Expose a FunctionModule as an http url
Hi,
We have a function module e.g. Z_PROCESS_ORDERS, it does not have any import parameters, and there are no export parameters.
the FM basically performs some action in SAP. e.g inserting current datetime stamp in a ztable.
is it possible to invoke this FM over the internet url.
I am not speaking about webservice.
I am talking about a plain http url. something like: http://sapserver:xxxx/blahblah/Z_PROCESS_ORDERS/xyz/something
if anyone clicks or opens this url in Internet explorer, the FM should be invoked in sap.
i searched on sdn, and found that webservice is an option, but to invoke it we need a webservice client or consumer proxy.
but my end user doesnot have that, and he wants just a IE link (http link) to invoke this function.
is it possible,
any inputs appriciated.
thanks in advance,
Madhu_1980
Hi,
Try to simply create an ICF service that would call the required FM.
http://help.sap.com/erp2005_ehp_04/helpdata/EN/71/1cd240cfd7742ae10000000a155106/frameset.htm
Best regards,
Guillaume
Similar Messages
-
Expose an FM or RFC as an http url (invoke FM by opening url in browser)
Hi,
We have a function module e.g. Z_PROCESS_ORDERS, it does not have any import parameters, and there are no export parameters. the FM basically performs some action in SAP. e.g inserting a value a ztable.
is it possible to invoke this FM over the internet url.
I am not speaking about webservice.
I am talking about a plain http url. something like: http://sapserver:xxxx/blahblah/Z_PROCESS_ORDERS/xyz/something
if anyone clicks or opens this url in Internet explorer, the FM should be invoked in sap.
i searched on sdn, and found that webservice is an option, but to invoke it we need a webservice client or consumer proxy.
but my end user doesnot have that, and he wants just a IE link (http link) to invoke this function.
let us know webdynpro abap could serve this purpose.
thanks in advance,
Madhu_1980the browser window should be closed
you can use an exit plug in your WDA App and provide a little javascript in the SICF-node of your app, that closes the window
or should display a message "the FM is invoked, you can close this window"
Simply use a TextView UIElement on your default view
Kind regards
Andreas -
HTTP URL problem: Security issue
Hello all,
The HTTP URL for calling XI contains lots of information, including the username and password for accessing XI. I feel quite uncomfortable exposing those info to external parties. Is there any way to work around?
Regards,
SteveSteve,
Like mentioned one option would be to use SOAP + Do Not use SOAP Envelope and then turn of Authentication for SOAP adapters.
From the thread , <b>User Names and Passwords in SOAP adapter
<i>in order to turn off the authentication for SOAP interface, please remove the authentication
restriction in web.xml for aii_af_soapadapter.sda.
Extract the SOAP-adapters WAR-file from the corresponding sda. Then extract the deployment-descriptor from the war-file and delete the related security-constraint, login-config and security-role sections (makes absolutely sense to save the original descriptor beforehand). ZIP the files again with the new deployment descriptor and deploy the SDA via SDM.
comment the following portion.( It's already commented below).
<! security-constraint >
<><security-constraint>
<display-name>message</display-name>
<web-resource-collection>
<web-resource-name>message</web-resource-name>
<url-pattern>MessageServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_message</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>helper</display-name>
<web-resource-collection>
<web-resource-name>helper</web-resource-name>
<url-pattern>HelperServlet</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xi_adapter_soap_helper</role-name>
</auth-constraint>
</security-constraint>
>
<! login-config >
<><login-config>
<auth-method>BASIC</auth-method>
<realm-name>XISOAPApps</realm-name>
</login-config>
>
<! security-role >
<><security-role>
<role-name>xi_adapter_soap_message</role-name>
</security-role>
<security-role>
<role-name>xi_adapter_soap_helper</role-name>
</security-role>
>
The safest way to change this web.xml is described as followed, you
could do the changes also direct on the file system, but it will need
reboot of J2EE and does not guarantee to work.
The web.xml is located in the aii_af_soapadapter.sda, please extract
this sda file with normal zip function. There is one
aii_af_soapadapter.war inside, please extract this war file again,
change the web.xml as described above. Please zip the folder with
modified web.xml for aii_af_soapadapter.war and than for the
aii_af_soapadapter.sda. Please do not modify the folder structure.
Deploy this modified sda with SDM. After the deployment you can double
check whether changes for web.xml is done on the file system, this
web.xml is located under
/usr/sap/xxx/DVEBMGS00/j2ee/cluster/server0/apps/sap.com/com.sap
.aii.af.soapadapter/servlet_jsp/XISOAPAdapter/root/WEB-INF.
