I created a CAP Service on Cloud Foundry with an approuter routing to an app created by SAP Build Apps. The routes and backend are protected by xsuaa
{
"welcomeFile": "/resources/index.html",
"routes": [
....
{
"source": "^/buildappsxxxx(.*)$",
"target": "/buildappsxxxx/$1",
"service": "html5-apps-repo-rt",
"cacheControl": "no-cache, must-revalidate",
"authenticationType": "xsuaa",
"csrfProtection": true
},
{
"source": "^/(.*)$",
"target": "$1",
"destination": "srv-api",
"authenticationType": "xsuaa",
"csrfProtection": true
}
],
"logout": {
"logoutEndpoint": "/logout",
"logoutPage": "/logout.html"
}
}
The service works fine; however, when the app is left idle and the auth token is expired, the user is not redirected to the login page, but the page appears completely empty. Upon inspection, I see that the request returns a status 200
and in the Response a script that should redirect to the login, but it is never invoked.
<html>
<head>
<link rel="shortcut icon" href="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"/>
<script>
document.cookie = "fragmentAfterLogin=" + encodeURIComponent(location.hash) + ";path=/";
document.cookie = "locationAfterLogin=" + encodeURIComponent(location.href.split('#')[0].split(location.host)[1]) + ";path=/";
document.cookie = "signature=80wKzBh2tsdpceVBKzWDag7PAKk%3D;path=/";
location = "https://xxx.authentication.xx.hana.ondemand.com/oauth/authorize?response_type=code&client_id=xx&redirect_uri=https%3A%2F%2Fxxx.hana.ondemand.com%2Flogin%2Fcallback"
</script>
</head>
</html>My question here naturally is how can I avoid this issue and redirect the user to login when the session expires?
- SAP Managed Tags:
Accepted Solutions (0)
Answers (0)
| User | Count |
|---|---|
| 83 | |
| 10 | |
| 10 | |
| 9 | |
| 7 | |
| 6 | |
| 6 | |
| 6 | |
| 5 | |
| 4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.