1. Skip to Menu
  2. Skip to Content
  3. Skip to Footer>

Expert Sessions!

SAPBW

Deleting a Query from OLAP Cache

Friday, 20 April 2018 01:04

This is an interesting tip which you will need when working on BW Query Specific Performance issues, you may have to delete a query from OLAP cache when you want to see a real performance of a query. Only when a query is deleted from OLAP cache, it will try to fetch the data from the database/disk which will result in the realistic runtime of a query, else the data will be fetched from OLAP cache which will be faster than the database access.

 

 

Read more...

Decentral Adapter Engine - Protecting Web Services - SystemCookiesDataProtection

Friday, 20 April 2018 01:04

When using De-Central Adapter Engine for contractors to get the messages from SAP system through Web Services functionality, post go-live it was identified in Penetration test that HttpOnly flag is not set for all the Cookies.

 There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive. You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

 

Read more...

Decentral Adapter Engine - Protecting Web Services - SystemCookiesDataProtection

Friday, 20 April 2018 01:04

When using De-Central Adapter Engine for contractors to get the messages from SAP system through Web Services functionality, post go-live it was identified in Penetration test that HttpOnly flag is not set for all the Cookies.

 There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive. You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

Read more...

SAP BW