cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue with payload of SOAP Adapter while using HTTPS connection.

former_member190358
Participant

on ‎03-19-2012 11:33 PM

0 Kudos

Hello Everyone,

I am using SAP PI 7.1 with EhP1 (SAP PI 7.11) and have SP at 006.

I have a question regarding securing a SOAP Sender scenario using HTTPS. Its a SOAP-PI-RFC synchronous scenario.

i created a SOAP SENDER communication channel and have configured .... Inbound Security Checks --> HTTP Security Level --> HTTPS without Client Authetication

This  is becasue the data is sent via HTTPS URL but there is no authentication involved from the sender side.

Well, the Web service provider is accessed by means of an HTTPS proxy server rather than directly.

I have been informed by the network team that when the message comes, the HTTPS URL is resolved first to port 80 and then the loadbalancer converts this to 50000 and so finally message is arrived on 50000 and not on 50001.

And as a result, i could see that the payload has  SOAP Envelope and the SOAP Body which should ideally be dropped by the Adapter and so the mapping is failing.

Can anyone suggest, that shall i ask n/w team to open a new port for me like 82 and ask them to resolve it on  8000 instead of 50000.

i think  this will  help in dropping the SOAP Envelope and the BODY from te payload.

Regards,

RFavi

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (5)

Answers (5)

former_member184681
Active Contributor
‎03-20-2012 8:21 AM
0 Kudos

Hi Ravi,

Are you absolutely sure you are using SOAP adapter and not HTTP adapter? See here:

This option "HTTP Security Level --> HTTPS without Client Authetication" appears only in HTTP adapter, which is naturally not able to remove the SOAP Envelope. So what you should do is to change the Adapter Type to SOAP. Moreover, for different client authentication methods in SOAP scenario, refer to my blog here: http://scn.sap.com/people/grzegorz.glowacki/blog/2012/03/07/a-closer-look-at-soap-sender-authenticat...

Hope this helps,
Greg

Show replies
Show replies
former_member190358
Participant
‎03-20-2012 8:39 AM
0 Kudos

Hello Greg,

Please find the screen shot.

former_member184681
Active Contributor
‎03-20-2012 9:30 AM
0 Kudos

Dear Ravi,

I checked a different version of SOAP adapter than you are using (Basis 7.11, and you seem to use 7.10). Regarding the discussion so far: I agree with Mark that assigning a new port is not expected to help here. Definitely this option "Do not use SOAP Envelope" will not help either - it has somehow different application, when the client is not sending the envelope at all.

So what I can suggest is: generate the WSDL file from your Sender Agreement, then import it to some free web service testing tool like SOAP UI and try testing from there - is the problem identical to what you get while testing from the client application? What I suspect is some problem with namespaces when the web service is triggered from the client. If a SOAP UI test succeeds, it would confirm my theory.

Hope this helps,
Greg

former_member190358
Participant
‎03-20-2012 10:00 AM
0 Kudos

Hi Greg,

I have just noticed the URL and would like to share with you :

The one that was provided to customer :

https://hostname:port/sap/xi/adapter_plain?client=010&party=P&service=S&namespace=N&interface=I&sap-...

Is it because its PLAIN_HTTP so, the envelope is not getting dropped?

The one that i read somewhere :

https://hostname:port/XISOAPAdapter/MessageServlet?channel=:BusinessSystem:CommunnicationChannel&sap...https://hostnameport/

Is the first one wrong ?

Regards,

Ravi

former_member184681
Active Contributor
‎03-20-2012 10:16 AM
0 Kudos

Dear Ravi,

Are you sure you want to use the username and password in the URL where you post the data? If so, then the correct URL to use is:
http://host:port/sap/xi/engine?type=entry&version=3.0&Sender.Service=SENDER&Interface=NAMESPACE^SERV...

I have only used this with plain HTTP (not HTTPS) so far, but you can try with HTTPS as well. There are more details in a blog by Stefan Grube below, but unfortunately this blog content is broken at this particular moment, after the migration to new SDN...
http://scn.sap.com/people/stefan.grube/blog/2006/09/21/using-the-soap-inbound-channel-of-the-integra...

Hope this helps,
Greg

former_member190358
Participant
‎03-20-2012 4:38 PM
0 Kudos

Hello,

Can someone confirm that , this is the correct URL for SAP 7.11 SP 06 scenario :

http://host:port /XISOAPAdapter/HelperServlet?action=FindChannel& channel=p:s:c

Regards,

Ravi


baskar_gopalakrishnan2
Active Contributor
‎03-20-2012 4:59 PM
0 Kudos

No the above URL is wrong.

