Showing results for 
Search instead for 
Did you mean: 

EP 7.0 architecture and design

Former Member
0 Kudos


We are planning to implement EP 7.0 and i was wondering what other people who have already implemented would recommend.

I need general guidelines like scalability, sizing, security.

We have been using digital certificates on out current portal and would like to use an other authentication mechanism since certificates are expensive and difficult to maintain if there are thousands of users since renewal process is time taking and it has to be done every year.

Could anyone suggest anything related to using Reverse proxy mechanisms,etc.

Also need to know how many nodes, servers which would bring out optimal performance to EP 7.0 .

All useful inputs are appreciated and rewarded.



Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

helllo Claudius,

We have implemented EP7.0 in our environment and interms of proxy we have a ISA server fronting the WDispatcher.Although very safe performance has been a issue.

Hope this helps


Answers (2)

Answers (2)

Active Participant
0 Kudos

Hi Claudius,

in this scenariov: Browser - AS-ABAP Communication Through a Reverse Proxy

the browser communicates always with the AS-ABAP through a reverse proxy server. For this reason all generated URLs must contain the name and port of the reverse proxy server.


Proxy: (http:80, https:443)

Host: (http:1080, https:1443)



100 010 HTTP * WWW.SAP.COM 80

100 011 HTTPS * WWW.SAP.COM 443

As there is no application filter, table http synchronizes all requests in order to generate new URLs. The protocol is the factor that decides which entry is used.

You can also use the Apache Web server as the intermediary server. In this case, configure the Apache Web server as a reverse proxy that routes requests based on a set of rules and conditions. For this configuration, the Apache Web server uses the mod_rewrite and mod_proxy modules.

mod_rewrite is a URL rewriting module that performs modifications to the URL received by the Web server and creates a new request. These modifications are based on a set of rules and conditions that you also specify in the configuration file.

mod_proxy is a module that makes the Apache Web server the intermediary server. It transforms the response from the backend system and sends it back to the client so that it appears to have been sent from the Apache Web server. The backend system remains hidden.

This documentation provides only a brief description of the Apache configuration. For more information about configuring the Apache Web server as a reverse proxy, see the Apache Web server documentation.


The applications that are to be processed by the Apache Web server are deployed on the AS Java.



1. Copy any of the application’s files that are to be available to the client from its directory tree on the AS Java to the Apache Web server’s document root tree.

Do not copy the WEB-INF and meta-inf files to the Apache Web server’s directory tree. They contain specific information that does not need to be available to the client.

2. Edit the Apache Web server configuration file (httpd.conf):


a. Insert the mod_rewrite and mod_proxy modules in the Web server’s LoadModule and AddModule entries.

Example Configuration Entries

LoadModule rewrite_module modules/

LoadModule proxy_module modules/

AddModule mod_rewrite.c

AddModule mod_proxy.c

RewriteLog "/etc/httpd/logs/rewrite_log"

RewriteLogLevel 9

b. Using <Location> </Location>tags, specify the rules and conditions to use for the redirection. Use a separate <Location> section for each application that is to be redirected by the Apache Web server.

Example Redirection Rules

<Location /application_root_dir>

RewriteEngine On

RewriteCond % \.jsp RewriteRule ^(.+) [P] RewriteCond % Example

RewriteRule ^(.+) [P]



The Apache Web server redirects the corresponding requests to the AS Java.

      • if it helpful reward points are appreciated

Message was edited by:

Pierluigi Demaria

Active Contributor
0 Kudos

Hi Claudius,

Here our landscape for 1.3k users.

PRD is a dual xeon 3ghz with 4gb ram, raid 1 143gb.

2004s SP08 portal.

Single sign-on with spnego kerberos microsoft active directory

Reverse proxy : we use an apache for some tasks (it's free).

Security : Some users have certificate for a ssl connection. Auto

self-signed certificates via openssl (free).

DEV-QA are on a vmware server.

However, we don't have nodes, but for many thousands users, it's a must I think.


Former Member
0 Kudos

Can someone guide me in configuring a reverse proxy server and how useful is it (considering performance issues).

We have about 4000 users and planning to use Single sign on with simple user id and passwords since using certificates has caused some issue which we could not resolve.

Hope to get a head start with your suggestions.