Skip to Content
Author's profile photo Vinod Patil

SAP Portal -Fiori LaunchPage/ LaunchPad (UI5 applications) Integration

Hey all,

We are in process of implementing Fiori Wave 1 Applications. SAP Portal Integration is required for below 2 primary reasons-

  1. SAP Portal UME is connected to organization’s LDAP (Active Directory). We want users to use same AD credentials to access Fiori applications from SmartPhones/ Tablets and Desktops to keep the experience same (main purpose behind UI5 applications).

   2. We have been using SAP Portal as a single point of entry for all SAP systems- ECC, SRM, CRM, BW, BOBJ, GRC, MDG etc. Portal is our preference for        accessing Fiori too.

As most of the SAP documentation/ SCN blogs suggest, we tried implementing Portal on Device. We created UI5 iView to access Fiori Launchpage and added that iView to Mobile Portal Launcher.  But even though we set iView to open in separate window,  it fails to open in separate window on Mobile.

This makes it impossible to navigate from launchpage to applications by clicking on Tiles.

Another way out was instead of integrating Fiori Launchpage/LaunchPad, create separate iViews for each Fiori application. But this way, we lose the beautiful LaunchPad which has capabilities of dynamic tiles, groupings. In this case we also cannot use Gateway PFCG roles created for Fiori Catalogs.

So here is solution which works perfectly fine.

Configure SSO between SAP Portal and SAP Gateway system

We achieve SSO between portal and gateway system using SAP Login Tickets.

Export Portal Certificate and import into SAP Gateway system using STRUSTSSO2 transaction code and maintain other parameters. This is standard process.

Create URL iView

Use URL iView template and create a iView with below properties:

  1. URL: http://gatewayhost:gatewayport/sap/bc/ui5_ui5/ui2/launchpage/home.html

   b.  Height Type: Full Page

  1. Launch in New Window: Display in Separate Window

Note that I have specified URL points for Fiori Launchpage.You can use Fiori LaunchPad or any UI5 application URL.

Create a standard Portal Role and add above iView to it as shown below.


Image2.png


Now use below URL for accessing Fiori launchpage/launchpad directly.

http://portalhost:portalport/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.test!2ffiori!2froles!2fcom.test.fiori!2fcom.test.iv.fiorilaunchpad_url

It is direct URL to iView under Portal role.  We can use portal PCD permissions so that only users having this portal role can access it.

Test Results:

We have performed tests on mobile as well as desktops and it works perfectly fine.

Below are results with screenshots from Mobile device.

  1. Open URL:

http://portalhost:portalport/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.test!2ffiori!2froles!2fcom.test.fiori!2fcom.test.iv.fiorilaunchpad_url

Image3.png

Note that this is standard Portal Login Page which adapts for Mobile devices. We have not enabled Portal on Device for it.


As soon as user provides credentials to login, user automatically gets redirected to Fiori Launchpage.


Image4.png


User logs off from Fiori Launchpage


Image5.png

Above Logout will log off user just from Gateway and not portal.

We configured log off service of Gateway so that it redirects log off URL to a custom application deployed to Portal.


Image6.png


Custom application (com.testr.logoutFiori) contains simple Java servlet (logoff) which simply logs off user from portal and redirects to

http://portalhost:portalport/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.test!2ffiori!2froles!2fcom.test.fiori!2fcom.test.iv.fiorilaunchpad_url

Thus, user gets logged off from Gateway , Portal and comes back to starting URL.

You can ask that instead of custom application why not redirect log off ICF service to below URL-

https://Portalhost:PortalPort/irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.masthead.LogOutComponent?logout_submit=true

This logs off user from Portal but redirects to https://Portalhost:PortalPort/irj/portal instead of
http://portalhost:portalport/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.test!2ffiori!2froles!2fcom.test.fiori!2fcom.test.iv.fiorilaunchpad_url

Hope this helps. Please do post your comments and let me know your thoughts on this.

Enjoy,

Vinod Patil


Assigned Tags

      19 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Jonathan Groll
      Jonathan Groll

      Thanks Vinod. This is most helpful.

      I was wondering if you could share the code of the custom Java logoff servlet?

      Author's profile photo Hernan Henriquez
      Hernan Henriquez

      SAme here I would love to see that Java Logoff servlet.

      also does that code kill JSESSIONID?

      Author's profile photo Vinod Patil
      Vinod Patil
      Blog Post Author

      Here is logoff code- Its simple Servlet with doGet method as below

      protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

              // TODO Auto-generated method stub

              UMFactory.getLogonAuthenticator().logout(request, response);

        // now simply redirect to URL iView     

              response.sendRedirect("/irj/servlet/prt/portal/prtroot/pcd!3aportal_content!2fcom.test!2ffiori!2froles!2fcom.test.fiori!2fcom.test.iv.fiorilaunchpad_url");

            

            

          }

      Author's profile photo Mohammad Anoarul Islam
      Mohammad Anoarul Islam

      Hi Vinod Patil,

      thanks a lot for sharing this wonderful documents...

      We have another scenario apart from your one. We need to use FIORI apps from outside of Domain ( i.e from Internet ) but with Employee Domain (AD userid) ID.

      We have SAP Webdispatcher on DMZ which connects Firor Front End server ( SAP NW 7.4). But right now we are using front end user id /password to login.

