HTTPS authentication using SSL in SOAP Sender adapter

Similar Messages

• Use Moduls with SOAP Sender Adapter

  Hi Experts,
  I have a question regarding the use of modules in the soap sender adapter / communication channel. Is it correct that the use of modules in the soap sender adapter is not possible?
  the background of my question is that we use modules from SEEBURGER in our Communication channels for archiving incoming and outgoing documents. the use of modules in the soap receiver adapter is possible. why not in the soap sender???
  according to the sap help it is possible to use the axis framwork in the soap adapter. then it should be possible to use modules. Is that correct? I tested it but it is not working. If I send a soap message (with the soap reveicer adapter) to the axis soap sender adapter there occure internal server errors. it is only working if I write my own modules for the axis soap sender adapter? is it not possible to use external modules like in other channels (File/FTP, soap receiver etc.)???
  thanks and best regards!
  Christopher

  we have moduls from SEEBURGER. so I have to test it. but before I need a scenario with which I can test it.
  We have a customer who sends xml-files per soap to us. these files we receive succussfully with the soap sender adapter. now we want to use some modules. so we have to use the axis soap sender adapter. I tried to send an xml file with the soap receiver adapter to the axis soap sender adapter, but this was not working. http 500 internal server errors occurred. is it possible that this scenario (soap-to-axis-soap) is not working? need I a specific configuration for this?
  thanks and regards
  Christopher

• Using SSL in SOAP Receiver Adapter

  Hello,
  We need to execute a web service that requires using SSL connection. We have done following:
  1. Deployed SAP Java Cryptographic Toolkit
  2. Uploadted the Server certificates chain(Root, Intermediate, and the Server certficate itself)  in TrustedCAs view
  But I can't see the certificate from the Communication Channel screen.
  Could anybody who has done this before please let us know if we are missing anything. I appreciate if anybody can tell us the trouble points/pit falls in this process.
  Any help is greately appreciated.
  Regards
  Venu

  Hi,
  You need to setup SSL layer for HTTPS endpoint.
  Possible HTTP security levels are (in ascending order):
  HTTP without SSL
  HTTP with SSL (= HTTPS), but without client authentication
  HTTP with SSL (= HTTPS) and with client authentication
  HTTPS comes in two flavors, both ensuring the confidentiality of data sent over the network
  Please go through below link for referance (above information is from below link)
  SAP Network Blog: How to use Client Authentication with SOAP Adapter
  /people/rahul.nawale2/blog/2006/05/31/how-to-use-client-authentication-with-soap-adapter
  SSL useage
  Step by step guide for SSL security
  step by step guide to implement SSL
  http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/ff/7932e4e9c51c4fa596c69e21151c7d/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/13/4a3ad42ae78e4ca256861e078b4160/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/3a/7cddde33ff05cae10000000a128c20/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/0a/0a2e0fef6211d3a6510000e835363f/content.htm
  General guide
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9
  Message level security
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
  Regarding message level you can encrypt the message using certificates.
  For both of this basis team has to deploy the releavant certificates in XI ABAP Stack or Java stack.
  Generally if the scenarios are intra company we dont use any transport level or message level security since the network is already secured.
  Check the following links.. you will get the information all about the securities...
  http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm
  Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
  Also find soeminformation in these links
  http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
  /people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
  Thanks
  Swarup
  Edited by: Swarup Sawant on Apr 9, 2008 7:42 PM

• Set up https SOAP Sender adapter

  Hello, I am doing the Webservice -- XI --   RFC
  I have successfully configured the whole scenerio and it works when the SOAP Sender adapter is set to HTTP security
  But when I set it to HTTPS without client auth or with I can not get it to work, I redid the wsdl entering in a url of https and get the following error
  Wed Feb 27 11:02:56 PST 2008:ERROR:javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
     javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
          at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
          at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
          at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
  via soapui
  Does anyone have any suggestions or documentation or success in successfully setting up the SOAP adapter to use https?
  I also always reward points
  Cheers
  Devlin

  have you checked that:
  https://service.sap.com/sap/support/notes/891877
  https://service.sap.com/sap/support/notes/856597
  * Q: Can I use SSL for my sender adapter?
             A: Yes. Normally, the SOAP adapter servlet runs on the engines HTTP port. But you can activate the engine's HTTPS port so that this servlet can receive messages sent to the HTTPS port. See the documentation about the J2EE engine's security configuration.
  /wg

• ASMA in SOAP Sender adapter.

