SOAP Sender security

hi Experts,
We have installed PI7.0 & we have configured Synchronous SOAP interfaces, Now the questions is if we configured SSL for SOAP interfaces whole message will get encrypted. Our requirement is we only want to encrypt credetials passing through interface. Please let us know or help us if this is possible.
Thanks
Rakesh

Hi Preeti,
Thanks for the response. Since we are on PI 7.0, I believe the setting that you are referring to should be on Visual Admin. Could you please let us know the parameter or the setting that needs to be changed in VA?
I am not sure, how we can make use of SSO to prevent them from entering the user credentials. Your help in this regard would be much appreciated.
Thanks,
Manohar Dubbaka.

Similar Messages

SOAP Sender with HTTP(with SSL)=HTTPS with Client Authentication config

Hi All,
I have a Web-service-XI-Proxy scenario where we use SOAP Sender Adapter with HTTPs. Double authentication (client- server) sertificate shall be used.
Testing simple HTTP and XI user name/password works fine.
Now I installed requred sertificates in TrustedCA and ssl-provider in VIsualadmin.
But i can't see how i can configure certificates in SOAP sender Adapter. I've just did SOAP receiver for another scenario and there I could give keystore entry.
I also doesn't know how to disable asking for name/password. I am using XI 7.0.
Please advise.
Thanks,
Nataliya

Hi Nataliya,
Go to SOAP Adapter> Inbound Security Checks-> HTTP Security Level--> Here you can specify option "HTTP with Client Authentication.
One more thing HTTP Security level option is always available in Sender Adapter.
For more clarity about HTTPS find below link.
http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm
To enable the TrustedCA in SOAP Sender adapter. Go SOAP Sender> Security Parameter> Security Profile--> Web Service
security. Then go to sender agreement there you need to give key store entry.

SOAP Sender - minimal authorization

Hello everyone,
we are publishing a webservice in PI 7.1 by providing a corresponding SOAP Sender Adapter.
First of all - the Webservice works fine and can be successfully called from applications like SOAP-UI.
Now for our question.
For testing purposes we used an SAP_ALL-Account. However we would like to switch to a restricted technical user now. So what are the MINIMAL authorization requirements for such an user?
We have already tried serveral authorizations but we always receive the error: 'You are not authorized to view the requested resource'.
The information in the PI security guide (http://help.sap.com/saphelp_nw04s/helpdata/en/f7/c2953fc405330ee10000000a114084/frameset.htm) didn't work for us. Any clues?
Thanks and regards,
lars

Hi,
I have created a user with the four roles that you have mentioned:
SAP_XI_ADMINISTRATOR_J2EE
SAP_XI_APPL_SERV_USER
SAP_XI_DEVELOPER_J2EE
SAP_XI_IS_SERV_USER
and made the User Type as Communication.
however, my user still cannot access the WebService.
Please advise.
thank you!

XI3 SOAP sender and Receiver

Hi
I am stuck with a connecting to scenarios using SOAP channel. In short there is one business scenario that based on some conditions must start other scenarios (each one built around one business process). I am trying to send asynchronous SOAP message within the same XI and treat it as a External XI system to start another Business Scenario (using XI adapter does not work as the system discovers the message as being in a loop).
Everything would be fine if there would be 1 target scenarios but I have 1:n. For asyncronous transport I have defined different Message Interfaces to be used for on each case. So XI should determine the right business process based on the message interface that uses the communication channel.
So I have configured a SOAP sender and a receiver channel. As I understood from SOAP adapter FAQ I checked "Use Encoded Headers" and "Use Query String" for both - sender and receiver channel. And ofcourse receiver channel is pointed to http://:/XISOAPAdapter/MessageServlet?channel=:{system name}:{receiver channel name} but when I start the initiating scenario the asyncronous message is sent of but nobody is catching it.
In RWB Message monitoring / adapter engine I found the the message receives an exeception:
SOAP: response message contains an error XIServer/UNKNOWN/ModuleUnknownException -
com.sap.aii.af.mp.module.ModuleException: either no channelID
specified or no channel found for the specified party, service, and channel name,
MessageServlet(Version $Id: //tc/aii/30_REL/src/_adapters
/_soap/java/com/sap/aii/af/mp/soap/web/MessageServlet.java#15 $) at
com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:427) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl....
runServlet(HttpHandlerImpl.java:401) at
com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl....
handleRequest(HttpHandlerImpl.java:266) at
com.sap.engine.services.httpserver.server.RequestAnalizer....
startServlet(RequestAnalizer.java:387) at
com.sap.engine.services.httpserver.server.RequestAnalizer....
startServlet(RequestAnalizer.java:365) at
com.sap.engine.services.httpserver.server.RequestAnalizer....
invokeWebContainer(RequestAnalizer.java:944) at
com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266) at
com.sap.engine.services.httpserver.server.Client.handle(Client.java:95) at
com.sap.engine.services.httpserver.server.Processor.request(Processor.java:160) at
com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener....
process(ApplicationSessionMessageListener.java:33) at
com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41) at
com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37) at
java.security.AccessController.doPrivileged(Native Method) at
com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100) at
com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Any ideas... how to make XI to send SOAP messages so that the same XI system would be able to pick them up?
Or what have I done wrong?
Best wishes,
Heiko

