cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SDMRequest with SUPRequestType gives 401 Error

Go to solution
former_member190602
Explorer

on ‎07-06-2012 1:31 PM

0 Kudos

Hello, Hello,

I´m developing an iOs application which should consume odata.

The settings are iphone -> relay server (with proxy settings) -> SUP -> SAP Gateway server ->odata service.

If I open the odata link with a browser in the intranet I get a xml -> fine!

If I use the iOs app in the intranet and use the HTTPRequestType I get a xml -> fine!

If I use the iOs app outside the intranet and use theHTTPRequestType I get nothing back -> Seems to be that the gateway server is not visible. (The HTTPRequestType should only use for tests and demos) -> switching to the SUPRequestType.

Now I use the iOS app with the SUPRequestType and get a 401 Error. It seems that a user and a password is needed!

But why and which? The SUP user don´t work and the service user on the gateway side don´t work. It should be an open service, thats why we don´t have createt any extra user administration.

Any suggestions? Or do I have add some configurations in the request object?

Regards

Daniel

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member190602
Explorer
‎07-16-2012 7:41 AM
0 Kudos

Well finally I got my app to work.

I saw that at the Application Endpoint the last "/" was not there.

You have to add it. Without it, the server makes a redirect.

If you try the URL in your browser. The browser adds the slash or maybe you see directly the redirect with an slash at the end. So if you test it in the browser, for your eyes it seems to be the right url.

Regards

Daniel

Show replies
Show replies

Answers (2)

Answers (2)

former_member190602
Explorer
‎07-11-2012 7:15 AM
0 Kudos

Hello Rohith,

I´m not using single sign on. The app should be for customers who don´t have a SAP account.

I put the SAP/Gatewayuser in the setters. Now the request accepts the values in the setter, because one mistake was: If I do not unlock/use the vault I should not regristrate to SUP with a vault password neither. ( <-- Here is the part with the helpful answear)

Now with the right user, I still not get my xml from the gateway. There is no error msg. in the app, but the SUP log file shows that the gateway makes a temporary redirect (maybe this is more a problem of the gateway, but with a GET on the service via browser there is no redirect)

regards

Daniel

Show replies
Show replies
rohith_deraje
Advisor
Advisor
‎07-11-2012 7:42 AM
0 Kudos

Hi Daniel,

Check if you are facing a similar isue mentioned in thread http://scn.sap.com/thread/3195766

Also check for the below.

Your service is enabled in default client(Ex: client 001.   )
When you run the URL in browser without specifying the client, it logs in to the default client. (URL http://<server>:8008/sap/opu/sdata/sap/LWMSD_ORDERSTATUS/)

Where as when you fire the request from app, you might be sending the other client client.(URL   http://<server>:8008/sap/opu/sdata/sap/LWMSD_ORDERSTATUS/?sap-client=400&sap-language=EN)

regards

Rohith

former_member190602
Explorer
‎07-11-2012 11:57 AM
0 Kudos

Hello Rohith,

in the logs (log level = Debug) in the SCC I see only the original url string without an appendix. That means I don´t know if the app sends a sap-client with the request.

Would a sap-client be appended at the url if no configuration about that are programed and if yes which client would it be?

regards

Daniel

rohith_deraje
Advisor
Advisor
‎07-11-2012 12:44 PM
0 Kudos

Hi Daniel,

You have mentioned that in the logs you do not see "?sap-client=XXX&sap-language=EN" . That means it is the same URL you use in app and browser. 

can you please post the logs. May be logs will help out to trace the issue.

Regards

Rohith

former_member190602
Explorer
‎07-11-2012 1:00 PM
0 Kudos

Hi Rohith, yes I use the same URLs here are the logs:

2012-07-11 13:49:47.549 DEBUG PROXY Thread-610 [com.sybase.suplite.gwc.req.util.domainReqRespLogHandler]Inside Domain Logger for ReqResp

2012-07-11 13:49:47.547 INFO PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GatewayConnectorHandler]ODP:Returning Response from Gateway Back to Message Channel

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]Connection released

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCConnectionPoolManager]-----Inside releaseConnection() of GWCConnectionPoolManager------

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.ConnectionFactory]---------In releaseconnection() method of Connection Factory--------

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]Response Body is written into OutputStream

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]------In writing response method-----

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]Response body is obtained from BackEnd

2012-07-11 13:49:47.546 INFO PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]ODP:Read response body from Gateway

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]-------Response code from GW is not 2XX--------

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]------------content type|encoding|length----------------0----

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]Response header keycontent-length          Response header value0

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]Response header keylocation          Response header value/sap/opu/odata/sap/ZMB_GW_APPNAME_V1/

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]Response header keyserver          Response header valueSAP NetWeaver Application Server / ABAP 702

2012-07-11 13:49:47.546 INFO PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]Response code is HTTP/1.1 307 Temporary Redirect

2012-07-11 13:49:47.546 INFO PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]ODP:Recieved the response from the gateway

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]--------------Finished firing the request to GW-----------

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]--------------Leaving FireRequest Method-----------

