Scribd
Upload
23 views6 pages

HTTP - SVC Dynamicpdfcontentpreview Deliverable Id 1

The document outlines the prerequisites for configuring cross-site cookies and enabling Single Sign-On (SSO) for SAP Analytics Cloud to access SAP on-premise data sources. It details the steps to enable SAP Information Access (InA) on the ABAP Application Server, configure Cross-Origin Resource Sharing (CORS), and add a dummy HTML file for SSO authentication. Additionally, it provides specific transaction codes and procedures to ensure proper setup and functionality of live data connections.

Uploaded by

coxopi7544
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
23 views6 pages

HTTP - SVC Dynamicpdfcontentpreview Deliverable Id 1

The document outlines the prerequisites for configuring cross-site cookies and enabling Single Sign-On (SSO) for SAP Analytics Cloud to access SAP on-premise data sources. It details the steps to enable SAP Information Access (InA) on the ABAP Application Server, configure Cross-Origin Resource Sharing (CORS), and add a dummy HTML file for SSO authentication. Additionally, it provides specific transaction codes and procedures to ensure proper setup and functionality of live data connections.

Uploaded by

coxopi7544
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

2/12/25, 2:49 AM

Prerequisites

Configure cross-site cookies: To ensure that Chrome and other browsers allow cross-site access to your SAP on-premise data source cookies from SAP Analytics
Cloud, you must configure your SAP on-premise data source to issue cookies with specific attributes. Without these settings, user authentication to your live data
connections will fail, and Story visualizations based on these connections will not render.

For steps on how to do this, see SameSite Cookie Configuration for Live Data Connections.

Setup SSO (optional): If you want users to have a single sign-on experience to your data, check you are using same Identity Provider (IdP) for SAP Analytics Cloud and
SAP NetWeaver. For more information on setting up your identity provider in SAP Analytics Cloud, see Enable a Custom SAML Identity Provider.

If you have multiple authentication methods configured on your ABAP AS, see Alternative Logon Order.

Enable InA on your ABAP Application Server

Context

SAP Information Access (InA) is a REST HTTP-based protocol used by SAP Analytics Cloud to query your data sources in real time. Confirm that your InA package is enabled
and services are running on the ABAP AS for your data source.

Procedure
1. Check that your InA package is enabled.

To check if the Ina package is enabled, open the following URL in your browser: https://<Your_ABAP_Server>/sap/bw/ina/GetServerInfo?sap-client=
<Your_Client_ID>. Make sure you are prompted for user credentials, and after login you get a JSON response. Replace <Your_ABAP_Server> with your ABAP
system host, and <Your_Client_ID> with your SAP BW client ID.

2. Check that the required Information Access Services are active in your SAP BW/4HANA or SAP BW system.

a. Access your system using SAP Logon.

b. Enter transaction code: SICF.

c. Enter the Service Path: /sap/bw/ina and then select Execute.

The following dialog will appear:

d. Under Virtual Hosts/Services go to: default_host sap bw ina .

e. Make sure that the following services are active:

BatchProcessing
GetCatalog
GetResponse
GetServerInfo
Logoff
ValueHelp

This is custom documentation. For more information, please visit SAP Help Portal. 220
2/12/25, 2:49 AM

Configure CORS on your ABAP Application Server

Context
Cross-Origin Resource Sharing (CORS) is the method you'll use to let your users successfully access live data in an SAP Analytics Cloud page from their Web browser.
Configure CORS on your ABAP AS data source.

 Note
If you are using SAP NetWeaver ABAP AS version 7.52 or above, you must apply SAP Note 2531811 or import ABAP 7.52 SP1 to fix CORS related issues, and then follow the
steps below.

Procedure
1. Enable CORS in your system parameters without restarting ABAP AS.

 Note
These changes will disappear after a restart of ABAP AS.

a. Access your SAP BW/4HANA or SAP BW system using SAP Logon.

b. Enter transaction code: RZ11.

c. Enter Parameter: icf/cors_enabled

d. Click Display.

e. Select Changes Value.

f. Set New Value to 1.

g. Select Save.

