on 06-05-2013 8:27 AM
Hi,
I'm doing a Mobile Apps(JBOSS) -> PI -> GRC(SAP) system scenario.
So basically its a synchronous SOAP -> RFC scenario.
To maintain the user context principal propagation was enabled between PI system and SAP GRC system.
I tested this from SOAP UI everything worked fine.
I use basic authentication uid/pwd to connect from SOAP UI and call the Webservice.
This works fine and im able to see the user being propagated.
Now im trying to use certificate authentication from SOAP UI instead of basic authentication.
To do this I changed the authentication method in the SOAP adapter as HTTPs with client authentication.
My requirement is that , I have to use certificate authentication but not necessarily encrypt the data
(no harm in doing it but not mandatory).I'm testing currently from SOAP UI.
My Basis team has configured a Https port and given a Java certificate (.cert file).
I have a few questions are this point.
1.Does using this HTTPs port essentially mean that encryption will be done?
2.what should I do with the certificate ? Do I import that into SSL settings in SOAP UI?
3. Should I enable the security profile in my SOAP adapter as well? If I do that the sender agreement asks
for the certificate for decryption. What should I choose here?
Kindly give me a clear step by step procedure to do this.
Thanks a lot
Shakthi
Hi,
1.Does using this HTTPs port essentially mean that encryption will be done?
--> HTTPS is a communications protocol for secure communication over a network.
--> It is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.
--> it provides authentication and Bi-directional encryption of communications between client and server.
For more information refer this link
http://en.wikipedia.org/wiki/HTTP_Secure
2.what should I do with the certificate ? Do I import that into SSL settings in SOAP UI?
YES.
Refer this link
http://scn.sap.com/thread/3193724
http://help.sap.com/saphelp_nw70ehp1/helpdata/en/16/1bb23bdb0d0156e10000000a11402f/content.htm
http://scn.sap.com/message/9266555
Step by step guide to implement SSL
How to configure service provider
http://wiki.sdn.sap.com/wiki/display/ABAPConn/How+to+configure+a+Service+Provider
3. Should I enable the security profile in my SOAP adapter as well? If I do that the sender agreement asks for the certificate for decryption. What should I choose here?
yes.
Configure Principal Propagation using Logon tickets in Net weaver Process Integration 7.1
http://help.sap.com/saphelp_nw73ehp1/helpdata/en/48/ce95b718d3424be10000000a421937/frameset.htm
Configuring principle propagation using AAE
http://help.sap.com/saphelp_nw73ehp1/helpdata/en/49/fe95b02f2e4d2baddc39196c827c51/content.htm
Principle propagation threads
http://scn.sap.com/thread/1193951
http://scn.sap.com/thread/3228724
Hope it will helpful..
Regards
Bhargava krishna
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Bhargava,
Thanks for your inputs.
I have one question. Now i have 2 certificates , one is the client (JBOSS server certificate) which is imported in PI under TrustedCAs. Next I have the PI Java certificate. Now in SOAP UI which certificate should I use?
My understanding is the I need to use both. The JBOSS server certificate for authentication and the PI Java certificate for encyption. Right?
But there is no provision in SOAP UI to mention both. Could you please clarify where I should specify them?
Thanks
Shakthi
User | Count |
---|---|
91 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.