cancel
Showing results for 
Search instead for 
Did you mean: 

Security popup message shown when moving from secured(portal) to non-secure

Former Member
0 Kudos
135

Hai,

We are upgrading our enterprise portal from EP 5.0 to EP 6.0 and our ITS from ITS 6.1 patch 29 to ITS 6.2 patch 26. We use SAP R/3 4.6c system.

Our system framework is we one portal server. A load balancer to redirect to one of the four ITS servers.

A user will login to portal using the URL, https://abc.gov.sg, this will show a login page of portal. After the user key in the user id & password and login to the system, portal homepage is shown which will have SAP R/3 transaction as Iviews.

When a SAP R/3 transaction is invoked by clicking on SAP R/3 transaction Iview, ITS load balancer URL(http://itswcentral.abc.gov.sg-This is given as a property in portal when system landscape is defined ) is called, which

will redirect to the one of the ITS servers

(https://itswp01.abc.gov.sg/scripts/webgui/!)

The problem is when a SAP R/3 transaction is clicked

a security popup is shown stating "This page contains both secure and non-secure items. Do you want to display the non-secure items". The reason why this popup is show is, the control is moved from "https://abc.gov.sg" to "http://itswcentral.abc.gov.sg".

Please let me know how to suppress this security popup message.

Regards,

H.K.Hayath Basha.

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi,

The error message is standard security popup in most browser including IE.

There is a way of removing it, but because of security I would only do this in the trusted sites or possibly intranet zone.

From http://ask-leo.com/can_i_get_rid_of_the_this_page_contains_both_secure_and_nonsecure_items_warning.h...

In Internet Explorer, go to Tools, Internet Options, click the Security tab; make sure that in "Select a zone..." window the security zone you want to change is selected

Click Custom Level and scroll down about half way to "Display mixed content" in the Miscellaneous section

Change it from Prompt to Enable.

Click OK, Yes, and OK. The change should take effect immediately.

PS I would recommend moving ITS loadbalancer to HTTPS instead, but it nice to know why the client warns you of this.

Former Member
0 Kudos

Hi,

We had a similar issue with Portals and webdynpro running on the backend R/3 java stack. To resolve this we enabled SSL from Portal to R/3 ABAP, java stacks and configured ADS for SSL. We did not look at supressing the pop-up since we need to make sure the information is secure.

-RK

Former Member
0 Kudos

Hello,

Refer to SAP Note 872859.

Regards

Deb

Edited by: Debasish Sarkar on Apr 7, 2008 2:51 PM