1 2 3 28 Previous Next

SMP Developer Center

407 Posts

Hello SMP Developers, Administrators

 

I would like to share my experience on current requirement for my project. There was already one OData native application available on SMP (with offline functionality).

Previous requirement: one offline application (with its ini file imported in Admin cockpit) connecting to one back-end URL. Things were fine.


New requirement: For next release of this mobile app, there should be a new backend URL but old one should also be there in the same app configration. It sounded like accessing more than one OData services in one application

 

So where was the problem?

 

You might have noticed that to make your app to work in offline mode, you have to import its .ini file that has information like how OData producer should be processed by mobile platform and store the offline data, offline DB pre-population, client index, defining requests and so on.

Our first impression was, if there are 2 back-end URLs, there would be 2 .ini files to be imported. But when we try to import second file (one ini file was already there containing info regarding first back-end url) , status of first ini file changes to 'No Custom Settings'

 

1.jpg

 

Then, we realized and concluded that information from both files should be combined into a single one and that the one should be imported. Now for both connection names' status is showing 'Configured'

 

2.png

 

Tips:

 

1. Sequence in.ini file should be:

     [endpoint]  <<could be either backend connection name>>

     [defining request]

     [defining request]

     .

     .

     .

     .

      [endpoint]

     [defining request]

     [defining request]

     .

     .

     .

 

2. name=com.test.test

     name=com.secondary.endpoint

     should be the same names as connection names for backend URLs (already explained here)

3. Before importing the new .ini file, make sure you have back-up file for old ini.

4. To retrieving data from 1st back-end URL,

  • On-board user on SMP
  • GET call: http(s)://smp:port/com.test.test 

 

5. To retrieving data from 2nd back-end URL,

  • On-board user on SMP
  • GET call: http(s)://smp:port/com.secondary.endpoint

 

Regards,

Jitendra

OData Provisioning feature in HANA Cloud Integration (HCI) converts non OData protocols to OData, hence HCPMS applications can consume it. This feature is similar to what Integration Gateway do in SMP 3.

 

2016-04-15_14-08-17.jpg

 

In this blog I am explaining how to create HCPMS mobile app using OData service I created from an existing SOAP service as mentioned in my blog.

Business Scenario

Data from backend is exposed as SOAP service. It is possible to define backend of HCPMS application with SOAP service, but the application will not get all the benefits of HCPMS, ex. Offline.

So, to create a mobile app with all features of HCPMS, SOAP has to be converted into OData. To convert SOAP to OData we need to use HCI.

 

Step to Step Procedure

As mentioned in this blog OData service was created, it will be used as backend in HCPMS application.

The following steps will guide you through creating an HCPMS application, and testing it on a simulator.

 

Web IDE is used to create the hybrid app.

 

Configure app on HCPMS

  • Logon to HCPMS cockpit. Click on Applications tile.

      2016-04-17_20-25-32.jpg

  • Press the + icon to create a new application.

      2016-04-17_21-59-04.jpg

  • In the create application screen enter below details. Click Save. Note: Security configuration as Basic means it require Basic Authentication.

      2016-04-17_22-13-57.jpg

  • Click on Configure. Then click on Backend.

      2016-04-17_22-22-12.jpg

  • Fill in the details as given below. Then click Save to complete your configuration.

     2016-04-17_22-24-28.jpg2016-04-17_22-31-51.jpg

Create Mobile App using Web IDE

  • Logon to SAP Web IDE select Local root and open the context menu by right clicking.
  • Choose New > Project from Template to open the new project creation wizard.

      Untitled.png

  • On Template Selection page click on SAPUI5 Master Detail Kapsel Application. Click Next.

      2016-04-17_22-46-40.jpg

  • Enter a name for your project and click Next.

      2016-04-17_22-49-11.jpg

  • Next, choose the backend and provide details to complete the base URL as given below. Click  “Load Service Metadata” button, it will list the OData collections of the OData service. Click Next.

      2016-04-17_22-51-14.jpg

  • Note: I have configured a destination with the details of my HCI system as given below. This backend was used in the above step.

     2016-04-17_23-19-16.jpg

  • Fill out the Project Namespace, Master Section, Master Data Fields and Detail Section as displayed in the screenshot.

     2016-04-18_11-45-49.jpg2016-04-18_12-50-12.jpg

  • Click Next.
  • Click Finish to create the project.

      2016-04-18_12-54-53.jpg

  • To run this app as a hybrid app, right click on the project > Project Settings.

      2016-04-18_12-58-27.jpg

  • Under Device Configuration provide below details. Click Save. Note: I am going to test this app on iOS simulator hence chose iOS as the mobile platform. Logon plugin is used to login to HCPMS from the app.

     2016-04-18_13-03-51.jpg      2016-04-18_13-10-33.jpg

  • Finally, to test the app on a simulator right click on the project > Run > Run On > iOS Simulator. Note: To use this feature you need HAT configured.

     2016-04-18_13-13-20.jpg

  • The application will be installed on the iOS simulator. Backend credentials has to be provided to login to the app. Note: In the background Web IDE is creating a cordova project with the plugins and platforms we chose during device configuration.

      2016-04-18_13-21-57.jpg2016-04-18_13-22-36.jpg

CC:

SAP for Mobile

 

Regards, Midhun

SAP Technology RIG

Hi,

This time we have put the following features into the release:

 

  • OAuth Authentication for Back-end Connections
  • Flagging of Account Types
  • Enhanced User Registration Data
  • Application List Enhancements
  • Canonical ID support for Google Push Notifications
  • Mobile Services Preview

 

OAuth Authentication for Back-end Connections

 

By allowing OAuth authentication for back-end connections we allow for more secure connectivity towards other cloud services like SAP Jam or SAP Cloud4Customers.

Picture1.pngNow it is no longer necessary to use HTTP Basic authentication as a fallback to create integrated mobile applications. Here is how the OAuth configuration for back-end connections looks like:

 

Picture2.png

Flagging of Account Types

 

With this release we introduced the option to qualify your account as a being used for production or other purposes. This has two effects. First, when you work with multiple accounts, you now have a better visibility for what the current account is being used to. In addition, HCP mobile services DevOps team can better allocate necessary resources to your account if marked “production”.

 

Please be aware that flagging an account as “production” is a non-reversible action.

 

In the settings section, you can now find a new tile labeled “Account Type”. Here you can specify a tag to identify the purpose of your account.

Picture3.png

You can specify either “production” or “non-production” and provide a description. Possible options where e.g. “HR development” or “q-landscape”. Basically, the description is free text that should make sense to you.

 

Picture4.png

 

Once you have saved your changes, you can see the account information whenever you click on your user profile icon in the upper right corner of the Administration Cockpit:

 

Picture5.png

Enhanced User Registration Data

With this HCP mobile services 1603 we introduced a new version of our registration API.

Under

 

https://{host}/odata/applications/v4/{APPID}/Connections

 

you can now put additional attributes into the user registration context of your user’s device.

 

We added the following values:

 

Property

Description

UserLocale

users preferred language

TimeZone

users time zone

LastKnownLocation

geolocation

CreatedAt

registration time

PushGroup

custom value

Email

users email address

 

So if you create a user registration using the REST API (see Documentation)  you can easily add these attributes:

 

POST https://{HOST}/odata/applications/v4/{APPID}/Connections

Content-Type : application/json

Authorization : Basic XYZ

 

{

"DeviceType":"Windows"

}

 

 

<content type="application/xml">

      <m:properties>

     ….

<d:ApplicationConnectionId>172038f3-ccc7-4b75-830f-5ef399ee7afd</d:ApplicationConnectionId>

         <d:UserName m:null="true" />

         <d:UserLocale m:null="true" />

         <d:TimeZone m:null="true" />

         <d:LastKnownLocation m:null="true" />

         <d:CreatedAt m:type="Edm.DateTime">2016-03-18T07:42:13.166</d:CreatedAt>

         <d:PushGroup m:null="true" />

         <d:Email m:null="true" />

      </m:properties>

   </content>

 

While the application runs, you can now update the properties to update the values whenever you want.

 

POST https://{HOST}/odata/applications/v4/{APPID}/Connections(‘{APPCID}’)

X-HTTP-METHOD:MERGE

Content-Type:application/js

 

 

{

"UserLocale":"de_DE",

"PushGroup":"News",

"LastKnownLocation":"49.2936957,8.6394329",

"Email":"noone@email.com"

}

 

Canonical IDs

 

If a bug in the client app triggers multiple registrations for the same device, it can be hard to reconcile state and the client app might end up with duplicate messages.

