cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

In standard-alone CAP project, How to skip the xsuaa authentication if using "sap/cds6" module

minjie_lao
Product and Topic Expert
Product and Topic Expert

on ‎07-13-2023 6:44 PM

0 Kudos

Hi,

Initially, I built a standard-alone CAP project with "sap/cds5" module, and as per our use case, there is private entity and public entity which are defined in srv/private_srv.cds and srv/public_srv.cds file.

And we use following annotation to restrict the private entities can only be accessed by authenticated users.

 @requires: 'authenticated-user'

But for public entities, we will not use above annotation, so that user can directly access the entity without authentication by calling public link: https://subaccount.cdsservice.com/public/myPublicEntity

This configuration is working perfectly when using "@sap/cds: 5" module.

But when we tried to upgrade the node module from version5 to version6.we found the authentication become mandatory for the public link, and giving "401: no authorization " error when calling the API.

Anyone knows why this happened?

The public

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Arley
Advisor
Advisor
‎07-14-2023 3:07 PM

In the @sap/cds version 6 (Node.js runtime), you can turn off this default behavior by using the feature flag `cds.env.requires.auth.restrict_all_services: false`. Alternatively, you can explicitly use mock authentication in production.

Show replies
Show replies
vansyckel
Advisor
Advisor
‎07-14-2023 1:42 PM

Hi Minjie,

The default had to be changed to restricted due to security standards. See https://cap.cloud.sap/docs/releases/archive/2022/jun22#auth-by-default

Best,
Sebastian

Show replies
Show replies
minjie_lao
Product and Topic Expert
Product and Topic Expert
‎07-15-2023 2:01 PM
0 Kudos

Thanks Sebastain and Arley,

After i added following setting in my package.json, problem solved.

Please note, i repeat the setting twice, because the "production" configuration is called when project deployed and run on cloud foundry.

name:"myapp",
version:"1.0.0"
....
cds:{
.....

require:
"auth":{
"kind":"xsuaa",

"restrict_all_services":false
},

"[production]":{
auth:{
"kind:"xsuaa",

"restrict_all_services":false
}
}

}
Show replies
Show replies
Ask a Question