Skip to Content

Using HANA REST API for file upload in SAP UI5 Service layer without 2-level authorization

Jan 31 at 01:39 PM


avatar image

We are developing a HR application based on Sap UI5/Service layer on our XS Server. Everything is going fine, however we have a question we could not resolve anywhere.

To upload all kinds of files for an employee,apart from Service layer REST API, we also use HANA Api. The service is located under "xsserver/sap/hana/xs/dt/base/xfer/import/..." . Everything works fine, except that before using this API, the application has to fetch for XSRF Token, which is impossible, unless HANA user is authorized. (Like SYSTEM User). So, even if we have .xsaccess properties set up with asking no HANA XS authorization for users to use it (user only authorizes to B1 Database to use Service layer), then we can't use HANA API. This causes some inconvenience, because we don't want the user to authenticate twice, first for HANA server and then for Service layer DB.

Is there any solution/workaround so we can set up HANA so users can use HANA API ("xsserver/sap/hana/xs/dt/base/xfer/import/...") on particular directories without authorization ?

Thank you in advance, we would greatly appreciate your help.

Respect, Giorgi and SAP Team from Tbilisi, Georgia.

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Maria Trinidad MARTINEZ GEA
Jan 31 at 01:44 PM

Hi Goga,

Could be the anonymous option explained in the following blog an option?

Let us know,

Show 3 Share
10 |10000 characters needed characters left characters exceeded

Thank you for the useful link, Maria, however although it does make clear how to make .xsodata and .xsjs services INSIDE the project , it still becomes unclear, how to use that user for anonymous authentication with HANA API file service , which is not a service in my project, but externally inbuilt on xs server.

to formulate the question as a coding developer,

I understand how to link my .SQLCC settings user in

.xsjs - pass parameter $.db.getConnection(“SQLCC::testsqlcc”) , and the dbconnection knows it should use the user we indicated in SQLC;

.xsodata service - works anonymously AS long it is in the same directory as .sqlcc file

BUT when fetching csrf-token,

$.ajax({ beforeSend: function (request)

request.setRequestHeader("x-csrf-token", "fetch");

url: "/sap/hana/xs/dt/base/file/" ,
method: 'GET',
processData: false,
contentType: false

how would my request automatically set the USER and PASSWORD from my .sqlcc settings ??

P.S naturally, the request works 100% fine, when using form-data authorization


Hello, if my last particular question is not clear, I can explain it with more details


Does .xssqlcc set anonymous user only for using database services like .xsodata and db.getConnection() in xsjs anonymously ? or should it also work in my case ? If it is unclear, what service I am using, this is the link to its reference.