Saturday, 18 February 2017

SAP HANA XS: Application access file (.xsaccess)

Application access file.
  1. The application access file is JSON compliant file.
  2. It’s basically used for:
    1. To specify if the authentication is required to enable access to package content, which data is exposed.
    2. If rewrite rules are in place to hide target and source URLs.
    3. You can also specify if any level of authorization is required for the package and whether SSL is mandatory for client connections.
  3. How to create it?
    1. Open SAP HANA Studio.
    2. Open SAP HANA development Perspective.
    3. In the Project Explorer tab, right click on the folder where you want to create it.
    4. In context menu,
      NewàOtheràSAP HANAàApplication DevelopmentàXS Application Access file.

    5. Finish it.
    6. Now open the .xsaccess file from project and edit it.




  4. How to create define access in .xsacess file.
    1. A basic .xsaccess file must, at the very least contain a set of curly bracket.
    2. The setting specified in an .xsaccess file apply not only to the package which contains .xsaccess file but also apply to sub-packages also.
    3. Multiple .xsaccess files are allowed but at different package hierarchy.
    4. You can’t put two .xsaccess file in the same package.
    5. Package without a dedicated .xsaccess file inherit the application-access setting defined in the parent folder.
    6. The .xsaccess file uses keyword-value pair to set access rules, if mandatory keyword-value pair is not set then the default value is assumed.
    7. Following keywords are used;
      1. To enable application to access the data by HTTP to client request.

        “exposed” : true     (default – false)

      2. To protect your application against the attack that uses cross-site request forgery (XSRF) vector.

        “prevent_xsrf” : true
      3. To define the application authentication method.

        “authentication” : { “method”: “Form”}
      4. To specify if application privileges is required to a particular package. (optional)

        “authorization”:
               [ “com.test::Execute”,
                 “com.test::Admin”
               ]
        Note: If you use authorization keyword in the .xsaccess file then you must also create .xsprivileges file for the same application package or parent package.
      5. The anonymous_connection keyword enables you to define the name of the .xssqlcc file that will be used for SQL access where no user credential is required.

        "anonymous_connection" : "com.test::registration"
      6. With default_connection keyword, the specified SQL connection configuration (defined in .xssqlcc) is used for all SQL execution in the package.

        "default_connection":"com.test::registration"

        Note:
        The difference between anonymous_connection and default_connection is that the anonymous_connection is only used if the requesting user is not authenticated.
      7. To override the cache-control header for web content served by SAP HANA XS Web Server.

        "cache-control" :"no-store"
      8. To override the default setting for the application access(index.html) when the package is accessed without providing a file in the URI.

        "default_file" : "new_index.html"
      9. To hide the details of internal URL path from external users, clients, and search engine.
        URL re-write rules are written in source-target pair where the source is written in the java script regex syntax and the target is a simple string where reference to found group can be inserted using $groupnumber.


        "rewrite_rules"
         [  {
              "source" : "go/zyd/dfdfd",
              "target":  "/test/new.xsjs"
        }]
      10. To refuse the web-browser requests that do not use secure HTTP(SSL/HTTPS) for client connection.

        "force_ssl" : true















Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)