SOAP Security and Encryption...

Similar Messages

• Remote desktop is it secure and encrypted for windows 7 and windows 2008 servers

  Remote desktop is it secure and encrypted? any supporting documenting showing if it is secure and encrypted .

  Hi,
  Yes, RDP is secure and encrypted. RDP uses RSA Security's RC4 cipher, a stream cipher designed to efficiently encrypt small amounts of data. RC4 is designed for secure communications over
  networks. Administrators can choose to encrypt data by using a 56- or 128-bit key.
  For more details, you can refer to the following:
  Standard RDP Security
  http://msdn.microsoft.com/en-us/library/cc240771.aspx
  Enhanced RDP Security
  http://msdn.microsoft.com/en-us/library/cc240795.aspx
  Secure RDS (Remote Desktop Services) Connections with SSL
  http://technet.microsoft.com/en-us/magazine/ff458357.aspx
  Configure Security Settings for Remote Desktop Services Connections
  http://technet.microsoft.com/en-us/library/cc753488.aspx
  Thanks.
  Jeremy Wu
  TechNet Community Support

• Security and encryption inside Integration Server

  Hi,
  is it possible to encrypt the entire message process INSIDE PI. I don't mean "Adapter-Inbound" or "Adapter Outbound" communication, but rather "Adapter-to-Integration Server" and "Integration-Server-to-Adapter"?
  For example, that the message payload cannot be seen in SXMB_MONI etc.
  A potential scenario are HCM payroll data exchange.
  Thanks for any idea.
  -hs

  For example, that the message payload cannot be seen in SXMB_MONI etc.
  1) Do not log the message (check the blog: /people/michal.krawczyk2/blog/2007/04/30/xipi-personalized-logging-tracing) ....monitoring may not be possible then.
  2) restrict the user from viewing the payload....adding new-users to the no-view list to be managed by the Admins
  3) Make use of java logic in adapter module to encode the message before passing it to SXMB_MONI.....not all adapters support modules...complexity increases....decoding logic at receiving end required
  4) Make use of com.sap.security.api.ssf...disadvantages same as for point 3.
  Regards,
  Abhishek.

• Where is the FF4 "lock" icon that indicates secure and encrypted transmission?

  Prior to FF4 upgrade, a 'lock' icon would appear on bottom of screen to indicate when of if transmission was secure. With FF4 this icon never appears (or I don't know where to find it). Does it have a new location? Is there some way to have it return for those sites with which transmission will be encrypted?

  The lock has been replaced by the [[Site Identity Button]], which will tell you whether the connection is encrypted ''and'' the identity of the web site on the other end of the connection.
  The reason for this change is that it is important to verify identity, not just security. The "lock" icon could be misleading, because an encrypted connection is not actually secure unless the identity is verified too.

• File Security and Encryption - any information?

  I'm impressed with the file sharing (free version) but if its used for business information and documents how secure are they from prying eyes / unauthorised download / hacking etc. ?

  Thank you for your post. You can read about security for Acrobat.com here.

• Security And Cryptography

  I'm so much new in Java Card programming and know alittle about security and cryptions in Javacards..
  Would u please help me to start learning in these topics from basic, or introduce any refrences that learns basic security and encrypt & decrypt
  thanks all..
  Kind Regards
  Hana

  This feature is often implemented using a secure channel.
  basically you have to authenticate with the card before being able to acess any data.
  pros:
  avoid internal encryption, which is costly
  allows to authenticate and encrypt the real important thing : communication. The card internals are secure by design: there are light/frequency/temperature sensors to protect from tampering.
  cons:
  i don't know :)
  how does it work? with a shared key and 3 ways handshake.
  (card contains a key that was loaded previously)
  1 host generates a random string H and sends it to the card.
  2 card generates a random string C and sends enc(H) and enc(C)
  host verifies that dec(enc(C))==C This way, we are sure the card knows the same key as us.
  3 host sends enc(H)
  card verifies that dec(enc(H))==H This way the card is sure the host knows the same key as it.
  access to data is granted only if all these steps passes.
  the crypto alg is generally 3DES with 16 bytes keys and 8 byte datablocks, this algo is managed in the card HARDware, so it's fast.
  this sort of process is used in global platform. Read this doc for more information, this is a bible.
  If you use the global platform mechanism, you will get excellent security with few code to write.
  Note that there are many possibilities here, this one is only an example to help you get the idea.

