Hey Hi Jitendra !!!

Yes, I have install the latest HWC SP04 from app store.

I am just not getting one thing that ,why it is referring to the Context variable from server [ you will find this under scc hybrid app - > select the app - >context variable] even when we have created the security configuration with HttpAuthenticationLogin Module and mapped it to the domain.

Kind Regards,

Amey

Hi Jitendra,

With reference to your post  - "A work flow application for release purchase order" I have similar requirement in my current applicaiton [Which I am migrating from sup 2.1.3 to sup 2.2 sp05], where I have MBOs created from SAP backend system, with all required attribute mapping under load argument for all the MBO.

I have first screen as a login screen where I am entering the login detail and on  menuitem I have mapped it as a online request with one MBO and using objectquery findby parameter but my getting login fail as a respone. when I tries to execute this on my ipad

I have few questions on this as,

while creating MBO do I need to set the runtime data source credentials  (username & password)

Does this is going to play any part in user authentication while login?

2. How your are getting data for your PO MBO in your post as even you have mapped it with sap backend

3 what security configuration you have used there As I belive that is playing the mail role

Please explain as this will help me to understand my hybrid application and it login fail issue

You need to keep the credentials of MBO dynamic. You need to select username and password there.

In the example given it must be using admin as security profile hence it takes the SAP credentials which was set in workspace.

Midhun VP

Hi Amey,

My understanding is:

1. while creating MBO do I need to set the runtime data source credentials  (username & password)
Does this is going to play any part in user authentication while login?

I created this application for POC work and mainly belonged to one SAP user. IF you want to authenticate login, have to set runtime credntials (select user name and password personalization keys while creating mbo)

2. How your are getting data for your PO MBO in your post as even you have mapped it with sap backend

I didn't get it properly.

Based on input parameter, i am getting the PO details. I have 3 load arguments in this mbo and mapped it to Propogate to attribute.

3 what security configuration you have used there As I belive that is playing the mail role

I used the admin sec with default domain.

Rgds,

Jitendra

Thanks Jitendra for your reply,

2. How your are getting data for your PO MBO in your post as even you have mapped it with sap backend

I didn't get it properly.

Based on input parameter, i am getting the PO details. I have 3 load arguments in this MBO and mapped it to Propogate to attribute.

For this, I mean,when your calling PO MBO An RFC associated with the MBO get called at back end and gave you the response but to execute that BAPI/FRC you should have a valid credentials those will execute that RFC at the back end.

how those credentials are getting passed?. Even I am using the admin configuration and my admin configuration has  NoSecLogin module and PreConfiguredLogin module provider added.

These credentials are those you are giving during creation of SAP server connection in SUP workspace. This is OK when you are testing in development. You can keep the credentials dynamic for production use.

Midhun VP

For this, I mean,when your calling PO MBO An RFC associated with the MBO get called at back end and gave you the response but to execute that BAPI/FRC you should have a valid credentials those will execute that RFC at the back end.

how those credentials are getting passed?. Even I am using the admin configuration and my admin configuration has  NoSecLogin module and PreConfiguredLogin module provider added.

For this application, i didnt set Runtime credentials. While deploying mbo to sup server, we select the SAP connection profile for the created mbo. Once its done, you can see a connection Pool in SCC, Domains>default>packages>connections

This is how that credentials (connection profile user name and password) are passed.

Rgrds,

Jitendra

Hi Jitendra,

Thank you for providing this information.

Now I am successfully logged in to the application.

In my exiting application I am binding the MBO with runtime data source credentials  and using the Admin security profile with NoSecLogin and PreCofiguredLogin module.

So I just remove the runtime credentials from MBO and redeploy the MBO pkg and hybrid app and this time I am able to login. and in SCC under client log I am able to see success as response but the user was supAdmin

So if we set the runtime credentials and use the admin security profile with (NoSecLogin and PreConfiguredLogin Moduel) we will not be able to call the RFC or MBO is this correct ?

So if we set the runtime credentials and use the admin security profile with (NoSecLogin and PreConfiguredLogin Moduel) we will not be able to call the RFC or MBO is this correct ?

Runtime credentials are nothing but run time personalization keys to the MBO. In case of HWC based app, if you want to do login from device (with sap backend credentials) if you have selected this option and have to deploy mbo with HTTPAUTHENTICATIONLOGINMODULE. If pass correct credentials then only you can get the data from mbos.

