In this article I will show how to add an OAuth 2.0 client in Keycloak.
Log in to Keycloak and select a realm. In a new (empty) installation of Keycloak, the realm Master is selected by default. The realm name is important, as it is part of the URL used later for OAuth authentication.
To create a new OAuth 2.0 client, click on create.
Insert your information for the client. Make sure the openid-connect is selected as client protocol.
Click on save and the client configuration screen is shown. Here you can add and alter additional information.
Important
Access Type: confidential. This will require the OAuth 2.0 client to send a client secret to authenticate itself.
Service Accounts Enabled: On
Valid Redirect URIs: set to a valid one, like /
All other parameters should work as given.
Switch to tab Credentials
Here you can see the OAuth 2.0 client secret. As in the settings tab the access type was set to confidential, the client must send its client id and secret to Keycloak to authenticate itself. The client id is the name of the client (oidclient), and here you can see the secret: 7bc40…
You can now add the OAuth 2.0 scopes to the client.
To be able to install EA Designer in HXE, you first need to copy the eadesigner.tgz file to your HXE server. SAP is not making the file available as a free available standalone download. You get the file with the HXE downloader.
First “problem” to solve is how to get the file on your HXE. In my case: a VM running on Proxmox.
If you have the eadesigner.tgz file on your laptop, and HXE server is in the same network as you are (e.g. WLAN), you can copy the file using scp. As an alternative, you can host the eadesigner.tgz file on an HTTP server and download it from there. For tomcat, copy the file eadesigner.tgz to the root directory and start tomcat.
Tomcat
Copy file to: webapps/ROOT
Start tomcat: ./bin/startup
Fruit Checker App is not a productive app. It is a showcase with the intention to make people think about the possibilities: what can you do today, value that combination of services can bring, etc.
The idea for the architecture is to make sure that the underlying concepts is valid even when new implementations are started on top of it. The individual solutions have to fit in, without violating the general architectural concept. That is: a new house can be built, as long as it fits into Mannheim’s Quadrate idea. It may be small or large, but still fits a block and follows the number scheme.
Same for the transportation concept: as long as you follow the established protocols and paths, you will arrive as planned. To go from Karlsruhe to Mannheim, you can use car or train. Going by horse is possible, but not recommended. Same with systems: use HTTPS, REST, BAPI, Integration, etc, but don’t use something that is possible but makes no sense (communicate via FTP instead of SSH/SCP).
SAP CAPM is from SAP, and therefore it depends on SAP’s ideas what is possible and what not. Maybe on day the process will be open and less SAP driven, and then we may have a tool that is even better than Spring Data.
Some slides are not included for a simple reason: they only make sense in the context of a live talk.
This blog is about how to create an oData service from a CDS View. The code and example follow closely SAP Help documentation and the included example on this topic:
I only cut the documentation overhead and make the information available in a single blog. As you can see in the above two links, the task consists of 2 steps:
Create CDS View
Expose OData service
For the example, I used NW ABAP 7.52 Developer Edition and ABAP in Eclipse (ADT) tools. If you have a “real” SAP NW ABAP System available, you may also implement the sample service there.
Create CDS Data Source
In ADT, create a new CDS Data Definition.
Name: ZDEMO_CDS_SalesOrderItem
Description: List Reporting for Sales Order Item
@AbapCatalog.sqlViewName: 'ZDEMO_SOI_001'
@AbapCatalog.compiler.compareFilter: true
@AbapCatalog.preserveKey: true
@AccessControl.authorizationCheck: #CHECK
@EndUserText.label: 'List Reporting for Sales Order Item'
@OData.publish: true
define view ZDEMO_CDS_SalesOrderItem as select from SEPM_I_SalesOrderItem_E as Item {
key Item.SalesOrder as SalesOrderID,
key Item.SalesOrderItem as ItemPosition,
Item._SalesOrder._Customer.CompanyName as CompanyName,
Item.Product as Product,
@Semantics.currencyCode: true
Item.TransactionCurrency as CurrencyCode,
@Semantics.amount.currencyCode: 'CurrencyCode'
Item.GrossAmountInTransacCurrency as GrossAmount,
@Semantics.amount.currencyCode: 'CurrencyCode'
Item.NetAmountInTransactionCurrency as NetAmount,
@Semantics.amount.currencyCode: 'CurrencyCode'
Item.TaxAmountInTransactionCurrency as TaxAmount,
Item.ProductAvailabilityStatus as ProductAvailabilityStatus
}
Save and activate the CDS View.
