Closed SlyCatSpy closed 2 months ago
CharlesDuboisSAP
commented
2 months ago The entry connectivity of your VCAP_SERVICES might have misconfigured values:
credentials.onpremise_proxy_portcredentials.onpremise_proxy_hostLet me know if this fixes it. Best regards, Charles
SlyCatSpy
commented
2 months ago Hi Charles, Thanks for your suggestion. It sadly doesn't help. Don't forget that the exact same approach works if I simply revert the cloud sdk version to 4.32.0. By the way, I think the documentation is wrong here: https://sap.github.io/cloud-sdk/docs/java/features/connectivity/running-locally
This is a screenshot from the page referred above:
The proxy-port value is mapped to credentials.onpremise_proxy_port, but I suspect that the second proxy-port variable in the command line should reflect the credentials.onpremise_proxy_http_port.
I open my tunnel with the following command:
cf ssh my-app-name -L 8081:my-proxy-host:20003Here's the anonymised content of my VCAP_SERVICES configuration which I use to set my environment:
{
"destination": [
{
"label": "destination",
"plan": "lite",
"tags": [
"destination",
"conn",
"connsvc"
],
"name": "destinations",
"credentials": {
"tenantmode": "dedicated",
"clientid": "xxxxx",
"credential-type": "binding-secret",
"xsappname": "xxxxx",
"clientsecret": "xxxxx",
"uri": "xxxxx",
"url": "xxxxx",
"uaadomain": "xxxxx",
"instanceid": "xxxxx",
"verificationkey": "xxxxx",
"identityzone": "ccq-dev",
"tenantid": "xxxxx"
}
}
],
"connectivity": [
{
"label": "connectivity",
"plan": "lite",
"tags": [
"connectivity",
"conn",
"connsvc"
],
"name": "custom-service:rm-connectivity-inst",
"credentials": {
"tenantmode": "dedicated",
"clientid": "xxxxx",
"token_service_domain": "xxxxx",
"credential-type": "binding-secret",
"token_service_url": "xxxxx",
"xsappname": "xxxxx",
"onpremise_proxy_ldap_port": "20001",
"onpremise_socks5_proxy_port": "20004",
"clientsecret": "xxxxx",
"onpremise_proxy_http_port": "20003",
"url": "xxxxx",
"onpremise_proxy_host": "localhost",
"uaadomain": "xxxxx",
"onpremise_proxy_port": "8081",
"verificationkey": "xxxxx",
"identityzone": "xxxxx",
"tenantid": "xxxxx",
"onpremise_proxy_rfc_port": "20001"
}
}
]
}Please let me know if there's anything else that could help you help me! :)
Thanks, Sylvain
CharlesDuboisSAP
commented
2 months ago Shouldn'tonpremise_proxy_host be a remote host name instead of localhost?
I will also correct the documentation.
SlyCatSpy
commented
2 months ago The documentation states that the value should be replaced with localhost. It works with cloud sdk 4.32.0.
CharlesDuboisSAP
commented
2 months ago Hello Sylvain, If you are able print out the properties of the destination in v4, it will speed up my investigation:
HttpDestination destination = DestinationAccessor.getDestination(AppConfig.RM_DESTINATION_NAME).asHttp();If it doesn't take too much time also do the same for v5
Best regards, Charles
CharlesDuboisSAP
commented
2 months ago I tried but I could not reproduce the error. I also have a different port number:
cf ssh app-name -L 20003:url:20003Your proxy port was 8081.
Please also check with my command
SlyCatSpy
commented
2 months ago I'm stuck a bit now, I was making different tests and nothing was working anymore. Turns out that there are currently issues in the customer's environmnent I'm trying to connect to.
SlyCatSpy
commented
2 months ago Looks like I'll resume work on this issue Monday, customer has locked down S4 for an upgrade.
SlyCatSpy
commented
2 months ago Here are the destination properties for 4.32.0:
Authentication : BasicAuthentication
authTokens : [ScpCfDestinationServiceV1Response.DestinationAuthToken(type=Basic, value=XXXXX, error=null, expiresIn=null, httpHeaderSuggestion=Header(name=Authorization, value=Basic XXXXX), expiryTimestamp=null)]
CloudConnectorLocationId : XXXXX_Azure
Description : Ligne Rapport mensuel vers S4 SD2 client 200
Name : rm-s4-dest
Password : XXXXX
ProxyType : OnPremise
sap-client : 200
sap-language : fr
Type : HTTP
URL : http://on.premise.hostname:443
User : XXXXX
WebIDEEnabled : true
WebIDEUsage : odata_abap,ui5_execute_abap,dev_abapHere are the destination properties for 5.12.0:
Authentication : BasicAuthentication
CloudConnectorLocationId : XXXXX_Azure
cloudsdk.authTokens : [DestinationServiceV1Response.DestinationAuthToken(type=Basic, value=XXXXX, error=null, expiresIn=null, httpHeaderSuggestion=Header(name=Authorization, value=Basic XXXXX), expiryTimestamp=null)]
cloudsdk.propertiesForChangeDetection : [Name, Type, URL, Authentication, ProxyType, User, Description, sap-language, CloudConnectorLocationId, WebIDEEnabled, sap-client, Password, WebIDEUsage]
cloudsdk.tenantId :
Description : Ligne Rapport mensuel vers S4 SD2 client 200
Name : rm-s4-dest
Password : XXXXX
Proxy : http://localhost:20003
ProxyType : OnPremise
sap-client : 200
sap-language : fr
Type : HTTP
URL : http://on.premise.hostname:443
User : XXXXX
WebIDEEnabled : true
WebIDEUsage : odata_abap,ui5_execute_abap,dev_abapHi Charles, It works using your proposed command line:
cf ssh app-name -L 20003:url:20003I'm sure I had tried that when I revisited the documentation.
Anyway, thanks for your help.
Regards, Sylvain
Issue Description
We've been using for the last couple of years the "On-Premise Connectivity From Local IDE" approach described on this page: https://sap.github.io/cloud-sdk/docs/java/features/connectivity/running-locally
This approach allows us to test locally and make calls to the S4 system.
Migrating to version 5 of the cloud SDK breaks this functionnality. The only thing I changed in the pom file is the version of the sdk from 4.32.0 to 5.11.0 and I then get the following error whenever a call to the S4 destination is made: java.net.ConnectException: Connection refused: localhost/[0:0:0:0:0:0:0:1]:20003
Here's a simple example that produces the stack trace found bellow (we use this to get the latest version of the metadata to generate the csd files, it's only a dev tool):
Steps attempted to resolve the issue
I read half the documentation found on internet, but here's something that might be interesting. I get a very similar result if I use the "Minimal Example" described on this page: https://sap.github.io/cloud-sdk/docs/js/troubleshooting
I don't recall were I saw this and I can't find it again, but I read somewhere that some default configuration values have changed to follow the secure by default approach. I suspect that it's at the root of my issue.
Impact / Priority
This issue prevents me from addressing security vulnerabilities since I'm forced to remain on version 4.32.0.
Affected development phase: Development has been completed for a while and customer pushed back the go live to august 2025. We are supporting the application in dev and qa in the meantime.
Impact: I'd say that we're Blocked, we've been consuming dev services for more than a year now and our mock services would require too much effort to make the local environment functional without us resolving this issue. There's the BAS (business application studio) approach that I have yet to test (as a work around until the issue is resolved).
Timeline: Go-Live is August 2025, but the issue is for the local development environment.
Error Message
Project Details
Dependencies.txt
Checklist