Webdynpro should use HTTPS

Similar Messages

• Which Adapter to use - HTTP or SOAP Adapter?

  Hi Experts,
  The third party system will be sending a standard HTTP request with a standard SOAP envelope containing standard XML.
  So in this case what adapter I should use HTTP or SOAP?
  What is the difference between these two adapters and in which scenarios this should be used?
  Thanks.

  Hi,
  The plain HTTP adapter gives application systems the option of communicating with the Integration Engine and exchanging business data using a plain HTTP connection. Depending on the receiver system, outbound messages can be enhanced with certain information.
  The SOAP adapter enables you to exchange SOAP messages between remote clients or Web service
  servers and the Integration Server or the PCK.
  In the SOAP adapter, you can specify security settings to be used to sign/verify the SOAP body.
  In addition, you can specify the standard to be used for signing/verifying the SOAP message
  whenever Xi need to communicate with any sort of webservice i.e remote applications it uses SOAP adapter..
  And XI uses HTTP adapter when you want to post a HTTP request message from a web application to XI.
  HTTP Adapter :
  1) HTTP Adapter is used by extenal systems to connect to Intergartin server using native HTTP Interface
  2) http adapter is a service which is directly connected to integration engine
  SOAP Adapter :
  1)Allows Local Processing in AAE
  2)Exaclty One Operation per Interface
  3)Modules for Receiver Adapter
  With regards,
  Pinangshuk.

• Which adapter should use SOAP or http?

  Hi  SDners,
  I have a one scenario in which I have to integrate our ECC system to our company intranet site. for this scenario what approch I have to take?
  Please suggest
  Regards

  Hi Abhay,
  I think you can use  HTTP adapter in your case  , there will be two modes  url and http destination in channel configuration ,
  you can choose to create  HTTP Destination mode and create a RFC Destination in sm59
  (HTTP Type=G).Here you mention your internal site connection details like parameter for
  connections , user and password  etc .By doing so, you can test the connection from XI to the url.
  You can test the rfc connection in the test connection tab in RFC destination.If connection test
  is ok then you can use this http destination in you http channel.
  But if you question is to compare HTTP or SOAP , then as suggested above a simple search will
    give best answers to your questions.
  Regards,
  Srinivas

• How can I make the web server work on port 80 and not 443. I can only access my website using https.

  On a Mac Mini server with OS X Lion 10.7.2, I am unalbe to get the web server working on port 80. It switches automatically to port 443 (https).
  This situation complicates the access to FileMaker Web publishing, as I don't want my clients having to use https.
  How can I change that? Does anyone know?
  Thanks for any reply

  in the server: I checked the SSL certificate. Tried several configuration.
  Well, that's a problem for a start.
  Your port 80 connection should NOT use SSL. Port 80 is the standard HTTP port, not HTTPS and most applications that connect to port 80 will not expect to use SSL
  If you want to run a site under both HTTP and HTTPS then you create two sites, one on port 80 without SSL and one on port 443 with SSL

• What format i should use for my external hard drive that can be used interchangeably between mac and pc?

  What format i should use for my external hard drive that can be used interchangeably between mac and pc?

  Usually Fat32/MS-DOS as mentioned, but that has several limitatiuns, like 4GB filesize limit.
  One option is MacDrive for you PCs... allows them to Read/Write HFS+...
  http://www.mediafour.com/products/macdrive/
  More options...
  NTFS-3G Stable Read/Write Driver...
  http://www.ntfs-3g.org/
  MacFUSE: Full Read-Write NTFS for Mac OS X, Among Others...
  http://www.osnews.com/story/16930

