Former Member

November 17, 2012 4 minute read

Using REST Web Services SDK to log into the BI Platform Server (JavaScript and C#)

This article provides a code walkthrough for logging into SAP BusinessObjects Business Intelligence platform through REST Web Services. The code requires SAP BI platform 4.0 SP05 or later.

The SAP BI server authenticates users using a logon token. Any time a REST method is sent to the server, a valid logon token must be sent within the header of that request. Only after the server validates the logon token will it respond to any REST methods.

Generating a Logon Token

We post the following XML template:

XML Template
<attrs xmlns=”http://www.sap.com/rws/bip“> <attr name=”userName” type=”string”> </attr> <attr name=”password” type=”string”> </attr> <attr name=”auth” type=”string” possibilities=”secEnterprise, secLDAP, secWinAD, secSAPR3″> </attr> </attrs>

XML Template

</attr>

</attr>

</attr>

</attrs>

to the following URI:

URI
http:// <Server IP>:<port>/biprws/logon/long/

JavaScript Implementation

In order to use AJAX to make the REST calls to the server, we must include the following JQuery libraries:

JQuery Libraries
<script src=”http://code.jquery.com/jquery-latest.js“></script> <script src=”scripts/jquery.json2html-3.0.js” type=”text/javascript”></script>

JQuery Libraries

Now we will define what we need in the REST request. We first set “headers” by setting the “type” of REST method to ‘POST’ and the “contentType” to either ‘application/xml’ or ‘application/json’ depending on the format we wish to use.
Next, we set the request body to the XML/JSON template that includes our authentication information. If all goes well, the server should return an XML string that contains the logon token. We must then parse through the XML data and retrieve the attribute named “logonToken”.
Finally, we must clean the logonToken of the XML transliteration ‘&amp’ to ‘&’. We will store this logon token in a string variable to be used later in future REST methods.

Javascript Function
function login(username,password) { $.ajax({url: server + ‘/biprws/logon/long’, type: ‘POST’, contentType: ‘application/xml’, dataType: ‘xml’, crossDomain: true, data: ‘<attrs xmlns=”http://www.sap.com/rws/bip“><attr name=”cms” type=”string”>localhost</attr>’ + ‘<attr name=”userName” type=”string”>’+username+'</attr><attr name=”password” type=”string”>’+password+'</attr>’ + ‘<attr name=”auth” type=”string” possibilities=”secEnterprise,secLDAP,secWinAD”>secEnterprise</attr></attrs>’, complete: function(xhr, status) { if (status != ‘error’ && xhr.responseText) { logonToken = “\””+tokenRE.exec(xhr.responseText)[1].replace(/&/g, ‘&’)+”\””; } }, error:function(xhr, textStatus, errorThrown) { console.log(“Error connecting to BOE server”);}, success:function(xhr, textStatus, errorThrown) { console.log(“Successfully logged on to BOE server”);}, beforeSend:function(xhr) { xhr.setRequestHeader(“Access-Control-Allow-Origin”, “*”);} }); }

Javascript Function

function login(username,password) {

$.ajax({url: server + ‘/biprws/logon/long’, type: ‘POST’, contentType: ‘application/xml’,

dataType: ‘xml’,

crossDomain: true,

data: ‘<attrs xmlns=”http://www.sap.com/rws/bip“><attr name=”cms” type=”string”>localhost</attr>’ +

‘<attr name=”userName” type=”string”>’+username+'</attr><attr name=”password” type=”string”>’+password+'</attr>’ +

‘<attr name=”auth” type=”string” possibilities=”secEnterprise,secLDAP,secWinAD”>secEnterprise</attr></attrs>’,

complete: function(xhr, status) {

if (status != ‘error’ && xhr.responseText) {

logonToken = “\””+tokenRE.exec(xhr.responseText)[1].replace(/&/g, ‘&’)+”\””; }

error:function(xhr, textStatus, errorThrown) { console.log(“Error connecting to BOE server”);},

success:function(xhr, textStatus, errorThrown) { console.log(“Successfully logged on to BOE server”);},

beforeSend:function(xhr) { xhr.setRequestHeader(“Access-Control-Allow-Origin”, “*”);}

});

}

C# Implementation

We will need the following class libraries for our C# implementation:

C# Libraries
using System.Net; using System.Web; using System.Xml; using System.IO;

C# Libraries

using System.Net;

using System.Web;

using System.Xml;

using System.IO;

Although the C# implementation shares many similarities with Javascript, there are a few more caveats that need to be addressed.

First we must create the XMLdocument object that will hold the XML template containing the user name and password. Next we create a byte array that will stream the output when we post our request.

