10-22-2015 5:37 PM
Hi,
I'm trying to implement a simple java standalone application that will connect to a J2EE instance, get a handle on "ts~sec~securestorage~service" and use it like described in Examples for Using Secure Storage Interfaces and Classes - J2EE Technology in SAP Web Application Se...
The problem is with this code, I can connect properly, I can do a ctx.list(""), walk through the list and verify that "ts~sec~securestorage~service" is existing. But when I do a ctx.lookup("ts~sec~securestorage~service") it returns a null object.
As I'm connecting from outside the JVM I'm setting up the Context with additional information like p4 connection, user, credentials as described in this page Creating an Initial Context - Developing Java EE 5 Applications - SAP Library
Could you elaborate on what the cause could be ?
Thanks in advance !
Full code here,
import java.io.UnsupportedEncodingException;
import com.sap.tc.logging.Category;
import com.sap.security.core.server.securestorage.SecureStorageRuntimeInterface;
import com.sap.security.core.server.securestorage.remote.RemoteSecureStorageClientContextInterface;
import javax.naming.Context;
import javax.naming.InitialContext;
import java.util.Hashtable;
import com.sap.xmii.security.SecureStoreManager;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
public class decryptor
{
public static void main(String[] args)
throws UnsupportedEncodingException, Exception
{
String connectionString = "sapserver:50004";
java.util.Properties p = new java.util.Properties();
p.put(Context.INITIAL_CONTEXT_FACTORY, "com.sap.engine.services.jndi.InitialContextFactoryImpl");
p.put(Context.PROVIDER_URL, connectionString);
p.put("force_remote", "true");
p.put(Context.SECURITY_PRINCIPAL, "Administrator");
p.put(Context.SECURITY_CREDENTIALS, "***********");
Context ctx = new InitialContext(p);
NamingEnumeration<NameClassPair> list = ctx.list("");
String service_name;
String svc = "";
while (list.hasMore()) {
service_name = list.next().getName();
if (service_name.contains("securestorage~service")) {
System.out.println("Found service "+service_name+" in ctx.list()");
svc = service_name;
}
}
Object o = ctx.lookup(svc);
if (o == null) {
System.out.println("secure storage service not started<br>");
}
else {
SecureStorageRuntimeInterface secStore = null;
RemoteSecureStorageClientContextInterface myContext = null;
secStore = (SecureStorageRuntimeInterface)o;
myContext = secStore.getSecureStorageClientContext();
// do something with myContext here...
}
}
}
}
}
}
10-22-2015 8:48 PM
Secure storage is protected by call stack validations. It can only be called from permitted connections, such as Jco.
It cannot be used by customers directly. You must use the application which is a program in the call-stack validation (eg. a connector).
Cheers,
Julius
10-22-2015 8:48 PM
Secure storage is protected by call stack validations. It can only be called from permitted connections, such as Jco.
It cannot be used by customers directly. You must use the application which is a program in the call-stack validation (eg. a connector).
Cheers,
Julius
10-23-2015 9:05 AM
Thanks Julius,
I have no JCo connection active from the "JCo Monitoring" panel of Netweaver Administrator.
Is there a documentation somewhere that describe the exact conditions to met to use such a service from the outside ?
Cheers,
Mathieu
10-23-2015 10:17 AM
I am only aware of the statement that it is not intended and also not possible. So I guess they never made any external documentation for that either.
Cheers,
Julius