• Signed Applet not loading on Mac OS X if using HTTPS protocol

  Hi All,
  I need to open a trusted applet on Mac OS 10.2. The applet works fine if using HTTP protocol. But if the protocol used is HTTPS the the applet does not loads and "javax.net.ssl.SSLException - untrusted server cert chain" exception comes on the console.
  The error comes for both - Verisign and javakey - signed applet.
  On seaching for possible solution on the net, i came across following link: http://www.macosxhints.com/article.php?story=20020525101202503&query=Workaround+for+secure+Java+applet+problems
  It says that this is Mac's known bug and gives the workaround as:
  1. Access the problematic site with Internet Explorer on Windows. Click on the padlock item and export the certificate to a file.
  2. Copy the certificate to your Mac.
  3. Use the command
  sudo keytool -import -trustcacerts -keystore /Library/Java/Home/lib/security/cacerts -file mycert.cer
  to import the certificate file to your keystore (substitute mycert.cer with the name of the file containing the certificate). The keystore is password protected - the default password is "changeit".
  4. Restart your browser
  But the client cannot be asked to do all this to run the applet.
  Is this problem being solved by Mac in their java implementation or is there any other possible solution?
  Thanx in advance.
  Regards,
  Charu

  I am experiencing the same problem - I notice it does not happen on OS9.2 using IE but appears a problem on all browsers on OSX
  Apple gave me the following reply.....
  Re: Bug ID# 3268633: cannot load applet class under https connection
  Hello Andrew,
  Thank you for bringing this problem to our attention. We have received feedback
  from engineering on your
  reported issue.
  Please know that to get Java to recognize the certificate you will need to do
  one of two things, depending
  on which VM you are using. Since you want it to work with Internet Explorer, we
  will assume Java 1.3.1.
  In Java 1.3.1 you'll need to add the certificate to
  /Library/Java/Home/lib/security/cacerts using
  /usr/bin/keytool to import the certificate into the certificate database.
  In Java 1.4.1 you should be able to just add the certificate to the keychain
  using certtool. For more
  details on how to do this, please refer to the information found at
  <http://java.sun.com/j2se/1.4.1/docs/tooldocs/solaris/keytool.html>. After
  doing so, if you should require
  further help from Apple in resolving this issue, we recommend that you request
  assistance from Developer
  Technical Support. This must be done by filing a Technical Support Incident.
  So I am supposed to tell every Mac user to do the above am I?!!!

• Which tool i should use to develope a portal

  Hi all,
    we are planning to develop a portal which we will expose to internet.
  Now my question is which tool i should use to develope this
     1.BSP
     2. jspdynpage
     3.Webdynpro java
     4.Webdynpro abap
  Which application will perform better on internet.
  Lots of rfc calls and webservice calls are there.
  plz give me suggestions .
  Thanks
  developer

  Hi,
  BSP - Abap workbench
  JSP Dynpages - NWDS (Netweaver Dev Studio)
  Webdynpro Java - NWDS
  Webdynpro ABAP - ABAP Workbench
  above all applications will perform at same level  depend on the content.
  best regards
  Hari

