cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SUP 2.1 - Hybrid Web Container - SAP Backend Dynamic MBO Operation Authentication Issue

Former Member

on ‎03-21-2012 10:08 AM

0 Kudos

Hi everyone,

Topic: SUP 2.1 - Hybrid Web Container - SAP Backend Dynamic MBO Operation Authentication Issue

Our Objective
We are implementing a Leave Approval application on the Hybrid Web Container based on SUP 2.1. The app connects to the SAP backend to retrieve the leave details via SAP exposed Web Services (Function Modules built in SAP itself). The MBO authentication from SUP to SAP should be dynamic, thus the username and password used by the MBO (SAP Web Service) should come from the user via the Credential Screen and not static.

Our MBO'S
We have 3 MBO's in our Sybase Workspace environment:

.

We have 2 starting points in the workflow, a Credential Request and a Server Initiated point:


All the 3 MBO's have been set to CacheGroup of type On Demand.

When we trigger a Notification from Sybase workspace as per the jumpstart rules, we receive a message in the device containing the Leave Item ID.
This leave item ID is used by the MBO to retrieve all the other details from the SAP backend.

If the notification is loaded for the 1st time, it shows up a Credential Screen, allowing the user to key in a username and password.
This screen is then submitted as Submit Workflow with the username & password saved as Cache Credentials in its properties:

Then, the 1st page showing all the leave details is shown (Leave Approval screen). We are able to get all the data correctly.

The Problem
When user taps on Reject button, which calls the RejectLeave MBO, it will send over the Leave Item ID and comments to the SAP to perform the rejection. This works perfectly fine if we hard code the Authentication Username and Password of this MBO operation. When we check on the SAP side, the leave has been rejected.

However, when we switch to a dynamic one (username and password from the Credential screen to be used), the app quits as usual but the rejection does not take place in SAP.
The Definition screen of the MBO RejectLeave in Dynamic authentication mode as below:

Any help on this are highly appreciated.

Thank you.

Regards,
Haridev

Appendix
In the SCC site, we get the following error log when the RejectLeave MBO is triggered each time:

2012-03-21 16:39:34.558 WARN Other sup.mbs.17 [MAP_LeaveApproval.server.MAP_LeaveApprovalDB]{"entityKey":"0","requestId":"005818645561468fa151903c8cc9a184","replayFailure":0,"code":500,"pendingChange":"N","_rc":0,"message":"java.lang.RuntimeException:SOAP Fault from Web Service : Operation not supported","timestamp":"2012-03-21 08:39:28.66","operation":"Reject","level":5,"component":"RejectLeave","pending":false,"replayPending":0,"_op":"C","messageId":0,"disableSubmit":false,"eisCode":"0"}

2012-03-21 16:39:34.557 WARN Other sup.mbs.17 [MAP_LeaveApproval.server.RejectLeave] [RejectLeave]com.sybase.djc.transaction.TransactionContext.*AnonymousTransaction*
... 24 more
at com.sybase.vader.da.ws.soap.SoapInteractionOperation.execute(SoapInteractionOperation.java:551)
at com.sybase.vader.da.ws.soap.SoapInteractionOperation.invokeResultChecker(SoapInteractionOperation.java:1064)
Caused by: java.lang.RuntimeException: SOAP Fault from Web Service : Operation not supported
... 22 more
at com.sybase.vader.mms.DataServiceImpl.execute(DataServiceImpl.java:226)
at com.sybase.vader.statistics.MonitoringOperation.execute(MonitoringOperation.java:69)
at com.sybase.vader.da.ws.soap.SoapInteractionOperation.execute(SoapInteractionOperation.java:595)
Caused by: java.lang.RuntimeException: java.lang.RuntimeException: SOAP Fault from Web Service : Operation not supported
... 13 more
at com.sybase.djc.transaction.TransactionManager.invokeRequiresNew(TransactionManager.java:845)
at MAP_LeaveApproval.server.RejectLeaveRejectOperation$1.invoke(RejectLeaveRejectOperation.java:834)
at MAP_LeaveApproval.server.RejectLeaveRejectOperation.replayInternal(RejectLeaveRejectOperation.java:56)
at MAP_LeaveApproval.server.RejectLeaveRejectOperation.create(RejectLeaveRejectOperation.java:538)
at $Proxy0.execute(Unknown Source)
at com.sybase.vader.mms.TimedDataServiceImpl.invoke(TimedDataServiceImpl.java:54)
at java.lang.reflect.Method.invoke(Method.java:597)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at sun.reflect.GeneratedMethodAccessor396.invoke(Unknown Source)
at com.sybase.vader.mms.DataServiceImpl.execute(DataServiceImpl.java:238)
at com.sybase.vader.mms.DataServiceImpl.throwDSException(DataServiceImpl.java:163)
Caused by: com.sybase.dataservices.DSException: Failed to execute operation d1_map_leaveapproval_1__24213.create
at com.sybase.sup.server.runtime.AbstractMessageReceiver.run(AbstractMessageReceiver.java:103)
at com.sybase.sup.server.mbs.MessageReceiver_DJC.process(MessageReceiver_DJC.java:41)
at com.sybase.djc.transaction.TransactionManager.invokeRequiresNew(TransactionManager.java:747)
at com.sybase.djc.transaction.TransactionManager.invokeRequiresNew(TransactionManager.java:845)
at com.sybase.sup.server.mbs.MessageReceiver_DJC$1.invoke(MessageReceiver_DJC.java:27)
at com.sybase.sup.server.mbs.MessageReceiver_DJC.access$001(MessageReceiver_DJC.java:4)
at com.sybase.sup.server.mbs.MessageReceiver.process(MessageReceiver.java:600)
at MAP_LeaveApproval.server.intrnl.MAP_LeaveApprovalDB_ML.onMessage(MAP_LeaveApprovalDB_ML.java:13)
at MAP_LeaveApproval.server.MAP_LeaveApprovalDB.dispatchReceivedMessage(MAP_LeaveApprovalDB.java:172)
at MAP_LeaveApproval.server.intrnl.RejectLeaveRejectOperation_ML.onMessage(RejectLeaveRejectOperation_ML.java:21)
at MAP_LeaveApproval.server.RejectLeaveRejectOperation.replayHandler(RejectLeaveRejectOperation.java:838)
at com.sybase.sup.server.runtime.DeadLockRetryHelper.invokeInNewTransactionWithRetry(DeadLockRetryHelper.java:17)
at com.sybase.djc.transaction.TransactionManager.invokeRequiresNew(TransactionManager.java:747)
at com.sybase.djc.transaction.TransactionManager.invokeRequiresNew(TransactionManager.java:1011)
com.sybase.djc.transaction.TransactionRolledbackSystemException: com.sybase.djc.transaction.TransactionContext.*AnonymousTransaction*

