Hi Portal Experts,
Yesterday we have set done the changed recommended in SAP note 1310561 - SAP J2EE Engine Session Fixation Protection in our config tool . All we have done is SessionIdRegenerationEnabled = TRUE.
But when we ran few webdypro iViews , we found the bellow error in NWA logs
Session unknown: Request with URI=/webdynpro/dispatcher/sap.com/tc~lm~webadmin~mainframe~wd/WebAdminApp was sent to unknown session. Either request with wrong session parameters was sent, or session has expired before .
I would like to know if any one of you have come across this error before and fixed the issue. May I request you please give me your suggestion as we are trying to provide security to our portal applications (bespoke) from 3rd party hacking tools such as burp suite security testing tools.
Best Regards
Maruti