time you will be load balanced rather than between your logon and the timeout parameter I mentioned above. It works fine though and is usually what I use.
Type ROUTER is a build in protocol in the Web Dispatcher that just forwards the encrypted info on the to the web server.
There's an excellent picture of that I'm talking about here.
http://help.sap.com/saphelp_nw04/helpdata/en/d8/a922d7f45f11d5996e00508b5d5211/content.htm
Looks like you'll need to play with the wdisp/ssl_encrypt=0 parameter to get what you want to work. It also describes the other scenerios.
As Michael said, the examples I gave you are for a very big installation. We have employees for a very large company all doing thier time entry via the web so we get hit very hard at shift changes which is why we need so many connections.
Hello,
I have maintained URL in the ptabfile and can able see all image and screen are fine.
after entering the logon details if i click Logon button nothing happen just in same screen.
below in the url's maintained in ptablefile, could you please check and let me know have i missed any parameter.
P /sap/bc/webdynpro/sap/hress_a_rep_us_online_w2
P /irj*
P /irj/*
P /logon_ui_resources/*
P /logon_ui_resources*
P /AFPServlet/*
P /AFPServlet*
P /com.sap*
P /com.sap/*
P /webdynpro/resources*
P /webdynpro/resources/*
P /sap/public/bc/webdynpro/ssr/*
P /sap/public/bc/ur/Design2002/*
P /sap/public/bc/ur/nw5/*
P /sap/public/bc/icons/*
P /sap/public/bc/WebIcons/ur/default/l/Icon/*
P /AFPServlet/*
P /com.sap.netweaver.coll.appl.ui.room/scripts/*
P /com.sap.portal.*
P /com.sap.ui.lightspeed/js/*
P /com.sap.workflow.admin.template_jwf/images/*
P /htmlb/*
P /irj/go/km/*
P /irj/portal/*
P /irj/portal*
P /irj/servlet/prt/*
P /sap/public/bc/ur/Login/assets/*
D *
I have check in IE and firefox.
Thanks in advance
Regards,
Manoj J
Her is my profile file:
*
Her is my profile file.
*SAPSYSTEMNAME = WDP
SAPGLOBALHOST = wdpeht1
SAPSYSTEM = 00
INSTANCE_NAME = W00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_CT_RUN)
DIR_PROFILE = $(DIR_INSTALL)\profile
PF = $(DIRPROFILE)\WDP_W00_wdpeht1
#----
Start webdispatcher
#----
WD = $(DIREXECUTABLE)\sapwebdisp$(FT_EXE)
Start_Program_00 = local $(_WD) pf=$(_PF)
SAPSYSTEMNAME = WDP
SAPGLOBALHOST = wdpeht1
SAPSYSTEM = 00
INSTANCE_NAME = W00
DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64
DIR_EXECUTABLE = $(DIR_CT_RUN)
#----
Accesssability of Message Server
#----
rdisp/mshost = sapeht1.ssi.ad
ms/http_port = 8100
#----
Configuration for medium scenario
#----
icm/max_conn = 500
icm/max_sockets = 1024
icm/req_queue_len = 500
icm/min_threads = 10
icm/max_threads = 50
mpi/total_size_MB = 80*
When I use sapwebdisp pf= -checkconfig on command line I get this error.
*C:\Documents and Settings\wdpadm>sapwebdisp pf= -checkconfig
IcmHandleArgs: Illegal option pf=
Checking SAP Web Dispatcher Configuration
=========================================
maximum number of sockets supported on this host: 8192
Server info will be retrieved from host: : with protocol: http
Checking connection to message server...
ERROR: Connection to message server failed: NIESERV_UNKNOWN
Check ended with 1 errors, 0 warnings*
Any help
Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
91 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.