Implementing canonical IDs can help you more easily recover from these situations. A canonical registration ID is the registration token of the last registration requested by the client app . This is the ID that the server should use when sending messages to the device.

If you try to send a message using an old registration token, GCM will process the request as usual, but it will include the canonical ID in the registration_id field of the response. Make sure to replace the registration token stored in your server with this canonical ID, as eventually the old registration token will stop working.

 

Mobile Services Preview

 

Silently we have released the option for customers (and not for trial) to subscribe a preview landscape in the HCP Cockpit (upon request).

This subscription behaves exactly like the productive version of HCP mobile services, but it runs one version ahead. The idea is, that customers can create automated regression test against this landscape and in addition developers can check how a new feature behaves. This landscape or better: additional subscription is much less resources than a productive landscape assigned and therefore it is not meant to be used for any other purposes.

 

Picture6.png

 

This is an illustration about how the Preview works from a timing perspective:

 

Picture7.png

 

Hope you will enjoy the new features. Let us know what you think about the new stuff.

 

Have Fun,

Martin

In this article, we will see how one can develop a hybrid mobile application in WebIDE using HAT and then register it with HCPMS .

 

Please note that there are certain prerequisites that need to be fulfilled before we try to create Hybrid Mobile app .These have been mentioned very nicely here -

https://open.sap.com/courses/mobile2/items/09VyUvkiTYy78ePyRLqDBp

 

 

Step 1 - Creation of Hybrid Mobile App on WebIDE



Ceate.jpg

 

Step 2 - Device Settings

 

Right Click on the project name and select Project Settings . Then select device settings to configure device properties.

Provide App Name , App ID , Description and Version . Make a note of the App ID as this will be used later in HCPMS .

Under Build Options , select Debug Mode for our purpose .

Under Platforms , select your desired platform(s) on which you intend to deploy the app .

Under Plugins , go to Kapsel Plugins and select Logon Manager . If this is not selected , the device will not register on HCPMS as this plugin contains the required code for registration .

Now save and close .


Step 3 - App Configuration on HCPMS


Open the HCPMS service from your HANA Platform cockpit . Go to Applications and Click on Create. You will see a screen similar to what is shown below -


HCPMS1.jpg

Fill in the values as above . The Application ID should be the same as the one that was entered in step 2 . Security Configuration can be set to None . After saving , the application can be seen in the list . Click the settings icon against the application and click on the Back End tab . Set the configuration as shown below . Please note that I have used Northwind for oData and hence mentioned it here against Back-End URL . You can enter your applicable back end URL here .



HCPMS2.jpg


 

Step 4 - Deploying the app to Device/Emulator

 

In the WebIDE , right click on the name of the application , click on Run -> Run On -> Device/Emulator

 

HCPMS3.jpg

 

The Hybrid App would now be created and deployed on your Device/Emulator . This generally takes around 5 -7 minutes for me and could take the same time for you as well .

 

Step 5 - Opening the app on the device

 

You will see the following once the app deploys on your device/emulator

 

Dev1.jpg

 

Once you have filled in the user name and password , click on register to see the following screen .Screenshot_20160323-211527.png

I decided to disable the passcode and then clicked on Submit to be taken to my app .Dev3.jpg


At this point of time , the Kapsel Logon plugin would have run and the device would have registered itself on HCPMS . We can see the device entry by clicking on Registration and Users in HCPMS . You might have to adjust the date filters to see all devices .


HCPMS4.jpg

I recently started working on an HCPms / Kapsel project that makes use of the Offline OData plugin. While working on the project we thought it would be useful to have the ability to open the local offline database and examine the data in it. In the following, I will share how to do just that.

 

The following steps are involved:

  1. Installing SAP SQL Anywhere 17 / SQL Central
  2. Locating the database files
  3. Opening the database files in SQL Central
  4. Viewing the content of a table

 

Installing SAP SQL Anywhere 17 / SQL Central

The first step is to install SAP SQL Anywhere 17 available from here: https://go.sap.com/cmp/syb/crm-xu15-int-sqldevft/index.html. This installation includes the database administration tool SQL Central. SQL Central will connect to UltraLite databases – the format used by the Offline plugin.

 

Note: For me using Gmail, the e-mail with the download link ended up in “Promotions”

 

I won’t cover the installation process here in details, since it is more or less next, next, next. However, I will say that during installation I tried to limit what was installed to only what I needed. I select the “Database Client” for both 32 and 64 bit as well as the Database Administration tool. Everything else (including the Database Server components) I opted not to install.

 

Locating the database files

Once installation is completed, the next step is to obtain the actual database file(s). The Offline plugin splits data into two separate databases. One database for the actual offline entity data cache where you will find tables for each entity set and one database for the request queue where you will find request waiting to be send to the server as well as the table containing the error archive.

 

The location of the files will obviously differ from platform to platform. I initially tried this on Windows 8.1. I tested the application by opening the project directly in Visual Studio and a least in that case you will find the files here: “C:\Users\<username>\AppData\Local\Packages\<app id + identifier>\LocalState”.

The database files will be named after the name you supplied when opening the offline store (calling store.open() in javascript in our case). The files will be named as follows:

 

  • Offline entity database: <store name>.udb
  • Request queue: <store name>.rq.udb

 

On iOS, as far as I remember, you will find the files in the Documents directory. If you are running on the simulator this directory can be accessed directly via the file system, but if you are using an actual iOS device you will need a file explorer utility (such as https://www.macroplant.com/iexplorer/) to browse and extract the files.

 

I do not know where the files are located on Android but I would expect it to be similar.

 

Opening the database files in SQL Central

To open one of the database files in SQL Central, go to “Connections” and select “Connect with UltraLite 17…”

 

1.png

 

Next select “Browse” and locate the file you want to open (in my case I opened the entity data cache). Next select “Open”.

 

2.png

 

After selecting the path to the database file, select “Connect” to open the connection to the database. This will take you to a view like this:

 

3.png

 

You can now inspect the metadata of the database. Double clicking “Tables” will display the tables in the database. If you scroll to the bottom of the list, you will see the tables that contain the actual entity data (names starting with a “random” character sequence in the image below).

 

4.png

 

Viewing the content of a table

To view the content of a table, right click it and select ”View Data in Interactive SQL”.

 

5.png

 

This will bring up the Interactive SQL query windows with a prepopulated SELECT statement for the selected table. The query will be executed automatically and the result will be displayed in the bottom half of the window.

 

6.png

 

So there you have it. The next time you are wondering if a particular piece of data is actually in the database (or if you just want to have a look at how the Offline plugin stores data under the hood), just open the database and have a look!

 

Hopefully someone finds this helpfull - feel free to leave comments, suggestion or corrections below!

 

Best regards,

Olav Rask

The SAP Discovery Service is documented in HCPms and SAP Mobile Secure Admin docs.  This post details using the REST API directly, how to set up your domain with the Discovery Service, and also how to prepare an iOS application to use Discovery Service.

SAP Discovery Service

One of the most basic problems in deploying an enterprise app which end-users acquire through a public app store is getting your organization's server connection & configuration settings to the app when it's installed, without forcing your end-users to jump through hoops.  SAP has delivered the SAP Discovery Service cloud solution, which allows you to publish app connection settings for end users on your email domain/sub-domains, using just their email address.  SAP Discovery Service is integrated with HCPms and SAP Mobile Secure services.

 

At a high level, the process is as follows:

  • Register with SAP Mobile Secure, receive onboarding email
  • Activate your Discovery Service provider ID
  • Update your DNS system with a TXT record that SAP can access with advanced DNS query, to verify you are the owner of the domains/subdomains for which you'll publish app configurations
  • Activate the domains with Discovery Service, for your provider ID
  • Publish your app configurations to Discovery Service, for your provider ID & domain
  • End users are prompted for their email address when they launch an app for the first time.  The app makes a request to Discovery Service, which does a lookup for configurations for the domain + application ID.
  • If the configurations are available, the application uses them to attempt to register to the SMP/HANA Cloud Platform, Mobile Services endpoints

End User Experience

The end user experience is quite simple.  When using the regular Logon component in your app, the end users may see your splash screen (1), and/or launch directly to the 'Acquire Settings' screen (2).  There, the end user is prompted for an email address on their corporate domain.  On entry, the client fetches the connection settings for that ApplicationID + Version + Domain combination.

 

If the app requires the end user's Basic credentials, the end user is prompted for credentials, and the acquired settings are pre-populated on the Login screen (3).

