Standard service - a fixed amount of work that is performed at a fixed price.  Post Service



I have 1 year of experience in SAP PI. I am writing this to get your suggestion on how can I improve myself in SAP PI could

In this post, I have explained step by step configuration of Smart Data Access for Hana Database with error resolutions.

One of main challenges that companies are facing today are

1. Get

Input parameters and Variables are two diferent mecanism that HANA provide us to get interaction with final users.

In some cases, we need to include an input parameters / Variables with value

The SAP Cloud Platform (SAPCP) is a platform-as-a-service offering which supports customers’ digital transformation. It does not only provide an environment for the development of new applications but also allows the extension
Wednesday, 17 January 2018 04:29

Useful Groovy Scripts. Part 5.

Written by

All these scripts are used as templates for something specific to your particular project. They just demonstrate that something like restarting the server is possible to do with Hybris via Groovy

– Consider Joining the SAP HANA Executive Council –

We all are very aware of how emerging technology is transforming our lives in many ways.

Digitization & hyper-connectivity is entering a

OAuth 2.0 Auth Code Flow example using SAP Hana Cloud Platform (HCP)

Say you have implemented a cool service using SAP HCP, and now you want to open up the service for others to use. The question comes up as to how you can handle the authentication of clients to your service. One of the common ways of doing this is to use OAuth 2.0 protocol. SAP HCP support OAuth Auth Code flow grant (in addition to Client Credentials grant) which allows web-apps to do a OAuth based sign-in securely.

The key software components involved would be:

  • Resource server (your cool HCP service) which typically exposes the capabilities via REST APIs
  • Authorization server (your configured IDP @ the HCP account)
  • Client (app that is interested in consuming your service)

Register OAuth Client

You can refer to the standard HCP documentation around this here.

Note that in order to register a client, you would have to have a Redirect URI in your web-app that can accept the authorization code send by the Authorization server. In the current app this is the DefaultCallbackResource. This accepts a query parameter called "code".

Create an OAuth scope

You can refer to the standard HCP doumentation about creating OAuth Scopes here.

Once the Client registration is done and the OAuth scopes are created you are good to go :)

Overall flow

  1. The client creates a "Logon Link" using the "Authorization Endpoint" (available at your HCP account). The URL should be fomulated as follows:
  1. The end-user, who is interacting with the client, will click the above link and would be redirected to the Authorization server logon page and on presenting valid credentials, would be presented with the famous "Allow access" popup with options for "Accept" or "Deny".

  2. If the end-user clicks on Accept, the Auth server would generate an authentication code which would be posted to the Redirect URI with the code itself being part of the Query Parameter.

  3. The Redirect URI (of the web-app) would then invoke the Token Endpoint of the Auth server as is done in the DefaultCallbackResource.

  4. The web-app can then query information using HCP libraries to get information about the user and then use the same in the app.

  5. The Resource server is then accessed by the client with the authorization header Authorization: Bearer OAUTH_TOKEN. This is represented by the ubiquitous /helloworld end-point implemented by the Jersey resource DefaultPingResource.

Anatomy of the example

OAUTH is one of the OOB Authentication Configurations supported by HCP. You can activate this via web.xml setting. Please refer to the web.xml for details around this.

Happy coding !!


Monday, 15 January 2018 21:17

JOLTandBLEED Details and PoC

Written by

On November 15, 2017, Oracle published urgent critical updates related to JOLTandBLEED vulnerability (CVE 2017-10269). Today we released its proof of concept. As you remember, this vulnerability allows an attacker

Page 1 of 39