cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Web Dispatcher: masking/hiding SAPwebdynpro URL hostname and port

Former Member

on ‎04-21-2016 9:31 AM

0 Kudos

Hi,

Could you please assist on SAP webdynpro application URL masking.


We are trying to mask the sap OEP server webdynpro url i.e

"http://bpoerav4.<domain>:8060/sap/bc/gui/sap/its/webgui?sap-client=400",

In the above, bpoerav4 = is the sapOER server host name and 8060 = is the server port number ( 8000 is standard and 60 is the instance number of one of the dialog application server)

But as per the Network policy the server host name and IP address of the host will not be allowed to be accessed from customer location so we are trying to mask the above url with


"http://sapoer.<domain>:8500/sap/bc/gui/sap/its/webgui?sap-client=400".

The configuration we have did at SAP Webdispatcher and its profile as attached.

Here we are able to initially login to OER server with "http://sapoer.<domain>:8500/sap/bc/gui/sap/its/webgui?sap-client=400" mask url and can
able to hit any of the sap transaction codes but when we try to open any of the webdynpro's, its opening in a new window with sap OER hostname and Ip address of the host server with below url

"http://bpoerav4.<domain>:8060/sap/bc/gui/sap/its/webgui?sap-client=400", which is not allowed to be accessed at customer location due to Network security policy.


Thanks.


Abdul

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

cris_hansen
Advisor
Advisor
‎05-03-2016 8:09 PM
0 Kudos

Hi Abdul,

I recommend you going through the following Wiki page.

Even though the wiki resides in a BSP space, it can be used for ITS (WEBGUI) too.

You will find important information about how to use the HTTPURLLOC table.

Kind regards,

Cris

Show replies
Show replies
Former Member
‎05-05-2016 12:39 PM
0 Kudos

Dear Cristiano,

Thanks for the reply and suggestion.

Still the issue was same and our SAP_BASIS of  backend system: "SAPKB73109 "

Yes i gone through Wiki page but issue not reoslved as i tried with  many options for HTTPURLLOC table.

Please suggest me.

Thanks

Abdul Mubeen

cris_hansen
Advisor
Advisor
‎05-03-2016 1:56 PM
0 Kudos

Hello Abdul,

Could you please give one example of calling a transaction code via WEBGUI (SAPGUI for HTML) that triggers a new window (and calls the backend hostname/port information, and not the Web Dispatcher one)?

It seems that the HTTPURLLOC table does not contain the correct values yet.

Thank you,

Cris

PS: Web Dynpro ABAP is another SAP technology - WEBGUI is not Web Dynpro ABAP.

Show replies
Show replies
cris_hansen
Advisor
Advisor
‎05-03-2016 2:02 PM
0 Kudos

Hi Abdul,

Please also inform the SAP_BASIS of your backend system: SAPKB7xxyy ?

Thanks,

Cris

isaias_freitas
Advisor
Advisor
‎04-22-2016 6:59 PM
0 Kudos

Hello Abdul,

The Web Dispatcher profile is missing.

Anyway, you can try maintaining the HTTPURLLOC table (click here for details).

Regards,

Isaías

Show replies
Show replies
Former Member
‎04-25-2016 6:10 AM
0 Kudos

Dear Isaias Freitas,

Thanks for the update.

Before sharing the SAP Webdispatcher profile , let me update you the user flow from customer end and also our


SAP system OEP ( OER- Object Event Repository) is in cluster i.e

Noda A: DB ( Database) with DB2 on HP-Unix

Node B: ASCS ( Message and Enque services ) + PAS ( Primary application server) on HP-Unix

And 4 Dialog instances on HP-Unix

User Flow from customer location to SAP servers:

User - > Firewall1 - > Hardware Load Balancer - > DMZ  Layer ( SAP Webdispatcher Installed and configured and its profile as shared ) - > Firewall2 -> MZ Layer SAP server ( SAP OER).

SAP Web dispatcher profile:

SAPSYSTEMNAME = WD3

SAPGLOBALHOST = BPAPSRUWMV04

SAPSYSTEM = 00

INSTANCE_NAME = W00

DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64

DIR_EXECUTABLE = $(DIR_CT_RUN)

DIR_PROFILE = $(DIR_INSTALL)\profile

_PF = $(DIR_PROFILE)\WD3_W00_BPAPSRUWMV04

SETENV_00 = PATH=$(DIR_EXECUTABLE);%PATH%

#-----------------------------------------------------------------------

# Configuration for medium scenario

#-----------------------------------------------------------------------

icm/max_conn = 500

icm/max_sockets = 1024

icm/req_queue_len = 500

icm/min_threads = 10

icm/max_threads = 50

mpi/total_size_MB = 80

#icm/HTTP/logging_0 = PREFIX=/, LOGFILE=LOGFILE=access_log-%d-%m-%y_%h:%t:%s

#icm/HTTP/logging_client_0 = PREFIX=/, LOGFILE=access_log_client-%d-%m-%y_%h:%t:%s

