Dynamic authentication using OWSM

If I have a service that changes employees pay rate. I want to put security on this. For added measure I want to encode the password.
Can I set this dynamically in the calling BPEL process. If not then there is a potential security breach as the username and password are hard coded into bpel.xml file. Obviously I can put some OS security on these files but the person that knows these passwords have the potential of changing their pay rate and make it look like it was a legitimate transaction.
Does anyone know how the handle this scenario?
cheers
James

YOu are correct this will be a big security risk for such a service. Dynamically setting passwords in header is not going to help much because you have to change the password on back end ( active directory) everytime you send new password.
If you have time you can look into Security Token Service. How this will work is,
Employee login to portal or any application.
Call STS before calling web service to get SAML token ( you will give your web SSO token and then get back SAML)
Attach SAML in Web Service.
OWSM will validate SAML.
Another option, if you have Oralce Access Manager, you dont have to worry about attaching passwords. You can integrate OWSM with OAM you are all set. The first option is for different products (web access manager, OWSM)
Thanks
Ram
www.identris.com

Similar Messages

How to create and configure proxies in ADF mobile using OWSM client agent?

Hi
Can anyone please tell me how to create and configure proxies in ADF mobile application using Oracle Web Services Manager (OWSM) Lite Mobile ADF Application Agent. I read it in mobile document that,
For secured web services, the user credentials are dynamically injected using ADF Mobile uses Oracle Web Services Manager (OWSM) Lite Mobile ADF Application Agent to create and configure proxies, as well as to request services through the proxies. The user credentials are injected into the OWSM enforcement context when proxies are configured.
I am new with this OWSM, can anyone please give me some hints like how to proceed further for implementing authentication using OWSM lite mobile ADF Application Agent??
Thanks in advance
Raj

Hi Juan
The demo is very useful, and in that Shay describes about the remote login using a regular ADF webapplication as a secured one and deploying it into the server. But I would like to know how to create a local login using OWSM client agent? .
Without creating a regular ADF webapplication, how can i call secured webservices(i.e., by using OWSM client agent how to create and configure proxies to call secured webservice, where the user credentials are injected into webservice request by OWSM client as mentioned in ADF mobile document)??
Regards
Raj

OSB Authentication using username and password (plaintext or digest)

Hi,
I want to implement a simple osb authentication using username/password (plain text or digest) , so that client required to provide username password token in soap header (message Level security) to access our webservices. I have read some of articles which shows how to create custom ws policy, but received following error during deployment.
weblogic.wsee.ws.init.WsDeploymentException: The WebLogic Server 9.x-style policy is not supported in JAX-WS web services
Please note - I can not install OWSM as part of my requirement
=======
<?xml version="1.0"?>

<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wssp="http://www.bea.com/wls90/security/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wls="http://www.bea.com/wls90/security/policy/wsee#part">

<wssp:Identity>
<wssp:SupportedTokens>

<wssp:SecurityToken IncludeInMessage="true"
TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
<wssp:UsePassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"/>
</wssp:SecurityToken>
</wssp:SupportedTokens>
</wssp:Identity>
</wsp:Policy>

You can use the default Auth.xml WS policy in OSB and be able implement the authentication using username and plain text password.
Just assign the Auth.xml on the Request Policies of the Proxy Service (under Policies).
Then use any user credentials that has access to the domain for testing.
If you want to restrict access for each operation then in the Security tab, under Message Access Control, specify a Role.
Then in the OSB > Security Configuration, create the appropriate role with the specific role conditions like User is User1 or User is User2 etc ...
Hope this helps.
Thanks,
Patrick

