Skip to Content
0
Former Member
Mar 11, 2008 at 12:58 PM

Webdispatcher URL filtering

51 Views

Hello,

We've set up a webdispatcher to grant access to a WAS Java from the internet. For security, we've implemented an URL filter using parameter wdisp/permission_table. This is also where there is strange behavior:

Most URL's are filtered as stated in the permission table, with exception of the webdispatcher administrative pages. This means that http://<host>/sap/admin (no port, access on port 80) is accessible from the internet, even though an explicit deny has been set on /sap/* and /sap/admin/*.

Has anybody seen this behavior aswell and what can I do to protect the webdispatcher's administrative pages from access from "outside"?

Regards, Wilbert