Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
Showing results for 
Search instead for 
Did you mean: 
0 Kudos

  1. Introduction:

This article will be helpful for who upgrade the run time from JEE6 to Tomcat 8 and who develop the application using JDK8 and deploy in Tomcat 8. Especially this is prepared for Neo cloud platform.  This may be applicable to upgrade from any version of JEE run time to any version of Tomcat. This article is derived based on the run time exceptions and errors, we faced.  Article will help the problem solvers, solution providers, debuggers and testers. By reading this article you can save lot of time when you migrate from JDK7 to JDK8. this  may help for who is upgrading any lower version of Java to any higher version.

As many of you know, Some of the classes which are there in JEE libraries those are not there in Tomcat, I handled and resolved those class not found exceptions. I found or came to know the alternatives during the run time.

During the integration or communication between  the cloud deployed applications, cloud to external, external to cloud and cloud to on premise, you will face the following problems or errors, I have described those problems and solutions together here.


  1. Class Not Found Exception:

These classes HttpDestination and DestinationFactory are not available in Tomcat8.

These above classes should be replaced by the ConnectivityConfiguration and DestinationConfiguration.

JEE6 or JEE7






 Using these replacement classes still you can access the destination configuration details from the cockpit.

  1. Http Connection:

Http client cannot be used for making http connection in Tomcat8, the alternate for HttpClient is HttpUrlConnection.

JEE6 or JEE7


httpClient = destination.createHttpClient();




urlConnection = (HttpURLConnection) url.openConnection();



  1. Cloud to Cloud:

It is possible to have App to App SSO authentication when you want to communicate from one application from another application. So, the user propagation (Principle propagation) can be done easily.


Context ctx = new InitialContext();

AuthenticationHeaderProvider authHeaderProvider = (AuthenticationHeaderProvider) ctx.lookup(AUTH_PROVODER_JNDI_LOOKUP);

AuthenticationHeaderProvider authorization = authHeaderProvider (urlString);

AuthenticationHeader appToAppSSOHeader = authorization.getAppToAppSSOHeader(urlString);

AuthenticationHeader principle = authorization.getPrincipalPropagationHeader();


This explicit principle propagation and app to app sso are not required in case of JEE6 runtime.


  1. 403 Forbidden Issue:

When you want to send data using POST API from one application to another, CSRF is required this is applicable for both JEE and Tomcat. But only with CSRF header, 403 will not be resolved in case of Tomcat. You have set the cookie property also in connection object.


writeCon.setRequestProperty(HTTP_COOKIE, session);


The cookies can be got from response header of get API when you get CSRF,


List<String> session = readCon.getHeaderFields().get(HTTP_SET_COOKIE);


The below link will be helpful to resolve 403 Error.


  1. Cloud to On-premise:

When you make a call from cloud to On-Premise system, you should add a proxy when you open a connection in case of Tomcat.


urlConnection = (HttpURLConnection) url. openConnection(proxy)

The proxy should be taken from platform itself as below.

private static Proxy getProxy(String proxyType) {

String proxyHost = null;

int proxyPort;

if (ON_PREMISE_PROXY.equals(proxyType)) {

// Get proxy for on-premise destinations

proxyHost = System.getenv("HC_OP_HTTP_PROXY_HOST");

proxyPort = Integer.parseInt(System.getenv("HC_OP_HTTP_PROXY_PORT"));

} else {

// Get proxy for internet destinations

proxyHost = System.getProperty("http.proxyHost");

proxyPort = Integer.parseInt(System.getProperty("http.proxyPort"));


return new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyHost, proxyPort));


More detail can be found here,


  1. SSLHandshakeException:

When you try to connect from Cloud to On-Premise system, you will get SSLHandshakeException. PKIX path building failed: unable to find valid certification path to requested target.

To resolve this issue, the URL’s protocol should be changed from Https to Http. The url with Https protocol will work in case of JEE runtime, but https protocol throws SSLHandshakeException in case of Tomcat.

  1. 503 Service Un available:

To resolve 503- Service un available, you should add a property(SAP-Connectivity-SCC-Location_ID) cloud connector’s location id


urlConnection.setRequestProperty("SAP-Connectivity-SCC-Location_ID", "Cloud_Connector_Location_Id");


“Service un available “ may occur due to the client (cloud application) not able to find exact target cloud connector, if the sub account has many cloud connectors.


  1. 400 Bad Request:

TO resolve  400 error, you should add the  account name as below,


urlConnection.setRequestProperty("SAP-Connectivity-ConsumerAccount", System.getenv("HC_ACCOUNT"));


This is to make a confirmation to target system who make request, from which account.

  1. References:

 Consume Back-End Systems (Java Web or Java EE 6 Web Profile)

Consume Back-End Systems (Java Web Tomcat 7)


XSRF Protection for REST Services

HTTP Proxy for On-Premise Connectivity

Platform Authorization Management API


This is purely technical article nothing to talk about any functional areas. this is article i made to help  the colleagues who ever is upgrading or migrating from JDK7 to JDK8 and JEE server to Tomcat 8 This article i have created for helping others, no need to spend much time to debug. This will help Developers, Testers and Architects. Here I have talked about the run time problems of connecting from cloud based application to external, external to cloud application, cloud to On-premise. I described to resolve various run time exceptions like SSL handshake and HTTP error codes 400, 403 and 503.