• Security Issues: SSL on SOAP Adapter and Digital Signature in BPM

  Hi there,
  we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
  1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
  - check whether the SAP Java Crypto Lib is installed in the Web AS;
  - generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
  Is that right?
  I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
  2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
  But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
  Thanks in advance!

  Hello Henrique,
  1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
  2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
  Rgds.,
  Andreas

• Error in Admin and manager server startup - BEA-149205-  due to error weblogic.security.internal.encryption.EncryptionServiceException

  Hi -
  I have installed OIM 11g r2 ps2, I an tring to start my Admin and SOA server :
  1. Though my admin server is coming up fine, but I am getting the following error when I am trying to start Admin server.
  ####<Apr 22, 2015 12:22:27 AM PDT> <Error> <Deployer> <devoimx003> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS
  Kernel>> <> <> <1429687347654> <BEA-149205> <Failed to initialize the application 'opss-DBDS' due to error weblogic.security.internal.encryption.EncryptionServiceException.
  weblogic.security.internal.encryption.EncryptionServiceException
          at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
          at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
          at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
          at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
          at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
          at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
          at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
          at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
          at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
          at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
          at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
          at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
          at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
          at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
          at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
          at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
          at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
          at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
          at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
          at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
          at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
          at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
          at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
          at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
      at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
          at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
          at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
          at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
          at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
          at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
          at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
          at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
          at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
          at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
          at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
          at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
  Caused By: weblogic.security.internal.encryption.EncryptionServiceException
          at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
          at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
          at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
          at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:597)
          at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
          at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
          at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
          at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
          at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
          at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
          at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
          at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
          at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
          at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
          at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
          at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
          at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
          at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
          at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
          at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
          at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
        at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
          at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
          at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
          at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
          at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
          at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
          at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
          at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
          at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
          at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
          at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
          at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
          at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
          at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
          at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
          at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
          at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
          at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
          at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
  2. My SOA server is coming up but in admin mode and giving OPSS connections errors.
  Any help is really appreciated!
  Thanks,
  SK

  Hi Faisal -
  is your domain in development mode or production mode?
       - While configuring my domian , I had selected Prod Mode, but pon start up when I see in admin server console, it is starting in developement mode already ?
  Any idea how, why ?
  if its production mode you can switch to development mode, change all the credentials in the config.xml and configurations under sub folders to cleartext and start the server..
  - Let me still try these and get back to you.
  Thanks,
  SK

• Web service security: XML signatures and encryption

  Hi users -
  I am trying to figure out how to implement XML signatures and encryption for my web service.  We are only on AS ABAP 7.0, SP 11 - we do not have SOAMANAGER yet.  Yet all documentation I can find on configuring encryption and signatures, references SOAMANAGER.
  Does anyone know of a guide anywhere on implementing XML signatures and encryption for web services pre-SOAMANAGER?  It's listed as supported - but I can't find a thing! Your help is much appreciated!
  Thanks so much!
  Abby

  Hi Users -
  I found the answer to this (although it wasn't one I liked.) It doesn't appear that encryption with XML signatures is supported prior to SP 14.
  I found this information at
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/6d19c8ee-0c01-0010-619d-92af980436d7
  page 36
  Hope that saves somebody else some time...
  Thanks!
  Abby

