DEV Community

Cover image for Making an Authentication Less Open Document URL for BOBJ Document.
Aditya Mathur
Aditya Mathur

Posted on

Making an Authentication Less Open Document URL for BOBJ Document.

Recently, I was working on a client's request where in I was supposed to redirect to BOBJ report on click of a button and the user should not provide authentication details again.

After going through the SAP documentation for a while, I came through SAP's RESTful web services API. As always APIs for the win, Web services API provides a lot of features including authentication as well.

I know there are a lot of blogs on this topic but most of the blogs don't provide all the information at one place so I thought of writing this blog and combining all the information that I found in bits and pieces which might make some developers life easy :)

Different ways of Authenticating User

Web services API provide below listed ways in which a user can be authenticated:

  1. Passing username & password (To generate logonToken)

  2. Passing a serialized session or token from a different application already authenticated with Platform

  3. Active Directory Single Sign-On

  4. Trusted Authentication

In this blog I am gonna focus on Using username & password.

Logon Tokens:

Logon Tokens can be used in Open Document by inserting the token parameter into the open Document URL. This token allows users access to files secured in the BI platform without being prompted for credentials.

How to create a Logon Token using web services API ?

  1. Make a request to get template for for providing username and password.

1.1 In order to get the template in which the username and password needs to be provided, make a request to http://<baseURL>/logon/long using the GET method.

1.2 Add Accept attribute to the request header, and set its value to application/xml.

1.3 You will get a response as shown in the below picture:

Picture showing the XML template that we receive from request with "GET" method

  1. Now let's use the template that we got in response of GET method.

2.1 Make a request to the same URL that we used to get the the template using POST method.

2.2 Add the Accept and Content-Type attribute to the request header and set both of the values to application/json.

2.3 Fill out the XML template with the username, password and authentication type, and add it to request body of the new request.

Picture showing how we need to send a "POST" request with credentials to the base URL

In the XML template, auth represents the authentication type, secEnterprise for Enterprise authentication, secWinAD for Windows AD, secLDAP for LDAP and secSAPR3 for SAP.

  1. Once we make a request using POST method using the details mentioned in point 2, we will get a logonToken token in response.

  2. The logonToken that we receive needs to be URL encoded. You can use any URL Encoder to encode the logonToken.

  3. Once we have encoded the logonToken, we can append the token in the open document URL using the flag token.

Example: http://<serverName>:<portNo>/BOE/OpenDocument/opendoc/openDocument.jsp?sIDType=CUID&token=logonToken


In conclusion, I hope this blog post has provided valuable insight into accessing Open Document URLs without prompting user for authentication. If you have any questions or feedback, feel free to leave a comment.

Github, Linkedin.

Top comments (0)