Skip to Content
author's profile photo Former Member
0
Former Member
Mar 23, 2004 at 07:41 PM

Secure Storage Service

117 Views

I need to make the following example

from SAP Help work in a webdynpro app.

What do I need to set up in Netweaver

developer studio for this example to work.

<b>Where do I find libraries(.jar) for

various classes/interfaces in this example?

Do I need to configure something in WebAS

via Visual Administrator?</b>

Link to example:

http://help.sap.com/saphelp_47x200/helpdata/en/2f/aaa1701494c043830b1945264b2624/frameset.htm

-

Copied from SAP Help verbatum:

Examples for Using Secure Storage Interfaces and Classes

Making Sure the Secure Storage Service is Running

Before beginning with the actual implementation, you should make sure the secure storage service is running. For this purpose, implement a JNDI lookup to the service tcsecsecurestorage~service. This lookup returns an object, which you must cast to SecureStorageRuntimeInterface. See the example below.

Code Example for Making Sure the Secure Storage Service is Running

Context ctx = new InitialContext();

Object o = (Object) ctx.lookup("tcsecsecurestorage~service");

if (o == null){

out.println("secure storage service not started<br>");

}

else {

//Cast

SecureStorageRuntimeInterface secStore =

(SecureStorageRuntimeInterface) o;

//Continue with implementation

}

Obtaining a Context

Use the method getSecureStorageClientContext to obtain a context. See the example below.

Code Example for Obtaining a Context

RemoteSecureStorageClientContextInterface myContext =

secStore.getSecureStorageClientContext();

Managing Objects

The following examples show how to store, retrieve, delete or list objects in the context. For these examples, we store the string mypassword in myContext under the alias pass.

Code Example for Managing Objects

//Store an object

myContext.storeObject(new String("myPassword"), "pass");

//Retrieve an object

String myObject = (String) myContext.retrieveObject("pass");

//Delete an object

myContext.deleteObject("pass");

//List objects

out.println("<h3>Display all objects of client</h3>");

String[] listObjects = customerContext.getObjectIDs();

for (int i = 0; i<listObjects.length; i++){

out.println("<br>" + listObjects<i>);

}

Managing Objects With a Different Class

If the object’s class is not a common JDK class, set the classloader before calling the store or retrieve methods. Also cast the object’s class to the original class after retrieval. See the examples below:

Setting the Classloader Before Storing an Object

Thread.currentThread().setContextClassLoader(MyApplication

. class .getClassLoader());

myContext.storeObject(MyObject, "pass");

Setting the Classloader and Casting the Class When Retrieving an Object

Thread.currentThread().setContextClassLoader(MyApplication

. class .getClassLoader());

Object myRetrievedObject = myContext.retrieveObject("pass");

MyApplicationClass MyObject = (MyApplicationClass)

myRetrievedObject

If the application runs in different Virtual Machine than the secure storage service where the classloader can not be set to the secure storage thread, then use the retrieveByte method. Your application must then also de-serialize the returned byte array. See the example below:

Setting the Classloader and Casting the Class When Retrieving an Object

byte[] retrieveByte = myContext.retrieveBytes("pass");

ByteArrayInputStream bais = new ByteArrayInputStream(retrieveByte);

ObjectInputStream ois = new ObjectInputStream(bais);

MyApplicationClass myObject = (MyApplicationClass)ois.readObject();

Generating a New Key

The following example shows how to generate a new key to use within your context.

Code Example for Generating a New Key

//Generate a new key for the context

myContext.generateNewKey();

When an object is retrieved, the secure storage service checks to see if a newer key exists to use for encryption. If the object is still encrypted with an older key, then the secure storage service re-encrypts the object using the newer key.

Verifying the Encryption Method Used

When using secure storage, you can have objects either encrypted or just encoded. To encrypt the data object, the secure storage service uses the triple DES encryption algorithm; for encoding it uses base 64 encoding. To verify which method has been used, use the method isSecure as shown in the example below. It returns true if triple DES has been used for the encryption and false if base 64 was used.

Code Example for Verifying the Encryption Method Used

//Verify the encryption method used

Boolean encryptFlag = myContext.isSecure("pass");