Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

How to restrict the Request and Response process in that cookies should be Secure way SAP Portal 7.0 ?

Dear Experts,

Please any one can help me i am getting one security issue.Some third party tools using and hacking the Request and Response of the Server.That time there taking one successfully Request (GET http://1.1 302 found)   and Response (http://1.1 200 ok).In this request based on again there giving some invalidate credential in that time server giving request replacing for success fully Request that time there login in to portal successfully(Bypassing).In this Request level only getting the information for URL and set-cookies only.Here any process is there to restrict the set JSESSIONMARKID and JSESSIONID SAP_LB.

We are using 7.0 Version and SP 12. Please share you are solutions because of this is very high problem here.

Thanks for Advance

Thanks and regrades,

Durga Rao. 

Former Member
Not what you were looking for? View more on this topic or Ask a question