UserInfoApp --> Java Backend
UserInfoAppRouter --> SAP App Router that forwards requests to Java Backend and is responsible for authentication to an instance of UAA in Cloud Foundry
To deploy, first create the following service instances in your CF space (case sensitive):
-
UserInfoApp-xsuaa Service Type: xsuaa Plan: application JSON Configuration: file xs-security.json found at the root of the App Router project
-
destination-service Service Type: destination Plan: lite
Note: don't worry about binding the services to applications, it will be done by the cf CLI command
Add the role collection PrincipalViewer to your user by:
- Open the cockpit under your organization' subaccount
- Open the left-menu Trust Configuration under the Security session
- Click on the link for your IdP's Name - standard is SAP ID Service
- Enter your e-mail address in the search box and click on the Show Assignments button .
- Click on the Assign Role Collection and select the PrincipalViewer from the dropdown menu
- Compile the java project using the maven command
- Adapt the manifest to your needs (mostly route names)
- Push the application with CLI (cf push)
- Adapt the manifest to your needs (mostly route names)
- Push the application with CLI (cf push)
- Open a browser and navigate to the java application's URL with suffix /actuator/health. You should see the message: {"status": "UP"}
- Open an incognito window and navigate to your app router's URL with suffix /getPrincipal. You should be redirected to a login screen (this would be the platform's URL). Once authenticated, you should be redirected back and the getPrincipal rest service should now display your e-mail.
- Try opening a new ingcognito window and navigate to the same /getPrincipal URL as before. Notice you will now get an error 401 - Unauthorized.