Hi,

I had same kind of requirment while working with CitiBank.

SAP will be sending tghe IDOC and through secure layer it needs to pass to Bank.

You should have use the SOAP adapter with Webservice Security parameters.

You need to deploy the Trust certificate to allow the secure transactions across the firewalls.

Please refer below details for using Webservice related Security aspects with SOAP adapter.

You need to setup SSL layer for HTTPS endpoint.

Possible HTTP security levels are (in ascending order):

HTTP without SSL

HTTP with SSL (= HTTPS), but without client authentication

HTTP with SSL (= HTTPS) and with client authentication

Please go through below link for referance (above information is from below link)

Step by step guide for SSL security

General guide

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516d...

Message level security

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba68...

http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm

http://help.sap.com/saphelp_nw04/helpdata/en/ff/7932e4e9c51c4fa596c69e21151c7d/content.htm

http://help.sap.com/saphelp_nw04/helpdata/en/13/4a3ad42ae78e4ca256861e078b4160/content.htm

http://help.sap.com/saphelp_nw04/helpdata/en/3a/7cddde33ff05cae10000000a128c20/content.htm

http://help.sap.com/saphelp_nw04/helpdata/en/0a/0a2e0fef6211d3a6510000e835363f/content.htm

Regarding message level you can encrypt the message using certificates.

For both of this basis team has to deploy the releavant certificates in XI ABAP Stack or Java stack.

Generally if the scenarios are intra company we dont use any transport level or message level security since the network is already secured.

Check the following links.. you will get the information all about the securities...

http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm

Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba68...

Also find soeminformation in these links

http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm

/people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi

Thanks

Swarup

Hi

The SOAP adapter enables you to exchange SOAP messages between remote clients or Web service servers and the Integration Server or the PCK.

In the SOAP adapter, you can specify security settings to be used to sign/verify the SOAP body

Chk this link also:

http://help.sap.com/saphelp_nw04/helpdata/en/69/a6fb3fea9df028e10000000a1550b0/content.htm

Hi,

Use SOAP Adapter for Webservice Communications

/people/shabarish.vijayakumar/blog/2006/03/23/rfc--xi--webservice--a-complete-walkthrough-part-1

/people/shabarish.vijayakumar/blog/2006/03/28/rfc--xi--webservice--a-complete-walkthrough-part-2

/people/siva.maranani/blog/2005/09/03/invoke-webservices-using-sapxi - Invoke Webservices using SAPXI

/people/siva.maranani/blog/2005/03/01/testing-xi-exposed-web-services

/people/michal.krawczyk2/blog/2005/03/29/configuring-the-sender-rfc-adapter--step-by-step

https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/2131 [original link is broken] [original link is broken] [original link is broken]

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/336365d3-0401-0010-9884-

a651295aeaa9

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/336365d3-0401-0010-9884-

a651295aeaa9

Regards

Seshagiri