XML Template
XmlDocument login = new XmlDocument(); login.LoadXml(“<attrs xmlns=’http://www.sap.com/rws/bip/‘><attr name=’cms’ type=’string’>localhost</attr><attr name=’userName’ type=’string’>”+userName+“</attr><attr name=’password’ type=’string’>”+pw+“</attr><attr name=’auth’ type=’string’ possibilities=’secEnterprise,secLDAP,secWinAD’>secEnterprise</attr></attrs>”;); byte[] dataByte = Encoding.Default.GetBytes(login.OuterXml);

XML Template

XmlDocument login = new XmlDocument();

login.LoadXml(“<attrs xmlns=’http://www.sap.com/rws/bip/‘><attr name=’cms’ type=’string’>localhost</attr><attr name=’userName’ type=’string’>”+userName+“</attr><attr name=’password’ type=’string’>”+pw+“</attr><attr name=’auth’ type=’string’ possibilities=’secEnterprise,secLDAP,secWinAD’>secEnterprise</attr></attrs>”;);

byte[] dataByte = Encoding.Default.GetBytes(login.OuterXml);

Now that we have our XML template ready to go, we set up our “Request Headers”. As you can see, we set the “Request.Method” to ‘POST’ as well as the “content type” to either ‘application/xml’ or ‘application/json’. Finally, we set the “ContentLength” to be the length of our XML array.

REST Request
HttpWebRequest POSTRequest = (HttpWebRequest)WebRequest.Create(server); POSTRequest.Method = “POST”; POSTRequest.ContentType = “application/xml”; POSTRequest.Timeout = 5000; POSTRequest.KeepAlive = false; POSTRequest.ContentLength = dataByte.Length;

REST Request

HttpWebRequest POSTRequest = (HttpWebRequest)WebRequest.Create(server);

POSTRequest.Method = “POST”;

POSTRequest.ContentType = “application/xml”;

POSTRequest.Timeout = 5000;

POSTRequest.KeepAlive = false;

POSTRequest.ContentLength = dataByte.Length;

In order to send our XML array within the REST request body, we create a stream object and then write it to an XML array.

IO
Stream POSTstream = POSTRequest.GetRequestStream(); POSTstream.Write(dataByte, 0, dataByte.Length);

Stream POSTstream = POSTRequest.GetRequestStream();

POSTstream.Write(dataByte, 0, dataByte.Length);

Now we create an HttpWebResponse object which we use to store the response using the StreamReader class. We then use methods to store the response into a string variable and clean up the XML template of transliterations by converting all “&amp” to “&”.

Server Response
HttpWebResponse POSTResponse = (HttpWebResponse)POSTRequest.GetResponse(); StreamReader reader = new StreamReader(POSTResponse.GetResponseStream(), Encoding.UTF8); loginToken = reader.ReadToEnd().ToString(); string loginToken2 = loginToken.Replace(“&”, “&”);

Server Response

HttpWebResponse POSTResponse = (HttpWebResponse)POSTRequest.GetResponse();

StreamReader reader = new StreamReader(POSTResponse.GetResponseStream(), Encoding.UTF8);

loginToken = reader.ReadToEnd().ToString();

string loginToken2 = loginToken.Replace(“&”, “&”);

Finally, we parse through the XML data to retrieve our logon token within the attribute “attr” named “logonToken” and store that in our final logintoken variable.

IO
using (XmlReader xreader = XmlReader.Create(new StringReader(loginToken))) { xreader.ReadToFollowing(“attr”); ltoken = “\”” + xreader.ReadElementContentAsString() + “\””; }

using (XmlReader xreader = XmlReader.Create(new StringReader(loginToken)))

{

xreader.ReadToFollowing(“attr”);

ltoken = “\”” + xreader.ReadElementContentAsString() + “\””;

}

The above code should be a turnkey key implementation for logging in to the BI platform server using REST Web Services.

6 Comments

You must be Logged on to comment or reply to a post.

Michael Howles

December 17, 2012 at 2:52 pm

Great primer post. Thank you!

Former Member

December 19, 2012 at 7:22 pm

How we acheive the same when using SSO

Jan Froehlich

April 19, 2013 at 12:29 pm

Hi Brian,

really great post on using the REST SDK.

Additionally I'd would like to improve your Javascript example a bit, so it makes use of the easier JSON notation:

$.ajax({

    url: server + "/biprws/logon/long",

    type: "POST",

    contentType: "application/json",

    crossDomain: true,

    headers: {

        "Accept": "application/json"

    },

    data: JSON.stringify({

        "userName": username,

        "password": password,

        "auth": "secEnterprise"

    }),

    success: function(inResponse) {

        console.log("Successfully logged on to BOE server");

        console.log("Token: " + inResponse.logonToken);

    },

    error: function(xhr, textStatus, errorThrown) {

        console.log("Error connecting to BOE server");

    }

});

With that code, there is no need to parse XML or clean it up in some way.

Maybe that is helpful for others too.

Jan

Former Member

May 13, 2016 at 4:46 am

Thank you for this wonderful article.

I have 1 question...I wonder if anyone can help me...?

Is it possible to hide the login credentials?

I need to distribute the html page with this javascript code.

I do not want the users to find out the login details...

Thank you...

Anthony MULLER

June 17, 2016 at 8:06 am

Hello Hayden,

To hide credentials, you can use other login way like "trusted authentication".

Best regards,

Anthony

Former Member

June 22, 2016 at 9:11 am

Thank you Anthony...As I do not have back-end solution, I ended up writing Javascript code that would kind of hide the credentials...

Using REST Web Services SDK to log into the BI Platform Server (JavaScript and C#)

Assigned Tags