cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Sap PI-xml Digital Signing and encryption in PI-ehp1

Former Member

on ‎09-12-2011 1:19 AM

0 Kudos

Hi Experts,

Our Business scenario is sap R/3 (sender)>rfc data to PI and to webservice(receiver) using rfc and soap adapters

The communication channels are secured by snc/ssl.

Now the issue is PI have to send digitally sign and encrypt xml messages to receiver and I got no clue how to do this.

Experts please advise.

We have to Digitally sign and encrypt xml messages in PI

1)can we use SAML or Ssfdata xml..if so how to use them,can you send me some documents with screen shots so that i can configure the same in PI

We used adepative tool but it does not support Dsigning

2)Please advise the correct procedure

3)how to develop a adapter user module and how to call it for testing purpose...please advise

O/s:windows

PI EHP1 7.1

DB:oracle

PLEASE HELP

Thanking you

Pooja

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎10-12-2011 3:38 PM
0 Kudos

answered

Show replies
Show replies
Former Member
‎09-12-2011 2:37 PM
0 Kudos

HI Pooja,

I am sorry, i forgot to provide you the blog url. Here is the blog link:

/people/rajendra.badi/blog/2011/08/24/configuring-wsse-digital-signing-and-encryption-using-sap-pi-711-aae-soap-adapter

Thanks,

RK

Show replies
Show replies
Former Member
‎09-14-2011 6:35 PM
0 Kudos

This message was moderated.

Former Member
‎09-15-2011 3:17 PM
0 Kudos

Hi Experts,

Hope for a quick response and thank you for responding out of your valuable time

Former Member
‎09-12-2011 9:33 AM
0 Kudos

Hi Pooja,

Use can refer following blog to do a digital signing and encryption in PI 7.11, This will explain exactly what you needed. In blog scenario is File Sender -> SOAP Receiver(signingencryption) > Network> SOAP Sender (decryptverify)-> File Receiver, so in your business requirement you have following scenario.

RFC Sender -> SOAP Receiver(signing+encryption) >Network> Webservice. So instead of File Sender you have RFC sender adapter and remaining configurations are same. Let me know if you face any issues while configuring.

Regards,

RK

Show replies
Show replies
Former Member
‎09-12-2011 1:52 PM
0 Kudos

This message was moderated.

Former Member
‎09-12-2011 1:53 PM
0 Kudos

This message was moderated.

baskar_gopalakrishnan2
Active Contributor
‎09-12-2011 2:51 PM
0 Kudos

You can create digital signatures and encryption using java mapping when you send soap request message. You can basically create dig signatures and modify envelope as per the end system need. To do this you can follow apache axis api or java link to do this.

Have you seen this [link|http://java.sun.com/developer/technicalArticles/xml/dig_signatures/]? This might be a starter for your need

Former Member
‎09-12-2011 7:05 PM
0 Kudos

Hi Experts,,

This seems to be more easy for you as you have worked already and you have mastered in this...

1)I have many questions in my mind like can we use SAML or ssfdatxml techniques for Disg/Enc

2)What time we have to do Disg/Enc after we receive the rfc data from R/3 to PI I mean do we need to pick up the xml file do Disg/Enc and put it back the file ,so that it is picked by soap adapter or is it done automatic after rfc data is mapped

3)when should be java mapping should be done ,,,I mean will java programmer develops the ear file in nwds and gives it to us and we need to deploy it on PI system......if not how and when Disg/Enc and Decryption is done

Please advise experts

Former Member
‎09-13-2011 8:01 PM
0 Kudos

Hi Experts,

Please Advise for my above querys

1)I tried to develop a EJB project and generate EAR file and depoly it in J2ee server and create adapter modules to call It..however I tried to use a document provided my sdn http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/c0b39e65-981e-2b10-1c9c-fc3f8e674... I am unable to see the options provided ,unable to create EAR project and unable to see deploy option,please can you share a correct document irrespective of nwds SP level

2)Apart from giving JNDI name in module tab,what else should be mentioned for a small test message request/response

3)How to call the adapter for testing purpose apart from monitoring audit logs

Please Advise Experts

Thanking you

Pooja

VijayKonam
Active Contributor
‎09-13-2011 8:17 PM
0 Kudos

There is no other way of testing an adapter module other than deploying it and checking the audit log. we have to live with it..!!

VJ

Former Member
‎09-14-2011 2:33 PM
0 Kudos

Hi ,

Thank you for the response

I am in process of testing the adapter module , before I test I would like to take expert advise

I have configured sender CC and adapter module sequence and processing...is that all or do I also need to develop interface in ESR and ID and mapp it and then test.....please advise

Thanking you

baskar_gopalakrishnan2
Active Contributor
‎09-14-2011 3:02 PM
0 Kudos

>I am in process of testing the adapter module , before I test I would like to take expert advise

>I have configured sender CC and adapter module sequence and processing...is that all or do I also need to develop interface in >ESR and ID and mapp it and then test.....please advise

Yes thats all you need to do...

Former Member
‎09-14-2011 3:54 PM
0 Kudos

Hi ,

Thank you so much for your response

I have installed NWDS SP8 as a prerequisite.to develop modules..however in NWDS 7.008 when I go to windows preferences I used to see all the options like j2ee and java etc...Now in NWDS 7.1 sp8 when I go to windows preferences I don't see any such options and also I dont see any options to create and project for EJB and EAR like in NWDS 7008...where to create EJB projects and deploy the EAR file Using NWDS 7.1 SP8 or 12

Please advise experts

Thanking you

Pooja

Former Member
‎09-14-2011 4:49 PM
0 Kudos

did u properly install the updates??

chk Ervin's reply:

Former Member
‎09-14-2011 5:55 PM
0 Kudos

Hi,

Thank you so much for your reply..I have started update...hope for the best

Which method needs to be followed for both XML Digital signature and Encryption/Decryption IN SAP PI EHP1

SAML

SsfDataxml

WSS4J(WebSphere DataPower Integration Appliance XI50)

WSSE (digital signing and encryption) using SAP PI 7.11 AAE SOAP Adapter

OR 3rd party tools :

we tried with Sap Aedaptive tool but it supports only Enc/Dec but not Dsig

Can you recommend and 3rd party tool which can be integrated with PI7.1 ehp1 for XML digital signing and encryption

Or please advise me which one is the best option for XMl digital signing and encryption in PI ehp1 system

Thanking you

Pooja

Former Member
‎09-14-2011 6:39 PM
0 Kudos

its tough to comment on best option but certainly u can achieve ur req with the options suggested above...

recently i have also implemented encryption/sign and decryption in one of my client's landscape using my own custom aapter module........for this i used external 3rd party library called DIDISOFT and developed my own module..

but lets wait and c what experts have to say on this....

Former Member
‎09-14-2011 6:56 PM
0 Kudos

Hi Amit

Thank you for the response

So you are 100% sure that we can use WSSE option xml Disg/Enc/Dec in SAP PI ehp1 as per my requirements and no need of any custom or 3rd party development modules,like you have mentioned DIDISOFT

Is it mandatory to use or develop custom modules of our own and we can also configure WSSE or any other tool

Please suggest

Thanking you

Pooja

Ask a Question