Skip to Content
0

UI5 App without authentification shows popup in browser (HTTP 401) due to call of /sap/bc/lrep

Mar 09 at 01:30 PM

101

avatar image

I would like to host a UI5 App without authentification. The app works well in Fiori Launchpad and via the direct link to the service in my user context.

To achieve it without authentification I entered a system user in the corresponding SICF services for the UI5 and the OData service. (like described here: https://blogs.sap.com/2015/08/05/disable-csrf-token-for-odata-calls-using-sap-netweaver-gateway/)

Example for the UI5 service:

Now I can call my two services without authentification:

/sap/bc/ui5_ui5/sap/z_system_info

/sap/opu/odata/sap/z_sm_system_info_srv

But the problem is that the browser shows a logon window like this:

As I found out this is caused by a call to sap/bc/lrep/flex/data/com.yourcompany.z_system_info.Component

All other resources are loaded fine and when I abort the message I can use the app without problems.

I thought about a problem with the CSRF Token, but the entry ~CHECK_CSRF_TOKEN=0 in the GUI_CONFIGURATION of the service as mentioned in the linked article did not change anything.

So I got the idea to switch the logon error page for the lrep service from explicit to system logon:

The result is that instead of a 401 the call gets back with a 200 status and a page where the user normally should log on:

But because it is loaded in the background it will never show up to the user.

I am aware that this is just a dirty workaround, so I would be interested if someone got the same problem or if there is a better solution to this problem? (Especially without modifying the lrep service.)

10 |10000 characters needed characters left characters exceeded

Hi,

now after a month without answers I would just like to know if there is a problem with the question or just nobody has been experiencing this problem so far?

I am curious about your feedback.

0
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Desiree Matas
Apr 16 at 09:58 AM
0

Hi Tim,

Check if the following KBA is useful for you:

2568947 - SmartVariantManagement - Setup and Authorizations

Best regards,
Désirée

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi Désirée,

thank you for the answer.

I read the KBA you provided, which describes how to set up Smart Variant Management, but in my case I do not need it at all. I just had to enable the lrep service because otherwise I could not start the UI5 app from Fiori Launchpad. This is described here https://launchpad.support.sap.com/#/notes/2467759 and it solved this particular problem.

But back to the KBA you mentioned: The problem is that I have no user to assign rights to, but I want to be able to open the URL anonymously. Which works due to the service user I entered except for the lrep service (that I technically not need for the app).

Best regards

Tim

0