Web service authentification: Password in plain te...

Former Member · ‎09-12-2014

Hi there,

I would like to deploy a SAPUI5 application (job application form) to an Apache web server.

The application will be calling various web services in SAP backend system (get list of countries etc.).

I call those web services via AJAX:


//Create request
var soapRequest =
  '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" ' +
  'xmlns:urn="urn:sap-com:document:sap:rfc:functions">' +
  '<soapenv:Header></soapenv:Header><soapenv:Body>' +
      '<urn:ZBC_GET_COUNTRIES></urn:ZBC_GET_COUNTRIES>' +
      '</soapenv:Body></soapenv:Envelope>';
// Get service URL
var sServiceUrl =
getUrl("/sap/bc/srt/rfc/sap/zbc_get_countries/010/zbc_get_countries/zbc_geCountries");
// Send request
var xmlhttp = new XMLHttpRequest();
                        xmlhttp.open('POST', sServiceUrl, false, 'myUser', 'myPassword');
                        xmlhttp.setRequestHeader('Content-Type', 'text/xml');
                        var result = xmlhttp.send(soapRequest); 
                        console.log(result);

The problem that I see is the fact that the password is stored in plain text in the JS source.

How can I avoid that??

What is the best practice regarding web service authentification.

Thanks in advance.

Best regards,

Thorsten.

ChandraMahajan · ‎09-12-2014

Hi,

you can call webserive with Ajax call as mentioned here jquery - Reading REST Service with SAPUI5 - Stack Overflow

No need to pass userid and password. system will open the basic authentication popup screen where you can provide the credentials.

Regards,

Chandra

Web service authentification: Password in plain text

Accepted Solutions (0)

Answers (1)

Answers (1)

Re: Background job status notifications

Re: Data Services nest and unnest produce input ^2...

Re: Systemcopy sap QAS longTime

Re: How to get Binary Value from Partner Directory...

Re: Fiori App F1564