Hi everybody,

I am trying to configure WebDispatcher to work in the following scenario:

HTTPS -> F5 Load Balancer HTTP -> Web Dispatcher HTTP -> ABAP application servers

However, when the request gets sent to the web dispatcher and then the ABAP application server, it returns with the app server hostname and HTTP port, but the protocol for the request continues to be HTTPS.

I have added the following parameters to the Web Dispatcher's profile:

wdisp/add_client_protocol_header and wdisp/handle_webdisp_ap_header but these did not work (I tried using Fiddler and this test link http(s)://server.domain.ext:port/sap/bc/bsp/sap/system_test/test_proxy.htm) and neither of them show the parameter clientprotocol being set in the header.

I also tried to add rules to the modification handler file icm_filter_rules.txt (as follows) but it's not working either.

# Modification rules for WebDisp

# set WebDisp header

SetHeader clientProtocol https

SetHeader x-sap-webdisp-ap "http=80;https=443"

#

Do you think I'm missing something?

Any input would be highly appreciated.

Maria Sahukar

Hi,

I have an application which gets called by the client behind a reverse proxy server. I need to make an http call to another application deployed on the same server. How do I construct the URL?

request.getServerName() gives me the name of the reverse proxy server. How do I get the name of the server on which my application is deployed?

Regards,

Anushree

Dear Folks,

Assume that I have web-dispatcher (ABC server) and ECC system (XYZ server) or JAVA systems(PQR) with multiple application servers.

I want to enable end users to use Webdynpro ABAP application or SAP GUI for HTML or simply JAVA servers access (like EP for JAVA applications). Here load balancing (by the virtue of reverse Proxy) is done using web-dispatcher.

I am considering SSL configuration for secured communication.

Question:

Do I need to apply SSL certificate on Web-dispatcher only; or on each backend server; or on both(web dispatcher and backend) ?

Is it possible that I only apply SSL on web-dispatcher and end users access ABC server and requests gets routed to backend (XYZ or PQR) server and still my security requirement is fulfilled?

I have seen that organization apply SSL on reverse proxy server (apache or web-dispatcher) and on backend systems also.

Is it required to meet security need ?

Regards,

Arthur Rodrigues

Hello All,

I am requesting your help on the ADS version compatibility OSS note/help link.

I have a requirement to connect NW 7.4 AS ABAP with NW 7.0 AS Java (to tap on the ADS service installed on AS Java 7.0).

Let me know if it can be done successfully. Thanks

Hi everyone,

I'm installing the SAP Netweaver 7.4 SR2(as Application Server JAVA) for SAP Mobile Documents installation and the installation stopped in this point.

An error occurred while processing option SAP NetWeaver 7.4 Support Release 2 > MS SQL Server > SAP Systems > Application Server Java > Standard System > Standard System( Last error reported by the step: Instance SMD/SCS01 [PARTIAL] did not start after 5:00 minutes. Giving up.). You can now:

Choose Retry to repeat the current step.

Choose Log Files to get more information about the error.

Stop the option and continue later.

Log files are written to C:\Program Files/sapinst_instdir/NW740SR2/MSS/INSTALL/STD/.

I have attached the screenshot for the same along with error logs.

Regards,

Suraj

Hello,

I try to setup a https based connection to the sapstartsrv service including a client certificate SSO. The server validation for SSL is successfully done at client side. The sapcontrol program validates the server certificate (based on self signed certificates issued by myself as this is just for test purpose)

I can see the request for the client certificate in the trace information of the sapstartsrv.log

[Thr 139637867071232] ->> SapSSLSessionInit(&sssl_hdl=7efff976be18, role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT))

[Thr 139637867071232] <<- SapSSLSessionInit()==SAP_O_K

[Thr 139637867071232]      in: args = "role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT)"

...

[Thr 139637867071232]   No Client Certificate

The sapcontrol program should now send a client certificate... but I run into a http 401

sapcontrol -prot NI_HTTPS -host <remotehost> -nr <instancenumber> -function GetVersionInfo -debug

FAIL: HTTP error, HTTP/1.1 401 Unauthorized

If it is done via -queryuser the sapcontrol shows up with the requested information. But I want to do the authorization based on the certificate without providing user / pwd.

service/sso_admin_user_0 ist defined in the profile of sapstartsrv (default.pfl) which enables the request for the client certificate.

