Show TOC Start of Content Area

Background documentation Adapters and Runtimes on the Integration Server  Locate the document in its SAP Library structure

The Integration Server includes the following adapters and runtimes:

      The IDoc adapter

The IDoc adapter translates between XI messages and IDoc calls, which rely on the tRFC protocol.

      The Plain HTTP adapter

The Plain HTTP adapter handles HTTP requests, in which the XI message header data is transported using URL parameters, and the HTTP body only contains the message payload.

      The WS runtime

The WS runtime translates between the XI protocol and Web service messages, which rely on the WS protocol.

The following paragraphs summarize the security-relevant aspects of these adapters and runtimes. For a detailed description of how to configure SSL for the Advanced Adapter Engine, refer to HTTP and SSL.

      Underlying protocol

       IDoc adapter:

tRFC

Inbound and outbound connections should be secured by Secure Network Communication (SNC).

       Plain HTTP adapter:

HTTP

Inbound and outbound connections should be secured by Secure Sockets Layer (SSL).

       WS runtime

HTTP

Inbound and outbound connections should be secured by Secure Sockets Layer (SSL).

      Inbound configuration

       IDoc adapter:

Connection and user must be defined in RFC destination of type 3 from sender IDoc system to Integration Server.

User must have role SAP_XI_APPL_SERV_USER on Integration Server.

       Plain HTTP adapter:

HTTP sender must use URL http://<host>:<port>/sap/xi/adapter_plain and a corresponding HTTP logon procedure of AS ABAP.

User must have role SAP_XI_APPL_SERV_USER on Integration Server.

       WS runtime

Connection and user authentication are defined by a sender channel and an associated sender agreement of type WS.

The connection data (URL is http://<host>:<port>/sap/bc/srt/xip/sap/<path to individual WS-provider>) and type of authentication are maintained in the channel.

Authentication data (if required) is maintained in the agreement.

Possible authentication types are:

       Anonymous login

       User/password

       SSL client authentication

       SAP assertion ticket

       WSS X.509 certificate token

       SAML

User must have role SAP_XI_APPL_SERV_USER and authorization object S_SERVICE. Authorization for individual Web services can be given (more information Authorization).

      Outbound configuration

       IDoc adapter:

Connection and user must be defined by a channel of type IDoc in the Integration Directory. The channel must reference an SM59 destination from the Integration Server to the receiver IDoc system.

User must have appropriate IDoc and application authorizations in the receiver IDoc system.

       Plain HTTP adapter:

Connection and user must be defined by a channel of type HTTP in the Integration Directory.

User authentication and anonymous logon are possible.

If authenticated, user must have appropriate authorizations in the receiver system.

       WS runtime

Connection and user authentication are defined by a receiver channel and an associated receiver agreement of type WS.

The connection data and type of authentication are maintained in the channel.

Authentication data (if required) is maintained in the agreement.

Possible authentication types are:

       Anonymous login

       User/password

       SSL client authentication

       SAP assertion ticket

       WSS X.509 certificate token

       SAML

If authenticated, user must have appropriate WS and application authorizations in the receiver system.

 

End of Content Area