2012-07-11 13:49:47.546 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]--------------Finished Execute-----------

2012-07-11 13:49:47.529 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]--------------Before Execute-----------

2012-07-11 13:49:47.529 INFO PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]ODP: Firing the request to the Gateway

2012-07-11 13:49:47.529 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]----Host request header set is ----myCompanySAP06.myCompany-gmbh.de:8017

2012-07-11 13:49:47.529 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]header: key=Authorization    value= Not printed for security reasons

2012-07-11 13:49:47.529 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]header: key=Accept-Language    value=de

2012-07-11 13:49:47.529 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]header: key=Accept-Encoding    value=gzip

2012-07-11 13:49:47.529 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]----------In GWProxy fireRequest()----------

2012-07-11 13:49:47.529 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]--------------About to fire the request to the GW-----------

2012-07-11 13:49:47.527 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCConnectionPoolManager]-----leaving getConnection() of GWCConnectionPoolManager  -Connection is not from pool---

2012-07-11 13:49:47.527 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCConnectionPoolManager]Flag value is (2)false

2012-07-11 13:49:47.527 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCConnectionPoolManager]Address to which connection object has to be assigned is:http://myCompanySAP06.myCompany-gmbh.de:8017/sap/opu/odata/sap/ZMB_GW_APPNAME_V1

2012-07-11 13:49:47.527 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCConnectionPoolManager]Inside getConnection() of GWCConnectionPoolManager

2012-07-11 13:49:47.527 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.ConnectionFactory]Pm is not null

2012-07-11 13:49:47.527 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.ConnectionFactory]---------In getconnection() method of Connection Factory--------

2012-07-11 13:49:47.527 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]----Application Id sent from client is--------MB_APPNAME

2012-07-11 13:49:47.526 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWProxy]----------In GWProxy handle()----------

2012-07-11 13:49:47.526 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]----------Leaving GWCRequestAdapter constructor()----------

2012-07-11 13:49:47.526 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]Json Request header : [{"X-SAP-applicationId":"MB_APPNAME"},{"request":"GET"},{"url":"http://myCompanySAP06.myCompany-gmbh.de:8017/sap/opu/odata/sap/ZMB_GW_APPNAME_V1"},{"Accept-Encoding":"gzip"},{"Accept-Language":"de"}]

2012-07-11 13:49:47.526 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]context.getDeviceUserName() is user@admin

2012-07-11 13:49:47.526 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]Request header : [{"X-SAP-applicationId":"MB_APPNAME"},{"request":"GET"},{"url":"http://myCompanySAP06.myCompany-gmbh.de:8017/sap/opu/odata/sap/ZMB_GW_APPNAME_V1"},{"Accept-Encoding":"gzip"},{"Accept-Language":"de"}]

2012-07-11 13:49:47.526 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]Request body Read :

2012-07-11 13:49:47.526 INFO PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]ODP: Read the Request information

2012-07-11 13:49:47.526 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]UsrName/Pwd is extracted from context:

2012-07-11 13:49:47.525 DEBUG PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GWCRequestAdapter]----------In GWCRequestAdapter constructor()----------

2012-07-11 13:49:47.523 INFO PROXY MessageChannel Thread-562 [com.sybase.suplite.gwc.req.handler.GatewayConnectorHandler]ODP :Recieved a request to fire to Gateway

rohith_deraje
Advisor
Advisor
‎07-11-2012 3:13 PM
0 Kudos

Sorry Daniel,

I could not interpret much from the log.

I do not see any difference between calling from through browser or SUP apart from some additional headers in SUP call.

Can you check in the gateway once if redirect is enabled for the service. I dont know if this could be the cause. I am just guessing.

Steps:

Login to gateway server

Go to  transaction "sicf" and Run.

Expand the folder structure Host>>sap>>opu>>odata>>sap>>ZMB_GW_APPNAME_V1

Select the service and Right Click>. Display Service.

Check under error pages tab if "redirect to URL" is selected for (logon error, Appl error etc).

If checked, uncheck and try again.

Regards

Rohith

Former Member
‎07-06-2012 2:13 PM
0 Kudos

Hi,

   Is the user getting registered in Sybase Control Center and what type of registration are you trying out ? Usually we need to provide gateway username/pwd.

thanks,

Srikanth M

Show replies
Show replies
former_member190602
Explorer
‎07-06-2012 2:31 PM
0 Kudos

Hi Srikanth,

yes the the user get registered in Sybase Control Center. The 401 Message comes form the gateway server. I used the service user on which the service is registrated, still the same result.

I used the "setUsername" and the "setPassword" methods of the request.

Daniel

former_member190602
Explorer
‎07-06-2012 2:34 PM
0 Kudos

Does the service user oft he transaction "SICF" maybe need additional rights?

rohith_deraje
Advisor
Advisor
‎07-06-2012 2:52 PM
0 Kudos

Hi Daniel,

You have mentioned you are able to get data with HTTPRequestType. So nothing wrong with rights.

I guess something wrong with the way you are building the request object.

