It works in SAP Cloud SDK Version 3.7.0 to 3.10.0 but failed in the latest version from 3.11.0 to 3.13.0.
I have two applications deployed on SAP Cloud Platform. One is cloud java application based on SAP Cloud SDK using destination which is configured with Principal Propagation. The other is app router.
All related configuration of Principal Propagation are all finished in Cloud Connector and backend on-premise system. We also set up our own identity provider in SAP Cloud Platform.
Let me introduce what we want to achieve.
User login to cloud application using our own IDP from app router and then get some data from S4 on-premise system using the same user (different from the technical user in Basic authentication) configured in destination.
For more details please refer to https://blogs.sap.com/2017/07/13/part-2-how-to-use-the-sap-cloud-platform-connectivity-and-the-cloud-connector-in-the-cloud-foundry-environment/
What I did in java application to invoke billing document from S4 system.
public List<BillingDocument> getAllBillingdocuments() throws BusinessException {
ResilienceConfiguration resilienceConfig = ResilienceConfiguration.of(MyBillingDocumentService.class)
.cacheConfiguration(CacheConfiguration.of(Duration.ofSeconds(10))
.withoutParameters()); // Cache key
List<BillingDocument> billingDocuments;
try {
billingDocuments = ResilienceDecorator.executeCallable(() -> bdService.getAllBillingDocument()
.execute(DestinationUtil.getHttpDestinationS4XSSO()),
resilienceConfig);
} catch (Exception e) {
e.printStackTrace();
throw BusinessException.convert(e);
}
return billingDocuments;
}
I will leave out the configuration of app router. I promise it is correct.
The problem is user can login to cloud java application via app router using our own IDP, but when he/she wanted to get data from S4 on-premise system by the below url, the error always occurred.
https://****.cfapps.***.hana.ondemand.com/test311/billingdocument
The detailed error log from java application:
2020-02-17T06:01:22.948+0000 [APP/PROC/WEB/0] OUT { "written_at":"2020-02-17T06:01:22.945Z","written_ts":277856327935563,"tenant_id":"-","component_type":"application","component_id":"***","space_name":"***","component_name":"TestVer3.11_service","component_instance":"0","organization_id":"-","correlation_id":"-","organization_name":"-","space_id":"240338f7-479a-402f-bb31-f3aaf5c90406","container_id":"10.0.137.28","type":"log","logger":"com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache","thread":"cloudsdk-resilience-0","level":"ERROR","categories":[],"msg":"Error occurred while populating metadata: ","stacktrace":["com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler$ErpODataException: The endpoint responded with HTTP error code 401.nnFull error message: nSSO token validation failed. Make sure trust is configured correctly in the cloud connector to enable principal propagation, if token has not expired yet.","tat com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createException(ODataVdmErrorResultHandler.java:117)","tat com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createError(ODataVdmErrorResultHandler.java:97)","tat com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createError(ODataVdmErrorResultHandler.java:33)","tat com.sap.cloud.sdk.odatav2.connectivity.internal.ODataConnectivityUtil.checkHttpStatus(ODataConnectivityUtil.java:219)","tat com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache.getEdm(GuavaMetadataCache.java:239)","tat com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache.getEdm(GuavaMetadataCache.java:156)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.loadMetadata(ODataQuery.java:379)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.loadEntriesFromDestination(ODataQuery.java:310)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.internalExecute(ODataQuery.java:253)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.execute(ODataQuery.java:151)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.execute(ODataQuery.java:135)","tat com.sap.cloud.sdk.datamodel.odata.helper.FluentHelperRead.execute(FluentHelperRead.java:250)","tat com.bosch.test.service.MyBillingDocumentService.lambda$getAllBillingdocuments$0(MyBillingDocumentService.java:55)","tat com.sap.cloud.sdk.cloudplatform.thread.ThreadContextCallable.call(ThreadContextCallable.java:247)","tat com.sap.cloud.sdk.cloudplatform.thread.AbstractThreadContextExecutor.execute(AbstractThreadContextExecutor.java:293)","tat com.sap.cloud.sdk.frameworks.resilience4j.Resilience4jDecorationStrategy.lambda$decorateCallable$1(Resilience4jDecorationStrategy.java:107)","tat java.util.concurrent.FutureTask.run(FutureTask.java:266)","tat java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)","tat java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)","tat java.lang.Thread.run(Thread.java:836)"] }
