Hi experts,
I have post this question on [Security Forum|http trace;, here I just seek for any workaround to this situation...
I developed a portal content with WDA, and I create an iView according to this WDA.
I also create a Role which contains this iVIew, and my portal id is assigned to this Role
My portal id is using user mapping to backend IDES ERP system.
When I use firefox to view this iView content with http trace, I see the http header that contains information <sap-user> and <sap-password>, that means I can use this ID/PW to do something.
It might be a security issue if someone also get the ID/PW.
Is there any way to disable these information, or what can I do about this?
Any input is appreciated, many thanks.
Best regards,
Eason