We are using SAP FIORI CLIENT with SMP3.0 but getting 'No CSRF token stored in session'

Ritushree Saha

We are using SAP FIORI CLIENT with SMP3.0 but getting 'No CSRF token stored in session'

Dec 11, 2017 at 02:10 PM | 43 Views

Hello All,

We are using custom SAP FIORI CLIENT with SMP3.0 . The application is getting authenticated with azure idp using saml and for backend authentication it used SSO mechanism.

Results -

1. application is getting registered in the SMP.

2. The ticket is getting generated for authentication in gateway, but getting the below error in smp - No csrf token stored in session for request with method [GET] and URI [/odata/applications/v4/<app_name>/$metadata].

Attaching the screen shot of the application setup in smp.

Please do have a look and give us some clue of what should be the issue.

Thanks

Ritushree

SAP Mobile Platform

Add comment

1 Answer

Sort by:

Votes

Newest

Oldest

Ritushree Saha

Dec 11, 2017 at 02:17 PM

    fiori_client_appConfig = {
        
        "appID": "<appId>",
        "fioriURL":"https://<host:port>/sap/bc/ui5_ui5/ui2/ushell/shells/abap/Fiorilaunchpad.html",
        "fioriURLIsSMP": true,
		"auth":[{
			 "type":"saml2.web.post",
			 "config":{
				"saml2.web.post.authchallengeheader.name": "com.sap.cloud.security.login",
				"saml2.web.post.finish.endpoint.uri": "/SAMLAuthLauncher",
				"saml2.web.post.finish.endpoint.redirectparam": "finishEndpointParam"	
			 }
		}],

        "multiUser": false,

         "certificate": "",

         "autoSelectSingleCert": false,
        
         "communicatorId" : "REST",
        
         "passcodePolicy":  {
               "expirationDays":"0",
               "hasDigits":"false",
               "hasLowerCaseLetters":"false",
               "hasSpecialLetters":"false",
               "hasUpperCaseLetters":"false",
               "defaultAllowed":"true",
               "lockTimeout":"300",
               "minLength":"8",
               "minUniqueChars":"0",
               "retryLimit":"10",
               "allowFingerprint":"false"
          },

        "keysize": "",

        "idpLogonURL": "",

        "privacyPolicies": [
            {"id": "mycompany", "label": "<company name>", "url": "<company url>", "lastUpdated": "2016-11-21T00:00"}
        ],


        // Customization options for the Logon screens, uncomment to use


        /**
         * backgroundImage - Path to the background image used for logon screens
         */
        "backgroundImage": "img/background.jpg",


        /**
         * styleSheet - Path to the css file used for logon screens
         */
        "styleSheet": "../../../custom.css",


        /**
         * hideLogoCopyright - Boolean value to hide the logo and copyright text in the footer of logon screens
         */
        "hideLogoCopyright": false,


        /**
         * copyrightLogo - Path to the logo image in the footer
         */
        "copyrightLogo": "img/sapLogo.png",


        /**
         * copyrightMsg - An array of 2 strings to specify 2 lines of copyright text in the footer
         */
        "copyrightMsg": ["<company name>.", "All rights reserved."],


        /**
         * disablePasscode - Boolean value to disable the passcode screen
         * Note this value should not be set when multi-user support is enabled.
         */
        //"disablePasscode": false,


        /**
         * allowSavingFormCredentials - boolean value whether the user will be given an option to
         * save their credentials when using form authentication.  Defaults to false.
         */
        "allowSavingFormCredentials": true,


        /**
         * enableCacheManager - Boolean value to enable/disable the CacheManager plugin.  The
         * default value is true.
         */
        //"enableCacheManager": false,
    };


<br>