SAP recommends that you configure the reverse proxy to use HTTPS/SSL for both inbound and outbound communication. In other words, you configure SAP Web Dispatcher to act as an SSL server towards the mobile client, and as an SSL client towards SAP Mobile Platform.
To set up inbound communication from the client to SAP Web Dispatcher, and outbound communication from SAP Web Dispatcher to SAP Mobile Platform Server, make the following settings:
Configure SAP Web Dispatcher to terminate and reencrypt SSL.
Configure the SAP Web Dispatcher server port.
In order to satisfy the requirement of the Same Origin Policy, all systems in an SAP Fiori app landscape have to be served by a single Web server access point. Therefore, you configure a single icm/server_port
in SAP Web Dispatcher to serve all back-end systems of an SAP Fiori scenario.
If you use X.509 client certificates distributed with SAP Afaria for user authentication, by default, Web Dispatcher will forward the client certificate within the HTTP header. In this case, you configure Web Dispatcher to require a valid certificate from the client in order to gain access to application resources.
Configure the connection to your SAP Mobile Platform Server or server cluster
If you installed SAP Mobile Platform in a server cluster, SAP Web Dispatcher will balance the load among the cluster nodes.
Open the Web Dispatcher profile file sapwebdisp.pfl
.
Configure the following parameters:
Parameter | Example Value |
---|---|
Determines how SAP Web Dispatcher handles inbound HTTP(S) requests. Specify |
|
Configures the SAP Web Dispatcher server port to use for incoming HTTPS requests. The index The
| Example for one-way SSL:
Example for mutual SSL:
|
Configures the Web Dispatcher for your SAP Mobile Platform Server or server cluster.
| Example for one-way SSL to an SAP Mobile Platform server cluster with 2 nodes:
Example for mutual SSL to an SAP Mobile Platform server cluster with 2 nodes:
|
Note
If the SAP Web Dispatcher instance is used only for SAP Mobile Platform, you only need the wdisp/system_<xx>
parameter to specify the system. The additional parameters rdisp/mshost
, ms/http_port
, and ms/https_port
are irrelevant in this scenario, and should be removed to avoid confusion.
Restart SAP Web Dispatcher.