on 02-20-2015 12:23 PM
Hi there,
we have some SAP NW AS JAVA systems in our dmz for internet usage. This systems are protected also from our rweb.
It's our desire to filter out automatically default SAP URLs, which should be on a rweb blacklist for example like the string "tc~lm~itsam~ui~mainframe~wd" for /nwa-access - see overview under /nwa/QuickLinks.jsp (=Quick Links for SAP NetWeaver Administrator) - to protect the systems against unauthorized persons from the outside.
To get an information about which apps are running we use the following command: sapcontrol -host xxx -nr yy -function J2EEGetApplicationAliasList
F.ex. for /sld, we get "sap.com/com.sap.lcr, /sld, 13, Yes, No."
Stupidly the sld is running as a webdynpro like the following URL shows: http://host:port/webdynpro/resources/sap.com/tc~sld~wd~main/Main
So the AppAlias for sld "sap.com/com.sap.lcr" and the technical path "sap.com/tc~sld~wd~main" are different.
Therefore to protect the system we should add string "tc~sld~wd~main" (technical URL path) to the blacklist.
My questions:
Where can i find the informations about the technical URL paths of all sap nw java apps like f. ex. sld, without manual testing in a browser?
How can we link these informations (ApplicationAlias with the technical URL path of the app)?
Thanks in advance,
Matthias
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.