cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP BO-BI 4.2 (SP04) - Problem with "looping" Login page on new FIORI BI Launchpad..?

former_member183781
Active Participant

on ‎05-25-2017 3:05 PM

0 Kudos

Have checked all of the settings documented HERE - and am using the same ADMINISTRATOR (Enterprise) account credentials that work OK in the regular CMC and Old Launchpad on the same BI Platform and Tomcat environment.

1.) CMC -> Applications -> RESTFul WebService is configured with Fully-Qualified Domain Name (FQDN).



2.) Checked that the REST SDK APIs, simple API is working OK using the FQDN.



3.) Confirmed that the Web Application Container Server (WACS) is running OK on that environment by testing the CMC -> BI Administrators' Cockpit using the same Administrator (Enterprise) credentials.

4.) We can get to the Login-Page for the new FIORI BI Launchpad, and had updated the Bing.properties file to expose everything on the Login-Page.



5.) We enter exactly the same System, User Name, Password & Authentication values into the new FIORI BI Launchpad....and get the "Three-Dots" Fiori-Processing overlay for a couple of seconds...but then it reverts back to the Login-Screen.

...We never get to the FIORI Launchpad "Home" page...

No Error-Messages or anything...just kicks us back to the Login-Screen.

6.) We have CONFIRMED that the CMS-Connection is actually taking place via the FIORI BI Launchpad by testing that page with a BLANK password.



Based on all of the above - it appears that everything is configured correctly, and is passing VALID login info to the CMS from the FIORI BI Launchpad.

However, it is not "completing" the hand-over to the new HOME page for the FIORI BI Launchpad

Are there any new SECURITY Settings or PERMISSIONS that need to be granted to give users access to the new FIORI BI Launchpad..?

Thanks in advance for any advice on how to resolve this issue.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (7)

Answers (7)

Former Member
‎12-24-2017 10:52 AM
0 Kudos

Thanks for this great article

Did anyone mange to configure Fiorified to open Web Intelligence report in reading mode instead of the HTML viewer ?

Did anyone mange to create a tile which shows a chart/table ?

Does the How to Use the Read and Query Work-list in SAP BusinessObjects BI - is supported in Fiorified 4.2 SP4 ? if so thorough which tool?

BR

Yoav Y.

Show replies
Show replies
rpuranik
Participant
‎10-03-2017 8:01 PM
0 Kudos

Hi,

We are on BI 4.2 SP4 P2, Red Hat Linux, SSL configured, Load Balance (LB) URL, Oracle repo db, Tocmat8 with 2 tomcat servers and 2 CMS servers: Tomcat is in DMZ.

When I login to BILaunchpad using the LB URL https://<lburl.com>/BOE/BILaunchpad, I get a logon screen but after I login I get an error message: Logon failed for WACS. Contact system administrator for necessary rights.

HTTPS is enabled in WACS

http://<localhost>:6405/biprws/v1/about -- works fine

Restful Web Service URL is set to: http://<localhost>;:6405/biprws -- The url works fine in the browser

I ran the fiddler tool and I noticed I get a 404 error same as what Mark noticed: error: /BOE/portal/1705180929/Bing/resources/sapui5/resources/sap/ui/core/messagebundle_en_US.properties HTTP/1.1

However, if I login to tomcat URL http://<tomcathost>:8080/BOE/BILaunchpad I am able to login ok.

What am I missing?

Thank you all in advance for your help!

Show replies
Show replies
former_member230921
Active Contributor
‎10-04-2017 7:18 AM
0 Kudos

Please change the URL in CMC->Applications->RestFul web services to https://<wacs>/biprws

Make sure same url is working fine from outside of installed machine.

-Bharath

rpuranik
Participant
‎10-04-2017 3:37 PM
0 Kudos

Hi Bharath,

Thanks for your reply. Do you mean <wacs> host name of the server where the WACS proc server is installed?

If so I tried http://<localhost>;:6405/biprws -- this works

but with "https" in the URL it does not work -- https://<localhost>;:6405/biprws or https://<localhost>/biprws

Thanks!


former_member230921
Active Contributor
‎10-05-2017 7:17 AM
0 Kudos

As you mentioned in comment HTTPS is enabled for WACS.

Please navigate to CMC->Servers->Core Servers List-> WebApplication Container Server right click and go to Properties and check port number for https for WACS .