hi,
What is the format that u are using for the sender URL....The error message you are getting either because the names that you have mentioned in the sender URL are wrong or the URl format itslef is wrong.....if the format is the one that you have mentioned in the first post then it is not the desired format.
Use the following format to create the URL to send the request:
http://<servernameORserverIPaddress>:<portNumber>/XISOAPAdapter/MessageServlet?channel=:<senderservice>:<snederCCname>&version=3.0&Sender.Service=<senderservice>&Interface=<IRnamespace>%5E<senderMI>
Replace
with
& amp;
(no space inbetween the two words) in the above URL.
How to configure SOAP communication channels (sender and receiver) so that two XI instances could communicate and (more important) use different message interfaces on the same channel?
While creating a Receiver communication channel there is no need to specify the interface name and hence it can be used in different scenarios....however a sender communication needs the sender interface to be specified (as in SAP XI.....not in SAP PI).....so a sender channel can be used in different scenarios but with only the same interface.....
Regards,
Abhishek
Edited by: abhishek salvi on Feb 17, 2009 2:50 PM

Only HTTPS requests are working for SOAP Sender and HTTP not working

wHi Experts,
We have enabled our HTTPS port ( SSL ) in NWA -- >> Security -- >> SSL and Key stores. So understanding is HTTPS port is now enabled on top of HTTP. So PI should be able to cater requests at both ports.
Now, we have developed a synchronous SOAP to RFC scenario and downloaded WSDL file. This file has both links -
a. http:<host>:<port>
b. https:<host>:<port>
We intend to make a PI system where both ports can work. Now questions.
1. When we test web service exposed from PI using SOAPUI tool, only HTTPS works fine and gets the response back. If we try HTTP URL, an error is encountered - HTTTPS scheme is required.
2. Is this whole understanding that both ports ( HTTP, HTTPS ) should be able to operate simultaneously correct ? Or this is not at all possible ?
3. In SOAP Sender, we tried selecting all 3 options - 1. HTTP 2. HTTPS without client authentication 3. HTTPS with client authentication.
None of the options have any effect on testing, Each time, only HTTPS request works and HTTP doesn't.
Can anyone please provide some hints for troubleshooting ?
Thanks..
regards,
Rajagopal.

The error "HTTPS scheme is required" is normally returned when the HTTP Security Level on the SOAP adapter is not set to "HTTP". I can see you have mentioned you have tried all these, maybe a cache refresh has gone wrong? Could try recreating the channel with just HTTP specified as security level and this should allow HTTP or HTTPS
I assume you are using a different port number for your HTTP and HTTPS requests from SOAP UI. Normally the HTTPS port is the same as the HTTP port number but the final zero changed to a 1 i.e. https://<host>:50001 instead of http://<host>:50000.
You should be able to confirm both HTTP and HTTPS work OK by loading some of the system webpages in a browser over HTTP and over HTTPS i.e. http://<host>:<port>/nwa and https://<host>:<port>/nwa
Chris

