Show TOC

Accessing Configuration Data in the Sender DirectionLocate this document in the navigation structure

Use

The procedure for accessing configuration data in the sender direction (from the connected system in the direction of the Integration Server) is different to the receiver direction. In the sender direction the ID of the communication channel is not known at the start of processing.

Features

The first processing step of your adapter is usually to use the LookupManager to read all sender communication channels. You can implement this step as part of the initialization of ManagedConnectionFactory.

Note
Note Open XIConfiguration.java and search for the character string CS_CHINLU.
Note The example shows that all sender and receiver communication channels are read and saved internally.
Note Use the callback mechanism to keep the data up-to-date.
Note More information: CPA Event Registration

The ManagedConnectionFactory first reads all sender communication channels, then generates one or more application threads for inbound processing, and establishes the physical connection for each channel.

Depending on the external protocol, the following options are available for processing the inbound message:

  • Static

    A fixed combination of party and communication component sends these messages through a particular communication channel. In this case, the adapter can get the address information from the collaboration agreement.

    In the adapter metadata, set the attribute AdapterTypeMetaData /@senderAgreementUnique.

    Note
    Note Open SPIManagedConnectionFactory.java and search for the character string CS_AMCPA.
  • Dynamic

    Different parties and communication components send messages to the Integration Server/PCK using the same physical connection, which is managed by a JCA ManagedConnection. In this case, the sender agreement containing the address data of the message must be searched for and used to determine the channel, to ensure that the message is put in the correct communication channel.

    Note
    Note Open SPIManagedConnectionFactory.java and search for the character string CS_AMMSG.

Inbound processing can continue in the modules. You configure the security settings in the same way as you do in the receiver direction .

Access Control Using Assigned Users

For a sender communication component of type business communication component or business system, you can restrict access to the runtime environment to particular users.

An authorization check is then carried out at runtime prior to inbound processing of the message. This ensures that messages that have the particular communication component entered as the sender in the message header can only be executed on the Integration Server or in the Adapter Engine by the specified users.

You can restrict this access control further in the sender agreement for the adapter. You can also specify assigned users in the sender agreement.

When the authorization check is performed, the check is first made on the communication component level and then on the sender agreement level. You perform the check as follows:

  • First check at communication component level:

    If ACL(communication component) is not empty and if the user does not appear in the list of users assigned for the communication component, reject the message.

  • Second check at sender agreement level:

    If ACL(Agreement) is not empty and if the user does not appear in the list of users assigned for the sender agreement, reject the message.

This authorization check can be used by adapters that have a user/password policy (basic authentication). You can check whether the authenticated user has the authorization to send for the specified communication component.

The following API methods are available in com.sap.aii.af.service.cpa.LookupManager:

  • userHasPermission(java.lang.String user, Service service)
  • userHasPermission(String user, Binding binding)
  • getServiceUserByPartyService(java.lang.String party, java.lang.String service)
  • getServiceUserByService(Service service)

For more details about the methods, see the JavaDoc.

More information: Communication Component under Access Control Using Assigned Users.