on 06-02-2022 5:10 PM
So I've noticed an issue that maybe pertaining to a Session cookie or an SSO Logon Ticket. An employee (User A) logs into our SAP Enterprise Portal and accesses Fiori My Inbox from an URL iView tile. After clicking on that tile, a new tab opens which displays the My Inbox App Screen. If User A closes out of the My Inbox tab, their credentials are still somehow stored. This becomes a security issue because a separate user (User B) can logon to the EP and click on the My Inbox tab and can see all of User A's worklists, PCRs, etc. I have tried creating an UI5 iView but the settings and parameters have been a nightmare to try and configure. Is there a way to automatically log a user out of Fiori My Inbox once the tab is closed? Maybe a change on the UME side of the portal, if not a config within the gateway backend ABAP system? Please assist.
Derrick Chandler
BCS Systems Administrator, ERP
User | Count |
---|---|
69 | |
8 | |
8 | |
6 | |
6 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.