In your case i am not understanding why you want to use default admin security if you have to select Runtime credentials option. Please share some more points regarding your query.

Rgrds,

Jitendra

Hi Jitendra,

Thank you very much for replying me with all you support  and helping me to come out of this error

Yes, Actually I want to use a SAP credentials from HWC application. In my case I am working on one HWC application which I was migrated from 2.1.3 to 2.2 with SP 05

Before migrating HWC applicaiton [2.1.3 ] this was the setting ----> Defalut domain with Admin as a security profile and under the admin security profile these are the provider - > NoSecLoginModule and PreConfirguredLoginModule

And I got the details that the application was working fine with this configuration and getting the data from SAP with appropriate users details enter in the login screen.

And as per my knowledge to access the data from SAP system using MBOs one need to use HttpLoginAuthentication module with runtime parameters are bind with the MBO. but As i mention this is not the case in this application and its environment they are simply using the admin security profile.

And Now I am facing the login fail error while I am trying to access the data from SAP with this admin profile.

Any idea apart from MBOs where else i need to set this personalization parameters so that I can get the data correctly. In the Hybrid application there was a login screen previously developed which has a username and password field and on one custom menu item one online request is set with one MBO which takes username as input parameter to give the data.

As the login screen is custom developed, So is there any need, where login credential those are enter on the login screen should mapped with personalization parameters. If yes then please help me where I have to make the changes Because I think there is a disconnect that what ever enters on the login screen are not getting correctly mapped.

seems.. this thread is going towards interesting level

Before migrating HWC applicaiton [2.1.3 ] this was the setting ----> Defalut domain with Admin as a security profile and under the admin security profile these are the provider - > NoSecLoginModule and PreConfirguredLoginModule
And I got the details that the application was working fine with this configuration and getting the data from SAP with appropriate users details enter in the login screen.

1. Between these two sec providers, what is the control flag for NoSecLoginModule ? Required/optional? Which one is at 1st level at Authentication tab?
2. Which login credentials you used in the login screen? Other than SAP Connection profile one?
3. How did you create login screen? Isnt it like as Credentials screen? (this option comes when we create workflow app or Hybrid app designer)

Rgrds,

Jitendra

HI Jitendra,

1. Between these two sec providers, what is the control flag for NoSecLoginModule ? Required/optional? Which one is at 1st level at Authentication tab?

       - Control flag is optional for all

        there are total 3 provider -

         - PreconfiguredLoginModule with username - supAdmin and all the roles

         - NoSecLoginModule

         - PreconfiguredLoginModule with username -mobilityAdmin and Administrator as role

   2. Which login credentials you used in the login screen? Other than SAP Connection profile one?

       I am entering the valid SAP back end login credentials and not the one which I use while creating SAP connection profile in SUP workspace

3. Login screen is created manually by taking html view on the screen and writing the html code under deafult value [for login screen]. And on the login menuitem one onLine request is mapped which get the data from back end and on successful even it display it on the next screen.

Kind Regards,

Amey

Let me know what is your requirement to help you further. You can use a dynamic credentials in your app if you wantto use the app with different backend users. Else you can go with admin security where you need to pass the SCC credentials in the app for communication, while RFC call from app the credentials stored in connection profile being used.

Midhun VP

Hi Jitendra and Midhun

Application should work with the different back end users and not only with the SAP connection profile user.

My actual requirement is as follows

I have to migrate the hybrid application developed in SUP 2.1.3 to SUP 2.2 sp05. So I have just install the latest SUP Server 2.2 with sp05 as I have the lic file and the SUP 2.2 SDK (updated to sp05) I deployed the MBO pkg and hybrid application to the SUP server.

I have the previous information that this applications are working fine with the current SCC confiuration  i.e.  - Default as a domain and Admin as a security configuration with  -  

1. PreConfiguredLoginModule - supAdmin as a username and roles are - all (supAdministrator, DCN user etc....)  Flag - optional

2. NoSecLoginModule  Flag - optional

3. Again - PreConfiguredLoginModule - mobilityAdmin as a user and role - supAdministrator.

Now about the hybrid application -

for this hybrid application  - there is one custom login screen is design.and one custom menu item - Login.

on the login custom menu item - onLinerequest  request is set and mapped with one MBO which gets the list of  item on successful execution . form that MBO an objectQuery is mapped.

This MBO takes  a username as a input parameter and provides the data for that user from the back end. And on further screen there are some user specific action needs to carry out which got submitted to the back end.

