Hello fellow developers,
recently we ran into an issue which we gave us a very hard time.
A UI5 application runs in the #SAP Workzone Standard Edition# and uses the SAP Managed Approuter to connect to the workflow runtime servie as well as a backend SAP Gateway destination with principal propagation.
Everything worked fine in regards to the workflow requests as well as the GET requests to the Gateway system. What did not work were any requests that required a valid CSRF Token, like POST or UPDATE.
The app did sent requests with a valid CSRF token to the backend, but the system refused to accept it.
The app worked like this: When it is opened with a certain URL, the app loads some information from the workflow runtime and needs a CSRF token for this. The xs-app.json looked like this:
You can see the route for the workflow runtime as well as the SAP Gateway System and its destination. It was set up just like you would expect to find this on any tutorial.
We had to set the csrfProtection to false for the SAP Gateway destination.
With this settings the csrf token for the ODataModel was then issued by the SAP Gateway.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
12 | |
9 | |
6 | |
5 | |
5 | |
5 | |
5 | |
3 | |
3 | |
3 |