Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

SPNego Wizard available for everybody

Dear experts!

We've found that SPNego Wizard available directly by URL http://<hostname>:port/spnego and not restricted by password.

Everybody who has user account even without any roles and permissions, only by entering the password can access wizard page and

make any changes, for example delete reams or Keytab certificate.

Could you advice us how to close this hole?

Former Member
Not what you were looking for? View more on this topic or Ask a question