cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Digital Sign into payload and other security doubts

Former Member

on ‎02-15-2010 1:05 PM

0 Kudos

Hello experts,

I have a RFC_to_SOAP scenario, and I have to digitally sign the information of the outbound payload (comming from the RFC sender) AND add it to the inbound payload (send it to the target web service, which imported wsdl file is forcing me to include that sign).

In order to do so, can I use the receiver agreement option for digitally sign the document? I guess I can't because it would be added to the payload. So how to do it? Should it be done in message mapping as java mapping? Any indications about how to do that?

Besides I have a doubt about the certification settings in the receiver soap channel and the sign settings in receiver determination. What's exactly the difference? What does each of them with the message?

Thanks in advance.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

iprieto
Contributor
‎02-16-2010 11:24 AM
0 Kudos

Hi Eduardo,

It can be made through Java Modules. The Java Modules are EJB components where you can use the whole payload. Check this link: http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/02706f11-0d01-0010-e5ae-ac25e74c4.... There are a lot of information about this issue in SDN.

If you only want to sign the content of the XML and not sing the whole payload you can use a Java Mapping.

If you want go to spanish forums and talking in spanish.

Best regards

Ivá

Show replies
Show replies
Former Member
‎02-19-2010 11:25 AM
0 Kudos

Hi Ivan, thank you for your response.

I'm trying to develope a module for the soap adapter as you suggested, however I have a question about what you said.

If you only want to sign the content of the XML and not sing the whole payload you can use a Java Mapping

What exactly do you mean with signing the whole payload or just the content?

If I have this xml

<?xml version="1.0" encoding="UTF-8" ?> 
  <ListaDecV3Ent xmlns="https://www3.aeat.es/ADUA/internet/es/aeat/dit/adu/adht/banent/ListaDecP3Ent.xsd">
  <declarante>
  <NifDeclarante>27456992N</NifDeclarante> 
  <NombreDeclarante>José Gutierrez</NombreDeclarante> 
  </declarante>
  </ListaDecV3Ent>

with signing only the content you mean that it would only make the digest and encription of the text 27456992N and José Gutierrez, and signing the whole payload would digest and encritp the xml tags too? If so I need the whole payload to be signed.

Couldn't be that done in java mapping?

By the way I've seen documentation indicating that in order to program an adapter module, a J2EE Java Bean must be developed and deployed to the server. However I'm working in PI 7.1 and in the module tab of the channel I see the option to use a Java Library instead (the options are local enterprise bean, remote enterprise bean and java library). Is it possible? Any info on how it works?

About my doubts in the previous post, if I use the receiver agreement sign option, where would exactly be the sign be placed in the message, and what would it exactly sign?

Any forum mate who can answer is welcome

PD: Ivan I'll open a thread in the spanish forum too if you want to talk there

Former Member
‎09-12-2012 9:27 PM
0 Kudos

Hi Eduardo, what did your end solution look like?

Former Member
‎02-15-2010 8:06 PM
0 Kudos

Nobody can give a hint? I'm sure someone has done this before, please share knowledge

Thanks in advance.

Show replies
Show replies
Ask a Question