cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SOAP envelop with userid password and digital signature

former_member266538
Explorer

on ‎03-09-2017 12:13 PM

0 Kudos

We got a requirement like we need to send userid password and digital certificate in the SOAP envelop of the message , where SOAP header and body will carry the content to be transfer, we have tried to develop the java mapping to do so but unable fulfill the request where digital signature will be generated dynamically with every message which will be generated using private key of the public key which we provided to the receiver.

Please let us know how to configure digital signature dynamically in Javamapping or do we have any other option to do this.

Thanks,

Venu.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

Senthilprakash1
Participant
‎05-30-2018 10:07 AM
0 Kudos

check this blog - https://blogs.sap.com/2018/04/18/digital-signing-xmls-in-sap-pi-with-xades-extensions/

Show replies
Show replies
nabendu_sen
Active Contributor
‎03-10-2017 12:26 AM
0 Kudos

Hi Venu,

As per my understanding, Digital Certificate has already been developed in NWA Key storage and exchanged with Receiver team.

Now you want to sign your message (without Userid/Password) with the Private Key of the Certificate already loaded into your PI NWA. This needs to be configured in your Receiver SOAP Adapter. Signing will be included in your SOAP Envelope.

Please follow below blog by Rajendra Badi :

Configuring WSSE (digital signing and encryption) using SAP PI 7.11 AAE SOAP Adapter

If you need both Username/Password as well as Digital Signing, you need Java Mapping.

Regards,

Nabendu.

Show replies
Show replies
former_member266538
Explorer
‎03-10-2017 3:27 PM
0 Kudos

Hi Nabendu,

I have configured secure profile like shown in the blog but we need to send userid and password along with digital signature in the SOAP envelop.

Thanks,

Venu.

iaki_vila
Active Contributor
‎03-09-2017 12:48 PM
0 Kudos

Hi Andrzej,

SAP provides a module bean for digital signature, i think without extra cost:

https://blogs.sap.com/2012/04/10/pgpencryption-module-how-to-guide/

It is available from PI 7.11

Regards.

Show replies
Show replies
Andrzej_Filusz
Contributor
‎03-09-2017 1:34 PM
0 Kudos

Hi,

The common problem is that people (including me) say "digital signature" without any details:-) For example, in my scenario I had to create XAdES-BES signature. Do you know if this bean supports this format?

Regards,

Andrzej

Andrzej_Filusz
Contributor
‎03-09-2017 12:34 PM
0 Kudos

Hi Venu,

I had to create a similar scenario once and I wrote a java mapping to add a digital signature to my message. Have you got a library that can sign a XML document? If it's written in java then you can upload it to PI and use it in your java mapping. If it's not, then in your java mapping you can connect to an external service to sign your message (PI offers a such API).

Regards,

Andrzej

Show replies
Show replies
former_member266538
Explorer
‎03-10-2017 3:31 PM
0 Kudos

Hi Andrzej,

I am not sure the library you mentioned, as of know we have written a java mapping code which can able to embed userid and password in SOAP envelop( technically hardcoded), now we are stcuk to get signature in the envelop which is generated dynamically for each message.

Thanks,

Venu.

Andrzej_Filusz
Contributor
‎03-10-2017 5:52 PM
0 Kudos

Hi Venu,

1. You must know your requirements. What type/kind of digital signature you have to add to your message in your scenario?

2. Check if your type/kind of digital signature is currently supported by PI/PO. If yes, then you can use it.

3. If it's not supported, then you have to find a library which can create that type/kind of digital signature you need. Some of libraries are open-source, some of them are commercial. Please check the API documentation of a library. In general, there are at least two methods in a such library: "sign" and "verify". You will have to use the first one in your java mapping. Try to find a java library - it will be easier to use it in your java mapping.

4. If you wouldn't be able to find a java library then you can use a library written in an another language. But in this case, it will be more complicated. For example you will have to write an external service using your library. Then during java mapping you will send your message to this service. Your service signs digitally your message and returns it to your java mapping.

Good luck!

Regards,

Andrzej

Ask a Question