Quantcast
Channel: SCN: Message List - Service-Oriented Architecture (SOA) and SAP
Viewing all 1056 articles
Browse latest View live

Re: ABAP Proxy Client how to get the XML

February 27, 2015, 1:53 am
$
0
0

I'm not an ABAP programmer.

 

If I have to test a webservice, provided by sap system or other system, I always use soapui from www.soapui.org

 

In soapui

* create new soap project

* point to wsdl file

This will automatically create a sample xml request message for the webservice.

You can edit the request message and put in the values you want.

If required, fill user credentials into the request properties.

Then send the request message.

You will get the xml response message.

 

If the service works fine with soapui, then the problem is at your side (abap proxy, apap code behind the proxy).

If you can reproduce the error with soapui, then the problem is at the side of the service provider.

 

I don't have permission for SPROXY at our sap backends. Perhaps there is a "test interface" function, which shows the xml messages.

Search

How to enforce ANONYM SSL Keystore when consuming external Web Service

February 27, 2015, 9:25 am
$
0
0

Dear all,

 

I have to consume an external Web Service with HTTPS and Basic Authentication from an ABAP program. Consumer Proxy and Logical Port are ready. Everything works fine - but everytime when testing or using the Consumer Proxy, a dialog for username and passwort popus up. When I enter the same access data there that is already saved in the Logical Port in SOAMANAGER, then the call is successful.

 

Consequently, background processing fails with "Authentication required".

 

I found out that the DFAULT Keystore is used in the calls. However, I need to use the ANONYM Keystore, as we do not use client certificates.

 

How can I configure usage of the ANONYM key store / client identity for this Consumer Proxy and Logical Port?

 

Thank you for every hint,

Ringo

Re: Exception occurred in communication framework:Error in HTTP Framework:500SSL Peer Certificate Untrusted

March 2, 2015, 5:02 am
$
0
0

We tried that option as well Roland. But still the issue persisted.

 

It was closed after BASIS team implemented some security certificates of the target system.

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 2, 2015, 7:56 am
$
0
0

Let me put it in another way to hopefully make my question clearer:

When I create an RFC destination of Type G in SM59, then I can set the Certificate List used to check the external server´s SSL certificate to ANONYM:

 

Comparison to SM59.png

 

How can I achieve the same setting for a Logical Port in SOAMANAGER?

 

Thank you in advance,

Ringo

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 2, 2015, 8:28 am
$
0
0

Hello Ringo,

 

Could you perhaps explain a bit diagrammatically as to what you are trying to do ? which component in your communication diagram is SAP and which one is non-sap (assumed that one was not SAP).

 

Regards,

Siddhesh

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 2, 2015, 8:47 am
$
0
0

Hi Siddhesh,

 

thanks for your query. That´s what it looks like:

 

Diagram.png

 

The webservice call always produces a popup for username and password, even though that data is already saved in the Logical Port, but somehow it is not used by the Webservice Runtime. That´s why I can not run the function module in background successfully, and that´s a problem.

 

Best regards,

Ringo

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 3, 2015, 4:05 am
$
0
0

Hello Ringo,

 

 

Start SOAMANAGER-> Application and Scenarios Communication -> Single Service Administration -> Consumer Proxies - > Select the Relevant Consumer Proxy -> Click on Configuation - > select the logical port and click Edit-> Security Tab -> Authentication -> Change the Client PSE from DFAULT to ANONYM

 

Hope that is what you are looking for.

 

Regards,

Siddhesh

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 3, 2015, 5:53 am
$
0
0

Hello Siddhesh,

 

Thank you for the hint, it looks promising. However, the navigation structure in my SOAMANAGER is different, so that I can not follow your path. This is the main page:

 

Screen_1.PNG

 

When I choose "Web Service Configuration", then I get to this page:

 

Screen_2.PNG

 

From there, I can choose the "edit" action, which leads me to:

 

Screen_3.PNG

 

Here I have no chance to change the "PSE of Key". The tab "Transport Settings" looks like this:

 

Screen_4.PNG

 

So far I couldn´t find the spot where I could see the Client PSE - do you have an idea?
I can not rule out completely that my authorization is limited. As far as I know my user has the roles SAP_BC_WEBSERVICE_ADMIN_TEC as well as _BIZ.