• Mediator not detecting faults when WS-Security Message Encryption enabled

  We are using a SOA 11g composite to call a set of OSB proxy/business pairs which in turn call further web services and return the responses. The OSB proxy services are trivial: they each expose the WSDL of the downstream web service and route all messages without any transformation to a business service that also uses the downstream WSDL.
  The SOA composite is composed largely of a mediator that accepts requests, transforms payloads, routes to the correct OSB service, transforms the response, and replies to the caller.
  I have configured my OSB services, in case of a SOAP fault returned from downstream, to simply "Reply with Failure", which causes the body received from the downstream web service (a SOAP fault) to be returned to the SOA composite along with an HTTP 500 error. I have created a Fault processing section in each of my routing rules that maps the downstream fault to a fault that the mediator returns to the caller.
  In my local test instance, this works fine; OSB receives a custom SOAP fault from the downstream service, sends it back to SOA where the mediator recognizes the fault and maps it, and throws a SOAP Fault back to the caller.
  In our formal testing environment, however, it does not work. I have validated that the response comes back to the Mediator in the same way as it does in my local environment, but the Mediator attempts to use the standard response transformation configured for that routing rule rather than the fault transformation. The fundamental difference between my local environment and the formal test environment is that WS-Security has been enabled between SOA and OSB using the wss10_username_token_with_message_protection via OWSM.
  I have a workaround, namely to add a choose clause in my reply transformation XSL file that looks for a SOAP fault and sends it back to the caller if one is found, however this is a nasty hack.
  Has anyone had experience with this scenario, where implementing WS-Security causes SOAP Faults to no longer be recognized? My best guess at this point is that when "Reply with Failure" is used, OSB returns the SOAP Fault body in an encrypted form and SOA assumes that the call succeeded (despite the HTTP 500 error). I have not found a way to tell OSB not to encrypt the response message in the case of "Reply with Failur", but it doesn't encrypt responses when it throws its own faults (BEA-380001, for instance).

  X509V1 is not a valid value for "Valuetype". So I guess this should not be the problem.

• Signing and Encryption Error PI 7.0

  Hi All,
  The scenario is
  1) Two XI boxes are connecting with each other using XI adapter. Earlier there was signing and encryption  certificate used
  for data transfer and was working successfully.
  2) From last 2-3 weeks source XI system is getting error in Call adatper as mentioned below. Then we tried to remove signing and encryption certificate so we disable both end the security check.  And tried to send normal message but then also we are getting following error in Call adapter in SXI_MONITOR
  Signature error Error while valdiating the digital signature. Theerror was com.sap.security.core.ws.wss.NoSecurityHeaderException No wsse:Security header has been defined for role soap:finalActor. Please verify the
  Error during message security handling in inbound channel: Security profile 'Check Signature and Decrypt Message'
  3) The SM59 connection is working fine. We have tried cache refresh. But still issue is not resolved.
  Please guide

  Hi Abhay
  Probably the issue is with the public keys which are stored in both the XI boxes , as both the keys will be same .
  Also check digital signatures which are maintained .
  Regards
  Ninad

• WS-Security and UsernameToken 1.0 with PI 7.0

  Hello experts,
  we use PI 7.0 and we want to establish a connection to a web service which requires the use of "Message Security 1.0 (WS-Security)" and "UsernameToken Profile 1.0". I can't find the correct settings in the SOAP adapter. Do we have to use PI 7.1 and the WS adapter to establish this connection, is it possible to install the WS adapter on PI 7.0 or is there any workaround to connect to a web service like this?
  The standards are described here:
  http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf
  http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf
  Best regards,
  David

  UsernameToken works with the WS-RM adapter very well, basically with every standard compliant SOAP implementation.
  You have to choose User ID/password message authentication in the receiver channel, then you get a Username Token. In the receiver agreement you then enter the actual username and password to use for the call.
  Choosing Asymmetric Message Signature/Encryption the messages will be signed and encrypted in a standadized WS-Security way. The signature will be performed based on a private key (stored inside a PSE of transaction STRUST of the integration server) you supply in the receiver agreement.
  The other option Symmetric Message Signature/Encryption will also add signature and encryption to the SOAP message. However the signature is done with a symmetric key that is created for the particular message exchange.

• Digital singning and encryption

  I developed Web Sevices with Soap messages Encripted and Signed with Apache XML Security (AXIS compatible) but now I'm working with Oracle 10g. I like to use the 10g's new features (JAX-RPC, Soap, UDDI, etc) but I like to still sending Encripted and Signed messages. Anyone know if Xml Security is compatible with 10g or if there are another Library like Apache's one?
  Thank You
  Wilberto Montoya

  Hi Amber,
  The work is based on the finalization and imminent publication of the
  wsse Oasis spec. This is targeted for WLS 8.1 SP3, and you can contact
  our outstanding support organization, reference CR134931, for details.
  Regards,
  Bruce
  Amber Osterman wrote:
  >
  I recently attended the webinar on Web Services interoperability w/ .NET. The
  presenter mentioned that digital signatures and encryption did not work w/ Workshop
  8.1. Is it fixed in 8.1 SP2? Also, are there any interoperability issues w/
  NET and Workshop using digital signatures and encryption.