Trusted Authentication using QUERY_STRING

Hi All,
We are trying to configure the Trusted Authentication using Query_String in XIR3.1
We have customer portal ,where in login to custom web page and click on the link which routes to Infoview.We are configuring sso to bypass the credentials from webportal to Infoview home page.
We have created a paramerter to pass the user information.We have made all the required changes for configuring trusted authentication,like:
1) Enable Trusted Authentication in cmc.Enter shared secret in cmc
2) Make changes to the web.xml file
3) Create TrustedPrincipal.conf file
In web.xml file we gave "trusted.auth.user.retrieval" as "QUERY_STRING" & "trusted.auth.user.param" as the parameter value we are using to pass the user information.
If the parameter we are using is "MyUser" to pass the user information ,After configuring, we noticed that ,when we launch the url, "http://host:8080/InfoViewApp/logon/logon.do?MyUser=<username>" we can directly login to Infoview without giving any credentials.We are not sure if we are moving in right direction? Is this how the QUERY_STRING work?
We also noticed that,instead of giving any username if we give any other value the infoview home page opens up with Guest account?
Thank you,
Bill

You should disable guest when using any method of SSO. Then anything placed in the URL other than a proper user would fail. And yes this is exactly how query string works (the username must be supplied in the URL). If looking for a more dynamic/secure method you will need to combine with a front end authenticator such as IIS, siteminder, etc and use one of our other methods such as remote_user, http_header, etc
Regards,
Tim

Can we use OWSM in OSB for ServiceType Other than WSDL Webservice

Hi all,
We want to use OWSM in OSB can we use OWSM in OSB for all the Service Type like WSDL,Messaging service(mfl,text,binary) , SOAP , ANY XML service????
Is there any restriction in the service Type???
What bout Adapters like JMS,FTP,File can we use OWSM in the adapters for authentication ??????????
Thanks
Phani

you can attach OWSM policies to the "WSDL" and "Any SOAP" types of proxy and business services in Oracle Service Bus on the Policies page. See section "50.2.2 Attaching Oracle Web Services Manager Policies to Oracle Service Bus Services" at below link -
http://download.oracle.com/docs/cd/E14571_01/doc.1111/e15866/owsm.htm#CHDBIJHD
Regards,
Anuj

Using OWSM for SAML verification and LDAP authorization

I can verify SAML tokens by using EM security (verifying SAML tokens) but when I use OWSM I get this error at the proxy (by adding the step : SAML - Verify WSS 1.0 Token to the policy of a server agent)
Exception in thread "main" java.lang.NoSuchMethodError: oracle.security.wss.saml.SAMLAssertionIssuer.<init>(Ljavax/xml/rpc/handler/soap/SOAPMessageContext;Lorg/w3c/dom/Document;Loracle/security/wss/config/SamlTokenConfigType;Z)V
Also I need to LDAP authorize the subject of SAML after verification of SAML token. Is it just enough to put the LDAP authorize step after SAML verification?
Won't I need any EXTRACT CREDENTIAL step?
Regards
Farbod

When we were asked to combine OBIEE 10g with Active Directory, we chose external Table Authorization to get information on the groups, a user is part of.
In general, one could follow these articles to achieve AD Authentication:
[http://www.oraclebidwh.com/2008/10/obiee-ldap-authentication-using-microsoft-ad/|http://www.oraclebidwh.com/2008/10/obiee-ldap-authentication-using-microsoft-ad/]
[http://www.oraclebidwh.com/2008/11/obiee-ldap-authentication-using-microsoft-ad-2/|http://www.oraclebidwh.com/2008/11/obiee-ldap-authentication-using-microsoft-ad-2/]
To sum it up: Read User-information from AD. Knowing a user's login-name then, one could query an external table, which consists of user and group information. Everything is setup within initializationBlocks, which could be created in the administration tool.
Problem: As you already said, the problem is, that this external user--group table has to be filled and updated "manually". That is, someone has to input new users or at least assign them to the existing groups.
In our case, there's an admin who knows what sql is and how to work with it.
Another solution could be, to prepare a xml-file, containing user and group information and add it to your repository. The tables could then be queried, too. Although, xml files can become quite unhandy, if a lot of information is held within it, they can be edited via external tools or at least with a standard text editor.

How to get the list of values for a dynamic parameter using Web Services SDK?

