cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Webdispatcher profile for extern requests

Go to solution
lu_huynh
Participant

on ‎11-20-2007 6:04 AM

0 Kudos

Hi Everybody,

Can somebody help me about configuring the Webdispatcher for the access from the internet?

We have EP7 and Web AS java in the Back-End. Our Webdispatcher is installed on another Server in the DMZ. Now we should configure the Webdispatcher to forward the requests to the Web AS and back to the client from the internet (extern). From the intranet it works fine, but how is it from the internet, when you write www.mycompany.com to access the Web AS via Webdispatcher?

Thanks in Advance for any help!

Kind regards,

Lu Huynh

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎11-20-2007 9:16 AM
0 Kudos

Hi Lu,

You have to define more your need to get useful advices.

Will there be one single Webdispatcher for intranet and internet ?

If yes, does the web dispatcher have several IPs ?

Are the URLs accessed the same from intranet and internet ?

etc....

Best Regards,

Olivier

Show replies
Show replies
lu_huynh
Participant
‎11-20-2007 9:30 AM
0 Kudos

Hi Oliver,

thanks for your answer.

We only have a single Webdispatcher in the DMZ. At first the Webdispatcher shall be for the internet. From the intranet we can use the the hostname of the WEB AS Server.

The Webdispatcher has only one IP (192.168.xxx.xx).

We have several URLs (domains), which shall be directed to the Webdispatcher for requests/ responses. No the URLs are aren't accessed the same from internet and intranet (see above).

Hope that helps a little bit, I'm no expert in that.

Regards,

Lu Huynh

Former Member
‎11-20-2007 1:20 PM
0 Kudos

Hi Lu,

I understand that you want to give access to some URLs from EP to users from the internet.

You have to assign a public IP address and a DNS hostname to your Webdispatcher.

You have to connect the Web dispatcher to the Message server of the EP SCS.

You have to choose if you want to use HTTP or HTTPS on the internet.

If HTTPS you have to install the SAP Cryptolib and to buy an SSL server certificate from a Certification Authority.

You have to choose the authentication mode for your users :

Basic (user/password) ?

Client certification ?

You have to choose to use HTTP or HTTPS between Webdispatcher and EP.

You can also use The Webdispatcher to fileter URLs and authorize only some of them from the Internet.

Lots of choices for you !

Regards,

Olivier

lu_huynh
Participant
‎11-21-2007 7:56 AM
0 Kudos

Hi Olivier,

thanks for your help. But I still have a few questions.

<i>>You have to assign a public IP address and a DNS hostname to your >Webdispatcher.</i>

I think this done by our provider. Or do I have to configure something in the profile?

<i>>You have to connect the Web dispatcher to the Message server of the EP SCS.</i>

Already defined in the profile.

<i>>You have to choose if you want to use HTTP or HTTPS on the internet.

>If HTTPS you have to install the SAP Cryptolib and to buy an SSL server >certificate from a Certification Authority.

>You have to choose the authentication mode for your users :

>Basic (user/password) ?

>Client certification ?

>You have to choose to use HTTP or HTTPS between Webdispatcher and EP.</i>

For testing I will use HTTP first.

Is there a guide for these steps?

thanks a lot!

Best regards,

Lu

Former Member
‎11-21-2007 10:31 AM
0 Kudos

Hello Lu,

The public DNS hostname (www.mycompany.com) is important if you have to install an SSL server X.509 certificate.

If you just do HTTP, yes, it's your provider's business.

But, personnally, I don't think it is really secure to access EP from the internet without SSL (especially if you use basic authentication). The decision is yours !

There are good blogs in SDN to configure HTTPS.

help.sap.com has also all the needed information but, of course, not in a "how to way". I could manege to do it the fist time with these documentations.

Best Regards,

Olivier

lu_huynh
Participant
‎11-21-2007 11:01 AM
0 Kudos

Hi Olivier,

thanks for your answer!

Yes I know about the security, but I will do the https in second step. The client shall reach an application (our actual Website), which is deployed on the WEB AS Java.

I just need to know how to configure the profile (*.pfl) to make the communication (request/response) between <i>Client - webdispatcher -WEB AS</i> possible? Do I have to make a URL redirect?

Thanks a lot!

Best regards,

Lu

Former Member
‎11-21-2007 12:27 PM
0 Kudos

Hi Lu,

If you don't want to change (simplify) the technical URLs, I mean using the same URLs on the internet thru the web dispatcher that the urls used in the intranet, you don't have anything to configure in the pfl file.

Since the web disptcher is connected to the message sever of EP, all Urls will be transfered to EP. This is the standard job of a reverse proxy.

When you will type http://www.mycompany.com/myURL on the internet

http://myEPserverHostname:myEPport/myURL will be transfered to EP.

I would at least suggest a redirect of the root URL (/) to the welcome page of the portal.

Best Regards,

Olivier

lu_huynh
Participant
‎11-21-2007 1:33 PM
0 Kudos

Hi Olivier,

thank you very much!

Isn't it right when I put this line into the profile

<i>icm/HTTP/redirect_0 = PREFIX=/, TO=/myApp</i>

and type: <i>www.mycompany.com</i>

the webdispatcher makes a redirection to the root myApp?

from intranet I can write: <i>http://webdispHOST:port</i>

then the redirection to <i>http://http://webdispHOST:port/myApp</i> is executed.

Doesn't this work for the internet, too?

I will try as you suggest. But I have to wait until tomorrow, then I will leave the webdispatcher free to the internet.

Kind regards,

Lu

Former Member
‎11-21-2007 1:59 PM
0 Kudos

Hello again,

Here is an example from one of my webdispatcher profile where I need to redirect

http://www.mycompany.com/ to

http://www.mycompany.com/sap/bc/bsp/sap/zmyBSPapplication/welcome.html

icm/HTTP/redirect_0 = PREFIX=/,FOR=www.mycompany.com,TO=/sap/bc/bsp/sap/zmyBSPapplication/welcome.html

I think you make a confusion between URL redirect and URL rewrite.

The web dispatcher is only capable of URL redirects and no URL rewrites.

You have to use Apache (or other reverse proxy) for URL rewrites.

URL redirect means that when the web dispatcher receives http://www.mycompany.com

it will send a REDIRECT command to the user's browser asking it to redirect (connect) to the new URL

http://www.mycompany.com/sap/bc/bsp/sap/zmyBSPapplication/welcome.html

It means that the user will see the technical URL on the address line of his browser.

The redirect should work perfectly from the internet.

Best Regards,

Olivier

lu_huynh
Participant
‎11-21-2007 2:08 PM
0 Kudos

Hi Olivier,

thank you so much!

I think I understand now.

I will set this

icm/HTTP/redirect_0 = PREFIX=/,FOR=www.mycompany.com,TO=/myApp

for my needs. Tommorrow morning I will give it a try. I will let you know the results and give you points.

Greets,

Lu

lu_huynh
Participant
‎11-28-2007 7:24 AM
0 Kudos

Hi Olivier,

sorry for the late answer! I've tested the new configuration and it seems to work. I can access the webdipatcher from extern. The only thing now is that a port is blocked from the webdispatcher to the Application Server (port of ms). But this is quickly done by our provider.

Thanks a lot,

Lu Huynh

Answers (0)

Ask a Question