Example Configuration: Basic Authentication

Example application configuration for basic user authentication and SSO.

Procedure

Start Management Cockpit

On any computer on the network, in a supported browser, enter the URL for the Management Cockpit and log in. The URL has the format: https://<host_name>:<https_admin_port>/Admin/

Create a New Application

On the Applications page, choose New.

In the New Application dialog box, enter the following values:

Field	Value
ID	com.sap.fiori.client Unique application identifier in reverse domain notation. This is the application identifier that the application developer assigns or generates during application development. The administrator uses the application ID to register the application with the server, and the client application uses the application ID to send requests to the server.
Name	Descriptive name for the application, for example, SAP Fiori Client
Vendor	(Optional) Vendor who developed the application, for example, SAP SE
Type	Hybrid
Description	(Optional) Short description of the application

Save your entries.

Define the Back-End Connection

On the Back End page, configure the following:

Field	Value
Endpoint	The URL the application uses to access business data on the Fiori front end server. It has the following format: https://<`frontendserverhost`>:<`port`>/sap/bc/ui5_ui5/ui2/ushell/shells/abap/Fiorilaunchpad.html?sap-client=<`client`>&sap-language=EN
Rewrite Mode	Rewrite in backend
SSO Mechanisms	Add SSO2 Add Basic

Field

Value

Endpoint

The URL the application uses to access business data on the Fiori front end server. It has the following format:

https://<frontendserverhost>:<port>/sap/bc/ui5_ui5/ui2/ushell/shells/abap/Fiorilaunchpad.html?sap-client=<client>&sap-language=EN

Rewrite Mode

Rewrite in backend

SSO Mechanisms

Add SSO2

Add Basic

Save your entries.

Define Authentication Mechanisms

On the Authentication page, enter a name for the new security profile.
Under Authentication Providers, choose Add.

Configure the following:

Field	Value
Authentication Providers	HTTP/HTTPS Authentication
Control Flag	required
URL	URL of the ping service on the ABAP front end server (SAP Gateway Server): https://<`frontendserverhost`>:<`port`>/sap/bc/ping?sap-client=<`clientID`>
SSO Cookie Name	“MYSAPSSO2” or Gateway session cookie

Save your entries.

Optional: Configure Client Policy

When you edit the hybrid app from the cockpit, available feature plugins are listed on the Client Policy screen. Feature plugins are typically JavaScript APIs that provide access to the native APIs of the mobile device (implemented as Apache Cordova plugins, for example, camera and geolocation).

You can indicate features that should be restricted from the application users.

On the Client Policy page, under Feature Restriction Policies, view the current status of feature restrictions.

Column	Description
Plugin	A list of feature plugins that are available with the application, such as Camera, Contacts, and Print.
Description	Feature plugin descriptions, such as Cordova Camera Plugin, Cordova Contacts Plugin, and SAP Push Plugin.
Allowed	Indicates whether the feature is allowed or restricted. By default, features are allowed.

To enable a feature for the application, select the row and click Allow.
A checkmark appears in the Allowed column.
To restrict a feature for the application, select a row and click Restrict.
An exclamation mark (!) appears in the Allowed column.
Save your entries.