HR ESS Services - Security setup

Similar Messages

• Shared Service Security Setup - Demo Doc

  Hello Friends,
  Was just checking if anyone of you have a quick small document which would explain the security setup module in Shared services
  with Users, Roles, Groups, filters
  Type of access READ WRITE, META READ WRITE etc in a pictorial format.
  Just have to give a demo to my fellows.
  Thanks in advance
  MS

  Try
  http://docs.oracle.com/cd/E17236_01/epm.1112/hss_admin_1112200/apas02.html
  http://docs.oracle.com/cd/E17236_01/epm.1112/hss_admin_1112200/ch09s04s08.html
  http://docs.oracle.com/cd/E17236_01/epm.1112/hss_admin_1112200/ch09s04s07s01.html
  http://docs.oracle.com/cd/E17236_01/epm.1112/esb_dbag/dsefilt.html
  Cheers
  John
  http://john-goodwin.blogspot.com/

• Is Web service security available?

  Dear Experts,
      In RWB, when i click on Integration Engine(in component monitoring) i get a yellow triangle next to it instead of green. Result of self test says that
  Is Web service security available?
  "Communication error Proxy calls are not permitted on sender or receiver side on the IS (client)".
  Can u guys tell me the reason behing this.
  Thanks & regards.

  Hi,
  Check if you have selected any security level for the WebService or may be it is across the firewall. Probably you need to install the related certificates and have to configure the SSL layer.
  refer
  You need to setup SSL layer for HTTPS endpoint.
  Possible HTTP security levels are (in ascending order):
  HTTP without SSL
  HTTP with SSL (= HTTPS), but without client authentication
  HTTP with SSL (= HTTPS) and with client authentication
  Use transaction STRUST to set up an SAP Web AS ABAP engine as HTTPS server. If not already done, you have to import a certificate generated by a trusted CA identifying the SAP Web AS. In addition, you have to enable the HTTPS port in the ICM (Internet Communication Manager).
  http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/frameset.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/ff/7932e4e9c51c4fa596c69e21151c7d/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/13/4a3ad42ae78e4ca256861e078b4160/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/3a/7cddde33ff05cae10000000a128c20/content.htm
  http://help.sap.com/saphelp_nw04/helpdata/en/0a/0a2e0fef6211d3a6510000e835363f/content.htm
  General guide
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9
  Message level security
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51
  Thanks
  Swarup

• Custom ESS Service Error

  I have created one custom apppppciation for ESS Service...and getting the following error..Any help is appreciated?
  java.lang.NullPointerException
          at com.sap.xss.config.FPMRepository$RepositoryKey.hashCode(FPMRepository.java:46)
          at java.util.HashMap.hash(HashMap.java:261)
          at java.util.HashMap.get(HashMap.java:317)
          at com.sap.xss.config.FPMRepository.retrieveObjectInternal(FPMRepository.java:79)
          at com.sap.xss.config.FPMRepository.retrieveObject(FPMRepository.java:66)
          at com.sap.pcuigp.xssutils.ccpcd.FcXssPcd.initializeConfiguration(FcXssPcd.java:816)
          at com.sap.pcuigp.xssutils.ccpcd.FcXssPcd.loadConfiguration(FcXssPcd.java:250)
          at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalFcXssPcd.loadConfiguration(InternalFcXssPcd.java:178)
          at com.sap.pcuigp.xssutils.ccpcd.FcXssPcdInterface.loadConfiguration(FcXssPcdInterface.java:138)
          at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalFcXssPcdInterface.loadConfiguration(InternalFcXssPcdInterface.java:148)
          at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalFcXssPcdInterface$External.loadConfiguration(InternalFcXssPcdInterface.java:240)
          at com.sap.pcuigp.xssutils.ccpcd.CcXssPcd.loadConfiguration(CcXssPcd.java:282)
          at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalCcXssPcd.loadConfiguration(InternalCcXssPcd.java:184)
          at com.sap.pcuigp.xssutils.ccpcd.CcXssPcdInterface.loadConfiguration(CcXssPcdInterface.java:115)
          at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalCcXssPcdInterface.loadConfiguration(InternalCcXssPcdInterface.java:124)
          at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalCcXssPcdInterface$External.loadConfiguration(InternalCcXssPcdInterface.java:184)
          at com.sap.pcuigp.xssutils.ccxss.CcXss.loadConfiguration(CcXss.java:209)
          at com.sap.pcuigp.xssutils.ccxss.wdp.InternalCcXss.loadConfiguration(InternalCcXss.java:153)
          at com.sap.pcuigp.xssutils.ccxss.CcXssInterface.loadConfiguration(CcXssInterface.java:112)
          at com.sap.pcuigp.xssutils.ccxss.wdp.InternalCcXssInterface.loadConfiguration(InternalCcXssInterface.java:124)
          at com.sap.pcuigp.xssutils.ccxss.wdp.InternalCcXssInterface$External.loadConfiguration(InternalCcXssInterface.java:184)
          at com.sap.pcuigp.xssfpm.wd.FPMComponent.wdDoInit(FPMComponent.java:187)
          at com.sap.pcuigp.xssfpm.wd.wdp.InternalFPMComponent.wdDoInit(InternalFPMComponent.java:110)
          at com.sap.tc.webdynpro.progmodel.generation.DelegatingComponent.doInit(DelegatingComponent.java:108)
          at com.sap.tc.webdynpro.progmodel.controller.Controller.initController(Controller.java:215)
          at com.sap.tc.webdynpro.progmodel.controller.Controller.init(Controller.java:200)
          at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.init(ClientComponent.java:430)
          at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.init(ClientApplication.java:362)
          at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.initApplication(ApplicationSession.java:754)
          at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:289)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:713)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:666)
          at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
          at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
          at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
          at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
          at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
          at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
          at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
          at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
          at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
          at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Thanks,
  Damodhar.

