Skip to Content
Product Information
Author's profile photo Eric Yew

SAP Analytics Cloud – Live connections to on-premise data systems (CORS recommended)

Prior to 2018.22 release of SAP Analytics Cloud, customers had two choices for establishing live connections to their on-premise data systems (i.e. SAP HANA, SAP BW, SAP BusinessObjects Universes, etc):

  • Live connections via Path (aka Reverse Proxy approach)
  • Live connection via Direct (aka CORS approach)

 

As of 2018.22 release, creation of Live connections via Direct will be the recommended choice going forward. This has the following impact:

  • New customer tenants provisioned on 2018.22 release or after, will only have the option to create Live connections via Direct (CORs approach). The option for Live connections via Path will not be available.

 

Existing customer tenants provisioned prior to 2018.22 release will not be impacted. If there are already existing Path connections created in the system, these Path connections will remain supported by SAP Analytics Cloud. However, it is recommended for customers to consider creating Live connections via Direct going forward.

 

This decision was taken for the following reasons:

  • Connectivity setup is simpler via CORs approach.
  • For connectivity scenarios within corporate network, there is no need to deploy additional hardware which would have been necessary to support a Reverse Proxy approach.
  • SAP Analytics Cloud embedded scenarios with SSO would not be possible to support via Reverse Proxy approach.

 

Please refer to the SAP Analytics Cloud – Data Connection Guides for more information on setting up live connections via Direct approach to on-premise data systems: https://www.sapanalytics.cloud/guided_playlists/

Assigned Tags

      5 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Charlie Lin
      Charlie Lin

      Thanks, Eric. I have one question regarding the following. For the existing customers after 2018.22, will still they see the path option if they want to create new connection? Or just for the existing path connection, there is no impact.

      "Existing customer tenants provisioned prior to 2018.22 release will not be impacted. If there are already existing Path connections created in the system, these Path connections will remain supported by SAP Analytics Cloud. "

       

      Best regards,

      Charlie Lin

      Author's profile photo Eric Yew
      Eric Yew
      Blog Post Author

      Hello Charlie.

      For customer tenants which already have existing PATH live connections created prior to 2018.22 release, the option to create new PATH connections will still be available. As mentioned, existing PATH connections will also remain supported.

      Eric

       

      Author's profile photo Daniel Spokoinyi
      Daniel Spokoinyi

      Hi Eric, is there a requirement for CORS on the kernel the same as for live connection to BW.

      is says here:

      • If you are using SAP BW7.4 SP17+, to create live connections that use CORS, you must ensure your SAP BW Kernel is patched at 7.49 315 or higher

      https://help.sap.com/doc/00f68c2e08b941f081002fd3691d86a7/release/en-US/11b4e5ff76eb4747bc255d7037be1f01.html#loio11b4e5ff76eb4747bc255d7037be1f01__p_connectimport

       

      Thanks

       

      Daniel

      Author's profile photo Denys van Kempen
      Denys van Kempen

      For those interested,

      Should the architecture require no direct connection from the internet to the SAP HANA system and should you prefer to use Apache over SAP Web Dispatcher or other approaches,  there is a blog with videos how to configure Apache SSL reverse proxy for use with SAP Analytics Cloud Live Connections (using CORS):

       

      Author's profile photo Jens Schwendemann
      Jens Schwendemann

      This is very much needed. I cannot for the live of me get my head around the reasoning behind direct connection. Does SAP seriously consider forcing all users back to a VPN based world? This is especially true for mobile scenarios where turning on a vPN could mean that most of the (internet) facing apps will not work anymore (subject to security constraints of your company). I would think reverse proxy approach would be the "go-to" setup.

      I acknowledge the use of CORS in principle but SameSite cookie disaster with Chrome showed flaws  or at least some "teething pains" in that concept.

      Cheers

      Jens