on 04-21-2016 1:58 AM
Hi,
In my SAPUI5 application i am trying to create a record in backend SAP system via NW Gateway system. For this my client is using SMP3.0 SP05 as a middle-ware server through Relay server configured. First i tried using REST Client, & i am able to create it successfully after getting the X-CSRF-Token. But when i am using ODataModel.create method to create the entry, i am getting forbidden error(403). Please check my below code:-
- onPressSubmit:function(){
- var newUrl = "";
- newUrl = sap.app.config.smpUrl +
- sap.app.config.CreateActivity;
- jQuery.sap.require("sap.ui.model.odata.ODataModel");
- $(function(){
- mHeaders = {
- "X-Requested-With" : "XMLHttpRequest",
- "Content-Type" : "application/atom+xml",
- "DataServiceVersion" : "2.0",
- "X-CSRF-Token" : "Fetch",
- "X-SMP-APPCID": appCID,
- "Access-Control-Allow-Origin": "*",
- "Access-Control-Allow-Methods": "GET,PUT,POST,DELETE,OPTIONS",
- "Access-Control-Allow-Headers": "Origin, Content-Type, Authorization, Accept, X-Request-With",
- "Access-Control-Allow-Credentials": "true"
- };
- this.createActivityModel = new sap.ui.model.odata.ODataModel(newUrl, false, "username", "password",mHeaders);
- this.createActivityModel.attachRequestFailed(function(evt) {
- alert("Server error: " + evt.getParameter("message") + " - " + evt.getParameter("statusText"));
- });
- this.createActivityModel.setHeaders(
-
- {
- "X-Requested-With": "XMLHttpRequest",
- "Content-Type": "application/atom+xml",
- "DataServiceVersion": "2.0",
- "X-CSRF-Token":"Fetch",
- "X-SMP-APPCID": appCID,
- "Access-Control-Allow-Origin": "http://localhost",
- "Access-Control-Allow-Methods": "GET,PUT,POST,DELETE",
- "Access-Control-Allow-Headers": "Content-Type"
- });
- jQuery.sap.log.debug(this.createActivityModel);
- oCore = sap.ui.getCore().setModel(this.createActivityModel);
- var oEntry = {};
- oEntry.DeviceType = sap.app.config.deviceType;
- /*this.createActivityModel.setHeaders({
- "X-REQUESTED-WITH": "XMLHttpRequest",
-
- });*/
-
- var oEntry={
- "IvDescription":"Test by UI Team",
- "IvStartDt":"2016-03-07T00:00:00",
- "IvEndDt":"2016-03-07T00:00:00",
- "IvStartTime":"100000",
- "IvEndTime":"",
- "IvStatus":"E0001",
- "IvCategory":"IvActivityType",
- "Text":"Test team UI",
-
-
-
- address:[
- { "PartnerName":"",
- "PartnerFct":"00000009",
- "PartnerId":"7000011183"
- },
- {
- "PartnerName":"",
- "PartnerFct":"ZSEESP1",
- "PartnerId":"EM00700112"
- },
- ],
-
- };
-
-
- //this.createActivityModel.create("/AppointmentCreateStdSet",oEntry,{success: this.mySuccessHandler, error: this.myErrorHandler});
- this.createActivityModel.create("/AppointmentCreateStdSet",oEntry,null, function doSaveLunchData_OnSuccess(oData, response) {
- alert(" doSaveLunchData_OnSuccess()");
- logSaveData = oData.results;
- },
- function doSaveLunchData_OnError(oError) {
- alert(" doSaveLunchData_OnError()");
-
- alert("error: "+oError);
- }
- );
- });
- var router = sap.ui.core.UIComponent.getRouterFor(this);
- router.navTo("newActivity", null, false);//navigation to the newActivity page using router
- },
Please check the response i got below:-
Please suggest.
Thanks,
Shrikant.
Hi,
Now i am getting only 1 error i.e, 403 forbidden error. I have changed the code now & using OData.request() method to create entry in backend. Please check my code below:-
onPressSubmit:function(){
var newUrl = "";
var token = "";
newUrl = sap.app.config.smpUrl +
sap.app.config.CreateActivity;
jQuery.sap.require("sap.ui.model.odata.ODataModel");
var f = {
headers : {
"X-Requested-With" : "XMLHttpRequest",
"Content-Type" : "application/atom+xml",
"DataServiceVersion" : "2.0",
"X-CSRF-Token" : "Fetch",
"X-SMP-APPCID": appCID,
},
requestUri : newUrl,
method : "GET"
};
var parameters={
"IvDescription":"Test by UI Team",
"IvStartDt":"2016-03-07T00:00:00",
"IvEndDt":"2016-03-07T00:00:00",
"IvStartTime":"100000",
"IvEndTime":"",
"IvStatus":"E0001",
"IvCategory":"IvActivityType",
"Text":"Test team UI",
"address":[
{ "PartnerName":"",
"PartnerFct":"00000009",
"PartnerId":"7000011183"
},
{
"PartnerName":"",
"PartnerFct":"ZSEESP1",
"PartnerId":"EM00700112"
},
],
};
OData.request(f, function(data, oSuccess) {
oToken = oSuccess.headers['x-csrf-token'];
token = oSuccess.headers['x-csrf-token'];
var cookie = oSuccess.headers['Set-Cookie'];
/* oHeaders = {
"x-csrf-token" : oToken,
};*/
OData.request({
requestUri : newUrl+"/AppointmentCreateStdSet",
headers : {
'X-Requested-With': 'X',
"Content-Type": "application/json",
'Accept' : 'application/json',
"DataServiceVersion" : "2.0",
"X-CSRF-Token" : token,
"X-SMP-APPCID": appCID,
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET,PUT,POST,DELETE,OPTIONS",
"Access-Control-Allow-Headers": "Origin, Content-Type, Authorization, Accept, X-Request-With",
"Access-Control-Allow-Credentials": "true",
'Authorization' : 'Basic ' + btoa("username" + ':password'),
"Cookie":cookie
},
method : "POST",
data:parameters
},
function(data,request) {
alert("Employee Created Successfully");
location.reload(true);
}, function(err) {
alert("Employee Creation Failed");
});
});
In chrome i am getting following response 403 forbidden error as shown below.
I don't understand why i am getting "x-csrf-token:Required" as i can see token is successfully posted in the Request Header.
I have created another thread for this new code here, please check: https://scn.sap.com/message/16670990#16670990
Thanks,
Shrikant.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Srikant,
No need of passing "X-CSRF-TOKEN" while using oData model, the model adds the token to its header while it does a metadata load. Please remove the header and try again.
Let me know if it works !
Thanks,
Vinuta
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Naidu, try to refresh token with method of odata v2 model refreshSecurityToken (Link) and do the create operation in success callback of that method.
Regards,
Pau
post a screenshot from the response tab.
why are you passing " "X-CSRF-Token":"Fetch", in the request headers ? how ever you are not making any manual GET operation to fetch the CSRF manually.
Are you able to POST successfully from gateway client with the same payload ?
Sree
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.