Then update CMC->Applications->RestFul web services to https://<wacs_installed_machine_ip>:<https_port>/biprws

Please check REST URL from out side of BOE installed machine.

Please share the status.

-

Bharath

rpuranik
Participant
‎10-05-2017 4:14 PM
0 Kudos

Hi Bharath,

I have 7443 port set in the WACS server. Per your suggestion I tried setting the port number along with IP in the Restful WS URL. Then tested the URL https://<wacs_installed_machine_ip>:<https_port>/biprws and it worked!! So I tried the BILaunchpad and and I was able to login. The link was not secure though as I generated the keystore file to enable https, which is ok. I asked my workers to try and they still get the same error. I tried again with my ID on different machines and I get the error too. We tried on IE and Chrome, cleared cache multiple times and tried and still the same error. I just don't understand whats going on!! On my machine where it works I cleared cache and tried and it works. I am stumped!!

Thanks, Roopa

rpuranik
Participant
‎10-05-2017 5:56 PM
0 Kudos

I have an update. I noticed that on the machines where its not working if I first try the URL that is in the WACS server (https://<wacs_installed_machine_ip>:<https_port>/biprws) I get a warning message that this is not a secure site and I click on Advanced and click on Proceed anyway. After this step I can then login to the BILaunchad with no issues. I had my co-workes try the same and it works for them. Seems like the issue is with the certificate?

denis_konovalov
Active Contributor
‎10-05-2017 7:01 PM
0 Kudos

you have to import/trust your self signed certificates for this to work.

p.s.
why would you put tomcat into DMZ ?????

rpuranik
Participant
‎10-05-2017 10:11 PM
0 Kudos

Denis,

This is our external environment and that's why Tomcat is in DMZ. I guess cert is not an issue as it is self signed. I just need to have my network team generate an authorized cert.

Had a call with SAP support, they told me that I need to have our Load Balance accept process calls from port 7443 as this is the port that is configured in the WACS. So I updated the port to 8443 in the WACS which is already configured on load balance URL. I tried BILaunchpad again and it still does not work. They also had me add BOE WACS (via edit common services) to WACS server. However, the issue is still that the BILaunchpad works only if I try this link first https://<WACS_IP>:7443/BOE/BILaunchpad and then the LB url BILaunchpad works. This is not making any sense to me. 😞

Thanks!

denis_konovalov
Active Contributor
‎10-06-2017 12:54 PM
0 Kudos

by placing tomcat in the DMZ you actually weaken your security.
Now your DMZ has a bunch of holes in it because you have to open very many ports from tomcat to BOE backend.
Reverse proxy, LB, or web server should be in the DMZ and redirect calls to tomcats, which should be in the network.
This way DMZ has only 2 ports open - one in, one out.

on the other stuff - let the SAP support work it out. Test all this without SSL/HTTPS first. Once basics work, then secure it.

rpuranik
Participant
‎10-06-2017 7:16 PM
0 Kudos

Tomcat is our Web server.

Anyway, we are trying to accomplish similar to these: https://archive.sap.com/discussions/message/15657987#15657987

https://blogs.sap.com/2015/04/01/wacs-load-balancing-for-restful-web-services/

We may need to just deploy Restful WS on web server, not sure!!

denis_konovalov
Active Contributor
‎10-06-2017 9:16 PM
0 Kudos

If your Tomcat is hosting BOE apps - its not a web server and you need to open lots of ports from it to BOE.
You also can't deploy restful to web server, its WACS only at this point. Maybe in the next SP it'll be deployable to tomcat (Maybe. Not sure. Subject to change. its just rumors).

rpuranik
Participant
‎10-10-2017 6:12 PM
0 Kudos

Yea its out Web App server. We have /webapps deployed on the Tomcat server. In this case I still cannot deploy restful to our webapp server?

denis_konovalov
Active Contributor
‎10-10-2017 6:50 PM
0 Kudos

right now restful can only be on WACS.

rpuranik
Participant
‎10-11-2017 3:22 PM
0 Kudos

Okay Thank You.

rpuranik
Participant
‎01-12-2018 7:39 PM
0 Kudos

I upgraded to 42 SP5 and I configured the restful URL to use tomcat host and port but now I am not able to access any reports. I get "Not Found (RWS 00005)" error.