#-----------------------------------------------------------------------

# SAP Web Dispatcher Ports

#-----------------------------------------------------------------------

##-----OER Port binding-----#####

icm/server_port_0 = PROT=HTTP, PORT=8500

##-----WD Admin port binding------####

icm/server_port_2 = PROT=HTTP, PORT=8350

icm/HTTP/admin_0 = PREFIX=/sap/admin,DOCROOT=$(DIR_DATA)$(DIR_SEP)icmandir,AUTHFILE=$(icm/authfile),PORT=8350

wdisp/system_conflict_resolution = 2

##----------------------------------------------------------------------

wdisp/system_0 = SID=OEP, MSHOST=ascsoep.<Domain>, MSPORT=8135, SRCSRV=*:8500

wdisp/system_0 = SID=OEP, MSHOST=ascsoep.<Domain>, MSPORT=8135, SRCURL=/sap/

icm/HTTP/redirect_0 = PREFIX=/, FROMPROT=HTTP, FOR=ascsoep.<Domain>:8135, TO=/sap/*, PROT=HTTP HOST=sapoer.<Domain>, PORT=8500

#-----------------------------------------------------------------------

# Start webdispatcher

#-----------------------------------------------------------------------

_WD = $(DIR_EXECUTABLE)\sapwebdisp$(FT_EXE)

Start_Program_00 = local $(_WD) pf=$(_PF)

SETENV_01 = SECUDIR=$(DIR_INSTANCE)/sec

#icm/HTTP/mod_0 = PREFIX=/, FILE=D:\usr\sap\WD2\SYS\profile\mod_rules.txt

wdisp/auto_refresh = 120

wdisp/max_servers = 100

#is/HTTP/default_root_hdl = j2ee

#wdisp/system_conflict_resolution = 0

#icm/HTTP/redirect_0 = PREFIX=/, TO=/irj/portal

##----------------------------------------------------------------------

So please help us in resolving this SAP Webdynpro URL masking.

Thanks.

isaias_freitas
Advisor
Advisor
‎04-25-2016 10:21 PM
0 Kudos

Hello Abdul,

Have you tried maintaining the HTTPURLLOC table?

You would have to use the external hostname ("sapoer.<domain>") and the external port (8500) used by the end users to reach the "firewall1".

Regards,

Isaías

Former Member
‎04-26-2016 8:02 AM
0 Kudos

Dear Isaias Freitas,

Maintained same which you said, but no luck.

Please suggest 

Reagrds,Abdul.

isaias_freitas
Advisor
Advisor
‎04-26-2016 3:11 PM
0 Kudos

Dear Abdul,

Were entries for both client 000 and the productive client (400) created, at the HTTPURLLOC table?

Can you share all the entries that were created there?

Regards,

Isaías

Former Member
‎04-28-2016 10:29 AM
0 Kudos

Dear Isaias Freitas,

In table HTTPURLLOC there were no entries so we have created below two entries in each of the client- 000 and 400 

MANDT     000

SORT KEY     0001

PROTOCOL     HTTP

APPLICATN     */SAP/*

FOR DOMAIN     <Domain Name>

HOST               SAPOER

PORT               8500

MANDT     000

SORT KEY     0002

PROTOCOL     HTTPS

APPLICATN     */SAP/*

FOR DOMAIN     <Domain Name>

HOST               SAPOER

PORT               8500

MANDT          400

SORT KEY     0001

PROTOCOL     HTTP

APPLICATN     */SAP/*

FOR DOMAIN     <Domain Name>

HOST               SAPOER

PORT               8500

MANDT          400

SORT KEY     0001

PROTOCOL     HTTPS

APPLICATN     */SAP/*

FOR DOMAIN     <Domain Name>

HOST               SAPOER

PORT               8500

After this again we tried but the same issue and its not working. Please let me know if we did wrong in entries.

Thanks.

Abdul Mubeen

isaias_freitas
Advisor
Advisor
‎04-28-2016 1:18 PM
0 Kudos

Dear Abdul,

Please perform the following adjustments on all four entries:

  • Replace the "APPLICATN" field for "/SAP/*" (in other words, remove the initial asterisk);
  • The "FOR DOMAIN" field should be left blank;
  • The "SORT KEY" must be sequential, you cannot have two entries with the same "SORT KEY";
  • Change the "HOST" field, informing the full hostname there (e.g., "HOST.DOMAIN").

Maybe this SCN post can help you as well.

Regards,

Isaías

Former Member
‎04-29-2016 1:36 PM
0 Kudos

Dear Isaías,

Thanks for the time but still the same issue.

Below are the entiries maintained

MANDT     000

SORT KEY     0001

PROTOCOL     HTTP

APPLICATN     /SAP/*

FOR DOMAIN    

HOST               SAPOER.<Domain Name>

PORT               8500

MANDT     000

SORT KEY     0002

PROTOCOL     HTTPS

APPLICATN     /SAP/*

FOR DOMAIN    

HOST               SAPOER.<Domain Name>

PORT               8500

MANDT          400

SORT KEY     0003

PROTOCOL     HTTP

APPLICATN     /SAP/*

FOR DOMAIN    

HOST               SAPOER.<Domain Name>

PORT               8500

MANDT          400

SORT KEY     0004

PROTOCOL     HTTPS

APPLICATN     /SAP/*

FOR DOMAIN    

HOST               SAPOER.<Domain Name>

PORT               8500

The issue is same as webdynpro opening with SAP server names not with sapoer.<Domain Name>....

Thanks.

Abdul Mubeen

Ask a Question