• Policy agent using https redirect to AM for authentication

  We are using Access Manager 6 2005Q1.
  Access Manager is running on box A & box B using the Sun Web Server as its front end web server. Box A & B both have a complete install of Sun Web Server, Access Manager, and Directory Server. The Directory servers are set up to replicate changes between each other. Our Policy Agents are running on box C & box D under the Apache web servers.
  Users will access applications on box C/D via https. The policy agents on box C/D should redirect the user to box A/B (via a load balancer VIP)for authentication. The redirect will be https. Once authenticated the user should be redirected back to box C/D.
  All subsequent communications between the Agents on box C/D to AM on box A/B (via load balancer VIP) are http.
  Our load balancer is currently setup as active/failover because it does not support ssl with cookies.
  In our AMAgent.properties file if I set 'com.sun.am.policy.am.loginURL = http://<lb-vip>:80/amserver/UI/Login' and access box C/D as https://<webserver>/<url> I am redirected to AM on box A/B for authentication. Once authenticated I am redirected back to box C/D and allowed access to <url>.
  However, if I set 'com.sun.am.policy.am.loginURL = https://<lb-vip>:443/amserver/UI/Login' and access box C/D as https://<webserver>/<url> I am NOT redirected to AM and receive 'Forbidden You don't have permission to access /<url> on this server. Also in the agent log file I see:
       2006-01-30 12:42:30.792 Debug 28126:203470 PolicyAgent: in_not_enforced_list():enforcing access control for https://<webserver>:443/<url>
       2006-01-30 12:42:30.792 Debug 28126:203470 PolicyAgent: am_web_is_access_allowed https://<webserver>:443/<url>S, GET) no sso token, setting status to invalid session.
       2006-01-30 12:42:30.792 Debug 28126:203470 PolicyAgent: Policy Agent: am_web_is_access_allowed returned status=invalid session
       2006-01-30 12:42:32.800 Warning 28126:203470 PolicyAgent: am_web_get_redirect_url() unable to find active Identity Server Auth server.
       2006-01-30 12:42:32.800 Info 28126:203470 PolicyAgent: do_redirect(): Status Code= invalid session.
  Interestingly if I set 'com.sun.am.policy.am.loginURL = https://<am-server>:443/amserver/UI/Login' and access box C/D as https://<webserver>/<url> I am redirected to AM on box A/B for authentication. Once authenticated I am redirected back to box C/D and allowed access to <url>. In this scenario the only difference is I am bypassing the load balancer.
  Our networking people have monitored the load balancer in front of our AM boxes A/B and see the traffic going to AM in all cases.
  From my standpoint it appears the agent is not able to successfully connect to AM via https when going through the load balancer.
  Any help with this configuration issue is appreciated.

  Bernhard,
  From our AMAgent.properties... com.sun.am.policy.agents.version=2.1. Is there a way for me to tell if this is truely only 2.1 or 2.1-xx?
  Because our LB does not support SSL with cookies we are currently configured as active/failover so all requests are going to the same AM server until it goes down, at which time I know users have to re-authenticate. Also we have set "com.sun.am.loadBalancer_enable = true" in AMAgent.properties.
  We understand your point about loginURL. Infact there are two properties dealing with loginURL, com.sun.am.policy.am.loginURL and com.sun.am.policy.am.library.loginURL. Based on the comments in AMAgent.properties my understanding is that com.sun.am.policy.am.loginURL is where the user is redirected for login when no valid SSO token is found and com.sun.am.policy.am.library.loginURL is what the agent uses to authenticate itself "If the previously specified login URL must be exclusively used for redirecting users..." The interesting part is that if we set com.sun.am.policy.am.loginURL to use http everything works just fine, however if we set it to use https the user never gets redirected. Its almost like the agent is trying to connect there first before doing the redirect and can not.
  Craig

• Which protocol we should use for file transfer in ios ?

  which protocol we should use for file transfer in ios ?

  My friend that's definitively a Lotus Domino question, you'll probably ask in the Domino's forums if it generates wsdl, or simple http services you're ready to consume those services in Flex.

• How to use HTTPS to retrieve a set of files from a distant server?

  Hi !
  i am interested in some samples or links showing how is it possible to use HTTPS in a java code in a standalone application ( could be swing based or whatever) that allows an HTTPS connection to a distant server ( specefic file repository) so that downloading some data files could be possible.i am also interested to know what conditions should be available to make such connection possible ( specefic port number? specefic authentication? login? password? and does the Operating system on the distant server interfere with that ? etc...)
  thanks!

  in fact i tried to test a sample code by i got this exception :
  Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:975)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:123)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)
       at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:405)
       at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
       at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:977)
       at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
       at HTTPSConnector.main(HTTPSConnector.java:30)
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
       at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
       at sun.security.validator.Validator.validate(Validator.java:218)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:954)
       ... 12 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
       at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
       at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
       ... 18 moreand here si the sample code:
  package foo;
  import java.net.URL;
  import java.io.*;
  import javax.net.ssl.HttpsURLConnection;
  public class Test
  public static void main(String[] args)
  throws Exception
  String httpsURL = "https://your.https.url.here/";
  URL myurl = new URL(httpsURL);
  HttpsURLConnection con = (HttpsURLConnection)myurl.openConnection();
  InputStream ins = con.getInputStream();
  InputStreamReader isr=new InputStreamReader(ins);
  BufferedReader in =new BufferedReader(isr);
  String inputLine;
  while ((inputLine = in.readLine()) != null)
  System.out.println(inputLine);
  in.close();
  }so what this error is due to? and how to fix it ?.
  thanks!

