Hi,
I have successfully retrieved the "X-CSRF-Token" token value for a number of the other odata services (eg ZCD204_EPM_DEMO_SRV) on sapes1 but I'm unable to get a response that includes the cookie & header being set in the response when accessing https://sapes1.sapdevcenter.com/sap/opu/odata/sap/ZGWSAMPLE_SRV/ .
My username and password are correct, I can retrieve data in ZGWSAMPLE_SRV but when i set "X-CSRF-Token" to "Fetch" the response headers do not include a "X-CSRF-Token" entry.
Using the "REST Console" in chrome I can provide the details of a failing request.
Request Headers:
Authorization: Basic SOMEVALUE
X-CSRF-Token: Fetch
Accept: */*
Connection: keep-alive
Content-Type: application/xml
Origin: chrome-extension: //rest-console-id
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
Response Headers:
Status Code: 200
server: SAP NetWeaver Application Server / ABAP 702
dataserviceversion: 2.0
ntcoent-length: 2574
content-type: application/atomsvc+xml
The CSRF token header is missing.
Am I doing something wrong? Is the service mis-configured? What do I need to try to overcome this?
Cheers,
Tom