cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

web service security in PI

Former Member

on ‎07-15-2009 3:47 PM

0 Kudos

Mine is PROXY to SOAP asynchronous.

PI consumes the service, my requirement is when PI calls the service I need to pass web service security in SOAP header.

so that at receiver statem they can validate the user using these.

When i am calling webservice from soapui with the header parameters

Username , Password and Password Type - PasswordText , it is able to get results. The soapui tool automatically adds the following in the soap header -

<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

<wsse:Username>xxxxx</wsse:Username>

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxxx</wsse:Password>

<wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>

<wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>

</wsse:UsernameToken>

</wsse:Security>

What configuration needs to be done in PI.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎12-18-2009 5:19 AM
0 Kudos

Hi Vamsi,

Even I am facing a similar issue. Has this been resolved? If yes, can you tell us the solution?

Many Thanks!!

Regards,

Tanuja

Show replies
Show replies
Former Member
‎07-15-2009 4:56 PM
0 Kudos

Hey

If i look at the SOAP header in my messages,i get something like below


 <?xml version="1.0" encoding="UTF-8" standalone="yes" ?> 
- <!--  Response 
  --> 
- <SAP:Main xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" versionMajor="003" versionMinor="000" SOAP:mustUnderstand="1" wsu:Id="wsuid-main-92ABE13F5C59AB7FE10000000A1551F7">
  <SAP:MessageClass>ApplicationMessage</SAP:MessageClass> 
  <SAP:ProcessingMode>asynchronous</SAP:ProcessingMode> 
  <SAP:MessageId>C72B2B59-B3F3-49E7-0BC4-E7A7C33FD23C</SAP:MessageId> 
  <SAP:TimeSent>2009-07-15T15:33:02Z</SAP:TimeSent> 
- <SAP:Sender>
  <SAP:Service>BS_Test</SAP:Service> 
  <SAP:Interface namespace="http://xxx.com">InterfaceS</SAP:Interface> 
  </SAP:Sender>
- <SAP:Receiver>
  <SAP:Party agency="" scheme="" /> 
  <SAP:Service>BS_SAP</SAP:Service> 
  <SAP:Interface namespace="http://ngc.com">Interface</SAP:Interface> 
  <SAP:Mapping notRequired="X" /> 
  </SAP:Receiver>
  <SAP:Interface namespace="http://ngc.com">Interface</SAP:Interface> 
  </SAP:Main>

and you have mentioned that your SOAP header is something like below


<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>*xxxxx*</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*xxxxx*</wsse:Password>
<wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>
<wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>

are you making a custom SOAP header and using that or my understanding is wrong.

Thanks

Aamir

Show replies
Show replies
Former Member
‎07-15-2009 6:05 PM
0 Kudos

I got this in Runtime work bench

<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">

- <SOAP:Header>

- <sap:Main xmlns:sap="http://sap.com/xi/XI/Message/30" versionMajor="3" versionMinor="0" SOAP:mustUnderstand="1" xmlns:wsu="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="wsuid-main-92ABE13F5C59AB7FE10000000A1551F7">

<sap:MessageClass>ApplicationMessage</sap:MessageClass>

<sap:ProcessingMode>asynchronous</sap:ProcessingMode>

<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>

<sap:TimeSent>2009-07-15T15:46:10Z</sap:TimeSent>

- <sap:Sender>

<sap:Party agency="" scheme="" />

<sap:Service>test2310</sap:Service>

</sap:Sender>

- <sap:Receiver>

<sap:Party agency="" scheme="" />

<sap:Service>test_serivce</sap:Service>

</sap:Receiver>

<sap:Interface namespace="urn:Publish">msgIF_publish_I_Async</sap:Interface>

</sap:Main>

- <sap:ReliableMessaging xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">

<sap:QualityOfService>ExactlyOnce</sap:QualityOfService>

</sap:ReliableMessaging>

- <sap:Diagnostic xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">

<sap:TraceLevel>Fatal</sap:TraceLevel>

<sap:Logging>On</sap:Logging>

</sap:Diagnostic>

- <sap:HopList xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">

- <sap:Hop timeStamp="2009-07-15T15:46:10Z" wasRead="false">

<sap:Engine type="BS">test_serivce</sap:Engine>

<sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>

<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>

<sap:Info>3.0</sap:Info>

</sap:Hop>

- <sap:Hop timeStamp="2009-07-15T15:46:11Z" wasRead="false">

<sap:Engine type="IS">is.68.devai020</sap:Engine>

<sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>

<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>

<sap:Info>3.0</sap:Info>

</sap:Hop>

- <sap:Hop timeStamp="2009-07-15T15:46:12Z" wasRead="false">

<sap:Engine type="AE">af.dxi.devai020</sap:Engine>

<sap:Adapter namespace="http://sap.com/xi/XI/System">XIRA</sap:Adapter>

<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>

</sap:Hop>

</sap:HopList>

</SOAP:Header>

Edited by: Vamsi on Jul 15, 2009 7:06 PM

Former Member
‎07-15-2009 6:33 PM
0 Kudos

Hi Vamsi,

Can you please check ramons solution in this thread:

Also please see this thread for some more information on the same issue:

Regards,

---Satish

Former Member
‎07-15-2009 7:00 PM
0 Kudos

Yeah,thats the standard SOAP header for XI.

so where do you want to get the below?


<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>*xxxxx*</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*xxxxx*</wsse:Password>
<wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>
<wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>

If you want this to be part of SOAP header,then you need to create your own header by using either XSLT or Java mapping and select "Do not Use SOAP envelope"

Thanks

Aamir

Former Member
‎12-18-2009 5:07 AM
0 Kudos

Hi Vamsi,

Even I am facing a similar issue. Has this been resolved? If yes, can you tell us the solution?

Many Thanks!!

Regards,

Tanuja

Former Member
‎07-15-2009 3:56 PM
0 Kudos

Hi Vamsi,

Aren't you using the Configure User Authentication option in the SOAP Receiver?

Kindly explain why you need to pass the user credentials through header.

Regards,

Gautam Purohit

Show replies
Show replies
Former Member
‎07-15-2009 4:00 PM
0 Kudos

I did use the Configure User Authentication option in the SOAP Receiver channel.

If I use the above option it looks like PI is sending user detials in HTTP header.

But receiver system expects the user credentials in wsse format.

When I use SOAP UI iam able ot pass it but not from PI

BTW iam using PI 7.1

Former Member
‎07-15-2009 4:28 PM
0 Kudos

Hi,

Please refer

http://help.sap.com/saphelp_nw70/helpdata/EN/29/5bd93f130f9215e10000000a155106/frameset.htm

Regards,

Sunil.

Former Member
‎07-15-2009 4:35 PM
0 Kudos

Yes I have seen that , I did use option Keep SOAP header in receiver comm channel. but it is not solving the purpose.

Former Member
‎07-15-2009 4:47 PM
0 Kudos

have you tried to use Advanced Tab Page mentioned in the link to acheive the proper autheticated SOAP message...

Ask a Question