cancel
Showing results for 
Search instead for 
Did you mean: 

WebDispatcher: URL rewrite

hofmann
Active Contributor
0 Kudos
291

Hi,

I want to enforce the use of SSL in the EP only for the logon to the Portal (/logon). Can I achive this with the SAP WebDispatcher or do I have to use a proxy solution (eg. Apache 2)?

With apache2 as a proxy, the rules are quite simple:

ProxyPass /logon https://server/logon

ProxyPassReverse /logon https://server/logon

ProxyPass /irj http://server/irj

ProxyPassReverse /irj http://server/irj

I´ve read that I can configure the WebDispatcher to do a URL redirect like / to http://server/irj/portal:

icm/HTTP/redirect_0 = PREFIX=/, TO=/irj/index.html

Can I enforce this only for a specific URL and a new protocol (HTTPS)?

Example:

icm/HTTP/redirect_0 = PREFIX=/logon TO=/logon, PROT=HTTPS HOST=server, PORT=50001

icm/HTTP/redirect_1 = PREFIX=/irj TO=/irj, PROT=HTTP HOST=server, PORT=50000

Is the Webdispatcher capable of doing this or is it only a pass-through of the URL and only the protocol can be adjusted?

br,

Tobias

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

Tobias,

I don't think Webdispatcher can do Reverse proxy functionalities. Apache is best in your scenario, also the new apache LB module allows you to use it as a load balancer as well. We are using Apache as both reverse proxy and load balancer, thus eliminating the need for webdispatcher.

~Yasin

hofmann
Active Contributor
0 Kudos

Hi,

as a matter of fact, you can use Web Dispatcher as a reverse proxy. It's just not a full reverse proxy like Apache. An initial request from an SAP system can't use the Web Dispatcher. But the normal use case (Browser -> SAP) is supported and the Web Dispatcher is working perfectly.

The advantage of Web Dispatcher over Apache is the built-in support for ABAP BSP applications. Apache can't support this and any other load balancing solution (HW, Round-Rubin, DNS) won't achive the same level of load balancing as Web Dispatcher. Also, the general load balancing is better, because the Web Dispatcher knows the load of the application server.

My solution involves a rule on the Web Dispatcher for a protocol switch from HTTP to HTTPS for request to /logon and for normal portal requests like /irj I enforce the use of HTTP.

br,

Tobias

Former Member
0 Kudos

Hi Tobias,

I totally agree with you on the fact that Webdispatcher can be used as a reverse proxy to a certain extent. We are using Apache as both reverse proxy and load balancer to load balance our portal servers, as we don't want to use too many components i.e., apache as reverse proxy and Webdispatcher as load balancer.

We have put some custom rules in apache to read the server ID and cookie info to maintain stickiness and intelligently load balance the requests based on the algorithm (Request Counting and Weighted Traffic Counting). Apache can even detect if your portal server is down, and forward the requests to the other node.

We have created 2 apache services with it's own config files. One for 443 and the other for 80. Any requests going to port 80 will be automatically redirected to port 443.

Here is the redirect rule on apache service 80:

RewriteEngine On

RewriteCond % !=on

RewriteRule ^/(.*) https://%%

Hope this would be of some help. Thanks.

~Yasin

hofmann
Active Contributor
0 Kudos

Found the answer by myself.

Former Member
0 Kudos

post the answer please

Koti Reddy