  Hi All,
  Using ASMA under SOAP sender adapter I am trying to get the username of the user . I am referring below links for the same:
  /people/michal.krawczyk2/blog/2009/05/26/pixi-pseudo-principal-propagation (referring this only for getting username)
  getting user name from sopa header
  But while testing through XML SPY , i am getting error :
  Com.sap.engine.interfaces.messaging.api.exception.MessagingException: Received HTTP response code 500 : Error during parsing of SOAP header.
  Please help??.
  Thanks
  Amit

  Hi.
  I have created WSDL file using below URL:
  http://ISVSAPPIDEV:50100/XISOAPAdapter/MessageServlet?channel=:BS:CC_SOAP_Sender
  Actually its a synchronous SOAP -PI - RFC scenario. When i am pinging the PI through XML spy(ASMA AND Transport Binding is UNCHECKED in soap sender channel)  i am getting the response back from RFC,  but when i am pinging after chking the ASMA and Transport Binding in SOAP sender adapter i am getting this error(the message is itself not reaching the PI):
  Com.sap.engine.interfaces.messaging.api.exception.MessagingException: Received HTTP response code 500 : Error during parsing of SOAP header.
  Thanks
  Amit

• Soap Sender Adapter Preserve And Access Soap Header

  Hi,
  I would like to preserve the Soap Header created by a client and access it in a mapping using the the Soap Sender Adapter (SP16). Does anybody know how to do this?
  Kind regards,
  Heiko

  Hello Udo,
  I have found a solution to this problem. It is possible to add header entries to the DynamicConfiguration which is available by an API:
  soapMsg.append("<SOAP-ENV:Header>");
  soapMsg.append("<SAP:DynamicConfiguration xmlns:SAP=\"http://sap.com/xi/XI/Message/30\" xmlns:SOAP=\"http://schemas.xmlsoap.org/soap/envelope/\" SOAP:mustUnderstand=\"1\">");
  soapMsg.append("<SAP:Record namespace=\"http://sap.com/xi/XI/System/SOAP\" name=\"SRmsUser\">test</SAP:Record>");      
  This code snip shows Java client code to add an element to the SOAP header which corresponds to the DynamicConfiguration. In XI it will be accessable using the respective API.
  Cheers,
  Heiko

• Using custom http headers in SOAP sender adapter

  Hi,
  my problem is exactly the same as reported [here|Re: SOAP Sender - Extract Header Values;] and [here|Variable Transport Binding - Soap Sender;
  Basically I'd like to send through the soap sender adapter some custom http headers. I check the necessary options in the advanced tab (set adapter-specific message attributes and variable transport binding), and in the variable header one I put x-StoreCode, which is the same http header I send to PI.
  But I won't see anything in the dynamic configuration section when the message is persisted in PI.
  Very surprised that I've seen this issue is a common problem others have faced before without success.
  Thanks!

  Hi Michal,
  the extra info I'm trying to send separated from the message is an http header, not part of the query string.
  If I incorporate the extra info as a parameter to the query string like this, for example:
  http://host:50000/XISOAPAdapter/MessageServlet?senderParty=&senderService=S1&receiverParty=&receiverService=&interface=Int&interfaceNamespace=urn:test&x-StoreCode=13&nosoap=true
  Then I can see the value in the dynamic configuration section:
  <SAP:Record namespace="http://sap.com/xi/XI/System/SOAP" name="SQueryString">senderParty=&senderService=S1&receiverParty=&receiverService=&interface=Int&interfaceNamespace=urn:test&x-StoreCode=13&nosoap=true</SAP:Record>
  But what I'm trying to do shoould be possible, according to sap help:
  http://help.sap.com/saphelp_nwpi71/helpdata/en/fc/5ad93f130f9215e10000000a155106/content.htm (section Define Adapter-Specific Message Attributes)