Is there any documentation specifically around this?

Thanks!

denis_konovalov
Active Contributor
‎01-12-2018 7:43 PM

1. you should start a new tread on this.
2. the transition should be seamless. please provide more details - which reports, where and how exactly the error occurs, what changes in CMC exactly you did, etc...

former_member230921
Active Contributor
‎05-25-2017 7:41 PM
0 Kudos

One more thing is any one of the BI launchpad (BOE/BI or BOE/BILaunchpad) is logged in, then Same browser if user hits other one, that shouldn't ask for credentials .

-Bharath

Show replies
Show replies
former_member183781
Active Participant
‎05-25-2017 8:14 PM
0 Kudos

OK - so logging into Regular Launchpad and then the New UI5 Launchpad in the same Browser got us a more descriptive error...

"User has no rights to login to New BI Launchpad. Please contact administrator."

The error is the same for a REGULAR User and our Administrator (Enterprise) Account - so that takes us back to the problem from the CMC Security settings problem from earlier.

In your Screenshot from the CMC there is an option - that we don't see in our CMC after the upgrade.

Your screenshot from CMC -

What we see in our CMC (after the upgrade to SP04) -

For whatever reason - that new "Logon to new Fiorified BI Launch Pad" right is not visible in our CMC after the upgrade to SP04...and that is why we can't LOGIN to it.

Is there any way to fix what we are seeing in the CMC..?
former_member230921
Active Contributor
‎05-25-2017 8:31 PM
0 Kudos

did you cleared tomcat work folder and restarted ?

rpuranik
Participant
‎04-16-2018 3:56 AM
0 Kudos

Hi Mark,

Were you able to figure out this issue?

I upgraded our environment to 42 SP5. When I login, I get no error messages and the login screen comes back.

In fiddler, I see 404 error: https://<lb url>t/BOE/portal/1804141933/PlatformServices/sapui5/resources/sap/ui/core/messagebundle_en_US.properties

Thanks, Roopa

former_member230921
Active Contributor
‎05-25-2017 7:29 PM
0 Kudos

Hi Mark,

I agree your point. But if that is the case - authentication error shouldn't come.

One last attempt:

1. Please clear the browser cache and reload the URL : http://host:8080/BOE/BILaunchpad

2. can you watch the network call which API is getting this error message from backend: New_Fiori_BI_Launchpad_Blank_Password.jpg

-Bharath

Show replies
Show replies
former_member183781
Active Participant
‎05-25-2017 7:07 PM
0 Kudos

Denis / Bharath -

Can't use CHROME on this network. IE-11.0.42 only.

1. Session Count and User ID are not updating / increasing in CMC -> Sessions after looping login attempts.

2. Ran the process as suggested above - and monitored the network-traffic on the IE Browser at the Login Attempt...

No HTTP 401 errors - but we got two (2) HTTP 404 "File not found" errors on 8080.

Specific to - Key Value Request GET /BOE/portal/1705180929/Bing/resources/sapui5/resources/sap/ui/core/messagebundle_en_CA.properties HTTP/1.1

Took a look down into the SAPUI5 directory on the Tomcat Catalina path - and that file does not exist.

It is an ENGLISH-CANADA specific Properties file. Looks like it did not get deployed correctly during the upgrade..?

Should I do an UNDEPLOY and REDEPLOY of everything on the Web-Layer using the WDEPLOY tools..?

My sense is that the Upgrade process didn't update the Web-Applications correctly in the move from SP03 -> SP04.

Let me know.

Thanks,
Mark

Show replies
Show replies
former_member230921
Active Contributor
‎05-25-2017 6:35 PM
0 Kudos

1. Please check each time logon fail - session count increasing in CMC->Sessions.

2. In Browser press F12 and select network tab (If IE browser please press Play button).

Then Enter Username and Password press Enter .

Please watch the network - there must one response with 401 Response code .

Check this response is coming from Tomcat(8080 port) or WACs(6405 port) (REST).

-Bharath

Show replies
Show replies
denis_konovalov
Active Contributor
‎05-25-2017 6:11 PM
0 Kudos

try in Chrome, see if you get same issue or not.
By default it should be accessible to Administrator, without any other steps. Right of the bat.

Show replies
Show replies
Ask a Question