on 07-23-2015 11:22 AM
Hello,
we just started using WebIDE as a sapstore.com-subscription without the full HANA Cloud Platform.
We have created a HTTP-Connection to our local system in the Cloud Connector (HTTPS won't work...).
In the Cloud Cockpit we then have configured the following destinations:
Name: L3E_999
Type: HTTP
Proxy Type: OnPremise
Cloud Connector Version: 2
Authentication: NoAuthentication
Additional Properties:
sap-client: 999
WebIDEEnabled: True
WebIDESystem: L3E
WebIDEUsage: odata_abap,bsp_execute_abap,ui5_execute_abap,dev_abap
We cloned L3E_999 to L3E_200 and configured it with sap-client = 200.
This is because:
200 = Customizing-Client
300 = Different Customizing etc..
999 = Development-Client (the only one)
This means if starting a new Template-based Project we use L3E_200 to connect to the system and use the OData's-Metadata to generate the project skeleton.
When deploying on our on-premise system however, we need to use L3E_999 and this instantly fails with forbidden:
https://webide-XXX.dispatcher.hana.ondemand.com/destinations/L3E_999/sap/bc/adt/discovery
HTTP 403: Forbidden
When connecting to the URL with the browser, the expected HTTP Authentication dialog pops up and everything works out.
The browser now has the required authentication in-memory and another try in the WebIDE succeeds now.
I just debugged the Cloud-Connector logs and in both cases (L3E_200 & L3E_999 Destinations) the connections seems to work:
2015-07-23 16:27:27,671#DEBUG#com.sap.core.connectivity.protocol.http.handlers.HttpProtocolOutboundHandler#processor-9-7#0x23abfcf4#Access allowed to /sap/bc/adt/discovery for virtual host l3e.virtual.http:8085|
I also put an external breakpoint on my user in ICF sap/bc/adt (CL_ADT_WB_RES_APP).
The breakpoint is ONLY triggered when connecting via browser to the url which also gives an HTTP-Auth dialog where I put my user.
When selecting the destination via WebIDE not Authentication is prompted and the breakpoint is also not triggered, instead it's 403 forbidden nearly instantly.
Any advice on how to cope with this?
Thanks!
SAP note 1977537 did the trick for us.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Kai,
Is it possible that the ICF service on your server is configured as public with fixed credentials?
If so, the way to workaround it is either by removing this configuration, or by setting the destination as "BasicAuthentication" and provide credentials there.
Regards,
Michal.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Michal,
thanks for your reply.
Checked the following Services, neither did have any preset authentication...
/default_host/sap/bc/adt
/default_host/sap/bc/ui5_ui5
/default_host/sap/opu/odata/iwfnd & sap
/default_host/sap/opu/odata has an "Alternative Logon Procedure" instead of the standard one,
however no other authentication data is set. Will try again with procedure=Standard
inactive: /default_host/sap/opu/utils/...
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.