 

Thank you and best regards,

Ringo

 

P.S.: Strangely enough, today I do not get the pop-up window anymore, and other users don´t get it as well - without having changed anything in the Web Service Configuration. That´s in the testing system - but what will happen in production?

Search

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 3, 2015, 6:46 am
$
0
0

Understood, what version is your SAP system , SAP Netweaver 7.40 ?

 

Typically in SAP

 

Authentication Section covers - initial password check/logon mechanism etc

 

Transport Security covers -  encryption/transfer of data once successful logon is completed

 

Regards,

Siddhesh

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 3, 2015, 6:56 am
$
0
0

Exactly, it is 7.40 SP 6.

The application help just says something like "make the desired settings" and does not go into details as far as I would need it.

 

I will be happy with further suggestions and I will keep on reading and trying.

 

Thank you and best regards,

Ringo

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 3, 2015, 7:37 am
$
0
0

Hi Ringo,

 

The following steps might help, please try this.

 

1. In the service definition, while creating the binding Provider Security->Transport Channel Authentication->Select X.509 SSL Client Certificate

Capture.PNG

2. I doubt it will allow you to change the existing Logical port to the Consumer proxy. But it allows you to create a new logical port. While creating the new Logical port in the Consumer Security tab, it will ask for SSL Client PSE of transaction STRUST, here you can select ANONYM.

Capture1.PNG

Please let me know if it works.

 

Thanks

Naveen

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 3, 2015, 7:52 am
$
0
0

Great, that should work, don't have 7.40 so can't check

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 4, 2015, 12:23 am
$
0
0

Hi Naveen,

 

Thank you for your answer, it is a good hint. I do not use a Service Definition in SOAMANAGER so far. I created the Service Consumer in SE80 based on the WSDL file that I received from the Webservice Developers. For Creating the Logical Port I used the same WSDL, this time with URL-based access.

 

The Authentication Method must be "HTTP Basic", so that I can enter username and password. Based on your hint I am going to try two things:

 

- Work with a Service Definition

- Alter the WSDL to reflect that HTTPS with server certificate is required.

 

I still appreciate hints whether I am on the right track or whether I got something wrong!

 

Thanks and regards,

Ringo

Re: Webservice logon language

March 4, 2015, 7:15 am

No WSDL Validation at Application Level for Enterprise Web Services

March 4, 2015, 8:12 am
$
0
0

Hello community,

We are building Enterprise Web Services in our application running on Netweaver 7.40 and have built several service definitions through the Enterprise Service Builder tool.   Ultimately the WSDL file that the builder creates is mapped to Java skeleton classes which define the API for the service endpoints thanks to Netweaver Developer Studios' 'Generate Java Bean Skeleton' functionality.    What we noticed was that during the processing of requests, the application was ignoring all validation imposed/defined in the WSDL definition.  

We're assuming that this type of validation is part of an operating Web Service implementation on any J2EE Application Container - including Netweaver - and the Container would be responsible for early validation stages of request processing, utilizing the Service definitions.  

 

Is it not part of the JSR-921 specification that compliant applications include a SOAP Processor that parses and validates a SOAP request that is submitted?   Where It is part of the responsibility of the SOAP processor upon receiving a Service request to validate and THEN relay the request to the appropriate Service method?

We could potentially validate our own but we have 100's of objects to manually validate against which becomes a very tedious and hard to maintain exercise.   It seems redundant and common behavior that should be handled at the Service layer by the SOAP processor within the Container should it not?

 

Validation capabilities seem to be provided by other vendor products such as Oracle AS and WebSphere.    Does anyone know if Netweaver offers this and if so how would we go about implementing it through configuration or otherwise?

 

Thank you!

Hanif

Search

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 5, 2015, 2:12 am
$
0
0

Ok, SAP Note 1720478 clearly states that it is not foreseen to manually change the PSE in SOAMANAGER. The correct PSE is derived based on the authentication method. If a WSDL-based configuration is used, the selected PSE will be influenced by WS-Policy settings for authentication settings, if such are contained in the WSDL file. The only known case where this is really required is for authentication with client certificates.

 

 

 

 

 

 

 

 

 

 

 

This means to me that a failed basic authentication can not be caused by configuring the wrong PSE. The mistake will rather be in username, password or in proxy settings.