I am struggling to get the list of values for a dynamic parameter of a report.I am using Java Web Services SDK ... I tried to use PromptInfo.getLOV().getValues() method but it does not work.First of all ... is this possible (to get the list of values for a dynamic param) using Web Services?Second of all, if this is possible, how should I do it ... it seems it works fine when running the report from CMC. It asks for DB logon info and after that it provides a list of values.Thx 

Your assumption is correct. We are trying to get the LOVs from the Crystal Report. I was not aware that this is not supported by Web Services SDK.We used Web Services SDK to integrated the Crystal Reports in our web application. We implemented some basic actions for reports: schedule, view instances, run ad-hoc reports.We encountered this problem when trying to run/schedule reports with dynamic parameters (a list of values from DB). We were unable to get the LOVs.Please let me know if you can think of an alternative to look at.Thanks a lot,Catalin

Client Certificate Mapping authentication using Active Directory across trusted forests

Hi,
We currently have a setup where the on-premises environment and the cloud environment are based on two separate forests linked by a 1-way trust, i.e., the exist in the on-premises AD and the 1-way trust allows them to use their
credentials to login to a cloud domain joined server. This works fine with the Windows authentication.
We are now looking at implementing a 2-Factor authentication using Certificate. The PKI infrastructure exists in the On-Premises Forest. The users are able to successfully login to on-premise servers configured with "AD CLient Certificate
Mapping".
However, we are unable to achieve the same functionality on the cloud domain joined servers. I would like to know
1. Is this possible?
2. If yes, what do we need to do to make this work.
Just to clarify, we are able to authenticate using certificates by enabling anonymous authentication. However, we are unable to do the same after turning on "Client Certificate Mapping authentication using Active Directory"

1. Yes!
2. Before answering this I need to know if your are trying to perform a smart card logon on a desktop/console or if you just want to use certificate based authentication in an application like using a web application with client certificate requirements
and mapping?
/Hasain
We will eventually need it for smartcard logon on to desktop/console. However, at present, I am trying to use this for certificate based authentication on a web application.
To simulate the scenario, I setup up two separate forests and established a trust between them.
I then setup a Windows PKI in one of the forests and issued a client certificate to a user.
I then setup a web server in both the forests and configured them for anonymous authentication with Client SSL requirement configured.
I setup a test ASP page to capture the Login Info on both the servers.
With the client and the server in the same forest, I got the following results
Login Info
LOGON_USER: CORP\ASmith
AUTH_USER: CORP\ASmith
AUTH_TYPE: SSL/PCT
With the client in the domain with the PKI and the server in the other Forest, I got the following response
Login Info
LOGON_USER:
AUTH_USER:
AUTH_TYPE:
I tried the configuration with the Anonymous Authentication turned off and the AD CLient Certificate mapping turned on.
With the client and the server in the same forest, I am able to login to the default page. However, with the server in a trusted forest, I get the following error.
401 - Unauthorized: Access is denied due to invalid credentials.
You do not have permission to view this directory or page using the credentials that you supplied

How to create a viewobject dynamically without using wizard

Hi,
I am Using jDEV 11G, i need to create a viewobject dynamically without using wizard, without binding from any entity.
Actually my intention is to make a grid like in .Net, when a user want to create a new row in RichTable without using DB.
just like shopping cart.
i have done thsi code:
ViewObjectImpl view=new ViewObjectImpl();
view.addDynamicAttributeWithType("Att1","String",null);
view.addDynamicAttributeWithType("Att2","String",null);
view.addDynamicAttributeWithType("Att2","String",null);
Row rw=view.createRow();
rw.setAttribute("Att1","First1");
rw.setAttribute("Att2","First2");
rw.setAttribute("Att2","First3");
view.insertRow(rw);
I have a RichTable , i need bind this viewobject into that.
Edited by: vipin k raghav on Mar 10, 2009 11:39 PM

Hi Vipin,
You can create the view object with rows populated at run time.
[http://download.oracle.com/docs/cd/E12839_01/web.1111/b31974/bcquerying.htm#CEGCGFCA]
For reference of how to create an empty rwo at run time on button click
[http://kohlivikram.blogspot.com/2008/10/add-new-row-in-adf-table-on-button.html]
~Vikram