Connection problem in SOAP Sender Channel

Dear All,
I have created two SOAP Sender channel with the following specification:
Transport Protocol - HTTP
Message Protocol - SOAP 1.1
HTTP Security Level - HTTP
But while sending a message from a Java client, I am getting the following error :
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="XISOAPApps"'.
Please suggest if you find any way out.
Thanks and Regards,
Rana Brata De

Hi Rana
Looks like you have used authentication scheme as 'anonymous'. But you have chosen the option 'HTTP' in soap adapter.
So you have to pass the user id and password during the call.
Sample Code:
ICalcCTCWebService calcCTCWebService = calcCTCWebServiceImplServiceLocator.getCalcCTCWebServiceImplPort();
Stub stub = (Stub)calcCTCWebService;
stub._setProperty(Stub.USERNAME_PROPERTY, "abc");
stub._setProperty(Stub.PASSWORD_PROPERTY, "xyz");
You can also test the WSDL from SOAP UI and provide user name and password in the header section in SOAP UI and see if the message goes to PI or not.
You can also try the below option in the sender soap adapter and see if it works or not.

Web Service SOAP Sender Authorization

Hi all
I have been implementing a Web Service (SOAP Sender CC) that should be consumed by an external party. I have been testing it successfully using XMLSpy with the drawback of the authentication box coming up even though I have added sap-user and sap-password to the URL as following:
http://<host>:50000/XISOAPAdapter/MessageServlet?channel=:SOAP_Service:CC_SOAP_Sender&sap-user=<name>&sap-password=<pass>
The user that I have created for this has the profile SAP_XI_APPL_SERV_USER assigned.The request is successfully executed when I enter <name> and <pass> in the box. My understanding of it would be that the box does not show up if the login parameters are provided with the URL. Do I have to do any additional settings so that the login information will be taken from the URL parameters automatically instead bringing up the authoritzation box?
My CC settings are as following:
Adapter Type: SOAP (SAP BASIS 7.00)
Sender
Transport Protocol: HTTP
Message Protocol: SOAP 1.1
Adapter Engine: Integration Server
HTTP Security Level: HTTP
Conversion Parameters: Keep Headers
Quality of Service: Best Effort
Any feedback would be appreciated.
Thank you,
Daniel

Hello Daniel,
1. You can add username and password to the SOAP URL and expose your XI Interface as a webservice. Just that the URL is different than the one you are using and you do not need a Sender SOAP adapter but the blog I have listed above.
2. You can turn of Basic authentication on Sender SOAP adapter's but it is not recommended as it would turn off all authentication for SOAP scenarios and it can lead to security risks.
I have seen a few forum threads describing how to turn of Basic authentication for SOAP adapters but from what I have heard from SAP, they do not recommend using this option.
Regards
Bhavesh

SAP PI SOAP Sender Adatper using HTTPS Without Authentification

Dears experts,
I have a requirement where i need to implement the next flow:
POS (Java code to web service soap) ---> (SOAP HTTPS - SAP PI - XI) --->ECC (XI)
So, have configured my SOAP sender adapter as:
Transport protocol: HTTP
Message protocol: SOAP 1.1
HTTP Security Level: HTTPS without Client Authentication
But as i have read i see that Basis team should configure this to permit HTTPS into PI, but i would like to do it by my self...
Following a lot of forums, manuals, etc... I have configured the transaction STRUST importing the certificated that i attached to you (PRTG Demo Certificate), succesfully in my server... and i tried to find how to configure netweaver but in this i didnt find it...
Then i tried again using SOAP UI but when i sent the message to HTTPS://www.piserver.com:50001 i still getting error without connection...
Wed Jun 25 18:27:13 CDT 2014:ERROR:An error occurred [Connection to https://piserver:50001 refused], see error log for details
Can you help me to end this, please?...
Best regards,
Azael

Hi,
The certificates should be installed under TrustedCA's in NWA (Netweaver Administrator). Aside from that, you should be posting to either:
https://host:port/XISOAPAdapter/MessageServlet?channel=p:s:c where p=party, s=service and c=channel
or
https://host:port/XISOAPAdapter/MessageServlet?senderParty=FP&sen
derService=FS&interface=IF&receiverParty=TP&receiverService=TS&in
terfaceNamespace=IFNamespace
Hope this helps,
Mark

