Session does not logoff on integrated ITS 700

Former Member · ‎03-06-2007

We have upgraded from 46C / ITS 620 to ERP2005 (ECC60) and are using the integrated ITS.

When you log off the ITS webgui session, if you leave the browser open and enter the webgui URL once more (http://<host>/sap/bc/gui/sap/its/webgui), the logon screen is bypassed and another person could pick up the original users session.

The ~usertimeout parameter from ITS 620 does not have any effect.

Does anyone know the correct parameter to set to overcome this?

Former Member · ‎03-07-2007

Hi John,

This is a known limitation. See SAP note 735612.

You might want to create a development request to get this solved.

Regards,

Dieter

Former Member · ‎03-06-2007

Hello John

There seems to be some sort of SSO involved.

~usertimeout only helps with the original ITS SSO cookie named MYSAPSSO.

With ticket logon ~usertimeout already did not have any effect.

With the Integrated ITS the MYSAPSSO cookie is not available anymore.

In your case the problem is either with the SSO Logon Ticket or with HTTP Basic Authentication. If it is the ticket logon (e.g. via EP) then the user would have to log off from EP to delete the SSO Logon ticket.

If it is the HTTP Basic Authentication then the browser has to be closed as there is no other way to remove the authentication otherwise.

<b>Possible Solution</b>:

You might want to check and change the Logon Procedure in SICF for the webgui service. You should be able to make SAP Authentication the standard:

you find more details at <a href="http://help.sap.com/saphelp_nw04/helpdata/en/e0/73f34026d70b06e10000000a155106/frameset.htm">SAP Online Help</a>

best regards

Gerd

Session does not logoff on integrated ITS 700

Accepted Solutions (0)

Answers (2)

Answers (2)

Re: SAP Analytics Cloud 2000 rows limit

Re: CORS status error REST API Sap Build Apps

Re: The uploaded file is inval. Verify that the fi...

How to show custom Data in a Fiori App (RAP)

Re: Problem when uploading SAP HANA Readiness Chec...