How to set proxy authentication using java properties at run time

Hi All,
How to set proxy authentication using java properties on the command line, or in Netbeans (Project => Properties
=> Run => Arguments). Below is a simple URL data extract program which works in absence of firewall:
import java.io.*;
import java.net.*;
public class DnldURLWithoutUsingProxy {
 public static void main (String[] args) {
 URL u;
 InputStream is = null;
 DataInputStream dis;
 String s;
 try {
 u = new URL("http://www.yahoo.com.au/index.html");
 is = u.openStream(); // throws an IOException
 dis = new DataInputStream(new BufferedInputStream(is));
 BufferedReader br = new BufferedReader(new InputStreamReader(dis));
 String strLine;
 //Read File Line By Line
 while ((strLine = br.readLine()) != null) {
 // Print the content on the console
 System.out.println (strLine);
 //Close the input stream
 dis.close();
 } catch (MalformedURLException mue) {
 System.out.println("Ouch - a MalformedURLException happened.");
 mue.printStackTrace();
 System.exit(1);
 } catch (IOException ioe) {
 System.out.println("Oops- an IOException happened.");
 ioe.printStackTrace();
 System.exit(1);
 } finally {
 try {
 is.close();
 } catch (IOException ioe) {
}However, it generated the following message when run behind the firewall:
cd C:\Documents and Settings\abc\DnldURL\build\classes
java -cp . DnldURLWithoutUsingProxy
Oops- an IOException happened.
java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
at java.net.Socket.connect(Socket.java:452)
at java.net.Socket.connect(Socket.java:402)
at sun.net.NetworkClient.doConnect(NetworkClient.java:139)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:306)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:267)
at sun.net.www.http.HttpClient.New(HttpClient.java:339)
at sun.net.www.http.HttpClient.New(HttpClient.java:320)
at sun.net.www.http.HttpClient.New(HttpClient.java:315)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:510)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:487)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:615) at java.net.URL.openStream(URL.java:913) at DnldURLWithoutUsingProxy.main(DnldURLWithoutUsingProxy.java:17)
I have also tried the command without much luck either:
java -cp . -Dhttp.proxyHost=wwwproxy -Dhttp.proxyPort=80 DnldURLWithoutUsingProxy
Oops- an IOException happened.
java.io.IOException: Server returned HTTP response code: 407 for URL: http://www.yahoo.com.au/index.html
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1245) at java.net.URL.openStream(URL.java:1009) at DnldURLWithoutUsingProxy.main(DnldURLWithoutUsingProxy.java:17)
All outgoing traffic needs to use the proxy wwwproxy (alias to http://proxypac/proxy.pac) on port 80, where it will prompt for valid authentication before allowing to get through.
There is no problem pinging www.yahoo.com from this system.
I am running jdk1.6.0_03, Netbeans 6.0 on Windows XP platform.
I have tried Greg Sporar's Blog on setting the JVM option in Sun Java System Application Server (GlassFish) and
Java Control Panel - Use browser settings without success.
Thanks,
George

