Skip to Content
Author's profile photo Bharath B N

BI Platform REST SDK (RWS) in BOE 4.2

This blog describes:-

  • BI Platform REST Webservices (biprws) BOE 4.2 SP05,
  • Configure REST Service for Fiorified BI Launchpad,
  • BI Platfrom Web-services on Web Server (Apache Tomcat),
  • Configuration of biprws.properties on Web Server,
  • Authentication Support and configurations

BI Platform RWS:

BOE 4.2 SP04 BI Platform REST Webservices deployment supports only WACS (Web Application Container Server).

From BOE 4.2 SP05 onwards, biprws deployment supports:

  1. WACS(Web Application Container Server) and
  2. Apache Tomcat
BI Platfrom REST Services URL http://<host>:<port>/biprws/

where

<host> – the name of the web server for BI platform.

<port>  – the port number for the platform.

Version1 of biprws is introduced in 4.2SP03.

Supported Servers       : WACS, Tomcat (4.2 SP05+)

BIP RWS APIs URI v1 : http://<host>:<port>/biprws/v1/

Data Formats               : XML and JSON

 

Configure REST Service for Fiorified BI Launchpad:

Fiorified BI Launchpad completely depends on REST SDK.

why to set REST URL in CMC?

     Answer : The REST SDK URL mentioned in CMC will be used by Fiorified BI Launchpad.

How to set REST URL in CMC?

Answer: Navigate in CMC Applications -> RESTful Webservices -> Right click and select     properties and Change the URL.

 

Web Application deployment on Apache Tomcat:

name : biprws

BI Platform REST services will be deployed as webapp in web server (tomcat) like AdminTools, biodata, BOE, dswsbobje…..

 

webapp is also available in below path of installed machine: \warfiles\webapps

 

Configuring BI Platform RESTful Web Services on Web Server:

Admin needs to configure biprws.properties file .

 

To customize the configuration for RESTful web services, follow the steps below:

  1. Copy the file: <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps \biprws\WEB-INF\config\default\biprws.properties to <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps \biprws\WEB-INF\config\custom\biprws.properties and then open it for editing.
  2. Modify the parameters as required and Restart Tomcat Server.

    Given below is a table describing the properties shown in the screenshot.

    Property

    Description

    Default Value

    Default_Number_Of _Objects_On _One_Page

    The number of entries that will be listed per page. You can override this setting with the&pageSize=<m> parameter in the RESTful Web Services SDK.

    50

    Enterprise_Session_ Token_Timeout_In_Minutes

    The expiry time a logon token will remain valid for. Beyond this time, you need to generate a new logon token.

    60

    Session_Pool_Size

    The number of cached sessions that can be stored at any point in time. The session pool caches active RESTful web service sessions so they can be reused when a user sends another request that uses the same logon token in the HTTP request header.

    1000

    Session_Pool_Timeout_In_Minutes

    The time in minutes after which the cached sessions will expire.

    2

    LogLevel

    Enables logging and sets the level of severity and detail to None (only critical eventslogged), Low (startup, shutdown, start and end request messages), Medium(error, warning and most status messages) or High (Nothing excluded. It is used for debugging only. The CPU usage may increase, thereby impacting performance).

    The available menu choices are:

    • Unspecified
    • None
    • Low
    • Medium
    • High

    Unspecified

    Retrieving_Method

    This setting is a menu that sets which query method will be used to retrieve trusted authentication logon tokens when using the RESTful web service API /logon/trusted.

    ·       HTTP_HEADER is used for GET queries with the request header accept=application/xml (or application/json).

    ·       QUERY_STRING is used to add a logon name to the end of a URL query using the RESTful Web Service API, for example /logon/trusted/?user=johndoe.

    ·       COOKIE is used when the login name is retreived from a web browser cookie. The domain, name, value and path must be stored in the cookie.

     

    HTTP_HEADER
    User_Name_Parameter

    The label used to identify the trusted user for the purposes of retrieving a logon token.

    X-SAP-TRUSTEDUSER
    Trusted_Auth_Shared_Secret

    The string value generated by following the steps mentioned in the sectionGenerating a Shared Secret Value

    Unspecified

 

Trusted Authentication for RESTful Web Services on Web Server:

The topic provides instructions to enable trusted authentication for RESTful web services on Tomcat application server.

