Skip to Content
author's profile photo Former Member
Former Member

SAPUI5 with oData best practices

Hello,

I have developed an SAPUI5 application that consumes an odata server. This odata service is running in a different server and it is secured service also which needs some credentials to access. Today I am using the simpleproxy to access this service and I am passing the username and password while calling the service and its working fine. I have two questions in this regard.

1. How do I address same orgin policy issue when deploying to the production or any other server? What are the best practices for this.

2. How do I pass the credentials for accessing the service? What are SAP's recomendation for this?

Regards

-Albin

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Best Answer
    Posted on Dec 13, 2013 at 12:19 PM

    Hello,

    1. How do I address same orgin policy issue when deploying to the production or any other server? What are the best practices for this.

    2. How do I pass the credentials for accessing the service? What are SAP's recomendation for this?

    1st - you can refer this blog Solving "Same Origin Policy" Issue in different ways

    2nd - Refer SAPUI5 SDK - Demo Kit and html5 - SAPUI5 and Logon Tokens/SSO? - Stack Overflow

    and also discussion in thread http://scn.sap.com/message/13440859

    This may not be the complete answer but you will get more idea.

    Regards,

    Chandra

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hello Chandra,

      Thank you for your response and the links.

      #2. I am not sure how well the SSO works in my case. Some part of my web application is open to guest users without logging in. Even if the users are logged in, I don't think they exist in our Netweaver Gateway system or HANA system where our services are hosted. Also the other problem I see is that we need to expose these systems to the internet which I feel may not be a great idea.

      Regards

      -Albin

  • Posted on Dec 21, 2013 at 07:30 AM

    Hi Albin,

    You can pass the credentials by using ajax post method.. You can get logon token by ajax post method and you can add logon token in your URL. This works for passing credentials.

    And for same origin policy check this..

    Cross-Origin Resource Sharing

    Regards,

    Surendra.

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Surendra,

      Thank you for your reply. The problem with passing the credentials is that it is visible to the public. Anyone viewing the source will be able to see the credentials.

      Regards

      -Albin

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.