      We need to use AD for authenticating the employee.

      Could you please provide your valuable comments on this...

      Regards,

      Mohammad Anoarul Islam

      Author's profile photo Vinay Baji
      Vinay Baji

      Thanks a lot for this! worked perfectly as per my requirement.

      Author's profile photo Pablo Acevedo
      Pablo Acevedo

      Hi Vinay B

      Please could you tell me how to get the direct URL of the iView assigned to the role?


      Regards,

      Pablo

      Author's profile photo Vinay Baji
      Vinay Baji

      Hello Pablo,

      You could consider using a short url. I used a very crude method to call my iview which is inside the role. Suppose the iview location within the role is something like:


      portal_content/com.fol.Portal_Content/fol.fiori_content/com.rl.fiori_role/com.iview.fiori_dashboard

      then I replaced the '/' with '!2f'

      so my path to the iview became something like:

      http://hostname:portno/irj/servlet/prt/portal/prtroot/pcd!3aportal_conten!2fcom.fol.Portal_Content!2ffol.fiori_content!2fcom.rl.fiori_role!2fcom.iview.fiori_dashboard

      hope the help wasn't too late 😉

      Regards,

      Vinay

      Author's profile photo Pablo Acevedo
      Pablo Acevedo

      Hi Vinay,

      Thank you so much for your answer.

      I commented that I could and get the direct URL iView. But I have one last question, and I can not create the portal application. Could you please tell me how to create it  and call the servlet?.

      thank you so much

      Best Regards.

      Pablo

      Author's profile photo Vinay Baji
      Vinay Baji

      Do you mean to say that you are unable to create the URL iview?

      What sort of portal application are you looking to create?

      Regards,

      Vinay

      Author's profile photo Pablo Acevedo
      Pablo Acevedo

      Hi Vinay,

      Apparently I express  incorrectly, but if I could create a URL iView and I could get the direct URL iView. Now, my problem is how to create the application that calls the servlet and logs out of Portal. As Vinod mentioned, when you logoff in Fiori, this leads to standard logoff FIORI. So it is necessary to return to the top (direct URL iView). But the problem is the session Portal remains open.

      From already thank you very much for the help.

      Regards.

      Pablo.

      Author's profile photo Vinay Baji
      Vinay Baji

      Aah! Now I get it. My Bad!

      This is what we did: Use NWDS to create a new application, use the code mentioned by Vinod in the comments, and deploy it on the portal.

      Once this is done, maintain the path to the application in the logoff configuration as explained above.

      Regards,

      Vinay

      Author's profile photo Pablo Acevedo
      Pablo Acevedo

      Hi Vinay,

      Indeed that is what needs to be done, the problem is the how. Because as I understand, it is necessary to perform a Portal application and from this, call the servlet code delivered by Vinod. Could you tell me how to develop the Portal application and call the servlet?

      From already thank you very much.

      Regards.

      Pablo

      Author's profile photo Vinod Patil
      Vinod Patil
      Blog Post Author

      Hello,

      Create  a simple web project (normal) and deploy it. Call the serv directly (no need to create iView).  You don't need any special portal application.

      Regards,

      Vinod Patil

      Author's profile photo Pablo Acevedo
      Pablo Acevedo

      Hi Vinod,

      Thanks for your prompt reply, but my problem is: how to create web project and call this servlet. could you tell me how to create and call webproject servlet?

      From already thank you very much

      Regards.

      Author's profile photo Vinay Baji
      Vinay Baji

      Hello Pablo,

      Did you download SAP NWDS? Download that and then you could probably refer to this link:

      https://help.sap.com/saphelp_nw70ehp1/helpdata/en/fd/ed32a8c9994b4ba4a1645a764814db/content.htm

      It gives you a step by step guide to create an application.

      Note that Vinod has already shared the code that needs to be placed for the application that needs to be created for the current requirement.

      Regards,

      Vinay

      Author's profile photo Pablo Acevedo
      Pablo Acevedo

      Hi Vinay,

      Finally i not developed an application and calling servlet, but i created a JSP that calls the component portal session close it,(http://portalhost:portalport/irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.masthead.LogOutComponent?logout_submit=true), and After that, I redirected to login.

      Thank you for all the assistance.

      Regards.

      Author's profile photo Pablo Acevedo
      Pablo Acevedo

      HI Vinod Patil

      Please could you tell me how to get the direct URL of the iView assigned to the role?

      I tried the following url but do not look anything like that indicate your

      http://portalhostportalport/irj/portal?NavigationTarget=ROLES://portal_content/com.sap.pct/com.alemana.Grupo_Alemana/com.sap.cas.fiori.Fiori/com.sap.cas.launchpad_fiori.iv.launchpad_fiori

      Regards

      Pablo

      Author's profile photo Vinod Patil
      Vinod Patil
      Blog Post Author

      Hello Pablo,

      Preview iView from content admin and use network sniffer to get URL similar to one I mentioned in blog.

      Regards,

      Vinod

      Author's profile photo Vinay Baji
      Vinay Baji

      Hi Vinod Patil

      It appears that with the recent app upgrade, Fiori client refuses to take the exclamation as an accepted character for URL's. Without that, we wouldn't be able to redirect to the iView within the role. Do you see any workaround for this?

      Regards,

      Vinay