cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SMP - OData using ODPSample

Go to solution
Former Member

on ‎04-03-2014 8:37 AM

0 Kudos

Hi,

I'm trying to set-up the ODPSample [MOB261] with my own Gateway service. But the registration fails. I have followed the document provided with MOB261 exactly in the same way as they directed.

See the error:

I have read 14814 occurs due to incorrect username/password and I'm pretty sure of the credentials I provided. They are 100% correct. What else could be the reason behind this? Please help!!

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎04-03-2014 12:08 PM
0 Kudos

Hi Sreyan,

Can you please share the exact properties added to that security profile? Have you not added SSO cookie Name properties?

Have a look here for HTTPAuthenticationLoginModule.

Are you able to access OData URL in a browser successfully by providing same credentials?

Make sure your backend system has been configured for SSO.


Rgrds,

Jitendra

Show replies
Show replies
Former Member
‎04-03-2014 12:18 PM
0 Kudos

I had done everything as you have written here. But, it didn't work. I also added the SSO cookie Name property. How do I check if my backend system is correctly configured for SSO?

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎04-03-2014 12:25 PM
0 Kudos

oh.. i see..

Just follow below steps:

1. Run RZ10 Transaction in that particular sap system.

2.  Select "Instance Profile" next to Profile section (search option)

3. Select "Extended maintenance" for Edit profile

4. Click on Display

5. Then you must see below parameters and its values

Rgrds,

Jitendra

Former Member
‎04-03-2014 12:37 PM
0 Kudos

I'm unable to find the login/accept_sso2_ticket entries. That means SSO hasn't been configured for the same. Any ideas or reference documents for configuring SSO?

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎04-03-2014 12:46 PM
0 Kudos

I believe this was the document referred by one of BASIS team member to configure SSO at backend level. Please check and help from BASIS team.

Rgrds,

Jitendra

Former Member
‎04-03-2014 12:56 PM
0 Kudos

Thank you I'll try now.

Former Member
‎04-04-2014 8:26 AM
0 Kudos

I did everything as mentioned in the guide and imported/exported certificates on both SUP and ECC ends. However, now when I create the connection pool in SCC and ping the destination, it throws an error.

Any thoughts on this??

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎04-04-2014 8:47 AM
0 Kudos

Can you share the connection pool settings?

Former Member
‎04-04-2014 9:35 AM
0 Kudos

Here you go Jitendra...

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎04-04-2014 11:01 AM
0 Kudos

Can you try with following properties:

  1. Remove SNC Mode
  2. Add SNC Level and value as '1'
  3. SNC name: provide complete host name with domain.. like indessapd011.hp.com

Make sure whatever syntax you have provided in command prompt while generating a PSE  file for SUP server, that should be given for SNC Partner property. eg.

syntax:    D:\sapcryptolib>sapgenpse.exe get_pse -p SNCTEST.pse -r abc.req -x abcpin "CN=xxx.xxxx.com,OU=SAP Web AS,O=SAP Trust Community, C=DE"

SNC Partner: p : CN=xxx.xxxx.com, OU=SAP Web AS, O=SAP Trust Community, C=DE

SNC Name: p: CN=xxx.xxxx.com,OU=SAP Web AS,C=DE

midhun_vp
Active Contributor
‎04-04-2014 11:03 AM
0 Kudos

Create a connection profile from Sybase SDK and check whether its working. And when you deploy MBO, in the server connection mapping screen  you can create a new connection profile that will reflect in SCC.

Midhun VP

Former Member
‎04-04-2014 11:51 AM
0 Kudos

I deleted all certificates and repeated the entire process again, with your newly suggested methods. I got 'Ping Successful'  now. Thank you

Former Member
‎04-04-2014 12:16 PM
0 Kudos

It's not working Midhun And I'm not deploying any MBO here. I'm working with OData here.

Former Member
‎04-04-2014 12:20 PM
0 Kudos

Even after doing everything and setting up SSO, I have defined the OData application with a SSO security configuration. The error is back again.

Also, the login/accept_sso2_ticket entries still do not show up under the instance profile in RZ10. However, on trying to create the connection pool, ping was successful to test the exchange of certificates between the servers.

What is wrong? Am I really missing out something so significant?

Jitendra_Kansal
Product and Topic Expert
Product and Topic Expert
‎04-04-2014 12:40 PM
0 Kudos

Did you remove username and password when ping was successful?

What happens when you run the Token provider URL

http:/xxx.com:8000/sap/bc/bsp/sap/system_test/test_sso2.htm?sap-client=200

Former Member
‎04-04-2014 12:58 PM
0 Kudos

Yes, I did remove the username/pass after ping was successful.

When I ran the Token provider URL, this is what I got:

I still think I'm missing out on something in the configuration?

Former Member
‎04-07-2014 7:14 AM
0 Kudos

Dude, I reconfigured everything freshly. SSO2 is configured okay.

See the test result:

But, that error on Android client still remains. Any suggestions?

Former Member
‎04-07-2014 7:20 AM
0 Kudos

Do I have to configure something on the Android client end to get the login work via SSO? The application is not faulty I guess, because it was atleast working upto the login with the NoSecLoginModule module.

midhun_vp
Active Contributor
‎04-07-2014 11:02 AM
0 Kudos

You don't have anything to do in android code except setting the right security profile.

userManager.registerUser(username,smpSecurityConfig,password,false);

From the discussion I can see that you are setting SAP ping URL in place of Odata service and you are using the cookie. Do not use any cookies like SAPSSO2 in case of Odata apps.

