Sap Tomcat

Note: Your browser does not support JavaScript or it is turned off. Press the button to proceed.

  1. Introduction:

This article will be helpful for who upgrade the run time from JEE6 to Tomcat 8 and who develop the application using JDK8 and deploy in Tomcat 8. Especially this is prepared for Neo cloud platform. This may be applicable to upgrade from any version of JEE run time to any version of Tomcat. This article is derived based on the run time exceptions and errors, we faced. Article will help the problem solvers, solution providers, debuggers and testers. By reading this article you can save lot of time when you migrate from JDK7 to JDK8. this may help for who is upgrading any lower version of Java to any higher version.

Before this change, you should enable SSL on SAP BusinessObjects server by applying the processes in How to set up SSL for your Business Objects Server (Tomcat). Go to “ SAPBO tomcat confR. The SAP Java Connector (SAP JCo) is a development library that enables a Java application to communicate with on-premise SAP systems via SAP's RFC protocol. It combines an easy-to-use API with unprecedented flexibility and performance.

SAP BusinessObjects Business Intelligence Platform BI 4.x (included 4.0, 4.1, all support packs, and patches) SAP Data Services 4.x (included 4.0, 4.1, all support packs, and patches). The following subset of APIs of SAP BTP services are available within Java Web Tomcat 8: document service APIs, mail service APIs, connectivity service APIs (destination configuration and authentication header provider), SAP HANA service and SAP ASE service JDBC APIs, and security APIs. Migrating to Java Web Tomcat 8 (from Another Runtime).

As many of you know, Some of the classes which are there in JEE libraries those are not there in Tomcat, I handled and resolved those class not found exceptions. I found or came to know the alternatives during the run time.

During the integration or communication between the cloud deployed applications, cloud to external, external to cloud and cloud to on premise, you will face the following problems or errors, I have described those problems and solutions together here.

  1. Class Not Found Exception:

These classes HttpDestination and DestinationFactory are not available in Tomcat8.

These above classes should be replaced by the ConnectivityConfiguration and DestinationConfiguration.

JEE6 or JEE7










Using these replacement classes still you can access the destination configuration details from the cockpit.

  1. Http Connection:

Http client cannot be used for making http connection in Tomcat8, the alternate for HttpClient is HttpUrlConnection.

JEE6 or JEE7


httpClient = destination.createHttpClient();




urlConnection = (HttpURLConnection) url.openConnection();


  1. Cloud to Cloud:

It is possible to have App to App SSO authentication when you want to communicate from one application from another application. So, the user propagation (Principle propagation) can be done easily.


Context ctx = new InitialContext();

AuthenticationHeaderProvider authHeaderProvider = (AuthenticationHeaderProvider) ctx.lookup(AUTH_PROVODER_JNDI_LOOKUP);

AuthenticationHeaderProvider authorization = authHeaderProvider (urlString);


AuthenticationHeader appToAppSSOHeader = authorization.getAppToAppSSOHeader(urlString);

AuthenticationHeader principle = authorization.getPrincipalPropagationHeader();


This explicit principle propagation and app to app sso are not required in case of JEE6 runtime.

  1. 403 Forbidden Issue:

When you want to send data using POST API from one application to another, CSRF is required this is applicable for both JEE and Tomcat. But only with CSRF header, 403 will not be resolved in case of Tomcat. You have set the cookie property also in connection object.


writeCon.setRequestProperty(HTTP_COOKIE, session);


The cookies can be got from response header of get API when you get CSRF,


List<String> session = readCon.getHeaderFields().get(HTTP_SET_COOKIE);


The below link will be helpful to resolve 403 Error.

  1. Cloud to On-premise:

When you make a call from cloud to On-Premise system, you should add a proxy when you open a connection in case of Tomcat.


urlConnection = (HttpURLConnection) url. openConnection(proxy)

The proxy should be taken from platform itself as below.

privatestatic Proxy getProxy(String proxyType) {

String proxyHost = null;

int proxyPort;

if (ON_PREMISE_PROXY.equals(proxyType)) {

// Get proxy for on-premise destinations

proxyHost = System.getenv(“HC_OP_HTTP_PROXY_HOST”);

proxyPort = Integer.parseInt(System.getenv(“HC_OP_HTTP_PROXY_PORT”));


} else {

// Get proxy for internet destinations

proxyHost = System.getProperty(“http.proxyHost”);

proxyPort = Integer.parseInt(System.getProperty(“http.proxyPort”));


returnnew Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyHost, proxyPort));


More detail can be found here,

  1. SSLHandshakeException:

When you try to connect from Cloud to On-Premise system, you will get SSLHandshakeException.

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

To resolve this issue, the URL’s protocol should be changed from Https to Http. The url with Https protocol will work in case of JEE runtime, but https protocol throws SSLHandshakeException in case of Tomcat.

  1. 503 Service Un available:

To resolve 503- Service un available, you should add a property(SAP-Connectivity-SCC-Location_ID) cloud connector’s location id


urlConnection.setRequestProperty(“SAP-Connectivity-SCC-Location_ID”, “Cloud_Connector_Location_Id”);


“Service un available “ may occur due to the client (cloud application) not able to find exact target cloud connector, if the sub account has many cloud connectors.

  1. 400 Bad Request:

TO resolve 400 error, you should add the account name as below,


urlConnection.setRequestProperty(“SAP-Connectivity-ConsumerAccount”, System.getenv(“HC_ACCOUNT”));


This is to make a confirmation to target system who make request, from which account.

  1. References:

Consume Back-End Systems (Java Web or Java EE 6 Web Profile)

Consume Back-End Systems (Java Web Tomcat 7)

XSRF Protection for REST Services

HTTP Proxy for On-Premise Connectivity

Platform Authorization Management API


This is purely technical article nothing to talk about any functional areas. this is article i made to help the colleagues who ever is upgrading or migrating from JDK7 to JDK8 and JEE server to Tomcat 8 This article i have created for helping others, no need to spend much time to debug. This will help Developers, Testers and Architects. Here I have talked about the run time problems of connecting from cloud based application to external, external to cloud application, cloud to On-premise. I described to resolve various run time exceptions like SSL handshake and HTTP error codes 400, 403 and 503.


You are deploying SAP WPB Manager in your Apache Tomcat, but after clicking Deploy button, an error 403 is shown by the browser:



  • SAP Workforce Performance Builder Manager version-independent
  • Apache Tomcat v7.0 and higher


Sap Bo Tomcat Configuration

SAP Workforce Performance Builder, enterprise edition all versions ; SAP Workforce Performance Builder, manager option all versions


Error, Deploy fails, Failure, Upload, Uploading, MGR, WAR extension, This webpage is not available, ERR_CONNECTION_RESET, Access Denied, Web application, Web server, 9.2, 9.3, 9.4, Tomcat v7, 7.0, v8, 8.0, Java , KBA , KM-WPB-MGR , SAP Enable Now - Manager , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Sap Tomcat Training

Visit SAP Support Portal's SAP Notes and KBA Search.