Skip to Content
0

Portal 7.5 Fiori iView and cross domain issue

Dec 13, 2016 at 12:53 AM

326

avatar image
Former Member

Hi

We are on SAP Portal 7.5 SP4. Our SAP Gateway runs the fiori applications. We have integrated the Fiori applications in SAP Portal via Fiori iViews. Both Gateway and SAP Portal are accessed via the same hostname https://portal.dev.sap.sys.com.au.

The Fiori iViews are opened in Standards Mode in a new window and I have no issues with rendering (although I see an "Access is Denied" on the fiorilaunchpad.html at Line 1 <!DOCTYPE html> as soon as I access any application - only on IE11).

When I run the integrated Fiori application, I notice that the parent (portal) frame's document.domain is dev.sap.sys.com.au (due to domain relaxation parameter that is set to '1' in the SAP Portal), but the embedded Fiori application's document.domain is portal.dev.sap.sys.com.au (as there is no domain relaxation). Since the two domain names are different, I believe it prevents a custom java script to run (the script tries to set a custom window title each time the user navigates between fiori application within the same iframe) and I see a "Permission Denied" error.

Is there a way to overcome this and ensure both parent and child frames run out of the same domain?

And also, why do I see the "Access is Denied" on the fiorilaunchpad.html at Line 1 <!DOCTYPE html> on IE11?

Thanks

Manoj

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Santarshi Samanta
Jan 21, 2017 at 12:01 PM
0

Hi Manoj

Can you refer to the below Note and check the Solution section of it

632440 - Domain barrier in the browser of the SAP Enterprise Portal

Regards

Santarshi Samanta

Share
10 |10000 characters needed characters left characters exceeded
avatar image
Former Member Jan 21, 2017 at 12:58 PM
0

Hi Manoj

Did you configure SSO between portals and FIORI?
Also check the note Https: //launchpad.support.sap.com/#/notes/0002159924

Regards

Share
10 |10000 characters needed characters left characters exceeded
Nick Rankin
Jan 26, 2017 at 02:03 PM
0

Hi Manoj,

Gateway Fiori uses Clickjacking protection which will block application working under iframe (which iview is using). You'll need to setup Clickjacking whitelist as per Note: 1872800 even with domain relaxing.

Best regards,

Nick

Share
10 |10000 characters needed characters left characters exceeded