Activate OData Service
The above created a CDS Data Definition and when activating, some magic happened. What is missing is to activate the OData service. ADT won’t do this for you, this needs to be done manually in the Gateway System.
Tx: /n/IWFND/MAINT_SERVICE
Click on Add Service
Search for services in the local system.
System Alias: LOCAL
Technical Service Name: ZDEMO_CDS_SALESORDERITEM_CDS
Click on Get Services
The CDS Service is shown.
Select the service and click on Add selected Services
Add service dialog.
Package Assignment: $TMP (click on Local Object)
Test service
After performing the above steps, the CDS View is implemented and the OData service exposing the data is activate and can be used. You may now test the service to see if everything is working as expected.
Tx: /n/IWFND/MAINT_SERVICE
Select the service: ZDEMO_CDS_SALESORDERITEM_CDS
Click on SAP Gateway Client. To test the service, use the URL:
Make sure to select a language that supports the team, not just you.
App development is not just coding: that’s why the presentation is about creating apps. It’s a team effort.
Demo apps are mostly for myself and to make my life easier
Cognitive Leave Request was developed by BridgingIT in partnership with Microsoft. More information about the project: Tobias und Martin entwickeln. (Video in German)
Testing is important. Several tools from and for UI5 are available that can be used or other tools. Just use them if you can.
Fruit Checker App is not a productive app. It is a showcase with the intention to make people think about the possibilities: what can you do today, value that combination of services can bring, etc.
OData v4 is not feature complete. SAP is investing and constantly adding new features to OData v4 model.
Testing is important. Several tools from and for UI5 are available that can be used or other tools. Just use them if you can.
EOL for NetWeaver 31.12.2025 is for the on premise version, as listed by SAP PAM.
S/4HANA is running on NetWeaver ABAP, therefore, ABAP will stay the base technology for SAP.
CAP and RAP helps you to keep the core clean. To make this possible for all SAP customers, the options you have a independent of the technology skills the developers have: Java, JavaScript, ABAP.
Fiori Elements or “pure” Fiori app development: this is not either nor situation, both are valid and can complement each other. Important is to have the backend services made ready for Fiori; as SAP does since the beginning for their official Fiori Apps.
Fruit Checker App is not a productive app. It is a showcase with the intention to make people think about the possibilities: what can you do today, value that combination of services can bring, etc.
Possibilities CAP may offer depend solely on SAP. It’s their product and its features and roadmap are controlled 100% by SAP.
App development is not just coding: that’s why the presentation is about creating apps. It’s a team effort.
OData can now also designed and documented in Swagger (OpenAPI).
Demo apps are mostly for myself and to make my life easier
Cognitive Leave Request was developed by BridgingIT in partnership with Microsoft. More information about the project: Tobias und Martin entwickeln. (Video in German)
Testing is important. Several tools from and for UI5 are available that can be used or other tools. Just use them if you can.
Recently I saw that my Matomo reports were not showing the correct data. It seemed like the daily cron job wasn’t running or failing. To see what was causing this issue, I ran the archiving tool manually.
Error: Got invalid response from API request:
?module=API&method=API.get&idSite=1&period=year&date=
last7&format=php&trigger=archivephp.
Response was 'PHP Fatal error: Allowed memory size of
805306368 bytes exhausted (tried to allocate 131072 bytes)
in /var/www/matomo/core/DataAccess/ArchiveWriter.php on
line 142 PHP Fatal error: Allowed memory size of
805306368 bytes exhausted (tried to allocate 32768 bytes) in
/var/www/piwik/core/Http.php on line 248 '
The archive script is reaching its memory limit of 805306368 bytes. Using more is not allowed, therefore the error. 805306368 bytes == 786432 Kbyte == 768 Mbyte. Somewhere a configuration is limiting the memory usage of PHP to 768 MB.
Solution
There are many, many configuration files for PHP available in my system. Matamo is using its own configuration, located at:
/var/www/piwik/config/global.ini.php
The file contains a parameter for setting a memory limit for archiving task.
minimum_memory_limit_when_archiving = 768
768 is exactly the value reported in the error. Increasing this value to 1024 (1GB) should solve the problem.
sudo vim /var/www/piwik/config/global.ini.php
minimum_memory_limit_when_archiving = 1024
Result
Let the world know
I use cookies to ensure that I can give you the best experience on my personal website. If you continue to use this site I will assume that you are happy with it.Ok