I have tried with the existing security configuration  and even by creating new security profile with HttpLoginAuthenticationModule for this I have the ping url which I mapped for this. but Every time I try to do the login it fails and refer the username and password from the scc under Hybrid App context menu (i.e. supAdmin and its password) And as in backend there is no any supAdmin user available so the RFC fails and got the error - login fail incorrect uername or password repeat logon.

One more thing - when I tried with the admin configuration still I am getting the same error. I am just wondering how it was working previously.

If you can help me in how to provide the run time parameters with hybrid application then it will help me to come out of this error. Any hybrid app sample which takes username and password from user and same is pass to RFC to get execute and bring the data.

Kind Regards,

- Amey

Understand that perconfiguredLoginModule is not meant for production usage since you are hardcoding the credentials in SCC. Also, using these credentials the user will be able to login to SCC too, that is not needed.

If you are looking for a SAP Login from your application you have to go with HTTPAuthenticationLoginModule. I have shared some discussions on how to do that. Once you create it make sure that you have deleted the NoSecLogin module which is present by default in authentication, attribution and authorization tabs. After that you have to add this security to the security folder present under default domain.

As a second step keep the credentials of MBO in run time (select password and username while MBO creation) and deploy these MBOs to default domain and newly created security profile.

in the third step, create a credential request screen where you need to check the options username and password in properties of editbox used for credentials, hence these credentials will be cached in the application and used each time when you are making an online request.

Hope this helps you to implement SAPSSO in your app.,

Midhun VP

I have the previous information that this applications are working fine with the current SCC confiuration  i.e.  - Default as a domain and Admin as a security configuration with  -  
1. PreConfiguredLoginModule - supAdmin as a username and roles are - all (supAdministrator, DCN user etc....)  Flag - optional
2. NoSecLoginModule  Flag - optional
3. Again - PreConfiguredLoginModule - mobilityAdmin as a user and role - supAdministrator.

But how come that authentication is happening..i am not understanding. You have to use HTTPAUTHENTICATIONLoginModule for SAP SSO. There should not be any NoSecLoginModule sec provider.

for this hybrid application  - there is one custom login screen is design.and one custom menu item - Login.
on the login custom menu item - onLinerequest  request is set and mapped with one MBO which gets the list of  item on successful execution . form that MBO an objectQuery is mapped.
This MBO takes  a username as a input parameter and provides the data for that user from the back end. And on further screen there are some user specific action needs to carry out which got submitted to the back end.

How exactly you created custom login screen? Can you please cross check if you have selected Runtime Credentials option while MBO using SAP backend. As you mentioned in case of Username as input parameter, are you doing some kind of parameter mapping for this also?

As Midhun mentioned, there is an option to select Credentials screen while creating hybrid app designer. It consists of two edit boxes Username and password (should be SAP usename and password). There is a menu called Submit/save, one you select that credentials will be stored, and next you will see start screen, once you make a call to backend from there, you will get desired output if and only if credentials are correct otherwise same credentials screen will be prompted for asking correct credentials.

PS: Better you can share some screenshots of your app development so that we all can be in sync.

Rgrds,

Jitendra

Hi Jitendra and Mithun !!!!

Thank you very much for providing all your support Finally I got the reason that why it is still working with NoSecLoginModule and PreConfiguredLoginModule. and still getting authenticated with different back end users.

As I told you in my different posts that I got the info that application was working fine with (NOSecLoginModule and PreconfiguredLoginModule). which was confusing for me as well and also mention by both of you  that -

1. we need to use httploginauthentication module  along with runtime credentials while developing the MBO

2. RequestCredentials as a starting point for Hybrid applicaiton.

But In the existing application, nothing is implemented from point 1 & 2.

But while making online request - I found one wired thing in the API.JS file which was generated by framework.

During onlineRequest - > framework gives a call to doOnlineRequest() Method in API.js this method contains multiple parameters out of which one is credInfo

CredInfo method returns the value in 1 variable - credinfo  [credinfo = getCredInfo()] which then forwarded to the doOnlineRequest_Cont method for further call processing. but before forwarding this I have found that credinfo variable is assigned with one string that string is concatenated with values read from username textfield and password textfield

that string was like this - >

credInfo = "supusername="+encodeURIComponent(document.getElementById('TxtUserName').value)+"&suppassword="+encodeURIComponent(document.getElementById('TxtPassword').value)+"&version=2.2.5";

This is actually taking the username and password to back end.

Kind Regards,

- Amey