Hi all
We want to use the SAP Web Dispatcher 720P113 to secure our external facing NetWeaver 7.3 Portal.
The Web Dispatcher can of course filter parts of the URL.
With this we would like to restrict the access from the internet to the necessary NetWeaver Portal Applications.
We hoped to create a minimum permission table file and started with the following:
#SAP Web Dispatcher permission table P /irj/* #DENY ALL D *
Then we realised we also had to permit /logon_ui_resources/* to be able to see the logon screen. Afterwards we could login, but could not see any portal images and so on.
Especially we don't want anyone to open /nwa or /sld or /startPage... and I don't know how many more critical URLs there are. Even if we block e.g. /sld somebody who knows the complete URL webdynpro/dispatcher/sap.com/tcsldwd~main/Main can login to SLD.
Of course we use SSL & firewall to the system, along with secure OS settings.
Has anyone implemented a permission table file with SAP Web Dispatcher and can supply us with a working, secure configuration or give any hints on how to identify critical portal applications?
BR
Michael