cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Problem with session id

Former Member

on ‎01-22-2008 8:23 AM

0 Kudos

Hi All,

We have a Web Dynpro application which is deployed and is working fine when accessed through Portal.

Consider the foll. scenario

The application is accessed through Portal. User right-clicks on the application, selects Properties and copies the URL given in Address. This URL also contains the Session Id.

This URL when pasted in a new window, displays the application.

My question is : Why does the URL not get invalidated in the above scenario i.e. even when session id is passed.

Please let me know the possible solution how to stop the user from not accessing the application in a separate window.

Regards

Nikhil Bansal

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎01-22-2008 9:08 AM
0 Kudos

Hi Nikhil,

Since you already looged into portal in a window, if you copy paste the url from properties in another window..it checks that session created by user id still logged in the portal in other window...so it doesn't invalidate it...so if you copy that url and logoff from portal..and now try with it...it will not work..

xxxxxxxxxxxxxxxxxxxxxx

cheers,

Alok

Edited by: Armin Reichert on Feb 23, 2008 6:30 PM

Show replies
Show replies
Former Member
‎01-22-2008 9:26 AM
0 Kudos

Hi Alok,

I've already worked on the solution/approach suggested by you.

What I am looking for is :

Doesn't Portal itself invalidate the application when URL is pasted in new IE. The URL contains the session id, this session should itself get invalidated.

Is this a bug in Portal or something I am missing.

Nikhil

Former Member
‎01-22-2008 9:35 AM
0 Kudos

Hi,

I think this is some thing to do with the cookies that share the data from the client to the server.

Regards

Ayyapparaj

Former Member
‎01-22-2008 11:47 AM
0 Kudos

Hi Ayyapa,

Even I guessed that it should be a problem with cookies. But I was surprised to find that no cookies were being set in the Temporary Internet Files folder.

Is there a way to find how Portal manages it's sessions.

Regards

Nikhil Bansal

Former Member
‎01-22-2008 9:05 AM
0 Kudos

Hi,

Do you authentication in your application? When set tot true, the application can still be opened in a separate window, however it prompts for a password first. This provides some extra security.

Application properties, set sap.authentication to true. Make sure your JCO connection makes use of logon tickets, so that only authenticated users have access.

Good luck, Roelof

Show replies
Show replies
Ask a Question