cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Logoff button does not end session while accessing bbpstart service.

Former Member

on ‎10-12-2006 1:22 PM

0 Kudos

Hi,

The user session does not end when he clicks the log off button on the page http://<xyz>.com:8000/sap/bc/gui/sap/its/bbpstart?sap-system-login-basic_auth=X&sap-client=100&sap-l...

This is related to bbpstart service in SRM 4.0.

When the user logs off, he is able to log in again(when he uses the back button in the browser or just uses the above URL again) <b>with out providing any password</b>(no authentication is done).

Please let me know if there is any solution to resolve this problem. Would appreciate your help.

Thanks and Regards,

Samuel

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎10-12-2006 1:38 PM
0 Kudos

Hi Samuel,

In BBPSTART service, on "Service Data" tab page, there is a button "GUI Configuration". Click on this button and add a parameter as ~EXITURL and its value as your log in URL i.e. http://<xyz>.com:8000/sap/bc/gui/sap/its/bbpstart?sap-system-login-basic_auth=X&sap-client=100&sap-l...

This will log off the user and redirect him to log in page again.

Regards,

Amit

P.S. Do assign points if the answer is useful

Show replies
Show replies
Former Member
‎10-12-2006 1:35 PM
0 Kudos

Hi,

Do you mean to say that when the user clicks on the LOG OFF button,you directly go to the HOMEPAGE again?

If so,pls check in SICF trans,in the foll path,default host>sap->bc>gui->sap>its>bbpstart.In that service,click on the SETTINGS button.In the parameter list,check the value for the paramter "EXITURL".

BR,

Disha.

Pls reward points for helpful answers.

Show replies
Show replies
Former Member
‎10-12-2006 2:16 PM
0 Kudos

Hi Disha and Amit,

Thanks for the response. The EXITURL parameter is set already to http://<xyz>:50056/sap/bc/gui/sap/its/bbpstart/.

Now when the user clicks the log off button he is directed to this page, but the problem is <b>when:</b>

1. the user clicks on the <b>Back</b> button <b>of the IE</b> he is able to access the page http://<xyz>.com:8000/sap/bc/gui/sap/its/bbpstart?sap-system-login-basic_auth=X&sap-client=100&sap-l...

which he had logged off, with out any authentication (no user name and password is asked).

2. the user opens an other browser and calls the same URL, then he is able to login without entering any user name and password. This is a security concern.

Have looked into Note 1. 350597 - Logoff button doesn't logout the user

2. 207434 - Logoff button does not end session

These doesn't help much in our case as I am not able to find the sapbbpst01_1000.html in Service BBPSTART mentioned in the above 2 notes.

One more thing, the URL specified in the EXITURL does not work since it refers to an sap domain and this domain is not listed in the DNS entry(we get DNS_HOST_NOT_FOUND error when log off button is clicked). The EXITURL can be changed but the actual problem is of session remaing active even if the user has logged off.

Does changing the EXITURL solve the problem and logs off the user completely. He should only be able to login next time with his user name and password.

If this is the case, then what should be the EXITURL value.

Please let me know.

Thanks ans Regards,

Samuel

pvanhoove
Product and Topic Expert
Product and Topic Expert
‎10-12-2006 2:33 PM
0 Kudos

Hello,

Exit url just define the page to show when exiting SRM , no link to close a session.

Ensure that the user doesn't have any popup blocker installed on its browser. when closing the srm window and/or clicking on log off button, a pop up should raise, this pop up will close the current session. If the pop up cannot raise, system cannot close the session.

Rgds,

Pierre

Former Member
‎10-30-2006 4:45 PM
0 Kudos

Samuel,

I am having the exact same problem. After the pop-up comes up with Application is shutting down I can still use the back button to go back into the session. If you solved this problem please let me know.

Thanks

Venkat

SudhakarV
Explorer
‎10-30-2006 5:15 PM
0 Kudos

You may like to look at the 'Cache' settings as well.

Former Member
‎11-01-2006 1:30 PM
0 Kudos

Hi Venkat,

I have requested SAP to look into this, will let you know once we have the solution.

Sudhakar,

Can you please let me know what should be the cache setting, any pointer on the same would be helpful.

Please note that the log off problem is irrespective of the system (desktop)we are using.

Thanks and Regards,

Samuel

Ask a Question