Self signed client certificate was added to SAPSSLC.pse on the sapcontrol side. The access is done from a linux system to another linux system. I read notes 1439348 and 1642340 and the sapcontrol / sapstartsrv is on kernel 7.21 PL 201.

Any ideas or suggestions on this issue ? 

Kind regards, Hinrich

Dear Gurus,

I am updating my ERP from EHP6 SPS9 to EHP7 SPS3 on HANA.

Before starting the update i went through the below note:

EHP7 FOR ERP 6.0: HANA Content Sanity Check Before Update

I am now stuck in the Phase MAIN_TRANSEXEC/MVNTAB_TRANS.

I request your help in resolving the issue.

The logs says:

2 ETP360 Begin: Act. of Shadow-Nametabs with DDL ("2014/05/05 05:10:02")

2 ETP301 ----------------------------------------------------------------------

2 ETP000   processing modeflag 'V'

2 ETP301 ----------------------------------------------------------------------

2 ETP330XActivation of Shadownametabs with DDL

2 ETP301 ----------------------------------------------------------------------

3 ETP379X05:10:02: activating Nametab "PPH_MRP_CHECKBUF":

2 ETP000   >> Name of inactive nametab to read  : DDXTT

2 ETP000   >> Format of inactive nametab to read: 5.0

3 ETP355Xstatements:

3 ETP000 CREATE SYNONYM "PPH_MRP_CHECKBUF" FOR

3 ETP000 _SYS_BIC."sap.erp.sappl.pph.v02.read.buffer/CA_MRP_CHECK_BUFFER_3"

3 ETP000

2WETP000 05:10:02: Retcode 1: error in DDL statement for "PPH_MRP_CHECKBUF              " - repeat

2EETP345 05:10:14: Retcode 1: SQL-error "258-insufficient privilege: Not authorized" in DDL stateme

2EETP345 nt for "PPH_MRP_CHECKBUF              "

2 ETP000  --------------- DB-ROLLBACK() ---------------

2EETP334 05:10:14: error in DDL, nametab for "PPH_MRP_CHECKBUF" not activated

3 ETP379X05:10:14: activating Nametab "PUREQITEM":

3 ETP355Xstatements:

3 ETP000 CREATE SYNONYM "PUREQITEM" FOR

3 ETP000 _SYS_BIC."sap.erp.sappl.mm.pur.me/AT_MM_PUR_REQ_ITEM"

3 ETP000

2WETP000 05:10:14: Retcode 1: error in DDL statement for "PUREQITEM                     " - repeat

2EETP345 05:10:26: Retcode 1: SQL-error "258-insufficient privilege: Not authorized" in DDL stateme

2EETP345 nt for "PUREQITEM                     "

2 ETP000  --------------- DB-ROLLBACK() ---------------

2EETP334 05:10:26: error in DDL, nametab for "PUREQITEM" not activated

3 ETP379X05:10:26: activating Nametab "POHVAL":

3 ETP355Xstatements:

3 ETP000 CREATE SYNONYM "POHVAL" FOR

3 ETP000 _SYS_BIC."sap.erp.sappl.mm.pur.po-history/AC_MM_PUR_PO_HISTORY_VALUE"

3 ETP000

2WETP000 05:10:26: Retcode 1: error in DDL statement for "POHVAL                        " - repeat

2EETP345 05:10:38: Retcode 1: SQL-error "258-insufficient privilege: Not authorized" in DDL stateme

2EETP345 nt for "POHVAL                        "

2 ETP000  --------------- DB-ROLLBACK() ---------------

2EETP334 05:10:38: error in DDL, nametab for "POHVAL" not activated

2 ETP301 ----------------------------------------------------------------------

3 ETP361 "0" Shadow-Nametabs activated, DDL executed

2 ETP362 "3" Shadow-Nametab activations failed

2 ETP360 Begin: Act. of Shadow-Nametabs with DDL ("2014/05/05 05:10:02")

2 ETP363 End  : Act. of Shadow-Nametabs with DDL ("2014/05/05 05:10:38")

2 ETP301 ----------------------------------------------------------------------

1 ETP180 UNKNOWN ACTION

1 ETP110 end date and time   : "20140505051038"

1 ETP111 exit code           : "8"

1 ETP199 ######################################

After activating the trace (http://service.sap.com/sap/support/notes/1809199) I could find the below information.

The logs for the error message are attached.

Please guide what authorization is to be provided to the user SAPERH.

