Skip to Content
avatar image
Former Member

Secure storage remote access

Hi,

I'm trying to implement a simple java standalone application that will connect to a J2EE instance, get a handle on "ts~sec~securestorage~service" and use it like described in Examples for Using Secure Storage Interfaces and Classes - J2EE Technology in SAP Web Application Server - SAP Library

The problem is with this code, I can connect properly, I can do a ctx.list(""), walk through the list and verify that "ts~sec~securestorage~service" is existing. But when I do a ctx.lookup("ts~sec~securestorage~service") it returns a null object.

As I'm connecting from outside the JVM I'm setting up the Context with additional information like p4 connection, user, credentials as described in this page Creating an Initial Context - Developing Java EE 5 Applications - SAP Library

Could you elaborate on what the cause could be ?

Thanks in advance !

Full code here,

import java.io.UnsupportedEncodingException;
import com.sap.tc.logging.Category;
import com.sap.security.core.server.securestorage.SecureStorageRuntimeInterface;
import com.sap.security.core.server.securestorage.remote.RemoteSecureStorageClientContextInterface;
import javax.naming.Context;
import javax.naming.InitialContext;
import java.util.Hashtable;
import com.sap.xmii.security.SecureStoreManager;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;

public class decryptor
{
    public static void main(String[] args)
    throws UnsupportedEncodingException, Exception
    {

    String connectionString = "sapserver:50004";
    java.util.Properties p = new java.util.Properties();
    p.put(Context.INITIAL_CONTEXT_FACTORY, "com.sap.engine.services.jndi.InitialContextFactoryImpl");
    p.put(Context.PROVIDER_URL, connectionString);
    p.put("force_remote", "true");
    p.put(Context.SECURITY_PRINCIPAL, "Administrator");
    p.put(Context.SECURITY_CREDENTIALS, "***********");

    Context ctx = new InitialContext(p);

    NamingEnumeration<NameClassPair> list = ctx.list("");
    String service_name;
    String svc = "";

    while (list.hasMore()) {
        service_name = list.next().getName();
        if (service_name.contains("securestorage~service")) {
             System.out.println("Found service "+service_name+" in ctx.list()");
             svc = service_name;
        }
    }
    
    Object o = ctx.lookup(svc);
    if (o == null) {
        System.out.println("secure storage service not started<br>");
    }
    else {
        SecureStorageRuntimeInterface secStore = null;
        RemoteSecureStorageClientContextInterface myContext = null;
        secStore = (SecureStorageRuntimeInterface)o;
        myContext = secStore.getSecureStorageClientContext();
        // do something with myContext here...
    }
    }
}    



}
}

}
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Oct 22, 2015 at 07:48 PM

    Secure storage is protected by call stack validations. It can only be called from permitted connections, such as Jco.

    It cannot be used by customers directly. You must use the application which is a program in the call-stack validation (eg. a connector).

    Cheers,

    Julius

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      I am only aware of the statement that it is not intended and also not possible. So I guess they never made any external documentation for that either.

      Cheers,

      Julius