10-23-2017 5:50 AM
Hi Team,
Greetings!
I need a help from your side for restricting a url access to particular IP.
Scenario:- Our customer wants to restrict accessing a webservice url only using a particular IP and block the request from other servers/PCs.
I have tried using ACL file as well as web dispatcher url filter feature(permfile and permission table) by setting below webdispatcher parameters, icm/HTTP/auth_<xx> and wdisp/permission_table but when we activate these parameters entire portal or web dispatcher is getting blocked and getting access denied message.
Below is my webdisp profile and permfile as well as permission table.
Profile:-
icm/HTTP/auth_0 = PREFIX=/, PERMFILE=/usr/sap/SID/SYS/profile/perm_filter.txt
cm/HTTP/admin_0 = PREFIX=/sap/admin,DOCROOT=$(DIR_DATA)$(DIR_SEP)icmandir,AUTHFILE=/usr/sap/SID/SYS/profile/perm_filter,PORT=81$$
wdisp/permission_table = /usr/sap/SID/SYS/profile/ptabfile.txt
Permfile:-
# This is the "permission file" used by the Web Dispatcher Authentication handler
P /sap/bc/srt/wsdl *** IP
P /sap/bc/ui5_ui5/ *** *
P /irj/portal *** *
#D /UDDISecurityService/* *** *
permission table:-
#This is the permit table file for webdispatcher urls
P /sap/bc/srt/wsdl
P /sap/bc/ui5_ui5/
P /irj/portal
D /UDDISecurityService/*
#D *
whenever I activate these two parameters entire portal getting blocked.
Please check and suggest ASAP.
10-23-2017 3:31 PM
Hi Noufal Abdullah,
have a look at https://archive.sap.com/discussions/thread/2138766 .
Something like this is discussed there in detail. Your rule-set looks too short.
Regards, Lutz
10-24-2017 5:11 AM
Thanks Mr.Lutz Rottmann.
We have maintained same tables with required entries but it results blocking entire portal/web dispatcher.
10-31-2017 4:20 AM