Please check the below link. It has goos sample code.

http://wiki.sdn.sap.com/wiki/display/mobile/Getting+Started+with+an+SUP-ODP+application+on+iOS+for+v...

Which type of security configuration are you using?  manual/SSO or Certificate based?

Also check if you have provided the correct "Application end Point" in your SCC. Details for configuring SCC is available at http://scn.sap.com/docs/DOC-23532

Regards

Rohith

former_member190602
Explorer
‎07-06-2012 3:14 PM
0 Kudos

Hello,

I used the security configuration like you mentioned in your example:

[manager setConnectionProfile:@"servername" withSupPort: 80 withServerFarmID:@"0"];

            [manager registerUser: @"unsername" withSecurityConfig:@"config" withPassword:@"pass" withVaultPassword:@"vaultpassword"];

I think it is the manual way. Everything else should be like in your example exept that I used the URL of the ApplicationEndpoint (which is the correct one).

kind regards

Daniel

rohith_deraje
Advisor
Advisor
‎07-06-2012 3:43 PM
0 Kudos

Hi Daniel,

the code you mentioned above is for registration.

If you have used the above code then, you should use SSO type registration. In that case your user name and PW will be the gateway user/password and it sill be stored to valut. During data request, if you unlock the vault, username and password will be automatically set to the request.

You can try manual registration as well.you should create sec config and application id as mentioned in http://scn.sap.com/docs/DOC-23532

Code sample for manual registration.

[manager setConnectionProfile:@"10.99.99.99" withSupPort: 5001 withServerFarmID:@"0"];

            [manager registerUser: @"SCCuser"  withPassword:@"activationcode" ];  // no sec config and valut

Also in the request code you can change as below.

// Data Fetch
    LiteSUPUserManager* userManager = [LiteSUPUserManager getInstance:@"APPLICATIONID"];
//    [userManager unlock:@"vaultpassword"]; // Commented

    id<SDMRequesting> request = [SDMRequestBuilder requestWithURL:[NSURL URLWithString:@"http://<Gateway host>:<port>/sap/opu/sdata/iwfnd/<Servicename>/"]];
    [request setRequestMethod:@"GET"];
    [request addRequestHeader:@"DUMMY-HEADER" value:@"XYZ"];
    [request setTimeOutSeconds:100];
[request setUsername:@"Gatewayuser"]; // Added
[request setPassword:@"password"]; //added
    [request startSynchronous];
    if ([request error] != nil ) {
        UIAlertView* alertView = [[UIAlertView alloc] initWithTitle:@"Request Error" message:[[request error] localizedDescription] delegate:self cancelButtonTitle:@"OK" otherButtonTitles:nil];
        [alertView show];
        [alertView release];
        return;
    }
    NSLog(@"%@", [request responseString]);
    NSData* respData = [request responseData];

Regards

Rohith

former_member190602
Explorer
‎07-06-2012 4:46 PM
0 Kudos

Hello again,

I tried the second example without open the vault and giving the user and pwd with setters.

Well now I get an Error with the description: "MessageChannelException: Login Failed: user '(null)'.

If this is not the standard message for login denied, than I would guess that the request loses or does not set the user information. 

regards

Daniel

Former Member
‎07-09-2012 3:50 PM
0 Kudos

Hi,

   Do you mean to say while using manual registration (using above) code and setting gateway username / password while making  request, you are facing Login Failed issue is it ?

Thanks,

Srikanth M

former_member190602
Explorer
‎07-09-2012 9:02 PM
0 Kudos

Hi,

yes If manual registrations means to use the setters for username and pwd, than you are right. If I dissable the line which unlocks the vault than I get an error like: login failure: user('null').

And If I don´t disable the line, I get a 401 Error I think in this case the request uses the user I used for the SUP and not accept the manual overwrite for the gateway server. The gatewayserver don´t know this user and repeats 401.  If I don´t use the vault the manual setting will not used neither and an error occurs that no user exists.

Well if the manual setting not work, maybe I have to do more work in the Sybase Control Center (SCC).

Is there a good and detailed tutorial or doku for the security configs or recommendations? Or could it also be that some security configs forbid to use manual settings?

best regards

Daniel

rohith_deraje
Advisor
Advisor
‎07-10-2012 6:00 AM
0 Kudos

Hi Daniel,

Please refer to this doc. This gives you step by step procedure for manual registration. Once you are registered successfully, you can follow the above code for request response.

http://scn.sap.com/docs/DOC-23532

Note that, once your application is registered, you need to registered first before calling register code.

I suggest you to clean the simulator and register fresh.

If you want to use SSO, then you should have the below settings.

1. A ticket issuing server(TIS) configured to validate the user and issue cookie( MYSAPSSO2 for SAP ABAP systems)

2. Gateway system should be configured to accept the cookies issued by TIS.

During SSO registration, the user/password is validated against the TIS and cookie recieved is stoted in server. When you request for data, server uses this cookie and logs in to gateway.

I guess, in your case, you are missing some configuration and hence getting 401.

Regards

Rohith

Ask a Question