on 02-14-2014 3:13 PM
I wonder whether someone can advise please ...
We currently use HTTP for internal traffic across a private line to a hosted web dispatcher and SAP Enterprise Portal. However we now have a requirement to allow external customers to access this Portal - but because this is traffic will be over the public web, we will be forcing them to use HTTPS to the web dispatcher /EP.
We are being advised that best practice is to avoid mixed protocols (HTTP and HTTPS) on a web dispatcher. This means that to allow our external customers access via HTTPS only, we will have to start using HTTPS internally. This is an inconvenience, since our traffic is purely internal - and will mean changing our internal URL for thousands of users.
Is it correct that mixed (HTTP and HTTPS) protocols should not be handled by the web dispatcher? If so - are perhaps missing a trick - is there a cunning way of forcing external customers to use HTTPS to access the EP, whilst retaining our internal access over HTTP?
Kindest regards,
There is no reason not to use one Web Dispatcher for both HTTP and HTTPS, that is between the client and WD. The question becomes what then. If you terminate HTTPS in the Web Dispatcher, there shouldn't be any issues. If however you are required to have End-to-End SSL, then you can't have it both ways meaning you will have to use HTTPS in both cases.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Many thanks Samuli for your advise.
Can I just ask two further questions please?:
From your reply, it seems that the WD can handle mixed protocols, but it's the Portal which can't?
Lastly, can the WD handle any number of different URLs and point them all at the same Portal? You see, we're hoping to have a 'friendly' HTTPS URL for traffic coming from external customers on the public Internet and also an internal (xxx.xxx.int type domain) HTTP URL for internal web traffic which will only use our private network - and will not traverse the public Internet. Is this possible?
Kindest regards,
Indeed, if portal is in the picture you will have to setup either 2 portals (external, internal) or have two distinct landscape configurations in the portal and have separate portal roles for the both user types. See this discussion thread for details. I'm not aware of any restrictions on the number of URLs WD can handle.
Does anyone know whether the SAP Portal uses absolute or relative paths?
If it uses relative paths we could presumably use a reverse proxy in front of the WD to rewrite the external URL to match the internal URL?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
in my opinion a solution shoud be to install a new webdispatcher https for the external that will have the new link.
For the internal nothing change...
Bye
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.