Aspect

SOAP Adapter

Underlying protocol

HTTP

Inbound and outbound connections should be secured by SSL.

Inbound configuration

Configuration in sender channel of type SOAP in Integration Directory.

Messaging user is authenticated by basic authentication or SSL client certificate.

In Axis Task mode, more authentication mechanisms are supported: basic authentication, digest, NTLM (Microsoft NT LAN Manager Authentication scheme), SSL client certificate, and SAP assertion tickets.

Signature validation or decryption can be activated in the channel configuration, where a security profile (Web service security or S/MIME) must be selected. The AS Java keystore views of the actual certificate for signature validation or decryption are configured in the sender agreement associated with the channel.

Messaging user must have the security role xi_adapter_soap_message in the Advanced Adapter Engine.

Outbound configuration

Connection and user must be defined by a receiver channel of type SOAP in the Integration Directory.

Signing or encrypting of the SOAP message can be activated in the channel configuration, where a security profile (Web service security or S/MIME) must be selected. The AS Java keystore views of the actual certificate for signing or encrypting are configured in the receiver agreement associated with the channel.

User authentication and anonymous logon are possible.

In Axis mode, further authentication mechanisms are supported: digest, NTLM (Microsoft NT LAN Manager Authentication scheme), and SAP assertion tickets).

If authenticated, the user must have appropriate authorizations in the receiver system.