cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CSRF Token Validation Failed - SMP 2.3 POST Operation

Former Member

on ‎01-15-2014 7:47 AM

0 Kudos

Hello Experts,

We have configured SAP Gateway OData services in SMP 2.3 with Relay server and testing these services in chrome rest client(POSTMAN).

When we call 'GET' method on SMP, It's working fine and able to fetch the csrf token.

But when we try to call 'POST' on SMP, It says '403 forbidden - csrf token validation failed' though we are passing csrf token value properly in headers.

From SMP logs, We found that SMP server is preparing payload and all header values properly before making call to gateway but when request reaches to gateway, CSRF token value gets disappeared, In return GW response gives 'CSRF token validation failed since value is going blank'.

Note that if we test 'GET'  and 'POST' method from rest client with SAP gateway server settings both are working fine and we don't see this error.

Also, POST request which is giving this error is passing through Relay server to a SMP proxy connection.

Any help would be appreciated.

Regards,

Abhishek Wajge

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎05-06-2014 12:56 PM
0 Kudos

Hi All,

I am working on some iOS native project using SMP , SAP Netweaver and Relay server.

I have installed smp 2.3 successfully as well as I have configured IIS 7.5 on a seperate server. Now on that server I am trying to set up Relay server. I have completed all the steps for setting up the relay server but when I am trying to open the url http://localhost/ias_relay_server/server/rs_server.dll. I am getting the below error.

Server Error in Application "DEFAULT WEB SITE/IAS_RELAY_SERVER"

Error Summary is :

HTTP Error 400.0 - Failed to attach to Relay Server state store

Bad Request

I have configured relay server so many times but this error is still same. Please if anyone has some idea, do let me know.

Thanks

Neha


Show replies
Show replies
midhun_vp
Active Contributor
‎01-15-2014 8:38 AM
0 Kudos

This code I used for SUP 2.1.3 might help you, but I can't see the usage of token in SMP 2.3.

public void Approve( String PONumber, String key, String note) {

  String payload = null;

  subURLSuffix = null;

  isDataAvailable = false;

  logger.d(TAG, "sup_pushEndpoint = " + sup_pushEndpoint);

  logger.d(TAG, "Creating Subscription Entry XML");

   List<ISDMODataEntry> allEntries = cache

  .getSDMODataEntries("PRHeaderCollection('"+PONumber+"')");

   ISDMODataEntry xmlUpdate = null;

  for(ISDMODataEntry entityItem:allEntries)

  {

  entityItem.putPropertyValue("Action", key);

  entityItem.putPropertyValue("Comments", note);

  xmlUpdate = entityItem;

  }

  

  payload = xmlUpdate.toXMLString();

  resCount =1;

  ISDMBundleRequest requests = new SDMBundleRequest();

  ISDMRequest subscriptionRequest = buildRequest(serviceDocPath + "/"

  + "PRHeaderCollection('"+poNumber+"')", this,

  ISDMRequest.REQUEST_METHOD_PUT, payload);

  requests.addRequest(subscriptionRequest);

  requestmanager.makeRequest(requests);

  logger.d(TAG, "Subscription Sent");

  while (!isDataAvailable) {

  logger.d(TAG, "Subscription Waiting Pattern : - " + isDataAvailable);

  try {

  Thread.sleep(1000);

  } catch (InterruptedException e) {

  e.printStackTrace();

  }

  }

  }

private static final ISDMRequest buildRequest(final String url,

  final ISDMNetListener listener, int requestMethod, String payload) {

  final String TAG = "Model buildReqest";

  byte[] utf8Bytes = null;

  ISDMRequest ret = new SDMBaseRequest();

  try{

  logger.d(TAG, "buildRequest()");

  if (ISDMRequest.REQUEST_METHOD_GET == requestMethod) {

  Map<String, String> headers = new HashMap<String, String>();

  headers.put("X-CSRF-Token", "Fetch");

  headers.put("Content-Type","application/atom+xml");

  ret.setHeaders(headers);

  } else {

  Map<String, String> headers = new HashMap<String, String>();

  headers.put("X-CSRF-Token", token);

  headers.put("Content-Type","application/atom+xml");

  headers.put("Cookie",cookie);

  ret.setHeaders(headers);

  if (payload != null) {

  try {

  utf8Bytes = payload.getBytes("UTF8");

  ret.setData(utf8Bytes);

  } catch (UnsupportedEncodingException e) {

  // e.printStackTrace();

  }

  }

  }

  }catch (Exception e) {

  String test = e.toString();

}

  ret.setRequestMethod(requestMethod);

  ret.setRequestUrl(url);

  ret.setListener(listener);

  logger.d(TAG, "buildRequest() OK");

  return ret;

  }

- Midhun VP

Show replies
Show replies
Former Member
‎05-02-2014 11:03 AM
0 Kudos

Hi,

I am trying to develop an iOS native application that can consume Odata services and it should be accessible through relay server and SAP mobile server.

I have an Odata service url http://ryolysapngwd.saudiceramics.com:8000/sap/opu/odata/IWFND/CATALOGSERVICE/

Now I want to access this url from iPad through relay server. I have configured all settings in SMP like I have created security profile, app Id etc. But I dont have any idea as how to maintain connection between Odata service and Relay server in my iOS code.

I know how to consume Odata services directly from SMP but dont know what all changes has to be made for connection through relay server like what should be the application end point registered in SMP and what should be the service url if we want to connect it via. relay server.

If any person has some idea, please do guide me.

With Regards

Neha Pandey

Former Member
‎05-02-2014 3:14 PM
0 Kudos

Hi Neha,

The format of the proxy connection is:

Accessing a Service through a Proxy URL

When Relay Server is in the picture, the URL becomes:

Request URL Format

Was this what you were looking for?

Thanks,

Andrew.

Ask a Question