cancel
Showing results for 
Search instead for 
Did you mean: 

Login via URL Parameter not possible after EHP6 upgrade

Former Member
0 Kudos

Hi All,

There is a problem when we are trying to login to webdynpro application via URL parameters SAP-USER and SAP-PASSWORD.

Getting the error "Logon with URL parameter not possible; logon cookie is missing" Error no. ICF_SYSTEM_LOGIN402

We understand the security risk but still we need this feature to be activated.

Regards,

Manish

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

You will have to set "Deactivate Login XSRF Protection", see SAP note 1617090.

https://service.sap.com/sap/support/notes/1617090

Former Member
0 Kudos

Thanks for the help.

Former Member
0 Kudos

Hi Samuli,

For which service we should set this setting?

Thanks,

Raja

Former Member
0 Kudos

Hi i have the same error, but i try to login with url external. Help me please.

I try with the answer in the other post but thes configuration it´s ok.

Answers (2)

Answers (2)

Former Member
0 Kudos

Same Error, but there wasn't an upgrade running before error occured. Should the Error also be fixed? The error occured on a customer system. So won't try several things to fix it.

Former Member
0 Kudos

It can also happen in case SAP notes are applied or Support Packages are installed. Provide the details of your SAP version including SP levels of relevant components. In case your problem isn't related to XSRF protection, I suggest you create a new discussion thread.

Former Member
0 Kudos

I created a new Discussion. There weren't any changes made on the system.
http://scn.sap.com/thread/3431417

satyabrata_sahoo3
Contributor
0 Kudos

As suggested by Mr Samuli follow the note 1617090.

Solution:

Activate or deactivate the logon cookie

-------------------------------------

You can configure whether the logon cookie is to be used and you can activate or

deactivate it in the service settings. The default value depends on your release. The

configuration switch is provided in transaction SICF. To access it, double-click a service

to call the service settings and choose the "Error Pages" tab. On the "Logon Errors" tab

page, choose the "Configuration" pushbutton for the system logon. In the system logon

settings, set the "Deactivate Login XSRF Protection" indicator accordingly.

-Satya

Former Member
0 Kudos

Hi Sahoo,

For which service we  should set this setting.

Appreciate quick response.

Thanks,

Raja

satyabrata_sahoo3
Contributor
0 Kudos

Hi,

This can be done for individual webdynpro application services or global. Depending on your requirement.

ninad_ghalsasi
Explorer
0 Kudos

Hi Satya,

I have made changes as described, but while saving the changes for specific service or global services, it is asking for select a "logon class".

Pls. help...

- Ninad g.

vinoth_kumar7
Explorer
0 Kudos

It worked in my case. Thanks a lot 🙂