cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

KeyStore access from mapping

Go to solution
Former Member

on ‎10-15-2013 4:11 PM

0 Kudos

Hi,

I need to get digital key from java keystore using KeystoreManager. I made java mapping but there is problem, because in mapping runtime, my program cannot see package com.sap.aii.af.security which contains KeystoreManager class.

Is there any way how to access KeystoreManager class with reflection - or some other way?

BTW: I`m on XI 7.0

Thank you

VB

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

baskar_gopalakrishnan2
Active Contributor
‎10-16-2013 2:36 AM
0 Kudos

I think the main issue is your app server is running on jdk 1.4 +...  You might have to use jar files (for KeyStoreManager class) that are compatible to your jdk version.  That could be the main reason.

You can try also writing adapter module...  But java mapping will work for jdk 1.6 versions and corresponding jars..

You might want to check this thread too as a starting point to investigate more for this...

http://scn.sap.com/thread/1938857

Show replies
Show replies
Former Member
‎10-16-2013 10:45 AM
0 Kudos

If I embed jars for KeyStoreManager class into my jar with java mapping, will that help? Right now I use just references on that jar-s - I added them just as external jars in NWDS.

Version of java is correct because I use jars extracted from target XI system itself.

rhviana
Active Contributor
‎10-16-2013 10:50 AM
0 Kudos

Vladmir zdrasvuitie,

Kak tebie dela ?

It´s it possible, you must add the API into your project.

The the links below:

http://wiki.scn.sap.com/wiki/display/XI/Where+to+get+the+libraries+for+XI+development

Ask for bases team provides to you the LIBS, the link above there is the libs and SAP PI versions.

Link below it´s explain about digital signature and how to develop it:

http://www.oracle.com/technetwork/articles/javase/dig-signature-api-140772.html

I´m doing the code here, but it´s not finish yet, for using Digital XML signature via software, not HSM.

The beginning of my code:

import com.sap.aii.mapping.api.StreamTransformationException;
import com.sap.engine.lib.xml.signature.*;
import com.sap.engine.lib.xml.signature.generator.SignatureGenerator;
import com.sap.engine.services.keystore.interfaces.KeystoreManagerWrapper;
import com.sap.security.api.ssf.ISsfProfile;
import com.sap.security.core.server.ssf.*;
import com.xnfe.xi.helpers.DOMTransformation;
import java.io.*;
import java.security.*;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.Properties;
import javax.naming.InitialContext;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.*;
public class NfeSigner extends DOMTransformation..................
.......
........
SsfRefXMLInfo xmlinfo = new SsfRefXMLInfo(strID, transfList);
                              SsfRefXMLList refList = new SsfRefXMLList();
                              refList.add(xmlinfo);
                              java.security.KeyStore keyStore = null;
                              String pass = "";
                              try
                              {
                                        InitialContext ctx = new InitialContext();
                                        KeystoreManagerWrapper kmanager = (KeystoreManagerWrapper)ctx.lookup("keystore");
                                        keyStore = kmanager.getKeystore("DEFAULT");
                                        pass = "123";
                              }

Dasvitdanya,

BR

Ricardo VIana.

Message was edited by: Ricardo Viana

Former Member
‎10-18-2013 5:40 PM
0 Kudos

Thank you Ricardo,

that was the solution.

You have to get out of system keystore_api.jar and keystore.jar and then use KeystoreManagerWrapper.

Thank you again

rhviana
Active Contributor
‎10-18-2013 7:51 PM
0 Kudos

Pajausta Drug !

Poka Poka !

No worries my friend.

I´m glad to help you.

See ya

Answers (1)

Answers (1)

stefan_grube
Active Contributor
‎10-16-2013 1:46 AM
0 Kudos

Java mapping programs are very restriced in accessing PI libraries.

You should write an adapter module for this task.

Show replies
Show replies
Ask a Question