on 09-12-2011 1:19 AM
Hi Experts,
Our Business scenario is sap R/3 (sender)>rfc data to PI and to webservice(receiver) using rfc and soap adapters
The communication channels are secured by snc/ssl.
Now the issue is PI have to send digitally sign and encrypt xml messages to receiver and I got no clue how to do this.
Experts please advise.
We have to Digitally sign and encrypt xml messages in PI
1)can we use SAML or Ssfdata xml..if so how to use them,can you send me some documents with screen shots so that i can configure the same in PI
We used adepative tool but it does not support Dsigning
2)Please advise the correct procedure
3)how to develop a adapter user module and how to call it for testing purpose...please advise
O/s:windows
PI EHP1 7.1
DB:oracle
PLEASE HELP
Thanking you
Pooja
answered
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI Pooja,
I am sorry, i forgot to provide you the blog url. Here is the blog link:
/people/rajendra.badi/blog/2011/08/24/configuring-wsse-digital-signing-and-encryption-using-sap-pi-711-aae-soap-adapter
Thanks,
RK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Pooja,
Use can refer following blog to do a digital signing and encryption in PI 7.11, This will explain exactly what you needed. In blog scenario is File Sender -> SOAP Receiver(signingencryption) > Network> SOAP Sender (decryptverify)-> File Receiver, so in your business requirement you have following scenario.
RFC Sender -> SOAP Receiver(signing+encryption) >Network> Webservice. So instead of File Sender you have RFC sender adapter and remaining configurations are same. Let me know if you face any issues while configuring.
Regards,
RK
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You can create digital signatures and encryption using java mapping when you send soap request message. You can basically create dig signatures and modify envelope as per the end system need. To do this you can follow apache axis api or java link to do this.
Have you seen this [link|http://java.sun.com/developer/technicalArticles/xml/dig_signatures/]? This might be a starter for your need
Hi Experts,,
This seems to be more easy for you as you have worked already and you have mastered in this...
1)I have many questions in my mind like can we use SAML or ssfdatxml techniques for Disg/Enc
2)What time we have to do Disg/Enc after we receive the rfc data from R/3 to PI I mean do we need to pick up the xml file do Disg/Enc and put it back the file ,so that it is picked by soap adapter or is it done automatic after rfc data is mapped
3)when should be java mapping should be done ,,,I mean will java programmer develops the ear file in nwds and gives it to us and we need to deploy it on PI system......if not how and when Disg/Enc and Decryption is done
Please advise experts
Hi Experts,
Please Advise for my above querys
1)I tried to develop a EJB project and generate EAR file and depoly it in J2ee server and create adapter modules to call It..however I tried to use a document provided my sdn http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/c0b39e65-981e-2b10-1c9c-fc3f8e674... I am unable to see the options provided ,unable to create EAR project and unable to see deploy option,please can you share a correct document irrespective of nwds SP level
2)Apart from giving JNDI name in module tab,what else should be mentioned for a small test message request/response
3)How to call the adapter for testing purpose apart from monitoring audit logs
Please Advise Experts
Thanking you
Pooja
Hi ,
Thank you for the response
I am in process of testing the adapter module , before I test I would like to take expert advise
I have configured sender CC and adapter module sequence and processing...is that all or do I also need to develop interface in ESR and ID and mapp it and then test.....please advise
Thanking you
>I am in process of testing the adapter module , before I test I would like to take expert advise
>I have configured sender CC and adapter module sequence and processing...is that all or do I also need to develop interface in >ESR and ID and mapp it and then test.....please advise
Yes thats all you need to do...
Hi ,
Thank you so much for your response
I have installed NWDS SP8 as a prerequisite.to develop modules..however in NWDS 7.008 when I go to windows preferences I used to see all the options like j2ee and java etc...Now in NWDS 7.1 sp8 when I go to windows preferences I don't see any such options and also I dont see any options to create and project for EJB and EAR like in NWDS 7008...where to create EJB projects and deploy the EAR file Using NWDS 7.1 SP8 or 12
Please advise experts
Thanking you
Pooja
Hi,
Thank you so much for your reply..I have started update...hope for the best
Which method needs to be followed for both XML Digital signature and Encryption/Decryption IN SAP PI EHP1
SAML
SsfDataxml
WSS4J(WebSphere DataPower Integration Appliance XI50)
WSSE (digital signing and encryption) using SAP PI 7.11 AAE SOAP Adapter
OR 3rd party tools :
we tried with Sap Aedaptive tool but it supports only Enc/Dec but not Dsig
Can you recommend and 3rd party tool which can be integrated with PI7.1 ehp1 for XML digital signing and encryption
Or please advise me which one is the best option for XMl digital signing and encryption in PI ehp1 system
Thanking you
Pooja
its tough to comment on best option but certainly u can achieve ur req with the options suggested above...
recently i have also implemented encryption/sign and decryption in one of my client's landscape using my own custom aapter module........for this i used external 3rd party library called DIDISOFT and developed my own module..
but lets wait and c what experts have to say on this....
Hi Amit
Thank you for the response
So you are 100% sure that we can use WSSE option xml Disg/Enc/Dec in SAP PI ehp1 as per my requirements and no need of any custom or 3rd party development modules,like you have mentioned DIDISOFT
Is it mandatory to use or develop custom modules of our own and we can also configure WSSE or any other tool
Please suggest
Thanking you
Pooja
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.