Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Login Session Over HTTPS

Former Member

‎11-08-2008 10:38 PM

0 Kudos

Hi Experts,

I have a requirement which says when accessing a J2EE engine it should be accessed on http and when a user log in the password and session should be on https, we are currently on NW04s SP16, Enterprise Portal.

For Example:http://****.local should take a user right to the login page. Then the password should be passed over ssl.

Thanks

1 REPLY 1

Former Member

‎11-09-2008 9:23 PM

0 Kudos

Perhaps I have missed something here and am stating the obvious, but have you considered blocking ports you don't want and disabling services you don't need?

In service.sap.com/security there is a document on which ports are needed for what in SAP environments and some guides on infrastructure security.

That would be a good place to start.

Cheers,

Julius