SSL / X.509 In SOAP Sender/Receiver Adapter

Hi Friends,
We have few third party Java based systems which need to integrate with SAP PI7.1
For this we are using
SOAP Sender from Third PartyTo PI
SOAP Receiver From Pi To Third Party Systems
The Customer Wants to implement SSL.X>509 certificates for encryption and decryption. as one of the option.
we are Facing few issues like.
   I am assuming each of the source system webservice calls will have
to use a username/password to authenticate with the PI system
a.       Will this use 'basic authentication', ie., credentials sent over as
part of the HTTP header field ?
   i.
Assuming we use SSL for transport level security - this is still not secure as the credentials are not encrypted
ii.      Is there a way to send in encrypted credentials and for the PI layer to decrypt the same, validate and process the request ?
b.      Should we consider using a single sign-on mechanism ?
c         Should we consider using X.509 digital certificates ?
      i.      This would require that the X.509 certs are maintained in the Source & PI webserver Java key stores
d.      Should we also consider digitally signing the payload ?
     i.      This requires using an appropriate hashing algorithm such as SHA-1 or MD5
SOAP Sender /receievr Adapter has few properties not specific to them.How to Acheive this.
Regards
Chandra Dasari

Hi Chandra,
You may try to implement this using the AXIS framework of the SOAP adapter. This provides functionality for handling of X.509 encryption and decryption.
You can generate/get the digital certificate and use it for both transport level as well as message level security. You would not require any additional encoding apart from this.
Coming to your queries:
Q - I am assuming each of the source system web service calls will have to use a username/password to authenticate with the PI system
A - If you are using a certificate, then they can call XI using this certificate. You can share your public certificate with each of the parties.
Q. Will this use 'basic authentication', ie., credentials sent over as part of the HTTP header field?
A - Depends...if you are using basic authentication, then it will not be via X.509. It will be the normal process. These two are two different things.
Q. Assuming we use SSL for transport level security - this is still not secure as the credentials are not encrypted
A - This problem is resolved if you are using digital certificates.
Q. Is there a way to send in encrypted credentials and for the PI layer to decrypt the same, validate and process the request?
A - Yes. It is possible. But then you will have to implement encryption decryption logic at both the ends separately if you are not using certificates.
Q. Should we consider using a single sign-on mechanism?
A - Is your third party part of your landscape? if not then you might want to check and confirm this approach with your security adviser.
Q Should we consider using X.509 digital certificates?
A - Yes...This would resolve most of your problems.
Q. This would require that the X.509 certs are maintained in the Source & PI web server Java key stores
A - Yes.
Q. Should we also consider digitally signing the payload?
A - If you require message level encryption along with transport layer.
Q. This requires using an appropriate hashing algorithm such as SHA-1 or MD5. SOAP Sender /receiver Adapter has few properties not specific to them.How to achieve this.
A - You can provide this option while generating the certificate itself.
Please let me know if this helps.
Cheers,
Sarath.

HTTPS authentication using SSL in SOAP Sender adapter

Hi,
We are currently doing a SOAP to RFC synchronous scenario in PI 7.0. Our client wants to ensure that the data security is maintained at the transport level. So, we have planned to implement the HTTPS without client authentication using SSL certificates. Our Basis team has promised us that they will take care of the cerficate generation and installation part in the server. Now i am confused at the PI communication channel setup level.
1) Do i have to specify the certificate installed path in the channel or in any other object ? If so, where do i have to configure the path ?
2) What is the exact path that has to be carried by a PI developer once the certificates are installed in the server ?
I have attached my communnication channel screenshot below,
http://i41.tinypic.com/mk49h.jpg
Please let me know what i have to configure in the Sender SOAP channel to receive data securely once the certificates are installed in the system.
Thanks & Regards,
Sherin Jose P

Hi,
1.for transport level security you should assign the HTTPS connection created in SM59 to the SOAP communication channel.
The HTTPS connection should use the certificates imported in t-code STRUST.
have you seen below thread,
SSL / X.509 In SOAP Sender/Receiver Adapter
Please go through below blog,
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b2e7020d-0d01-0010-269c-a98d3fb5d16c?overridelayout=true
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?QuickLink=index&overridelayout=true
http://help.sap.com/saphelp_nwpi71/helpdata/de/14/ef2940cbf2195de10000000a1550b0/content.htm
2. you nedd to check the message flow between the sender and receiver through PI .
regards,
ganesh.