Check these,

Create new security under security profile with httpAuthenticationLoginModule, control flag as required , url as the Odata URL end URL and delete the NoSecLoginModule, NoSecAuthorizer and NoSecAttributer from authentication, authorization and attributes tabs otherwise the http authentication created will be discarded.

After creating the new security profile, add it to the default domain. Then create a new application with newly created security profile with default domain. Finally connect from device by passing the NW gateway credentials.

Midhun VP

Former Member
‎04-07-2014 11:45 AM
0 Kudos

I have used my service URL only and not the SAP ping URL. I have removed the cookie and I did create the security profile with httpAuthenticationLoginModule, control flag as required and deleted the NoSecLoginModule, NoSecAuthorizer and NoSecAttributer from authentication, authorization and attributes tabs, but it still doesn't help! The same error.

midhun_vp
Active Contributor
‎04-07-2014 11:53 AM
0 Kudos

What is the Domain you are using ?

When you execute the URL in browser it asks for credentials after passing the NW gateways credentials are you getting the data in XML format/json format ?

Can you provide the end URL you are using.

Can you provide the screen shots of the security profile created security folder under default/new domain you are using to help you further.

Midhun VP

Former Member
‎04-07-2014 12:21 PM
0 Kudos

Domain: default

Format for data retrieved: XML

URL: http://indessapd002.ind.hp.com:8000/sap/opu/odata/sap/Y_USER_RFC1/ (Service URL)

Security Profile:

Connection Pool:

Let me know if you need any more information. Thanks a lot for the help!

midhun_vp
Active Contributor
‎04-07-2014 1:51 PM
0 Kudos

What is the version of SMP ?

Can you please follow the below steps mentioned:

  1. Create a security profile - You did it correctly
  2. Create a new domain instead of using "default", you have to select the newly created security profile in this step.
  3. You can check whether the configuration you did is correct or not using a rest Client. I used a chrome POSTMAN to test it. Provide the URL http://localhost:8000/com.test.sap and provide other details as given below. Click on Basic auth tab and provide Odata credentials and click SEND. You should get a 200 ok as a response. com.test.sap is the app ID I created and ODP is my new domain. This gives a confirmation that you created the app correctly.

Midhun VP

Former Member
‎04-08-2014 5:36 AM
0 Kudos

I have created everything afresh as you instructed - created new domain, assigned security profile to it and made new application. I got a 200 OK status while testing on rest client too.

However, I still get the same error from Android client.

What to do!!!!

midhun_vp
Active Contributor
‎04-08-2014 6:50 AM
0 Kudos

What is the error you are getting in SUP server logs ?

You can take registration code from here, http://scn.sap.com/docs/DOC-27409

Midhun VP

Former Member
‎04-09-2014 10:23 AM
0 Kudos

None of the examples didn't work out with this security configuration.

So I tried another piece of code using the same security config. It seems to be working fine, but then again, there's a separate issue to it.

The GET method for a list activity works fine. However, I fail to CREATE records.

My code for CREATE method is as follows:



public void createData() throws SMPException


    {


        ISDMRequest request = new SDMBaseRequest();


        


        String url = Utilities.appSettings.getApplicationEndPoint();


        if (!url.endsWith("/")) {


            url = url.concat("/");


        }




        url = url.concat(Utilities.URL_PART_COLLECTION);


        


          request.setRequestMethod(ISDMRequest.REQUEST_METHOD_PUT);


          request.setRequestUrl(url);


          request.setListener(this); 


          ISDMODataEntry odta = dataSet.get(0);


          


            odta.putPropertyValue("title_p", "");


            odta.putPropertyValue("region", "DLF");


            odta.putPropertyValue("country", "IN");


            odta.putPropertyValue("username", username);


            odta.putPropertyValue("city", "");


            odta.putPropertyValue("islocked", "");


            odta.putPropertyValue("department", "SAP");


            odta.putPropertyValue("lastname", lastname);


            odta.putPropertyValue("comm_type", "");


            odta.putPropertyValue("telephone", "");


            odta.putPropertyValue("password", "welcome1");


            odta.putPropertyValue("name", "");


            odta.putPropertyValue("e_mail", "");


            odta.putPropertyValue("fullname", "");


            odta.putPropertyValue("firstname", firstname);


            odta.putPropertyValue("language", "EN");


            odta.putPropertyValue("title", "");


            odta.putPropertyValue("userid", "");


          


          String xmlData= odta.toXMLString();


          byte[] data = null;


          try {


              data = xmlData.getBytes("UTF-8");


          } catch (UnsupportedEncodingException e) {


              e.getMessage();


          } 


          


          try{


              request.setData(data);  


          }


          


          catch(Exception e){


              e.getMessage();


          }


    }

Where am I going wrong? I saw this piece of code suggested by somebody else in an older thread

I'm not getting any error while executing. It's just that the record never gets inserted.

Help!! 

Answers (1)

Answers (1)

Former Member
‎04-03-2014 9:46 AM
0 Kudos

I was trying to implement this with SSO (com.sybase.security.http.HttpAuthenticationLoginModule), which was being a pain. I can connect now using the default NoSecLoginModule authorization. However, mine is a development system. I don't think this should be done on a Production system?

Show replies
Show replies
Ask a Question