Skip to Content
author's profile photo Vaibhav Surana
0
Vaibhav Surana
Sep 05, 2018 at 02:32 AM

Application-to-Application SSO web dispatcher HANA

322 Views Last edit May 24, 2020 at 11:25 AM 2 rev

Hi,

We have an SSO setup using SAML on our HANA box. The HANA services are exposed via an SAP Web-Dispatcher. Web dispatcher is a public exposed proxy system. HANA xs requests are redirected to ADFS for login and the authentication works well.

Hana: http:myinternalHostForHANA.com/XSProject => Works

Web Dispatcher: https://myExternalHost.com/XSProject => Works

Since the internal host is not exposed externally it cannot be used as destination in SAP Cloud. Also, the other option via cloud connector is being worked on, it as it's own issues.

Web Dispatcher in Cloud destination: https://myExternalHost.com/XSProject => Doesn't Work.

Error in webide: Internal Server Error 500: StatusCode in ResponseMessage != OK; please refer to the database trace for more information

Error in HANA: XSSessionLifecycle.cpp(00341) : Assertion authentication for user failed with reason: Unable to verify XML signature(StatusCode: , StatusMessage: ) [49366]{49366}[-1/-1] 2018-09-04 14:15:54.592005 e XSRequestHandler RequestHandler.cpp(00805) : exception 1: no.1000090 (HttpClient/Web/WebEntityBase.h:78) Reached unreachable code exception throw location: 1: 0x00007fb28580888c in xsengine::SessionManager::doSAML(ltt::smartptr_handle &, httpclient::WebRequestInternal const&, httpclient::WebResponseInternal&, xsengine::ResourceInfo const&, xsengine::XSAAuthMethod const*, unsigned long long&, ltt::unique_ptr >, ltt::with_alloc_t, ltt::default_delete > > >&, bool, bool)+0xa08 at WebEntityBase.h:78 ( libhdbxsapi.so) 2: 0x00007fb285808998 in xsengine::SessionManager::doNonInteractiveAuth(ltt::smartptr_handle &, httpclient::WebRequestInternal const&, ltt::vector const&, httpclient::WebResponseInternal&, xsengine::ResourceInfo const&, unsigned long long&, ltt::unique_ptr >, ltt::with_alloc_t, ltt::default_delete > > >&, bool, xsengine::SessionManager::basicAuth&, bool)+0x104 at XSSessionManager.cpp:707 ( libhdbxsapi.so) 3: 0x00007fb28580a0b5 in xsengine::SessionManager::authenticate(ltt::smartptr_handle &, httpclient::WebRequestInternal const&, httpclient::WebResponseInternal&, xsengine::ResourceInfo const&, xsengine::AuthMethod::Type, bool, ltt::vector const*, bool, bool*)+0x281 at XSSessionManager.cpp:927 ( libhdbxsapi.so) 4: 0x00007fb2ac633a36 in xsengine::RequestHandler::handleRequest(ltt::smartptr_handle &, int)+0x3692 at RequestHandler.cpp:580 ( libxsengine.so) 5: 0x00007fb2ac63c935 in xsengine::RequestJobWrapper::run(Execution::Context&, Execution::JobObject&)+0x41 at RequestHandler.h:77 ( libxsengine.so) 6: 0x00007fb2875fd997 in Execution::JobObjectImpl::run(Execution::JobWorker*)+0x1233 at JobExecutorImpl.cpp:1099 ( libhdbbasis.so) 7: 0x00007fb2876095f5 in Execution::JobWorker::runJob(ltt::smartptr_handle &)+0x3b1 at JobExecutorThreads.cpp:223 ( libhdbbasis.so) 8: 0x00007fb28760bc47 in Execution::JobWorker::run(void*&)+0x203 at JobExecutorThreads.cpp:442 ( libhdbbasis.so) 9: 0x00007fb287661827 in Execution::Thread::staticMainImp(void**)+0x743 at Thread.cpp:464 ( libhdbbasis.so) 10: 0x00007fb287662e98 in Execution::Thread::staticMain(void*)+0x34 at ThreadMain.cpp:26 ( libhdbbasis.so)

Attachments
hana-cloud-sso.png (22.7 kB)
hana-cloud-sso-2.png (30.6 kB)