I am not sure whether you will need to restart the J2EE after this
deployment to make the changes from web.xml active, please try it out.</i>
Regards,
Bhavesh -
How to do Handshake with tired party(bank) HTTPS URL from SAP PI server
Dear Expert,
I have developed bunch of scenarios, all are synchronous ABAP proxy to HTTP_AAE with bank on PI 7.4(dual stack). Bank web server is HTTPS enabled server. Our ABAP developments are still in progress also we have few issue in connection from ECC to PI.but that is not the focus of discussion here.
we want to do the handshake to check the connectivity with bank on their HTTPS URL from PI. Bank has provided the privet key for SSL from their server and corresponding public key they have maintained on their server. I have imported the private key under NWA -> Certificates -> Key Storage -> TrustedCA->Import Entry->Entry Type->PKCS#12->select the SSL.p12 file->import , also I have selected the option to "Use SSL" in HTTP_AAE receiver communication channel and selected the corresponding entryin "keystore view" and "keystore entry". All these I have done in our DEV system, and we are trying to connect our PI dev to bank Dev server.
Questions
Is there any specific steps to do the handshake with third party HTTPS(bank in my case) server? if not, how can we just test the HTTPS connectivity by using the SSL private installed on our PI server, without running the complete scenarios. Our PI has been installed on UNIX, and "telnet https url 443" is working, as network team has opened the HTTPS port.
We have not enabled the SSL technically on our PI server, and we have not installed any generated certificate from our PI server. Moreover, we have not made our PI url as "https:hostname:port" as we just need to communicate with bank by using their private key. Do you guys think we should enable the SSL? if yes, please explain why.
What is the best practice to test the connection with third party having HTTPS URL? how can I just assure HTTPS communication is working fine, before testing my actual scenarios.
Thanks for helping always.
Regards,
FarhanHi Farhan,
Some part of the blog is applicable for sending HTTPS request to partners/third party (Receiver SOAP Adapter).
If banks certificates are already in trustedCA, then, can you check if it also imported under user PIISuser under Identity management in NWA. If above 2 steps are done then i think your are good to go. But be careful when you install certificate, it should be in proper order.
As you already mentioned, connectivity is already established and you are able to PIng/telnet from pi server, connectivity looks ok.
While sending request, if you are getting 401 unauthorized, below might be the reason -
1. Certificate not installed correctly or some missing steps
2. Partner or TP is not ready to receive it, some certificate issue in there side.
other than 401 means you are ok (As per certificate and Connectivity) - 403 and 500 errors are next stops.
403 - error because of encoding method.
500 - data issue.
Regards
Aashish Sinha -
Hitting a HTTPS url from SAP PI
Dear All,
Please let me know how to hit a HTTPS url using plain HTTP adapter in SAP PI. I was just provided with a url and user credentials.
Regards
Koti ReddyHi Koti,
Please perform the HTTPS settings mentioned in the below link before you start the using.
http://scn.sap.com/docs/DOC-26145
Regards,
Naveen -
Bizarre occurrence in Safari for me that I was hoping someone may have come across before:
Tonight for some reason it will not accept any https url whatsoever - it produces the following error:
can't open the page <https://url> The error is: “The operation couldn't be completed. Operation not permitted” (NSPOSIXErrorDomain:1) Please choose Safari > Report Bugs to Apple, note the error number, and describe what you did before you saw this message
I've not installed anything recently or made any config changes. All I do is stay up-to-date with the software updates from Apple.
I've tried moving the app to the Trash, rebooting and then re-installing but with no luck
I tried restoring a previous version of Safari (5.0.4) from early April Time Machine version but still had the same problem. Wondering if there are files outwith the Safari App that may be the cause and not the app itself.
I have checked that my firewall and content filtering allow access - (this is the unchanged config I mention above) - and they do and am accessing this discussion site (ironically https so Safari couldn't get to it after my initial Google search) from Firefox.
I've nothing against Firefox as a browser but I was happy enough with Safari and would like to keep using it.
In trawling the web I couldn't see anything that directly matched what I was experiencing.
If anyone has any hints or tips that might help I'd be really grateful.
Thanks
SteveMac OS X (10.5.2) <--- your profile.
Which Mac OS X are you running?
If you haven't tried, reinstall Safari.
http://support.apple.com/kb/DL1070
Then repair disk permissions.
