cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Logged in with wrong User in SAP Portal

thomas_clemens3
Discoverer

on ‎02-08-2018 9:03 AM

0 Kudos

Hello,

we had several issues, that users enter their own credentials during portal login but are logged in as another user, with all roles in portal and also in the attached backend systems. This issue appears (fortunatly) very rarely and we are not able to reproduce it.

The affected users do not use the same client PC nore do they use a shared client environment. Though it seems, the user gets the session cookie of another user.

Last time I saw both users-ids in the security-log of the portal (login stack) with exactly the same timestamp (microseconds), which looks really strange and unlikely.

The portal is behind a loadbalancer and two webdispatchers.

There are also proxy servers in front of the loadbalancer.

Any ideas, what could cause this issue?

Thanks in advance and best regards,

Thomas

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

fabio_sarmento
Contributor
‎03-27-2018 1:22 PM
0 Kudos

Hi Thomas,
Do you know whether the PC where the affected users are facing the issue has the pop-up blocker activated?
Did you take an httpwatch and check whether all domains and level of subdomains are the same?

Check the following guided answer also:

https://ga.support.sap.com/dtp/viewer/#/tree/1103/actions/12345

Regards.
Fabio Sarmento

Show replies
Show replies
thomas_clemens3
Discoverer
‎03-27-2018 11:46 AM
0 Kudos

Hi Santarshi,

unfortunatly this seems not to be the Problem. The SAP call we opened for this issue has reached the development department. They never saw this issue before (in this constellation). We changed the severity of a bunch of trace-locations and hope there is enough data in the files to find the root cause of the issue when it happens again. We also patched the portal to the newest available SPS/PL.

This is a really nasty situation.

Regards

Thomas

Show replies
Show replies
former_member189925
Active Contributor
‎02-27-2018 6:59 AM
0 Kudos

Hi Thomas

Its quite strange that the user's are using different client PC and still they are able to see each others information. This issue is mostly seen in same PC when log off do not happen properly

Still can you please have a look at the below KBA :

1717945 - Backend is not logged off upon log off in Portal


Regards

Santarshi Samanta

Show replies
Show replies
Ask a Question