cancel
Showing results for 
Search instead for 
Did you mean: 

Users getting access to other users' accout in SAP EP using Google Chrome

Former Member
0 Kudos

Hello All

We have found that when Google Chrome browser is used for accessing SAP

Enterprise Portal system, the users are able to access a different

person's profile/account.

We have not seen this issue happening with Internet Explorer. and Mozilla Fire fox

How can it be overcomed ? Is it possible How exactly its happening , share me the toughts

Thanks

Kumar

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

Hi Kumar,

  We'll need a little more information to help out such as... how you've configured your login module stack... what your default authentication scheme is... are there any front-end servers in play (like web dispatcher or reverse proxy)... is this machine used by only 1 user or is it more 'public'... etc.

  The simplest answer I can offer in the absence of any additional information is that the session-based cookies held in the local browser are being corrupted and the wrong user's cookies are represented to the Portal server.

  Simply put, the SAP logon ticket is a session-based browser cookie. If that cookie were properly signed (came from authorized ticket-issuing system in your landscape, usually Portal), and not expired or invalidated in any way (DNS domain changes, etc.), and it were offered to the NW Portal... you could certainly be SSO'd right along.

  Like I said, there are many ways this might happen but without additional info, the best I can say is "you've got a cookie problem".

-Kevin

Former Member
0 Kudos

Kevin,

Totally agreeing with you. I think the session cookies were corrupted and I believe, clearing the session cookies could solve the problem.

Worth to try

Thanks.