This was something for which i banged my head a lot to find out solution. So thought of publishing this so that others can easily use this.

When an application is deployed on Hana cloud Platform any user can access the application from HTML5 link as well. To prevent this unauthorized access , application level authentication is necessary.

Steps to achieve this:

1. Create roles for WebIde subscription, these roles will be visible for all HTML5 application.

2.Create new role



3.Assign users to the newly created role

4.Go to HTML5 application



5. In application permission section , choose the newly created role



6. In the application , specify the Security constraint parameter with the permission name to be authenticated

{

"authenticationMethod": "saml",

.....

"securityConstraints": [

{

"permission": "AccessApplicationDescriptor",

"description": "Access User Data",

"protectedPaths": [

"/"

],

"excludedPaths": [

"/logout/**"

]

}

]

}

7. For more information , refer https://help.hana.ondemand.com/help/frameset.htm?aed1ffa3f3e741b3a4573c9e475aa2a4.html

8. ProtectedPaths should be “/” to restrict access to complete application (all views) .

9. If you specifiy a file name eg : /neo-app.json in protectedpaths parameter and try to access the neo-app.json file it will give an error but will allow to access the complete application.

 

Hope this would reduce lot of efforts for many people.

 

Happy Learning!! Thanks !!!