2020-02-17T06:01:23.168+0000 [APP/PROC/WEB/0] OUT { "written_at":"2020-02-17T06:01:23.167Z","written_ts":277856550010598,"tenant_id":"-","component_type":"application","component_id":"***","space_name":"***","component_name":"TestVer3.11_service","component_instance":"0","organization_id":"-","correlation_id":"-","organization_name":"-","space_id":"240338f7-479a-402f-bb31-f3aaf5c90406","container_id":"10.0.137.28","type":"log","logger":"com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache","thread":"cloudsdk-resilience-0","level":"ERROR","categories":[],"msg":"Error occurred while populating metadata: ","stacktrace":["com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler$ErpODataException: The endpoint responded with HTTP error code 401.nnFull error message: nSSO token validation failed. Make sure trust is configured correctly in the cloud connector to enable principal propagation, if token has not expired yet.","tat com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createException(ODataVdmErrorResultHandler.java:117)","tat com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createError(ODataVdmErrorResultHandler.java:97)","tat com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createError(ODataVdmErrorResultHandler.java:33)","tat com.sap.cloud.sdk.odatav2.connectivity.internal.ODataConnectivityUtil.checkHttpStatus(ODataConnectivityUtil.java:219)","tat com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache.getEdm(GuavaMetadataCache.java:239)","tat com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache.getEdm(GuavaMetadataCache.java:156)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.loadMetadata(ODataQuery.java:379)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.loadEntriesFromDestination(ODataQuery.java:310)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.internalExecute(ODataQuery.java:253)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.retryExecuteWithCompleteUrl(ODataQuery.java:172)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.execute(ODataQuery.java:157)","tat com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.execute(ODataQuery.java:135)","tat com.sap.cloud.sdk.datamodel.odata.helper.FluentHelperRead.execute(FluentHelperRead.java:250)","tat com.bosch.test.service.MyBillingDocumentService.lambda$getAllBillingdocuments$0(MyBillingDocumentService.java:55)","tat com.sap.cloud.sdk.cloudplatform.thread.ThreadContextCallable.call(ThreadContextCallable.java:247)","tat com.sap.cloud.sdk.cloudplatform.thread.AbstractThreadContextExecutor.execute(AbstractThreadContextExecutor.java:293)","tat com.sap.cloud.sdk.frameworks.resilience4j.Resilience4jDecorationStrategy.lambda$decorateCallable$1(Resilience4jDecorationStrategy.java:107)","tat java.util.concurrent.FutureTask.run(FutureTask.java:266)","tat java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)","tat java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)","tat java.lang.Thread.run(Thread.java:836)"] }
2020-02-17T06:01:23.171+0000 [APP/PROC/WEB/0] ERR com.sap.cloud.sdk.cloudplatform.resilience.ResilienceRuntimeException: com.sap.cloud.sdk.cloudplatform.resilience.ResilienceRuntimeException: com.sap.cloud.sdk.cloudplatform.thread.exception.ThreadContextExecutionException: com.sap.cloud.sdk.odatav2.connectivity.ODataException: Unable to fetch the metadata : Failed to execute OData Metadata request.
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.frameworks.resilience4j.Resilience4jDecorationStrategy.lambda$null$2(Resilience4jDecorationStrategy.java:123)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at io.vavr.control.Try.onFailure(Try.java:659)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.frameworks.resilience4j.Resilience4jDecorationStrategy.lambda$decorateCallable$3(Resilience4jDecorationStrategy.java:122)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.resilience.ResilienceDecorationStrategy.executeCallable(ResilienceDecorationStrategy.java:184)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.resilience.ResilienceDecorator.executeCallable(ResilienceDecorator.java:197)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at com.bosch.test.service.MyBillingDocumentService.getAllBillingdocuments(MyBillingDocumentService.java:54)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at com.bosch.test.controllers.MyBillingDocumentController.getAllBillingDocuments(MyBillingDocumentController.java:32)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at java.lang.reflect.Method.invoke(Method.java:498)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:106)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:888)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:793)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1040)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943)
2020-02-17T06:01:23.172+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:898)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.servlet.RequestAccessorFilter.lambda$doFilter$1(RequestAccessorFilter.java:71)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.thread.AbstractThreadContextExecutor.lambda$execute$0(AbstractThreadContextExecutor.java:317)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.thread.ThreadContextCallable.call(ThreadContextCallable.java:247)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.thread.AbstractThreadContextExecutor.execute(AbstractThreadContextExecutor.java:319)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.servlet.RequestAccessorFilter.doFilter(RequestAccessorFilter.java:71)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.173+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:180)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
2020-02-17T06:01:23.174+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:526)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
2020-02-17T06:01:23.175+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:747)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:861)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1579)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at java.lang.Thread.run(Thread.java:836)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR Caused by: com.sap.cloud.sdk.cloudplatform.resilience.ResilienceRuntimeException: com.sap.cloud.sdk.cloudplatform.thread.exception.ThreadContextExecutionException: com.sap.cloud.sdk.odatav2.connectivity.ODataException: Unable to fetch the metadata : Failed to execute OData Metadata request.
