Microsoft Corporation and SAP AG tested standards-based interoperability between SAP NetWeaver and .NET Framework 3.5.
The goal of these tests was to ensure quality of service through reliable messaging, to provide a simplified configuration through WSDL and policy and to ensure secure message exchange through WS Security and WS SecureConversation.
First tests were already executed in SAP enhancement package 1 for SAP NetWeaver Process Integration 7.1 based on the following standards:
- SOAP 1.1 is lightweight protocol for exchange of information in a decentralized, distributed environment.
- WS-ReliableMessaging 1.1 allows messages to be transferred reliably between nodes implementing this protocol in the presence of software component, system, or network failures.
- WS-Security 1.0 describes enhancements to SOAP messaging for message integrity and confidentiality.
- WS-SecureConversation 1.3 introduces a security context and its usage.
- WS-Policy 1.2 defines a base set of constructs that can be used and extended by other Web services specifications to describe a broad range of service requirements and capabilities.
- Additionally, WS-SecurityPolicy 1.2 indicates the policy assertions for use with WS-Policy which apply to WSS: SOAP Message Security (WSS10, WSS11), WS-Trust and WS-SecureConversation.
WS-Addressing 1.0 provides transport-neutral mechanisms to address Web services and messages.
Ensuring Quality of Service
The tests cover non-addressable client scenarios, that means communication is always set up by the client. Tests use the following messge exchange patterns:
- Request-Response, unreliable, blocking
In a request-response scenario the consumer sends a request and the provider sends a response back. Unreliable communication does not quarantee exactly once delivery. A blocking programming model is supported, the consuming application waits until the response is sent back. SAP calls this pattern synchronous communication.
One-Way, reliable, non-blocking
In a one-way scenario the consuming application sends a request, but there is no response messge on business level. In reliable communication messages are exchanged exactly once and in correct order. A non blocking programming model is supported, the consumer continues processing after triggering the call. SAP calls this pattern asynchronous communication.
An SAP ABAP backend system (SAP) or a Microsoft .NET framework 3.5 compliant system is either the Web service provider or the Web service consumer. All message exchange is brokered by SAP NetWeaver PI. All communication is configured in the Integration Directory using adapter type WS.
Recommended Interoperable Scenarios
Set up interoperable scenarios for secure synchronous and asynchronous standards-based communication (WS-RM 1.1) between SAP NetWeaver PI and .NET Framework 3.5 compliant applications by using HTTPS on the transport level combined with authentication methods X.509 SSL Client Certificate (Transport Channel Authentication), User ID/Password (Message Authentication), or X.509 Certificate (Message Authentication).
Alternatively secure the message transport by using symmetric/asymmetric message signature/encryption on message level and combine it with authentication methods
User ID/Password (Message Authentication) or X.509 Certificate (Message Authentication).
Additionally make use of WS SecureConversation to build a security context. SAP is initially using the security context primarily to allow WS-ReliableMessaging to reuse a security context.
Guide and Demo
Markus Hardank created a demo and a guide showing how to set up and configure an interoperable scenario, starting with creating and providing certificates in the SAP and in the Microsoft environment, configuration in the Integration Directory and executing and monitoring the scenario.