Skip to Content
avatar image
Former Member

ApptoAppSSO destination to HANA XS: Unable to verify XML signature

Hello,

I am attempting to connect a HANA XS application to an HTML5 application in HCP. My case is close to the one in this guide:

https://blogs.sap.com/2016/03/21/principal-propagation-between-html5-and-sap-hana-xs-on-sap-hana-cloud-platform/

I have set the following destination:

Only difference is that I am using SAP's default SSO. I have no issues connecting to the HANA XS service directly and authenticating. When the app tries to connect through the destination, the connection fails.

In the browser debugger I see the following error returned to the app:

StatusCode in ResponseMessage != OK; please refer to the database trace for more information

In the server log I get the following:

Assertion authentication failed with reason: Unable to verify XML signature(StatusCode: , StatusMessage: )

What can be the reason, is there an issue with the destination configuration I set?

1.png (25.1 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

4 Answers

  • avatar image
    Former Member
    Nov 01, 2016 at 04:30 PM

    Turns out I needed to add the HCP service provider settings as an identity provider in HANA. After adding a SAP Cloud Identity IdP, I did just that and it worked.

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Nov 02, 2016 at 03:57 PM

    It works fine in one HCP account, but not in another. One account has a HANA version 1.00.102.04.1453734118 (SPS 10). There the destination works with no issues.

    In another account, the HANA version is 1.00.112.05.1469552341 (SPS 11).

    There we have the following issue. The user is recognized, but the HTTP request returns code 403 - Forbidden. If the same service is called directly from a browser, it works fine, so it doesn't seem to be due to a lack of rights. If the user is not present in HANA, it is created and then we get status code 500.

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 23, 2017 at 04:21 PM

    In our case we had the same problem on a HANA instance in HCP with SP11. After an upgrade to SP12 it worked as expected. Now we have an AppToAppSSO connection from one HCP Account where we are running the HTML5 App to another HCP Account where the HANA instance is located.

    Add comment
    10|10000 characters needed characters exceeded

  • Jan 23, 2017 at 04:21 PM

    In our case we had the same problem on a HANA instance in HCP with SP11. After an upgrade to SP12 it worked as expected. Now we have an AppToAppSSO connection from one HCP Account where we are running the HTML5 App to another HCP Account where the HANA instance is located.

    Add comment
    10|10000 characters needed characters exceeded