cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to delete session cache for GUI for HTML after Portal log off

Former Member

on ‎06-19-2013 12:37 PM

0 Kudos

Hi Experts,

In our environment, user log on from Portal and open GUI for HTML in iView.

After log off from Portal, both sessions in Portal and in ERP are cleared. But user come back to Portal and log on with other ID and password, the previous ID is used to log on to ERP.

For example,

a user log on to Portal with ID:USERA, then automatically log on to ERP via transaction iView as USERA with SAPLogon Ticket.

then log off from Portal with Log off link.

on the same PC, remaining browser window open, other user log on to Portal with ID:USERB, then log on to ERP via transaction iView as USERA.

if user close browser after log off, the user ID newly entered is used.

I read Note 1039335, Incomplete logoff from an ITS WebGUI application, but it says the solution doesn't work in the Portal.

could anyone help to solve this problem? it could be security risk or cause inappropriate data entry (with other person's ID).

best regards,

Megumi

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎12-17-2013 8:39 AM
0 Kudos

Take a look at SAP Note 1322944 - ABAP: HTTP security session management

http://service.sap.com/sap/support/notes/1322944

Show replies
Show replies
nol_hendrikx
Active Contributor
‎06-25-2013 2:34 PM
0 Kudos

Close ALL browser sessions / windows. Browsers like to store the session information across different windows. In Internet Explorer you can start a brand new session via "File > New session".

This might be an issue in your case.

Show replies
Show replies
achmad_dimyati5
Participant
‎06-22-2013 10:10 AM
0 Kudos

Hi Megumi,

This is call HTTP Security Session Management.

Check if this function is active in ECC System via tcode SICF_SESSIONS.

The recommendation is to active this feature.

As you have activate this feature then you need to adjust your Portal to be aware of this.

Go to your system landscape configuration in System Administration.

Open properties of one of your ECC system connection

Choose All and modify :

ABAP HTTP Security Sessions Enabled to TRUE (checkmark)

This should solve your issue. But one thing you need to manage the buffer of Security session in ABAP system, so makesure to assign sufficient cache size

Regards,

Achmad

Show replies
Show replies
Former Member
‎06-25-2013 1:47 PM
0 Kudos

Hi Achmad,

According to your advice, and read the note,

Note 1471069 - Security Note - ABAP Security Sessions and SAML 2.0

I set the ABAP HTTP Security Sessions Enabled to TRUE but it failed.

When I set the value and tried to logon,exception happens to open the WebGUI iView.

Regards,

Megumi

achmad_dimyati5
Participant
‎06-29-2013 11:49 AM
0 Kudos

Hi Megumi,

Could you provide the error log from SICF_SESSIONS? Are your ABAP system has fulfill the requirement to activate HTTP Security Session Management?

Note 1322944 - ABAP: HTTP security session management

AS ABAP 7.0 as of Enhancement Package 2 (SAP_BASIS 7.02) or AS ABAP 7.2 (SAP_BASIS 7.20) and subsequent releases.

Don't activate anything in Portal before HTTP Security Session Management in ABAP has been activated


Best Regards,

Achmad

Former Member
‎07-01-2013 8:28 AM
0 Kudos

Hi Achmad,

Where can you see the SICF_SESSIONS log?

Our ERP, ABAPkernel is 720, SAP_BASIS is 731. It satisfies requirement to activate.

HTTP security session management is activated by default (I can see green status in SICF_SESSIONS for all clients).

When I set the flag ABAP HTTP Security Sessions Enabled to TRUE in System Landscape in the Portal and try to open WebGUI, the error below comes out.

-----------------------------------------------------------------

Content pass of Application Integrator failed.
Component Name:       'com.sap.portal.appintegrator.sap.Transaction',
Context Name (iView): 'pcd:portal_content/<Folder>/<desktop>/frameworkPages/<Framework page>/<iView>',
Top Layer:            'Transaction/DragAndRelateLayer',
Producer ID (FPN):    'null',
System Alias:         '<ALIAS>',
-----------------------------------------------------------------

[EXCEPTION]

com.sapportals.portal.prt.component.PortalComponentException: Error in service call of Portal Component

Application name : com.sap.portal.appintegrator.sap

Component : pcd:portal_content/<Folder>/<desktop>/frameworkPages/<Framework page>/<iView>

Component class : com.sapportals.portal.sapapplication.SAPApplicationIntegratorComponent

......

Caused by: com.sapportals.portal.prt.runtime.PortalRuntimeException: Exception in SAP Application Integrator occured: Unable to parse template '<System.Access.WAS.protocol>://<System.Access.WAS.hostname>/sap/public/bc/icf/logoff'; the problem occured at position 0. Cannot process expression <System.Access.WAS.protocol> because Invalid System Attribute:

System:    'System Alias: <ALIAS>, System ID: pcd:portal_content/<System Landscape>,

Attribute: 'protocol'.

-----------------------------------------------------------------

Could you give me any idea on this?

Megumi

Former Member
‎07-01-2013 5:45 PM
0 Kudos

You need to maintain WebAs settings of the backend system in the portal system landscape.

Former Member
‎07-02-2013 4:44 AM
0 Kudos

Hi Samuli,

I've set the system landscape parameters in Portal as described in Note 761917.

ITS has been defined, path is left blank since the ITS(WebAS) is 720, WAS is left blank because BW is not connected.

Could you help me to understand what "WebAS settings" means in your comment?

Megumi

achmad_dimyati5
Participant
‎07-02-2013 8:33 AM
0 Kudos

Hi Megumi,

Could you remove again the setting of "ABAP HTTP Security Sessions Enabled" in Portal then turn-off the HTTP security session management in ABAP for related client from SICF_SESSIONS?

Please see if it's work. This setting should solve your issue too but not recommended by SAP.

Regarding the latest error, you need to check the iview session property or you can recreate the iview after you have set "ABAP HTTP Security Sessions Enabled" in the system landscape.

Best Regards,

Achmad

Former Member
‎07-02-2013 3:05 PM
0 Kudos

WebAs, WAS, AS, whatever. You said it yourself, you have left the settings blank. Set them so that the respective ICF service can be called on logoff.

Former Member
‎12-20-2013 7:23 PM
0 Kudos

This solution did not work for us as the session was still showing as "waiting for timeout" in SM05.  The other solution (Thanks Achmad) to turn off 'ABAP HTTP Security Sessions Enabled' in the portal and disable the HTTP session management via SICF_SESSIONS on the ABAP backend did work.

Kind regards,

-Nathan

Former Member
‎12-20-2013 7:24 PM
0 Kudos

Thanks, this did the trick...

-Nathan

Ask a Question