Additional Blogs by SAP
Showing results for 
Search instead for 
Did you mean: 
Active Participant

How to use Integration Gateway with SMP 3.0

Part 1:

- Describes how to set up the HSQLDB and how to deploy the JDBC driver to SMP3

Part 2:

- Describes how to model, implement and deploy the OData service with Integration Gateway

Part 3:

- Describes how to configure the Integration Gateway on SMP3 to bind the OData service to the backend and how to display the OData service

In this third part of this tutorial we will configure and finally execute the OData service which got deployed in part 2 of this tutorial.

Also make sure that the JDBC driver is already known to SMP3 BEFORE deploying the OData service via the "Toolkit for Integration Gateway". This has been described in part 1.

Create Security Profile for our OData Service

Because we deployed our OData service in the namespace called "sap", we have to create a security profile which is matching this namespace. Therefore open the Administration Management Cockpit by calling https://smp3server:8083/Admin/

1. Switch to the "SETTINGS" tab and click under "SECURITY PROFILES" the button "New"

2. Type as name "sap" (has to match the namespace which was chosen when deploying the OData service) and click on the small plus/add button to add an authentication provider. For testing purpose I chose "No Authentication Challenge" which simply will let everyone pass you is calling this service.

3. Save the changes.

Using Gateway Management Cockpit (Integration Gateway)

There is a Gateway Management Cockpit available (which is different from the Admin Management Cockpit). You can manage the deployed OData services here and also the destinations. Destinations are the backend connections which serves as base for the OData services.

1. Access the Gateway Management Cockpit by calling https://smp3server:8083/gateway/cockpit .

2. Switch to "DESTINATIONS" and click on "Create a New Destination...". Choose the following information for a connection to HSQLDB database:

Destination NameDestHSQLDB
Destination TypeDATABASE
Destination URLjdbc:hsqldb:hsql://localhost/xdb
Database Driverorg.hsqldb.jdbcDriver
Authentication TypeBasic Authentication
User NamesmpUser

Of course you might have to adapt the destination url, username or password dependent on your environment.

3. Switch to "SERVICES". You should see our OData Service, which we deployed in part 2 of this tutorial.

4. Click on the service name. In the coming window click on "Add Destination" and choose the newly created destination (DestHSQLDB).

5. After that close the window and activate the service.

6. Click on "Open Service Document" which should open the OData service in your browser.

Testing the OData Service

7. In our example the webpage http://smp3server:8080/gateway/odata/sap/intgwtest;v=1 is displayed and you can see the Collections (CUSTOMER)

8. If you navigate into the collection http://smp3server:8080/gateway/odata/sap/intgwtest;v=1/CUSTOMER you can see that the data is displayed which is retrieved from the HSQLDB database.

9. You can open one element by calling CUSTOMER(primaryKey), so e.g. .../CUSTOMER(0) will display the first data entry

10. You can also create new elements. For this you have to send a HTTP POST request to the base collection address. Because by default the Integration Gateway enabled CSRF Token Handling, you have to catch a token before you can post data. CSRF Tokens are used to increase the security and make sure that a session got successfully created. You can use any REST client to perform these requests, I like to use the freeware Fiddler.

Send a GET message to the integration gateway to receive the CSRF Token. Beside the Authorization (for your "sap" security profile in SMP3) you need to set the HTTP Header "X-CSRF-TOKEN" with value "FETCH".

UPDATE: Fetching the CSRF Token is only needed for SMP 3.0 SP03 and higher (Previous versions does not include CSRF token handling).

11. You should get an "HTTP 200 OK" response. In the Header of this response you will find some Cookies (X-SMP-SESSIDSSO and X-SMP-SESSID) and also the requested X-CSRF-TOKEN value. Copy all three values (all Cookies and the CSRF Token).

12. Paste the copied values into your HTTP POST request. Header values should be Authorization, Content-Type, X-CSRF-TOKEN and Cookie. So the header could look like this:

Authorization: Basic dGVzdFVzZXI6dGVzdA==
CONTENT-TYPE: application/xml
Cookie: X-SMP-SESSIDSSO=F0A363722FB5A370ACB0511C9EE14C66; Path=/; HttpOnly
Cookie: X-SMP-SESSID=9212486C3E0E402812E8196F7C2C044EA974B0D53146C68350B61211A24251B7; Path=/; HttpOnly
X-CSRF-Token: 79861F653C809F765F92B3A532C27B3C
Host: localhost:8080
Content-Length: 541

The body will include the object you want to create. In our case we want to add a new customer, so we insert the following:

<?xml version="1.0" encoding="utf-8"?>
<entry xmlns="" xmlns:m="" xmlns:d="" xml:base="http://localhost:8080/gateway/odata/sap/intgwtest;v=1/">
<content type="application/xml">
<d:ADDRESS>Adlerstr. 33</d:ADDRESS>

13. After sending you should receive an HTTP response code 201 Created. If you get an HTTP 403 Forbidden, make sure you don't have an Authorization issue or a problem with the CSRF Token and the other cookies. In some cases you might get an HTTP 500 Internal Server Error. Then have a closer look. It could be that the entry got successfully inserted and after this an error occurred (happened some times to me). Verify this by calling the CUSTOMER collection or by looking directly inside the database.

14. As you can see the new record got inserted!

Now you know how the Integration Gateway in context of SMP3 can be used. For sure it will be enhanced in the future and the process (especially of the data binding) might change, but the functionality should be clear now.