Launch Disk Utility. (Applications/Utilities) Select MacintoshHD in the panel on the left, select the FirstAid tab. Click: Repair Disk Permissions. When it's finished from the Menu Bar, Quit Disk Utility and restart your Mac. If you see a long list of "messages" in the permissions window, it's ok. That can be ignored. As long as you see, "Permissions Repair Complete" when it's finished... you're done. Quit Disk Utility and restart your Mac. If you see any warnings re: SUID messages, they can be safely ignored, information here: http://support.apple.com/kb/TS1448?viewlocale=en_US -
Problems with SAP BC to post a request to https URL
Hello,
in a integration scenario one of our partners wants to send a xml to our server via https.<br/>
I tried this internal with a test business connector. I simple use the WmPublic.pub.client http service.<br/>
I try to post a record to an https:// URL and get an error. It seems that there is some trouble with the ssl handshake. However it is working in the browser.<br/>
The option Security -> Certificates -> Trusted Certificates -> CA Certificates Directory is 'unspecified'. Therefore no server certificate should be reject.<br/>
<br/>
Now I got an 'iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure<br/>
' error. I do not find any helpful entries in this forum. Did anyone solve this issue?<br/>
<br/>
Thank you,<br/>
Nils<br/>
<br/>
error:<br/>
2009-08-03 10:08:13 CEST iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure<br/>
at iaik.security.ssl.r.f(Unknown Source)<br/>
at iaik.security.ssl.x.b(Unknown Source)<br/>
at iaik.security.ssl.x.a(Unknown Source)<br/>
at iaik.security.ssl.r.d(Unknown Source)<br/>
at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)<br/>
at iaik.security.ssl.SSLTransport.getInputStream(Unknown Source)<br/>
at iaik.security.ssl.SSLSocket.getInputStream(Unknown Source)<br/>
at com.wm.net.NetURLConnection.trySSLConnect(NetURLConnection.java:691)<br/>
at com.wm.net.NetURLConnection.httpsConnect(NetURLConnection.java:562)<br/>
at com.wm.net.NetURLConnection.connect(NetURLConnection.java:171)<br/>
at com.wm.net.HttpURLConnection.getOutputStream(HttpURLConnection.java:419)<br/>
at com.wm.net.HttpContext.getOutputStream(HttpContext.java:578)<br/>
at com.wm.net.HttpContext.getOutputStream(HttpContext.java:554)<br/>
at com.wm.net.HttpContext.post(HttpContext.java:338)<br/>
at pub.client.http(client.java:512)<br/>
<br/>
SAP BC Info:<br/>
Software <br/>
Product webMethods Integration Server <br/>
Version 4.6 (Standard Encryption) Release Notes <br/>
Updates BC46_CoreFix7 <br/>
Build Number 940 + CoreFix 7 [Fixes 1-205 + SP1-3] <br/>
SSL Standard (40-bit), Provider: IAIK 2.6 <br/>
<br/>
Server Environment <br/>
Java Version 1.3.1_20 (47.0) <br/>
Java Vendor Sun Microsystems Inc. <br/>
Java Home /usr/jdk1.3.1_20/jre <br/>
Java VM Version 1.3.1_20-b03 <br/>
Java VM Info Java HotSpot(TM) Client VM (mixed mode) <br/>
Classpath /usr/local/sapbc46/server/updates/BC46_CoreFix7.jar<br/>
/usr/local/sapbc46/server/lib/server.jar<br/>
/usr/java/lib/i18n.jar<br/>
/usr/java/jre/lib/rt.jar<br/>
/usr/java/lib/i18n.jar<br/>
/usr/java/jre/lib/rt.jar<br/>
/usr/java/lib/i18n.jar<br/>
/usr/java/jre/lib/rt.jar<br/>
/usr/java/lib/i18n.jar<br/>
/usr/java/jre/lib/rt.jar<br/>
/usr/java/lib/i18n.jar<br/>
/usr/java/jre/lib/rt.jar<br/>
/usr/java/lib/i18n.jar<br/>
/usr/java/jre/lib/rt.jar<br/>
/usr/local/sapbc46/server/lib/classes<br/>
/usr/local/sapbc46/server/lib/client.jar<br/>
/usr/local/sapbc46/server/lib/mail.jar<br/>
/usr/local/sapbc46/server/lib/server.jar<br/>
packages/SAP/code/classes<br/>
packages/SAP/code/jars/static/inqmyxml.jar<br/>
packages/SAP/code/jars/static/jARM.jar<br/>
packages/SAP/code/jars/static/jCO.jar<br/>
packages/SAP/code/jars/static/sapjco.jar<br/>
packages/SAP/code/jars/static/sapxmltoolkit.jar<br/>
packages/WmPartners/code/classes<br/>
packages/WmWin32/code/classes <br/>
OS Linux <br/>
OS Platform i386 <br/>
OS Version 2.6.18.8-0.13-default <br/>
Current User sapbc <br/>
Working Dir /usr/local/sapbc46/server<br/>Ok - in this case you need to include to session based SSL setup in your flow (scenario).
The pub.security:setKeyAndChain and pub.security:clearKeyAndChain services are used to control which client certificate
the SAP BC server presents to remote servers. You need to use these services to switch between certificates and
certificate chains if you are not using aliases for remote servers.
List of services to be used:
pub.security:clearKeyAndChain
-- Associates the default key and certificate chain with the subsequent set of invoked services.
pub.security:setKeyAndChain
-- Processes a digital signature to make sure that the provided data has not been modified. The signature input is the DER encoding of the PKCS#7 SignedData object.
pub.security.pkcs7:sign
-- Creates a PKCS7 SignedData object.
pub.security.pkcs7:verify
-- Processes a digital signature to make sure that the provided data has not been modified.
pub.security.util:createMessageDigest
-- Generates a message digest for a given message.
pub.security.util:getCertificateInfo
-- Retrieves information (e.g., serial number, issuer, expiration date) from a digital certificate.
pub.security.util:loadPKCS7CertChain
-- Converts a certificate chain that is in PKCS7 format to a list (a one-dimensional array) of byte arrays.
Example:
Invoke pub.client:http to send data to Company D.
Invoke pub.security:setKeyAndChain using the key and certificate chain for Company B.
Invoke pub.client:http to send data to Company B.
