Skip to Content
1
May 27, 2020 at 09:16 AM

XS_APPLICATIONUSER is not being set from a foreign auth token forwarded from another XSA app?

359 Views Last edit May 27, 2020 at 09:18 AM 2 rev

Hello, experts,

For a "domestic" call's ( ui5_a -> app_router_a -> node_a -> hana_a ) the HANA context is set as expected to something like this:

"APPLICATIONUSER": "XSA_USER_X",
"APPLICATION": "node_a/SPACE/ORG",
"XS_APPLICATIONUSER": "XSA_USER_X",
"SESSION_USER": "SCHEMA_1AZM40AOS5SATT4I8WMQZ7583_RT",
"CURRENT_USER": "SCHEMA_1AZM40AOS5SATT4I8WMQZ7583_RT",
"CURRENT_SCHEMA": "SCHEMA"

However for a foreign call ( ui5_b -> app_router_b -> node_a -> hana_a ) I am getting

"APPLICATIONUSER": "sidxsa",
"APPLICATION": "node_a/SPACE/ORG",
"XS_APPLICATIONUSER": "SCHEMA_1AZM40AOS5SATT4I8WMQZ7583_RT",
"SESSION_USER": "SCHEMA_1AZM40AOS5SATT4I8WMQZ7583_RT",
"CURRENT_USER": "SCHEMA_1AZM40AOS5SATT4I8WMQZ7583_RT",
"CURRENT_SCHEMA": "SCHEMA"

Both apps are using UAA, both have forwardAuthToken: true in mta.yaml. It is the same XSA user for both apps, authenticated in the same UAA service.

There seem to be hints here and there in the documentation, that this is by design. What may be the motivation for this if this is the case? But more importantly, can this behavior be configured/changed? Or some other approach should be used?