• Does Database initializer obsolete in EF 6.0 ? And we should use Migration instead of it.

  In this tutorial
  http://www.asp.net/mvc/overview/older-versions/getting-started-with-aspnet-mvc3/cs/adding-a-new-field
  I see such code
  public class MovieInitializer : DropCreateDatabaseIfModelChanges<MovieDBContext> {
  protected override void Seed(MovieDBContext context) {
  var movies = new List<Movie> {
  new Movie { Title = "When Harry Met Sally",
  ReleaseDate=DateTime.Parse("1989-1-11"),
  Genre="Romantic Comedy",
  Rating="R",
  Price=7.99M},
  new Movie { Title = "Ghostbusters ",
  ReleaseDate=DateTime.Parse("1984-3-13"),
  Genre="Comedy",
  Rating="R",
  Price=8.99M},
  new Movie { Title = "Ghostbusters 2",
  ReleaseDate=DateTime.Parse("1986-2-23"),
  Genre="Comedy",
  Rating="R",
  Price=9.99M},
  new Movie { Title = "Rio Bravo",
  ReleaseDate=DateTime.Parse("1959-4-15"),
  Genre="Western",
  Rating="R",
  Price=3.99M},
  movies.ForEach(d => context.Movies.Add(d));
  But when I went to https://msdn.microsoft.com/en-us/data/ee712907 I see only migration database
  I am newbie at EF. I am focusing on Code First. I have an idea that
  DropCreateDatabaseIfModelChanges
  and another DataBase initializer is not acutal for EF 6 but it was used in previous version.
  On the other hand from names of this
  Database initializer is for database initization
  Migration for database structure changing
  Before learning I decided ask this question
  Does Database initializer obsolete in EF 6.0  ? And I should use Database Migration instead of it ?
  My .NET Blog with projects and feedback.
  Since May 30, 2014 I am waiting for Microsoft fix
  these 2 bug. If you know how to speed them up, please help

  Hello,
  >>Does Database initializer obsolete in EF 6.0?
  I do not know why you think so, if the team decides to make the database initializer obsolete, I think they would make a markup as Deprecated, however, there is not such a markup on that method on MSDN document. And the Database initializer method is useful
  when we play with automatic migration. In your case, the DropCreateDatabaseIfModelChanges database initialization strategy, would delete the original database and create new one according your new model. Of course, data would be missing. If you are under a
  scenario need to make a test to recreate the database frequently, this one should be ok.
  Currently, there are four database initialization strategies could be used:
  CreateDatabaseIfNotExists<TContext> Class
  DropCreateDatabaseAlways<TContext>
  DropCreateDatabaseIfModelChanges<TContext>
  MigrateDatabaseToLatestVersion<TContext, TMigrationsConfiguration>
  You could use one of them for a proper scenario.
  Regards.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• HTTPS communication using HTTP receiver adapter URL address as Address Type

  Hi All,
  If some one who has tried HTTPS communication using HTTP receiver adapter using URL address as Address type can you please guide me what are the steps need to be done.
  Note : Address type is a parameter in HTTP adapter setup .
  Regards,
  Reddy