Invocation of SOAP Sender Adapter using Apache SOAP

Hi,
I'm trying to invoke the XI SOAP Sender Adapter using the Apache SOAP API. It seems that my message header is missing a few parameters (see exception below). Does anybody know which to set?
Regards,
Heiko
==========
Exception:
<?xml version='1.0'?>

<SOAP:Envelope xmlns:SOAP='http://schemas.xmlsoap.org/soap/envelope/'>
<SOAP:Body>
    <SOAP:Fault>
      <faultcode>SOAP:Server</faultcode>
      <faultstring>Server Error</faultstring>
      <detail>
        <s:SystemError xmlns:s='http://sap.com/xi/WebService/xi2.0'>
          <context>XIAdapter</context>
          <code>Exception</code>
          <text><![CDATA[
com.sap.aii.af.mp.module.ModuleException
     at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:502)
     at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl3.process(ModuleLocalLocalObjectImpl3.java:103)
     at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:227)
     at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0.process(ModuleProcessorLocalLocalObjectImpl0.java:103)
     at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:162)
     at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:507)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:392)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:345)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:323)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:865)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:240)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:37)
     at com.sap.engine.core.cluster.impl6.session.UnorderedChannel$MessageRunner.run(UnorderedChannel.java:71)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged1(Native Method)
     at java.security.AccessController.doPrivileged(AccessController.java:321)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:95)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:159)
Caused by: java.lang.Exception: Bubble configuration error: parameter 'XI.InterfaceNamespace' is missing
     at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.getParaRequired(XISOAPAdapterBean.java:895)
     at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.createDefaultMessageHeader(XISOAPAdapterBean.java:942)
     at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.setup(XISOAPAdapterBean.java:214)
     at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:496)
     ... 22 more
          ]]></text>
        </s:SystemError>
      </detail>
    </SOAP:Fault>
</SOAP:Body>
</SOAP:Envelope>

Hi Heiko,
You are missing the Namespace Parameter in the sender soap adapter configuration in XI3.0
Thanks
Prasad

Another SOAP Sender adapter "com.sap.aii.af.mp.module.ModuleException" erro

I am working on a synchronous scenario SOAP <-> XI <-> RFC.
This worked fine, when I run it without SOAP adapter, direct via XI Pipeline.
Now I want to use the SOAP sender adapter, but get the error as described below this post.
As this is a real new XI installation, some patches or updates might be required to make it work. Or some adapter modules ?
Any suggestions on how to solve this problem will be rewarded.
What worries me a bit is the line " " in the error description.
Extra info: I use SoapSonar as a test webservice client. The error is the message as received in te test client.
<?xml version="1.0"?>

<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP:Body>
    <SOAP:Fault>
      <faultcode>SOAP:Server</faultcode>
      <faultstring>Server Error</faultstring>
      <detail>
        <s:SystemError xmlns:s="http://sap.com/xi/WebService/xi2.0">
          <context>XIAdapter</context>
          <code>ModuleUnknownException</code>
          <text><![CDATA[
com.sap.aii.af.mp.module.ModuleException: either no channelID specified or no channel found for the specified party, service, and channel name, MessageServlet(Version $Id: //tc/xi/645_VAL_REL/src/_adapters/_soap/java/com/sap/aii/af/mp/soap/web/MessageServlet.java#9 $)
     at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:427)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:160)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
          ]]></text>
        </s:SystemError>
      </detail>
    </SOAP:Fault>
</SOAP:Body>
</SOAP:Envelope>

