Configure Principal Propagation from SAP BTP, Cloud Foundry environment to SAP BTP, Neo environment

If you’re using Eclipse for the first time, you will see a Welcome Page. Close this page.

Open Eclipse and choose Window > Perspective > Open Perspective > Other…, select Git and click Open.

Click Clone a Git repository.

Insert https://github.com/SAP/cloud-espm-v2.git into the URI field and click Next.

Make sure only the master branch is selected and click Next.

Click Finish and wait until the clone has finished.

Right-click on cloud-espm-v2 > Import Projects….

Make sure Eclipse hast detected all projects and click Finish.

Open the Java EE Perspective and edit the web.xml file: Look for <auth-method>FORM</auth-method> and change it to <auth-method>OAUTH</auth-method>. Don’t forget to save your changes.

Create a new directory called approuter somewhere on your machine.

Create a new file called package.json inside this directory with the following content:

{
  "name": "approuter",
  "version": "1.0.0",
  "description": "",
  "scripts": {
"start": "node node_modules/@sap/approuter/approuter.js",
"test": "echo \"Error: no test specified\" && exit 1"
  },
  "license": "ISC",
  "dependencies": {
"@sap/approuter": "^9.1"
  }
}

This tells Node (npm) to fetch and start the approuter.

Create a file called xs-app.json with the following content:

{
  "welcomeFile": "index.html",
  "routes": [ {
  "source": "/espm-cloud-web/espm.svc/",
  "target": "/espm-cloud-web/espm.svc/",
  "destination": "retailerBackend"
}, {
    "source": "/espm-cloud-web/images/",
    "localDir": "static/images/"
}, {
  "source": "/",
  "localDir": "static/retailer/"
}
  ]
}

This configures the routing inside the approuter.

Create a folder called static.

Move the src/main/webapp/retailer folder (from the espm project) to the newly created static folder.

Note: This folder contains the HTML, CSS and JavaScript of the Retailer application.

Copy the src/main/webapp/images folder to the newly created static folder.

Note: The images are needed by the Shop and the Retailer application.

Create a zip archive called approuter.zip containing all the file in the approuter folder. It’s important that the files are in the top level of the zip file!
You can use this commands in bash (Linux and macOS) to create the zip file:

for file in static/retailer static/images xs-app.json package.json ; do
  if [[ ! -e $file ]] ; then echo -e "\e[33m[WARNING] $file does not exist\e[0m"; fi ;
done
zip -r approuter.zip .

or use PowerShell (Windows):

foreach ($file in @("static\retailer", "static\images","xs-app.json","package.json")){
   if (-not (Test-Path $file)) { Write-Warning "$file does not exist" }
}
Compress-Archive -Force -Path .\* -DestinationPath approuter.zip

This will also check that all files exist and print a warning if one or more is missing.
Note: You need to change to the approuter directory using the cd command first (Linux, macOS and Windows).

Make a right-click on espm and select Export.

Select Web > WAR file and click Next.

Select a Destination on your machine and click Finish.

Open the SAP BTP, Neo environment cockpit.

Navigate to SAP HANA / SAP ASE > Databases & Schemas and click New

Create a database named espm and select a password. Make sure you don’t lose it, we’ll need it soon.

Wait until you see the event with description Tenant DB creation finished successfully (created and configured) (this can take up to 15 minutes). Now navigate back to your subaccount.

Navigate to Applications > Java Applications and click Deploy Application

Select the espm-cloud-web.war you’ve exported in the first step, be sure to use the Tomcat 8 Runtime and click deploy. Note: Don’t change the name of the application.

Wait until the application is successfully deployed and click Done.

Open the details of the application by clicking its name.

Navigate to Configuration > Data Source Bindings and click New Binding.

Enter SYSTEM and the password you choose while creating the database as credentials and click Save.

Navigate to Security > Roles, make sure the Retailer role is selected and click Assign in the Individual Users section.

Enter your email-address (the one you use for your Cloud Foundry Account) and click Assign.

Navigate to Overview and click Start.

Wait until you can see Started and open the Application URL.

Open the SAP BTP, Cloud Foundry environment in a new tab, navigate into your subaccount, go to Connectivity > Destinations and export the X509 certificate of the destination service by clicking the Download Trust button.

Go to Overview and find your subaccounts id and the landscape host. You will need it later. Notice: The landscape host does not include api.cf.!

Go to the Neo environment > Security > Trust > Application Identity Provider and click on Add Trusted Identity Provider.

Enter the following details and click Save.

Go to Security > OAuth > Clients and click Register new client.

Enter the following details and click Save.

Example:

Go back to the CF environment and click New Destination.

Add the following Additional properties:

Use this table to find the correct audience for your landscape:

Example:

Create Destination Service Instance

• Navigate into your dev space.

• Open the Service Marketplace under Services.

• Find and click the destination tile.

• Click New Instance.

• Press Next three times.

• Enter the Instance Name: destination-demo-lite and click Finish.

Create Authorization & Trust Management Service Instance (aka XSUAA)

• Click the arrow next to destination (see screenshot) and select Authorization & Trust Management.

• Click New Instance.

• Press Next only once.

• Copy and past the following parameters and click Next.

  json

  Copy

  {
  	"xsappname": "connectivity-app",
  	"tenant-mode": "dedicated",
  	"authorities": ["uaa.user"],
  	"scopes": [{
  		"name": "uaa.user",
  		"description": "Default scope for user",
  		"granted-apps": ["xs_user", "*"]
  	}],
  	"role-templates": [{
  			"name": "USER",
  			"description": "Normal user",
  			"scope-references": [
  				"uaa.user"
  			]
  		}
  	]
  }
  

• Enter the Instance Name: xsuaa-demo and click Finish.

Create Manifest File for the approuter.

• Create a new file called approuter-manifest.yml with the following content:

  yaml

  Copy

    ---
    applications:
  
    - name: destination-demo-approuter
      host: destination-demo-approuter-<userid>
      buildpack: nodejs_buildpack
      memory: 128M
      path: ./approuter.zip
      env:
        NODE_TLS_REJECT_UNAUTHORIZED: 0
      services:
        - xsuaa-demo
        - destination-demo-lite
  

• Replace <userid> of the host property with your user id.

Deploy the Approuter

• Back in the Browser click the dev-space, Applications followed by Deploy Application.

• Click Browse and select approuter.zip as File Location. Then do the same for the Manifest Location and select the approuter-manifest.yml. Finally click Deploy.

• Wait until your application shows a green Started as State and then click on approuter-demo.

• Navigate to the Approuter by clicking the link as shown in the screenshot.

• Login using the E-Mail-Address and password of your trial account.