- SAP Managed Tags:
I would like to host a UI5 App without authentification. The app works well in Fiori Launchpad and via the direct link to the service in my user context.
To achieve it without authentification I entered a system user in the corresponding SICF services for the UI5 and the OData service. (like described here: https://blogs.sap.com/2015/08/05/disable-csrf-token-for-odata-calls-using-sap-netweaver-gateway/)
Example for the UI5 service:
Now I can call my two services without authentification:
/sap/bc/ui5_ui5/sap/z_system_info
/sap/opu/odata/sap/z_sm_system_info_srv
But the problem is that the browser shows a logon window like this:
As I found out this is caused by a call to sap/bc/lrep/flex/data/com.yourcompany.z_system_info.Component
All other resources are loaded fine and when I abort the message I can use the app without problems.
I thought about a problem with the CSRF Token, but the entry ~CHECK_CSRF_TOKEN=0 in the GUI_CONFIGURATION of the service as mentioned in the linked article did not change anything.
So I got the idea to switch the logon error page for the lrep service from explicit to system logon:
The result is that instead of a 401 the call gets back with a 200 status and a page where the user normally should log on:
But because it is loaded in the background it will never show up to the user.
I am aware that this is just a dirty workaround, so I would be interested if someone got the same problem or if there is a better solution to this problem? (Especially without modifying the lrep service.)
Hello Ekansh,
many thanks for your answer. I tried your solution and it works well, but I had to adapt my routing configuration.
I had to add the "targetControl" property in manifest.json as described here, but I am not sure why:
Regards
Tim
| User | Count |
|---|---|
| 76 | |
| 22 | |
| 9 | |
| 7 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.