cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO to ITS through WebSEAL gives secure/non-secure messages

Go to solution
Former Member

on ‎12-19-2005 12:51 PM

0 Kudos

Hi

We running the following setup:

EP6 SP14

Stand-alone ITS 6.20 patch 18

4.7 R/3 Enterprise

TAM/WebSEAL 5.1

We are running SSO through WebSEAL to the portal and everything seems to be working just fine.

But when we try to access a transactional iView or an IAC iView running on the ITS server I get a pop-up message saying "This page contains both secure and nonsecure items."

We are accessing WebSEAL through HTTPS, we are running HTTPS between WebSEAL and the portal and HTTP between WebSEAL and ITS.

I have tried to access the ITS through WebSEAL without using the portal, and I still get the message. So it must be something between the WebSEAL and the ITS server.

Does anybody have any ideas what is causing this?

Cheers,

Jacob Vennervald

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎01-04-2006 10:28 PM
0 Kudos

Hi Jacob,

We are implementing pretty much the same infrastructure and have encountered the same problem. I thought it might be because for our system definition in Portal we had not yet set the ITS protocol to 'https' (it was set to http), but that didn't seem to solve the problem. Have you tried this, or solved the problem some other way?

Regards

John Moy

Show replies
Show replies
Former Member
‎01-06-2006 12:23 AM
0 Kudos

The "secure and non-secure" message, displayed when accessing ITS through WebSEAL when using IE and HTTPS, is caused by an empty source reference (<IFRAME ... SRC="" ...>) within the ITS menu page (...d_menu.html).

The integration guide, available on the <a href="http://www-1.ibm.com/support/docview.wss?uid=swg24003605">IBM website</a> and the <a href="http://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/sdn/developerareas/ibm">SAP SDN</a>, contains the information on how to stop the message from appearing.

The message should not be displayed when accessing ITS through WebSEAL using HTTP.

Regards,

Peter Tuton.

Former Member
‎01-06-2006 10:34 AM
0 Kudos

Hi John

I ended up solving this myself.

The problem is, that the ITS server sends some "about:blank" pages which are not https and therefore generates a warning

message in your browser.

I solved it by copying spacer.gif from

<INET ROOT>\<ITS INSTANCE>\sap\its\mimes\system

to

<INET ROOT>\<ITS INSTANCE>\sap\its\mimes\system\99\image

After this you do the following changes in login.html and framesetstart.html:

Change the line

termframeurl = "about:blank";

to

termframeurl = mimeURL(~service="system", ~language="", ~theme="99", ~name="image/spacer.gif");

Hope this helps.

Regards,

Jacob Vennervald

Answers (0)

Ask a Question