Use this URL

http://<hostname>:<port>/XISOAPAdapter/MessageServlet?channel=:<service>:<channel>

where service - sender service interface name

channel - sender comm channel name

Refer this link too

http://www.riyaz.net/sap/xipi-a-guide-to-using-sap-xi-soap-adapter/113/

former_member184681
Active Contributor
‎03-20-2012 5:52 PM
0 Kudos

Dear Ravi,

You only have two options for the URL:
http://host:port/XISOAPAdapter/MessageServlet?senderParty=XXX&senderService=XXX&receiverParty=XXX&re...

http://hostportto send  the message to sender adapter, or

http://host:port/sap/xi/engine?type=entry&version=3.0&Sender.Service=XXX&Interface=XXX&sap-user=XXX&...
to send the message directly to the integration engine.

In normal case, the first one is recommended, and this is the one that is included in the .wsdl file generated from Sender Agreement. On the other hand, the second one is the only option if you want to use username and password in the URL.

Hope this helps,
Greg

baskar_gopalakrishnan2
Active Contributor
‎03-20-2012 6:03 PM
0 Kudos

If you are having troubles to decide using the URL to test the webservice that is hosted on your soap sender, the simplest solution is as follows...

Go to sender agreement click display wsdl. save the wsdl. Look for address:location tag and pick the url. Use that URL for testing. In your case, you need to test via soap sender only.

former_member184681
Active Contributor
‎03-20-2012 6:22 PM
0 Kudos

Hi Baskar,

You are not really right about that. The initial requirement was: "there is no authentication involved from the sender side", so the URL from .wsdl file cannot be used. Please make sure to read the whole thread carefully before posting an answer, otherwise you confuse the person who asked.

Regards,
Greg

baskar_gopalakrishnan2
Active Contributor
‎03-20-2012 6:58 PM
0 Kudos

If we generate WSDL from the sender agreement, PI creates WSDL URL accordingly based on the landscape, is not right? will it not provide both http and https Url with the appropriate configured ports?

former_member184681
Active Contributor
‎03-20-2012 7:06 PM
0 Kudos

You are right about HTTP and HTTPS bindings. Still, providing user credentials in the sender application is required. In other words, you are not able to authorize the sender with the URL. You need to send the message directly to Integration Engine to authorize via URL.

Regards,
Greg

markangelo_dihiansan
Active Contributor
‎03-21-2012 7:27 AM
0 Kudos 
Can someone confirm that , this is the correct URL for SAP 7.11 SP 06 scenario : 
http://host:port /XISOAPAdapter/HelperServlet?action=FindChannel& channel=p:s:c

Hello,

That URL is only used for checking if the channel is indeed available. It is not used to send messages to the AE or IE.

Regards,

Mark

Former Member
‎03-03-2014 10:28 AM
0 Kudos

Hi Greg,

The blog in the above reply is moved to this location:

Regards

Raj

markangelo_dihiansan
Active Contributor
‎03-20-2012 8:00 AM
0 Kudos

Hello,

In our landscape, all external SOAP requests are sent via webdispatcher and then the webdispatcher routes it to the adapter engine much like what your Proxy does. And when we receive the message, it is without a SOAP Envelope. So I am unsure whether redirecting the port will work.

What you can do as a temporary workaround is to remove the SOAP Envelope via Java Mapping.

Hope this helps,

Mark

Show replies
Show replies
former_member190358
Participant
‎03-20-2012 6:28 AM
0 Kudos

Hi Mark and Monica,

Its not checked ..i have already taken  care of that

Regards,

Ravi

Show replies
Show replies
Former Member
‎03-20-2012 5:21 AM
0 Kudos

I think in your configuration you have checked Do Not Use SOAP Envelope.

So if do this it will cause the message to fail if it comes with a soap envelope.

Configure it as per your incoming message.

Show replies
Show replies
markangelo_dihiansan
Active Contributor
‎03-20-2012 2:23 AM
0 Kudos

Hello,

First things first, in your SOAP Sender CC, have you checked the Do Not Use SOAP Envelope option? If yes, you need to uncheck it so that the SOAP Envelope gets removed.

Regards,

Mark

Show replies
Show replies
Ask a Question