Solution : https://service.sap.com/sap/support/notes/1301591 (SAP Service marketplace login required)
Summary :
This SAP Note addresses an issue where executing a HTTP request in the Internet Communication Framework (ICF) returns a "HTTP 400 - Session not found" error. It affects applications that require stateful HTTP communication, either via URL rewriting or cookies. The error results when HTTP requests either have invalid logon data or do not match the user data of the existing HTTP session. This issue is observed when security session management is active, generally post-NetWeaver 7.02. To resolve, ensure your application handles logon data correctly for stateful sessions or adjust the ICF configuration for user reauthentication. It's advised to carefully manage changes, noting the implications for transport requests and external alias use.
Key words :
sap internet communication framework team, active security session management, profile parameter icf/user_recheck = 0, internet communication framework, relevant netweaver application server, browser plug-ins, longer work due, terms security noteaccess, security session management, selected icf services
Related Notes :
1532874 | Upgrade: Changing the HTTP reauthentication |
1521197 | Update #1 to Security Note 1517094 |
1517094 | CRM-IC: Session Access Token |
1442046 | HTTP 400 - Session not found (for public & stateful Service) |
1436525 | |
1420203 | Enable foreign access to a stateful HTTP session |
1322944 | |
1302734 | Accessing the HTTP cookie "MYSAPSSO2" fails |
1277022 | |
977420 | ESID handling in the Internet Communication Framework |
561793 | Using a stateful/stateless session in the ICF |