cancel
Showing results for 
Search instead for 
Did you mean: 

How to publish SAP portal in WEB?

former_member183788
Active Participant
0 Kudos

Dear Experts,

Now we are using SAP portal for ESS & MSS only inside our network,How to publish SAP portal in web? So that our users can access it from outside our network.What are the requirements to do this?

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi Prathish,

Please go through the below help available for implementing SAP Portal as a public website or an external facing portal.

Implementing an External-Facing Portal - Portal - SAP Library

Implementing an External-Facing Portal (SAP Library - IT Scenarios at a Glance)

SandipAgarwalla
Active Contributor
0 Kudos

Well, publishing portal to internet is slightly different than the concept of external facing portal. EFP is mostly used for informational Portal scenario, using a light framework page on Portal and of course putting it to internet.

Light Framework page is not suitable for transactional portal..

Since you are using ess/mss, you keep your portal as is. one option is to have your portal accessible from public domains is thru a reverse proxy ( like Apache RP). The RP basically do lot of URL re-writing.

You need to talk to your network people about the viability.

Former Member
0 Kudos

Hi Prathish,

As Sandip has suggested, you can consult your network team to set up a reverse proxy in DMZ so that your ESS / MSS apps can be accessed over Internet.

You can also look for SAP Web Dispatcher and can configure it to act as a reverse proxy.

In our landscape, we've used SAP Web Dispatcher that is kept in DMZ and accessible from outside. This web dispatcher makes 302 redirect calls to our portal server and R/3 back end server to access WDA apps for ESS / MSS.

Please let me know should you need any additional info on how to configure SAP Web Dispatcher for accessing the SAP back end apps through Portal on Internet.

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

Have you got any guides or steps, how to do it?

Former Member
0 Kudos

Dear Prathish,

You can refer the following documents / guides for SAP Web dispatcher Installation and Configuration:

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/24396589-0a01-0010-3c8c-ab2e3acf6...

Basically, you'll have to involve your BASIS team and the Network team to set up the SAP Web Dispatcher and configure the ports so that the request can be received on those ports.

In our case, we've configured 2 Ports: 1 for Portal System and 1 for ECC (ABAP System).

Please let me know in case you need any additional information.

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

So i have to install WebDispatcher first right,

1)After that i have to do the reverse proxy configuration?

2)After reverse proxy, people can access sap portal from outside our network with browsers?

3)Can we change the http://hostname:port/irj/portal to https://www.mywebsite.com?

4)Should we need separate server for web dispatcher?

Former Member
0 Kudos

Dear Prathish,

Yes, you've to first install Web Dispatcher.

1. Once it is installed, then do the reverse proxy configurations.

2. People will be able to access SAP Portal over Internet and for that your web dispatcher should be accessible through Internet.

3. Once you configure your web dispatcher to act as a reverse proxy, you can achieve 3rd point.

4. Ideally, you should have a separate server for Web Dispatcher because it is generally placed in DMZ and hence should not be installed on your SAP server.

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

My SAP Portal is 7.4. So while installing i have to install the latest 7.4 version of Web-dispatcher?

Former Member
0 Kudos

Dear Prathish,

Yes, you're right. You need to install 7.4 version.

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

Downloaded the software and kept it in a separate server, where no other installations are there.

Our landscape for portal is in cluster environment, is there any difference on the installation?

In CMD its asking for message server hostname, i have to assign the message server and ports of sap portal right?

Have you got any installation guide for 7.4 in cluster environment?

Is the below link is correct, they installed it in a same server where sap is already there?

How to Install SAP Web Dispatcher in Microsoft Failover Cluster? | Deepak Khadye

Former Member
0 Kudos

Dear Prathish,

There is no difference in the installation of Web Dispatcher whether your portal is single server or in cluster environment.

Yes, you've to give your message server host name of Portal and HTTP port of message server in the profile parameters of Web Dispatcher.

