A developer creates a new OData service (code, definition, implementation) in the backend and adds everything to a transport package. After transporting an OData service from DEV to QA in the backend, the service is not usable in QA as the system alias for the OData service is missing. While Read more…
SAP Help: Enabling OAuth 2.0 Authentication for OData Services For the OData service used, see my blog Create an OData service from CDS. For each OData service you want to access through OAuth, a unique scope is needed. The scope is based on the OData service. The scope is needed Read more…
This is the introduction blog on how to activate SAML 2.0 based logon on SAP NetWeaver ABAP systems. The example configuration shown here is using SAP Gateway. It is the same procedure for any SAP NetWeaver ABAP system that allows SAML 2.0 logons. The system used while writing the blog Read more…
After establishing the trust between the SAML 2.0 IdP and SP and activating the IdP in SAP Gateway, the ABAP system is configured for SAML 2.0 logons. An easy way to test if SAML 2.0 is working is to log on to SAP WebGui for HTML. This is a standard Read more…
Current state is that a trust between Gateway as SP and Keycloak as IdP is established. While the previous step established the trust, the IdP is not enabled in SAP Gateway. Meaning that SAML2.0 logons are not possible. For this to work, the IdP must be enabled. Currently, enabling is Read more…
This is the final step of the task to establish a trust between SAP Gateway and Keycloak. The Keycloak SAML 2.0 IdP Metadata file downloaded in previous step is now imported into SAP Gateway as a IdP. This creates the trust on the SAP Gateway. Import SAML 2.0 IdP Metadata Read more…
As SAML 2.0 depends on trust, it is necessary to establish this trust by exchanging the metadata of the IdP and SP. When the SAML 2.0 client for Gateway (NPL001) was created, the metadata of the Gateway SP was important to Keycloak. In this step, the metadata of the IdP Read more…
In this step a new SAML 2.0 client is created in Keycloak by importing the Gateway SP metadata. After activating and configuring SAML 2.0 in Gateway, a Service Provider (SP) was created. A metadata file for that SP is available at the saml2 Web Dynpro ABAP application. This metadata file Read more…
Before you can start to configure SAML 2.0 in SAP NetWeaver ABAP, SAML 2.0 support must be activated. The saml2 Web Dynpro ABAP app is used for this. In the NPL Developer Edition system the app is activated by default and can be accessed by opening this URL in the Read more…
If you are on a S/4HANA release like 2023, please use RAP. The odata.publish true approach shown here should not be used any longer. This blog is about how to create an oData service from a CDS View. The code and example follow closely SAP Help documentation and the included Read more…