Invoke pub.security:setKeyAndChain using the key and certificate chain for Company C.
Invoke pub.client:http to send data to Company C.
Invoke pub.security:clearKeyAndChain to revert back to the default key and certificate chain for Company
Au2019s server.
Invoke pub.client:http to send data to Company D.
Edited by: Kai Lerch-Baier on Aug 3, 2009 1:47 PM -
Accessing BSP File Download using HTTPS URL
Hi,
I'm struggling with a problem of downloading a file from a https url. I wrote a BSP App for downloading a file from a unix server.. It works fine when I use a http URL with port 8080 and does not work when I use https.!!
Example:
https://comms.gmsanet.co.za/supplier [ download does not work ]
http://comms.gmsanet.co.za:8080/supplier [ download works ]
When I try to download using https.. it does not pull the file name and path
see code below and suggest me if anything to be chnaged.
In the Form Initialization method:
event handler fr data retrieval
DATA: i_file type string,
s_fields TYPE tihttpnvp,
s_fields_line TYPE ihttpnvp,
multipart_form type ref to if_http_entity,
file_upload type xstring,
lv_backend type string,
success type string,
entity type ref to if_http_entity,
file type xstring,
content_type type string,
content_filename type string,
content_length type string,
content_disposition type string,
num_multiparts type i,
i type i value 1,
doEcho type string value 'X',
value type string,
filename type ZFILETAB-fileinfo,
ext1 type string,
ext2 type string,
dsn type string,
bptype like sy-uname,
itab TYPE ZFILETAB,
itab_line TYPE ZFILETABLINE,
file_ext type ZFILETABLINE,
fileinfo type c,
zcount type i.
filename = '/NewMessge.doc'.
content_filename = filename.
Check the extension and assign the content type
split filename at '.' into ext1 ext2.
case ext2.
when 'zip'.
content_type = 'application/x-zip-compressed'.
when 'doc'.
content_type = 'application/msword'.
when 'txt'.
content_type = 'text/plain'.
when 'ppt' or 'pps'.
content_type = 'application/vnd.ms-powerpoint'.
when 'xls' or 'exe'.
content_type = 'application/octet-stream'.
when 'gif'.
content_type = 'image/gif'.
when 'jpg' or 'jpeg'.
content_type = 'image/pjpeg'.
when 'htm' or 'html'.
content_type = 'text/html'.
endcase.
dsn = filename.
OPEN DATASET dsn FOR INPUT IN BINARY MODE.
IF sy-subrc NE 0.
zmessage = 'Error opening file'.
navigation->set_parameter( name = 'zmessage' value = zmessage ).
navigation->goto_page( 'downloaderror.htm' ).
exit.
ENDIF.
DO.
READ DATASET dsn INTO <b>file</b>.
EXIT.
ENDDO.
CLOSE DATASET dsn.
set response data to be the file content
runtime->server->response->set_data( <b>file</b> ).
runtime->server->response->set_header_field(
name = 'Content-Type'
value = content_type ).
concatenate 'attachment; filename=' filename into content_disposition.
runtime->server->response->set_header_field(
name = 'Content-Disposition'
value = content_disposition ).
set the file size in the response
content_length = xstrlen( file ).
runtime->server->response->set_header_field(
name = 'Content-Length'
value = content_length ).
runtime->server->response->delete_header_field(
name = 'Cache-Control' ).
runtime->server->response->delete_header_field(
name = 'Expires' ).
navigation->response_complete( ).
Thanks
AjayHi Brian,
I have the same problem as Ajay Yeluguri. In http mode I can generate a download of an Excel document but when we use the portal in https it doesn't work.
When I try to download using https it does not pull the file name and path and when I choose download I have a error message : "Internet Explorer cannot download from ..."
I've test the point 3.2 "... including file up/download" of the BSP application IT00 and it works fine in http and https mode. My problem is not the upload but the download. And in this application the uploaded document is opened in the Internet Explorer window but I want to generate a Save as... window to download the file.
Have you an idea what i can do to solve my problem.
Thanks
Yann -
Name of .crl and .crt file missing from HTTP URL in certificate details
Hello Everyone,
I am in the process of building a 2-tier Windows Server 2012 R2 PKI. The CA name of both the offline standalone root CA and enterprise subordinate CA have spaces in it (we'll call the CA name, 'Test Lab Root CA' for point of reference).
When I submitted the certificate request for the subordinate CA to the root CA and viewed the attributes/extensions of the pending request, I noticed the HTTP URL is missing the name of the .crt and .crl file.
The AIA extension reads URL=http://test.domainname.com/pki/.crt
in the issued certificate details.
The CDP extension reads URL=http://test.domainname.com/pki/.crl
in the issued certificate details.
The AIA and CDP location HTTP URLs are configured as http://test.domainname.com/pki/<CertificateName>.crt and http://test.domainname.com/pki/<CRLNameSuffix><DeltaCRLAllowed>.crl, respectively on the
root CA.
The LDAP URL shows the .crt and .crl file name (with %20 replacing the spaces) perfectly fine. The LDAP URL is configured using variables as well. It's just the HTTP URL that is missing the name of the file altogether.
