Skip to Content
0
Former Member
Nov 28, 2011 at 07:11 AM

http trace

72 Views

Hi experts,

I have post this question on [Security Forum|http trace;, here I just seek for any workaround to this situation...

I developed a portal content with WDA, and I create an iView according to this WDA.

I also create a Role which contains this iVIew, and my portal id is assigned to this Role

My portal id is using user mapping to backend IDES ERP system.

When I use firefox to view this iView content with http trace, I see the http header that contains information <sap-user> and <sap-password>, that means I can use this ID/PW to do something.

It might be a security issue if someone also get the ID/PW.

Is there any way to disable these information, or what can I do about this?

Any input is appreciated, many thanks.

Best regards,

Eason