  I Think I have to add a parameter sap.xss.BaseConfigurationID (PCD FPM View) to application properties. Is it mandatory to add FPM View which is created in PCD to Application Properties. Is there any other way to avoid this procedure?
  Thanks,
  Damodhar.

• How to make my Portal Web Service SECURED?

  Hi Experts,
  I created one portal Service and exposed it as Portal Web Service.
  Everything is working fine, as i deployed my Portal Web Service on to the SAP J2EE Engine ie SAP Server.
  I m able to access functions of Web Service from my StandAlone Java Application.
  but the problem is my Web Service is not SECURED.
  How can i make my Portal Web Service SECURED?
  Please help me out.
  Help will be appreciated and rewarded!!!!!

  user13046122 wrote:
  I have an old pl/sql "helper" package, originally written to make SOAP Web Service calls from the database - it uses UTL_HTTP to invoke the target services.
  I now need to make SOAP Web Service calls - from an 8.1.7.4 database
  But the version of UTL_HTTP inside 8.1.7.4 does not contain the functions needed in the helper package
  Can anybody suggest a means of making SOAP Web Service calls from an 8.1.7.4 database ?I think you'll be very lucky to find anyone here who still has access to a version of Oracle that is that old.... I mean... that's like what? 15 years old at least? I'm surprised you've still got hardware that can run that.
  It would probably help if you could post what code you've got and explain which function(s) it's complaining about, as I doubt people will want to guess.

• Web Service Security Question

  I have created a web service in the NetWeaver portal using a Portal Service.  I have marked the service as requiring basic http authentication.  However, when I call the web service from the Enterprise Portal Web Services Checker in NWDS it just let's me supply the params of the web service and no authentication.  Any ideas?
  I also noticed that my web service does not appear under the Web Services Container or Web Services Security section in Visual Administrator.  Anybody have any idea why this is?
  Thanks in advance.
  Curtis

  Hi Curtis,
  My guess is that since you are logged into the Portal while calling this web service, it will use the current session cookie to authenticate automatically. I'm not sure on the second question, tried a restart?
  Regards,
  Raj

• Web Service Security with SAML - Invalid XML signature

  Hello together,
  we want to build a scenario where we want to use Web Service Security  with SAML.
  The scenario will be
  WS Client (Java Application) -> WS Adapter -> Integration Engine ->  WS Adapter-> CRM (Web AS ABAP 7.01 SP 3)
  SAP PI release is 7.11 (SP Level 4)
  We want to use the SAML Authentification from WS Client to PI and from PI to Web AS ABAP.
  The SAML authentifications between the WS Client and PI works when there is no SAML auth between PI and CRM.
  But we get following error at calling the CRM system when we want to communicate with SAML:
    <E_TEXT>CX_WS_SECURITY_FAULT:Invalid XML signature</E_TEXT>
  Has somebody an idea of the possible reason for the error.
  Thanks in advance
  Stefan

  Error Messages in the Trace/Log Viewer:
  CX_WS_SECURITY_FAULT : Invalid XML signature | program: CL_ST_CRYPTO==================CP include: CL_ST_CRYPTO==================CM00G line: 48
  A SOAP Runtime Core Exception occurred in method CL_ST_CRYPTO==================CM00G of class CL_ST_CRYPTO==================CP at position id 48  with internal error id 1001  and error text CX_WS_SECURITY_FAULT:Invalid XML signature (fault location is 1  ).
  Invalid XML signature

• Details for 'Is Web service security available?'

