Proxmox is for running VMs. It offers support for Linux Containers, but there is no build in support for Docker containers. This does not mean that you cannot run Docker on Proxmox. You won’t get native integration into Proxmox, which means that you need to use a different software to Read more…
Assume that you use SAP WebIDE for developing an application and that you have to consume an OData service from an on-premise NetWeaver ABAP system. In SCP, the destination is configured, and SAP Cloud Connector is working. For principal propagation, X.509 is used. Problem When you select the OData service Read more…
SSO logon with an X.509 certificate offers some benefits. In this blog, I’ll cover the main benefits, problems and attention areas when using X.509 for SSO. As a practical example the X.509 logon with NetWeaver ABAP is shown. To access an ICM service on a NetWeaver ABAP system (NW ABAP), Read more…
Die Corona Warn App (CWA) ist seit einiger Zeit verfügbar. Die Benutzung ist freiwillig, wer will und kann darf die App verwenden. Da die Entwicklung öffentlich in GitHub erfolgte kann der Quellcode eingesehen werden. So weit wie SAP und die Telekom das ermöglicht haben. Die ersten Entwicklungen erfolgten erst intern Read more…
I’ll show how to obtain a valid letsencrypt certificate for Apache on AWS EC2 Linux AMI and Namecheap as DNS provider. Running a private web server on AWS EC2 is easy. Managing it is not so easy. Having a valid TLS web server certificate from letsencrypt is one of the Read more…
SAP Help OAuth 2.0 Service Sample request in my Gitlab repo I’ll show how you can obtain an OAuth 2.0 token in SAP Cloud Platform (SCP) and manage it for authentication of apps. For the example detailed here, I am going to use an OAuth authorization grant of type client Read more…
To be able to log in to your SAML 2.0 IdP after a SP redirect, the SP must be configured in your IdP. While this sounds obvious, it can be confusing when you have several clients in your IdP and several IdP in your SP. For instance, you must ensure Read more…
Scenario A user authenticated against the SAML 2.0 IdP. The OAuth client is sending the SAML 2.0 Response containing the user assertions to the NetWeaver ABAP system. An error of type invalid grant is returned. Error message: { “error”: “invalid_grant”, “error_description”: “Provided authorization grant is invalid. Exception was Attribute ‘Recipient’ of element ‘SubjectConfirmationData’ is invalid. For more information, consult the kernel traces or the OAuth 2.0 trouble shooting SAP note 1688545” } Root cause The OAuth client is sending the SAML Read more…
Scenario You send a SAML Bearer Assertion to the OAuth token service of SAP Gateway. The Return type is 400 Bad Request. Error message { “error”: “invalid_grant”, “error_description”: “Provided authorization grant is invalid. Exception was Message Assertion is not signed. For more information, consult the kernel traces or the OAuth 2.0 trouble shooting SAP note 1688545” } Root cause The error message contains a description of the root cause for the HTTP 400: “Exception was Message Assertion is not Read more…
References: Token Endpoint for OAuth 2.0 SAML 2.0 Bearer Assertion flow for OAuth 2.0 SCN Discussion The last configuration to be done before you can access an OAuth 2.0 protected OData service is to activate the token issuer service. To be able to access a resource, your OAuth client needs Read more…