Hi Chandravadhana,
The colon should be there :
http://help.sap.com/saphelp_nw04/helpdata/en/69/a6fb3fea9df028e10000000a1550b0/frameset.htm
The inbound address for SOAP messages is: http://host:port/XISOAPAdapter/MessageServlet?channel=party:service:channel
Under party:service:channel enter the party name, the service name, and the name of the communication channel. If no party has been created, enter the following: channel=:service:channel
Regards
Suraj

Polling with HTTPS (SOAP sender adapter)

Hi,
we are using SAP PI 7.1 EHP 1 and we have to set up a scenario, in which a business partner is going to send us IDocs over HTTPS.
Now our security team has objections, that incoming messages could be too risky. So we have to figure out if it's also possible, to set up a polling over HTTPS. Unfortunately there's no availability to insert an URL in the SOAP sender adapter, so I think it's NOT possible.
Any other ideas or agreements?
Thanks in advance,
Juergen

I think SOAP sender adapter supports HTTPS (w/ and w/o client certificate) ... But you'll need to complete the security setup (root CA, etc) before, and then give the "to-be-called" URL to yout partner.
http://help.sap.com/saphelp_nw04/helpdata/en/fc/5ad93f130f9215e10000000a155106/content.htm
Rgds
Chris

SOAP Sender exposed to public internet

How can I expose a webservice via the SOAP sender adapter to the public internet without exposing my entire XI server?
The default URL for a SOAP sender adapter is http://server:port/XISOAPAdapter/MessageServlet?channel=p:s:c&version...
I do not want my server name and port known to the public. I would like to use an alias for the soap adapter.
I could use a reverse proxy to map an external hostname to our internal server (like http://www.external.host.com to http://server, then I could use http://www.external.host.com/XISOAPAdapter/MessageServlet?channel...), but this would expose the entire XI server as I could access the administration interface via http://www.external.host.com/nwa).
How can I expose just the interfaces available through the SOAP adapter without exposing the entire XI server? I know everything is protected by username and password, but we require an additional layer of security. Is it possible to create a virtual host or something similar for just the SOAP adapter?

Hi Matt !
Using a proxy you don't need to map everything. You could filter which URLs to forward and which not, to only allow /XISOAPADAPTER....URLs. Also remember to state the user in the Sender Agreement to only allow specified users to log in an use the service.
Regards,
Matias.

Error in SOAP sender scenario

Hi All,
   I am getting the following error when i execute a sender SOAP scenario from XMP Spy.
Scenario : SOAP --> XI --> RFC
I am getting the following error when i try to send request from XML Spy.
Error in XMl Spy:
<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP:Body>
      <SOAP:Fault>
         <faultcode>SOAP:Server</faultcode>
         <faultstring>Server Error</faultstring>
         <detail>
            <s:SystemError xmlns:s="http://sap.com/xi/WebService/xi2.0">
               <context>XIAdapter</context>
               <code>ADAPTER.JAVA_EXCEPTION</code>
               <text>com.sap.aii.af.mp.module.ModuleException: *adapter inactive*
     at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:703)
     at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl0_3.process(ModuleLocalLocalObjectImpl0_3.java:103)
     at com.sap.aii.af.mp.ejb.ModuleProcessorBean.process(ModuleProcessorBean.java:292)
     at com.sap.aii.af.mp.processor.ModuleProcessorLocalLocalObjectImpl0_0.process(ModuleProcessorLocalLocalObjectImpl0_0.java:103)
     at com.sap.aii.af.mp.soap.web.MessageServlet.callModuleProcessor(MessageServlet.java:174)
     at com.sap.aii.af.mp.soap.web.MessageServlet.doPost(MessageServlet.java:436)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
     at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
     at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
     at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
     at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)</text>
            </s:SystemError>
         </detail>
      </SOAP:Fault>
   </SOAP:Body>
</SOAP:Envelope>
When i go to RWB-- > communication channel monitoring i see the channel status as "Started but Inactive" and when i go to Cluster node tab--> Cluster Node Details for Channel Unifier i see the following two entries every single time i try to send a message
14/10/10 05:35:10   error occured
14/10/10 05:35:10   request received
Please help to figure out what could be wrong.

open the SOAP Sender channel in Integration directory and change the status to active and then activate. Try resending SOAP message from XML spy

SOAP Sender security

Similar Messages

Maybe you are looking for