Scribd
Upload
16 views3 pages

e - 20250704 Sap Its Incomplete Logoff

SAP Note 1058529 addresses the issue of incomplete logoff for ITS applications, where the SAP logon ticket remains in the browser cache, allowing users to access applications without re-logging. The note provides a solution that involves configuring the logon procedure to prevent storing logon data and ensuring proper settings for the external alias in transaction SICF. It also outlines prerequisites and references to other relevant SAP notes for successful implementation.

Uploaded by

pmantode86
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
16 views3 pages

e - 20250704 Sap Its Incomplete Logoff

SAP Note 1058529 addresses the issue of incomplete logoff for ITS applications, where the SAP logon ticket remains in the browser cache, allowing users to access applications without re-logging. The note provides a solution that involves configuring the logon procedure to prevent storing logon data and ensuring proper settings for the external alias in transaction SICF. It also outlines prerequisites and references to other relevant SAP notes for successful implementation.

Uploaded by

pmantode86
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

SAP Note

1058529 - Incomplete logoff for ITS applications


Component: BC-MID-ICF (Basis Components > Middleware > Internet Communication Framework), Version: 1,
Released On: 30.05.2007

Symptom
After you have logged off an ITS application in the browser, you can execute the application
again without logging on again.

Other Terms
WebGUI, logon, SSO2, ICF, system logon

Reason and Prerequisites


When you terminate ITS applications (for example, SAP GUI for HTML service), the system does
not delete the SAP logon ticket (SSO ticket) in the browser cache. If the browser window
remains open, you can then execute other applications with this logon. Also see Note
1039335.

Solution
For ITS applications (for example, IACs) that require the SAP logon ticket (SSO ticket) in
order to function correctly, see Note 735612.

To ensure that no logon data is stored in the browser after you execute ITS services in the
Internet Communication Framework (ICF), you need to perform the following steps to maintain
the logon procedure, in addition to implementing the attached correction instructions:
1. Create an external alias in transaction SICF that refers to the ITS service (for
example, "/mygui", which refers to the "/sap/bc/gui/sap/its/webgui" internal service.
2. Avoid storing logon data in the form of "Basic Authentication", SAP logon ticket (SSO
ticket) and X509 certificates. You may only use "Fields Authentication" as the logon
procedure. Proceed as follows:
a) Select "Alternative logon sequence" on the "Logon sequence" tab page for the
external alias.
b) Remove all logon procedures except "Fields Authentication" from the logon
procedure list.
Comment: This setting prevents the ICF from issuing the SAP logon ticket (SSO
ticket) for the HTTP request.
3. You must first check the settings for the services. If the "System Logon" option is
deactivated on the "Error Pages" -> "Logon Errors" tab within the service, you have to
activate this option in the external alias.
4. To maintain a logoff page for ITS applications, refer to Note 916727.
Comment:
You can only use this procedure for ITS services that do not require an SAP logon ticket
(SSO ticket) in order to function correctly (for example, SAP GUI for HTML service). The
applications that consist of composite ITS services cannot use this infrastructure (for
example, the interaction of several IAC applications).
This solution is only available as of SAP Netweaver System Release 700.
This solution does not work in the portal or in composite applications that require an
SSO environment.

Before you implement this note, you must ensure that you have already implemented the
correction instructions from Note 1039335 into your system. In addition, before you
implement this note, you must add the following optional importing parameters to the
"PREPARE_OTR_DOCUMENT" method in the "CL_HTTP_SERVER_NET" class:
Parameter: WEBGUI
Type: Importing
Optional: X
Typing Method: Type
Associated Type: ABAP_BOOL
Default value: ABAP_FALSE
Description: Is the WEBGUI service active?

Attributes
Key Value

Other Components Basis Components > Frontend Services (SAP Note 1322184) > SAP Internet Transaction Server (BC-FES-ITS)

Other Components Basis Components > Web Dynpro > Web Dynpro ABAP (BC-WD-ABA)

Software Components
Software Component From To

SAP_BASIS 700 700

Correction Instructions
Software Component Number of Correction Instructions

SAP_BASIS 1

Prerequisites
Software Component From To SAP Note/KBA Title Component

SAP_BASIS 700 700 856711 Evaluating the SSL_ACTIVE attribute in ICF BC-MID-ICF

SAP_BASIS 700 700 893200 ICF: Configuration data in ICF disappears BC-MID-ICF

SAP_BASIS 700 700 963708 Error for incomplete required logon data BC-MID-ICF

SAP_BASIS 700 700 1039335 Incomplete logoff from an ITS WebGUI application BC-MID-ICF

Support Package
Software Component Version Support Package

SAP_BASIS 700 SAPKB70013

This document refers to


SAP Note/KBA Component Title
1322944 BC-SEC-LGN

1071924 BC-MID-ICF Deaktivating the buffering for ICF services

1039335 BC-MID-ICF Incomplete logoff from an ITS WebGUI application

916727 BC-FES-ITS SAP NetWeaver integrated ITS: Redirect to URL / ~exiturl

735612 BC-MID-ICF Deleting the SAP logon ticket for ITS applications

This document is referenced by


SAP Note/KBA Component Title

2018647 ABAP Http System Logon Page is issued repeatly even if the correct credentials are provided

1039335 BC-MID-ICF Incomplete logoff from an ITS WebGUI application

916727 BC-FES-ITS SAP NetWeaver integrated ITS: Redirect to URL / ~exiturl

735612 BC-MID-ICF Deleting the SAP logon ticket for ITS applications

1071924 BC-MID-ICF Deaktivating the buffering for ICF services

You might also like