Follow the steps below to enable trusted authentication:

  1. Generate a shared secret key. Refer to Generating a Shared Secret Value for more information.
  2. Save the shared secret key at <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\java\pjs\container\bin in Windows.
  3. Open the shared secret key in a text editor.
  4. Copy the shared secret key.
  5. Copy the file <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps\biprws.properties to <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps \biprws\WEB-INF\config\custom\biprws.properties.
  6. Open the biprws.properties file in a text editor.
  7. Paste the shared secret key against the value Trusted_Auth_Shared_Secret=.
  8. Add the Retrieving Method and User Name Parameter. Refer the table above to add the Retrieving Method and User Name Parameter.
  9. Save the biprws.properties file.
  10. Restart the web server.

 

X.509 Authentication for RESTful Web Services on Tomcat:     

In public key cryptography, X.509 is a standard that defines the requirements for a secure digital certificate. An X.509 certificate verifies the possession of the public key by a user or a services identity.

You can now enable X.509 authentication for RESTful web services on Tomcat application server by following the steps below:

  1. Enable SSL on Tomcat. Refer to Configuring SSL on Tomcat for more information.
  2. Generate a shared secret key. Refer to Generating a Shared Secret Value for more information.
  3. Open the shared secret key in a text editor.
  4. Copy the shared secret key.
  5. Edit the biprws.properties file.
    1. Go to <INSTALLDIR>/tomcat/webapps/biprws/WEB-INF/config/default.
    2. Open the biprws.properties file in a text editor.
    3. Search for Trusted_Auth_Shared_Secret=.
    4. Paste the shared secret key against the value Trusted_Auth_Shared_Secret=.
    5. Save the biprws.properties file.
  6. Restart Tomcat.

 

Vintela single sign-on for RESTful Web Services:

Some client tools require authentication through RESTful web services. Follow these steps to enable single sign-on (SSO) for web services.

  1. Copy the file <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps\biprws.properties to <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps \biprws\WEB-INF\config\custom\biprws.properties, and then open it for editing.
  2. To enable Kerberos SSO for Windows Active Directory (secWinAD) authentication, set sso.enabled to true.
    Specify the following mandatory options:

    • idm.realm (the same as the default_realm specified in the Krb5.ini file).
    • idm.princ (the same as specified for idm.princ in the global.properties file located at<INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps\BOE\WEB-INF\config\custom).
    • idm.keytab (the same as specified for idm.keytab in the global.properties file located at <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps\BOE\WEB-INF\config\custom).
    • idm.allowUnsecured parameter must be set to true if SSL is not in use with the Java application server. For more information about Tomcat SSL, see the Knowledge Base Article ID:1484802
  3. Use WDeploy to redeploy the WAR file on the web application server. For information on using WDeploy, see the SAP BusinessObjects Business Intelligence Platform Web Application Deployment Guide.
  4. Restart Tomcat.
  5. To test your settings, on the client machine, open any browser and launch the URL: http://<WebAppServer>:<portnumber>/biprws/v1/logon/adsso.The REST token must appear as a response to the API.
  6. More Info: https://launchpad.support.sap.com/#/notes/1646920

 

Learn More:

https://blogs.sap.com/2017/05/16/fiorified-bi-launchpad-in-boe-4.2/

https://blogs.sap.com/2017/05/10/query-the-businessobjects-repository-using-bi-platform-rest-sdk-rws/

https://blogs.sap.com/2017/04/16/bi-platform-rest-sdk-version1/

https://blogs.sap.com/2017/04/21/session-management-in-bi-platform-rest-sdk-rws/

https://help.sap.com/viewer/product/SAP_BUSINESSOBJECTS_BUSINESS_INTELLIGENCE_PLATFORM/

Assigned Tags

      20 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      What’s New in SAP BOE 4.2 SP05:

      https://www.sap.com/documents/2017/12/529564fc-e47c-0010-82c7-eda71af511fa.html#

      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      What's new in SAP BOE 4.2 SP05 Video:

      https://www.youtube.com/watch?v=zYRIx4S9gW0&list=PLufF7pZxICBhpoEF3TNcCvwscm5_7zgHP

       

      Author's profile photo Santhosh Kumar Alladi
      Santhosh Kumar Alladi

      Hi Bharath, thanks for a great post. We did configure Restful web services in CMC as mentioned and we get response in XML format when we open the browser with  restful web services URL http://servername:6405/biprws. However, we can't find any folder "biprws" in both locations

      <INSTALL_DIR>:\BOE4\SAP BusinessObjects Enterprise XI 4.0\warfiles\webapps

      <INSTALL_DIR>BOE4\tomcat\webapps

      Hence, we are unable to proceed further with rest of configuration steps. Could you help?

      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      Hi Santhosh,

      Please share the BOE product version.

      War file is available from BOE 4.2 SP05.

      -

      Bharath

       

      Author's profile photo Santhosh Kumar Alladi
      Santhosh Kumar Alladi

      We are on BOE 4.2 SP03.

