Welcome to the Internet Communication Framework (ICF) space. This is the SCN WIKI starting point for topics around ICF.
The Internet Communication Framework (component BC-MID-ICF) is the middleware between the Internet Communication Manager (ICM, component BC-CST-IC) and the HTTP enabled ABAP applications. ICM communicates with the internet via HTTP and HTTPS protocols, while ICF communicates with the ABAP applications via their handler classes.
ICF services are entry points for HTTP enabled ABAP applications. ICF provides a framework where these services can be configured. Configuration possibilities include adjusting the logon sequence, the SSL requirement, the usage of HTTP security sessions, the behavior in case of HTTP errors, etc. While ICF provides this framework, each application can create and configure their own ICF services in the transaction SICF.
ICF also provides the System Logon functionality, which is a configurable logon page used by various applications (BSP, WebDynpro, WebGUI, etc.). The component for the ICF System Logon is BC-MID-ICF-LGN.
SAP Help Page: Internet Communication Framework
Common ICF Topics
- Missing Services in the Transaction SICF
- Consistency of the ICF Service Hierarchy
- Multiple Logon Check in ICF
- Timeout Control of HTTP Sessions
- HttpOnly and Secure Cookie Attributes in ICF
- URL Generation - How to Maintain the Table HTTPURLLOC
HTTP Whitelist Check with the Unified Connectivity (UCON) concept
- Logon Procedure Logic in ICF
- The logoff parameter redirecturl is marked as a security vulnerability
- How to control if an ICF service uses HTTP or HTTPS protocol
- Incomplete logoff from web based ABAP applications
Troubleshooting
HTTP Errors
- HTTP 400 "Session not found" / "Session Timed Out"
- HTTP 401 "Unauthorized"
- HTTP 403 "Forbidden"
- HTTP 500 "Log on with a dialog user"
HTTP 500 "Unknown error" / "Message E MD5 027 cannot be processed in plugin mode HTTP(S)"
- HTTP 500 "ICF service for Clickjacking Framing Protection is not active" / "Message E WEBDYNPRO_RT 031 cannot be processed in plugin mode HTTP(S)"
Errors / Warnings on the ICF System Logon Page
- Error "Logon cookie check failed; repeat logon"
Warning "No switch to HTTPS occurred, so it is not secure to send a password"
Warning "Protocol cannot be switched to HTTPS; HTTPS is not configured/active"
Warning "SSO logon not possible; logon tickets not activated on the server"
The ICF System Logon page is unresponsive or keeps reloading
Errors in the ABAP Backend
- Error "HTTP security context cache is full" in the System Log (tr. SM21)
- Error SHTTP082 "Could not find host or port information" in the transaction SICF
- Error "Processing error in Internet Communication Framework: ICF Error when..." in the transaction SRT_UTIL
- Error "HTTPIO_ERROR_READ_SECURE_STORAGE" in the transaction SM59
Learning ICF
Useful SAP Notes and KBAs
1947241 - Setting secure session restriction for a specific ICF service
2105302 - Multiple logon check based on security sessions for HTTP/HTTPS login into an ABAP System
2634640 - WDA: How to identify the runtime error in SAP UI 750 and above?
- 2063490 - Cannot logon to ABAP system via HTTP when using IP address in URL
- 2624121 - Extension of method CREATE_BY_URL from CL_HTTP_CLIENT by two optional parameters for proxy-user and proxy-password
2680503 - Set user and password for proxy over IF_HTTP_CLIENT~AUTHENTICATE failed in HTTPS
2319727 - Clickjacking protection framework in SAP Netweaver AS ABAP and AS Java
2704178 - The error HTTP 500 Redirect is not possible occurs in /sap/public/myssocntl or in /sap/public/bc/icf/logoff
2339387 - Warning "There is a problem with this websites security certificate" when accessing AS ABAP via HTTPS URL
- 1980475 - ITSMobile - Configuration settings regarding Logon, Logoff and Load balancing
- 2872932 - ITS applications timeout unexpectedly
- 2887651 - Issues with SameSite cookie handling
- 2913405 - SAP GUI for Windows: Dependencies to browsers / browser controls
- 2577263 - SAML2.0: How to disable SAML 2.0 authentication for a particular ICF service in AS ABAP
- 2734580 - Information Disclosure in SAP ABAP Server
- 3021771 - FAQ regarding the SAP Security Note 2734580
- 1240796 - HTTP logon fails with Basic Authentication and special characters
- 2544698 - How to capture HTTP traffic without 3rd party software/addon
Configuration of ICF Services (transaction SICF)
Service Data
Logon Data
Handler List
Error Pages