on 08-01-2013 5:35 PM
In SAP WEB console we use login via URL f.e. to login in client 001 and server servA.dom1.dom2 with username user1 and password pass12345 we use next URL
http://servA.dom1.dom2/?p=mc3090audio&c=001&u=user1&s=pass12345&a
now we try go to ITSmobile and for sapserver sapserv1
but it not work propertly. Instead open generated form for first screen are opened logon window. Why logon wia URL doesn`t work?
You didn't share the SAP version you are using. Most likely what you are seeing is due to XSRF protection, see SAP note 1617090 for details.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think, parameter ~XSRFCHECK not used in our release SAPKB70106, becouse accordingly sap note 1458171 XSRF protection was introdused from SAPKB70108 or by note 1458171. Correspond SP SAPKB70108 and note 1458171 wasn`t implemented in our systems.
Is presence XSRF protection necessary condition to use URL login parameters sap-login and sap-passwords?
Must I implement note 1458171 and bounded with it to that?
Samuli, I check parameter ~XSRFCHECK=0 on our Solution Maneger server, which more modern than ERP and in correspond note 1458171 include XSRF protection.
But it not work also.
When I copy and paste url
and press "Enter", I see logon windows, also as withot params sap-login=user&sap-password=pass:
http://f.q.dn:8080/sap/bc/gui/sap/its/test/mobile/itsmobile00?sap-client=100
Check the standard ITSmobile test ICF services, if they have the ~XSRFCHECK parameter set to 1 under GUI Configuration, then you have XSRF protection in your system. In case you don't have XSRF protection, the reason for URL login not working is unrelated to XSRF protection. In that case use HTTPwatch or similar to verify that there is no redirect taking place. In case of redirect, the credentials will be removed from the URL. If you are still unsuccesful in finding out the reason for URL login to fail, debug the ICF handler CL_HTTP_EXT_ITS and as a last resort CL_HTTP_SERVER.
Helo, Samuli!
You answers helpful and correct.
I activate http debug in IE9 via F12 and find, that correct parameter in URL login is sap-user. Parameter sap-login not used for URL login in that case.
Also helpful for me was answer in http://scn.sap.com/message/14163392 from
Tobias Queck May 29, 2013 12:41 AM
Thank and best regards!
User | Count |
---|---|
84 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.