Skip to Content
Personal Insights

Connect HANA service on Cloud Foundry with SAP Analytics Cloud: My notes

For one of my projects, I was working on connecting my HANA service on SCP (Cloud Foundry) to SAP Analytics Cloud. In this quest, I looked through several blogs and the SAP help documentation. SCN has a wealth of information, and I found some really helpful blogs which helped me in my goal. In this blog I’d like to quickly put together all of them at one place and also jot down some issues I faced –  right from my Microsoft OneNote into SCN!

In simple terms this is what needs to be done:

  • Prep, configure and deploy HANA analytics adapter in your SCP CF account. This is basically a Multi Target Application delivered by SAP which acts as a bridge between SAC and the HANA service. This needs some modifications based on your SCP CF account before deployment.
  • Provide authorizations for the HANA analytics adapter to your SCP CF user.
  • Create DB user and provide privileges for the schema where you have your calc views, to this DB user.
  • Map your SCP CF user to the technical DB user using JWT tokens.
  • With the above steps, your HANA Analytics Adapter is ready for consumption in SAC. Create a Live Data Connection in SAC to your HANA service using the HANA Analytics Adapter application endpoint.
  • Configure SSO between your SAC tenant and the SCP CF account while using the same IDP for both the accounts.

Do note, in my case (as it was a POC) , and I wasn’t the administrator for at least one of them – so I did skip the SSO settings between SAC and SCP CF.

What are the blogs I referred:

Why do you need HANA analytics adapter? This blog post by Ingo Neumann gives a quick overview. (As we are interested in the SAP Hana Service and not on-premise, you can skip the rest of the blog if you will)

As mentioned in the same blog, refer to this blog post and the videos referenced in it by Philip MUGGLESTONE . I found this blog to be most useful to understand in detail the concept and also to get things up and running. Through these videos, you pretty much can see in action everything that is described in SAP’s official documentation here.

One other blog many of us must have used is Lucia Subatin‘s blog post here. This is a great reference, and this was one of the first blogs I referred to get the connection running. However, one of the key differences in this blog to the previous one is the HANA Analytics Adapter used. This blog uses the xsahaa-onprem version while the previous one uses the xsahaa-release version. What is different between the two – you can see in the documentation (screenshot below). If you follow this blog, I would recommend using the xsa-haa release instead through this video for the first part. The second and the third part can be used as is. I will touch upon why in the next part.

Issues:

With a recent chrome update, the connection between my SAC and HANA service stopped working. On further probing in my network trace, I noticed that the following call was failing,

I also noticed in the request headers the session cookies (JSESSIONID and __VCAP_ID__) were not being sent to the server, so naturally this call failed. I then found this blog post which discusses why the live direct connection fails with the chrome update. To make sure this is the issue, you can see in your chrome developer tools what is the value for “SameSite” for your cookies retuned from the server for your HAA.

The same blog refers to this documentation to get around the issue. Basically the solution is to get the HAA application to issue cookies with the attribute SameSite:None. We do this by

  • adding a new property COOKIES: ‘{“SameSite”: “None”}’ for your approuter, in the mta.yaml.
  • update your approuter dependency in package.json.
  • Rebuild and redeploy the HAA mtar.

You can verify the “SameSite:None” attribute and value again is set:

Cheers!

1 Comment
You must be Logged on to comment or reply to a post.
  • Hi, Radhika,

     

    I tried to add property COOKIES: ‘{“SameSite”: “None”}’  for approuter in mta.yaml.  It doesn’t set __VCAP_ID__’s SameSite but only makes JSESSIONID’s SameSite to be None.  According to approuter doc: https://github.wdf.sap.corp/xs2/approuter.js#additional-cookies-configuration, it seems only working for JSESSIONID.  However, __VCAP_ID__ is also set successfully in your last two screenshots.  So, how did you make it work for __VCAP_ID__ and could you share more information.  Thanks.

     

    Best Regards,

    Wayne