Hi All,
How to set proxy authentication using java properties on the command line, or in Netbeans (Project => Properties
=> Run => Arguments). Below is a simple URL data extract program which works in absence of firewall:
import java.io.*;
import java.net.*;
public class DnldURLWithoutUsingProxy {
 public static void main (String[] args) {
 URL u;
 InputStream is = null;
 DataInputStream dis;
 String s;
 try {
 u = new URL("http://www.yahoo.com.au/index.html");
 is = u.openStream(); // throws an IOException
 dis = new DataInputStream(new BufferedInputStream(is));
 BufferedReader br = new BufferedReader(new InputStreamReader(dis));
 String strLine;
 //Read File Line By Line
 while ((strLine = br.readLine()) != null) {
 // Print the content on the console
 System.out.println (strLine);
 //Close the input stream
 dis.close();
 } catch (MalformedURLException mue) {
 System.out.println("Ouch - a MalformedURLException happened.");
 mue.printStackTrace();
 System.exit(1);
 } catch (IOException ioe) {
 System.out.println("Oops- an IOException happened.");
 ioe.printStackTrace();
 System.exit(1);
 } finally {
 try {
 is.close();
 } catch (IOException ioe) {
}However, it generated the following message when run behind the firewall:
cd C:\Documents and Settings\abc\DnldURL\build\classes
java -cp . DnldURLWithoutUsingProxy
Oops- an IOException happened.
java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
at java.net.Socket.connect(Socket.java:452)
at java.net.Socket.connect(Socket.java:402)
at sun.net.NetworkClient.doConnect(NetworkClient.java:139)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:306)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:267)
at sun.net.www.http.HttpClient.New(HttpClient.java:339)
at sun.net.www.http.HttpClient.New(HttpClient.java:320)
at sun.net.www.http.HttpClient.New(HttpClient.java:315)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:510)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:487)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:615) at java.net.URL.openStream(URL.java:913) at DnldURLWithoutUsingProxy.main(DnldURLWithoutUsingProxy.java:17)
I have also tried the command without much luck either:
java -cp . -Dhttp.proxyHost=wwwproxy -Dhttp.proxyPort=80 DnldURLWithoutUsingProxy
Oops- an IOException happened.
java.io.IOException: Server returned HTTP response code: 407 for URL: http://www.yahoo.com.au/index.html
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1245) at java.net.URL.openStream(URL.java:1009) at DnldURLWithoutUsingProxy.main(DnldURLWithoutUsingProxy.java:17)
All outgoing traffic needs to use the proxy wwwproxy (alias to http://proxypac/proxy.pac) on port 80, where it will prompt for valid authentication before allowing to get through.
There is no problem pinging www.yahoo.com from this system.
I am running jdk1.6.0_03, Netbeans 6.0 on Windows XP platform.
I have tried Greg Sporar's Blog on setting the JVM option in Sun Java System Application Server (GlassFish) and
Java Control Panel - Use browser settings without success.
Thanks,
George

Question regarding the creation of a custom dynamic stamp using "Will Print" from "Set Doc. Actions

Hi all,
Using Acrobat 9.0 Professional, I have successfully created a dynamic stamp using the forums where I have added Login / Date to my own image and it works great as designed. However, the problem I am having is that when a document is stamped it becomes flat and doesn't update dynamically which does not work for my requirements.
I need to create a pdf that is stamped by myself so that other users (using only Reader) can open the pdf and when printed the stamp will print with the correct date/time (in the format I describe below).
I found a workaround (outside of a stamp) where I added a text box (called "Today") that updates everytime the document is printed by going to
Advanced / Document Processing / Set Document Actions / Document Will Print
and adding the following Java Code:
var f = this.getField("Today");
f.value = util.printd('yyyymmddhMMss', new Date());
This provides me with the unique number that I need for printing (ie: 20100317102030). It works great as an inserted text field on my pdf.
My problem is that when I use the "create custom stamp" as in other tutorials by inserting this new text field, it will not update (or display) on print, even though it was set the exact same way as the custom stamp I got working using the Adobe dynamic stamp information.
Can you offer any advice on how I can get this to work as a custom stamp? I would rather not have to create both a stamp and then overlay the text field manually as I have hundreds of documents (maybe more) to do this for.
Also, as an aside, if I could get this to work, I would also like to add Login ID that updates in the same manner as my custom date format (but one problem at a time I guess! )
Thanks for any and all help that you can provide. I looked through these forums and elsewhere, but I don't seem to see anyone else with the same problems (with solutions posted).
I really wish Adobe had a Custom Stamp creator as part of their program, with the dynamic option. It would be so easy for them and save a lot of users so much time.

Stamps are just like a inked rubber stamp, except in Acrobat you can suppress printing them and you can move them. So if you use a dated "Faxed" stamp when you fax a document, even though you can adjust the stamp before affixing the stamp, once the document is stamped the date on the document can not be changed or moved. It appears, that the use of a stamp might not be the best solution.
"Interactive" means Acrobat JavaScript programing.
With JavaScript not only can you insert variable data but also fixed text strings or a combination of both.
So your script could be updated to something like:
var f = this.getField("Today");
f.value = "Printed : " + util.printd('yyyymmddhMMss', new Date());
http://forums.adobe.com/message/1333261#1333261
Getting the 'login name" will require some special JavaScript code being added to an application level JavaScript folder that runs upon initialization and is the data or function created is then accessed by your PDF. This file will need to be installed on each user's system.
http://www.acrobatusers.com/forums/aucbb/viewtopic.php?pid=30444

With a PDF Dynamic form using show/hide actions, how to ensure that when the completed form is saved, closed and re-opened, the form still show the fields as before it was closed?

