on 04-10-2012 11:04 AM
We applied some patch java on our Solution Manager 71 just upgraded, as for Oss note 1639266, then we found out we are unable to logon to the /nwa or /sld services of the J2EE.
A blank , empty page is displayed whitout no errors popup.
Every time we try to access these pages, or the /useradmin too , into the default trace file this error is loged :
".......
#1.#D2F75EB47F03006C00000001006100340004BD4FA23DF9BA#1334049628879#com.sap.engine.services.security.authentication.logonapplication#sap.com/com.sap
.security.core.admin#com.sap.engine.services.security.authentication.logonapplication.executeRequest#J2EE_GUEST#0##69ECEE1F82EE11E19D6D00000035F4B2#
69ecee1f82ee11e19d6d00000035f4b2-0#69ecee1f82ee11e19d6d00000035f4b2#SAPEngine_Application_Thread[impl:3]_19##0#0#Fatal##Java###Fatal Logon error
[EXCEPTION]
{0}#1#com.sap.security.core.logonadmin.AccessToLogicException: Error while executing the compilation process: [/usr/sap/TSM/DVEBMGS00/j2ee/cluster/
server0/apps/sap.com/com.sap.security.core.admin/servlet_jsp/logon/work/jsp_umLogonPage1334049627523.java:97: cannot resolve symbol
symbol : variable BLOCK_EXT_LOGON_APP_EMBEDDING
location: class com.sap.security.core.util.imp.LogonUtils
boolean isFrameEmbeddingDisabled = UMFactory.getProperties().getBoolean(LogonUtils.BLOCK_EXT_LOGON_APP_EMBEDDING, false);
........... " ^
We get a loook into the file :
/usr/sap/TSM/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap.security.core.admin/servlet_jsp/logon/work/jsp_umLogonPage1334050873388.java
and we found this, among other:
"....
Check if the logon application can be embedded in pages from different locations. If not, it will not be displayed at all.
.....
An access denied error will be thrown here if the page that embeds the logon page is in a different domain. Essentially this is the very problem fixed by this JavaScript, but not all browsers ban access between the document objects of the two frames (i.e. some browsers will not throw an error when the embedded page tries to access the embedding page
.......
A possible Cross-Frame Scripting attack has been prevented. Please contact your system administrator
or refer to SAP Note 1651004 for more information
......."
Pratically for some reason the system is managing my proper access attempts as cross scripting attack, blocking me out of the system.
I read note SAP Note 1651004, but into the configtool I'm not able to find the property indicated to verify the value.
Any advise how to disable the scripting protection ?
regards
Hi Roberto,
I have this same issue also and did not find a solution but as a "work around" you can login to your system using the "System Information" link http://hostname:port/monitoring/SystemInfo
You will get a popup instead of the usual login dialog but at least it by-passes this login method. Enter your admin username/password and then with the System Information page still open you should be able to automatically go to /useadmin and /sld without logging in as it will use the same login session.
I don't use /useradmin or /sld often so the above works until SAP release a solution or correction if they haven't done so already.
Regards,
Nelis
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
We applied the SCA files described in note 1651004 and now the problems
on the /nwa , /usermanagement or /sld are solved.
But we are still unable to open the tx SOLMAN_WORKCENTER or SOLMAN_SETUP;
we are continuosly receiving errors during the execution of the scripts.
It's something related to the new tecnology LIGHTSPEED rendering and to the parameter WDLIGHTSPEED=X as for note 1107662, but still no reason why it's not working here.
regards
User | Count |
---|---|
91 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.