 

If the app uses SAML2 or Client Certificate authentication, the Login screen is not displayed, and instead, the SAML2 authentication challenge is handled in a webview.  If the app uses Client Certificate authentication, the Login screen is displayed, with the pre-populated connection settings, and end-users should click 'Login' to continue.

 

Discovery Service onboarding flow, with Basic auth

The Splash Screen may be disabled, by editing the plist property in MAFLogonUING.bundle/MAFLogonUIOptions.plist:  set keyMAFLogonUseSplashScreen = NO.

This is a one-time operation, and connection settings are persisted for the lifetime of the app.  End users can re-acquire connection settings by resetting the app, or un-registering (if supported in the app).

Adding Discovery Service to your app as a Developer

The Discovery Service UI is baked-in to the Logon component and flow, so there is very little additional work required to include it in your project.

Important:  Discovery Service features in the SDK are typically notated as Mobile Place.   So, MobilePlace == Discovery Service in the libraries and bundle names.  'Mobile Place' is actually a product codename for SAP Mobile Secure, which is the team managing the SAP Discovery Service deployment.

  1. Make sure that Logon component is added to your project, along with the required bundles

     

    The typical set of bundles to add to your project includes:

    MAFUIComponents.bundle HttpConvAuthFlows.bundle Logger.bundle MAFLogonManagerNG.bundle MAFLogonUI.bundle Settings.bundle MobilePlace.bundle 
  2. Add MobilePlace.storyboard, from MobilePlace.bundle

     

    A detail in the way xCode reads linked resources requires you to explicitly add MobilePlace_iPhone.storyboard to your project.  (This file works for iPad as well.).

     

    In your xCode Project Explorer, explode MobilePlace.bundle > Base.lproj, and then drag MobilePlace_iPhone.storyboard up into the project itself.  It will appear side-by-side with the bundles.

    Add MobilePlace_iPhone.storyboard to project

  3. Ensure that MAFLogonUING is set to show Discovery Service UI

     

    Verify that the key value in MAFLogonUING.bundle/MAFLogonUIOptions.plist: is set to keyMAFLogonUseMobilePlace = YES.

     

  4. Optional:  Disable configuration check by MAFLogonManagerNG to SAP Afaria MDM client

     

    SAP has supported distributing configurations and client certificates natively between the Logon component and SAP Afaria, and continues to do so in SAP Mobile SDK 3 SP05.  However, if the applications are configured to get configurations from Afaria, and fail to find configurations from Afaria, then they will not fall-back to try the Discovery Service.  So, if you are distributing your application through a public app store, be aware that you should either:

     

    a) Caution customers who have already deployed SAP Afaria, that they should distribute configurations via SAP Afaria

    b) (recommended):  Disable SAP Afaria feature on MAFLogonManagerNG, by setting key value keyMAFUseAfaria = NO in MAFLogonManagerNG.bundle/MAFLogonManagerOptions.plist.  Then, have your customers upload their application connection configurations to Discovery Service.  If your customers are also using SAP Afaria for distibuting client certificates, then you can enable them to continue to do so by implementing the <CertificateProvider> protocol in your application, so that the provider invokes the Afaria APIs for obtaining the client certificate.  In this way, the Discovery Service will be used to obtain the configurations, and the ClientCertificate protocol will be called by Logon, and the client certificate will be supplied by Afaria.

    Note:  It is possible for customers to adopt option (b) on net-new applications, but still support their existing configuration landscape with SAP Afaria for apps already deployed to app stores & end users.

  5. Build and run.  The 'Acquire Settings' screen should appear, and you will be able to see the request and response from the Discovery Service in the console

    2014-08-15 TravelAgency_RKT[] URL: https://discovery.sapmobilesecure.com/config-api.svc/ApplicationConfigurations/getApplicationConfiguration(AppConfigID='flight:1.0',EmailAddress='stan@sap.comEmailAddress='stan@sap.com') 2014-08-15 TravelAgency_RKT[] received response: { "host" : "smpqa12-01.sybase.com", "port" : 80, "protocol" : "http"} 

Upserting Application Configurations to Discovery Service

Upserting configurations to Discovery Service can be done natively from the Admin UI of HANA Cloud Platform Mobile Service ('HANA Mobile'), or directly, via the REST API.

Common to HANA Mobile and REST API

  1. Register with SAP Mobile Secure, to obtain a Provider ID and Activation Token

    You'll receive a welcome email, containing your keys.  This email is valid for 24 hours, so you should plan to complete the onboarding within that window.

    Discovery service welcome email

  2. Add a TXT entry to your DNS records, containing your provider ID

     

    In order to prove that you are the owner of the domains / subdomains for which you are publishing application configurations, we require that you add a text record to your DNS system.  This indicates that you do indeed have Admin rights on these domains, and prevents impersonation during this onboarding sequence.

     

    The procedure for editing TXT records on your DNS will vary from provider to provider, but the format of the record should be identical.  I'll share the steps for Network Solutions LLC, who hosts my domain, and for a personal developer setup, a simple GoDaddy domain would work similarly.

     

    This should result in a finished record like the following:

    1. In your account view, go to Advanced DNS Settings (Edit).  Skip through the add-ons splash ads.
    2. Select Edit TXT Records
    3. In the Add/Edit Text(TXT Records) - Currently Managing Domain :  form, add a new record with Host = _sap_mobsec, and Text = providerid=<My Provider ID>

 

Next, pick the instructions for HANA Cloud Platform, Mobile Services (not yet released), or for the REST client (use the REST client, if you have SMP installed on-premise).

With HANA Mobile

HANA Cloud Platform, Mobile Services is documented on help.sap.com.  Please refer to documentation there.

With REST Client

All services described here are available as a POSTMAN collection.  POSTMAN is a free REST API tool available on the Chrome Web Store, with an optional native installer.  To get the API collection, launch POSTMAN, and select Import Collection.  Paste this URL in the form:  https://www.getpostman.com/collections/51615332081eda73a86c, and you should then see a collection named SAP Discovery Service in your explorer.

Activate your Provider ID and obtain a Secret Key

Select POST activateApplicationServiceProvider API.  Insert your Provider ID in the designated query parameter, and add the ActivationToken in the POST body payload as a JSON key value

{     "ActivationToken":"<My Activation Token>" } 

The response should include your Secret Key.   Do NOT lose this key!

{     "SecretKey":"<Secret Key Response>" } 

Add an Email domain to your Provider account

Once your _sap_mobsec TXT record is deployed on your DNS, you can add the domain to your Provider account.  This (and all REST calls from here on out) are a slightly more complicated procedure, that must be completed within 5 minutes of start.  So, don't worry if you timeout the first attempt; it will soon be easy.

  1. Download Signature.htm from Github.
  2. Edit the file, and paste your Provider ID and Secret Key into the prompted variable values
  3. In POSTMAN, execute GET /date.  Switch to the Response Headers tab, and copy the Date value  (e.g.:  Fri, 15 Aug 2014 23:03:16 GMT).
  4. Paste the Date value into the time variable in Signature.htm, and load the page.  You should see a result like the following:

    Wed, 13 Aug 2014 17:40:28 GMT New Signature ProviderID=91d4167f97dd3a328cfb8098383920,Signature=lepHz71dMjqAeri322jfk39sjnl2zkM7eMOg+4l5uo= 
  5. In POSTMAN, select the POST upsertEmailDomain service.  Paste the Date value into the x-sms-date header value, and the New Signature value into the x-sms-authtoken header value

  6. Add a JSON object to your POST body, containing your ProviderID and EmailDomain

    {"ProviderID":"<My Provider ID>", "EmailDomain":"<My Email Domain"} 

    Execute Send.

     

    If you succeed, you will get a response payload containing your email domain.  If you fail, you'll the appropriate error message, and you may retry.  Some DNS providers have a waiting period for syncing the TXT records, so check to see that the _sap_mobsec TXT record is active.  Save your request, so that your JSON body is retained.  Repeat steps 3, 4, and 5, and re-send.

Upsert an application configuration for your domain

Once your email domain is active on the Provider account, you can push up application configurations.  Application configurations have the following minimum required payload:

{     "host" : <host>,            //e.g. "sapwin-643.sap.com"    

"port" : <port>,            //e.g. 80    

  "protocol" : <protocol>     //e.g. "http" }

To upsert the application configuration, use POSTMAN to open POST upsertApplicationConfiguration.  Paste the JSON payload of your configuration into the POST body.  Then, follow steps 3-5 from POST upsertEmailDomain procedure to get the current Date, generate a Signature, and set the x-sms-date and x-sms-authtoken header values.

