on 02-21-2024 9:50 AM
I created a CAP Service on Cloud Foundry with an approuter routing to an app created by SAP Build Apps. The routes and backend are protected by xsuaa
{
"welcomeFile": "/resources/index.html",
"routes": [
....
{
"source": "^/buildappsxxxx(.*)$",
"target": "/buildappsxxxx/$1",
"service": "html5-apps-repo-rt",
"cacheControl": "no-cache, must-revalidate",
"authenticationType": "xsuaa",
"csrfProtection": true
},
{
"source": "^/(.*)$",
"target": "$1",
"destination": "srv-api",
"authenticationType": "xsuaa",
"csrfProtection": true
}
],
"logout": {
"logoutEndpoint": "/logout",
"logoutPage": "/logout.html"
}
}
The service works fine; however, when the app is left idle and the auth token is expired, the user is not redirected to the login page, but the page appears completely empty. Upon inspection, I see that the request returns a status 200
and in the Response a script that should redirect to the login, but it is never invoked.
<html>
<head>
<link rel="shortcut icon" href="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7"/>
<script>
document.cookie = "fragmentAfterLogin=" + encodeURIComponent(location.hash) + ";path=/";
document.cookie = "locationAfterLogin=" + encodeURIComponent(location.href.split('#')[0].split(location.host)[1]) + ";path=/";
document.cookie = "signature=80wKzBh2tsdpceVBKzWDag7PAKk%3D;path=/";
location = "https://xxx.authentication.xx.hana.ondemand.com/oauth/authorize?response_type=code&client_id=xx&redirect_uri=https%3A%2F%2Fxxx.hana.ondemand.com%2Flogin%2Fcallback"
</script>
</head>
</html>
My question here naturally is how can I avoid this issue and redirect the user to login when the session expires?
User | Count |
---|---|
83 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.