Repeated call of HTML5 app causes "Sorry, a technical error occurred! Please try again later." error

[gregorwolf]

Yesterday I've accessed the alpha test page at:

https://sitregparticipant-s0001142741trial.dispatcher.hanatrial.ondemand.com/

using Firefox without any problems. I was first redirected to:

https://accounts.sap.com/saml2/idp/sso/accounts.sap.com

so I had to authenticate. But today I was taken directly to the app and that resulted in the error "Sorry, a technical error occurred! Please try again later."

In the details the following is shown:

{
    "requestUri": "/destinations/HANAMDC/com/sap/sapmentors/sitreg/odataparticipant/service.xsodata/$metadata?sap-documentation=heading",
    "statusCode": 200,
    "statusText": "OK",
    "headers": [],
    "body": "Cut away"
}

We must find a way to enforce the re-authentication even if caching of the page was still valid.

[gregorwolf]

The same error occurs also in Google Chrome. In the network log we see that the main page was loaded from the cache:

[gregorwolf]

Seems the change ca06512 had no effect on the behaviour when accessing /

[gregorwolf]

OK, I've found the documentation: Authentication with a sample coding. But where should that be integrated? In every XHR call? There are done by the SAPUI5 framework.

[gregorwolf]

Repeated test of fix ca06512 in Chrome and Safari on Mac OS worked. But Firefox on Mac and on Android Firefox and Chrome run into the same issue. Now testing on Windows with Edge, Chrome, Firefox and IE 11.

[jpenninkhof]

Most of SAPs applications just refresh the browser when the SAML token is expired. That forces a re-auth. Otherwise you indeed probably would have to subclass the ODataModel and add a result-check/re-auth/retry to the read method.

[gregorwolf]

On Windows 10: Edge, Chrome and IE 11 did no re-authentication. Firefox did.

[gregorwolf]

@jpenninkhof Any sample code doing the refresh when the SAML token is expired?

[jpenninkhof]

@gregorwolf Sorry, I'm afraid I don't have anything I can share atm.

[gregorwolf]

By deleting the session cookies using Chrome Dev Tools -> Resources -> Cookies there is a quick way to reproduce the issue. When setting a breakpoint in "this._oModel.attachMetadataFailed(function (oEvent) {" of controller/ErrorHandler.js I can discover that oEvent.mParameters.response.headers["com.sap.cloud.security.login"] has the Value "login-request". So I will use that to trigger window.location.reload();. I think it would make sense if SAP improves the SAP Web IDE templates or the documentation.

[gregorwolf]

The immediate problem is fixed. But if we could use an iFrame to do the SAML authentication and then try calling the service again the screen would not refresh completely for the user. But that can be an issue when the user is no longer logged on.