We have released new versions of the SAP Cloud SDK. In detail, the following components are now available in new versions:
- Java libraries in version 3.11.0
- Java libraries in version 2.26.0
- Continuous delivery toolkit in version v28
At the end of the article, you will find a set of instructions on how to update to the new versions.
Java Libraries: Release Highlights 3.11.0
Please note that the previous issues with not-correctly uploaded artifacts is now resolved. 3.11.0 can be consumed from Maven Central as usual.
You can update your dependencies of the SAP Cloud SDK for Java to version 3.11.0 and consume the new version from Maven Central.
Principal from basic authentication
In this version we introduce a new
BasicAuthenticationAccessor to read the username and password from a Basic Authentication header of the currently incoming request on Cloud Foundry.
- Use it like the other
*Accessorclasses at any point while handling a request:
Try<BasicCredentials> basicCredentials = BasicAuthenticationAccessor.tryGetCurrentBasicCredentials();
- To handle the
Trygracefully you can write something like the following:
BasicCredentials basicCredentials = BasicAuthenticationAccessor.tryGetCurrentBasicCredentials().getOrElseGet(this::useFallbackCredentials);
- To provide custom logic into the accessor the default logic can be overwritten by using the
PrincipalAccessor now also reads the current principal from the newly introduced
BasicAuthenticationAccessor, in addition to the already existing way to read it from the current JWT. This functionality applies to Cloud Foundry. A valid JWT takes precedence over a Basic Authentication header.
The order of resolution is:
- If a principal is given in the current context (e.g. via
PrincipalAccessor.executeWithPrincipal(...)), this will we be used.
- Otherwise, if a JWT is given in the current context (e.g. via an incoming request or manually set via the
AuthTokenAccessor.executeWithAuthToken(...)methods) the principal is read from there.
- Otherwise, If there is no JWT or the resolution fails the user retrieved via the
BasicAuthenticationAccessorused (if existent).
- If no principal could be found with the steps above the
PrincipalAccessor.tryGetCurrentPrincipal()will contain an Exception.
Please take note that, as before, the SDK does not validate the correctness of the supplied authentication, which, along with authorization checks, is the responsibility of the application. For example, if you do not want to allow basic authentication, it is your responsibility to disallow corresponding requests. Still, our corresponding tutorial gives hints on how to realize that.
Accessing on-premise systems from SCP Cloud Foundry was updated, so that the authentication now follows the recommended protocol for principal propagation:
- Instead of populating two headers
Proxy-Authorizationfor on-premise requests, the SAP Cloud SDK now takes the recommended approach of just using
Proxy-Authorizationwith a dynamicly resolved User Exchange Access Token.
- We have introduced a
PrincipalPropagationStrategyfor configuring that the previous behavior should be used.
- If for compatibility reasons the previous approach should be used, you can adjust strategy with the following code snippet:
import com.sap.cloud.sdk.cloudplatform.connectivity.PrincipalPropagationStrategy; PrincipalPropagationStrategy.setDefaultStrategy(PrincipalPropagationStrategy.COMPATIBILITY);
We also added support for self-signed certificates (file extensions
.der) as trust store locations for HTTPS destinations.
Several further improvements are listed in the full release notes.
Java Libraries: Release Highlights 2.26.0
We have also released the SDK for Java in a new maintenance version 2.26.0. Everyone who did not yet upgrade to version 3 of the SDK for Java can consume that version from Maven Central.
For a complete view on what has changed, take a look at the full release notes.
Among several improvements, this version fixes an issue where creating
batch requests with
changeset did not enforce type safety. Now a
batch can contain only
changesets on entities of the given service instead of entities from different services.
As usual, the full release notes contain a list of all improvements in this release.
Continuous Delivery Toolkit: Release Highlights v28
We have also released version v28 of our out-of-the-box continuous delivery offering consisting of a ready-made Jenkins server and a complete delivery toolkit.
In this version the new Cloud MTA build tool (available as an option since v27) is used by default to build Multi-Target Applications (MTA). Please note that your
mta.yaml file might need some adjustments to work with the new MTA tool version. Read the documentation for more details on how to upgrate to the latest MTA build tool version. You can still use the classic MTA build tool by specifying it explicitly in the pipeline configuration.
We also updated the resilience quality check and the check for unofficial API to work with SAP Cloud SDK version 3.
How to Update
To update the version of the SAP Cloud SDK Java libraries used in an existing project, proceed as follows:
- Open the pom.xml file in the root folder of your project.
- Locate the dependency management section and therein the
- Update the version of that dependency to
With this, you are already done thanks to the “bill of material” (BOM) approach. Your dependency should look like this:
<dependencyManagement> <dependencies> <dependency> <groupId>com.sap.cloud.sdk</groupId> <artifactId>sdk-bom</artifactId> <version>3.11.0</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> <!-- possibly further managed dependencies ... --> </dependencyManagement>
If you update from a version prior to 3.0.0, have a look at our migration guide.
If you are using the SAP Cloud SDK in a project of the SAP Cloud Application Programming Model, replace
sdk-modules-bom to only update the version of SDK modules, not further dependencies.
You can now recompile your project (be aware of the compatibility notes, though) and leverage the new features of the SAP Cloud SDK in version 3.11.0.
Of course, you can also generate a new project that uses version 3.11.0 from the start by running the Maven archetypes for Neo or Cloud Foundry with
npm update in the root folder of your module. Note that this will also update other modules, unless you explicitly specify which packages to update. If you want to check beforehand what will change, use
Continuous Delivery Toolkit
If you are using the pipeline with a fixed version (as recommended since v7), update the continuous delivery toolkit with the following command, that you run on the server hosting the cx-server:
./cx-server update image