Skip to Content
avatar image
Former Member

Security for SAPUI5/Android Applications using XSJS/XSOdata

Hello Experts ,

I'm newbie in XS Development ,I'm trying to create SAPUI5/Android Application that consume XSODATA or XSJS , but I'm worried about security aspect ,At first I was passing the credentials via UI which make my whole system vulnerable to attacks then i found that very interesting tuto about how to make anonymous call https://archive.sap.com/discussions/thread/3656891 and it works just fine , now i want to generate security token (like XSRF token) to make CRUD operations, my question is how to make my XS application generate the token from my application and block any other user outside of it from accessing my XSJS or XSODATA specially when the connection is anonymous , is there some kind of signature or authentication specified to the user( like IP adress or something else ) I need to provide before making my operation.

please help me figure out the best way to completly secure my application , I'm really lost

Best regards.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

0 Answers