on 11-15-2006 11:06 AM
Hello all,
The HTTP URL for calling XI contains lots of information, including the username and password for accessing XI. I feel quite uncomfortable exposing those info to external parties. Is there any way to work around?
Regards,
Steve
Steve,
Like mentioned one option would be to use SOAP + Do Not use SOAP Envelope and then turn of Authentication for SOAP adapters.
<i>in order to turn off the authentication for SOAP interface, please remove the authentication
restriction in web.xml for aii_af_soapadapter.sda.
Extract the SOAP-adapters WAR-file from the corresponding sda. Then extract the deployment-descriptor from the war-file and delete the related security-constraint, login-config and security-role sections (makes absolutely sense to save the original descriptor beforehand). ZIP the files again with the new deployment descriptor and deploy the SDA via SDM.
comment the following portion.( It's already commented below).
<! security-constraint >
<><security-constraint>
<display-name>message</display-name>
<web-resource-collection>
<web-resource-name>message</web-resource-name>
<url-pattern>MessageServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_message</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>helper</display-name>
<web-resource-collection>
<web-resource-name>helper</web-resource-name>
<url-pattern>HelperServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_helper</role-name>
</auth-constraint>
</security-constraint>
>
<! login-config >
<><login-config>
<auth-method>BASIC</auth-method>
<realm-name>XISOAPApps</realm-name>
</login-config>
>
<! security-role >
<><security-role>
<role-name>xi_adapter_soap_message</role-name>
</security-role>
<security-role>
<role-name>xi_adapter_soap_helper</role-name>
</security-role>
>
The safest way to change this web.xml is described as followed, you
could do the changes also direct on the file system, but it will need
reboot of J2EE and does not guarantee to work.
The web.xml is located in the aii_af_soapadapter.sda, please extract
this sda file with normal zip function. There is one
aii_af_soapadapter.war inside, please extract this war file again,
change the web.xml as described above. Please zip the folder with
modified web.xml for aii_af_soapadapter.war and than for the
aii_af_soapadapter.sda. Please do not modify the folder structure.
Deploy this modified sda with SDM. After the deployment you can double
check whether changes for web.xml is done on the file system, this
web.xml is located under
/usr/sap/xxx/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap
.aii.af.soapadapter/servlet_jsp/XISOAPAdapter/root/WEB-INF.
I am not sure whether you will need to restart the J2EE after this
deployment to make the changes from web.xml active, please try it out.</i>
Regards,
Bhavesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hi,
You can use SOAP adapter without SOAP envelope.
http://help.sap.com/saphelp_nw04/helpdata/en/fc/5ad93f130f9215e10000000a155106/content.htm
Regards,
Wojciech
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.