cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Webservice Scenario

Go to solution
former_member614185
Contributor

on ‎06-12-2008 9:17 AM

0 Kudos

Hi,

Can any one list out the security settings needed to be done at both SAP XI system and Webserver to run Webservice scenario.

Regards,

Prabu M

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎06-12-2008 9:25 AM
0 Kudos

Hi,

Probabily you can just find your solution by going through these links.

Part-1 /people/shabarish.vijayakumar/blog/2006/03/23/rfc--xi--webservice--a-complete-walkthrough-part-1

Part-2 /people/shabarish.vijayakumar/blog/2006/03/28/rfc--xi--webservice--a-complete-walkthrough-part-2

Please reward points if it helps

Thanks

Vikranth

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎06-12-2008 9:36 AM
0 Kudos

hi

go thru below

WS Security Locate the document in its SAP Library structure

WS Security is a standard for securing the SOAP message and does not rely on the Secure Socket Layer Protocol. By using WS Security, SOAP messages passed between the Web service provider and the Web service client are protected by XML digital signatures, XML encryption, timestamps, and security tokens.

At the time of writing, the standardization of WS Security was still in progress. For current information see SAP Note 688983.

Note

WS Security can only be applied to SOAP messages. It is not supported for the HTTP Get profile, HTTP Post or SOAP with attachments. WS Security is only supported by deployable proxies.

XML Signatures

Digital signatures are added to a SOAP document to ensure the integrity and the authenticity of the message. If parts of the message are changed during transport, the signature becomes invalid and the message is rejected by the receiving party. Signatures may be added to client request and the server response. Signatures are always used in combination with a timestamp to prevent replays of the message (both the SOAP:Envelope/SOAP:Body element and the SOAP:Envelope/SOAP:Header/wsse:Security/wsu:Timestamp are signed).

XML Encryption

Encryption is used to protect elements that are sent as part of the SOAP message. For decryption the key is retrieved from the keystore view WebServiceSecurity.

This graphic is explained in the accompanying text

There is limited support for XML encryption. Decryption of encrypted SOAP documents and encryption of the Username security token is supported.

Security Tokens

Besides XML signatures, other credentials used to authenticate the Web service client may be included in the message. The SAP Web AS implementation of WS Security supports the Username security token and the X.509 security token.

To proof the possession of the X.509 certificates used in the X.509 security token, an XML signature using the corresponding private key is required.

Using WS Security

Configuring a Web service to use WS Security settings requires three steps:

...

1. For each operation in the Web service, select the WS Security template for request and response from the list in the SAP Netweaver Developer Studio. A WS Security Template describes the security (i.e. XML Signature) used to protect the message.

2. For each of the used WS Security templates specified at design time, a profile with runtime configuration settings, such as X.509 certificate data, is required.

3. After creating the WS Security profiles, the profiles need to be assigned to the operations. One profile may be assigned to multiple operations - that is, when the same certificate is to be used for an XML Signature, or different profiles of the same template are used for operations with different XML Signatures.

http://help.sap.com/saphelp_nw04s/helpdata/en/50/a5d13f83a14d21e10000000a1550b0/content.htm

http://help.sap.com/saphelp_nw04s/helpdata/en/31/a6d13f83a14d21e10000000a1550b0/content.htm

regards

chandra

Show replies
Show replies
Ask a Question