cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Editing XI Payload From An ABAP Program

Former Member

on ‎10-24-2007 8:44 PM

0 Kudos

Hi,

I have a requirement to remove certain value (credit card CVV value) from XI Log messages. These are syncrhronous requests (from our web app to SAP ECC) and we have to log these messages. Since, these messages contain Credit Card information we need to make sure that we remove credit card related information from XI log to comple with Audit requirements.

I can go and read these XI message from an ABAP program and remove the credit card information from the Messsage but after that I am stuck. I am not able to update the message. Has anyone done this.

Any help will be greatly appreciated.

Thanks,

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎10-24-2007 9:11 PM
0 Kudos

Hi !!

Just an idea....maybe you could remove those values from an adapter module in the outbound communication channel. You can use Java to develop a simple adapter module that executes in the chain of adapter modules of the sender communication channel that filters those fields and passes the message without CVV values to the integration engine. I think this will avoid to access the payload and remove the values from there.

This should be the first module of the adapter module configuration.

Regards,

Matias.

Show replies
Show replies
Former Member
‎10-24-2007 10:04 PM
0 Kudos

Hey Matias,

Thanks for your reply. I do want these values to be passed into my inbound interface ( which is a BAPI). I am not much familiar with the approach you have suggested but seems like I would loose this information in my inbound interface. If this is not the case, I can try your suggestion. Please let me know.

Thanks!!

Former Member
‎10-24-2007 10:09 PM
0 Kudos

Hi !

take a look at this....

/thread/388869 [original link is broken]

Based on your requirements, then you will need to access the payload data once its stored in XI. I never tried this, so I could not confirm it is entirely possible.

regards

Matias

Former Member
‎10-24-2007 10:19 PM
0 Kudos

Hi Matias,

I have tried that approach and failed to update the the RAW data field. I can read the payload using cl_xms_message_xmb and clear the values. I than converted the DOM object to Binary Content (XSTRING). When I updated the table directly with this value, it corrupted the message. I got an error that the first byte of the dataset, which is

used for security purposes, is already invalid.

Am i doing something wrong?

Thanks,

Paresh

Former Member
‎10-25-2007 12:14 AM
0 Kudos

Hi Paresh !

I really don't know and I'm afraid that write access to that data could be not available.

As far as I understand, you DO need that info to enter and leave XI, but not to leave a copy of that info inside XI...maybe you could create 2 adapter modules.

One for the sender. That module could capture the CVV data before it hits Integration Engine and store it in a Z table in XI ABAP stack via RFC call from that module. The other adapter module should be called in the receiver adapter to retrieve that CVV info from the Z table in the XI ABAP stack (and maybe also delete it) and send it to the receiver system using the normal adapter modus operandi.

So technically that CVV info will never be part of the payload while the message is inside Integration Engine. It will be moved to a Z table when entering the sender adapter and will be moved back again to the message when it is leaving the receiver adapter. Of course you will need some key data to correlate the first RFC call with the second one and maybe the CVV info can go to and from RFC encrypted in some way...

hope it helps.

Regards,

Matias.

Former Member
‎10-25-2007 12:21 AM
0 Kudos

Hi Paresh !!

Just another idea (this is really an interesting challenge!!)...

An idea to overcome the thing about the first byte... you could send a dummy message to XI, access the sxmb_moni table, access the RAW data field and store it as a constant somewhere (its first byte will be valid!).

Then in your scenario, modify your ABAP program to not just remove the CVV data from the payload, but to replace the whole payload with the dummy one captured above. Taking into account that maybe you cannot recreate that first byte as valid, then you could replace the whole payload with one with its own first byte valid....of course you will lose the whole payload in XI...but the CVV info will disappear. An ad-hoc idea: before replacing the original payload, you could save it (without the CVV data) in a Z table, along with its message id, just in case.

Regards,

Matias

Former Member
‎10-25-2007 12:27 AM
0 Kudos

Hey Matias,

Thanks for your suggestions. I will give it a shot and keep you posted. I really appreciate you helping me out with this issue.

Thanks!

Ask a Question