on 07-14-2014 6:43 AM
Hi All,
I have installed Fiori setup in local network.
When I tried to access the URL from External world using Apache Reverse Proxy Server installed in DMZ it is not getting connected.
Is there any specific configuration that we need to do in Fiori? Can any one help me on this.
Thanks
-Arun
Tags edited by: Michael Appleby
Hello,
What was the solution to fix this issue? We are also facing the same.
We added AllowEncodedSlashes in the config and it has started giving 400 Bad request error instead of 404 not found error.
Can someone please advise?
-Bhavik
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
We have added the line AllowEncodedSlashes on at the Apache site config and now it works !!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Arun,
Please compare the OData URI string with internal access and external access.
I think Apache proxy changes some special character like ' " ( ) and backend side can not handle the URI.
Regards, Masa
SAP Customer Experience Group - CEG
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Masa,
I am not sure if this thread is closed, but the status still shows not answered.
so, I am also facing the some issues with apache reverse proxy with Fiori launchpad.
So the redirects for some reason are getting 404 errors for different components of the page.
How does SAP recommends we do the reverse proxy and redirects?? also, do we need to get a specific cert for the gateway system for https, or we can use the corporate wildcard cert if go with something like - https://<abc>.com/fiorilaunchpad and redirect it to launchpad url.
Hope my questions are clear. Please let me know if you need more information.
I really appreciate your help and suggestions in advace.
thanks
Ray
Hi Ray,
I think the issue is your Apache proxy configuration and not SAP software.
Take a look SCN search results.
Regards, Masa
SAP Customer Experience Group - CEG
Hey Masa,
So in the apache conf file, we have following lines -
Proxypass /sap/ https://<Gateway server>:<port>/sap/
ProxypassReverse /sap/ https://<Gatewat Server>:<port>/sap/
So when I go to the URL we have given for the launchpad, it takes me to the login page, and then once I login it would go to the launchpad page and give me following Error - "Failure - Unable to load groups".
I also notice when I inspect the elements of the page - /sap/opu/odata/UI2/PAGE_BUILDER_PERS/PageSets('/UI2/Fiori2LaunchpadHome') is giving 404 error in that.
This works when I use the internal url and go to the https://<gatewayserver>:<port>/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html
Any ideas on what I maybe missing or doing wrong, or which side I should be looking.
thanks
Ray
Hey Masa.
yes it works perfectly fine without the proxy in the intranet.
I am not sure what do you mean by what is OData Service URL.. so should OData Service url be different for each service we have.. correct?
The pageset url that I see when running through intranet is - https://<gatewayserver>:1443/sap/opu/odata/UI2/PAGE_BUILDER_PERS/PageSets('%2FUI2%2FFiori2LaunchpadHome')?$expand=Pages/PageChipInstances/Chip/ChipBags/ChipProperties,Pages/PageChipInstances/RemoteCatalog,Pages/PageChipInstances/ChipInstanceBags/ChipInstanceProperties,AssignedPages,DefaultPage
My Launchpad URL (which I am trying from intranet) is -
https://<gatewayhost>:1443/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html
But from outside the network, using proxy we are using -
http://<ourcompany'sdomain>/fiorilaunchpad
which then is handled and redirected in Apache web server.. so the end user doen't need to know the actual server or full service url.
Our web team person says that this same setup is working with many other applications on the web.
So I am not sure if there is something he is doing wrong or do we need some extra setup for proxy in the service itself.
Please let me know if you need more information.
thanks
Ray
Hey Azeez,
sorry for the previous comment.. looks like our web guy made mistake.. (so I deleted that comment and adding new)..
so running a trace on the url we only could only get information that its getting 404 error. so the same page internally is working fine.. but with proxy is giving 404 error. It could very well be because of high bit character.. but we haven't even found a way to unblock high bit characters in apache..
If you already know how to, would you be able to give me instructions to pass along to our web guys on how to unblock the high bit characters in Apache.
thanks
Ray
Your 404 is coming from your apache server.
Take a look at this apache documentation below...note: it presents unsafe path vulnerability if you use on, recommended try nodecode see if that works:
core - Apache HTTP Server Version 2.2
Another option is to use re-write rules. You'll need to get someone well versed in apache for this.
Hi Masa,
I think we have a similar issue when opening the Fiori Launchpad.
Directly accessing the gateway server works fine in the intranet.
Going via the Apache reverse proxy shows the following in InternetExplorer F12 Developer Tools:
Request:
/sap/opu/odata/UI2/PAGE_BUILDER_PERS/PageSets('%2FUI2%2FFiori2LaunchpadHome')?$expand=Pages/PageChipInstances/Chip/ChipBags/ChipProperties,Pages/PageChipInstances/RemoteCatalog,Pages/PageChipInstances/ChipInstanceBags/ChipInstanceProperties,AssignedPages,DefaultPage
Response:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head><title>404 Not Found</title></head>
<body>
<h1>Not Found</h1>
<p>The requested URL /sap/opu/odata/UI2/PAGE_BUILDER_PERS/PageSets'/UI2/Fiori2LaunchpadHome') was
not found on this server.</p>
</body></html>
I assume the issue is with either the URLencoded part %2FUI2%2FFiori...
or with the brackets, the dollar sign or the commas used in the URL.
Could you maybe point out what's the crucial parts we need to add to our Apache Reverse Proxy config?
So far we have mainly used
ProxyPreserveHost On and
ProxyPass and ProxyPassreverse pairs.
What do we need to get the bracket (, the URLencoded part, the $ or the , through to the gateway server.
Regs Ulf
Hello,
in the meantime I have debugged the coding and can tell that the request comes through the reverse proxy into the ABAP !
The request part is
/sap/opu/odata/UI2/PAGE_BUILDER_PERS/PageSets('%2FUI2%2FFiori2LaunchpadHome')?$expand=Pages/PageChipInstances/Chip/ChipBags/ChipProperties,Pages/PageChipInstances/RemoteCatalog,Pages/PageChipInstances/ChipInstanceBags/ChipInstanceProperties,AssignedPages,DefaultPage
See the picture from the debugger uploaded.
Now we stil have to find out, why it behaves differently when using the reverse proxy.
Regs
Ulf
Hello,
we solved the issue by using the postfix nocanon at the end of our Apache ProxyPass directive.
##### ABAP STACK#############
ProxyPass /yourpath http://server.domain:port/yourpath nocanon
ProxyPassReverse /yourpath http://server.domain:port/yourpath
################################
I had found this hint in a document called:
"Installation and configuration of common components of SAP Fiori (EE0) - Building Block Configuration Guide"
(Oct. 2014, Version 1.0)
Kind regards
Ulf Zeisberger
Hi,
use the nocanon postfix in your ProxyPass directive.
ProxyPass /yourpath http://server.domain:port/yourpath nocanon
See also my post below.
Regs
Ulf
User | Count |
---|---|
78 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.