Skip to Content
avatar image
Former Member

How App on YaaS platform calls a restful service deployed on SCP with Single-Sign-On enabled

Hi expert,

We have a scenario that our app (hybris engagement center) wants to call a restful service deployed on SCP. Engagement Center is one app built on YaaS platform. Single-Sign-On is enabled when logging engagement center, while the restful service on SCP also is authenticated by SSO. Both App on YaaS and service on SCP use the same IDP (accounts.sap.com).

The service on SCP uses FORM authentication:

<login-config>
<auth-method>FORM</auth-method>
</login-config>

When we make a promise call to the endpoint, it returns 200, but the response is:

<html xmlns="http://www.w3.org/1999/xhtml"><head><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, shrink-to-fit=no" /><meta http-equiv="pragma" content="no-cache" /></head><body style="background-color:#FFFFFF" onload="var url=window.location.hash;if(url&&0!==url.length){var anchorCookie='oucrsxusqbsrpjobxowqpcrdd_anchor=&quot;'+encodeURIComponent(url)+'&quot;';document.cookie=anchorCookie}document.forms[0].submit()"><p><script language="javascript">document.write("Please wait ...");</script></p><noscript><p>Note: Your browser does not support JavaScript or it is turned off. Press the button to proceed.</p></noscript><form method="post" action="https://accounts.sap.com/saml2/idp/sso/accounts.sap.com"><input type="hidden" name="SAMLRequest" value="PEF1dGhuUmVxdWVzdCB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpuczI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOm5zMz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyIgeG1sbnM6bnM0PSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyMiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly93ZWF0aGVyYXBwaTMzMDk1NXRyaWFsLmhhbmF0cmlhbC5vbmRlbWFuZC5jb20vd2VhdGhlcmFwcC9hcGkvdjEvYXV0aCIgRGVzdGluYXRpb249Imh0dHBzOi8vYWNjb3VudHMuc2FwLmNvbS9zYW1sMi9pZHAvc3NvL2FjY291bnRzLnNhcC5jb20iIEZvcmNlQXV0aG49ImZhbHNlIiBJRD0iU2Y5MjhjNmVkLWI3N2ItNGYwNS1hZTFiLWJjOGJkOTk1NmM5Ni1RWjlQWU1jWnFIZWwwTXJpbEloWFRPaF80N2tDLnZodVVPYXk5QjJOdHNvIiBJc3N1ZUluc3RhbnQ9IjIwMTctMDYtMDdUMDg6Mjc6MTkuODUwWiIgVmVyc2lvbj0iMi4wIj48bnMyOklzc3Vlcj5odHRwczovL253dHJpYWwub25kZW1hbmQuY29tPC9uczI6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkczpSZWZlcmVuY2UgVVJJPSIjU2Y5MjhjNmVkLWI3N2ItNGYwNS1hZTFiLWJjOGJkOTk1NmM5Ni1RWjlQWU1jWnFIZWwwTXJpbEloWFRPaF80N2tDLnZodVVPYXk5QjJOdHNvIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5HYlJaVXh5WVZYTE9iUmhNcjdrOHZycVFkTk09PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPlVUSHh4MFA3RjhMZk5MQ1daSVgxaFpHd3hJQVBmSDRrS3c2MDlwSWRVbGkwL1U5NE0xc2hSU3pPNDNpTnpiMzNhVC9QbXF6UER5bWp1REpxVDNPS2RQNXl4cEtPMTFIUDVDVkpyWnVlR2xSODRUNmJiRStDUkRabWZrNTUyZWNFbWY2ZVFyYmkvWHZrTllFU0sybU9zekJZVFg0d0dYaGxUeWZHQ1FUTUdQdENkdlJnckd3SWRQMitDTjh0emljSHUxeTFLdDI5Q3ZkSEpmRWUrVjhVRk1TMVhiNHZUbkdqQWJzK0dYODRWbDVaMS9LMExtVmpnS0lRNVlDTVcxYzFtd0dxWldXYTRVd0xxdE91MHJMZlZGaXN0c3hOQVZMOUF1MTZUdEhMUXNaUEsySkdiU2hNVmFQWFNubEdIZ01OckFuMVN3MDE4KzdtcUx2Z3VnUjl3dz09PC9kczpTaWduYXR1cmVWYWx1ZT48L2RzOlNpZ25hdHVyZT48L0F1dGhuUmVxdWVzdD4=" /><input type="hidden" name="RelayState" value="oucrsxusqbsrpjobxowqpcrdd" /><noscript><input type="submit" value="Continue" /></noscript></form></body></html>

We assume since the user already logged into Engagement center via SSO, so when making a call to the service, the authentication on the service level should be done automatically. We don't need any actions to handle the response.

Is our thought correct? We are worried we are missing some points during the whole process.

Thank you for answering.

Best Regards,

yangyang

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

0 Answers