Version Details:

Hana: 1.00.70.00.386119

Please help me know if i have missed any information, so that i can provide the same.

Thank you in advance.

Kind Regards,

Anuj

Hello,

I would like to create a new Trusting Relationship in SMT1 while an old one for the System doesn't work.

Before I can do that, I must delete the old Connection in SMT1. After selected the System and press the Delete-Button

got the following message:

I've checked all rights, and change to SAP_ALL/SAP_NEW, but cannot delete the old Connection. Is there a Special Table or security mechanism where the old Systems are stored and could be delete? So please help me. Thank's

Hi SAP World

I am facing an error while installation of ECC system it was stopped at the CHECK DDIC password phase

Even i have maintained the password all same but unable to continue the installation please help

me how to trouble shoot the issue

Even to change the password also ,i am not able to login into SAP System

The Gui is also not responding

I am also attaching the screenshots please help me

With Regards

Y Pavan Kumar

Hello

I wander about your experience in setting SSL on Process integration server
on Hana (i.e. Process Orchestration) on Netweaver 7.4 on Java only.

In ABAP I have experience in setting libraries in kernel diectory and set
parameters in HP-UX e.g. ssf/ssfapi_lib, sec/libsapsecu, ssl/ssl_lib, login/accept_sso2_ticket
and icm/server_port_2.

However How to deal with it once on java?

Thank you in advance

Jan

Hello, I install a SAP NetWaver Trial Versión on my laptop, and I stopped the server, but now I can't start my server again because I don't know the password. During installation I don't change default parameters. Somebody know what is the pass?

I thought it could be scn pass (because it is necessary for the installation), but it doesn't work.

Thanks.

On the SAP Marketplace, I can see an installation CD for:

SBOP BI PLATFORM 4.1 SP05 CLIENT TOOLS WINDOWS

but I can't see a 'maintenance' version of this.

Can I upgrade the client tools, or do I need to uninstall the old version (4.0) first and then install version 4.1 from the installation CD?

I did try using this installation CD, but it detected an old version, so wouldn't continue the install.

Hi Experts,

Communication channel CC_HTTP_RCV_DPSrequestToken is failing daily and when we try to ping the channel its showing it unable to reach HMRCGovt web site. \

Kindly help me on this .

Error in the Channel : " ERROR_SENDING_HTTP_REQUEST-Message Processing Failed due to Bad Certificate. Reason : com.sap.httpclient.exception.ProtocolException: Data is not repeatable"

Attached document for reference and error producing steps .

its only a Java system. Kindly help me on this .

Above is the communication channel failing daily we started manually its green now .when we try pinging the channel its showing, its unable to reach HMRC govet web site.( screenshot attached)

Thanks

Hi Gurus,

Searched everywhere in SCN but didn't find the solution. Please help me to find the source of one email in sap sost. There is notthing in trace or somewhere. All I know that this email is sent once on every tuesday but we have ot jobs running on that day. No signs of any similarity in job name and email doc name.

Hello there,

Would greatly appreciate if anyone could give some inputs or recommendation.

I faced this problem during SPS patching at 5.5 Execution phase.

note** My system is a dual stack

Trouble Ticket Report

Update to SAP NETWEAVER 7.0 (ABAP)SAP NETWEAVER 7.0 (JAVA)

SID................: XIP

Hostname...........: PISWESTP

Database...........: DB6

Operating System...: UNX

JDK version........: 1.6.0_81 SAP AG

SUM version........: 1.0.11.6

Source release.....: n/a

Target release.....: 7.00

ABAP stack present.: true

An error has occurred during the execution of the Deploy Java core components step with action execute. Service com.sap.sdt.j2ee.services.servicesimpl.SDMService failed with the following message:

Cannot execute Java process for deployList with parameters /usr/sap/XIP/SUM/sdt/tmp/deploy_list.txt.

You can find more information in the files /usr/sap/XIP/SUM/sdt/log/SUM/DEPLOY-JAVACORE_25.LOG and ProcessOverview.html.