  Hi i am working on scenario rfc to webservice.Its as secued webserivce i need to do ssl configuration.
  In component monitoring..for the integration engine its in yellow...
  Details for 'Is Web service security available?'
  Communication error Proxy calls on the sender or receiver side are not permitted on the IS (client)
  can any one please help me out..
  Thanks
  sriram

  I have already installed certificates on the j2ee engine & i have given the paramaters for keystore entry & keystore value.Still i have the same error
  In component monitoring
  For integration engine
  Details for 'Is Web service security available?'
  Communication error Proxy calls on the sender or receiver side are not permitted on the IS (client) 
  In message monitoring
  Audit Log for Message: f614df00-e9e0-11da-95ef-0004ac577b32
  Time Stamp Status Description
  2006-05-22 15:18:58 Success The message was successfully received by the messaging system. Profile: XI URL: http://saptst01:51000/MessagingSystem/receive/AFW/XI
  2006-05-22 15:18:58 Success Using connection AFW. Trying to put the message into the request queue.
  2006-05-22 15:18:58 Success Message successfully put into the queue.
  2006-05-22 15:18:58 Success The message was successfully retrieved from the request queue.
  2006-05-22 15:18:58 Success The message status set to DLNG.
  2006-05-22 15:18:58 Success Delivering to channel: ZCH_VERISIGNPPGR
  2006-05-22 15:18:58 Success SOAP: request message entering the adapter
  2006-05-22 15:18:58 Success SOAP: call failed
  2006-05-22 15:18:58 Error SOAP: error occured: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: illegal parameter
  2006-05-22 15:18:58 Error Exception caught by adapter framework: Peer sent alert: Alert Fatal: illegal parameter
  Can any one please help me out.
  Thanks
  sriram

• Current Date in Service Description of ESS Services

  Hi All,
            We want to display current date in the Text of Service Description.
  In SPRO,  -> personnel Management -> ESS -> General Settings -> Home page for ESS -> Services -> Define Services, I tried using &DATE& but it shows the date, 28.02.2011 and not the current date i.e 14.03.2011.
  The server date is correct, i.e. 14.03.2011
  Can you please help, how can I display current date in the service description.
  Cheers!!!
  Umang

  Hi Umang,
  You can use Proxy class to append the time dynamically to the service description.
  Refer to the blog
  /people/amir.madani/blog/2007/01/05/create-dynamic-xss-homepages-with-static-services-using-a-simple-proxy-class
  Revert if you face any difficulty with this.
  Thanks
  Prashant

• Web Services Security Problem

  hi all,
  I am publishling the BC4J Component(Application module) as a webservice. The particular web service method will be as follows. The method is returning the element object.
  public Element getEmp(String searchString,String selectedItem, int pageNoInput)
  return (Element)hits.writeXML(1,Row.XML_OPT_LIMIT_RANGE);
  I am securing the web service by the instructions which are given in the following link
  http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html
  Then i am creating the proxy client. when i run the proxy client it gives me the following exception
  javax.xml.rpc.soap.SOAPFaultException: SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
       at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:553)
       at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:390)
       at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:111)
       at aptuitclient.runtime.ReviewProtocolAppModuleServiceSoapHttp_Stub.getEmp(ReviewProtocolAppModuleServiceSoapHttp_Stub.java:91)
       at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.getEmp(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:58)
       at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.main(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:44)
  When i am removing the security for the web service it is giving the Element object.
  The Problem is when i am securing the web service it is giving the above said exception.
  Please help me regarding this... this is very urgent...
  rgds
  Parameswaran

  Hello,
  When you are using WS-Security you need to secure the client too. So in your case the client is the ADF Data Control.
  The way you should configure your data control is documented here:
  - Web Services Security and ADF Data Control
  Regards
  Tugdual Grall

