Hello,
Did you check help.sap.com ?
http://help.sap.com/saphelp_nw70/helpdata/en/42/5cfd3b0e59774ee10000000a114084/frameset.htm
In fact, you need to use these parameters in the webdispatcher pfl file (usually sapwebdisp.pfl) :
csi/SAP/csa_lib = sapcsa.dll
csi/enable = TRUE
icm/HTTP/auth_0 = PREFIX=/,PERMFILE=permfile.txt,FILTER=1
The permission file is permfile.txt in this example.
The syntax is :
P/D/S <URI-pattern> <USER> <GROUP> <CLIENT-IP> <SERVER-IP>
Exemples :
P /sap/bc/bsp/sap/z_my_bsp/login.html * * myIP *
The login.html page is allowed only when called from myIP.
P /sap/bc/bsp/sap/z_my_other_bsp/*
All pages from z_myother_bsp are authorized from any IP.
You will see that filtering is active from the web administration in the Access handler page.
I did not try the filtering with end-to-en HTTPS.
BEWARE : It took me a long time to figure out that empty lines are forbidden in the permission file. Always begin empty lines with the comment character (#).
Hope this helps.
Olivier
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.