SUM,execute,component-deploy-700,deploy-javacore,com.sap.sdt.j2ee.services.servicesimpl.SDMService,class com.sap.sdt.j2ee.tools.sdmprocess.SDMProcessException

important Log files as below

/usr/sap/XIP/SUM/sdt/tmp/deploy_list.txt

/sapmnt/XIP/patches/SAPJTECHS31_0-10003467.SCA

OperateSDM_165.LOG

Nov 23, 2014 4:49:51 AM  Error: Aborted: development component 'tc~sec~sso~app'/'sap.com'/'SAP AG'/'7.0026.20111228092803.0000'/'24', grouped by :

Cannot login to the SAP J2EE Engine using user and password as provided in the Filesystem Secure Store. Enter valid login information in the Filesystem Secure Store using the SAP J2EE Engine Config Tool. For more information, see SAP note 701654.

com.sap.sdm.serverext.servertype.inqmy.extern.DeployManagerAuthExceptionWrapper: Wrong security credentials detected while trying to obtain connection to the J2EE Engine.

(message ID: com.sap.sdm.serverext.servertype.inqmy.extern.EngineApplOnlineDeployerImpl.checkLoginCredentials.DMAUTHEXC)

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

I have performed sapnote 701654 - Deployment aborts due to wrong J2EE Engine login information

but still unable to proceed

In the Configtool: cluster-data  >Global Server configuration  >

services  >comp.sap.security.core.ume.service), the values are

ume.persistence.data_source_configuration = dataSourceConfiguration_database_only.xml

ume.login.guest_user.uniqueids=SAP*  

ume.superadmin.activated=TRUE

ume.superadmin.password= sample123

-----------------------------------------------------------------------------------------------

On Secure Store node

admin/user/XIP = SAP*

admin/password/XIP = sample123

During SUM 5.3 configuration, it requested for JAVA super admin SAP* password. I have key in 'sample123'

Summary
I believe this error below is the culprit

Nov 23, 2014 5:52:19 AM  Error: Aborted: development component 'tc~sec~sso~app'/'sap.com'/'SAP AG'/'7.0026.20111228092803.0000'/'26', grouped by :

Cannot login to the SAP J2EE Engine using user and password as provided in the Filesystem Secure Store. Enter valid login information in the Filesystem Secure Store using the SAP J2EE Engine Config Tool. For more information, see SAP note 701654.

com.sap.sdm.serverext.servertype.inqmy.extern.DeployManagerAuthExceptionWrapper: Wrong security credentials detected while trying to obtain connection to the J2EE Engine.

(message ID: com.sap.sdm.serverext.servertype.inqmy.extern.EngineApplOnlineDeployerImpl.checkLoginCredentials.DMAUTHEXC)

Would greatly appreciate if anyone could give some inputs or recommendation.

Best regards,

Alex

Hello to All.,

Is there any way to bound end user to see the print preview before giving the print command?

For e.g.: Suppose a report has 15 pages,user want only 5 pages of this report,but user gives the print of the entire report (15 pages..) generally.There is a wastage of 10 pages in this scenario.

I want to bound user, when he/she gives the print command, only print preview comes first, then only user be able to give the print of the document.

Is there any way to do this. Please do let me know?

Reply...

Regards,

JUNAID

Hi experts,

I'm trying to apply NetWeaver 740 SP08 to IDES with SUM but it fails with shortdump repeatedly.

Now I'm on Checks step in SUM, PREP_GENCHECKS/JOB_RSUPGRCHECKPRE, and the job RSUPGRCHECK aborted with shortdump STACK_NO_ROLL_MEMORY.

Source SP level is 740 SP07, OS is Windows 2012, DB is HANA rev82.

The error occurs in "SAPLRSDG_IOBJ_DB_READ", in "GET_IOBJ_FROM_DB".

Virtual memory in operating system level is still available at the dump generation, abap/heap_area_total is not reached.

I have adjusted em/initial_size_MB, em/address_space_MB, and abap/heap_area_total but EM+Heap used sizes at termination were almost the same.

Does anyone have an idea to tune and resolve the issue?

Thanks in advance.

Megumi

Hello consultant:

We are trying install Ixos, Archive Server, with Oracle 11g and Tomcat 7.0.41, On Red Hat Linux

We start correctly Oracle and Tomcat. We have installed OpenText Archive Server 10.2.1 and the installer finished OK in all components. For these installations we are use the following guide "Opentext Archive Server 10.5.0 Installation on UNIX/LINUX".

