cancel
Showing results for 
Search instead for 
Did you mean: 

Problems with reverse proxy and SSO

Former Member
0 Kudos

Hello there,

currently we face the problem, that we use oure SRM 5.5 with a reverse proxy to allow the access to oure system from outside oure firewall, and if we lock on to the system from the internet the Single Sign On does not work.

We can not use the document upload and the live auctioning cockpit.

Thanks for any idea and solution.

Best regards

Christian

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi,

What kind of proxy do You use?

IISProxy or SAP Web Dispatcher?

Regards,

Marcin

Former Member
0 Kudos

Hi,

I think we use a IISProxy.

Regards Christian

Former Member
0 Kudos

Hi Christian,

So, if You use IISProxy check the following:

- on your web server run IIS and go to site properties. Check on tab ISAPI Filters if Your IIS Proxy is up and running.

- go to iisproxy.xml and check your authentication at ATTLIST filter. You may change it to "skip" because, your WEBAS or J2EE is used to authentication - not IISPRoxy.

example code:


	<!ATTLIST filter 
		name CDATA #IMPLIED
		log-level CDATA "3"
		log-flags CDATA "0"
		debug-flags CDATA "-1"
		priority ( high | medium | low ) "high"
		extension-url CDATA "/scripts/IisProxy.dll"
		authentication ( skip | normal | forward ) "skip"
		remote-address ( skip | forward ) "skip"
	>

- check your source - target mapping

example code:



	<mapping name="IisProxy J2EE eMerge">
		<source>
			<protocol>http</protocol>
			<host>your_external_host.pwpw.pl</host>
			<port>80</port>
			<pre><code>/emerge/</code></pre>
		</source>
		<target>
			<protocol>http</protocol>
			<host>your_internal_host</host>
			<port>51100</port>
		</target>
		<compress-types>text/html, text/plain, text/css</compress-types>
	</mapping>

If You use HTTPS for target host, you must add an

<keystore-path>C:secSAPSSLC.pse</keystore-path>

to your mapping.

example code:

	<mapping name="IisProxy J2EE eMerge">
		<source>
			<protocol>http</protocol>
			<host>your_external_host.pwpw.pl</host>
			<port>80</port>
			<pre><code>/emerge/</code></pre>
		</source>
		<target>
			<protocol>http</protocol>
			<host>your_internal_host</host>
			<port>51100</port>
		</target>
		<compress-types>text/html, text/plain, text/css</compress-types>
                <keystore-path>C:secSAPSSLC.pse</keystore-path>
	</mapping>

After this restart IIS Service.

Regards,

Marcin

Former Member
0 Kudos

Hi Marcin,

sorry, but I did something wrong. For the last project we used a IIS, but now we use an Apache server on Linux. I'm very sorry.

If you have a solution also for this configuration, I would really apreciate this.

Thanks a lot

Christian

Former Member
0 Kudos

Hi Christian,

If you need reverse proxy for Apache server, then I would much rather prefer apaches mod_proxy (see http://www.apacheweek.com/features/reverseproxies for example)

Try this one.

Regards,

Marcin