on 05-30-2013 3:51 PM
Hi,
We are developing a application using SAPUI5 Development Kit ver 1.12. The Data is obtained from a Netweaver Gateway system. When the SAPUI5 Framework instantiates the ODataModel Object it attempts to make a connection to the URI which has been specified in the URL.
In Chrome ver 27, when the oDATAModel Object is instantiated, this leads to a OPTIONS request going to the Netweaver Gateway. i.e. the Request Method in the HTTP Header is OPTIONS and not GET or PUT. This OPTIONS request fails with HTTP error code 401, Unauthorized.
The oData Service requires Authentication before it can be used.
We are passing the Username and password while creating the oDataModel Object, i.e. in its constructor. Also our Sync is not Asynchronous.
The JS code snippet from the View is given below
var oDATAServiceURL = "http://server/ias_relay_server/client/rs_client.dll/ODATAFARM/sap/opu/odata/sap/Z_OURSERVICE";
var oDATAServiceUserName = "NetWeaverGatewayUserID";
var oDATAServicePassword = "PasswordOfNetWeaverGatewayUserID";
var myODATAModel = new sap.ui.model.odata.ODataModel(oDATAServiceURL, false, oDATAServiceUserName, oDATAServicePassword, null);
Can anybody let me know what do I have to do to resolve this issue?
_______________________
Regards
Amardeep Verma
Hi ,
In New Version of SAPUI5 use the format shown below .
oDATAServiceURL = "proxy/http/server/ias_relay_server/client/rs_client.dll/ODATAFARM/sap/opu/odata/sap/Z_OURSERVICE";
For More Information :
http://scn.sap.com/thread/3215471
Regards,
Jibin Joy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
We tried with in built proxy service of SAPUI5 and it worked. We were trying to use Sybase Relay Server to carry out the same task.
We were trying to host SAPUI5 on a ServerA while SAP Netweaver Gateway was hosted on ServerB. ServerA can be any Application Server, i.e. SAP Netweaver ABAP Stack or Apache Tomcat and so on. We were aware that this would entail hitting cross-domain security roadblock.
It does appear that along with Relay Server we would have to use a Reverse proxy too.
Has anybody tried to host SAPUI5 and SAP Netweaver Gateway in two different systems/instances and still get the solution to work? If yes then can some pointers be shared.
_________________________
Regards
Amardeep Verma
Hi
There are two things to be done.
1) change the url to start with proxy instead of the http://server:port/
2) Add the value of http://server:port/ in the web.xml.
Also please note that this will work for development. But in Production and QA environment this should not be done.
____________________
Regards
Amardeep Verma
Hi All,
Anyone knows how to solve this.
I'm having the same issue. I already disabled all the security in Chrome, but still not able to understand what is happening.
Any suggestions?
Thanks,
Ricardo Fuzeta
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes. I Found a solution. I realy dont know how suspicious it is, but worked very well
I'm trying to consume oData and the OPTION method is set...
So i put this http before my service odata:
https://cors-anywhere.herokuapp.com/
Look how it became:
In other words, its a problem of CORS - Cross-origim-Resource-Samambaia....
This error appeared due to an update on chrome a few months ago.
You can find the solution on the URL below:
cors - Disable-web-security in Chrome 48 and 49 - Stack Overflow
Regards,
Ricardo Fuzeta
Hi Friends,
I am using an URL :
https://s10hanaxs.hanatrial.ondemand.com/i322345trial/hanatrialinstance/test2/test2.xsodata
This is a HTTPS url. I am also getting the same error when I use
new sap.ui.model.odata.ODataModel("https://s10hanaxs.hanatrial.ondemand.com/i322345trial/hanatrialinstance/test2/test2.xsodata");
Its sending OPTIONS request. Can any one help me ASAP for this.
I am using Trial HCP account.
Regards &Thanks
Nishant
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Amardeep,
Take a look at the link below where it explains the "preflighted" requests.
"preflighted" requests first send an HTTP OPTIONS
request header to the resource on the other domain, in order to determine whether the actual request is safe to send. Cross-site requests are preflighted like this since they may have implications to user data
https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS
Regards,
Christian
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
Yes I agree with you that OPTIONS are sent prior to the actual GET or POST request. Our oDATA service is hosted by SAP Netweaver Gateway. And it baffles us why SAP Netweaver Gateway server is not respondng to a normal OPTIONS request. Because if it does, we will be able to keep SAPUI5 and SAP Netweaver Gateway on two different instances/client/boxes and scale each according to one's requirement.
_______________________________
Regards
Amardeep Verma
Hi,
is this solved?
i am having the same issues with my .NET MVC Angular JS application.
with CORS, i could able to do plain GET request successfully, and i got the response as expected, but when i add the headers, to read CSRF token then the browser invokes OPTIONS call and SAP respond with 401(unauthorized).
Could you share you solutions for this issues Please..
Rgds,
JP
Hi Prabhuarul,
Your application on the server side must be able to handle the OPTIONS http method and return the http response header "Access-Control-Allow-Origin" defining which origin is allowed to access your application via CORS (cross-origin resource sharing).
You can find more information about this here.
Regards,
Christian
User | Count |
---|---|
83 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.