cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Reverse Proxy: internal server name is exposed

Christian_Gaert
Participant

on ‎03-06-2020 7:57 AM

0 Kudos

Hi all,

my customer is running SAP eRecruiting.

The eRecruiting is accessible via internet with a reverse proxy.

The problem: a web dynpro application is called via public URL. Then there is a redirect to the internal logon page of the netweaver with the internal domain. The internal server name should not be exposed to anymone in the internet for security reasons.

Example:

User calls this URL in browser: HTTPS://publicdomain/sap/bc/webdynpro/sap/hrrcf_a_reg_applwzd_unreg

Then there is a redirect to: HTTPS://internaldomain/sap/bc/webdynpro/sap/hrrcf_a_reg_applwzd_unreg and a HTTP-Error is shown (because the internaldomain is blocked by the reverse proxy).

Any ideas, how to prevent this from happening? How to make sure, that never ever the internal server names appear in the URL?

Thanks in advance.

Best regards

Christian

Show replies
Show replies
Answer
View Entire Topic
isaias_freitas
Advisor
Advisor
‎03-06-2020 1:44 PM

Hello Christian,

You can maintain the HTTPURLLOC table, forcing the URL generation to use the external domain.

The downside is that internal users must be able to access the system using the same external address, which is something you might have to address with your infrastructure team.

Best regards,

Isaías

Show replies
Show replies
Ask a Question