With a PDF Dynamic form using show/hide actions, how to ensure that when the completed form is saved, closed and re-opened, the form still show the fields as before it was closed?
I have developed a form with fields hidden by default, that become visible based on box ticked or radio button selections.
My problem is that, when I close the form and re-open it, it comes back to it's default presentation, regardless of the information already recorded in the form (including in the now hidden fields.
How to correct that
Thanks in advance for any hint you can provide.

I've had the same problem. This solved it...
Go to the "Form properties..." in the File-menu. Select "Run-time" to the left and in the box "Scripting" Preserve scripting changes to form when saved: choose Automatically (Script-based state changes are saved locally in an insecure fashion. This option cannot be used for certified forms).
Hope it works for you to...

How to send an entire HTML, PHP dynamic page using phpmail()?

How to send an entire HTML, PHP dynamic page using phpmail()
from PHP website, similar to mail this page or send to a friend
link?

Hello,
Please change the mail address
"info[at]furkids[dot]co[dot]za" from this thread ^^^look above^^^
to "[email protected]"
Thank you

How to create a dynamic newsflash using dreamweaver and PHP

Hi there,
I would like to create a dynamic newsflash using dreamweaver and PHP in that the newsflash will be pulling information from a MySQL database. The newsflash should also have a link to view more information about the piece of news a user wants to know more about. Which tools do I need to use in dreamweaver and how's the procedure to go about that. Any advice is highly appreciated. Thanx in advance!

I think you´ll need at least a MySQL table with the following columns:
- id (primary key, int, auto_increment etc)
- news_headline (varchar)
- news_teaser (text)
- news_content (text)
What I´d personally add are columns such as:
- news_date (date or datetime)
- news_external_link (varchar), if a "read more..." link is supposed to navigate to an external URL rather than displaying the contens of the "news_contents" column.
Based on such a MySQL table it should be easy to use Dreamweavers standard Server Behaviors to create the usual datalist.php, insert.php, update.php and delete.php documents, and there are numerous tutorials out there which will teach you how to do that.
Am I right when assuming that you´ll also need to know how to automatically pull, say, the 5 most recent news records from the database ?

HTTPS authentication using SSL in SOAP Sender adapter

Hi,
We are currently doing a SOAP to RFC synchronous scenario in PI 7.0. Our client wants to ensure that the data security is maintained at the transport level. So, we have planned to implement the HTTPS without client authentication using SSL certificates. Our Basis team has promised us that they will take care of the cerficate generation and installation part in the server. Now i am confused at the PI communication channel setup level.
1) Do i have to specify the certificate installed path in the channel or in any other object ? If so, where do i have to configure the path ?
2) What is the exact path that has to be carried by a PI developer once the certificates are installed in the server ?
I have attached my communnication channel screenshot below,
http://i41.tinypic.com/mk49h.jpg
Please let me know what i have to configure in the Sender SOAP channel to receive data securely once the certificates are installed in the system.
Thanks & Regards,
Sherin Jose P

Hi,
1.for transport level security you should assign the HTTPS connection created in SM59 to the SOAP communication channel.
The HTTPS connection should use the certificates imported in t-code STRUST.
have you seen below thread,
SSL / X.509 In SOAP Sender/Receiver Adapter
Please go through below blog,
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b2e7020d-0d01-0010-269c-a98d3fb5d16c?overridelayout=true
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?QuickLink=index&overridelayout=true
http://help.sap.com/saphelp_nwpi71/helpdata/de/14/ef2940cbf2195de10000000a1550b0/content.htm
2. you nedd to check the message flow between the sender and receiver through PI .
regards,
ganesh.

Dynamic authentication using OWSM

Similar Messages

Maybe you are looking for