Skip to Content
0

SOAP envelop with userid password and digital signature

Mar 09, 2017 at 12:13 PM

387

avatar image

We got a requirement like we need to send userid password and digital certificate in the SOAP envelop of the message , where SOAP header and body will carry the content to be transfer, we have tried to develop the java mapping to do so but unable fulfill the request where digital signature will be generated dynamically with every message which will be generated using private key of the public key which we provided to the receiver.

Please let us know how to configure digital signature dynamically in Javamapping or do we have any other option to do this.

Thanks,

Venu.

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

4 Answers

Andrzej Filusz Mar 09, 2017 at 12:34 PM
0

Hi Venu,

I had to create a similar scenario once and I wrote a java mapping to add a digital signature to my message. Have you got a library that can sign a XML document? If it's written in java then you can upload it to PI and use it in your java mapping. If it's not, then in your java mapping you can connect to an external service to sign your message (PI offers a such API).

Regards,

Andrzej

Show 2 Share
10 |10000 characters needed characters left characters exceeded

Hi Andrzej,

I am not sure the library you mentioned, as of know we have written a java mapping code which can able to embed userid and password in SOAP envelop( technically hardcoded), now we are stcuk to get signature in the envelop which is generated dynamically for each message.

Thanks,

Venu.

0

Hi Venu,

1. You must know your requirements. What type/kind of digital signature you have to add to your message in your scenario?

2. Check if your type/kind of digital signature is currently supported by PI/PO. If yes, then you can use it.

3. If it's not supported, then you have to find a library which can create that type/kind of digital signature you need. Some of libraries are open-source, some of them are commercial. Please check the API documentation of a library. In general, there are at least two methods in a such library: "sign" and "verify". You will have to use the first one in your java mapping. Try to find a java library - it will be easier to use it in your java mapping.

4. If you wouldn't be able to find a java library then you can use a library written in an another language. But in this case, it will be more complicated. For example you will have to write an external service using your library. Then during java mapping you will send your message to this service. Your service signs digitally your message and returns it to your java mapping.

Good luck!

Regards,

Andrzej

0
Iñaki Vila Mar 09, 2017 at 12:48 PM
0

Hi Andrzej,

SAP provides a module bean for digital signature, i think without extra cost:

https://blogs.sap.com/2012/04/10/pgpencryption-module-how-to-guide/

It is available from PI 7.11

Regards.

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi,

The common problem is that people (including me) say "digital signature" without any details:-) For example, in my scenario I had to create XAdES-BES signature. Do you know if this bean supports this format?

Regards,

Andrzej

0
avatar image
Former Member Mar 10, 2017 at 12:26 AM
0

Hi Venu,

As per my understanding, Digital Certificate has already been developed in NWA Key storage and exchanged with Receiver team.

Now you want to sign your message (without Userid/Password) with the Private Key of the Certificate already loaded into your PI NWA. This needs to be configured in your Receiver SOAP Adapter. Signing will be included in your SOAP Envelope.

Please follow below blog by Rajendra Badi :

Configuring WSSE (digital signing and encryption) using SAP PI 7.11 AAE SOAP Adapter

If you need both Username/Password as well as Digital Signing, you need Java Mapping.

Regards,

Nabendu.

Show 1 Share
10 |10000 characters needed characters left characters exceeded

Hi Nabendu,

I have configured secure profile like shown in the blog but we need to send userid and password along with digital signature in the SOAP envelop.

Thanks,

Venu.

0
senthilprakash selvaraj May 30 at 09:07 AM
0
Share
10 |10000 characters needed characters left characters exceeded