Something like this will help:

wdisp/system_1 = SID=Portal SID, MSHOST=<FQDN of Portal>, MSPORT=81XX,SRCURL=/, SRCSRV=<FQDN of Web Dispatcher>:*

Please let me know in case you need any additional info on configuring the profile parameters of Web Dispatcher.

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

I got the below document,But if i am installing in different server, how i can do the configuration as in the note 1564222?

1564222 - How to install the SAP Web Dispatcher in a Microsoft Failover Cluster?

Former Member
0 Kudos

Dear Prathish,

Have you already installed the Web Dispatcher?

You can follow the below help document to configure Web Dispatcher to route the requests to multiple SAP systems.

One Web Dispatcher, Two Systems: Configuration Example - SAP Web Dispatcher - SAP Library

Now in your case, as it's a cluster environment, you will have to provide the central instance host name as host name of Message Server.

You can find the port information in the SCS profile of central instance.

You can get in touch with your BASIS team to do these configurations.

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

Installation finished,For the other configuration what i have to do next? How can i access portal through web dispatcher?

Former Member
0 Kudos

Dear Prathish,

Please configure the instance profile parameters now like the one that I've shared in one of my posts above.

#-----------------------------------------------------------------------------

#SAP Web dispatcher parameters

#-----------------------------------------------------------------------------

wdisp/system_conflict_resolution = 1

icm/server_port_0 = PROT=HTTP, PORT=8000

icm/server_port_2 = PROT=HTTP, PORT=80

wdisp/system_0 = SID=ECC System SID, MSHOST=FQDN of ECC System,MSPORT=HTTP Port of Message Server,PROT=HTTP/HTTPS, SRCURL=/sap/bc;/sap/, SRCSRV=*:8000

wdisp/system_1 = SID=Portal System SID, MSHOST=FQDN of Portal Server, MSPORT=HTTP Port of Message Server,SRCURL=/, SRCSRV=FQDN of Web Dispatcher:*


Also, modify the ITS Hostname and Web AS Hostname properties of your existing system object to Web Dispatcher Hostname and Port.


After configuring, everything click on Monitor Application Servers (Backend and Frontend) through Admin Interface.


You can also do checkconfig to check if your config is error free.

sapwebdisp pf=<profile> -checkconfig


Once everything is fine, you can access your Portal with the Web Dispatcher URL like the one below:


http://webdispatcherhostname.abcd.com/irj/portal

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

If i am editing the names in sap portal server, is there any issues, because currently people are working on that.

Where i can change the name of my portal http://myserver.com:port/irj/portal to http://myserver.com and how i can access it from outside my network like internet?

Former Member
0 Kudos

Dear Prathish,

Yes, if you modify the system object properties for ITS and Web AS in Portal, you will not be able to use SSO if you access the Portal with your Portal server <FQDN>.

For eg. If you currently access your portal with the URL like http://<FQDN of Portal server>:<Port>/irj/portal and you modify the system object properties as I suggested, you will face issues with SSO to your backend ECC system.

For this purpose, what you can do is to have a Public (Internet Call) / Private (Intranet Call) IP of your Web Dispatcher having the same host name (mapped in DNS).

In this way, you'll have a common host name to access portal either from Intranet or through Internet.

You can get in touch with your network team to do the required mapping of IPs in DNS.

Once, you do this, there will always be a single common URL to access Portal from anywhere (Intranet or Internet) something like: http://webdispatcherhostname.abcd.com/irj/portal

As I said before, the recommended way is to place the Web Dispatcher in DMZ so that it should accept the client calls coming from Internet and route it to the respective SAP server inside firewall.

Now, coming to your second question, you can achieve this by specifying the start URL of Portal server in NWA. Follow the below steps:

Access NWA by the url : http://<FQDN>:<port>/nwa

Follow menu path: Configuration > Connectivity > HTTP Provider Configuration

Enter /irj/portal in the default start page property and click on Save.

Now you'll be able to access portal without having need to type /irj/portal all the time.

Also, the default HTTP port is 80 and that's what we've given in our WD configuration and hence there is no need to even specify Port No while calling the web dispatcher.

