Skip to Content
author's profile photo ankit agarwal
0
ankit agarwal
Mar 13, 2019 at 07:13 AM

Java to XSJS AppToAppSSO authentication

477 Views Last edit Mar 13, 2019 at 07:17 AM 3 rev

Hi Experts,

We are trying to read content from XSJS and print it in Java Servlet after SAML authentication and AppToAppSSO. The java application is deployed on SCP and IDP is configured as SF. SAML is configured in Hana. We are receiving unauthorized error in Servlet. Kindly find the Java code:

package com.poc;
import java.io.IOException;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.BasicResponseHandler;
import org.apache.http.impl.client.HttpClients;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;


import javax.naming.Context;
import javax.naming.InitialContext;


import com.sap.core.connectivity.api.authentication.AuthenticationHeader;
import com.sap.core.connectivity.api.authentication.AuthenticationHeaderProvider;
import com.sap.core.connectivity.api.configuration.ConnectivityConfiguration;
import com.sap.core.connectivity.api.configuration.DestinationConfiguration;


public class CheckUser extends HttpServlet {
	private static final long serialVersionUID = 1L;


	private final Logger log = LoggerFactory.getLogger(this.getClass());


	public CheckUser() {
		super();
	}


	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// TODO Auto-generated method stub


		// String user = request.getRemoteUser();
		// response.getWriter().println("Hello:"+ user);


		// look up the connectivity authentication header provider resource
		// called "myAuthHeaderProvider"
		Context ctx;
		try {
			ctx = new InitialContext();
			ConnectivityConfiguration configuration = (ConnectivityConfiguration) ctx
					.lookup("java:comp/env/connectivityConfiguration");
			DestinationConfiguration destConfiguration = configuration.getConfiguration("xsjstest");
			log.info("dest config:" + destConfiguration);
			
			String url = destConfiguration.getProperty("URL") + "/sandbox/getUser.xsjs";
			log.info("url" + url);


			AuthenticationHeaderProvider authHeaderProvider = (AuthenticationHeaderProvider) ctx
					.lookup("java:comp/env/myAuthHeaderProvider");
			AuthenticationHeader appToAppSSOHeader = authHeaderProvider.getAppToAppSSOHeader(url);
			log.info("sso header:" + appToAppSSOHeader.getValue());
			
			HttpClient httpClient = HttpClients.createDefault();
			HttpGet req = new HttpGet(url);
			req.addHeader(appToAppSSOHeader.getName(), appToAppSSOHeader.getValue());


			HttpResponse res = httpClient.execute(req);
			String responseString = new BasicResponseHandler().handleResponse(res);
			response.getWriter().println(responseString);


		} catch (NamingException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}


	}


	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// TODO Auto-generated method stub
		doGet(request, response);
	}


}

Please find the destination :

Please find the logs of java application:

2019 03 13 06:20:25#+00#ERROR#org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/auth].[CheckUser]##anonymous#https-jsse-nio-8041-exec-6#na#a047f26b1#auth#web#a047f26b1#na#na#na#na#Servlet.service() for servlet [CheckUser] in context with path [/auth] threw exception org.apache.http.client.HttpResponseException: Unauthorized at org.apache.http.impl.client.BasicResponseHandler.handleResponse(BasicResponseHandler.java:67) at com.poc.CheckUser.doGet(CheckUser.java:80) at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.sap.core.communication.server.CertValidatorFilter.doFilter(CertValidatorFilter.java:331) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:44) at com.sap.core.connectivity.jco.session.ext.RequestTracker.invoke(RequestTracker.java:55) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:610) at com.sap.cloud.runtime.impl.bridge.security.AbstractAuthenticator.invoke(AbstractAuthenticator.java:206) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.tomee.catalina.OpenEJBSecurityListener$RequestCapturer.invoke(OpenEJBSecurityListener.java:97) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) at com.sap.core.tenant.valve.TenantValidationValve.invokeNextValve(TenantValidationValve.java:182) at com.sap.core.tenant.valve.TenantValidationValve.invoke(TenantValidationValve.java:97) at com.sap.js.statistics.tomcat.valve.RequestTracingValve.callNextValve(RequestTracingValve.java:113) at com.sap.js.statistics.tomcat.valve.RequestTracingValve.invoke(RequestTracingValve.java:59) at com.sap.core.js.monitoring.tomcat.valve.RequestTracingValve.invoke(RequestTracingValve.java:27) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:836)

Kindly let us know your insights on the same. I will be really thankful.

Best regards,

Ankit

Attachments
capture.jpg (58.5 kB)