cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Hook_URL for Punchout Catalogue

Go to solution
Former Member

on ‎01-10-2012 10:41 AM

0 Kudos

Hi,

my understanding of the configuration required in SRM for punch out catalogue settings is that the Hook_URL parameter shoudl eb left blank and the value is automatically determiend at runtime.

The requirement from our security team is that we should need set the server details externally to the supplier, is there a way we can mask the server name in the URL?

Regards

Chris

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎01-11-2012 12:57 PM
0 Kudos

hi,

For internal catalog and Punch out catalog you have to define the HOOK_URL leave as blank

and type as Return URL

No need to Mask . It will work

Regards

G.Ganesh Kumar

Show replies
Show replies
Former Member
‎01-12-2012 10:35 AM
0 Kudos

Hi,

I think you've missed the point of my question. I understand that you don't need to populate the the HOOK_URL paramter however the requirement from our security team is to not expose the server name to external parties when punching out, is this possible?

Thanks

Chris

Matt_Fraser
Active Contributor
‎02-16-2012 6:07 PM
0 Kudos

I'm not sure that's possible. In any case, it isn't your server that is calling the supplier's server, it is your end user's browser when they select the punchout catalog. The hook_url parameter (and the other parameters you define in the punchout catalog configuration in your SRM system) will be passed by the user's browser in the HTTP GET request sent to the supplier's website. It's not so much that the supplier needs that information, but your user's browser needs it in the session state so as to be able to return the catalog items back into the open shopping cart (via HTTP POST). However, as it's part of the URL string submitted by the browser to the supplier website, even if they don't use it it should show up in their web access logs.

Note that your SRM server does not need to be exposed outside your firewall to your supplier for this activity to occur. It is your user's browser that is doing the work, and presumably your user is inside your firewall. So, even though the supplier could see the hostname of your SRM server, that doesn't mean they have any access to it (unless you're also exposing it for supplier self-services or some similar scenario, in which case they have to know the hostname or they can't do business with you).

--Matt

Answers (1)

Answers (1)

Former Member
‎02-16-2012 4:53 PM
0 Kudos

Hi Chris,

I think it's the IP address of the server which is required by the supplier becasue they need to open ports for this particular IP to allow it to access supplier's portal and I dont think it takes along the other details with it while accessing the supplier's catalog.

- Ajay

Show replies
Show replies
Ask a Question
Top Q&A Solution Author
View all