Hope this info is useful.

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

I connected the webdisp to my ides portal and changed the profile, now its not starting the instance.

Webdispatcher profile:

# Profile generated by sapwebdisp bootstrap

# unique instance identifier

SAPSYSTEMNAME = WDP

# unique instance number

SAPSYSTEM = 05

# add default directory settings

DIR_EXECUTABLE = .

DIR_INSTANCE = .

# Accessibility of Message Servers

rdisp/mshost = AWQAFIDES-HQ

ms/http_port = 8104

# SAP Web Dispatcher Parameter

wdisp/auto_refresh = 25

wdisp/max_servers = 100

wdisp/shm_attach_mode = 6

# configuration for default scenario (medium size)

icm/max_conn      = 500

icm/max_sockets   = 1024

icm/req_queue_len = 500

icm/min_threads   = 10

icm/max_threads   = 50

mpi/total_size_MB = 80

#maximum number of concurrent connections to one server

wdisp/HTTP/max_pooled_con = 500

wdisp/HTTPS/max_pooled_con = 500

# SAP Web Dispatcher Ports

icm/server_port_0 = PROT=HTTP,PORT=8005

icm/server_port_1 = PROT=HTTPS,PORT=4305

# SAP Web Dispatcher Web Administration

icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,PORT=4305,DOCROOT=./admin,AUTHFILE=icmauth.txt

wdisp/system_conflict_resolution = 1

icm/server_port_0 = PROT=HTTP, PORT=8000

icm/server_port_2 = PROT=HTTP, PORT=80

wdisp/system_0 = JDT, MSHOST=AWQAFIDES-HQ.awqaf.gov.kw,MSPORT=8104,PROT=HTTP/HTTPS, SRCURL=/sap/bc;/sap/, SRCSRV=*:8000

wdisp/system_1 = JDT, MSHOST=AWQAFIDES-HQ.awqaf.gov.kw, MSPORT=8104,SRCURL=/, SRCSRV=AWQ-WEBDISP1.awqaf.gov.kw:*

Default profile for IDES:

SAPDBHOST = AWQAFIDES-HQ

j2ee/dbtype = mss

j2ee/dbhost = AWQAFIDES-HQ

j2ee/dbname = JDT

dbs/mss/server = AWQAFIDES-HQ

SAPSYSTEMNAME = JDT

OS_UNICODE = uc

SAPGLOBALHOST = AWQ-WEBDISP1

system/type = J2EE

SAPFQDN = awqaf.gov.kw

SAPLOCALHOSTFULL = $(SAPLOCALHOST).$(SAPFQDN)

service/protectedwebmethods = SDEFAULT

#-----------------------------------------------------------------------

# SAP Central Service Instance for J2EE

#-----------------------------------------------------------------------

j2ee/scs/host = AWQAFIDES-HQ

j2ee/scs/system = 04

j2ee/ms/port = 3904

icm/HTTP/mod_0 = PREFIX=/,FILE=$(DIR_GLOBAL)/security/data/icm_filter_rules.txt

ssf/name = SAPSECULIB

Instance profile for portal

SAPSYSTEMNAME = JDT

SAPGLOBALHOST = AWQ-WEBDISP1

SAPSYSTEM = 03

INSTANCE_NAME = J03

DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64

DIR_EXECUTABLE = $(DIR_INSTANCE)\exe

DIR_PROFILE = \\AWQAFIDES-HQ\sapmnt\JDT\SYS\profile

_PF = $(DIR_PROFILE)\JDT_J03_AWQAFIDES-HQ

SETENV_00 = PATH=$(DIR_EXECUTABLE);%PATH%

#-----------------------------------------------------------------------

# Copy SAP Executables

#-----------------------------------------------------------------------

_CPARG0 = list:$(DIR_CT_RUN)/j2eeinst.lst

Start_Program_00 = immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG0)

_CPARG1 = list:$(DIR_CT_RUN)/igsexe.lst

Start_Program_01 = immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG1)

