cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

WSS without incoming/outgoing signature or encryption

Go to solution
Former Member

on ‎08-29-2011 1:14 PM

0 Kudos

Hi all,

I have got a problem with the SOAP receiver adapter on PI 7.1. If have configured the securtiy profile: Web Services Security on the SOAP receiver adapter. On the related receiver agreements I have chosen the Oasis security standard. As request and response security procedure I had to quote none since the adessed web service supports neither signing nor encryption.

On sending my message to the web service I'm getting the following response:

Delivering the message to the application using connection SOAP_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: SOAP: response message contains an error XIAdapter/PARSING/ADAPTER.SOAP_EXCEPTION - soap fault: WSDoAllReceiver: Incoming message does not contain required Security header.

Is the anything I might have missed? Does the SOAP receiver adapter support the quoted constallation of security parameters?

Kind regards,

Heiko

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-29-2011 3:16 PM
0 Kudos

Hieko,

I would suggest you to have a look on following blog which i have written on configuring the WSSE in SOAP adapter.

/people/rajendra.badi/blog/2011/08/24/configuring-wsse-digital-signing-and-encryption-using-sap-pi-711-aae-soap-adapter,

Please cross check all the steps mentioned in this.

From error message i could see that, SOAP receiver adapter expecting the WSSE security header and it;s not finding it in the response message hence it's giving this error. Please double check that in the Receiver agreement, for response side you have not checked any security like decrypt or verify sign.

Thanks,

RK

Show replies
Show replies

Answers (3)

Answers (3)

Former Member
‎08-30-2011 12:55 PM
0 Kudos

Hi Hieko,

First thing want to give you info is that, SOAP adapter does not process/support User name token in the XI message. User name token can be processed in the AXIS adapter. to use it, you need to change the protocol from SOAP to AXIS mode in the SOAP adapter channel. I feel because of not supporting this user name token by SOAP adapter, you are getting this issue.

You can go through the following link for AXIS adapter config:

http://help.sap.com/saphelp_nwpi711/helpdata/en/48/327519a3af58d8e10000000a421937/frameset.htm

Show replies
Show replies
Former Member
‎08-31-2011 8:21 AM
0 Kudos

Hi RK,

thank you, I agree, the AXIS adapter might solve the problem. We will deploy the SDA file as described and see if the required feature is included.

Kind regards,

Heiko

Former Member
‎08-31-2011 9:23 AM
0 Kudos

Hi Hieko,

You can also try to use WS adapter that is introduced in SAP PI 7.11. Which is have have a in built capability to do a user name token processing. Only thing about WS adapter is that, it's built in ABAP stack, through ABAP stack you need to call the WS urls.

Thanks,

RK

Former Member
‎08-30-2011 11:48 AM
0 Kudos

Hello RK,

the header is the following (I have changed the username and digest):

<?xml version="1.0" encoding="UTF-8"?>

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:gas="http://gas-xml.de/3.2/gas-x-ws">

<soapenv:Header>

<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

<wsse:Username>anyuser</wsse:Username>

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">anydigest</wsse:Password>

<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">anydigest<wsse:Nonce>

<wsu:Created>2011-08-16T13:41:59.607Z</wsu:Created>

</wsse:UsernameToken>

</wsse:Security>

</soapenv:Header>

Kind regards,

Heiko

PS: I was able to send the message to the target system by applying an xslt mapping in order to manipulate the SOAP header.

Show replies
Show replies
Former Member
‎08-29-2011 4:07 PM
0 Kudos

Hello RK,

Thank you for sending me the reference to your blog.

It describes how to use the security mechanismn with signatures. This doesn't solve my problem since the service to be used doesn't support them. What I have done in the meantime was to generate a mock service and to send some testdata against it. The SOAP header didn't contain the required credentials. Since I suppose my constellation isn't supported by the SOAP adapter. Wonder why!?

Kind regards,

Heiko

Show replies
Show replies
Former Member
‎08-30-2011 9:46 AM
0 Kudos

Hi Heiko,

Could you please provide more info on your issue? provide SOAP header info that you want to have in the XI message. You want to have your credentials in SOAP message header? is this the requirement?

Thanks,

RK

Ask a Question