 

The new header values that you need to set are:  X-SMS-EmailDomain = one of the email domains registered to your Provider ID, and X-SMS-AppConfigID = your application ID:version.  This application ID matches the application ID in your SMP3 or HANA Mobile system, and in the application itself (e.g. in your Logon setup, you've invoked [self.logonManager setApplicationId:@"flight"];).  The version value currently defaults to "1.0", so you should concatenate ":1.0" to your application ID to construct this value.

Don't attempt to add the version in your Application ID itself, as the client library will automatically append "1.0" anyway.

Once these are set, you can POST the service, and you should see

Authentication Types
http://scn.sap.com/#basic-authBasic Auth

If you provide only these minimum connection settings, then the Logon client will assume that the authentication expects Basic auth, and will prompt end users for Basic credentials.

Client Certificates

If deploying for use with Client Certificates, then you should add an Auth Type value to the payload.  To instruct the client to invoke a <CertificateProvider> before attempting to register with the server (to obtain the certificate), expand the structure to include the following values:

{     ...    

"protocol" : <protocol>,    

  "auth" : [         {            

  "type" : certificate.sdkprovider         }

]

}

http://scn.sap.com/#saml2-identity-providerSAML2 Identity Provider

If deploying for use with SAML2 Identity Provider, you need to specify both that SAML is the auth type, as well as a set of configurations.   These are discussed in more detail here.

{    

...    

  "protocol" : <protocol>,

    "auth" : [        

  {        

  "type" : saml2.web.post,        

  "config" : {            

  "saml2.web.post.authchallengeheader.name" :"com.sap.cloud.security.login",            

  "saml2.web.post.finish.endpoint.uri" : "/SAMLAuthLauncher",            

  "saml2.web.post.finish.endpoint.redirectparam" : "finishEndpointParam",            

  }        

  }],

}

Hi,

This time we have put the following features into the release:

 

  • EDIT: HCP Subscription hidden
  • New Version Schema
  • Enhanced Data on Application Overview Screen
  • Capability based Push Enhancements
  • One Time Passcodes
  • Active User GLAS reporting

 

HCP Subscription hidden

This is just a configurational change in the trial landscape and not really a feature. As of now, the HCPms Admin Cockpit (HTML5 App) and the HCPms core (JAVA App) is not longer visible in the HCP Cockpit under "Subscriptions", this is to prevent accidentally changes on the trial subscription for HCPms. You can manage and access HCPms subscription under "Services".

 

New Version Schema

As of today we use a new versioning schema to label our releases. While the "16" indicates the year, "02" indicates the month of the release. This is inline with the SAP cloud versioning.

 

Enhanced Data on Application Overview Screen

Sometimes small improvements take a long time to mature. As a product manger I was trying to put these “feature” in for a real long time, but due to it’s minor priority it was constantly shifted from one release to another. At some point in time you have to really push the small things as well – otherwise they will contaminate your backlog. And finally, we have enriched the information on the Application Overview screen to show the URLs that the developers want to know, like Onboarding URL, Application URL that is the result of your configuration, push API URLs and more:

 

Property

Description

Server URL

used to configure your app

Mobile App URL

endpoint created by this App configuration, used within the App to access the Primary Back-End URL

Push URL

Subscription based Push API (NetWeaver/OData feed subscription callback URL)

Enhanced Push API URL

Push API that let’s you send notifications too e.g. all users of an App

Registration URL

URL where you send your POST request to get an APPCID

 

 

And this is how it looks like:

AppOverview.png

Capability based Push Enhancements

Maybe you already have seen the Capability based push scenario that mainly applies to Fiori Launchpad based applications. You can read more about that here: help.hana.ondemand.com


With this release of SAP HANA Cloud Platform mobile services we have extended the flexibility to handle the badge numbers you want to send to your mobile app that is comprising multiple push notification receiving apps. If you have such an application the back-end system typically has no clue about this and can only see the “capability”, which serves as an abstraction layer to the one-to-one push. This layer is entirely located on HCPms.

 

So with this release the back-end can attach a badge number per capability, which results in better and more accurate badge numbers on the mobile device, since HCPms will calculate the correct badge number for your app.

 

Example:

 

Let’s assume you send:


"badges": {

"capability1": 2,

"capability2": 4,

"capability3": 8

}


to the user “Peter”. Now, HCPms examines the capabilities for Peter that are registered. Currently Peter has an App that is registered for “capability2” and “capability3”, so HCPms send a notification to Peters device A with a badge count of 2. On Peters tables (device B) there is an App that is registered for “capability1” so another notification is send to device B with a badge count of 2.


One Time Passcodes

If you want to use one time passcodes to let your users enter your app, you can easily enable OTP in the Admin UI:

OTP.png


Unfortunately, that is only half of the story. There are some prerequisites to match before you activate this configuration.

 

This whole scenario is based on the assumption that you have configured your HCP account to use the SAP Cloud Identity Service to authenticate your mobile users. In addition, you need to use the SAP Authenticator App. So in order to use OTP you need:

 

  • SAP HANA Cloud Platform mobile services
  • SAP Cloud Identity Service
  • SAP Authenticator
  • A Mobile App using the Logon Component of the SAP Mobile SDK (SP11 PL01)

 

Then you need to establish trust between all parties according to the various guides.

 

Once you have setup all the prerequisites, your users will be challenged with an OTP whenever the users’ session need to be renewed.

 

Please make sure that the tradeoff between security and usability fits to your use case. For example, it would make no sense to use OTP in a B2C like application displaying public available product information. If you have a high security mobile app with sensitive data that then this feature is a perfect fit to your use case.


Active User GLAS Reporting

For all customer who are interested in a B2C license for HANA Cloud Platform mobile services, we have introduced the licensing audit for our B2C license, based on “active users” as part of the GLAS auditing report.



Have Fun,

Martin

Hi All,

 

The objective of this post is to explain all the methods that are available for registering a device in the SAP Mobile Platform using android programming.

I thought this was an important topic since there are many possible approachs to perform the registration, and it is difficult to get an insight in each of them when you are just giving your first steps using the SAP Mobile Platform and all the tools that it provides.

 

First of all, let's give a little definition of what is the On-boarding.

User on-boarding is the process of registering a user and giving them appropriate access to data and applications. Without being onboarded, a device is not available to use any of the functionalities provided by the SAP Mobile Platform, as Push Notifications, using authentication, etc.


There are three methods available for registering a device into the SMP for Android Native programming:

1) Calling the registration Endpoint provided by SMP


Request:

URL:

https://<SMP Server address>:<SMP Port>/odata/applications/latest/<appId>/Connections


METHOD:

POST


Header:

Content-Type: application/xml


Payload:

<?xml version="1.0" encoding="UTF-8"?>

<entry xmlns="http://www.w3.org/2005/Atom"

xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"

xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices">

<content type="application/xml">

<m:properties>

<d:DeviceModel>Samsung Galaxy S2</d:DeviceModel>

<d:DeviceType>Android</d:DeviceType>

<d:DeviceSubType>Smartphone</d:DeviceSubType>

<d:DevicePhoneNumber>555-555-1212</d:DevicePhoneNumber>

<d:DeviceIMSI>123456</d:DeviceIMSI>

</m:properties>

</content>

</entry>

 

Response:

<entry xmlns="http://www.w3.org/2005/Atom" xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices"xml:base="http://<host>:<port>/odata/applications/latest/<appId>/">

<id>

http://<host>:<port>/odata/applications/latest/<appId>/Connections('e6b41263-9d9d-4152-b148-34b95ae01a97')

</id>

<title type="text" />

<updated>

2016-02-24T20:23:38Z

</updated>

<author>

<name />

</author>

<link rel="edit" title="Connection" href="Connections('e6b41263-9d9d-4152-b148-34b95ae01a97')" />

<category term="applications.Connection" scheme="http://schemas.microsoft.com/ado/2007/08/dataservices/scheme" />

