Skip to Content
0
May 30, 2020 at 08:26 PM

sytanx for icm_mod_.txt file in SAP Webdispatcher

117 Views Last edit May 30, 2020 at 08:41 PM 2 rev

Hi,

Requirement: If user access from Outside office network then TwoFactorAuthentication for SSO and if user access from Inside office then only kerberos authentication.

So we have written Java script under SSO/OTPADMIN ( SAP SSO 3.0, NW Java) with IP ranges.

I am able to find IP if user is access from outside as we maintained wdisp/add_xforwardedfor_header= true for external DMZ WD only.

-----------------------------------------------------------------------------

I dont want to maintain wdisp/add_xforwardedfor_header= true

And I want to write IF statement in icm_mod_<SID>.txt in Internal WD.

If user access from inside office then X-forwarded-for will be empty. I will manipulate HTTP header with actual IP of Internal W . for ex. IP = 10.8.10.78

1. I maintained WD profile in Internal WD

icm/HTTP/mod_0 = PREFIX=/,FILE=/sapmnt/<SID>/global/security/data/icm_mod_<SID>.txt

2. content of icm_mod_<SID>.txt

if %{HEADER:x-forwarded-for} regimatch null

SetHeader x-forwarded-for 10.8.10.78

IS ABOVE syntax correct ? As i dont find exact syntax for x-forwarded-for in below SAP documents.

references used:

https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/49c7403a79350ce10000000a42189d/content.htm?no_cache=true

https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/9266acaa6b17cee10000000a421937/frameset.htm

Attachments

ovqxy.png (61.2 kB)