cancel
Showing results for 
Search instead for 
Did you mean: 

Please advice on my below complex requirement

Former Member
0 Kudos

Dear Expert,

Need your expert suggestion on my below requirement  

Requirement description

1-     My scenario is SAP to third party (bank), i.e. synchronous RFC to HTTP_AAE, will be utilizing PI 7.3(dual stack) or above.

  2-     I need to apply digital signature on whole XML payload, and then encode it to base64 and send it to bank over a single stringfiled called “strSignature”.

  3-     Again I need to encode the same whole payload XML to base64 and send it over another single string field called “strXmldata”.

  4-     Bank will accept the request on their HTTP URL only over HTTPS/SSL, so need to enable SSL as well at transport level.

  5-     For more detail Below Pseudocode is from bank, what I have tried to explain above.

digitalSiganature =  get_Digital_Signature( paymentReqXMLfile ) 

base64DigitalSignature = base64_Encoding (digitalSiganature) 

base64XmlData = base64_Encoding(paymentReqXMLfile) 

replyXML = HTTPS_Post_B2B(“strSignature=”+ base64DigitalSignature+”&strXmldata=”+ base64XmlData)

processReplyXMLinCORE-SYSTEM(replyXML

Questions

1- I am planning to use PGP add-ons for digital signature and custom adapter module to encode it to base64.  However, PGP will sign the whole XML in adapter module level at runtime, but I need to sign and encode the whole xml and map it to single string field (strSignature) before sending to bank URL. Is it possible to do in PGP or do I need Java mapping at mapping level? If java mapping is the only option, any sample java code for my requirement?

Also how can I map the whole XML payload to single string field strSignature?  Will the below java mapping serve my purpose?

http://wiki.scn.sap.com/wiki/display/XI/Whole+Payload+to+a+XML+field

2- How can I map the one XML payload to two string field (strSignature, strXmldata)

3- As I will have to enable SSL at transport level and need sign the XML message, do I need two certificate (stores the public key) from certificate authority or only one?

Your help always appreciated.

Thanks,

Farhan

View Entire Topic
iaki_vila
Active Contributor
0 Kudos

Hi Farhan,

Your post is right and i want to say that i havent usually read threads with the completeness that you have done. I didnt write anything because i think i cant help you so much.

My few tips:

About your requirements i would use a sender ABAP proxy instead a RFC because is easier to debug and it's more efficient. Also, you can encode in base64 at abap level but i thing to do the work with a UDF or java mapping in PI side because in this way you reduce the size of message from the sender side.

Questions


1. Is it possible to do in PGP or do I need Java mapping at mapping level? If java mapping is the only option, any sample java code for my requirement?

I used PGP for encryption all XML message but i dont know if it is possible to move the encriptyion like you need, sorry. With Java mapping you can thing that you can do all that is possible with a java program then you can do it what you want but if you are not a java expert could be difficult.


2- How can I map the one XML payload to two string field (strSignature, strXmldata)

The best way is with a java mapping but you would need to develop it. I used Java Mapping- Convert the Input xml to String - Process Integration - SCN Wiki this and it works.


3- As I will have to enable SSL at transport level and need sign the XML message, do I need two certificate (stores the public key) from certificate authority or only one?

This depends about your endpoint requeriments. If the have one or two certificates, with only one it could works but sometime the organizations has several certificate to increase their security.

Regards.

Former Member
0 Kudos

Thanks a lot Vila for your help. it was very helpful. I am looking for some more detail regarding digital signature as per my requirement, if any one has implemented such scenarios.

Regards,

Farhan