on 05-25-2017 3:05 PM
Have checked all of the settings documented HERE - and am using the same ADMINISTRATOR (Enterprise) account credentials that work OK in the regular CMC and Old Launchpad on the same BI Platform and Tomcat environment.
1.) CMC -> Applications -> RESTFul WebService is configured with Fully-Qualified Domain Name (FQDN).
2.) Checked that the REST SDK APIs, simple API is working OK using the FQDN.
3.) Confirmed that the Web Application Container Server (WACS) is running OK on that environment by testing the CMC -> BI Administrators' Cockpit using the same Administrator (Enterprise) credentials.
4.) We can get to the Login-Page for the new FIORI BI Launchpad, and had updated the Bing.properties file to expose everything on the Login-Page.
5.) We enter exactly the same System, User Name, Password & Authentication values into the new FIORI BI Launchpad....and get the "Three-Dots" Fiori-Processing overlay for a couple of seconds...but then it reverts back to the Login-Screen.
...We never get to the FIORI Launchpad "Home" page...
No Error-Messages or anything...just kicks us back to the Login-Screen.
6.) We have CONFIRMED that the CMS-Connection is actually taking place via the FIORI BI Launchpad by testing that page with a BLANK password.
Based on all of the above - it appears that everything is configured correctly, and is passing VALID login info to the CMS from the FIORI BI Launchpad.
However, it is not "completing" the hand-over to the new HOME page for the FIORI BI Launchpad
Are there any new SECURITY Settings or PERMISSIONS that need to be granted to give users access to the new FIORI BI Launchpad..?
Thanks in advance for any advice on how to resolve this issue.
Thanks for this great article
Did anyone mange to configure Fiorified to open Web Intelligence report in reading mode instead of the HTML viewer ?
Did anyone mange to create a tile which shows a chart/table ?
Does the How to Use the Read and Query Work-list in SAP BusinessObjects BI - is supported in Fiorified 4.2 SP4 ? if so thorough which tool?
BR
Yoav Y.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
We are on BI 4.2 SP4 P2, Red Hat Linux, SSL configured, Load Balance (LB) URL, Oracle repo db, Tocmat8 with 2 tomcat servers and 2 CMS servers: Tomcat is in DMZ.
When I login to BILaunchpad using the LB URL https://<lburl.com>/BOE/BILaunchpad, I get a logon screen but after I login I get an error message: Logon failed for WACS. Contact system administrator for necessary rights.
HTTPS is enabled in WACS
http://<localhost>:6405/biprws/v1/about -- works fine
Restful Web Service URL is set to: http://<localhost>;:6405/biprws -- The url works fine in the browser
I ran the fiddler tool and I noticed I get a 404 error same as what Mark noticed: error: /BOE/portal/1705180929/Bing/resources/sapui5/resources/sap/ui/core/messagebundle_en_US.properties HTTP/1.1
However, if I login to tomcat URL http://<tomcathost>:8080/BOE/BILaunchpad I am able to login ok.
What am I missing?
Thank you all in advance for your help!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Please change the URL in CMC->Applications->RestFul web services to https://<wacs>/biprws
Make sure same url is working fine from outside of installed machine.
-Bharath
Hi Bharath,
Thanks for your reply. Do you mean <wacs> host name of the server where the WACS proc server is installed?
If so I tried http://<localhost>;:6405/biprws -- this works
but with "https" in the URL it does not work -- https://<localhost>;:6405/biprws or https://<localhost>/biprws
Thanks!
As you mentioned in comment HTTPS is enabled for WACS.
Please navigate to CMC->Servers->Core Servers List-> WebApplication Container Server right click and go to Properties and check port number for https for WACS .
Then update CMC->Applications->RestFul web services to https://<wacs_installed_machine_ip>:<https_port>/biprws
Please check REST URL from out side of BOE installed machine.
Please share the status.
-
Bharath
Hi Bharath,
I have 7443 port set in the WACS server. Per your suggestion I tried setting the port number along with IP in the Restful WS URL. Then tested the URL https://<wacs_installed_machine_ip>:<https_port>/biprws and it worked!! So I tried the BILaunchpad and and I was able to login. The link was not secure though as I generated the keystore file to enable https, which is ok. I asked my workers to try and they still get the same error. I tried again with my ID on different machines and I get the error too. We tried on IE and Chrome, cleared cache multiple times and tried and still the same error. I just don't understand whats going on!! On my machine where it works I cleared cache and tried and it works. I am stumped!!
