Skip to Content

SAP HANA XSA WebIDE 2.0 SP 2: Authorization - Generating a Role

Hi,

I'm not able the generate roles, although I think I did all on the right way.

I was following the tinyworld app by Chaim Bendelac for creating the roles. I know that I could reproduce this helpful guide in the past and it worked for me.

But now I don't get it to run.

1. I was importing the xs-security.json file

2. Removed the old uaa and created a the new uaa-services within xs-security.json file

3. Also set the parameter for mta. Found two different versions in the documentation. Tried both of them. (Which one is right?)

– name: tiny_uaa                         
  type: com.sap.xs.uaa
  parameters:
    path: ./xs-security.json
   type: com.sap.xs.uaa
   parameters:
    config-path: xs-security.json

4. Was rebuilding the js and web modul and starting them, more times.

The authority check seems to work, because the "Forbidden"-msg comes up. I can't see the data. But the roles are not there....

Any ideas?

Add comment
10|10000 characters needed characters exceeded

  • The only difference is, that I used this time a similar scope like this:

    	"routes": [{
    		"source": "(.*)(name.xsodata)",
    		"destination": "nodejs_destination",
    		"csrfProtection": false,
    		"authenticationType": "xsuaa",
    		"scope": {
    			"GET": "$XSAPPNAME.Display",
    			"POST": ["$XSAPPNAME.Display", "$XSAPPNAME.Create"],
    			"PUT": ["$XSAPPNAME.Display", "$XSAPPNAME.Create"],
    			"DELETE": ["$XSAPPNAME.Display", "$XSAPPNAME.Delete"],
    			"default": "$XSAPPNAME.Display"
    		}
    	},
    
  • Get RSS Feed

2 Answers

  • Best Answer
    6 days ago

    Hi Dirk! It's the old one, but I'll comment for other blog readers about my experience.

    I've lost about an hour trying to figure out why my xs-security.json is not creating any role templates (xs roles) during deployment (xs deploy) to target space (xs t -s <target space>). The issue was exactly in the

    config-path: ./xs-security.json    

    that I've copied from some old development blog, and when I've corrected it to

    path: ./xs-security.json  

    my role was created and everything started working as designed.

    Add comment
    10|10000 characters needed characters exceeded

  • Jun 28, 2017 at 09:15 AM

    Ok, got it to work.

    The issue was that I took always the wrong file from my local folder by my CLI.

    But I guess generally, that this handling should be become better. (Removing uaa-service and reinstalling it with a file on a local folder and so on.)

    This worked for me:

        type: com.sap.xs.uaa
        parameters: 
           path: ./xs-security.json
    
    Add comment
    10|10000 characters needed characters exceeded