I have read about the issue where spaces are not being replaced with %20 in the URL on Windows Server 2012 and a hotfix is available for that issue. But this issue seems to be slightly different and I'm running Windows Server 2012 R2. I tried installing
the hotfix to see if it would help, but the hotfix can't install because it doesn't apply to Server 2012 R2.
I've been trying to find a technet discussion or blog article for a week to see if anyone has seen this and what the fix is, but I'm coming up empty. I only find talks about %20 not replacing the space in the name.
Does anyone have any insight to my particular issue? I don't want to issue the subordinate CA certificate until I know the HTTP URL populates the CRL and CRT file name correctly. I can get around this by typing out the name of the file (with spaces and not
%20... e.g. http://test.domainname.com/pki/Test Lab Root CA.crl) in the URL via the registry and the URL displays the name of the file (with %20 in the name) when I do another certificate request and check the attributes/extensions in the
pending request. However, I prefer to avoid manually typing out the name of the file in the registry. I'd like to use the variables if at all possible.
Any help/guidance would be greatly appreciated.
Thank you.On Fri, 27 Mar 2015 03:42:28 +0000, Brian Komar [MVP] wrote:
You have totally messed up the URLs.
If you run certutil -getreg ca\CRLPublicationURLs and certutil -getreg ca\CACertPublicationURLs, you will see that you do not have correct use of variables when compared to the settings that follow:
The URLs should be set to the following for an offline CA:
certutil -setreg CA\CRLPublicationURLs "1:%WINDIR%\system32\CertSrv\CertEnroll\%%3%%8%%9.crl\n2:http://test.domainname.com/pki/%%3%%8%%9.crl"
*certutil -setreg CA\CACertPublicationURLs "1:%WINDIR%\system32\CertSrv\CertEnroll\%%1_%%3%%4.crt\n2:http://*test.domainname.com*/pki/%%1_%%3%%4.crt"*
For an issuing CA, they should be set to:
The URLs should be set to the following for an offline CA:*certutil -setreg CA\CRLPublicationURLs "65:%WINDIR%\system32\CertSrv\CertEnroll\%%3%%8%%9.crl\n6:http://test.domainname.com/pki/%%3%%8%%9.crl"*
*certutil -setreg CA\CACertPublicationURLs "1:%WINDIR%\system32\CertSrv\CertEnroll\%%1_%%3%%4.crt\n2:http://**test.domainname.com**/pki/%%1_%%3%%4.crt"*
Just a clarification here, if you're running the above certutil commands at
the command prompt you only need single % characters in the command line.
The double % characters are only required if the commands are being run in
a batch file.
Paul Adare - FIM CM MVP -
[CS3 JS SDK] Possible to Use HTTP URLs for Links?
I am attempting to use JavaScript to implement a connector from CS3 (InDesign/InCopy in my case) to our content management system. Our CMS provides an HTTP-based API. By using the HttpConnection object (from the Bridge code, see posts on "httpwebaccess library") I can access our repository using HTTP URLs and, for example, get an InDesign document or INX file (and the UI support in CS3 scripting makes it possible for me to build all the UI components I need without having to write a true plugin).
However, what I *can't* seem to do is create Link objects that use a URL, rather than a File, to access resources.
My goal is to be able to store in our repository InDesign documents that use URLs to other resources in the repository for links (e.g., to graphics and InCopy articles).
However, as far as I can tell from the scripting documentation and my own experiments, the URL property on Link is read-only in JavaScript (even though the scripting API HTML indicates it's a read/write property) and Link instances can only be constructed using File objects.
My question: have I missed some trick in the scripting API (or elsewhere) that would allow me to create links that use URLs instead of files (and having done so would InDesign resolve those URLs?)? Our repository does support WebDAV, so that might be an option, but it would depend on mounting WebDAV services in consistent places on client machines, which is dicey at best, given the weak nature of the WebDAV clients on both Windows and OS X).
Or are my only options to either copy linked resources to the client's local file system (or a shared network drive) or implement a plugin that implements my desired behavior for links?
And if the answer is a plugin, will that even work?
This is in the context of CS3. Has the Link mechanism changed at all in CS4 such that I could do what I want in CS4 where I cannot in CS3?
Thanks,
EliotHi,
It is not possible to use HTTP URLS in CS3. You will have to create a plug-in to use Custom Data Links.
I think it is possible to use HTTP URLs in CS4 as per the User Guide.
Regards,
Anderson -
Call http url in Abap - Should not open Browser
Hi Friends,
I have a requirement where i need to check whether a perticular http service is running or not. For that i need a some code to call http url from abap and it should not open the browser. If that perticular url is not found or time out then i should know that in program...
Is there any way to do that..just run the following url (after changing the values for host,etc) from browser
http://<abaphost>.<domain>.com:<port>/sap/public/ping
to get the values for http://<abaphost>.<domain>.com:<port> just go to transaction se80 and choose bsp application option and choose any existing bsp application and then doubl click on a page. on the right side click on the attributes tab and at the end you can find the url
Regards
Raja -
How to encrypt UserID and Password in HTTP url
Hello experts,
We want to encrypt UserID and Password which has used in http URL in SAP PI 7.1.