• Security Setup not working

  Hi,
  As a part of security setup we have done the following things:
  - Users created and assigned as members of groups. One group is created per entity.
  - Groups have been provisioned for the application and given security class access
  - Security classes have been created and attached to metadata. for e.g, all entities have been attached a Sec class in properties.
  - In application settings, Node Security = Entity, Security for Entities is Checked, Enable Metadata Sec Filtering is also checked.
  Even after this, the security setup doesnt seem to be working. A user with minimal provision (only Data Form Writeback from Excel) and no security class access is also able to see all the entities, also other forms, grids, etc which have been attached diff security classes. He is able to edit the forms and grids.
  Can anyone help out as to what is it that we are missing?

  What role(s) do the users have? Any user with the Administrator role bypasses class access checking and is assumed to have full access to everything. No other role provides this bypass.
  Editing forms and grids has nothing to do with Entity security. If the forms and grids have no class assigned to them, they use the [Default] class which I suggest all users have All rights to anyway. If there are grids/forms you do not want users to change, you should assign a specific class to them, other than [Default].
  Enable Metadata security filtering should restrict users from seeing the members for which they have None access to, but as long as they have Read or All access, they will see the members in a pick list.
  --Chris                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

• Security Setup

  Hi,
  We are having HFM used for reporting and consolidation.
  Two Specific issues/questions
  1) We are having seperate Development, UAT and production environments. However the security setup/AD groups for all three environments are same. We cannot create different security groups in three different environments as it will affect meta data level changes.So the issue is that , person having UAT environment is also able to access the production system, as AD groups for security class are same. Is there a way we can diffentiate the security of three different environments?
  2) HFM offers application adminsitrator roles. However, we are having 3 different team:
  A) One performing change management such as meta data level changes
  B)Second one performing security
  C)Third one performing maintainance actiivites such as dispensation, bypass,validation tolerane limit load excahgne rate.
  Is there a way we can segregate these responsibilites by setting up different access/roles for the users.
  Your help would be much appreciated.

  Hi,
  In regards to question #1 :
  Option a - Use Native Groups. If you were using Native Groups as opposed to the AD groups, you could keep everyone assigned to the same groups and simply have different levels of access between the apps. A lot of systems will use Native Groups with external directories (i.e. Active Directory) for users. This probably isn't something of interest since you already have everything in AD and would be a lot of hassle to rework....
  The other options I propose really depend on what exactly are you trying to accomplish in DEV vs PROD in regards to security. They are somewhat hackish but would solve your issue....
  Option b - If you want everyone to have full access to everything in DEV as opposed to more limited access in prod, give the WORLD built in group access to all of your security classes in DEV only.
  Option c - If you want everyone to have the same entity / account access just a different level (i.e. Read to Write), then you can just extract the production security file and replace all the security class access items from Read to All, etc.
  Option d / e - If you want to give people different account / entity access as opposed to level of access, this is a bit trickier because any moves you make in AD would apply for all of the apps.... I would think this wouldn't be that common and maybe you only need this for a couple people? For the few instances of this, I think the best bet optiosn are : d.) create a Native Group and put them in that with the proper security class access. e.) Assign the user directly to the security class with the proper access in the environment. Security class access is not contained in AD and the changes would not automatically propagate..... If you have to do this for a "ton" of users, it wouldn't be much fun though.
  In regards to question #2 -
  A) - First of all, if someone has the HFM client or a text editor and access to the metadata file, anyone can make the changes. Your best bet is to control the extracting and loading aspect of this. The 'Load System' role will control who can load metadata to HFM.
  B) - Provisioning Manager will allow changes to user access to the App
  C) Not sure what you're looking for here. Exchange rates would be a data load so they would need to be able to load data to the system. This sounds like more of an Account / Entity access item so you would need to make sure the user has proper security class access in HFM.

• Web service security in PI

  Mine is PROXY to SOAP asynchronous.
  PI consumes the service, my requirement is when PI calls the service I need to pass web service security in SOAP header.
  so that at receiver statem they can validate the user using these.
  When i am calling webservice from soapui with the header parameters
  Username , Password and Password Type - PasswordText , it is able to get results. The soapui tool automatically adds the following in the soap header -
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>xxxxx</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxxx</wsse:Password>
  <wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>
  <wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>
  </wsse:UsernameToken>
  </wsse:Security>
  What configuration needs to be done in PI.

