on 2020 Aug 19 8:10 PM
Hi Friends,
I have developed a simple REST service using SICF framework in ECC. Functionality of this service is to create a transaction in the SAP system. So I have implemented a POST method.
I have created a service using sicf transaction code in SAP and provided my class name in 'Handler List'. I have used super class CL_REST_HTTP_HANDLER for handler class and used CL_REST_RESOURCE for resource class. Activated service. Everything looking good. However, when I try to test the service from postman it is giving 'CSRF token validation failed'.
To fix this I have fetched the csrf token by sending x-csrf-token = fetch in the header value.
But my client doesn't want to call this service twice #1 to GET csrf token and then #2 to POST actual transaction.
I am looking for a way to disable this csrf-token so that my client can call my service only once to POST actual transaction.
I have go through many threads on this topic but all the threads talking about ODATA service.
Thanks in advance,
Krishna Yerram.
As per thalesvb, I try it and that is working perfectly, As I work with VPN Connection Based so no major issue of security.
If you want to By Pass x-csrf-token, So you have to Redefine HANDLE_CSRF_TOKEN Method in your class without code. Then after you can POST Call without x-csrf-token. Just use in header in call "X-Requested-With = X".
You also Disable Authentication in SICF-> Logon Section
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
67 | |
10 | |
10 | |
10 | |
10 | |
8 | |
8 | |
7 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.