_CPARG2 = list:$(DIR_CT_RUN)/dbclient.lst

Start_Program_02 = immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG2)

_CPARG3 = list:$(DIR_CT_SAPJVM)/sapjvm_6.lst

_CPARG4 = source:$(DIR_CT_SAPJVM)

Start_Program_03 = immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG3) $(_CPARG4)

_CPARG5 = list:$(DIR_CT_RUN)/sapcrypto.lst

Start_Program_04 = immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG5)

jstartup/trimming_properties = off

jstartup/max_caches = 500

j2ee/dbdriver = $(DIR_EXECUTABLE)\mssjdbc\jdbc4\sqljdbc4.jar

igs/listener/rfc/disable = 1

SAPJVM_VERSION = 6.1.018

DIR_SAPJVM = $(DIR_EXECUTABLE)$(DIR_SEP)sapjvm_6

jstartup/vm/home = $(DIR_SAPJVM)

#-----------------------------------------------------------------------

# Start J2EE database

#-----------------------------------------------------------------------

Start_Program_05 = immediate $(DIR_CT_RUN)\strdbsj2ee.cmd JDT j2ee

#-----------------------------------------------------------------------

# Start Java application server

#-----------------------------------------------------------------------

_JC = $(DIR_EXECUTABLE)\jstart$(FT_EXE)

Start_Program_06 = local $(_JC) pf=$(_PF)

#-----------------------------------------------------------------------

# Start internet graphics server

#-----------------------------------------------------------------------

_IG = $(DIR_EXECUTABLE)\igswd$(FT_EXE)

Start_Program_07 = local $(_IG) -mode=profile pf=$(_PF)

ssl/ssl_lib = $(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL)

sec/libsapsecu = $(ssl/ssl_lib)

ssf/ssfapi_lib = $(ssl/ssl_lib)

SETENV_01 = SECUDIR=$(DIR_INSTANCE)/sec

j2ee/instance_id = ID319232

login/create_sso2_ticket=2

login/accept_sso2_ticket=1

icm/host_name_full=AWQ-WEBDISP1.awqaf.gov.kw

login/password_change_for_SSO=0

start profile for portal:

SAPSYSTEMNAME = JDT

SAPGLOBALHOST = AWQ-WEBDISP1

SAPSYSTEM = 04

INSTANCE_NAME = SCS04

DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTAMD64

DIR_EXECUTABLE = $(DIR_INSTANCE)\exe

DIR_PROFILE = \\AWQAFIDES-HQ\sapmnt\JDT\SYS\profile

_PF = $(DIR_PROFILE)\JDT_SCS04_AWQAFIDES-HQ

SETENV_00 = PATH=$(DIR_EXECUTABLE);%PATH%

#-----------------------------------------------------------------------

# Copy SAP Executables

#-----------------------------------------------------------------------

_CPARG0 = list:$(DIR_CT_RUN)/scs.lst

Start_Program_00 = immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG0)

_CPARG1 = list:$(DIR_CT_RUN)/sapcrypto.lst

Start_Program_01 = immediate $(DIR_CT_RUN)\sapcpe$(FT_EXE) pf=$(_PF) $(_CPARG1)

DIR_INSTANCE = E:\usr\sap\$(SAPSYSTEMNAME)\$(INSTANCE_NAME)

enque/serverhost = $(SAPLOCALHOST)

OS_UNICODE = uc

#-----------------------------------------------------------------------

# Start SAP message server

#-----------------------------------------------------------------------

_MS = $(DIR_EXECUTABLE)\msg_server$(FT_EXE)

Restart_Program_02 = local $(_MS) pf=$(_PF)

#-----------------------------------------------------------------------

# Start SAP enqueue server

#-----------------------------------------------------------------------

_EN = $(DIR_EXECUTABLE)\enserver$(FT_EXE)

Restart_Program_03 = local $(_EN) pf=$(_PF)