<content type="application/xml">

<m:properties>

<d:ETag>

2016-02-24 17:23:38.0

</d:ETag>

<d:ApplicationConnectionId>

e6b41263-9d9d-4152-b148-34b95ae01a97

</d:ApplicationConnectionId>

<d:AndroidGcmPushEnabled m:type="Edm.Boolean">

true

</d:AndroidGcmPushEnabled>

<d:AndroidGcmRegistrationId m:null="true" />

<d:AndroidGcmSenderId>

333666698688

</d:AndroidGcmSenderId>

<d:ApnsPushEnable m:type="Edm.Boolean">

true

</d:ApnsPushEnable>

<d:ApnsDeviceToken m:null="true" />

<d:ApplicationVersion>

  1. 1.0

</d:ApplicationVersion>

<d:BlackberryPushEnabled m:type="Edm.Boolean">

false

</d:BlackberryPushEnabled>

<d:BlackberryDevicePin m:null="true" />

<d:BlackberryBESListenerPort m:type="Edm.Int32">

0

</d:BlackberryBESListenerPort>

<d:BlackberryPushAppID m:null="true" />

<d:BlackberryPushBaseURL m:null="true" />

<d:BlackberryPushListenerPort m:type="Edm.Int32">

0

</d:BlackberryPushListenerPort>

<d:BlackberryListenerType m:type="Edm.Int32">

0

</d:BlackberryListenerType>

<d:CollectClientUsageReports m:type="Edm.Boolean">

false

</d:CollectClientUsageReports>

<d:ConnectionLogLevel>

NONE

</d:ConnectionLogLevel>

<d:CustomizationBundleId m:null="true" />

<d:CustomCustom1 />

<d:CustomCustom2 />

<d:CustomCustom3 />

<d:CustomCustom4 />

<d:DeviceModel>

Samsung Galaxy S2

</d:DeviceModel>

<d:DeviceType>

Android

</d:DeviceType>

<d:DeviceSubType>

Smartphone

</d:DeviceSubType>

<d:DevicePhoneNumber>

555-5525-1212

</d:DevicePhoneNumber>

<d:DeviceIMSI>

123456

</d:DeviceIMSI>

<d:E2ETraceLevel>

Low

</d:E2ETraceLevel>

<d:EnableAppSpecificClientUsageKeys m:type="Edm.Boolean">

false

</d:EnableAppSpecificClientUsageKeys>

<d:FeatureVectorPolicyAllEnabled m:type="Edm.Boolean">

true

</d:FeatureVectorPolicyAllEnabled>

<d:LogEntryExpiry m:type="Edm.Int32">

7

</d:LogEntryExpiry>

<d:MaxConnectionWaitTimeForClientUsage m:null="true" />

<d:MpnsChannelURI m:null="true" />

<d:MpnsPushEnable m:type="Edm.Boolean">

false

</d:MpnsPushEnable>

<d:PasswordPolicyEnabled m:type="Edm.Boolean">

false

</d:PasswordPolicyEnabled>

<d:PasswordPolicyDefaultPasswordAllowed m:type="Edm.Boolean">

false

</d:PasswordPolicyDefaultPasswordAllowed>

<d:PasswordPolicyMinLength m:type="Edm.Int32">

8

</d:PasswordPolicyMinLength>

<d:PasswordPolicyDigitRequired m:type="Edm.Boolean">

false

</d:PasswordPolicyDigitRequired>

<d:PasswordPolicyUpperRequired m:type="Edm.Boolean">

false

</d:PasswordPolicyUpperRequired>

<d:PasswordPolicyLowerRequired m:type="Edm.Boolean">

false

</d:PasswordPolicyLowerRequired>

<d:PasswordPolicySpecialRequired m:type="Edm.Boolean">

false

</d:PasswordPolicySpecialRequired>

<d:PasswordPolicyExpiresInNDays m:type="Edm.Int32">

0

</d:PasswordPolicyExpiresInNDays>

<d:PasswordPolicyMinUniqueChars m:type="Edm.Int32">

0

</d:PasswordPolicyMinUniqueChars>

<d:PasswordPolicyLockTimeout m:type="Edm.Int32">

0

</d:PasswordPolicyLockTimeout>

<d:PasswordPolicyRetryLimit m:type="Edm.Int32">

20

</d:PasswordPolicyRetryLimit>

<d:ProxyApplicationEndpoint>

http://ema.dummy.com

</d:ProxyApplicationEndpoint>

<d:ProxyPushEndpoint>

http://localhost:8080/Notification

</d:ProxyPushEndpoint>

<d:PublishedToMobilePlace m:type="Edm.Boolean">

false

</d:PublishedToMobilePlace>

<d:UploadLogs m:type="Edm.Boolean">

false

</d:UploadLogs>

<d:WnsChannelURI m:null="true" />

<d:WnsPushEnable m:type="Edm.Boolean">

true

</d:WnsPushEnable>

<d:InAppMessaging m:type="Edm.Boolean">

false

</d:InAppMessaging>

<d:FeatureVectorPolicy m:type="Bag(applications.FeatureVectorPolicy)" />

</m:properties>

</content>

  </

entry>


If you want to investigate more in detail this method, please refer to the following URL:

http://help.sap.com/saphelp_smp307sdk/helpdata/en/8a/251b61893340c6ad2ba418679a19d1/content.htm


2) Using the MAF Logon Component


The MAF Logon component is one of the most common reusable components of the Mobile Application Framework (MAF) and it provides easy integration for applications that use logon UI behavior. It is a key component, because before any communication can take place with a backend OData producer, the app needs to on-board users onto the SAP Mobile Platform.

This component can be very useful if you are looking for a quick win, but in the case you want to developer an application that provides a personalized experience, I would recommend to go for the method 3.

This component is perfect if you are doing some test, or if you are building a PoC.


If you want to get more details from this component, check the following post:

http://a248.g.akamai.net/n/248/420835/5df1fcfbdd794e073a8acd0f584ac9fd679f1b00fe2ee8a7b95788cd6d17c49b/sapasset.download…


It is important to clear out, that there is a way to customize a little bit this screen, and this is explained in the following blog:

Customizing MAF Logon Component in Android


Below some screens on how this component looks like:

 

 



Img01.png



img02.png


img03.png


3) Using the oData SDK


This is the best method if you are looking for a personalized experience, where you can define the screen with all the fields you want to show, and whatever look & feel you want to use.

For instance, below you can see an example of a custom screen design, different to the one provided by the MAF Logon Component.


img05.png


If you are interested in this approach, I encourage you to take a look at the following post:

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/30304722-614d-3210-65a6-faf86a032319?QuickLink=index&…


See you in the next post!

Emanuel

 






I am writing this blog to explain some of the issues that we had during the X509 setup self-signed by OpenSSL. Many a times we have documents from SAP to configure them but we still end up with few issues, in my case I had few issues such as

  • - 401 unauthorized (figure 2) while testing the X509 certificate with oData URL on browser without SMP
  • - Unable to ping backend system from SMP
  • - Unable to test the certificate from REST Client, error such as
    1. Certificate is not getting called
    2. No response on REST Client
    3. 500 Internal Error

Please refer to this Guide as this blog is in continuation to fix the issue in case you have errors.

http://scn.sap.com/docs/DOC-65095

  http://wiki.scn.sap.com/wiki/download/attachments/425200590/How%20to%20configure%20mutual%20authentication%20using%20X.509%20certificate%20in%20SMP%20env%203.x.pdf?version=2&modificationDate=1435855512000&api=v2

 

401 Unauthorized Error

In our case, we had configured pretty much as described in the document, but we still ended up with 401 Authorization Error. It was difficult for us to understand fix the issue, but once we got the trace results it was a quick fix in 5 mins.

 

The error screen is as below:

 

1.png

 

Fig 1

 

2.png

Fig 2

 

In order to fix this issue, we had to run few trace analysis to check where the issue was. We followed the procedure below:

  1. Go to SE38
  2. Run the Report SEC_TRACE_ANALYZER
  3. Click on Reset Trace Files – This will help to clear the old trace
  4. Select the ICF Service according to your oData URL as show in the picture below fig 3
  5. Select Logon Trace(got HTTP 401)
  6. Change Level to 2
  7. Select Record and Set ICMAN Trace Level

    8. Now In parallel open the service is the browser but do not select the certificate

 

3.png

Fig 3

 

    9. Go back to SAP Screen and click on Activate User Trace

  10. Now select the Certificate in the browser and click on Ok

 

Once you get the error 401 Unauthorized as Fig 2, click on Show User Trace

 

4.png

Fig 4

 

Click on Enter and expand the trace results

5.png

Fig 5

 

In our case we found the issue with Certificate External ID Mapping.

 

6.png

Fig 6

 

In my case what we had missed is the SP value. The certificate subject showed us only S=Telangana (as shown in fig 7) and hence we had an authorization issue.

 

7.png

Fig 7

 

The tracing report helped us to fix the issue quickly in no delay. Hope this blog helps to solve your issues as well. Looking for your feedback and questions if any.

