How to restrict the Request and Response process in that cookies should be Secure way SAP Portal 7.0 ?
Please any one can help me i am getting one security issue.Some third party tools using and hacking the Request and Response of the Server.That time there taking one successfully Request (GET http://1.1 302 found) and Response (http://1.1 200 ok).In this request based on again there giving some invalidate credential in that time server giving request replacing for success fully Request that time there login in to portal successfully(Bypassing).In this Request level only getting the information for URL and set-cookies only.Here any process is there to restrict the set cookies.like JSESSIONMARKID and JSESSIONID SAP_LB.
We are using 7.0 Version and SP 12. Please share you are solutions because of this is very high problem here.
Thanks for Advance
Thanks and regrades,