• Creating a signature and Encrypt the file

  Hi Experts,
      I have an requirement,  I need to create a module in which I need to pass four values (Namely signing key, signing algorithm, encyption key and encryption algorithm) through parameters as inputs.  Based on these parameters, I need to create the signature for the input xml file and I have to encrypted the file.  Please Guide me.  Give some useful links, documents or codes to how to do this.  Help me in this regard.
  Thanks in Advance,
  Venkatesh.K

  Hi,
  Digitally signing of messages is possible by using cryptographic toolkits.
  All required java programs are imported as archives into XI. Java mapping is written utilizing the imported java archives which actually performs the digital signature creation for the outgoing messages from XI and digital signature verification for the incoming messages to XI.
  refer
  SAP Network Blog: Using Digital Signatures in XI
  /people/sap.user72/blog/2005/06/16/using-digital-signatures-in-xi
  SAP Network Blog: How to use Digital Certificates for Signing & Encrypting Messages in XI
  /people/varadharajan.krishnasamy/blog/2007/05/11/how-to-use-digital-certificates-for-signing-encrypting-messages-in-xi
  SAP Network Blog: How XML Encryption can be done using web services security in SAP NetWeaver XI
  /people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi
  You may also use the SAP cryptographic toolkit available from SAP market place for signing encrypting. See i.e. http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/frameset.htm
  Decryption of Message after processing by File adapter
  https://www.sdn.sap.com/sdn/collaboration.sdn?contenttype=url&content=https%3A//forums.sdn.sap.com/thread.jspa%3FforumID%3D44%26threadID%3D37512
  Ensure the Confidentiality of Your SOAP Message Content: XML Encryption Using Web Services Security in SAP NetWeaver Exchange Infrastructure
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f0650f56-7587-2910-7c99-e1b6ffbe4d50
  Digital Signatures in SAP Applications
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/40f6fee6-9316-2a10-d2a9-954d4df7dd33
  Best Practices for Digital Signatures
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/55ba9790-0201-0010-aa98-ce8f51ea93cd
  Thanks
  Swarup
  Edited by: Swarup Sawant on Apr 4, 2008 2:02 PM

• Sap PI-xml Digital Signing and encryption in PI-ehp1

  Hi Experts,
  Our Business scenario is sap R/3 (sender)>rfc data to PI and to webservice(receiver) using rfc and soap adapters
  The communication channels are secured by snc/ssl.
  Now the issue is PI have to send digitally sign and encrypt xml messages to receiver and I got no clue how to do this.
  Experts please advise.
  We have to Digitally sign and encrypt xml messages in PI
  1)can we use SAML or Ssfdata xml..if so how to use them,can you send me some documents with screen shots so that i can configure the same in PI
  We used adepative tool but it does not support Dsigning
  2)Please advise the correct procedure
  3)how to develop a adapter user module and how to call it for testing purpose...please advise
  O/s:windows
  PI EHP1 7.1
  DB:oracle
  PLEASE HELP
  Thanking you
  Pooja

  Hi Experts,
  Please Advise for my above querys
  1)I tried to develop a EJB project and generate EAR file and depoly it in J2ee server and create adapter modules to call It..however I tried to use a document provided my sdn http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/c0b39e65-981e-2b10-1c9c-fc3f8e6747fa?quicklink=index&overridelayout=true................however I am unable to see the options provided ,unable to create EAR project and unable to see deploy option,please can you share a correct document irrespective of nwds SP level
  2)Apart from giving JNDI name in module tab,what else should be mentioned for a small test message request/response
  3)How to call the adapter for testing purpose apart from monitoring audit logs
  Please Advise Experts
  Thanking you
  Pooja