on 03-23-2004 7:41 PM
I need to make the following example
from SAP Help work in a webdynpro app.
What do I need to set up in Netweaver
developer studio for this example to work.
<b>Where do I find libraries(.jar) for
various classes/interfaces in this example?
Do I need to configure something in WebAS
via Visual Administrator?</b>
Link to example:
http://help.sap.com/saphelp_47x200/helpdata/en/2f/aaa1701494c043830b1945264b2624/frameset.htm
-
Copied from SAP Help verbatum:
Examples for Using Secure Storage Interfaces and Classes
Making Sure the Secure Storage Service is Running
Before beginning with the actual implementation, you should make sure the secure storage service is running. For this purpose, implement a JNDI lookup to the service tcsecsecurestorage~service. This lookup returns an object, which you must cast to SecureStorageRuntimeInterface. See the example below.
Code Example for Making Sure the Secure Storage Service is Running
Context ctx = new InitialContext();
Object o = (Object) ctx.lookup("tcsecsecurestorage~service");
if (o == null){
out.println("secure storage service not started<br>");
}
else {
//Cast
SecureStorageRuntimeInterface secStore =
(SecureStorageRuntimeInterface) o;
//Continue with implementation
}
Obtaining a Context
Use the method getSecureStorageClientContext to obtain a context. See the example below.
Code Example for Obtaining a Context
RemoteSecureStorageClientContextInterface myContext =
secStore.getSecureStorageClientContext();
Managing Objects
The following examples show how to store, retrieve, delete or list objects in the context. For these examples, we store the string mypassword in myContext under the alias pass.
Code Example for Managing Objects
//Store an object
myContext.storeObject(new String("myPassword"), "pass");
//Retrieve an object
String myObject = (String) myContext.retrieveObject("pass");
//Delete an object
myContext.deleteObject("pass");
//List objects
out.println("<h3>Display all objects of client</h3>");
String[] listObjects = customerContext.getObjectIDs();
for (int i = 0; i<listObjects.length; i++){
out.println("<br>" + listObjects<i>);
}
Managing Objects With a Different Class
If the objects class is not a common JDK class, set the classloader before calling the store or retrieve methods. Also cast the objects class to the original class after retrieval. See the examples below:
Setting the Classloader Before Storing an Object
Thread.currentThread().setContextClassLoader(MyApplication
. class .getClassLoader());
myContext.storeObject(MyObject, "pass");
Setting the Classloader and Casting the Class When Retrieving an Object
Thread.currentThread().setContextClassLoader(MyApplication
. class .getClassLoader());
Object myRetrievedObject = myContext.retrieveObject("pass");
MyApplicationClass MyObject = (MyApplicationClass)
myRetrievedObject
If the application runs in different Virtual Machine than the secure storage service where the classloader can not be set to the secure storage thread, then use the retrieveByte method. Your application must then also de-serialize the returned byte array. See the example below:
Setting the Classloader and Casting the Class When Retrieving an Object
byte[] retrieveByte = myContext.retrieveBytes("pass");
ByteArrayInputStream bais = new ByteArrayInputStream(retrieveByte);
ObjectInputStream ois = new ObjectInputStream(bais);
MyApplicationClass myObject = (MyApplicationClass)ois.readObject();
Generating a New Key
The following example shows how to generate a new key to use within your context.
Code Example for Generating a New Key
//Generate a new key for the context
myContext.generateNewKey();
When an object is retrieved, the secure storage service checks to see if a newer key exists to use for encryption. If the object is still encrypted with an older key, then the secure storage service re-encrypts the object using the newer key.
Verifying the Encryption Method Used
When using secure storage, you can have objects either encrypted or just encoded. To encrypt the data object, the secure storage service uses the triple DES encryption algorithm; for encoding it uses base 64 encoding. To verify which method has been used, use the method isSecure as shown in the example below. It returns true if triple DES has been used for the encryption and false if base 64 was used.
Code Example for Verifying the Encryption Method Used
//Verify the encryption method used
Boolean encryptFlag = myContext.isSecure("pass");
Hi Andrei,
you have to include the <b>tc_sec_securestorage_service.jar</b> at:
SAP_SYSTEM_ADD_LIBS -> SAP-JEE -> DCs -> sap.com -> tc -> sec -> securestorage -> service -> gen -> default -> public -> default -> lib -> java
Maybe there is a shorter path under another variable, but this works for me. A reference to the service "tcsecsecurestorage~service" must also be added to work at runtime.
Hope that helps.
Regards
Stefan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stefan,
Thanks a lot for the reference. I tried to follow your directions and put the code in NDS. I am getting this error:
This compilation unit indirectly references the missing type com.sap.engine.frame.state.ManagementInterface
(typically some required class file is referencing a type outside the classpath)
How should I go about it?
Hi Andrei,
sorry for that. I added the secure storage reference to a project, where the following reference already existed:
<b>SAP_SYSTEM_ADD_LIBS/comp/SAP-JEE/DCs/sap.com/kernel.sda/_comp/gen/default/public/default/lib/java/frame.jar</b>
This time i created an empty Java project with the references and a class with the example code. It compiles, so it should work for you too.
Regards
Stefan
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.