Tuesday, June 28, 2011

Deploying SAP Dashboard (formerly Xcelsius) - Crossdomain policy file

Cross domain policy file is an important configuration to consider while deploying SAP Dashboard(formerly Xcelsius). The SAP BW Quality dashboard, that I recently worked on, is deployed on the BusinessObjects Infoview and  pulls data from SAP ECC and SAP BW for reconciling Orders and Revenue numbers. The flash object that Xcelsius creates run in the browser on the client machine. It follows the security guidelines set by Adobe while accessing external data.

Adobe has introduced a new security policy for the flash palyer 9 & 10. That prevents the Xcelsius dashboard from accessing data from external sources and throws error #2170. In my case, external sources are ECC and BW. To get around this, the cross domain XML file needs to be updated with the following tag:

<allow-http-request-headers-from domain="*" headers="*" secure="false" />

The crossdomain.xml is located at <BusinessObjects installation directory>\Tomcat55\webapps\ROOT\ and should look like this-

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-http-request-headers-from domain="*" headers="*" secure="false" />
   <allow-access-from domain="*" secure="false" />
</cross-domain-policy>

Update the file, restart Tomcat (web server) and you're done!

Monday, June 27, 2011

Deploying SAP Dashboard (formerly Xcelsius) - OpenDocument settings

Recently, I developed Xcelsius based dashboard for SAP BW Quality. Purpose of the dashboard is to provide the users with real time information of BW data loads, display ECC and BW values reconciliation and smart alerts based on business processes. The dashboard is published to BusinessObjects Infoview.

As part of the requirements,  business needed a direct URL to the dashboard such that the users are presented with the dashboard directly upon login. I published an OpenDocument URL for the dashboard. However, there is a setting for authentication type in the web.xml within the path . This setting determines the default authenticate type to be used. Also, the same web.xml has a setting whether to allow users to change the authentication type (for example SAP, Enterprise, etc.) 

<!-- You can specify the default Authentication types here -->
<!-- secEnterprise, secLDAP, secWinAD, secSAPR3 -->
<context-param>
    <param-name>opendoc.authentication.default</param-name>
    <param-value>secSAPR3</param-value>
</context-param>
 <!-- Choose whether to let the user change the authentication type -->
<!-- If it isn't shown the default authentication type from above will be used -->
<context-param>
<param-name>opendoc.authentication.visible</param-name>
<param-value>false</param-value>
</context-param>


We give out Enterprise IDs to end users. On the server side, these IDs are mapped to their SAP BW credentials. Strangely, the default authentication was set to 'SAP' instead of 'Enterprise'. I suspect 'SAP integration kit' as a culprit.

I updated the web.xml as follows:

<!-- You can specify the default Authentication types here -->
<!-- secEnterprise, secLDAP, secWinAD, secSAPR3 -->
<context-param>
<param-name>opendoc.authentication.default</param-name>
<param-value>secEnterprise</param-value>
</context-param>

Restarted the web server (tomcat) and change was in place. I did not change the setting for selecting authentication type as that could have been confusing for the users.