cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unable to read Business User Attributes in HANA DB in Cloud Foundry

Go to solution
former_member527468
Participant

on ‎06-20-2018 10:30 AM

Hello Experts,

I have created a simple MTA App in Cloud Foundry that connects to Hana DB through Node JS. This app defines a role template 'Viewer' with display scope and a user attribute 'Country'. After the app is deployed, I have created a role and role collection from this template and assigned it to the business user.

Now, I am unable to read these attributes in the database level. I am issuing a simple select.

Select session_context('XS_COUNTRY') from dummy;

But this shows null as result.

select from M_SESSION_CONTEXT and select session_context('APPLICATOINUSER') are also showing null values.

I am able to see the scope and the user attributes in the JWT token in the Node JS app level though.

Am I missing anything? This app is deployed on cloud foundry trial instance.

The project can be accessed from Link

Show replies
Show replies
rakshetha_jn
Associate
Associate
‎02-13-2019 1:31 PM
0 Kudos

hi Ajit

I am in a similar scenario , were you able to retrieve the Attribute value in HANA .

best regards

Rakshetha

Answer

Accepted Solutions (1)

Accepted Solutions (1)

thomas_jung
Developer Advocate
Developer Advocate
‎06-20-2018 8:50 PM

I think you problem might be that you are loading the hdbext middleware before you process the JWT token via passport. Therefore there is no token information to inject into the DB session because it hasn't been processed yet. I'd recommend loading the security information before loading the database middleware as in this example:

https://github.com/SAP/com.sap.openSAP.hana5.example/blob/hana2_sps03/core_node/server.js

The example referenced above has no problem seeing the APPLICATIONUSER or custom attributes in the session context.

Show replies
Show replies
former_member527468
Participant
‎06-25-2018 7:46 AM
0 Kudos

Thanks Thomas,

I have tried this. However, now I am getting an 'Internal server error' when running the App. The core-js service logs shows the below error message: 

[APP/PROC/WEB/0] ERR Error: the predefined session variable cannot be set via SET command: XS_APPLICATIONUSER

Up on further research about this error, I came across the Note: 2470084 which says:

The HANA instance in your SAPCP account has by default no direct connectivity to XSUAA.

And I am following the steps under b) Sap Cloud Platform (SAPCP) of that Note to establish this trust.

I have done the following:

- Downloaded xsuaa_hdbtrust_sql.sh bash shell script on my laptop
- My operating system being Windows, I downloaded cygwin to run this script.

- Obtained metadata URL as explained in step 1.

- Executed the following as explained in step 2: 

/cygdrive/c/Users/ajc5cob/Desktop/Software/xsuaa_trust
$ ./xsuaa_hdbtrust_sql.sh -a https://XXXXX.authentication.eu10.hana.ondemand.com/sap/trust/jwt -q ~/xs_appuser.sql

However, this gives the following error:

./xsuaa_hdbtrust_sql.sh: line 71: curl: command not found
###############################################
Error
The response from request to base
URI https://robertbosch.authentication.eu10.hana.ondemand.com/login was empty
Check your parameter -a and/or your XSUAA on https://XXXXXXX.authentication.eu10.hana.ondemand.com
###############################################
Usage: ./xsuaa_hdbtrust_sql.sh <options>
This bash script calls xsuaa REST endpoints for JWT trust and creates a SQL script for manual execution
Options:
 -a:      xsuaa base URI [default: https://localhost:30032/uaa-security]
 -i:      SQL template in [default: xsuaa_template.sql]
 -q:      SQL file created [default: xs_appuser.sql]
 -n:      HANA host name:port [default: EMPTY, no hdbsql used]
 -u:      HANA system user name [default: system]
 -p:      HANA system user passwordsa

Not sure how to proceed further. I have tried this on my Trial SCP and Productive SCP Accounts. And I get the same error. Please advice,

When I access https://XXXXX.authentication.eu10.hana.ondemand.com/sap/trust/jwt manually through browser, I am getting the access token.

Thanks in advance,

Ajith

Answers (1)

Answers (1)

onivaldo_valentin
Discoverer
‎03-01-2020 9:21 PM
0 Kudos

Instal on cygwin curl, link: https://stackoverflow.com/questions/3647569/how-do-i-install-curl-on-cygwin

Show replies
Show replies
Ask a Question