cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HANA XSA Fiori Launchpad XSUAA issue

Gunter
Product and Topic Expert
Product and Topic Expert

on ‎07-06-2020 2:39 PM

Dear Experts,

I'm using the Fiori Launchpad site in my HANA XSA project and have strange situation which I like to get solved:

In the xs-app.json of each html5 module I have set xsuaa in the route for the module pages itself. I need that so that the token can be passed on to the required modules. No problem if each html5 module is started individually.

Now if I deploy the launchpad, this becomes a problem. When clicking on a tile the launchpad receives the message:

Therefore the application can't start. So if I set 'none' in the route of the html5 app, all works. So there must be something missing. Below is the xs-app.json with the working setting for the launchpad (none):

{
    "welcomeFile": "webapp/index.html",
    "authenticationMethod": "route",
    "routes": [{
        "source": "^/httpsRedirector_api/(.*)$",
        "target": "/redir/$1",
        "destination": "coreNode_api",
        "csrfProtection": false,
        "authenticationType": "xsuaa"
    }, {
        "source": "^/sap/bc/lrep(.*)$",
        "target": "/sap/bc/lrep$1",
        "destination": "coreNode_api",
        "authenticationType": "xsuaa"
    }, {
        "source": "/(.*)",
        "localDir": "resources",
        "authenticationType": "none",
        "replace": {
            "pathSuffixes": [
                "index.html"
            ],
            "services": {
                "sapui5_sb": {
                    "tag": "ui5"
                }
            }
        }
    }]
}

The document which is received causing the '<' error is this (of course js was expected not html):

<html>
<head>
<link rel="shortcut icon" href="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"/>
<script>
document.cookie="ARFRG-131ah2njwye5uqas1yex97or91="+encodeURIComponent(location.hash)+";path=/";document.cookie="ARLOC-131ah2njwye5uqas1yex97or91="+encodeURIComponent(location.href.split('#')[0].split(location.host)[1])+";path=/";document.cookie="signature=D8t2hvy%2Bqqcw%2F%2Fc0aNoLJLeBAxA%3D;path=/";location="https://hana-server.biz:39032/uaa-security/oauth/authorize?response_type=code&client_id=sb-na-669fc091-19bd-4db6-b8dd-782ab5a981d3!i2&redirect_uri=https%3A%2F%2Fhana-server.biz%3A51153%2Flogin%2Fcallback"
</script>
</head>
</html>

Calling that in the browser will lead to a redirect that ends nowhere. Any idea? Of course I need to have all routes on xsuaa...

Gunter

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

jhodel18
Active Contributor
‎07-06-2020 3:26 PM
0 Kudos

Hi Gunter,

Based on your problem description, it sounds like you didn't setup the forwardAuthToken = true on your portal-site configuration (in the requires section) on the mta.yaml file.

      - name: name-of-app        
        group: destinations        
        properties:          
          name: name-of-app          
          url: '~{url}'          
          forwardAuthToken: true # <-- set this one
Show replies
Show replies
Gunter
Product and Topic Expert
Product and Topic Expert
‎07-06-2020 4:01 PM
0 Kudos

Hi Jhodel,

that was my first thought, too. I have attached the mta.yaml for one module relationship. If I add the entry as you suggest it won't deploy as the provides counterpart is missing. So I believe this entry is already there with printInvoice_ref

Could it be the public:true (honestly the meaning of it is not clear to me)? Any other idea?

- name: printInvoice
    type: html5
    path: printInvoice
    parameters:
      memory: 32MB
    provides:
      - name: printInvoice_ref
        public: true
        properties:
          url: '${default-url}'
    requires:
      - name: coreNode_api
        group: destinations
        properties:
          name: coreNode_api
          url: '~{url}'
          forwardAuthToken: true
      - name: ui5-provider
        properties: {}
      - name: portal-uaa-myProject
	  
- name: serviceLaunchpad-myProject
    type: siteentry
    path: serviceLaunchpad
    parameters:
      memory: 64M
    requires:
      - name: sap-portal-services-host-myProject
      - name: portal-uaa-myProject
      - name: sapui5-provider
        properties:
          sapui5url: '~{url}'
      - name: printInvoice_ref
        group: destinations
        properties:
          name: printInvoice_dest
          url: '~{url}'
          forwardAuthToken: true
      - name: printInvoice <--- Added as per your suggestion
        group: destinations
        properties:
          name: printInvoice
          url: '~{url}'
          forwardAuthToken: true
jhodel18
Active Contributor
‎07-06-2020 4:19 PM
0 Kudos

Hi Gunter,

Now that you shared your mta.yaml file, I can see that you already have it configured here:

      - name: printInvoice_ref
        group: destinations
        properties:
          name: printInvoice_dest
          url: '~{url}'
          forwardAuthToken: true

You need to remove the one you just added.

And based on your existing configuration, your destination name is "printInvoice_dest" but I don't see this configured in your xs-app.json (routing configuration). You need to have an entry for this destination just before that last route below:

        "source": "/(.*)",
        "localDir": "resources",
        "authenticationType": "none",

PS: the public = true setting is only needed if you are doing cross-MTA module connection. From what I can understand from your setup, all your modules are inside one MTA project, hence, the usage of public = true is not really necessary.

Ask a Question