  I got this in Runtime work bench
  <SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
  - <SOAP:Header>
  - <sap:Main xmlns:sap="http://sap.com/xi/XI/Message/30" versionMajor="3" versionMinor="0" SOAP:mustUnderstand="1" xmlns:wsu="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="wsuid-main-92ABE13F5C59AB7FE10000000A1551F7">
    <sap:MessageClass>ApplicationMessage</sap:MessageClass>
    <sap:ProcessingMode>asynchronous</sap:ProcessingMode>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    <sap:TimeSent>2009-07-15T15:46:10Z</sap:TimeSent>
  - <sap:Sender>
    <sap:Party agency="" scheme="" />
    <sap:Service>test2310</sap:Service>
    </sap:Sender>
  - <sap:Receiver>
    <sap:Party agency="" scheme="" />
    <sap:Service>test_serivce</sap:Service>
    </sap:Receiver>
    <sap:Interface namespace="urn:Publish">msgIF_publish_I_Async</sap:Interface>
    </sap:Main>
  - <sap:ReliableMessaging xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
    <sap:QualityOfService>ExactlyOnce</sap:QualityOfService>
    </sap:ReliableMessaging>
  - <sap:Diagnostic xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
    <sap:TraceLevel>Fatal</sap:TraceLevel>
    <sap:Logging>On</sap:Logging>
    </sap:Diagnostic>
  - <sap:HopList xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
  - <sap:Hop timeStamp="2009-07-15T15:46:10Z" wasRead="false">
    <sap:Engine type="BS">test_serivce</sap:Engine>
    <sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    <sap:Info>3.0</sap:Info>
    </sap:Hop>
  - <sap:Hop timeStamp="2009-07-15T15:46:11Z" wasRead="false">
    <sap:Engine type="IS">is.68.devai020</sap:Engine>
    <sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    <sap:Info>3.0</sap:Info>
    </sap:Hop>
  - <sap:Hop timeStamp="2009-07-15T15:46:12Z" wasRead="false">
    <sap:Engine type="AE">af.dxi.devai020</sap:Engine>
    <sap:Adapter namespace="http://sap.com/xi/XI/System">XIRA</sap:Adapter>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    </sap:Hop>
    </sap:HopList>
    </SOAP:Header>
  Edited by: Vamsi on Jul 15, 2009 7:06 PM

• Web Service Security using OpenSSO

  Hi,
  I have a question regarding the usage of the OpenSSO in order to secure web services.
  I have read the documentation and it states the OpenSSO enables web service security.
  However, in the docs the main scenario is where the WSC and WSP are protected by the agent.
  In my scenario, I would like to use agents only on the WSP side, but leave the implementation of the client side open to the partners. Partners will have the interface from the OpenSSO for the authentication and saml token retrieval. The client will have to create soap by itself. This is the case since the WSC are to be standalone applications on client computers.
  To set the actual question; what are web service interfaces that OpenSSO as a STS offers for authentication and saml token issuance. Is there same sort of a referential architecture for this case where only the STS and WSP can be configured and the WSC implementation of the WSS left to the partner. Any pointers and directions would be appreciated.
  Thanks!

  Hi
  Thanks for your reply
  I downloaded OC4J 10.1.2.0.2 and ran it as as a standalone server.
  I read the blog you linked and made the changes to the web.xml for the webservice. All of which I was able to do using the property palette in jdev 10.1.2.1.0.
  I deployed my webservice to my oc4j standalone server and it appeared as a new application. I editied the orion-web.xml for the new application manually.
  When I point my browser at the webservice I get the test page which allows me to pass parameters to the webserive. I invoke the webservice (which does a HTTP GET according to the test page) and the webservice runs. No user and password is needed though.
  What is the expected behaviour? I was hoping that the webservice wouldn't run until I supplied the admin user name and password
  paul

• Web Service security is not set up on this component

  Hi Friends,
  In RWB, when I click on component monitoring->Integration Engine, I got "Web Service security is not set up on this component"
  I want to send message using soap adapter by encrypting and signing it. for this purpose I need to configure the Web Service Security.
  Can someone please provide some documentation or link on how to set up this Web Service Security?
  thankx

  Hi,
  there is a chapter - Security Configuration at Message Level
  in XI config guide which specifies everything you need - this is what you need
  so I hope no further explanations are necessary
  Regards,
  Michal Krawczyk