cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

'https' to 'http' after portal login...Please sugest

Former Member

on ‎04-22-2008 11:09 AM

0 Kudos

Hello All,

Have a very different strange requirement

Portal is integrated with LDAP

Portal is pulling data from SRM system.

Portal = NW04s EP7 SP9

SRM = 3.0 and resides on old external ITS system

Portal has been configured for 'https'

But when we access eprocurement system via portal 'https' request, the catalogue gives a blank pop-up screen.

Investigated and found that this issue is because of the protocol mis-match (portal on 'https' and SRM on 'http')

When we access portal with 'http', it all works fine

Question:

Is it possible to direct portal 'https' to 'http' after the user has successfully logged into portal.

I am aware that this is not a good practise, may even hamper the security but just want your inputs on this.

Awaiting Reply

Thanks,

Ritu

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎04-22-2008 11:27 AM
0 Kudos

Ritu,

Im not aware of a way of doing this.

I would say you have two options:

1. Stick to http for portal and SRM

2. I presume that the SRM system runs from a web AS? If so insure the WEB AS is ssl enabled.

Thanks,

Nick.

Show replies
Show replies
Former Member
‎04-22-2008 12:17 PM
0 Kudos

Hello Nick,

Thanks for your inputs.

The situation is that SRM being on old ITS system, to configure the same for 'https' will be a project in itself.

Secondly, since the system contains production data, we cannot afford to change anything withour concrete solution.

Coming back to your first point, I have recently configured portal on 'https' for security or else the login clear credentials were being passed in clear type..between portal and AD.

Actually I know that this is not possible and even if possible, its not recommended.

This portal server is integrated with HR (ESS/MSS - running on ITS), BW and other 3rd party applications.

A change in portal from 'https' to 'http' may disrupt some existing connection.

Moreover, SSL being on top of the 'http' layer, we could also end up risking the security factor here.

When a user los into portal using SSL, a SSL cookie is generated. How will it be to change or alter this cookie to behave like non-SSL cookie.

Please suggest.

Thanks,

Ritu

Former Member
‎04-22-2008 12:52 PM
0 Kudos

Hi Ritu,

Im not sure how to make a cookie behave like a non ssl cookie.

If you have ESS running on an ITS I presume you have set up ssl for the ITS?

If so just do the same configue on your SRM ITS server. I understand it may be a couple of days work, but would probably be your best option.

Thanks,

Nick.

Ask a Question