cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Principal propagation with certificate authentication

Go to solution
Former Member

on ‎06-05-2013 8:27 AM

0 Kudos

Hi,

I'm doing a Mobile Apps(JBOSS) -> PI -> GRC(SAP) system scenario.
So basically its a synchronous SOAP -> RFC scenario.


To maintain the user context principal propagation was enabled between PI system and SAP GRC system.
I tested this from SOAP UI everything worked fine.

I use basic authentication uid/pwd to connect from SOAP UI and call the Webservice.
This works fine and im able to see the user being propagated.


Now im trying to use certificate authentication from SOAP UI instead of basic authentication.
To do this I changed the authentication method in the SOAP adapter as HTTPs with client authentication.

My requirement is that , I have to use certificate authentication but not necessarily encrypt the data

(no harm in doing it but not mandatory).I'm testing currently from SOAP UI.
My Basis team has configured a Https port and given a Java certificate (.cert file).
I have a few questions are this point.

1.Does using this HTTPs port essentially mean that encryption will be done?

2.what should I do with the certificate ? Do I import that into SSL settings in SOAP UI?

3. Should I enable the security profile in my SOAP adapter as well? If I do that the sender agreement asks 
for the certificate for decryption. What should I choose here?


Kindly give me a clear step by step procedure to do this.

Thanks a lot
Shakthi


Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Bhargavakrishna
Active Contributor
‎06-05-2013 9:14 AM
0 Kudos

Hi,

1.Does using this HTTPs port essentially mean that encryption will be done?

--> HTTPS is a communications protocol for secure communication over a network.

--> It is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications.


--> it provides authentication and Bi-directional encryption of communications between client and server.

For more information refer this link

http://en.wikipedia.org/wiki/HTTP_Secure

2.what should I do with the certificate ? Do I import that into SSL settings in SOAP UI?

YES.

Refer this link

http://scn.sap.com/thread/3193724

http://help.sap.com/saphelp_nw70ehp1/helpdata/en/16/1bb23bdb0d0156e10000000a11402f/content.htm

http://scn.sap.com/message/9266555

Step by step guide to implement SSL

http://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/23894238-0701-0010-40b0-a0a6d5c4a...

How to configure service provider


http://wiki.sdn.sap.com/wiki/display/ABAPConn/How+to+configure+a+Service+Provider

3. Should I enable the security profile in my SOAP adapter as well? If I do that the sender agreement asks for the certificate for decryption. What should I choose here?

yes.

Configure Principal Propagation using Logon tickets in Net weaver Process Integration 7.1

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/50d07121-07a5-2c10-5280-a081de9b8...

http://help.sap.com/saphelp_nw73ehp1/helpdata/en/48/ce95b718d3424be10000000a421937/frameset.htm

Configuring principle propagation using AAE

http://help.sap.com/saphelp_nw73ehp1/helpdata/en/49/fe95b02f2e4d2baddc39196c827c51/content.htm

Principle propagation threads

http://scn.sap.com/thread/1193951

http://scn.sap.com/thread/3228724

Hope it will helpful..

Regards

Bhargava krishna


Show replies
Show replies
Former Member
‎06-06-2013 4:36 AM
0 Kudos

Hi Bhargava,

Thanks for your inputs.

I have one question. Now i have 2 certificates , one is the client (JBOSS server certificate) which is imported in PI under TrustedCAs. Next I have the PI Java certificate. Now in SOAP UI which certificate should I use?

My understanding is the I need to use both. The JBOSS server certificate for authentication and the PI Java certificate for encyption. Right?

But there is no provision in SOAP UI to mention both. Could you please clarify where I should specify them?

Thanks

Shakthi

Answers (0)

Ask a Question