on 01-29-2007 9:02 AM
Hello there,
currently we face the problem, that we use oure SRM 5.5 with a reverse proxy to allow the access to oure system from outside oure firewall, and if we lock on to the system from the internet the Single Sign On does not work.
We can not use the document upload and the live auctioning cockpit.
Thanks for any idea and solution.
Best regards
Christian
Hi,
What kind of proxy do You use?
IISProxy or SAP Web Dispatcher?
Regards,
Marcin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Christian,
So, if You use IISProxy check the following:
- on your web server run IIS and go to site properties. Check on tab ISAPI Filters if Your IIS Proxy is up and running.
- go to iisproxy.xml and check your authentication at ATTLIST filter. You may change it to "skip" because, your WEBAS or J2EE is used to authentication - not IISPRoxy.
example code:
<!ATTLIST filter
name CDATA #IMPLIED
log-level CDATA "3"
log-flags CDATA "0"
debug-flags CDATA "-1"
priority ( high | medium | low ) "high"
extension-url CDATA "/scripts/IisProxy.dll"
authentication ( skip | normal | forward ) "skip"
remote-address ( skip | forward ) "skip"
>
- check your source - target mapping
example code:
<mapping name="IisProxy J2EE eMerge">
<source>
<protocol>http</protocol>
<host>your_external_host.pwpw.pl</host>
<port>80</port>
<pre><code>/emerge/</code></pre>
</source>
<target>
<protocol>http</protocol>
<host>your_internal_host</host>
<port>51100</port>
</target>
<compress-types>text/html, text/plain, text/css</compress-types>
</mapping>
If You use HTTPS for target host, you must add an
<keystore-path>C:secSAPSSLC.pse</keystore-path>
to your mapping.
example code:
<mapping name="IisProxy J2EE eMerge">
<source>
<protocol>http</protocol>
<host>your_external_host.pwpw.pl</host>
<port>80</port>
<pre><code>/emerge/</code></pre>
</source>
<target>
<protocol>http</protocol>
<host>your_internal_host</host>
<port>51100</port>
</target>
<compress-types>text/html, text/plain, text/css</compress-types>
<keystore-path>C:secSAPSSLC.pse</keystore-path>
</mapping>
After this restart IIS Service.
Regards,
Marcin
Hi Christian,
If you need reverse proxy for Apache server, then I would much rather prefer apaches mod_proxy (see http://www.apacheweek.com/features/reverseproxies for example)
Try this one.
Regards,
Marcin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.