As we have used SOAP adapter with Transport Protocol HTTP for sender server.
Kindly help us on it.
Regards,
Poonam.Hi,
please go through below blog,
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b04408cc-f10e-2c10-b5b7-af11026b2393?QuickLink=index&overridelayout=true
please go through below threads,
SOAP Envelope with user id password
Soap ---to ----file scenario
regards,
ganesh. -
How to download video files using http urls through OSB
Hi all,
I am working on a requirement where I need to download the video using http url of that video through OSB. Is it possible to convert the video files hosted in a server into base64 code using OSB ? Kindly help me on this.
Thanks
Edited by: 887737 on Jul 25, 2012 3:26 AMHi,
I believe you can get the video file using file transport and then convert it into base64 using a java call out...
This may help...
https://blogs.oracle.com/ateamsoab2b/entry/an_example_of_how_to
Cheers,
Vlad -
SOAP receiver channel with https url
Hi All,
We are working on SAP PO 7.4. We have RFC to SOAP scenario. To connect with external target system we are using https url.
We don't have any sign, encrypt requirement, do we still need to maintain certificates in Key Store as we are using https?
Thanks
ShiviNo.you don't have to select that option.
But you have to install the certificates.
Below one can help you.
How to Enable SSL certificate at the receiver SOAP Adapter -
Can any body help me in reading from HTTPS URL
I need to read an HTTPS URL and store the response within a table .
How will I manage to do it from within a servlet using URLConnection and openStream as it does'nt work .
How will JSSE help in this regard .
Since I also need to give the userid and password to get into the file and read the file
https://anyhost.com/readthisfile.html
somnath
Web DeveloperHi,
The Java Secure Socket Extension (JSSE) library from Sun Microsystems lets you access a secure Web server from behind a firewall via
proxy tunneling. To do this, the JSSE application needs to set the https.ProxyHost and https.ProxyPort system properties. The
tunneling code in JSSE checks for "HTTP 1.0" in the proxy's response. If your proxy, like many, returns "HTTP 1.1", you will get an
IOException. In this case, you need to implement your own HTTPS tunneling protocol.
In this article, I will show you how to create a secure socket that tunnels through the firewall, and pass it to the HTTPS stream handler to
open HTTPS URLs using the URLConnection class.
Open the http tunnel socket to the proxy
The first step to creating your secure socket is to open the tunneling socket to the proxy port. The code needed to do this proxy
handshaking can be found in the sample code SSLClientSocketWithTunneling.java that comes with the JSSE distribution. First, a normal socket is created that connects to
the proxy port on the proxy host (line 65). After the socket is created, it is passed to the doTunnelHandshake() method where the proxy's tunneling protocol is called:
54 SSLSocketFactory factory =
55 (SSLSocketFactory)SSLSocketFactory.getDefault();
56
57 /*
58 * Set up a socket to do tunneling through the proxy.
59 * Start it off as a regular socket, then layer SSL
60 * over the top of it.
61 */
62 tunnelHost = System.getProperty("https.proxyHost");
63 tunnelPort = Integer.getInteger("https.proxyPort").intValue();
64
65 Socket tunnel = new Socket(tunnelHost, tunnelPort);
66 doTunnelHandshake(tunnel, host, port);
In doTunnelHandshake(), an http "CONNECT" command is sent to the proxy, with the secure site's hostname and port number as the parameters (line 161). In the original
tunneling code on line 206 in JSSE, it then checks for "HTTP/1.0 200" in the proxy's reply. If your organization's proxy replies with "HTTP 1.1", an IOException will be
thrown. To get around this, the code here checks for the reply "200 Connection Established", which indicates that tunneling is successful (line 207). You can modify the
code to check for the expected corresponding response from your proxy:
139 private void doTunnelHandshake(Socket tunnel, String host, int port)
140 throws IOException
141 {
142 OutputStream out = tunnel.getOutputStream();
143 String msg = "CONNECT " + host + ":" + port + " HTTP/1.0\n"
144 + "User-Agent: "
145 + sun.net.www.protocol.http.HttpURLConnection.userAgent
146 + "\r\n\r\n";
147 byte b[];
148 try {
149 /*
150 * We really do want ASCII7 -- the http protocol doesn't change
151 * with locale.
152 */
153 b = msg.getBytes("ASCII7");
154 } catch (UnsupportedEncodingException ignored) {
155 /*
156 * If ASCII7 isn't there, something serious is wrong, but
157 * Paranoia Is Good (tm)
158 */
159 b = msg.getBytes();
160 }
161 out.write(b);
162 out.flush();
163
164 /*
165 * We need to store the reply so we can create a detailed
166 * error message to the user.