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.frameworks.resilience4j.DefaultCachingDecorator.lambda$decorateCallable$0(DefaultCachingDecorator.java:124)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at io.vavr.control.Try.of(Try.java:75)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at io.vavr.control.Try.ofCallable(Try.java:105)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.frameworks.resilience4j.Resilience4jDecorationStrategy.lambda$decorateCallable$3(Resilience4jDecorationStrategy.java:118)
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR ... 95 more
2020-02-17T06:01:23.176+0000 [APP/PROC/WEB/0] ERR Caused by: com.sap.cloud.sdk.cloudplatform.thread.exception.ThreadContextExecutionException: com.sap.cloud.sdk.odatav2.connectivity.ODataException: Unable to fetch the metadata : Failed to execute OData Metadata request.
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.thread.AbstractThreadContextExecutor.execute(AbstractThreadContextExecutor.java:299)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.frameworks.resilience4j.Resilience4jDecorationStrategy.lambda$decorateCallable$1(Resilience4jDecorationStrategy.java:107)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at java.util.concurrent.FutureTask.run(FutureTask.java:266)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR ... 1 more
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR Caused by: com.sap.cloud.sdk.odatav2.connectivity.ODataException: Unable to fetch the metadata : Failed to execute OData Metadata request.
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.loadEntriesFromDestination(ODataQuery.java:312)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.internalExecute(ODataQuery.java:253)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.retryExecuteWithCompleteUrl(ODataQuery.java:172)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.execute(ODataQuery.java:157)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.ODataQuery.execute(ODataQuery.java:135)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.datamodel.odata.helper.FluentHelperRead.execute(FluentHelperRead.java:250)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.bosch.test.service.MyBillingDocumentService.lambda$getAllBillingdocuments$0(MyBillingDocumentService.java:55)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.thread.ThreadContextCallable.call(ThreadContextCallable.java:247)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.cloudplatform.thread.AbstractThreadContextExecutor.execute(AbstractThreadContextExecutor.java:293)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR ... 5 more
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR Caused by: com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler$ErpODataException: The endpoint responded with HTTP error code 401.
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR Full error message:
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR SSO token validation failed. Make sure trust is configured correctly in the cloud connector to enable principal propagation, if token has not expired yet.
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createException(ODataVdmErrorResultHandler.java:117)
2020-02-17T06:01:23.177+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createError(ODataVdmErrorResultHandler.java:97)
2020-02-17T06:01:23.178+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.datamodel.odata.helper.ODataVdmErrorResultHandler.createError(ODataVdmErrorResultHandler.java:33)
2020-02-17T06:01:23.178+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.internal.ODataConnectivityUtil.checkHttpStatus(ODataConnectivityUtil.java:219)
2020-02-17T06:01:23.178+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache.getEdm(GuavaMetadataCache.java:239)
2020-02-17T06:01:23.178+0000 [APP/PROC/WEB/0] ERR at com.sap.cloud.sdk.odatav2.connectivity.cache.metadata.GuavaMetadataCache.getEdm(GuavaMetadataCache.java:156)
Set default PrincipalPropagationStrategy
public static HttpDestination getHttpDestinationS4XSSO() {
PrincipalPropagationStrategy.setDefaultStrategy(PrincipalPropagationStrategy.COMPATIBILITY);
Destination destination = DestinationAccessor.getDestination("S4X_HTTP_SSO");
return destination.asHttp().decorate(DefaultErpHttpDestination::new);
}
Update:
We fixed the reported issue with SAP Cloud SDK 3.16.1
If possible please update the dependencies accordingly.
Original answer:
The SAP Cloud SDK has adopted the recommended option to implement user propagation, see SAP Cloud Platform Connectivity: Configure Principal Propagation via User Exchange Token
However, if the recommended option is not working for you, then a switch to the old practice is possible: the compatibility option. Just invoke the following method once in your application code:
import com.sap.cloud.sdk.cloudplatform.connectivity.PrincipalPropagationStrategy;
PrincipalPropagationStrategy.setDefaultStrategy(PrincipalPropagationStrategy.COMPATIBILITY);
This will effectively revert the changes, that you are experiencing between version 3.10.0 and 3.11.0.
We have found a potential issue with our implementation from 3.11.0 and onward. Until this is fixed, please try the following quick workaround for resolving a HttpDestination. In the meantime we are working on a fix for the next version to come:
private HttpDestination getHttpDestination( final String destinationName ) {
Destination destination = DestinationAccessor.tryGetDestination(destinationName).get();
String url = destination.get("URL", String.class).getOrNull();
ScpCfHttpDestination.Builder builder = ScpCfHttpDestination.builder(destinationName, url);
// set properties
for( String propertyName : destination.getPropertyNames() ) {
builder.property(propertyName, destination.get(propertyName).getOrNull());
}
// add missing token (a workaround as of Cloud SDK 3.11, until fixed)
String authToken = AuthTokenAccessor.getCurrentToken().getJwt().getToken();
builder.header("SAP-Connectivity-Authentication", "Bearer " + authToken);
// decorate optional S/4 destination properties, e.g. sap-client
return builder.build().decorate(DefaultErpHttpDestination::new);
}