cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Updates on "3034848 - List of VAT payers in Poland: (...)"

stow
Discoverer

on ‎2024 Mar 13 7:58 AM

0 Kudos
397

Hi,

We followed the steps described on sapnote "3291289 - List of VAT Payers for SAP S/4HANA (OVS): Implementation overview" up to the point of deploying the application from github "https://github.com/SAP-samples/localization-toolkit-s4hana-cloud-bank-account-validation."  on our C...

Our Integration team then became concerned that there's no security/authorization features in the application, which would allow anyone with the url from our java application to access the API and make calls.

Should we expect to have such improvements pushed to the official github of this application or such features are something to be customized by ourselves?

 

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
HenrikeGrötecke
Product and Topic Expert
Product and Topic Expert
‎2024 Jul 02 8:26 AM
0 Kudos
forwarded to experts
Pavel_Hendrych
Associate
Associate
‎2024 Jul 15 8:51 AM
0 Kudos

Dear Stow, thanks for your question.

Your observation is correct, there is no authorization concept in place.
As written in the Readme file: "Information provided is published as a minimum working example. You can use the sample application as a starting point and adapt it to your business requirements.". 

Various customers might use the application differently. E,g, the source code can be integrated into existing customer-specific services (to share the resources) and the authorization concept can be provided by the parent application.  

To answer your question, SAP doesn't plan to update the java application with an authorization concept. If needed, it is expected that you will extend the application with authorization according to your requirement. 

Thanks and best regards, 

Pavel Hendrych
SAP Globalization Development

Accepted Solutions (0)

Answers (1)

Answers (1)

HenrikeGrötecke
Product and Topic Expert
Product and Topic Expert
‎2024 Aug 02 11:07 AM
0 Kudos

Hello,

Here's the answer provided by the expert:

"

Dear Stow, thanks for your question.

Your observation is correct, there is no authorization concept in place.
As written in the Readme file: "Information provided is published as a minimum working example. You can use the sample application as a starting point and adapt it to your business requirements.". 

Various customers might use the application differently. E,g, the source code can be integrated into existing customer-specific services (to share the resources) and the authorization concept can be provided by the parent application.  

To answer your question, SAP doesn't plan to update the java application with an authorization concept. If needed, it is expected that you will extend the application with authorization according to your requirement. 

Thanks and best regards, 

Pavel Hendrych
SAP Globalization Development"

Show replies
Show replies
Ask a Question