Well, our friend Wikipedia states the definition of Cross Origin Resource Sharing, something like this: Cross-origin resource sharing. Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.
Well, let’s dig deep!
Cross Origin Resource Sharing (CORS) actually defines a set of HTTP headers which provide guidance to browsers for whether they are allowed to embed content coming from one domain into a page hosted by another domain or site. Almost all browsers support CORS for all HTTP requests. Let’s check it in a nutshell!
- Your browser is loading a page served from https://www.siteA.com.
- The site B server has the choice to respond in numerous ways –
- It can return a response with an Access-Control-Allow-Origin:http//www.siteA.com header, showing which sites are allowed to embed content from the site B.
- It can return an error page outlining that the CORS request is not allowed.
- It can return a response with an Access-Control-Allow-Origin: *header, showing that any website is allowed to embed content from website B. This is usually used for content which is public entirely.
In the SAP cloud extension scenarios, having a mutual CORS setup will complicate integration and require extended solutions to recognize each application extension for its tenants. As SAP Cloud Solutions content is usually not public, thus, there’s no option for managing integration. This is the reason why SAP HCP handles all OData backend calls in a uniform manner, by proxying the backend calls through SAP HCP Dispatcher service and implementing the required session handling with identity propagation for all HTML5 apps.
A typical extension application will have a combination of one or more of the described UI artifacts. If there’s nothing defined, then we suggest, you use SAP HANA Cloud Integration (SAP HCI), instead of implementing the data transformation logic.
Extension Application Backend Layer
Just like the frontend layer, there are a number of artifacts in the backend layer that contribute to the overall solution. The main area of the business model is typically implemented in Java or accessed via remote API services in the extended SAP cloud application. Depending on the application’s complexity, you are free to choose any of the Java runtimes. We recommend that you not use Java 6, but Java 7 or 8. When implementing your application, you have to consider which end user roles you’d like to define as part of your SAP extended application and which roles from SAP extended solution, a user requires to access the required data via APIs.
An extension application has the liberty to expand into more than one database schemas and to one or more Document Service Repositories (DSR). This need is calculated during extension application installation. If your extension application is packed with more than one custom business objects, then the object definitions will be imported in the extended SAP Cloud application during the installation. Once imported, the instance of those objects can be created and will be accessible via Solution OData API.
Follow our Blog for more updates and current offers!
[hubspot type=form portal=5934508 id=b37ebdfc-5650-4300-9817-b74e08369d72]
Business Consultation and Business Model
At SAP Expert Solutions, apart from SAP services, we actively indulge ourselves in Business Consultation and improve ourselves for the good too, helping small-scale business to scale-up their business growth and individuals to make extra income!
Thus, we have started an initiative to help some of you, on a regular interval basis. Get our Business Guide on Top Successful Business Models & Ideas, specially designed and curated by our Business Support Team.
The Event Sale Timeline: 1st June 2019 – 1st October 2019
Follow and Stay tuned at SAP Expert Solutions for upcoming events and offers. So, gear up, brace yourselves and get ready for the Business Revolution!