cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authentication procedure ?

Former Member

on ‎04-15-2008 3:37 PM

0 Kudos

Hi Guys,

For our B2B scenario SOAP - SOAP

we need to authenticate the users on both the sender and receiver side of the web sevice in the soap adapters

can any body suggest the best procedure to validate the customers on both the sides ?

any help would be really appreciated

Thanks,

Srini

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎04-15-2008 4:04 PM
0 Kudos

I would suggest the use of HTTPS with SSL for validation.

You can validate the customers based on the certificate.

Cheers!!

Sidharth

Show replies
Show replies
Former Member
‎04-15-2008 4:23 PM
0 Kudos

Hi Sidharth,

we are planning to use certificates to validate the customer on the sender side but on the receiver side we cannot use certificates and can you plz suggest some other authentication procedures that will work with windows IIS.

we are looking for windows authentication other than NTLM ?

any suggestions would be appreciated

Thanks,

Srini

ravi_raman2
Active Contributor
‎04-15-2008 4:24 PM
0 Kudos

Srinivas,

You can try basic authentication here..Http Basic auth

Regards

Ravi Raman

Former Member
‎04-15-2008 4:28 PM
0 Kudos

Hi Ravi,

I suggested the same and they say

With basic authentication account name and password send over clear text. Very insecure. We’ll have to find another way to make it work.

any suggestions would be appreciated

Thanks,

Srini

ravi_raman2
Active Contributor
‎04-15-2008 8:25 PM
0 Kudos

Srinivas,

Send the basic authentication as part of the HTTP Header...in the tcp header...that way its not clear........ it can also be encrypted.......if thats needed..

Let me know if you need more info

Regards

Ravi Raman

Reward points if helpful

Former Member
‎04-15-2008 8:44 PM
0 Kudos

Hi Ravi,

Thanks for the quick reply and i appreciate your advice.

Send the basic authentication as part of the HTTP Header...in the tcp header...that way its not clear........ it can also be encrypted.......if thats needed

Can you explain in detail how can i acheive this and what are the steps need to be done on XI to acheive this.

Thanks,

Srini

ravi_raman2
Active Contributor
‎04-15-2008 10:54 PM
0 Kudos

Hi..

This is added to the tcp header..So when you recieve it in your system..you dont even see the basic authentication part..as its not part of the soap message.

Question here is..you want to add basic authentication to an outgoing is easy..tricky part is modifying the third party code to send that

inwards...

If the third party is secure enough they can send the basic authentication in the url, they are posting the msg to..that way its in the header ..and easy to implement..let me know..!!

Regards

Ravi Raman

Former Member
‎04-28-2008 6:25 PM
0 Kudos

Hi Guys,

I have solved the problem and NTLM works with PI 7.0 but we need to configure soap axis adapter

The Windows NTLM authentication is supported by Axis's CommonsHTTPSender handler and consequently it is supported by the Axis adapter's corresponding handler com.sap.aii.adapter.axis.ra.transport.http.CommonsHTTPSender. Read about How Can I use CommonsHTTPSender as the transport handler? if CommonsHTTPSender is not enabled on your system. Once it is enabled, you can use com.sap.aii.adapter.axis.ra.transport.http.CommonsHTTPSender instead of default com.sap.aii.adapter.axis.ra.transport.http.HTTPSender as the transport handler in the module configuration and set the authentication setting to NTLM and enter usename as domain\username in the channel configuration

To use CommonsHTTPHandler, the optional Jakarta-Commons-Net, Jakarta-Commons-HttpClient, Jakarta-Commons-Codec libraries are required. Make sure that these libraries are available for the Axis adapter at the deployment check page If these components are not available, you will need to include the corresponding jar files (commons-codec-1.3.jar, commons-httpclient-3.0.jar, and commons-net-1.0.0-dev.jar from the Axis 1.4 release) in aii_af_axisprovider.sda and deploy this archive (see How to prepare aii_af_axisprovider.sda?).

The provider.xml file must include the jar-name entries for these jar files, as shown in:

...

<jars>

...

<jar-name>commons-net-1.0.0-dev.jar</jar-name>

<jar-name>commons-codec-1.3.jar</jar-name>

<jar-name>commons-httpclient-3.0.jar</jar-name>

...

</jars>

Once you do all the above settings, NTLM works fine

Thanks,

Srini

Former Member
‎04-15-2008 3:42 PM
0 Kudos

Hi,

Check with this

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516d...

Regards

Seshagiri

Show replies
Show replies
Former Member
‎04-15-2008 4:20 PM
0 Kudos

Hi Seshagiri,

Thanks for the link and it was good.

I appreciate for your quick reply.

Thanks,

Srini

Ask a Question