2. Permanently enable CORS in your system parameters.

a. Enter transaction code: rz10

b. In Profile, if you have multiple authentication methods configured on your ABAP system, choose DEFAULT from the list.

c. Select Extended Maintenance.

d. Click Change.

This is custom documentation. For more information, please visit SAP Help Portal. 221
2/12/25, 2:49 AM

e. Click Parameter Create .

f. Set the parameter name to icf/cors_enabled.

g. Set the parameter value to 1.

h. Click Exit and Yes to save.

i. Click Profile | Save.

j. Click Yes to activate.

k. Click Continue.

l. Click Exit and Yes to log off.

m. Restart ABAP AS for the changes to take effect.

3. Add SAP Analytics Cloud to the HTTP allowlist.

 Note
For more information on SAP NetWeaver HTTP Allowlists, see Managing HTTP Allowlists.

a. Enter transaction code: /NUCONCOCKPIT.

b. Change Scenario to HTTP Allowlist Scenario.

c. Change the Mode of Cross-origin Resource Sharing to Active Check.

This is custom documentation. For more information, please visit SAP Help Portal. 222
2/12/25, 2:49 AM

d. Double-click Cross-origin Resource Sharing.

e. Select Display / Change.

f. For SAP BW, under Allowlist, select Add. For SAP BW/4HANA, select To Allowlist.

g. In the Input Window, add the following information:

Service Path: /sap/bw/ina.

Host rule: Add your SAP Analytics Cloud host. For example, mytenant.us1.sapbusinessobjects.cloud.

Allowed Methods: Select GET, HEAD, POST, and OPTIONS.

Add the following to Allowed Headers:

x-csrf-token
x-sap-cid
authorization
mysapsso2
x-request-with
sap-rewriteurl
sap-url-session-id
content-type
accept-language

Add the following to Exposed Headers:

x-csrf-token
sap-rewriteurl
sap-url-session-id
sap-perf-fesrec
sap-system

Ensure Allow Credentials and Allow Private Network Access are selected.

Allow Private Network Access ensures that your ABAP AS responds with theAccess-Control-Allow-Private-Network: true header to
Google Chrome and other browsers when they send a CORS preflight request ahead of any private network request for a subresource.

This is custom documentation. For more information, please visit SAP Help Portal. 223
2/12/25, 2:49 AM

4. Save your changes.

(Optional SSO) Add a Dummy HTML File to Your ABAP Application Server

Context
If you've set up SAML 2.0 Single Sign-On (SSO) for SAP Analytics Cloud and your data source system with the same Identity Provider, you must add a dummy HTML file to
authenticate your users and follow the SAML HTTP redirects.

If you are using User Name and Password or None authentication methods, skip this section.

Procedure
1. Enter transaction code: SE24.

2. Enter Object Type: ZCL_DUMMYAUTH_SERVICE, select Create, and then select Save.

3. Go to the Interfaces tab, and add IF_HTTP_EXTENSION, plus a description.

4. Go to the Methods tab, and add the following information:

Method: IF_HTTP_EXTENSION~HANDLE_REQUEST

Level: Instance Method

Visibility: Public

Description: Add a description

This is custom documentation. For more information, please visit SAP Help Portal. 224
2/12/25, 2:49 AM

5. Double click on IF_HTTP_EXTENSION~HANDLE_REQUEST and add the following code:

method IF_HTTP_EXTENSION~HANDLE_REQUEST.
DATA:
html_content TYPE string.

html_content = '<html><script type="text/javascript">window.close();</script></html>'.


server->response->set_header_field( name = 'Cache-Control' value = 'no-cache,no-store').
server->response->set_cdata( data = html_content ).
endmethod.

6. Select Save, and then Activate.

7. Enter transaction code: SICF.

8. Enter Service Path: /sap/bw/ina, and then press Enter.

9. Under default_host sap bw , right click ina, then choose New Sub-Element.

10. In Service Name, enter auth then select Input.

11. Add a description.

12. Open the Handler List tab, and enter ZCL_DUMMYAUTH_SERVICE

This is custom documentation. For more information, please visit SAP Help Portal. 225

You might also like