      Author's profile photo Santhosh Kumar Alladi
      Santhosh Kumar Alladi

      Will deploy SP05 on Sandbox, update you. What's the advantage of V1 -  http://<host>:<port>/biprws/v1/ ?

      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      https://blogs.sap.com/2017/04/16/bi-platform-rest-sdk-version1/

       

      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      https://answers.sap.com/questions/402417/sap-bi-42-sp5-fiori-bilaunchpad.html?

      Author's profile photo James Halligan
      James Halligan

      Hi there,

      have you ever received the error below trying to install the web tier on a web server. We have eliminated any firewall or security issues. We try to authenticate against the CMS, but get the error when we enter administrator name and password

      Either the remote CMS cannot be reached, or the logon credentials are incorrect INS00013

       

      regards

      James

       

       

       

      Author's profile photo Mohammed Ashraf
      Mohammed Ashraf

      Hi James,

      Check if the CMS machine host is reachable from web tier machine.

      If not, then make host entries of the machines and try again.

      Thanks

      Ashraf

      Author's profile photo Richard Kromkamp
      Richard Kromkamp

      Hello,

      I get a 404 Unable to access the current page when following the link to generate a new shared key. I am logged on using my OSS id, and haven’t had this happen before. Anyone else see this and is there something I may be doing wrong?

      Found the updated link here:

      https://help.sap.com/viewer/2e167338c1b24da9b2a94e68efd79c42/4.2.5/en-US/e5f17b389eea4402844ac5d759acc0ba.html

      If that's not working, it can be found in the BI Platform Administrators guide on help.sap.com.

      These are the steps as of this posting:

      1. Launch Central Management Console.
      2. Go to Authentication  Enterprise.
      3. Under Trusted Authentication, check the box against Trusted Authentication is enabled.
      4. Choose New Shared Secret. This will generate the shared secret key.
      5. Choose Download Shared Secret and then Update.
      6. Copy the downloaded file TrustedPrincipal.conf to <INSTALLDIR>\SAP BusinessObjects Enterprise XI 4.0\java\pjs\container\bin in Windows.

      Rick

       

      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      Right steps. 🙂

      For which  page you are getting 404 error ?

       

      Author's profile photo Richard Kromkamp
      Richard Kromkamp

      Any of the links in the main thread for “Generate a shared secret value”. I logon using my OSS id, which I use for everything in the SAP world, and it gives me that 403 error (my bad .. it was a 403 error, not 404 as originally posted).

      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      This link you are getting 403 ?

      https://help.sap.com/viewer/2e167338c1b24da9b2a94e68efd79c42/4.2.5/en-US/e5f17b389eea4402844ac5d759acc0ba.html

       

       

      Author's profile photo Dell Stinnett-Christy
      Dell Stinnett-Christy

      A couple of comments for configuring Trusted Authentication for the RESTful Web Services on Tomcat in 4.2 SP6 (based on info I received from a ticket I had to open to get this working):

      1. You actually have to update the default biprws.properties file in addition to creating the custom biprws.properties file in order to get this to work.
      2. Check your TrustedPrincipal.conf file.  The original one from our system (after upgrading from 4.2 SP5) appeared to have line-feed characters in it so it didn’t work.  I had to re-generate the Shared Secret in order to get this to work.
      3. In addition to putting the TrustedPrincipal.conf file in the folder indicated above, also put it in the w64_x64 folder.

      -Dell

      Author's profile photo Muslum Celik
      Muslum Celik

      Hello,

       

      I m tryig to make a secure connection to Fiori Laucnhpad. But i get restful service error. Does it support ssl on webshere or not? I couldnt find any post about that.

       

      regards,

      Author's profile photo Bharath B N
      Bharath B N
      Blog Post Author

      check CMC-> Applications -> RESTFull Webservices

      which URL it is pointing to and check the URL is responding.

      Author's profile photo Joe Peters
      Joe Peters

      In WACS we can enable an error stack trace for REST.  How is this done in Tomcat?

      Author's profile photo Roopa Puranik
      Roopa Puranik

      Bharath, What port numbers are used by the SDK that open up connections to the CMS server? Thanks

      Author's profile photo SGBD .
      SGBD .

      Hello,

      we have a problem with RESTful service (fiori logon, live office) since the migration from 4.2 SP5 to SP7.

      We think the problem is linked with the configuration of the logger properties of the biprws.properties at 4.2 SP5,

      This was :  LogLevel=High

      But now at SP7 this is :

      Log_Level=Medium

      Log_Location=

      We have tried with Log_Location=E:/LOGS but can't make it work .. (we have checked the permissions, url restful...).

      Could you help me ?

      Thank you