 

Unable to ping backend system from SMP

 

At this stage, it is very important to setup a Trust between SMP and Gateway System. In case you are unable to ping the Backend system using SSOTECHNICAL, you may have issue in 3 places.

 

  1. Certificates are installed in Gateway correctly
  2. External User ID Mapping may have issues with the values
  3. Certificates in the SMP Keystore may not have been refreshed on SMP Server

 

You may have to recheck everything according to the guide and also validate the RootCA is installed correctly in GW and SMP Server and setup the ExternalID Mapping in GW. Specifically with SMP after installing the RootCA and SSOTECHNICAL Certificate you have to restart the system. Incase you are still unable to ping the backend system, please use “go.bat –clean” from command prompt to refresh the certificates form keystore.

 

You may have to navigate to Drive:\SAP\MobilePlatform3\Server in cmd prompt to run this command. Ensure the server is stopped during this activity.

 

Alternatively you may also debug the JVM using props.ini.  I am not going to discuss more about JVM Debugging as this was not necessary in my scenario.

 

Once the clean is done and server is started, you should be able to ping. If not, please continue to check the certificates and other settings.

Screens from SMP Keystore and App:

 

8.1.png

8.2.png

Fig 8

 

9.png

Fig 9

10.png

Fig 10

 

11.png

Fig 11

 

12.png

Fig 12

 

Testing from Chrome Browser:

 

I am using Advanced REST Client for testing the X509 Certificates, here I have installed the OpenSSL Root Certificate in “Trusted Root Certificate Authorities” and SSO Demo Certificate into “Personal”. The following screen illustrates on how to register to an SMP Server:

 

13.png

Fig 13

 

Click on Send and the browser will ask for X509 Certificates installed, select ssodemo and click on OK:

 

14.png

Fig 14

 

Application was successfully registered with X509 Certificates:

 

15.png

Fig 15

 

In case you are running on SMP lower version such as SP06 or Java 7, you may see an error “Server has a weak ephemeral Diffie-Hellman public key”. Please refer to SAP Note 2217055 to fix the issue.

 

If you see any 500 internal error during registration or if the certificates is not getting picked up, if there are any certificate errors which may cause errors, you may also do the testing by disabling the certificate errors.  Go to command prompt and the run command as shown below:

 

Chrome --ignore-certificate-errors

 

16.png

Fig 16

 

 

Testing from Kapsel Mobile Apps on Android Device:

 

To confirm the solution we wanted to test it, so we opted for Kapsel Logon AuthProxy and we started to integrate it. Here are the screen shots of the working application:

 

Application deployed on to Android Device:

 

17.png

Fig 17

 

Registrations page

18.pngFig 18

 

Certificate popup during the logon procedure.

19.png

Fig 19

 

Successful Registration Alert.

20.pngFig 20

 

Get query function and the data from SAP Backend System.

21.png

Fig 21

 

I hope this blog will be useful and looking for your feedback and comments.

 

Regards,

Nagesh

Hello SMP developers,

 

We recently upgraded SMP server runtime to SP10 PL01 and encountered with an issue where BATCH calls with PUT requests fail during FLUSH operation (from offline store).

 

Looking into server logs we found below error message:

java.lang.NullPointerException: while trying to invoke the method java.lang.Boolean.booleanValue() of a null object returned from com.sap.odata.offline.api.MODataConfigEndpointInfo.getContentIDInOpHeaders() |

at com.sap.odata.offline.requestqueue.BatchBuilder.<init>(BatchBuilder.java:49) |

at com.sap.odata.offline.requestqueue.RequestQueueProcessor.processRequests(RequestQueueProcessor.java:127) |

at com.sap.odata.offline.scripts.ODataRequestQueueHandler.doHandleDownloadData(ODataRequestQueueHandler.java:217) |

at com.sap.odata.offline.scripts.ODataRequestQueueHandler$2.call(ODataRequestQueueHandler.java:185) |

at com.sap.mobile.platform.server.mobilink.MODataServiceSupport.executeWithContext(MODataServiceSupport.java:103) |

at com.sap.odata.offline.util.MODataServiceImpl.executeWithContext(MODataServiceImpl.java:87) |

at com.sap.odata.offline.scripts.ODataRequestQueueHandler.handle_DownloadData(ODataRequestQueueHandler.java:190) |

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) |

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) |

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) |

at java.lang.reflect.Method.invoke(Method.java:497) |

at ianywhere.ml.script.MethodInfo.invoke(MethodInfo.java:12222) |

#ERROR#com.sap.odata.offline.util.NativeLogger###Thread-85####7fc330a0-c6ca-11e5-8000-cb3e31843b22#####<134> [-10118] Caught Java exception with type: java.lang.NullPointerException. |

#+00#ERROR#com.sap.odata.offline.util.NativeLogger###Thread-85####7fc330a0-c6ca-11e5-8000-cb3e31843b22#####<134> [-10118]  Exception message: while trying to invoke the method java.lang.Boolean.booleanValue() of a null object returned from com.sap.odata.offline.api.MODataConfigEndpointInfo.getContentIDInOpHeaders() |

+00#ERROR#com.sap.odata.offline.util.NativeLogger###Thread-85####7fc330a0-c6ca-11e5-8000-cb3e31843b22#####<134> [-10225] User exception: while trying to invoke the method java.lang.Boolean.booleanValue() of a null object returned from com.sap.odata.offline.api.MODataConfigEndpointInfo.getContentIDInOpHeaders(): java.lang.NullPointerException |

 

 

 

 

After contacting SAP support, we came to know that there seems to be a bug in the Offline server component and it will be fixed in next SMP server patch releases.

 

Workaround: Add following property in .ini file under [endpoint] section

 

content_id_header_location=mime

 

 

Hope this information helps others. #HappyLearning

 

Regards,

JK

Ashwin Katkar

SAPSSO2 For SMP 3.0

Posted by Ashwin Katkar Feb 15, 2016
  1. Log in to you SAP GUI and run the transaction STRUST.

 

Select the SNC note and download the SAP ECC Systems Certificate

 

 

Export the file by clicking on "Export Certificate", click on "Base 64" to save the certificate file on a directory and copy the same on the SMP Server Console

 

  

2. Import certificate in key store

 

Once you have the certificate file exported, log in to the SMP Server Console and copy this file on that machine. Download Portecle from this site. We will use Portecle to import the above exported certificate into our SMP Key Store. Once downloaded , launch Portecle(its just a jar file so no need for installation) and open the SMP Keystore file.

 

 

File-->Open KeyStore File

 

 

 

Go the SMP KeyStore path. Its located in ~Installation Directory/SAP/MobilePlatform3/Server/configuration with the name smp_keystore.jks. It will prompt you for a password. Give the password that you used during installation of SMP Server or use the default password changeit.

 

Once you log in you would see something like this.

 

Go to Tools-->Import Trusted Certificate to import the SAP ECC Certificate we exported using STRUST.

 

Click on Import. It will show you the details of the certificate and then click on Next. Give an Alias for the Certificate and click on Finish.

So we have added the SAP ECC Certificate to SMP Key Store.

 

 

3. Create Backend Authentication

 

Enter the gateway URL and set the SSO Mechanisms as SSO2.

 

 

 

4. Create Authentication Profile

 

 

Next Thing that we would be doing is to configure an Application on Management Cockpit and then give it an Authentication Mechanism.

Login to the Management Cockpit using http://localhost:8083/Admin

 

Click on the Settings Tab and click Security Profiles

 

Click on New to create a new Security Profile.

We will name it as SAP_SSO2

 

Give the Authentication Provider as HTTP/HTTPS Authentication and provide the same URL that we used while defining the Gateway Destination

 

 

For the Cookie Name give it as MYSAPSSO2

 

Click Save to save this security Config. We will assign the same security config to our application connection.

Create a new application connection by clicking on new under the Application Tab

 

Under Backend Connection give the URL of the Service Document of your Deployed Application on Gateway.

It would be something like http://localhost:8060/sap/opu/odata/sap/ZTEST_NEW_CRV_SRV/ Check the Internal checkbox.

 

Go to the Authentication Tab and Select the authentication mechanism we just created SAP_SSO2

 

 

Click on Save to save all the configuration.

Now we are all done with our configuration.


5. Testing

 

You can use the Advanced Rest Client Extension of Google Chrome for this. You can use any other rest client for this purpose.