Thanks, Roopa
I have an update. I noticed that on the machines where its not working if I first try the URL that is in the WACS server (https://<wacs_installed_machine_ip>:<https_port>/biprws) I get a warning message that this is not a secure site and I click on Advanced and click on Proceed anyway. After this step I can then login to the BILaunchad with no issues. I had my co-workes try the same and it works for them. Seems like the issue is with the certificate?
Denis,
This is our external environment and that's why Tomcat is in DMZ. I guess cert is not an issue as it is self signed. I just need to have my network team generate an authorized cert.
Had a call with SAP support, they told me that I need to have our Load Balance accept process calls from port 7443 as this is the port that is configured in the WACS. So I updated the port to 8443 in the WACS which is already configured on load balance URL. I tried BILaunchpad again and it still does not work. They also had me add BOE WACS (via edit common services) to WACS server. However, the issue is still that the BILaunchpad works only if I try this link first https://<WACS_IP>:7443/BOE/BILaunchpad and then the LB url BILaunchpad works. This is not making any sense to me. 😞
Thanks!
by placing tomcat in the DMZ you actually weaken your security.
Now your DMZ has a bunch of holes in it because you have to open very many ports from tomcat to BOE backend.
Reverse proxy, LB, or web server should be in the DMZ and redirect calls to tomcats, which should be in the network.
This way DMZ has only 2 ports open - one in, one out.
on the other stuff - let the SAP support work it out. Test all this without SSL/HTTPS first. Once basics work, then secure it.
Tomcat is our Web server.
Anyway, we are trying to accomplish similar to these: https://archive.sap.com/discussions/message/15657987#15657987
https://blogs.sap.com/2015/04/01/wacs-load-balancing-for-restful-web-services/
We may need to just deploy Restful WS on web server, not sure!!
1. you should start a new tread on this.
2. the transition should be seamless. please provide more details - which reports, where and how exactly the error occurs, what changes in CMC exactly you did, etc...
One more thing is any one of the BI launchpad (BOE/BI or BOE/BILaunchpad) is logged in, then Same browser if user hits other one, that shouldn't ask for credentials .
-Bharath
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
OK - so logging into Regular Launchpad and then the New UI5 Launchpad in the same Browser got us a more descriptive error...
"User has no rights to login to New BI Launchpad. Please contact administrator."
The error is the same for a REGULAR User and our Administrator (Enterprise) Account - so that takes us back to the problem from the CMC Security settings problem from earlier.
In your Screenshot from the CMC there is an option - that we don't see in our CMC after the upgrade.
Your screenshot from CMC -
Hi Mark,
Were you able to figure out this issue?
I upgraded our environment to 42 SP5. When I login, I get no error messages and the login screen comes back.
In fiddler, I see 404 error: https://<lb url>t/BOE/portal/1804141933/PlatformServices/sapui5/resources/sap/ui/core/messagebundle_en_US.properties
Thanks, Roopa
Hi Mark,
I agree your point. But if that is the case - authentication error shouldn't come.
One last attempt:
1. Please clear the browser cache and reload the URL : http://host:8080/BOE/BILaunchpad
2. can you watch the network call which API is getting this error message from backend: New_Fiori_BI_Launchpad_Blank_Password.jpg
-Bharath
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Denis / Bharath -
Can't use CHROME on this network. IE-11.0.42 only.
1. Session Count and User ID are not updating / increasing in CMC -> Sessions after looping login attempts.
2. Ran the process as suggested above - and monitored the network-traffic on the IE Browser at the Login Attempt...
No HTTP 401 errors - but we got two (2) HTTP 404 "File not found" errors on 8080.
Specific to - Key Value Request GET /BOE/portal/1705180929/Bing/resources/sapui5/resources/sap/ui/core/messagebundle_en_CA.properties HTTP/1.1
Took a look down into the SAPUI5 directory on the Tomcat Catalina path - and that file does not exist.
It is an ENGLISH-CANADA specific Properties file. Looks like it did not get deployed correctly during the upgrade..?
Should I do an UNDEPLOY and REDEPLOY of everything on the Web-Layer using the WDEPLOY tools..?
My sense is that the Upgrade process didn't update the Web-Applications correctly in the move from SP03 -> SP04.
Let me know.
Thanks,
Mark
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
1. Please check each time logon fail - session count increasing in CMC->Sessions.
2. In Browser press F12 and select network tab (If IE browser please press Play button).
Then Enter Username and Password press Enter .
Please watch the network - there must one response with 401 Response code .
Check this response is coming from Tomcat(8080 port) or WACs(6405 port) (REST).
-Bharath
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
try in Chrome, see if you get same issue or not.
By default it should be accessible to Administrator, without any other steps. Right of the bat.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.