cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SOAP Web Service security header

former_member747670
Discoverer

on ‎2021 Jun 14 6:10 AM

0 Kudos
625

Hi Experts

I need to know how to add the following security headers to a SAP SOAP API WSDL for a non PI, SOAP Web Service based integration:

  • Strict-Transport-Security
  • Content-Security-Policy
  • X-Frame-Options
  • X-XSS-Protection
  • Expect-CT
  • X-Content-Type-Options
  • Cache-Control

Thanks in advance.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
JoeGoerlich
Active Contributor
‎2021 Jun 14 1:26 PM
0 Kudos

Hi Anurag,

for almost all of them you need to do header modification inside the ICM using modification rules in a file specified by profile parameter. icm/HTTP/mod_<xx>.

For Strict-Transport-Security with SAP Kernel 7.53 the profile parameter `icm/HTTP/strict_transport_security' was made available.

Hint: X-Frame-Options and X-XSS-Protection are considered as deprecated.

Br,

Joe

Show replies
Show replies
Ask a Question