2012-03-21 16:39:28.841 INFO DataServices sup.mbs.17 [com.sybase.vader.da.ws.soap.SoapInteractionOperation]66#LeaveRequestForm:1 harideva d1_map_leaveapproval.1_0 (sup.mbs.17) com.sybase.vader.da.ws.soap.SoapInteractionOperation::execute:350 - Executing SOAP operation - service address [http://mbsapdev.malakoff.com.my:8080/sap/bc/srt/rfc/sap/ZREJECT_LEAVE?sap-client=800], SOAP action []

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (6)

Answers (6)

Former Member
‎01-29-2014 1:25 PM
0 Kudos

Hi Harideva,

i wanted to ask you regarding BAPI you used to create  MBO leave approval application.

can you list the name of all those BAPI that you have used  for the Application.

Show replies
Show replies
Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎01-29-2014 2:58 PM
0 Kudos

saurabh shrivastava


Pelase raise a new thread here

Former Member
‎01-21-2013 11:20 AM
0 Kudos

hi,

I am also trying to do this dynamic authentication for web service. But, when i am do so, i am getting

an error.

Now, i do Next, it asks for default values. So how do we set default values for these system defined personalization keys.??

Can anyone help me with this.Its little urgent so PL. response ASAP.

Show replies
Show replies
craig_bennett
Explorer
‎01-30-2013 3:42 AM
0 Kudos

Hi Namrata (and others),

A colleague and I spent a lot of time on this (SUP 2.1.3) - specifically trying to use SAP Username and Password for authentication without SSO2 and X.509 (accepting that this is the superior authentication method).

We found that we could not use the 'username' and 'password' because either the SUP authentication failed or the SAP authentication failed (and clearly setting your SUP and SAP usernames AND passwords the same is not a valid option).

We tried multiple options and using direct RFC's and those same RFC's exposed at web services. We tried using different parameters (personalization keys) for the authentication but just couldn't get this to work using the normal SUP security profile. Others, as reported above seemed to have had success.

What we did find was that we could use the SAP authentication only option, using the SUP 'NoSecLogonModule', which bypassed the SUP authentication. So you create (for example) a HWC with a Credentials screen for the username and password (cc_username and cc_password) and use these in the web service call. There are other postings on how to effect this in detail.

Not suggesting that this is a properly secure method because, while authentication to the backend SAP system has occurred you've passed through SUP without authentication. But it is a valid method for prototyping before moving up to X.509 or SSO2.

Hope that this helps.

Dan_vL
Product and Topic Expert
Product and Topic Expert
‎01-30-2013 3:18 PM
0 Kudos

There is also a sample that attempts to cover and explain multiple scenarios of using credentials in a Hybrid App or Mobile Workflow.

Credentials in a Mobile Workflow  https://cw.sdn.sap.com/cw/docs/DOC-149768

Regards,

Dan van Leeuwen

Former Member
‎06-08-2012 4:51 AM
0 Kudos

Hi all,

Sincere apologies for late response.

The issue actually was, when deploying the MBO's using the Deployment Wizard in Sybase Unwired Workspace, it was pointing to the old web service connection profile.

We changed the Function Module name in the SAP backend.

We generated the web service for this new FM, thus the URL changed.

Although we deleted the old web service connection from the Sybase Unwired Workspace (bottom left section), and created a new web service connection, when doing MBO deployment, the Sybase Unwired Workspace will still point to the old URL that was deleted.

We need to manually change in the 4th screen of the Deployment Wizard, which most of us would usually skip through.

As for Meng Hau's question, the username has been given corrrect authorization on the SAP backend, no authorization issues.

Thanks guys.

Show replies
Show replies
Former Member
‎08-21-2012 11:13 PM
0 Kudos

Hi All,


I have the same problem, try to use users dynamic and does not work, you could help me.

Former Member
‎04-23-2012 11:43 AM
0 Kudos

Hi,

    

Did you check authorisation for the id you used?

Meng Mau.

Show replies
Show replies
koehntopp
Product and Topic Expert
Product and Topic Expert
‎04-20-2012 8:36 AM
0 Kudos

Haridev,

I want to thank you for this exceptionally well written question - screenshots to document what you did, excellent formatting - I like that a lot!

Frank.

Show replies
Show replies
Former Member
‎04-20-2012 8:25 AM
0 Kudos

Dear Harideva Anand

i wana do the same...can u share which bapi u use ???

and for authentication issue if u using window simulator than enter user id password thn close from top left corner X mark

it will work for u

Regards

Tushar Dave

Together We achieve more

Show replies
Show replies
Ask a Question