Skip to Content
0
Sep 16, 2020 at 05:06 PM

SMP Hybrid application authentication not working under Linux

39 Views

Hi,

The frontend is Cordova wrapped SAPUI5 application, its authentication is using Kapsel Logon Plugin.

New Hybrid Application is defined for the above application under SMP Server for Windows, and its authentication works well. Below are some highlight settings:

- Backend url is pointing to SAP Gateway, with SSO2 mechanism

~ Rewrite Mode: No Rewriting

- Authentication Profile is configured as HTTP/HTTPS -> its url is pointing to SAP NetWeaver Portal

~ Client's HTTP Values to Send: Authorization

~ Send Client HTTP Values as: header:Authorization

~ SSO Cookie Name: MYSAPSSO2

However, after applying the same configurations to SMP Server for Linux it is failing at Logon (Registration Error: please check your connection data). Below is the excerpt from SMP Server log:

2020 09 15 15:53:13#0-600#DEBUG#com.sybase.security.internal.ReflectionTools##smpadm#http-bio-8083-exec-3####f4da4e71-181d-4121-b494-22379a77d098#### found and assignable |
2020 09 15 15:53:13#0-600#DEBUG#com.sybase.security.SecContextFactory##smpadm#http-bio-8083-exec-3####f4da4e71-181d-4121-b494-22379a77d098####Calling com.sybase.security.integration.tomcat7.TomcatContextRetriever |
2020 09 15 15:53:13#0-600#DEBUG#com.sybase.security.provider.AbstractPrincipalContextRetriever##smpadm#http-bio-8083-exec-3####f4da4e71-181d-4121-b494-22379a77d098####environment object is an httpservletrequest |
2020 09 15 15:53:13#0-600#DEBUG#com.sybase.security.provider.AbstractPrincipalContextRetriever##smpadm#http-bio-8083-exec-3####f4da4e71-181d-4121-b494-22379a77d098####principal is a ContextRetrieverPrincipal |
2020 09 15 15:53:13#0-600#DEBUG#com.sap.mobile.platform.server.foundation.security.authorizer.provider.SMPAuthorizer##smpadm#http-bio-8083-exec-3####f4da4e71-181d-4121-b494-22379a77d098####do check access |
2020 09 15 15:53:13#0-600#DEBUG#com.sybase.security.core.UserRoleAuthorizer##smpadm#http-bio-8083-exec-3####f4da4e71-181d-4121-b494-22379a77d098####UserRoleAuthorizer.checkRole(roleName=Administrator,subject.getName()=smpadm |
2020 09 15 15:53:13#0-600#DEBUG#com.sybase.security.core.RoleCheckAuthorizer##smpadm#http-bio-8083-exec-3####f4da4e71-181d-4121-b494-22379a77d098####RoleCheckAuthorizer.checkRole(Administrator) |


Is there anything missed from SMP Server for Linux? Is there anything about Role Mapping to be done (the Security Profile is using the default "Impersonator")?

Any inputs and comments are appreciated.

Regards,

Jinlin Wang