Skip to Content
avatar image
Former Member

Decrypt XML element in FileAdapter

Hey folks!

I am sending an XML request to a web service. The XML has to contain a password to be able to identify itself at the receiving side. I need to store the password in an ABAP table and from there extract it, put it into the XML and send it off without displaying the password before it is sent. The communication uses SSL with certificate and I cannot send the password encrypted as the receiver does not have any decryption methods.

What I am thinking is to encrypt the string in the table and decrypt it in the adapter module. The problem I see is that I don't know many encrypt/decrypt methods, and also how to decrypt in ABAP stack and then decrypt in Java stack.

Any experts in here done something like this before? Some input/help would be greatly appreciated... 😊

Thanks!

mvh Ole

Edited by: Ole Mugaas on Feb 15, 2008 1:57 PM

I'm a little bit mean and edit this message to the top of the list ..:)

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Feb 15, 2008 at 07:28 AM

    Hi ,,

    send U r request to RFC adapter and it will send responce to soap ..The soap adapter has capability to take responce....

    Is this is ur querry..If not let me know..

    plz award points

    thanq

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Feb 15, 2008 at 07:36 AM

    Hi,

    I am not sure with your requirment,

    May I kindly request you to elabortae your exact requirments so we could narrow down the suggestions if any.

    As per subject line if you will be looking for security aspects, please refer below details

    SSL Configuration

    You need to setup SSL layer for HTTPS endpoint.

    Possible HTTP security levels are (in ascending order):

    HTTP without SSL

    HTTP with SSL (= HTTPS), but without client authentication

    HTTP with SSL (= HTTPS) and with client authentication

    HTTPS comes in two flavors, both ensuring the confidentiality of data sent over the network

    ● Server authentication

    Only the HTTP server identifies itself with a certificate that is to be verified by the client.

    ● Client authentication

    Additionally, the HTTP client identifies itself with a certificate that is to be verified by the server.

    Please go through below link for referance (above information is from below link)

    General guide

    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/a09f3d8e-d478-2910-9eb8-caa6516dd7d9

    Message level security

    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51

    Regarding message level you can encrypt the message using certificates.

    For both of this basis team has to deploy the releavant certificates in XI ABAP Stack or Java stack.

    Generally if the scenarios are intra company we dont use any transport level or message level security since the network is already secured.

    Check the following links.. you will get the information all about the securities...

    http://help.sap.com/saphelp_nw04/helpdata/en/f7/c2953fc405330ee10000000a114084/content.htm

    Also read thru this link for message level security - https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d024ca8e-e76e-2910-c183-8ea4ba681c51

    Also find soeminformation in these links

    http://help.sap.com/saphelp_nw2004s/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm

    /people/aparna.chaganti2/blog/2007/01/23/how-xml-encryption-can-be-done-using-web-services-security-in-sap-netweaver-xi

    Step by step guide for SSL security

    step by step guide to implement SSL

    Thanks

    Swarup

    Edited by: Swarup Sawant on Feb 15, 2008 8:37 AM

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Prateek Raj Srivastava

      Hi

      Thanks for that! My requirement is still that the string (or whatever the dataelement i SAP table will be) needs to come encrypted to my proxy. I retrieve the dataelement from a table in my function module, and call the outbound proxy with this value. This means that the string must be encrypted in the ABAP environment and decrypted in Java environment. Is this possible with the PGP libraries?

      The logic is all good and clear, but I cannot see that the method I use to encrypt the field in ABAP environment can be used to decrypt the field in Java environment. Are there any such method? Is it possible to use encoding for this, since encoding is something you can handle both within ABAP and Java..?

      regards Ole