 

Go the the rest client and give the url for registration of user

 

URL : http://<hostaddress>:8080/odata/applications/latest/<applicationid we created>/Connections

 

Give the Headers

Content Type : application/xml

Operation : POST

 

And post this under the Request Body

 

<?xml version='1.0' encoding='utf-8'?>


<entry xmlns="http://www.w3.org/2005/Atom"

               xmlns:d="http://schemas.microsoft.com/ado/2007/08/dataservices"

               xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">

     <title type="text"/>

     <updated>2012-06-15T02:23:29Z</updated>

     <author>

     <name/>

     </author>

      <category
  term="applications.Connection"
scheme="http://schemas.microsoft.com/ado/2007/08/dataservices/scheme"/>

     <content type="application/xml">

     <m:properties>

     <d:DeviceType>IOS</d:DeviceType>

     <d:DeviceModel m:null="true" />

     </m:properties>

     </content>

     </entry>

 

It should look something like this

 

Click on Send to post it. It will prompt you for credentials. Give the credentials to authenticate you against the URL that we configured for the security configuation. It will return with a status 201 which will create your user in Admin cockpit. You can check it against the application id that you should now have one registration.

 

Things to note are the cookies that are returned back. We have a cookie by the name X-SMP-APPCID.

 

Next we will test if we can now retrieve the data against that user to check if SSO is configured and SAP Returns on data for this user

 

With the same Rest Client give the below addres

 

URL : http://localhost:8080/<applicationid>/<AnyEntitySet>

In the header specify the cookie

X-SMP-APPCID and the value you got from the previous registration call

 

Operation : GET

 

Note : user GET if you entityset is used for reading operation. If there is a post operation involved you would also need an additional token of x-csrf-token.

 

Click on Send and you should receive Data for that particular user itself.

This blog post aims to collect all links to Blogs and Documents that provide tutorials and information about the Custom Code data source for Integration Gateway in SAP Mobile Platform 3.0 (SMP).

Based on the component Integration Gateway in SMP, you can provide OData services, that expose data that is fetched from different data sources - like Database, JPA, REST-services, etc

The Custom Code option gives the developer more freedom to provide data by manually implementing the necessary code.

 

 

The following tutorials show how to do that and give practical examples.

 

 

 

 

Introduction

 

 

* READ operation, very simplified

http://scn.sap.com/community/developer-center/mobility-platform/blog/2015/10/26/integration-gateway-understanding-custom-code-data-source-1-read-operations-very-simplified

 

* WRITE operation

http://scn.sap.com/community/developer-center/mobility-platform/blog/2015/10/27/carlos-roggan-integration-gateway-understanding-custom-code-data-source-2-write-operations-very-simplified

 

* FUNCTION IMPORT, very simplified

http://scn.sap.com/community/developer-center/mobility-platform/blog/2015/10/29/integration-gateway-understanding-custom-code-data-source-3-function-import-very-simplified

 

 

 

Example implementations

 

 

* Example for Custom Code implementation

http://scn.sap.com/community/developer-center/mobility-platform/blog/2015/10/30/integration-gateway-understanding-custom-code-data-source-4-example-implementation

 

* Example for Custom Code, connecting to a Microsoft Excel file as data source

Integration Gateway: Understanding CUSTOM CODE data source [5]: MS Excel 

 

* Example for calling an OSGi bundle to provide data

This tutorial uses the Custom Code data source to call Java API that is located on an OSGi bundle that is running on the SMP server.

The tutorial is split in 4 parts, the second part covers the creation of the OData service based on the custom code data source

Integration Gateway: Modularizing OData project [1]: OSGi bundle

Integration Gateway: Modularizing OData project [2]: OData service

 

 

 

Other topics

 

 

* Installing SMP Toolkit:

How to install SAP Mobile Platform Tools for Integration Gateway in Eclipse IDE

 

* Tutorial for OData provisioning:

Creating an OData service based on SAP Gateway, SOAP, JDBC and JPA data sources

 

* Preparing Eclipse for Groovy scripting:

http://scn.sap.com/docs/DOC-61719

 

 

* The series of tutorials about the REST data source. Many implementation details are also relevant for the "Custom Code" data source.

http://scn.sap.com/community/developer-center/mobility-platform/blog/2015/04/08/integration-gateway-rest-data-source-overview-of-blogs

 

* General collection of tips for working with Integration Gateway

Integration Gateway: Tips n Tips

Hi,

we put great new features into this release

 

  • Document Service Integration
  • Event log Atom feed
  • Admin UI Overhaul
  • Fiori Mobile Packager improvements

 

Document Service Integration

As you may know there is a service available on HANA Cloud Platform that allows you to store and retrieve unstructured data, like images, movie files or office documents. This service is called Document Service (more information) and implements the Content Management Interoperability Services (CMIS) protocol to upload, retrieve and manage files.

With our integration feature, we make this service available to your mobile application in order to provide your app the ability to leverage extended document management features.

With the Document Service Integration feature you can upload, share, distribute, retrieve static content from and towards your mobile users. Here are some example use cases:

 

Cloud Sync

Let the user put products in his shopping cart on device A.

Upload the shopping card into your repository.

Download the shopping cart document (maybe a JSON file) to device B of that user.

Serve Static Content

You upload a lot of product images into your repository

The mobile app retrieves the product images directly from your repository.

Optional: Download product images to the device and load them into UI from local storage in order to increase the UX (decreased download times).

Private File Storage

Create user specific folders to let them store static content on their own, only available to that specific user. And let CMIS manage the usage rights for you.

 

I think you will come up with even more cool use cases.

Let us know how you use the Document Service integration feature!

 

This is how it works looks like from an overview perspective:

MobileDocuments.png

The CMIS workbench is an open source desktop application that can be used by HCP mobile service administrators to access the app specific repository without prior registration as a mobile app on HCPms (meaning you don’t need an APPCID as an administrator), while mobile apps need to register first to access the repository. This allows the admin to manage the content of the repository. Maybe he wants to upload new product images or wants to delete old content.

 

The blue communication lines describe CMIS protocol related communications.

Before I forget: There is no need to configure anything in the HCP mobile services cockpit to enable this feature. Every configured app gets its own storage folder in the repository.

 

Event log Atom feed

This one is for the administrators among us who are interested in supportability features.

The current log files include stack traces and other internal information not really suitable for a mobile administrator.

The event log framework that we introduced captures runtime events that are really interesting for mobile administrators and enriches them with important information.

In order to access the event log, we provided an OData RSS feed for administrators. There is no way to access the event log from our Admin UI (read more about it in the next section).  Event though you might think this is not really convenient, this has been some advantages – and we can put an UI on it afterwards if necessary.

First let’s take a look on how you access the event log:

In your browser you navigate to:

 

https://[host]/ mobileservices/Admin/EventLog.svc/EventLogs

 

for the trial landscape it would be:


https://hcpms-S0000001trial.hanatrial.ondemand.com/ mobileservices/Admin/EventLog.svc/EventLogs

 

if S0000001 would be your SCN ID.

 

This would list a maximum of 1000 log entries in OData Atom format, which is potentially a little too much information. Before we discuss how to apply a filter on the data, let’s take a closer look to the event important properties:

 

Property

Description

Example Value

ID

The ID of this event

https://[host]/Admin/EventLog.svc/EventLogs(CorrelationId='0be83ade-731a-4a31-9559-cc9aca3b1cdf',Sequence=1453710994677011L)

ApplicationConnectionId

The ApplicationConnection ID of the user/device/app that triggered this event

686a0af9-7e9d-4bf0-b811-0177bf4a4085

ApplicationId

 

ODataSCCBasic_Basic

CorrelationId

GUID that describes one request/response flow

0be83ade-731a-4a31-9559-cc9aca3b1cdf

DeviceType

null, if device type is unknown.

null

LocalizedMessage

The actual message about what happened

Request for unknown Application Connection ID 686a0af9-7e9d-4bf0-b811-0177bf4a4085 failed.

Type

Component where the event was triggered

Registration

UserName

User id of the registered user responsible for this event

P85457478438

LogLevel

 

WARN

 

As you can see this is more helpful than the log UI we had before. The CorrelationId will be returned by the server in every request. Let’s look at an example:

In Postman (a Google Chrome plugin) I created the following registration request and sent it to the server:

request.png

 

The server responded with a http status code of 403 – forbidden. But I was sure that I provided the correct basic authentication credentials.

