05-22-2014 2:35 PM
Hi,
We have setup SSO with Kerberos and SPNEGO for NWBC and now we want to expose it to the internet via SAP Webdispatcher.
NWBC is on a singelstack ABAP system on server1 and we have configured a standalone J2EE system on server 2 for isuing the saplogon ticket.
This works fine with the redirect from icf NWBC -> Error Pages -> Logon Error -> Redirec to URL (Form Fields) http://server2:port/redirect/redirect.jsp
on server2 we have a java application (redirect/redirect.jsp) witch has %response.sendRedirect("http://server1:port/nwbc")%
Problem is that when the webdispatcher calls http://server1:port/nwbc the URL in the browser is hidden with MYDOMAIN.COM/nwbc but when the Logon-error (no saplogon ticket yet) is redirecting to http://server2:port/redirect/redirect.jsp the browser is showing the actual URL http://server2:port/redirect/redirect.jsp and also when returning to NWBC the browser is showing http://server1:port/nwbc.
And we don't wan't to expose hostnames (server1 and server2) to the internet.
Anyone knows how to solve this?
07-10-2014 10:52 AM
05-22-2014 5:25 PM
This question belongs to the space, this space is for NWSSO topics only, the separately licensed product from SAP.
Regarding your question you have to configure Web Dispatcher for both AS JAVA and AS ABAP and refer to Web Dispatcher URLs only. That includes ICF node configuration and the redirect servlet. The URL generation in AS ABAP needs to be configured so that URLs are generated to point to the Web Dispatcher. Use table HTTPURLLOC for that.
05-23-2014 12:29 PM
05-23-2014 2:11 PM
Actually one of the moderators already moved this to the current space which is Security and more appropriate. I think you can use this one should there still be some open issues.
07-10-2014 10:52 AM