cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Verify signature

former_member556412
Active Participant

on ‎08-22-2011 2:52 PM

0 Kudos

Hi All,

I have a requiremnet, in which the invoice document is coming along with a signature.

I have to verify the signature and extract the xml data from the inbound payload.

Please let me know how can i achieve this.

I am refering to the below link , but i am not able to achieve what is required.

http://help.sap.com/saphelp_47x200/helpdata/EN/a4/d0201854fb6a4cb9545892b49d4851/frameset.htm

Regards,

Bhanu.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎08-22-2011 4:23 PM
0 Kudos

Hi,

Using Java mapping would be complex in this case. PI supports verification of signature through SOAP adapter. Please following scenario to full fill your goal.

Parneter(sending data in signed form)>http call> PI Soap Sender channel(which is cabpable of validating the signature) --> PI File adapter/or any other adapter( which will give you only payload after verifying).

So dont go for complex java mapping or other java code. Use above scenario which will help you in your case. Please let me know if you want to know how to set up config for SOAP sender channel to verify the signature.

Thanks,

RK

Show replies
Show replies
former_member556412
Active Participant
‎08-23-2011 7:36 AM
0 Kudos

Hi Rajendra,

My scenario is synchronus, and i am actually making an HTTP get (HTTP receiver) to the third party. Its an Outbound Proxy call.

I am not sure how can i avoid a Java mapping in this case.

Best Regards,

Bhanu.

Former Member
‎08-23-2011 8:59 AM
0 Kudos

Hi Banu,

Below is my understanding of your scenario, if i am wrong please correct me:

HTTP call(HTTP receiver adapter(?)) >o/b synch call>Third party, to this call Third party returns the payload with signature ie,

PI (HTTP adapter)<synch response with payload in signed form <Third party:

If my understanding is correct then surely you can avoid java mapping and using SOAP receiver adaptor instead of HTTP receiver, you can achieve your goal. Please let me know if you need still clarification.

Thanks,

RK

Shabarish_Nair
Active Contributor
‎08-22-2011 2:55 PM
0 Kudos

what is the transfer mechanism?

most of the adapters support secure communication along with the use of certificates that can translate the signatures.

Show replies
Show replies
former_member556412
Active Participant
‎08-22-2011 3:01 PM
0 Kudos

Hi Shabarish,

The whole scenario is like we have a sysnchronus proxy call, which sends a request to download the Invoice documnet via an HTTP request.

The response is a XML enveloped in a certificate.

Best Regards,

Bhanu.

Shabarish_Nair
Active Contributor
‎08-22-2011 3:11 PM
0 Kudos

do you mean that you make a normal HTTP call but the response payload comes back as a secure payload?

In this case you might have to write a java mapping for the response parsing.

ex. http://www.java-tips.org/java-ee-tips/xml-digital-signature-api/using-the-java-xml-digital-signatur-...

former_member556412
Active Participant
‎08-22-2011 3:22 PM
0 Kudos

Yes i am surely looking for a Java Mapping.

The link mentioned wont help because the inbound payload is somewhat like below


Content-Type: multipart/signed; micalg=SHA-1; protocol="application/x-pkcs7-signature"; 
	boundary="----=_Part_1_5155489.1312903547841"

------=_Part_1_5155489.1312903547841
Content-Type: application/octet-stream
Content-Transfer-Encoding: 7bit

<?xml version="1.0" encoding="UTF-8"?>
XML Content of the data


------=_Part_1_5155489.1312903547841
Content-Type: application/x-pkcs7-signature; name=smime.p7s
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p7s

Here we have the base 64 format of the certificate data.

------=_Part_1_5155489.1312903547841--

Former Member
‎08-22-2011 3:43 PM
0 Kudos

Hi

PI offers some signature verification features (security chapter), that could make it, or you may have to develop your own adapter module to decypher/validate the message (java mapping does not sound relevant here, as it often expect an valid XML data to parse)

Rgds

Chris

Ask a Question