Skip to Content
avatar image
Former Member

wca token in rest services sdk

I am having a issue where logon token is creating additional sessions when opening reports using opendocument url. I would like to use wca token instead as in below discussion

https://archive.sap.com/discussions/thread/3607183

unfortunately i am using the rest services sdk and don't know how to create a wca token. Below are all the methods exposed by the bo rest services installed in the tomcat server.

  • createLogonToken
  • removeSecondaryCredential
  • setDictionary
  • logout
  • setSecondaryCredential
  • loginWithToken
  • getDictionary
  • getVersion
  • getSupportedPVLs
  • getSessionInfo
  • changePassword
  • getSAMLSSOAssertionTicket
  • getServerInfoDetails
  • loginWithSerializedSession
  • getSAPAssertionTicket
  • getServerInfo
  • releaseToken
  • resetSessionTimeOut
  • getSecondaryCredential
  • setPVLocale
  • login

could you help me out.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Jan 19, 2017 at 10:36 PM

    Hi James,

    To create a WCAToken you need to use a different SDK (.NET or Java). You would then use this token to log on to the RESTful sdk and create an X-SAP-LogonToken ( /biprws/logon/token). A serialized session token is also a viable alternative.
    To see how this works, you can check out the section: Using Authenticated sessions obtained from other SDKs in the documentation.

    That being said, I don't think that your session count should be increasing when using the X-SAP-LogonToken in the OpenDocument url. Do you notice any difference if you just pass the X-SAP-LogonToken in the header instead of the URL?

    Dan

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jan 20, 2017 at 09:03 PM

    Thanks for responding Daniel, I also thought serSes parameter in the url would not create additional sessions. But then, url shows the logon screen even though session is from already logged on user. Here are some internals on how i am getting the logon token and session.

    I use the logon web service method in the service exposed by the bo server ( http://server:8080/dswsbobje/services/Session?wsdl ), which then responds with below parameters. I use logon token or the session for subsequent REST service calls ( i.e. /biwprs/logon/logon , /biwprs/infostore etc ).

    another related question from me , https://answers.sap.com/questions/107553/opendocument-showing-logon-screen-with-serses.html

    Logon Method Response


    <s:complexType name="SessionInfo"><s:sequence>
    <s:element maxOccurs="unbounded" minOccurs="0" name="UserRights" nillable="true" type="s0:UserRight"/>
    <s:element maxOccurs="unbounded" minOccurs="0" name="WSResourceList" nillable="true" type="s0:WSResource"/>
    <s:element maxOccurs="1" minOccurs="0" name="LoginInfo" nillable="true" type="s:string"/>
    <s:any maxOccurs="unbounded" minOccurs="0" namespace="##other" processContents="lax"/>
    </s:sequence>
    <s:attribute name="Locale" type="s:string" use="required"/>
    <s:attribute name="PVLocale" type="s:string" use="required"/>
    <s:attribute name="MustChangePassword" type="s:boolean" use="required"/>
    <s:attribute name="SessionID" type="s:string" use="required"/>
    <s:attribute name="DefaultToken" type="s:string" use="required"/>
    <s:attribute name="TimeOut" type="s:int" use="required"/>
    <s:attribute name="UserCUID" type="s:string" use="required"/>
    <s:attribute name="SerializedSession" type="s:string" use="required"/>
    <s:attribute name="TimeZone" type="s:string" use="optional"/>
    <s:anyAttribute namespace="##other"/>
    </s:complexType>
    Add comment
    10|10000 characters needed characters exceeded