• SOAP Sender adapter - how to turn off authentication? PI 7.1

  Hello
  I wolud like to turn off the user authentication in the Soap Sender Adapter PI 7.1. What is the easiest way to do so?
  Regards,
  Elling Skjetlein

  Hello,
  If you mean about using Single Sign-On (SSO) for automatic login, then
  you can refer to the following links:
  http://help.sap.com/saphelp_nwpi71/helpdata/EN/44/31370f01ae23d1e10000000a1553f7/frameset.htm
  http://help.sap.com/saphelp_nwpi71/helpdata/EN/48/acb27f23be6200e10000000a421937/frameset.htm
  http://help.sap.com/saphelp_nwpi71/helpdata/EN/c4/5c5ae71140bb41868f10bc7f3411db/frameset.htm
  http://help.sap.com/saphelp_nwpi71/helpdata/EN/e5/4344b6d24a05408ca4faa94554e851/frameset.htm
  Hope that help.
  Regards,
  Caio Cagnani

• Use of variable header XHeaderName1 in SOAP sender adapter

  Hi all,
  I have a doubt regarding the use of adapter-specific attributes in SOAP sender adapter. In specific:
  the SOAP client should be able to pass a variable with the SOAP request (XHeaderName1 header variable) and this should be available in mapping (Dynamic configuration)
  I've already checked the [help page|http://help.sap.com/saphelp_nw04/helpdata/en/fc/5ad93f130f9215e10000000a155106/frameset.htm] but it seems I'm doing something wrong.
  I tried with those settings in SOAP adapter configuration:
  Keep headers checked
  XHeaderName1 = Test
  I try to call the SOAP adapters in the following 2 ways, but none works (the value is not available in message mapping with Dynamic configuration)
  1. Pass "Test" value xxxx in SOAP Header as a tag
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema">
       <SOAP-ENV:Header>
            *<Test>xxxx</Test>*
       </SOAP-ENV:Header>
       <SOAP-ENV:Body>
       </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  2. Pass "Test" value xxxx in SOAP URL
  http://host:50000/XISOAPAdapter/MessageServlet?channel=p:s:c&version=3.0&Sender.Service=...&Interface=...&Test=xxxx
  Could anyone give me a hint about how to pass those values in the SOAP call and eventually the correct config. of SOAP sender ?
  Thanks a lot,
  Manuel

  Hi Manuel,
  Could you give a bit more detail on how you handled the SOAP message yourself.
  I have a similar issue. I am consuming a non SAP Web Service which requires a non-standard token element to be passed back. I have created a an RFC sender to SOAP reciever scenario which works fine for the inital logon and returns the token it expects in the follow up messages.
  At present I'm at a loss so your help would be much appreciated. We have got round the immediate issue by creating and sending the SOAP message directly from SAP WAS.
  Could we use the XI Adapter and ABAP proxy in a similar way?
  Thanks,
  Tim J.

• Using SOAP Sender adapter in PI 7.1

  Hi Guys,
  I've created a sync scenario with SOAP sender adapter, but I have troubles with calling it.
  I use following URL: http://<host>:50000/XISOAPAdapter/MessageServlet?channel=:BS_Bus_Sys:CC_SOAP_Test as I did in XI 3.0, but I'm getting error HTTP 400 Bad Request. I'm using the request generated from the IR Configuration.
  Has something changed in 7.1 for this type of scenario?
  Thanks guys,
  Olian

