Start of Content Area

Background documentation icm/HTTP/admin_<xx>  Locate the document in its SAP Library structure

Use

With this parameter you can configure the Web-based administration interface.

You must set the parameter, if you want to monitor and administrate the ICM using the browser (see Using the Web Administration Interface). 

Prerequisites

      To use the ICM administration functions you must have created an initial administration user for yourself in the browser. This procedure is described in Using the Web Administration Interface.

      The ICM has opened the port that you set up as the administration port (icm/server_port_<xx>; see below under PORT).

Properties

Work area

Internet Communication Manager, SAP Web Dispatcher

Unit

Character string

Standard value

icm/HTTP/admin_0 = PREFIX=/sap/admin,DOCROOT=$(DIR_ICMAN_ROOT)/admin,AUTHFILE=$(icm/authfile)

Dynamically modifiable

no

Value Range and Syntax

The parameter has the following syntax:

Syntax documentation

icm/HTTP/admin_<xx> = PREFIX=<URL prefix>, DOCROOT=<directory> [, AUTHFILE=<file name>, PORT=<admin port>, HOST=<admin host>, CLIENTHOST=<admin client>] 

This is explained below.

      <xx> stands for a number. Numbers ascending from 0 must be used (compare with Generic Profile Parameter with the Ending <xx>).

      PREFIX: URL prefix that is called for this HTTP subhandler. The same procedure is used as with the SAP Web Dispatcher. This is described in Processing Administration Requests.

      DOCROOT: Root directory of the administration files.

      AUTHFILE: File name of the authoring file, where the hash values of the passwords for admin users are stored. Default value: icmauth.txt
If you do not have to authenticate the user (for instance, if the user has already been authenticated in the authentication handler, see icm/HTTP/auth_<xx>), you can specify AUTHFILE=none.

Caution

In the authorization file users and their group affiliation are in plain text, and the passwords are encrypted. Protect the file from undesired reading in accordance with your security standards.

      PORT: Local TCP/IP port where admin requests are accepted. This port must be specified in the parameter icm/server_port_<xx>. The relevant protocol is used according to whether the port is HTTP or HTTPS.

Recommendation

SAP recommends HTTPS, because otherwise the password of the admin user is transferred unencrypted.

Caution

You have to specify a port with PROT=HTTPS if you use HTTPS. You cannot use any port that is configured for End-to-End SSL (PROT=ROUTER).

      HOST: Local host name or IP address where admin requests are accepted. If "local host" or "127.0.0.1" is specified here, only local users can use the Web-based interface. If nothing is specified, admin requests are accepted by all host names.

      CLIENTHOST: Name or IP address where admin requests are accepted. This can restrict administration to one client host. If nothing is specified, admin requests are accepted by each host.

Example

If the parameter has the value

icm/HTTP/admin_<xx> = PREFIX=sap/icm/admin, DOCROOT=./admin, PORT=8888

and port 8888 is defined as an HTTPS port in

icm/server_port_0 = PROT=HTTPS, PORT=8888, TIMEOUT=15

and the host name is saphost, the ICP files are located in the subdirectory admin in the executable directory. You can administrate the ICM from the browser by entering the URL

https://saphost:8888/sap/icm/admin

in every line.

Log on with the initial user that you created when setting up the Web Administration. See Creating Administration Users

More Information

Note the following documentation associated with this parameter:

Using the Web Administration Interface

Security Information SAP Web Dispatcher

 

 

 

End of Content Area