SAP Landscape Management 3.0, Enterprise Edition

Session Security Protection

To increase security and prevent access to the SAP logon ticket and security session cookies, activate secure session management.

Session Security Protection on the SAP NetWeaver Application Server for Java

On the SAP NetWeaver Application Server for Java, set the HTTP provider properties as described in Session Security Protection on the SAP Help Portal.

XSRF Protection

SAP Landscape Management uses Cross-Site Request Forgery (CXRF/XSRF) tokens to access the HTTP-based interfaces as described in XSRF Protection for REST Services on the SAP Help Portal.