  Hi! Olian,
  I think u r going in a wrong way. The above given URL is wrong and incomplete one.
  The above url comes only after generating the WSDL. You ill gives that URL to ur source team to post their data at which this URL itselfs acts as an Gateway to enter into SAP XI/PI.
  The generated WSDL contains URL like this>>
  "http:// Host:Port/XISOAPAdapter/MessageServlet?senderParty=&amp;senderService=Business Service&amp;receiverParty=&amp;receiverService=&amp;interface=SenderInterfaceI&amp;interfaceNamespace=http://XXXXXXXX" />
  Also follow the below procedure for generating the WSDL.
  Except generating WSDL remaining all development steps are same as creating File to Proxy Scenario.
  CREATING THE WEBSERVICE IN XI :
  1) In Integration Directory, go to Tools tab --> Define Web Services.
  2) Now one Wizard window will opens and follow the below steps:
  Here donu2019t go for the u2018 Proposed URLu2019, instead specify the URL as::
  http://<host>:<j2ee-port>/XISOAPAdapter/MessageServlet?channel=:<service>:<channel>
  If there is party then ::
  http://host:port/XISOAPAdapter/MessageServlet?channel=<party>:<service>:<channel>.
  3) Specify the Source Messageu2019s Message Interface.and remaining other input parameters.
  4) Specify the Sender Business Serviceu2019s details:
  5) Here, Cross check the details displayed and then click on u2018Finishu2019 button to create the Web Service
  document(WSDL)
  6) Now Save the WSDL code to the local system. At the bottom u ill get URL based on the above input
  URl:
  Note: Here in XI there is no XML Testing tool or SOAP client tool to test SOAP messages. That is why most of the people prefer either ALTOVA XML SPY Tool or SOAP CLIENT TOOL or INFO PATH.
  If your working on PI 7.1 means::
  1) Simply after creating Sender Agreement go to options above to that sender agreement instead of tools menu... and there you can observe 2 options at the bottom side.
  a) PUBLISH in SR
  b) Generate WSDL.
  2) Once after activating your ID componenets just Press or go for option Publish in SR. Then automatically it will generate WSDL and publish that WSDL in the SERVICE REGISTRY. which is latest concept in PI 7.1.
  3) Now by entering authentification details you can able to enter into service registry.
  There are 4 tabs::
  a) Service definitions
  b) Publish
  c) classifications
  d) Manage.
  Go for Service definitions::
  4) Enter your sender SOAP interface and press GO or enter.
  5) Select your interface and then at the bottom u can observe again 4 tabs:
  a) General b) End Points c) classifications d) System Details.
  6) In the general you can able to see your WSDL URL by again entering Authentification details.
  7) Now Click End Points>Test Button>Enter Authentification details-->Seelct your Interface
  Note:: Now you can test your scenario in this WEB SERVICE NAVIGATOR.
  8) There you can enter you can pass your Input data parameters in your SOAP interface and execute or test your scenario here itself without any using of external tool like Altova XML or SOAP client tool.
  I hope the above information will give you a detailed information in generating and testing webservice right.
  Regards::
  Amar Srinivas Eli

• How to use SOAP sender adapter

  Hi all
  i have configured the SOAP sender adapter. Now my 3rd party needs to send me a soap message. 
  I have checked that the status at the following URL is OK:
  http://host:port/XISOAPAdapter/MessageServlet?channel=:MXII_Web_Service:SOAP_MXII_Sender.
  This is fine, however
  I am unsure of the following:
  1. Does XI make a wsdl available to the 3rd party?
  2. Where does my 3rd party send the soap message to?
  3. Is the SOAP message sent via a query string?
  4. Do I need to create a web service?
  Thanks for all your help in advance
  Clinton

  Hi Moorthy
  Thanks for your answer.
  The problem was solved, we used .Net to write a webservice to our wsdl.
  I have now another problem.... When the message comes into XI it shows that no receiver found(RCVR_DETERMINATION">NO_RECEIVER_CASE_ASYNC). If I just test the scenario with a file adpter as Sender, and Receiver it is fine, but when using the SOAP adapter as Sender, it gives me the no receiver found message.
  Any help with this issue will be appreciated.
  Thanks again
  Clinton