167 */
168 byte reply[] = new byte[200];
169 int replyLen = 0;
170 int newlinesSeen = 0;
171 boolean headerDone = false; /* Done on first newline */
172
173 InputStream in = tunnel.getInputStream();
174 boolean error = false;
175
176 while (newlinesSeen < 2) {
177 int i = in.read();
178 if (i < 0) {
179 throw new IOException("Unexpected EOF from proxy");
180 }
181 if (i == '\n') {
182 headerDone = true;
183 ++newlinesSeen;
184 } else if (i != '\r') {
185 newlinesSeen = 0;
186 if (!headerDone && replyLen < reply.length) {
187 reply[replyLen++] = (byte) i;
188 }
189 }
190 }
191
192 /*
193 * Converting the byte array to a string is slightly wasteful
194 * in the case where the connection was successful, but it's
195 * insignificant compared to the network overhead.
196 */
197 String replyStr;
198 try {
199 replyStr = new String(reply, 0, replyLen, "ASCII7");
200 } catch (UnsupportedEncodingException ignored) {
201 replyStr = new String(reply, 0, replyLen);
202 }
203
204 /* We check for Connection Established because our proxy returns
205 * HTTP/1.1 instead of 1.0 */
206 //if (!replyStr.startsWith("HTTP/1.0 200")) {
207 if(replyStr.toLowerCase().indexOf(
208 "200 connection established") == -1){
209 throw new IOException("Unable to tunnel through "
210 + tunnelHost + ":" + tunnelPort
211 + ". Proxy returns \"" + replyStr + "\"");
212 }
213
214 /* tunneling Handshake was successful! */
215 }
Overlay http tunnel socket with SSL socket
After you have successfully created the tunneling socket, you overlay it with the SSL socket. Again, this is not difficult to do:
54 SSLSocketFactory factory =
55 (SSLSocketFactory)SSLSocketFactory.getDefault();
56
57 /*
58 * Set up a socket to do tunneling through the proxy.
59 * Start it off as a regular socket, then layer SSL
60 * over the top of it.
61 */
62 tunnelHost = System.getProperty("https.proxyHost");
63 tunnelPort = Integer.getInteger("https.proxyPort").intValue();
64
65 Socket tunnel = new Socket(tunnelHost, tunnelPort);
66 doTunnelHandshake(tunnel, host, port);
67
68 /*
69 * Ok, let's overlay the tunnel socket with SSL.
70 */
71 SSLSocket socket =
72 (SSLSocket)factory.createSocket(tunnel, host, port, true);
73
74 /*
75 * register a callback for handshaking completion event
76 */
77 socket.addHandshakeCompletedListener(
78 new HandshakeCompletedListener() {
79 public void handshakeCompleted(
80 HandshakeCompletedEvent event) {
81 System.out.println("Handshake finished!");
82 System.out.println(
83 "\t CipherSuite:" + event.getCipherSuite());
84 System.out.println(
85 "\t SessionId " + event.getSession());
86 System.out.println(
87 "\t PeerHost " + event.getSession().getPeerHost());
88 }
89 }
90 );
The code had called the SSLSocketFactory's getDefault() method earlier to get an instance of the SSLSocketFactory (line 54, repeated above). Next, it passes the
tunneling socket that was created in the previous step to the createSocket() method of the SSLSocketFactory. The createSocket() method returns an SSLSocket that is
connected to the destination host and port via the proxy tunnel. You can optionally add a HandshakeCompletedListener to the socket if you wish to be informed when the
SSL handshaking is completed.
The SSLSocket created is basically ready for use to transfer secure contents. The startHandshake() method is called to start the SSL handshaking (line 98). After which, you
can issue the http "GET" command to retrieve the secure pages (line 105):
91
92 /*
93 * send http request
94 *
95 * See SSLSocketClient.java for more information about why
96 * there is a forced handshake here when using PrintWriters.
97 */
98 socket.startHandshake();
99
100 PrintWriter out = new PrintWriter(
101 new BufferedWriter(
102 new OutputStreamWriter(
103 socket.getOutputStream())));
104
105 out.println("GET http://www.verisign.com/index.html HTTP/1.0");
106 out.println();
107 out.flush();
However, issuing http commands to the tunneling SSL socket to access Webpages is not ideal because it would mean having to rewrite the whole http protocol handler from
scratch. Instead, you should use the HTTPS URL APIs that the JSSE already includes for that purpose. To do this, you have to pass the tunneling SSL socket to the HTTPS URL
stream handler.
Pass SSL socket to HTTPS URL stream handler
The JSSE library has an HttpsURLConnection class that is in the com.sun.net.ssl package, which extends the java.net.URLConnection class. An HttpsURLConnection object
is returned by the URL object's openConnection() method when "HTTPS" is specified as the protocol. The HttpsURLConnection class has a method, setSSLSocketFactory(),
that lets you set an SSLSocketFactory of your choice. To pass the tunneling SSL socket to the HTTPS URL stream handler, you would set the setSSLSocketFactory()
method's parameter with a socket factory that returns the tunneling SSL socket that you created previously.
