Skip to Content

HANA XSA Fiori Launchpad XSUAA issue

Dear Experts,

I'm using the Fiori Launchpad site in my HANA XSA project and have strange situation which I like to get solved:

In the xs-app.json of each html5 module I have set xsuaa in the route for the module pages itself. I need that so that the token can be passed on to the required modules. No problem if each html5 module is started individually.

Now if I deploy the launchpad, this becomes a problem. When clicking on a tile the launchpad receives the message:

Therefore the application can't start. So if I set 'none' in the route of the html5 app, all works. So there must be something missing. Below is the xs-app.json with the working setting for the launchpad (none):

{
    "welcomeFile": "webapp/index.html",
    "authenticationMethod": "route",
    "routes": [{
        "source": "^/httpsRedirector_api/(.*)$",
        "target": "/redir/$1",
        "destination": "coreNode_api",
        "csrfProtection": false,
        "authenticationType": "xsuaa"
    }, {
        "source": "^/sap/bc/lrep(.*)$",
        "target": "/sap/bc/lrep$1",
        "destination": "coreNode_api",
        "authenticationType": "xsuaa"
    }, {
        "source": "/(.*)",
        "localDir": "resources",
        "authenticationType": "none",
        "replace": {
            "pathSuffixes": [
                "index.html"
            ],
            "services": {
                "sapui5_sb": {
                    "tag": "ui5"
                }
            }
        }
    }]
}

The document which is received causing the '<' error is this (of course js was expected not html):

<html>
<head>
<link rel="shortcut icon" href="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"/>
<script>
document.cookie="ARFRG-131ah2njwye5uqas1yex97or91="+encodeURIComponent(location.hash)+";path=/";document.cookie="ARLOC-131ah2njwye5uqas1yex97or91="+encodeURIComponent(location.href.split('#')[0].split(location.host)[1])+";path=/";document.cookie="signature=D8t2hvy%2Bqqcw%2F%2Fc0aNoLJLeBAxA%3D;path=/";location="https://hana-server.biz:39032/uaa-security/oauth/authorize?response_type=code&client_id=sb-na-669fc091-19bd-4db6-b8dd-782ab5a981d3!i2&redirect_uri=https%3A%2F%2Fhana-server.biz%3A51153%2Flogin%2Fcallback"
</script>
</head>
</html>

Calling that in the browser will lead to a redirect that ends nowhere. Any idea? Of course I need to have all routes on xsuaa...

Gunter

Add a comment
10|10000 characters needed characters exceeded

Related questions

1 Answer

  • Posted on Jul 06 at 02:26 PM

    Hi Gunter,

    Based on your problem description, it sounds like you didn't setup the forwardAuthToken = true on your portal-site configuration (in the requires section) on the mta.yaml file.

          - name: name-of-app        
            group: destinations        
            properties:          
              name: name-of-app          
              url: '~{url}'          
              forwardAuthToken: true # <-- set this one
    Add a comment
    10|10000 characters needed characters exceeded

    • Hi Gunter,

      Now that you shared your mta.yaml file, I can see that you already have it configured here:

            - name: printInvoice_ref
              group: destinations
              properties:
                name: printInvoice_dest
                url: '~{url}'
                forwardAuthToken: true

      You need to remove the one you just added.

      And based on your existing configuration, your destination name is "printInvoice_dest" but I don't see this configured in your xs-app.json (routing configuration). You need to have an entry for this destination just before that last route below:

              "source": "/(.*)",
              "localDir": "resources",
              "authenticationType": "none",

      PS: the public = true setting is only needed if you are doing cross-MTA module connection. From what I can understand from your setup, all your modules are inside one MTA project, hence, the usage of public = true is not really necessary.

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.