#-----------------------------------------------------------------------

# Start gateway

#-----------------------------------------------------------------------

_GW = $(DIR_EXECUTABLE)\gwrd$(FT_EXE)

Restart_Program_04 = local $(_GW) pf=$(_PF) -no_abap

#-----------------------------------------------------------------------

# SAP Message Server for Java

#-----------------------------------------------------------------------

rdisp/msserv = 0

rdisp/msserv_internal = 3904

ms/standalone = 1

ms/server_port_0 = PROT=HTTP,PORT=81$$

#-----------------------------------------------------------------------

# SAP Enqueue Server

#-----------------------------------------------------------------------

enque/serverinst = $(SAPSYSTEM)

rdisp/enqname = $(rdisp/myname)

ipc/shm_psize_34 = 0

enque/async_req_max = 5000

enque/server/threadcount = 4

enque/server/max_requests = 5000

enque/server/max_query_requests = 5000

enque/table_size = 64000

enque/snapshot_pck_ids = 1600

ssl/ssl_lib = $(DIR_EXECUTABLE)$(DIR_SEP)$(FT_DLL_PREFIX)sapcrypto$(FT_DLL)

sec/libsapsecu = $(ssl/ssl_lib)

ssf/ssfapi_lib = $(ssl/ssl_lib)

SETENV_01 = SECUDIR=$(DIR_INSTANCE)/sec

Former Member
0 Kudos

Hi Prathish,

If you are getting dispatching error while accessing your Portal through Web Dispatcher, then there is certainly an issue with the instance profile of your Web Dispatcher.

Please do checkconfig to check if your Web Dispatcher config is error free / properly configured by running the following command.


sapwebdisp pf=<profile> -checkconfig


BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

I restarted the server and i am able to open sap portal with address https://sapwebdisp:4305/irj/portal, but in page am getting the error as below.

How can i change the URL https://sapwebdisp:4305/irj/portal to http://sapmycompany.com

Config:

Former Member
0 Kudos

Dear Prathish,

So, your Web Dispatcher profile is fine now and the issue is because you're accessing your Portal through Web Dispatcher over HTTPS Port.

In this case, you'll have to configure the SAP Web Dispatcher to Support SSL.

BTW, did you try to access the portal through Web Dispatcher on HTTP Port. I believe that should be working fine.

You can follow the below help document for configuring the SAP Web Dispatcher to support SSL.

Configuring the SAP Web Dispatcher to Support SSL - Network and Transport Layer Security - SAP Libra...

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

I can access with http.i need one more thing How can i change the URL https://sapwebdisp:4305/irj/portal to http://sapmycompany.com

Former Member
0 Kudos

Dear Prathish,

To remove the port in the calling URL, I think you should set the HTTPS port of Web Dispatcher to 443 instead of 4305 in the below profile parameters:

# SAP Web Dispatcher Ports

icm/server_port_1 = PROT=HTTPS,PORT=4305

Just try and let us know the outcomes.

Also, to eliminate the /irj/portal from the Portal URL,

you can achieve this by specifying the start URL of Portal server in NWA.

Follow the below steps:-

Access NWA by the url : http://<FQDN>:<port>/nwa

Follow menu path: Configuration > Connectivity > HTTP Provider Configuration

Enter /irj/portal in the default start page property and click on Save.

Now you'll be able to access portal without having need to type /irj/portal all the time.

Just try this as well as let us know if this helps!!!

BR,

Anurag

former_member183788
Active Participant
0 Kudos

Dear Anurag,

it didn't work for the port, irj/portal, i already removed. is there any other solution, my webdisp is like http://sapwebdisp:8005

hemanth2
Product and Topic Expert
Product and Topic Expert
0 Kudos

Hi Prathish,


Hope you are doing good.
What you are looking for is an external facing portal.

Please check:

External Facing Portal - Portal - SCN Wiki

and

Implementing an External-Facing Portal - SAP NetWeaver Security Guide - SAP Library

Thank you!

____________

Kind Regards,

Hemanth

SAP AGS