• Invocation of SOAP Sender Adapter using Apache SOAP

  Hi,
  I'm trying to invoke the XI SOAP Sender Adapter using the Apache SOAP API. It seems that my message header is missing a few parameters (see exception below). Does anybody know which to set?
  Regards,
  Heiko
  ==========
  Exception:
  <?xml version='1.0'?>
  <!-- see the documentation -->
  <SOAP:Envelope xmlns:SOAP='http://schemas.xmlsoap.org/soap/envelope/'>
    <SOAP:Body>
      <SOAP:Fault>
        <faultcode>SOAP:Server</faultcode>
        <faultstring>Server Error</faultstring>
        <detail>
          <s:SystemError xmlns:s='http://sap.com/xi/WebService/xi2.0'>
            <context>XIAdapter</context>
            <code>Exception</code>
            <text><![CDATA[
  com.sap.aii.af.mp.module.ModuleException
       at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:502)
       at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl3.process(ModuleLocalLocalObjectImpl3.java:103)
       at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:227)
       at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0.process(ModuleProcessorLocalLocalObjectImpl0.java:103)
       at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:162)
       at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:507)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:392)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:345)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:323)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:865)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:240)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:37)
       at com.sap.engine.core.cluster.impl6.session.UnorderedChannel$MessageRunner.run(UnorderedChannel.java:71)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged1(Native Method)
       at java.security.AccessController.doPrivileged(AccessController.java:321)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:95)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:159)
  Caused by: java.lang.Exception: Bubble configuration error: parameter 'XI.InterfaceNamespace' is missing
       at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.getParaRequired(XISOAPAdapterBean.java:895)
       at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.createDefaultMessageHeader(XISOAPAdapterBean.java:942)
       at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.setup(XISOAPAdapterBean.java:214)
       at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:496)
       ... 22 more
            ]]></text>
          </s:SystemError>
        </detail>
      </SOAP:Fault>
    </SOAP:Body>
  </SOAP:Envelope>

  Hi Heiko,
  You are missing the Namespace Parameter in the sender soap adapter configuration in XI3.0
  Thanks
  Prasad

• Polling with HTTPS (SOAP sender adapter)

  Hi,
  we are using SAP PI 7.1 EHP 1 and we have to set up a scenario, in which a business partner is going to send us IDocs over HTTPS.
  Now our security team has objections, that incoming messages could be too risky. So we have to figure out if it's also possible, to set up a polling over HTTPS. Unfortunately there's no availability to insert an URL in the SOAP sender adapter, so I think it's NOT possible.
  Any other ideas or agreements?
  Thanks in advance,
  Juergen

  I think SOAP sender adapter supports HTTPS (w/ and w/o client certificate) ... But you'll need to complete the security setup (root CA, etc) before, and then give the "to-be-called" URL to yout partner.
  http://help.sap.com/saphelp_nw04/helpdata/en/fc/5ad93f130f9215e10000000a155106/content.htm
  Rgds
  Chris

• HTTP Call to SOAP Sender Adapter

  Hi All,
  I'm working on a scenario where i plan to use SOAP Sender Adapter for receiving Plain HTTP Calls from the client.
  The purpose behind this exercise is to have control over the message flow in case of sender HTTP protocol in XI.
  I configured a SOAP channel and used the option 'DO Not Use SOAP Envelope'. But when i post  the message to the adapter engine using a HTTP client, it fails.
  Can somebody guide me in this case.
  Regards,
  Anurag

  Hi,
  >>>But when i post the message to the adapter engine using a HTTP client, it fails.
  with which error ?
  Regards,
  Michal Krawczyk

• Anonymous authentication requests via SOAP Sender adapter?

  Hi,
  Can someone please tell me whether it is possible to call the SOAP Sender adapter anonymously?
  We can set user credentials for the receiver system adapter but looking at the options in the SOAP Sender communication channel I can't see how it is possible to send messages though SAP PI without a user who has authorisations to process messages.
  Any advice greatly appreciated.
  Thanks,
  Alan

  can't see how it is possible to send messages though SAP PI without a user who has authorisations to process messages.
  The source system needs to use a user-id to send message to XI/ PI via SOAP.
  If you do not want to use any authorization there is a way to switch off the authentication for the entire SOAP adapter (i.e. for all the SOAP scenarios)....not advisable.
  This method was actually described in a discussion ages back
  Regards,
  Abhishek.