When a proxy is in the ESR, what controls who can use it? So if I have a XI system that is using the proxy, what is ther to stop another XI system to access the same object, or someone who can send the right soap messages?
An interesting question... what is stopping any other application from sending an XML message of the right format into the receiver pipeline of the application system.
Well, the answer is user authentication. You can disable anonymous logon to the XI engine (in transaction SICF). When you configure the connection from XI either using a sm59 destinaton or URL directly in the communication channel, you specify a username and password. The connection can be made over HTTPS ensuring further security.
Of course , if you know the username and password, theoretically you should be able to configure a stand-alone J2EE adapter to pick up, for example, a file and convert into the XML format expected by the proxy and send it in to the receiver pipeline for the proxy to be executed. Have never tried it yet though.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.