Problem using webservice method consumer proxy with rawdata from abap

March 6, 2015, 3:43 am
$
0
0

Hello Gurus,

 

I am struggling with an error using a proxy consumer service from ABAP. The proxy was generated using the WSDL from the web service provider. For a specific method we need to send a rawstring as seen bellow:

 

1.png

2.png

3.png

 

The file to be sent on this call is a ZIP file XAdES-BES signed and on BASE64. I’ve implemented the proper code to get the original file from local PC, and convert it to BASE64 before moving the content to the webservice structure and call the service proxy. At SOAMANAGER I also configured the webservice and the proper port with the WSDL:

 

4.png

5.png

 

The communication is working properly but my problem is with the binary content. When calling the webservice the response is that the structure of the file is wrong. I found it very strange since I used a tiny SOAPUI project with the same WSDL and it worked with no problem.

After debugging I could see that the content moved to the rawdata string before calling the proxy does not match the content that I can see from the call payload on web services util (srt_util)!

 

So the sample code for my method:

 

* get the file from the specified folder
call function 'GUI_UPLOAD'
exporting
filename                = ld_zipfilename
filetype                = 'BIN'
importing
filelength              = zip_size
tables
data_tab                = t_zip_data[]
exceptions
file_open_error         = 1
file_read_error         = 2
no_batch                = 3
gui_refuse_filetransfer = 4
invalid_type            = 5
no_authority            = 6
unknown_error           = 7
bad_data_format         = 8
header_not_allowed      = 9
separator_not_allowed   = 10
header_too_long         = 11
unknown_dp_error        = 12
access_denied           = 13
dp_out_of_memory        = 14
disk_full               = 15
dp_timeout              = 16
others                  = 17.


* convert to string
clear buffer_zip.
call function 'SCMS_BINARY_TO_STRING'
exporting
input_length = zip_size
importing
text_buffer  = buffer_string
tables
binary_tab   = t_zip_data[]
exceptions
failed       = 1
others       = 2.

* encode base 64
perform encode_base64 using buffer_string
buffer_zip. 

form encode_base64 using in_string type string
out_string type xstring.

data: l_sbuff     type string.

* convert the file to BASE64
call method cl_http_utility=>encode_base64
exporting
unencoded = in_string
receiving
encoded   = l_sbuff.

call function 'SCMS_STRING_TO_XSTRING'
exporting
text   = l_sbuff
importing
buffer = out_string
exceptions
failed = 1
others = 2.


endform.                    "encode_base64

 

calling the webservice:

l_input-xxxx-dokument = buffer_zip.

try.
call method l_proxy_test->webservice
exporting
input  = l_input
importing
output = l_output.

catch cx_ai_soap_fault into lr_exc_soap_fault.

    endtry.

 

From my understanding rawstring should be the same as ABAP xstring. If I debug the program and check the content of the  l_input-dokument before calling the proxy I get binary content: “Izw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8…” that is in fact correct

6.png

If I check the payload after call I can see that the binary content sent on the XML is not the same, in fact it is totally different: ”SXp3L2VHMXNJSFpsY25OcGIyNDlJakV1TUNJZ1pXNWpiMlJw…” !!

 

7.png

I’ve tried a lot of different conversions, changed configuration on the communication, port, etc and nothing seems to work. I really can’t figure out why the binary content on the call is not the same as I move to the webservice structure.

 

If I use the project from SOAP UI and send the proper binary content, that is “Izw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9InV0Zi04Ij8…” it works perfectly and the response is successfully.

 

8.PNG

 

Anyone has a clue what could be causing this?

Appreciate any kind of input.

 

Regards,

João Silva Pinto.

Re: Goods Movement Create_v1

March 9, 2015, 1:38 am
$
0
0

Hi Christina,

 

have you tried 382?

 

Regards,

Roland

Re: How to enforce ANONYM SSL Keystore when consuming external Web Service

March 9, 2015, 8:35 am

How to use XML signatures for WS consumer proxies?

March 11, 2015, 1:08 am
$
0
0

I have a WSDL from a remote system that I used to create a web service consumer proxy (via SE80). Configuration of the logical port via SOAMANAGER worked fine, I can connect to the remote web service.

 

However, I need to sign the XML of my requests with our server certificate. According to the SAP docs for that I need to enable WS security in the "Operations" tab of the port configuration in SOAMANAGER. Problem is: there is no such security section there, no options to set.

 

Where can I set the certificate to use for signing the XML messages sent by the consumer proxy?

Viewing all 1056 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>