cancel
Showing results for 
Search instead for 
Did you mean: 

org.w3c.www.protocol.http.HttpException: Connection reset

1,251

Hi ,

I am pretty new to SAP world. I need your help to understand the issue that I am currently facing.

I have added custom action in SAP MII , which will connect with the authentication system and get the token from OAuth. Simple java works as expected but when I added the same classes as custom action I am getting connection reset error.

Log:

  • 19:30:56.103 [INFO] [GetOauthToken_0]OAuth Token Completed for :XXXXXXXXXX
  • 19:30:56.170 [ERROR] [GetOauthToken_0]Exception while doing OAuth: org.w3c.www.protocol.http.HttpException: Connection reset

Code:

HttpURLConnection conn= (HttpURLConnection)url.openConnection(); conn.setDoOutput( true ); String authStr = sClientId + ":" + sSecret; instance.log(LogLevel.INFO, "OAuth Token client id:"+sClientId); String encodedAuth = DatatypeConverter.printBase64Binary(authStr.getBytes("UTF-8")); conn.setRequestMethod( "POST" ); conn.setRequestProperty( "Authorization", "Basic " + encodedAuth); conn.setRequestProperty( "Content-Length", Integer.toString( postDataLength )); conn.getOutputStream().write(postData); instance.log(LogLevel.INFO, "OAuth Token Completed for :"+sClientId); Reader in = new BufferedReader(new InputStreamReader(conn.getInputStream())); for (int c; (c = in.read()) >= 0;){ sb.append((char)c); }

Any inputs are highly appreciated.

agentry_src
Active Contributor

Over many years of working with MII, I have observed a tendency for folks new to the product to jump to custom action blocks when there already exists functionality to perform the tasks desired. So my first question in return is what do you want the action block to do?

Hello Mike,

My custom action will integrate with authentication (OAUTH) system and get the token for the given client id. It's kind of post call to the system and returns the token back. Looking at the logs I can determine that http calls is going fine but at the reading response back its failing with connection reset error.

Also I found that latest SAP MII has updated custom action(In build Oauth). But I was using SAP 15.0 SP7 Patch 1.

I also updated my code to use HttpsURLConnection instead of HttpURLConnection. However, now I am getting class cast exception

13:52:45.679 [ERROR] [GetOauthToken_0]Exception while doing OAuth: java.lang.ClassCastException: Cannot cast class com.sap.engine.httpdsrclient.protocols.instrumented.https.DSRHttpsURLConnection to class javax.net.ssl.HttpsURLConnection

agentry_src
Active Contributor
0 Kudos

I am not an expert with OAUTH, but this really sounds like something that could be done in the Netweaver User Management Engine (UME). Anyone else out there know how to work this magic?

0 Kudos

Thanks for your response, Mike. I don't think this can be done with User Management. Because as per my knowledge User management would control all who can login to system and all the SAP MII system authentication, please correct me if my understanding is wrong. But in my case, I am connecting to the external OAUTH System(Thru making HTTP POST Call) and trying to get token with the credentials. So it's just simple java HTTP Client application.

Accepted Solutions (0)

Answers (4)

Answers (4)

former_member185280
Active Contributor

You may want to look into using Netweaver Destinations but you may run into the same TLS version issues.

You can also dig around the Netweaver java api's, sometimes SAP has its own custom functionality in there to deal with stuff that maybe that version of the core JRE doesn't yet etc.

When dealing with custom actions there are a few things to consider.

  1. Try and use the exact same version of Java in your development environment as your target system if possible.
  2. Same goes for versions of libraries you may want to use if they are already on the server.
  3. Your custom action will run on the server and as whatever system user/context Netweaver runs as.

FYI your "Cannot cast class com.sap.engine.httpdsrclient.protocols.instrumented.https.DSRHttpsURLConnection to class javax.net.ssl.HttpsURLConnection" error is usually caused because there was a change in the java API at some point for HttpsURLConnection so make sure your versions are all sorted.

Regards,
Christian

former_member185280
Active Contributor

You want to authenticate against OKTA with a "client id?" and get the OAUTH token back. You never really explained why you are trying to do that. This information might help people help.

0 Kudos

Yes Christian. Sorry if I am not mentioned earlier. I need to connect to OKTA with client id and the secret to get OAuth. Do you have any suggestion how I can achieve this? I am sure java 6 won't support TLS now. I even tested simple https call which is failing with same error.

former_member185280
Active Contributor
0 Kudos

Why do you need the OAUTH from OKTA?

0 Kudos

Chris,

We are consuming multiple API's in the application and can't give permissions to user who logged into the system. So giving permissions to one application who can able to make call's to back end API's. This way we can reduce maintaining user permissions vs application API permissions.

So our application user used to connect with Siteminder, But now, we are moving to OKTA from SiteMinder.

So SAP MII 15.0 won't support TLS 2 OR higher than TLS 1.5 we are moving this proxy service to handle this scenario and using SAP HTTP POST block action we can make this proxy call with in MII and acheive similar requirement.

ankit12
Active Participant

why don't you try other way round. in OAUTH we exchange token between the applications. this can be done by using servlet in java and that can be easily developed in SAP MII.

Regards,

Ankit Gupta

0 Kudos

Thank you very much for your response Ankit. Do you have any samples of your approach? I followed SAP MII Custom action documentation and created HTTP Client using those libraries(https://help.sap.com/saphelp_me151/helpdata/en/4c/8cee70f2bd60c5e10000000a15822d/content.htm?no_cach...).

ankit12
Active Participant
0 Kudos

From the comment on your question, what I am able to understand is that, you need to get the token from the 3rd party system so you don’t have to manage the credentials. (OAUTH functionality).

Why don’t you authenticate first and then execute your logic?

you can develop the same in SAP MII web app using java for authenticating the user and then you can execute your transaction logics.

And regarding the sample code, I don’t have any right now you need to try it on your own.

Regards,
Ankit Gupta

0 Kudos

Hi,

Thanks for your suggestion.

Actually, I need to connect one of the application user in the SAP MII, not the login authentication. Here I can't use servlet also while doing some search on SAP MII 15.0 I found it uses java 6 and Java 6 only support TLS 1.0 which okta won't support. Which are eventually roadblock?

-Thanks,