But we have the following issues:
1.- When we chech the url http://localhost:8080/w3monc he have different errors with:
BackupServer  --> Component: bksrvr (Can't connect to this rpc server)
DocServices --> Component: auxsrvr (Can't connect to this rpc server)
     Component:   jds  (Can't connect to this rpc server)
     Component:   unavail (Can't connect to docservice)

2.- When we start Spawner --> "service spawner start", and check status --> "spawncmd status", we see this, different services stop
program-id        sta pid        start time           stop time
-------------------------------------------------------------------------
Clnt_dp           T   0          07/16/2013 17:59:56  07/16/2013 17:59:58
Clnt_ds           R   20493      07/16/2013 17:49:24
Clnt_rpc          R   20491      07/16/2013 17:49:24
admsrv            R   20410      07/16/2013 17:48:23
bksrvr            T   256        07/16/2013 17:58:52  07/16/2013 18:03:53
chkw              T   256        07/16/2013 17:59:01  07/16/2013 18:04:03
db                T   0          07/16/2013 17:59:10  07/16/2013 17:59:12
dsaux             T   256        07/16/2013 17:59:23  07/16/2013 18:04:24
dssched           R   20408      07/16/2013 17:48:23
ixmonSvc          R   20413      07/16/2013 17:48:23
jbd               R   20250      07/16/2013 17:45:21
migration         T   256        07/16/2013 18:00:08  07/16/2013 18:05:09
notifSrvr         R   20412      07/16/2013 17:48:23
timestamp         R   20249      07/16/2013 17:45:21

3.- In the log we observe this error, for example:
In Clnt_rpc.log
ERR 16.07.13 18:20:06.754 . ::clnttcp_create clnt_tcp.c-243 cannot connect to addr [::1]:4020, errno=111(Connection refused)
ERR 16.07.13 18:20:46.757 . ::clnttcp_create clnt_tcp.c-243 cannot connect to addr [::1]:4033, errno=111(Connection refused)
ERR 16.07.13 18:21:06.759 . ::clnttcp_create clnt_tcp.c-243 cannot connect to addr [::1]:4050, errno=111(Connection refused)

In vmclient.log
ERR 16.07.13 18:10:03.696 ... ::clnttcp_create clnt_tcp.c-243 cannot connect to addr 180.93.149.196:4038, errno=111(Connection refused)
cslpo7bp01: RPC: Remote system error - Connection refused

In bkupSrvr.log
[root@cslpo7bp01 log]# more bkupSrvr.log
IMP 16.07.13 17:48:24.679 . main::main main.cxx-255 Backup Server started, Version=10.1.1, Release=A, generated on May  4 2011, 22:52:20
IMP 16.07.13 17:48:24.685 01 . MapNfsClnt::init NfsClnt.cxx-1279 about to mount server WORM on host localhost, port 4027, mount point /views_hs
ERR 16.07.13 17:53:24.696 01 ... NfsClnt::nfsMount NfsClnt.cxx-358 Connection timed out: cannot mount nfs server on host localhost, portNo 4027, mount point
/views_hs, errno=110(NFS request timed out)
FTL 16.07.13 17:53:24.696 01 . MapNfsClnt::init NfsClnt.cxx-1284 Input/output error: cannot mount server WORM
IMP 16.07.13 17:58:53.219 . main::main main.cxx-255 Backup Server started, Version=10.1.1, Release=A, generated on May  4 2011, 22:52:20
IMP 16.07.13 17:58:53.220 01 . MapNfsClnt::init NfsClnt.cxx-1279 about to mount server WORM on host localhost, port 4027, mount point /views_hs
ERR 16.07.13 18:03:53.231 01 ... NfsClnt::nfsMount NfsClnt.cxx-358 Connection timed out: cannot mount nfs server on host localhost, portNo 4027, mount point
/views_hs, errno=110(NFS request timed out)
FTL 16.07.13 18:03:53.231 01 . MapNfsClnt::init NfsClnt.cxx-1284 Input/output error: cannot mount server WORM

Please could you help me?, thanks for you collaborations.

Best Regards

Hi,

I have an application which gets called by the client behind a reverse proxy server. I need to make an http call to another application deployed on the same server. How do I construct the URL?

request.getServerName() gives me the name of the reverse proxy server. How do I get the name of the server on which my application is deployed?

Regards,

Anushree

Hi Experts,

I have a Mac, and when I print any spool request, this not print.

My Device Type in SPAD Transaction is POST2 and Host Spool Access Method is G.

When I want to print any spool order from SAP this appear with status completed, but in my Mac not appear any prompt from select the printer.

Any Idea?

Thanks in advance