Hi Oisin,

Thanks for your help, but sory, I don`t understand. Could you explain what do you mean ? What exactly should I change ?

Regards,

Tomasz

Hi Tomasz,

It is step 2 in the note 1058529 that Yogesh refered too. I was referring to this above in my first memo. i.e use "Fields Authentication"

Regards,

Oisin

Hi,

Thanks for the info, but....

In my service configuration, in "Logon Data" tab, section - Procedure I do not have  Alternative logon sequence, but I have Alternative Logon Procedure.

If I choose this option, in Logon Procedure List, I have(without - Field Authentification):

1    Logon Through HTTP Fields

2    Logon Through SSL Certificate

3    SAP Logon/Assertion Ticket

4    SAP Assertion Ticket

5    Basic Authentication

I removed al records from the list, without Logon Through HTTP Fields, but still does not working.

Where is the problem ?

I use SAP ECC ERP 6.06 (ABAP stack only).

Regards,

T.

Hi Tomasz,

So only the method

1    Logon Through HTTP Fields

is set for the service? Is this correct?

Can you attach screenshot's of the SICF configuration area for the WEBGUI service?

May also be useful to do a HTTPWatch trace to see what cookies are been set in the browser that enables one to logon without re-authenticating via the HTTP logon fields.

Regards,

Oisin

Hi,

You are going into the right direction.

Just do one more thing,clear the browser history before testing the new service.

If still the issue was not resolved,kindly attached screenshot's for the new service which you have created.

I have implemented the same method in SAP ECC 6.0 EHP4 and EHP6 version and it is working fine.

Regards

Yogesh Kumar

Hi,

First of all I set for the external alias ( as wrote in the note), and later also I set for service - /default_host/sap/bc/gui/sap/its/.

History/coockies/temp files and has been cleared. Below screen shots.

Hi,

As per your screen shot,you need to do the following changes.

1. Create the New External Aliases with the name other than webgui.

2. That new service will refer the /default_host/sap/bc/gui/sap/its/webgui.

After doing the following changes,clear the browser history and try again.

Regards

Yogesh

Hi,

When it was done via external alias, looks difrent, I mean:

I created new external alias - TEST, and if I try to connect via external alias TEST, I can work buf if I click button LOG OFF nothing is happen, it means SAP menu is not active, ITS buttons not working, I can not doing nothing. WEb page is not redicreted to the standard page - LOGOFF.

Of course I can open new SAP tab in the Internet Exroler, without logon to the system. Temp files (cookies, history etc.) has been deleted

.

Any idea....?

Thanks.

Regards,

T.

Hello T,

What exact SAP_BASIS and Kernel are you using?

If you call transaction SICF_SESSIONS - what information does it return?

Regards,

Oisin

Hi,

Thanks for your help again

And if I run t-code SICF_SESSIONS i have information:

   login/create_sso2_ticket = 0 

   login/accept_sso2_ticket = 0 

   login/ticketcache_entries_max = 1000 

   login/ticketcache_off = 0 

   login/ticket_only_by_https = 0 

   icf/set_HTTPonly_flag_on_cookies = 3 

   icf/user_recheck = 1 

   http/security_session_timeout = 1800 

   http/security_context_cache_size = 2500 

   rdisp/plugin_auto_logout = 1800 

   rdisp/autothtime = 60 

On all clients STATE is OK, except client 001 and 066.

Kernel version - 720_REL

kernel patch - 401

SAP_BASIS - SAPKB73102

Regards,

T.

Hi T,

What is result of setting icf/user_recheck = 0

See the notes

1301591 - HTTP 400 - Session not found (Stateful HTTP communication)

1532874 - Upgrade: Changing the HTTP reauthentication

This should be the same as setting individually for the service YES under section "Reauthentication - Deactivated System Wide = NO".

This setting for the service can be seen in the first screenshot that you posted yesterday. ( Setting icf/user_recheck = 0 will be system wide)

Regards,

Oisin