Redefine FAB OData Services for Security Reasons

Owned by Charles Evans (Unlicensed)
Jun 27, 2023
3 min read

This article demonstrates how to redefine the OData services to enhance the security of the applications.

This technique is also useful in redefining the FAB Core Service Entity Sets for enhancements in the customer system.

Prerequisites

  • You have a stand-alone application

Procedure

Step 1

Create a new project in transaction SEGW.

Step 2

Right-click on the Data Model → Redefine → OData Service (SAP GW) to enter the Redefine Service Wizard. Enter the following information:

Technical Service Name: /IQX/FAB_SRV

Version: 001

Click Next.

Step 3

Select all the Services and click Finish.

Click Save.

Step 4

Go to Data Model → Model References → /IQX/FAB_MDL-0001 and click Generate. In the Model and Service Definition dialog, click Continue.

Runtime Objects Generated. Take note of the Data provider implementation class and the Service Name.

Step 5 (Optional)

Open the Data provider implementation class ZCL_ZTEST_PROJECT_DPC_EXT. Notice that it inherits from the superclass /IQX/CL_FAB_DPC_EXT.

Step 6

Go to transaction /n/IWFND/MAINT_SERVICE → Add Service. Input the System Alias and the Technical Service Name. Press Enter.

Click Add Selected Services and click Continue.

Step 7

In your stand-alone app, replace the original FAB service with the redefined service.

Edit the manifest.json file of the Stand-alone App in the transaction /n/IQX/FAB.

Right-click on the Project NodeCreate File.

The Create File option is only visible for Stand-alone applications.

Set the Id / File Name to manifest.json.

Click the Ellipsis button of the Source Element to Edit the source code. A Source Conflict dialog will appear, click Continue to use the content from the Repository.

Locate the "dataSources" section in manifest.json. Replace the “uri“ /iqx/FAB_SRV with the new service name /sap/ZTEST_PROJECT_SRV.

Old JSON:

"dataSources": { "FAB_SRV": { "uri": "/sap/opu/odata/iqx/FAB_SRV/", "type": "OData", "settings": { "odataVersion": "2.0", "localUri": "localService/FAB_SRV/metadata.xml" } },

New JSON:

"dataSources": { "FAB_SRV": { "uri": "/sap/opu/odata/sap/ZTEST_PROJECT_SRV", "type": "OData", "settings": { "odataVersion": "2.0", "localUri": "localService/FAB_SRV/metadata.xml" } },

Click Save & Close. Ignore the syntax errors, click Ok.

Step 8

Save Project. The application is now using the redefined service. The security team can create an authorization/role for the redefined service that can be used by the stand-alone application.