cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Runtime Update of Communication Channel Password

Former Member

on ‎08-19-2009 6:47 PM

0 Kudos

I posted this question in the Security Forum as well as here since I was not sure which was appropriate.

We have a new application, Password Vault, where the company would like to change all passwords on a daily basis. Password Vault has a Java API that will allow me to obtain the password for a specific account. What I would like to know is whether there is a way in PI to create a module that will be called by the Communication Channle when it requires the password which will aloow me to dynamically pass the password to the Communication Channel.

In short, I would like to step in front of all runtime password requests and push the current password to the Communication Channel.

Is this possible and/or where can I go to find more information?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

ErvinSzolke
Product and Topic Expert
Product and Topic Expert
‎09-08-2010 3:51 PM
0 Kudos

Hi Larry,

as I am not expert of this topic it is difficult to say, but I'd vote for some kind of PI forum (or security which you have already tried).

Thank you for your understanding!

Best Regards,

Ervin

Show replies
Show replies
ErvinSzolke
Product and Topic Expert
Product and Topic Expert
‎09-08-2010 3:37 PM
0 Kudos

wrong forum

Show replies
Show replies
Former Member
‎09-08-2010 3:49 PM
0 Kudos

Ok, what is the proper forum?

Former Member
‎08-21-2009 4:15 AM
0 Kudos

HI Larry,

With PI 7.1 the Integration Directory API have been released.

http://help.sap.com/saphelp_nwpi71/helpdata/EN/46/6dca42e5c269dfe10000000a11466f/frameset.htm

This API provides you a set of methods for all the objects created in ID that can create, edit , delete and activate the changes to these objects. Also, the API methods are all available as ready to use Web Services on your PI7.1 Java Stack.

For the solution of your problem, I would advise that in the Java Code where you are generating the new passwords, you can call the Web Service for editing the communication channel, providing the generated password to it and activating the Communication Channel through the API Web Services.

This will all be controllable by the Java Code and the manual effort will be eradicated.

Also, Mass Changes in Integration Directory are possible with these ID API Web Services.

http://help.sap.com/saphelp_nwpi71/helpdata/EN/46/69a16a14710ad6e10000000a11466f/content.htm

Regards,

Alka.

Show replies
Show replies
Former Member
‎08-21-2009 1:29 PM
0 Kudos

Alka. Thanks for the reply.

We are aware of the ID web services and have implemented a number of them. We also understand that we can use the web services to update the password. Doing the update in this manner is our second choice. The problem with doing things this way is that the passwords would be pushed to us on some sort of schedule. That means we have to stop things, get all the passwords updated and then start things up again. We refer to this as the "batch push solution".

What we want to implement is a "runtime pull solution" where we pull the password from the Password Vault whenever a Communication Channel needs the password. In this approach there is no need to shut things down or push all the passwords on some sort of schedule. In addition, it would allow us to achieve our desire to change the passwords every day.

In order to implement this we need to be able to add some code to all Communications Channels that will be called when the Communication Channel at runtime when it needs the password. This code would get the password from the Password Vault and return it to the Communication Channel.

Former Member
‎08-23-2009 7:31 PM
0 Kudos

Hi Larry,

You can perhaps use a custom Adapter Module combined with the Directory API to implement your runtime pull solution: An Adapter Module is called every time a communication channel sends/receives a message.

More info about this topic can be found here: [Adding Modules to the Module Processor|http://help.sap.com/saphelp_nwpi71/helpdata/EN/cd/5af7c0c994e24fb0d0088443513de2/frameset.htm]

Kind regards,

Pascal

Former Member
‎09-08-2010 3:08 PM
0 Kudos

Ok, we have conceded that until SAP makes a change that allows some sort of hook into the Communication Channel so that we can handle the password we will not be able to implement a "pull" type of change.

We have code to extract and log Configuration Scenarios, Communications Channels and Interface Determinations. We also have some code modeled after what Bill Li has done to create a Change List and modify the Communication Channel.

Mostly we need to be able to set a Communication Channel Inactive/Active and change the password.

The part we are struggling with is the role of the Restricted Communication Channel and how to get the information from and existing Communication Channel into the Restricted Communication Channel which is the only thing we can add to the Change List.

It seems like there should be some relatively simple way to do the following:

1. Retrieve a Communication Channel using the API

2. Build a Restricted Communication Channel object with all of the information in the Communication Channel...we know the password is always returned as null and can handle that issue.

3. Modify whatever value we want modified

4. Create a Change List

5. Add the Restricted Communication Channel to the Change List

6. Activate the Change List.

We have no real problems with any of the above except for 2.. How do we build a complete Restricted Communication Channel from the retrieved Communication Channel?

Former Member
‎08-20-2009 10:06 AM
0 Kudos

Hi Larry,

I would like to know which PI version you are working on?

Alka.

Show replies
Show replies
Former Member
‎08-20-2009 1:24 PM
0 Kudos

We are on PI 7.1 but do not have EHP 1 installed.

Ask a Question