cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PI7.11-Soap Adapter

Go to solution
Former Member

on ‎09-22-2011 6:23 PM

0 Kudos

Hi Experts,

Please advise

In this blog /people/rajendra.badi/blog/2011/08/24/configuring-wsse-digital-signing-and-encryption-using-sap-pi-711-aae-soap-adapter,it was explained how to sign and encrypt soap messages using soap adapter...however in the example shown as Bank and cust (2) PI systems for receiving and sending

In my scenario RFC>>>PI>>>SOAP(WEBSERVICE)..I have only one PI system as middleware

If I use receiver soap adapter for signing and encryption where should I configure sender adapter is it in the same PI system for decryption and validation of signing as we have only 1 PI system as middleware or we should also have another PI system at receiving end...I am confused

Please advise experts

Thanking you

Pooja

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

baskar_gopalakrishnan2
Active Contributor
‎09-22-2011 6:29 PM
0 Kudos

You are confused. You just need onlly one PI. In this case , you are consuming webservice of third party using soap receiver adapter. When you send the request in the target structure you also plus do encryption and signature signing. The other end (third party system) will decrypt and signature verification at their end first and then see your request message.

Similarly if the message is synchronous. Third party will send the response message with encrypt and signing and you will first do decrypt and signature verification and then see the response message. Hope you understand.

When you encrypt or sign the message you share the public key with your third party system. They use your public key to decrypt at their end to view your message.

Show replies
Show replies
Former Member
‎09-22-2011 7:17 PM
0 Kudos

Hi,

Thank you for your response,

yes correct,however I mean to say I will configure receiving soap adapter with target URL and security profile,create views in NWA and specify the view in receiving adapter with public and private keys

So, you mean to say we should not worry about decryption and validation in asyncronous scenario,it is receiving end's problem to decrypt and validate the file

If it is syncronous scenario,,you mean to say the reply message which will come back to PI from receiving system will be encrypted and signed...in that scenario we need soap sender adapter to be configured on PI system to decrypt and validate the file sent by receiving system as a reply

Thanking you

Pooja

Former Member
‎09-22-2011 7:42 PM
0 Kudos

>>we should not worry about decryption and validation in asyncronous scenario,it is receiving end's problem to decrypt and validate the file

Actually u r dng ecryption and signing the message using receiver's public key and ur own Private key...and the receiver system can easily decrypt/validate the file (by own Private key and validate it using ur public key) using some tool/program (in my previous proj client is decrypting the file using some 3rd party tool)......just chk with them

baskar_gopalakrishnan2
Active Contributor
‎09-22-2011 7:55 PM
0 Kudos

>So, you mean to say we should not worry about decryption and validation in asyncronous scenario,it is receiving end's problem to decrypt and validate the file

yes, dont need to worry. They share key to your sytem

>If it is syncronous scenario,,you mean to say the reply message which will come back to PI from receiving system will be encrypted and signed...in that scenario we need soap sender adapter to be configured on PI system to decrypt and validate the file sent by receiving system as a reply

Yes. Again the same key stored in keystore will take care.

Former Member
‎09-22-2011 7:55 PM
0 Kudos

Hi ,

Thank you for your response..

Its good if it is asyncronous scenario

If it is syncronous scenario...do I need to configure sender soap adapter to decrypt and validate the reply message sent by receiving system..is it true

My scenario is RFC>>>PI>WEBSERVICE

In this case I have configured receiver soap adapter with sign and encryption and specified the target URL of the webservice

Now,is the data triggered directly to web service from PI ...if so how the receiving system can decrypt and validate the data sent from PI

If the data is not triggered directly to website from PI which is specified in target URL in the receiving adapter , then where does the signed and encrypted file goes and how does receiving system knows about the in comming signed and encrypted file sent by PI system

Please explain

Thanking you

Pooja

Answers (0)

Ask a Question