To identify the root cause of this issue, I copy the CorrelationId from the server response and put it as a filter criterion to the EventLog filter, directly into the browsers address bar:

 

https://mobilepiat-ae3be903b.hana.ondemand.com/Admin/EventLog.svc/EventLogs?$filter=CorrelationId eq ‘e25d1fe9-6655-460a-939c-9edf25b53685’

 

AtomFeed.png

 

Here I can clearly see that the application could not be created because it already exists. Well, this is the typical thing that happens when I use Postman, because it handles cookies automatically and I already sent the ApplicationConnectionID along with my POST request.

 

Since this is a real OData feed, feel free (I couldn’t resist to use this alliteration) to combine various filter criteria.

To get a summary of the last 100 events use:

 

https://mobilepiat-ae3be903b.hana.ondemand.com/Admin/EventLog.svc/EventLogs?$orderby=TimeStamp%20desc&$select=LocalizedMessage&$top=100

 

 

Admin UI Overhaul

Let’s start with an image:

 

AdminUI.png

As you can see, the Mobile Services admin UI now follows the design guides of HCP Cockpit. But despite the good looking UI we also improved the navigation flows. For example, you can now navigate from Applications to Logs with a single click. In the “old” admin UI you always were forced to navigate back to your “Home” screen in order to move to another section.

Even more convenient is the “multi-tab” behavior in the application creation screen, when you are about to create a new application configuration. You can now freely switch back and forth between tabs before you actually save your work.

 

I also like the new list view of applications and the “Filter applications” input field on top, that let’s you quickly find your app configurations – actually not an issue on the trial landscape.

 

Once the admin UI has filled its cache it should be much more responsive as well.

 

I hope you enjoy the new style.

 

Please let me know what you think about this release and how you are going to use these features.

 

Have fun,

Martin Grasshoff

Many months back when I IOS Version was 7 I had written a cross Platform Mobile application in C# for Order to Cash Process -

Order to Cash Mobile Application using Xamarin Forms & C#   After that Apple came up with IOS 8, IOS 9 and now 9.2  - During this time due to changes to 64 bit most of theold libraries could not be used.  I had in the mean time also written a blog on SAP App development using SWIFT for Plant Stock

Iphone App in Swift Xcode 6.3 for SAP Plant Stock  - The old cross platform app was still working on Android and hence I wanted to write this app in swift so that uses with version of IOS can use this app - The back end logic and design is the same as descripted in my earlier blog - The UI was changed and

rewritten in SWIFT.   The way I have invoked SAP from Swift is same as explained in my earlier blog ( mentioned above).  The images below are the screen shots of the app.

otcBlog1.png

 

The flow of Logic is as follows - Login - List of Sales Org - List of Distribution Channels - List of Division - List of Customers on the Customer Screen you can select a customer and choose Add(+) button to create a new Sales order. The left Icon on Customer screen gives list of orders - Select an order - order details -

on the order detail screen - When you enter delivery Qty and Create Delivery - From the Customer Screen you can choose to Create Billing Document and enter the Delivery document to create the Billing -  This app should be on the app stores for free download on the app stores for users to try out like my other apps

otcBlog2.png

In the previous parts (first and second) of this tutorial, we’ve created a Java bundle and an OData service based on it. And we've verified that the OData service works fine and can be consumed.

Now we’d like to take the opportunity and use Eclipse to debug our Java code.

 

 

 

Overview

 

Part I

1. Prepare SMP server

2. Prepare Eclipse

3. Create the OSGi bundle

    3.1. Create Plug-In project

    3.2. Implement DataProvider class

    3.3. Implement Activator class

    3.4. Deploy the bundle to SMP

    3.5. Verify the deployed bundle


Part II

4. Create the OData service

    4.1. Implement the QUERY operation

    4.2. Adding $skip and $top capability

    4.3. Implement the READ operation

5. Test the OData service

 

Part III

6. Debug the Java code

    6.1. Start SMP server in debug mode

    6.2. Connect from Eclipse to SMP

    6.3. Debug the Java code in Eclipse

7. Summary

8. Links

 

Part IV

9. Test the API automatically

    9.1. Create test fragment

    9.2. Create JUnit tests

    9.3. Run the tests

    9.4. Summary

 

 

 

 

 

6. Debug the Java code

 

6.1. Start SMP server in debug mode

 

In order to be able to debug a bundle that is running in SMP server, we have to start the SMP server in debug mode.

 

- In case your SMP is already running, stop it

- Open command prompt and navigate to the folder <SMP_install_dir>/Server

  This folder contains a batch file that is used to start the sever and has name go.bat

- On the command prompt, type the following command

 

go -debug 8000

 

 

 

 

  This command tells the server to start in debug mode and to listen to connection on port 8000

  Press enter and wait until the following message is printed to the command prompt

 

 

 

 

6.2. Connect from Eclipse to SMP

 

After SMP server is up and running, we can connect from Eclipse to the debug-port

 

From the Eclipse main-menu, go to

Run -> Debug Configurations…

Select “Remote Java Application” and click on the “New” button in the dialog’s tool bar

 

 

 

As a result, a new Launch Configuration is created and the details can be entered.

In the “Connect” tab, we have to

- enter a name for the Launch Configuration, this can be any arbitrary name

- choose the Eclipse-project that we want to debug

- in the “Connection Properties” field, enter the SMP server and the debug port as specified in the previous section

 

 

 

In the “Source”-tab, we have to specify, where the sources that we want to debug, are located.

Press “Add”, select Java Project, then select the project that contains the Java files, in our example it is called com.example.dataprovider

(as we created in the first part of this tutorial)

 

 

 

Note:

Actually, in our example, it isn't necessary to manually add the dataprovider-project to the “Source Lookup Path”, because it is already contained in the “Default” folder, because we have specified it as project in the “Connect” tab.

 

That’s it for the settings of the Launch Configuration, which is automatically saved.

 

After pressing “Debug”, Eclipse connects to the specified host and port.

In the “Debug” perspective, you can see the connection.

(The "Debug" perspective can be opened via Window->Open Perspective->Other...)

 

 

 

 

From here, you can use the toolbar button to “disconnect” from the server, i.e. terminate your debug-session.

 

Note that the Launch Configuration doesn’t start or stop the server, it only launches a connection to the SMP server.

 

 

If you get an error message telling that Connection was refused, then you’ve probably forgot to start SMP in debug mode

 

 

 

 

6.3. Debug the Java code in Eclipse

 

Now that the SMP server is running in debug mode and Eclipse is connected to it, we can start debugging.

Open the DataProvider class and set some breakpoints, e.g. in the first line of the getAllProducts() method.

Tip: you can place the cursor in the line and then press Ctr+Shift+B

 

 

 

Then open a browser and invoke the ProductSet URL:

https://localhost:8083/gateway/odata/SAP/EXAMPLESERVICE/ProductSet

 

Afterwards, change back to Eclipse and you’ll see:

- the execution is paused at the specified position

- the “Variables” View allows to inspect the available objects

- the “Display” View  (open it via Window->Show View) allows to directly type and execute Java statements

- the shortcut Ctrl+Shift+I allows to “inspect” the selected object or statement

etc

 

 

 

 

This is the magic moment and you should take a breath and enjoy that your dreams have come true…

 

 

 

 

Summary

 

Up to now, in the series of blogs forming a tutorial illustrating how I like to work in the area of OData services based on Integration Gateway in SMP 3.0, I’ve shown my main points:

 

- scripting is done in the OData project, but whenever it gets complex, move the code to a separate bundle

- advantages are the enhanced coding support in the editor and the debugging capabilities.

 

 

In part 3 (this page), we’ve learned how to debug the code that we’ve written in the bundle.

 

 

You may have felt the disadvantage of this way of working: quite some overhead with respect to building and deploying the bundle.

In the last part of this tutorial, we’ll learn how to overcome it.

 

 

 

 

Links

 

Installing SMP toolkit in Eclipse:

http://scn.sap.com/community/developer-center/mobility-platform/blog/2014/08/22/how-to-install-sap-mobile-platform-tools-for-integration-gateway-in-eclipse-kepler

 

Tutorial for Integration Gateway:

http://scn.sap.com/community/developer-center/mobility-platform/blog/2014/06/10/creating-an-odata-service-based-on-sap-gateway-soap-jdbc-and-jpa-data-sources-ba

 

The series of tutorials about the REST data source. Many implementation details are also relevant for the "Custom Code" data source.

Integration Gateway: REST data source, overview of Blogs

 

Introduction to “Custom Code” data source:

http://scn.sap.com/community/developer-center/mobility-platform/blog/2015/10/26/integration-gateway-understanding-custom-code-data-source-1-read-operations-very-simplified

Actions

Filter Blog

By author:
By date:
By tag: