Skip to Content

SOAP envelop with userid password and digital signature

We got a requirement like we need to send userid password and digital certificate in the SOAP envelop of the message , where SOAP header and body will carry the content to be transfer, we have tried to develop the java mapping to do so but unable fulfill the request where digital signature will be generated dynamically with every message which will be generated using private key of the public key which we provided to the receiver.

Please let us know how to configure digital signature dynamically in Javamapping or do we have any other option to do this.

Thanks,

Venu.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

4 Answers

  • Mar 09, 2017 at 12:34 PM

    Hi Venu,

    I had to create a similar scenario once and I wrote a java mapping to add a digital signature to my message. Have you got a library that can sign a XML document? If it's written in java then you can upload it to PI and use it in your java mapping. If it's not, then in your java mapping you can connect to an external service to sign your message (PI offers a such API).

    Regards,

    Andrzej

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Venu,

      1. You must know your requirements. What type/kind of digital signature you have to add to your message in your scenario?

      2. Check if your type/kind of digital signature is currently supported by PI/PO. If yes, then you can use it.

      3. If it's not supported, then you have to find a library which can create that type/kind of digital signature you need. Some of libraries are open-source, some of them are commercial. Please check the API documentation of a library. In general, there are at least two methods in a such library: "sign" and "verify". You will have to use the first one in your java mapping. Try to find a java library - it will be easier to use it in your java mapping.

      4. If you wouldn't be able to find a java library then you can use a library written in an another language. But in this case, it will be more complicated. For example you will have to write an external service using your library. Then during java mapping you will send your message to this service. Your service signs digitally your message and returns it to your java mapping.

      Good luck!

      Regards,

      Andrzej

  • Mar 09, 2017 at 12:48 PM

    Hi Andrzej,

    SAP provides a module bean for digital signature, i think without extra cost:

    https://blogs.sap.com/2012/04/10/pgpencryption-module-how-to-guide/

    It is available from PI 7.11

    Regards.

    Add comment
    10|10000 characters needed characters exceeded

    • Hi,

      The common problem is that people (including me) say "digital signature" without any details:-) For example, in my scenario I had to create XAdES-BES signature. Do you know if this bean supports this format?

      Regards,

      Andrzej

  • Mar 10, 2017 at 12:26 AM

    Hi Venu,

    As per my understanding, Digital Certificate has already been developed in NWA Key storage and exchanged with Receiver team.

    Now you want to sign your message (without Userid/Password) with the Private Key of the Certificate already loaded into your PI NWA. This needs to be configured in your Receiver SOAP Adapter. Signing will be included in your SOAP Envelope.

    Please follow below blog by Rajendra Badi :

    Configuring WSSE (digital signing and encryption) using SAP PI 7.11 AAE SOAP Adapter

    If you need both Username/Password as well as Digital Signing, you need Java Mapping.

    Regards,

    Nabendu.

    Add comment
    10|10000 characters needed characters exceeded

  • May 30 at 09:07 AM
    Add comment
    10|10000 characters needed characters exceeded