WebDynpro, File Upload and Anti-Virus


I recently wrote a Web Dynpro application, which featured file uploads. The developed application allows users to upload a file from their client PC and physically write the file on a predefined location. In order to make sure that the uploaded files are safe, I had hoped to use AntiVirus scan to scan the uploaded file.

The breakdown of the logic is below:

1. user selects a file from their PC

2. user clicks on the upload button

3. the onActionFileUpload method is triggered where the FileUpload UI picks up the user selected file and store in the Web Dynpro application's context

4. I plan to call an AntiVirus scan (maybe through an API or something) to scan the in-context binary resource (byte[] representation of the uploaded file)

5. if the scan is successful (with the uploaded file free from virus or malwares), I proceed to FTP write to my predefined location


1. I read that NetWeaver2004s has a virus scan adapter where you need to configure the profile and groups. If I go for this configuration, does this mean I can skip step 4?

2. We are using McAfee as our AntiVirus. Can we somehow configure the on-demand scan to pick up files uploaded in Web Dynpro's context?

3. By having a binary type in the View's context, if the uploaded file contains malware, is it possible for it to harm the server (even though we are not really running the file)?

Thank You.



Might this [doc|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/7a411283-0c01-0010-f6a7-c8cd6a7c0169] will help.

Best Regards

Satish Kumar

0 View this answer in context