cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

We are using SAP FIORI CLIENT with SMP3.0 but getting 'No CSRF token stored in session'

former_member433328
Explorer

on ‎12-11-2017 2:10 PM

0 Kudos

Hello All,

We are using custom SAP FIORI CLIENT with SMP3.0 . The application is getting authenticated with azure idp using saml and for backend authentication it used SSO mechanism.

Results -

1. application is getting registered in the SMP.

2. The ticket is getting generated for authentication in gateway, but getting the below error in smp - No csrf token stored in session for request with method [GET] and URI [/odata/applications/v4/<app_name>/$metadata].

Attaching the screen shot of the application setup in smp.

Please do have a look and give us some clue of what should be the issue.

Thanks

Ritushree

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member433328
Explorer
‎12-11-2017 2:17 PM
0 Kudos 
    fiori_client_appConfig = {
        
        "appID": "<appId>",
        "fioriURL":"https://<host:port>/sap/bc/ui5_ui5/ui2/ushell/shells/abap/Fiorilaunchpad.html",
        "fioriURLIsSMP": true,
		"auth":[{
			 "type":"saml2.web.post",
			 "config":{
				"saml2.web.post.authchallengeheader.name": "com.sap.cloud.security.login",
				"saml2.web.post.finish.endpoint.uri": "/SAMLAuthLauncher",
				"saml2.web.post.finish.endpoint.redirectparam": "finishEndpointParam"	
			 }
		}],

        "multiUser": false,

         "certificate": "",

         "autoSelectSingleCert": false,
        
         "communicatorId" : "REST",
        
         "passcodePolicy":  {
               "expirationDays":"0",
               "hasDigits":"false",
               "hasLowerCaseLetters":"false",
               "hasSpecialLetters":"false",
               "hasUpperCaseLetters":"false",
               "defaultAllowed":"true",
               "lockTimeout":"300",
               "minLength":"8",
               "minUniqueChars":"0",
               "retryLimit":"10",
               "allowFingerprint":"false"
          },

        "keysize": "",

        "idpLogonURL": "",

        "privacyPolicies": [
            {"id": "mycompany", "label": "<company name>", "url": "<company url>", "lastUpdated": "2016-11-21T00:00"}
        ],


        // Customization options for the Logon screens, uncomment to use


        /**
         * backgroundImage - Path to the background image used for logon screens
         */
        "backgroundImage": "img/background.jpg",


        /**
         * styleSheet - Path to the css file used for logon screens
         */
        "styleSheet": "../../../custom.css",


        /**
         * hideLogoCopyright - Boolean value to hide the logo and copyright text in the footer of logon screens
         */
        "hideLogoCopyright": false,


        /**
         * copyrightLogo - Path to the logo image in the footer
         */
        "copyrightLogo": "img/sapLogo.png",


        /**
         * copyrightMsg - An array of 2 strings to specify 2 lines of copyright text in the footer
         */
        "copyrightMsg": ["<company name>.", "All rights reserved."],


        /**
         * disablePasscode - Boolean value to disable the passcode screen
         * Note this value should not be set when multi-user support is enabled.
         */
        //"disablePasscode": false,


        /**
         * allowSavingFormCredentials - boolean value whether the user will be given an option to
         * save their credentials when using form authentication.  Defaults to false.
         */
        "allowSavingFormCredentials": true,


        /**
         * enableCacheManager - Boolean value to enable/disable the CacheManager plugin.  The
         * default value is true.
         */
        //"enableCacheManager": false,
    };


<br>
Show replies
Show replies
Ask a Question