  Hi,
  Check this,
  Configurations in Integration Directory
  The plain HTTP adapter gives the receiver system the following specifications:
  &#151; Specifications for addressing using a URL address:
  Target host, service number, and path prefix including query string:
  http://<hostname:port>/<path>?<query-string>
  You can identify the target host (HTTP port) of a SAP Web Application Server using
  the
  ICM monitor
  Host and port of the HTTP proxy (optional if there is a firewall between the plain
  HTTP adapter and the receiver system)
  Authentication data for the receiver system.
  See also: transaction Display and Maintain RFC Destinations (SM59).
  &#151; Specifications for addressing using an HTTP destination:
  HTTP destination
  &#151; Parameters from the communication channel for technical routing
  Content type (the entry text/XML is expected as default)
  Specifies the format that the message contents (the payload) should have.
  Optional header fields for the receiver-specific protocol
  Attributes for the query string
  1. Sender party
  2. Sender service
  3. Receiver Interface
  4. Message ID
  5. Quality of service
  6. Queue ID
  All attributes are selected except for the queue ID. If you do not want a value to be
  transferred to the receiver, deselect it. The queue ID is only required if the quality of
  service is EOIO.
  Specifications for payload manipulation
  XML code (default UFT-8)
  Specifies the character set.
  URL escaping
  Presents the XML in a URL-enabled format. Special characters that could be
  interpreted as control characters are replaced with escape characters (masked).
  Prolog
  Enhances the payload for particular servers (optional, see below).
  Epilog
  Enhances the payload for particular servers (optional, see below).
  Enhancing the Payload
  Regards
  Seshagiri

• SOAP adapter using HTTPS

  We need to using SSL over HTTP for our web service defined in PI, basically using HTTPS in our SOAP adatper. I did a lot of research on this, seems like it's not an easy job to enable SSL. However I am only interested in making it work from an application developer point of view, enabling SSL, generating/installing certificate is a job for basis people.
  So I created an sender CC with SOAP adapter with HTTPS with client authentication. (BTW, what is HTTPS without client authentication, does it mean HTTPs with server authentication where the server certificate is to be installed at the client side?), to my understanding, the client certificate should be installed in NWA (We have PI 7.1, not 7.0 -) and somewhere in ID (like sender agreement) we need to specify which client certificate should be used to authenticate the client who calls our service. However nowhere in ID I can specify which client certificate should be used for the defined sender CC. So how would it work in runtime? When my web service is called, which client certificate does PI use to authenticate the client?
  It'd very much appreciated if you could give more information about how HTTPS for SOAP adapter works? I've done lot of research on this, but still confused.
  Thanks

  Hi,
  for transport level security you should assign the HTTPS connection created in SM59 to the SOAP communication channel.
  The HTTPS connection should use the certificates imported in t-code STRUST.
  1. You have to dounload the SAP cryoptographic librariers.
  2. Set the specific paramerts in RZ10
  3. Maintain the enviornmental variables & you need to keep the logon tickets too in some specific directory.
  4. Import the client & server certificates into STRUST.
  You can find some documents on ABAP ssl configuration from the SDN library .... I don't have a link now
  Regards
  Sunil.

• Which cable should use for Sony DV connect to iMac ?

  Which cable should use for Sony DV(IEEE 1394)connect to iMac ?

  If your iMac has just the FireWire 800 connection, you will need the 9 pin to 4 pin cable.
  http://www.cwol.com/firewire/firewire-800-1394b-cables.htm
  If your iMac has the FireWire 400 connection, you will need the 6 pin to 4 pin cable.
  http://www.radtech.us/Products/ProCableFW400800.aspx
  Links are to illustrate examples. You should be able to pick them up at most computer stores.

• Use of Excel Addin when MDS is using https

  We have set up MDS with a secure connection using https and a certificate for SSL connection, bound to the default site for MDS. When we try and use the Excel addin, it throws an error : Could not establish trust relationship for the SSL/TLS secure channel
  with authority {server root address}
  Can anyone help?

  Does web ui works from the same machine excel is running?
  When you connect to the WebUI, the browser will show a smart icon in the address bar for certificate. If you open it, does it say the certificate is valid?
  1. The certificate should be valid. If it is self signed certificate, you need add this certificate to Trusted Root.
  https://technet.microsoft.com/en-us/library/cc754841.aspx
  2. The certificate name should match the service name.
  If the webUI works on that machine without any warning in browser, the excel addin should work with the exact same server url.