Describes how HTTP methods can lead to some errors in Disclosure Management ..
The Disclosure Management application provides a number of RESTFUL APIs that are used by for example the Fiori apps that DM uses.
For example, when adding a Business Role to a user in the Fiori app “Business Role Assignment”, there is a call to the API http://<DM_server:port>/api/appmanager/businessrole/6/users
Also, within the main DM application, the APIs are called, for example when deleting a (local) permission, a call is made to http://<DM_server:port>/api/chapter/<id>/permission using the "DELETE" verb
This Wiki describes some issues that may arise with certain configurations in IIS and how to remedy these.
Note: for this Wiki we used IIS 7.5 with DM 10.1 Stack1200
As the APIs use a number of HTTP request methods (e.g. PUT, POST, DELETE) there can be an issue if within IIS these verbs are explicitly denied within the request filter
Will result in a HTTP 404 (not found) error
Therefore, make sure there are no filters defined
Although Disclosure Management does not use WebDav (https://en.wikipedia.org/wiki/WebDAV), it can be active in IIS and then intercept the methods like PUT and POST which results in a number of errors.
In IIS, WebDav can be active on the DM website
In this case, it is possible that a Handler Mapping is defined for WebDav. Note: this can apply to all verbs ( * ) or specific ones (GET, POST)
Within the DM Fiori apps this may lead to a HTTP 401 Unauthorized error
To resolve this, delete the WebDav handler mapping from the DM website
Even when the WebDav handler is removed, but WebDav itself is still present, you can get an error. This will now be a HTTP 405 Method not allowed
To resolve this, it is recommended to remove WebDav completely from the DM website
To do this, go to the Modules
Delete the WebDav module