To do this, you would wrap the code discussed previously in an SSLTunnelSocketFactory class that extends from the SSLSocketFactory class. The SSLSocketFactory is an
abstract class. To extend it, you must implement the createSocket() method to return the tunneling SSL socket that you created earlier:
12 public SSLTunnelSocketFactory(String proxyhost, String proxyport){
13 tunnelHost = proxyhost;
14 tunnelPort = Integer.parseInt(proxyport);
15 dfactory = (SSLSocketFactory)SSLSocketFactory.getDefault();
16 }
44 public Socket createSocket(Socket s, String host, int port,
45 boolean autoClose)
46 throws IOException,UnknownHostException
47 {
48
49 Socket tunnel = new Socket(tunnelHost,tunnelPort);
50
51 doTunnelHandshake(tunnel,host,port);
52
53 SSLSocket result = (SSLSocket)dfactory.createSocket(
54 tunnel,host,port,autoClose);
55
56 result.addHandshakeCompletedListener(
57 new HandshakeCompletedListener() {
58 public void handshakeCompleted(HandshakeCompletedEvent event) {
59 System.out.println("Handshake finished!");
60 System.out.println(
61 "\t CipherSuite:" + event.getCipherSuite());
62 System.out.println(
63 "\t SessionId " + event.getSession());
64 System.out.println(
65 "\t PeerHost " + event.getSession().getPeerHost());
66 }
67 }
68 );
69
70 result.startHandshake();
71
72 return result;
73 }
Notice that the SSLTunnelSocketFactory contains a default SSLSocketFactory object. The default SSLSocketFactory object can be instantiated from a call to the static
method getDefault() (line 15). You need this SSLSocketFactory object to overlay the tunnel socket with the SSL socket, as discussed earlier. You also call the default
object's getDefaultCipherSuites() and getSupportedCipherSuites() methods when implementing the corresponding abstract methods of the SSLSocketFactory super
class. For implementation details, please refer to the complete source code for the SSLTunnelSocketFactory in Resources.
Tunnel through the proxy via URLConnection
To tunnel through the proxy via URLConnection in your JSSE application, after you call the openConnection() method, check if the returned object is that of the
HttpsURLConnection. If so, you instantiate your SSLTunnelSocketFactory object and set it in the setSSLSocketFactory() method (lines 22 through 25):
10 public class URLTunnelReader {
11 private final static String proxyHost = "proxy.sg.ibm.com";
12 private final static String proxyPort = "80";
13
14 public static void main(String[] args) throws Exception {
15 System.setProperty("java.protocol.handler.pkgs",
16 "com.sun.net.ssl.internal.www.protocol");
17 //System.setProperty("https.proxyHost",proxyHost);
18 //System.setProperty("https.proxyPort",proxyPort);
19
20 URL verisign = new URL("https://www.verisign.com");
21 URLConnection urlc = verisign.openConnection(); //from secure site
22 if(urlc instanceof com.sun.net.ssl.HttpsURLConnection){
23 ((com.sun.net.ssl.HttpsURLConnection)urlc).setSSLSocketFactory
24 (new SSLTunnelSocketFactory(proxyHost,proxyPort));
25 }
26
27 BufferedReader in = new BufferedReader(
28 new InputStreamReader(
29 urlc.getInputStream()));
30
31 String inputLine;
32
33 while ((inputLine = in.readLine()) != null)
34 System.out.println(inputLine);
35
36 in.close();
37 }
38 }
You can then access the HTTPS URLs using the APIs provided by the URLConnection class. You don't need to worry about the format of the http GET and POST commands,
which you would if you used the SSL Socket APIs.
The complete source code for the SSLTunnelSocketFactory and the application code that connects to a secure URL using proxy tunneling is included in Resources. To
compile and run the application, you would need to download and install Sun's JSSE from its Website, also listed in Resources.
Conclusion
If your JSSE application could not tunnel through your organization's firewall, you need to implement your own tunneling socket. The sample code included with the JSSE
distribution shows you how to open an SSL socket tunnel. This article goes one step further to show you how to pass the tunneling socket to the HTTPS URL stream handler,
and saves you the trouble of rewriting a http handler
I hope this will help you.
Thanks
Bakrudeen
Maybe you are looking for
-
Restricting changing the status of an order
Hello, When creating an order (tcode va01), it is possible to change the status of the object. Some of the statuses are for example: u2022 1 Napp Not Approved u2022 2 App Approved u2022 3 Reje Rejected u2022 u2026. Is it possible to restrict people
-
Trying to learn Structure and/or Array
OK here goes my best attempt at an explanation... I been through some tutorial on Structures and Arrays and have an ok idea of what to do with them. But all the tutorials I went through had the variable amounts hard coded in, but I want it to come fr
-
Revision: 12435 Revision: 12435 Author: [email protected] Date: 2009-12-03 07:26:54 -0800 (Thu, 03 Dec 2009) Log Message: Followup to the recent event dispatching change. As it turns out we do require capture phase listeners on both FlexEvent.
-
Who to reverse the OSV if it is reverse what is the future problem in SAP?
Who to reverse the OSV (Asset) if it is reverse what is the future problem in SAP?
-
Hi, I have 80 infopackage in BW system with source system as R3 prod. Now i want to create this all info packages with source system as R3Q. Is there any smarter way to do it rather manually creating them. I mean some tool like LSMW.. Thank you, sam