Microsoft Corporation and SAP AG testedÂ standards-based interoperability between SAP NetWeaver and .NET Framework 3.5.
The goal of these tests wasÂ to ensure quality of service through reliable messaging, to provide a simplified configuration through WSDL and policy and to ensure secure message exchange through WS Security and WS SecureConversation.
First tests wereÂ alreadyÂ executed in SAP enhancement package 1 for SAP NetWeaver Process Integration 7.1 based onÂ the following standards:
- SOAP 1.1Â is lightweight protocol for exchange of information in a decentralized, distributed environment.
- WS-ReliableMessaging 1.1Â allows messages to be transferred reliably between nodes implementing this protocol in the presence of software component, system, or network failures.
- WS-Security 1.0Â describes enhancements to SOAP messaging forÂ message integrity and confidentiality.
- WS-SecureConversation 1.3Â introduces a security context and its usage.
- WS-Policy 1.2Â defines a base set of constructs that can be used and extended by other Web services specifications to describe a broad range of service requirements and capabilities.
- Additionally,Â WS-SecurityPolicyÂ 1.2Â indicates the policy assertions for use with WS-Policy which apply to WSS: SOAP Message Security (WSS10, WSS11), WS-Trust and WS-SecureConversation.
WS-Addressing 1.0Â provides transport-neutral mechanisms to address Web services and messages.
Ensuring Quality of Service
The tests cover non-addressable client scenarios, that means communication is always set up by the client. TestsÂ use the following messge exchange patterns:
- Request-Response, unreliable, blocking
In a request-response scenario the consumer sends a request and the provider sends a response back. Unreliable communication does not quarantee exactly once delivery. A blocking programming model is supported, the consuming application waits until the response is sent back. SAP calls this pattern synchronous communication.
One-Way, reliable, non-blocking
In a one-way scenario the consuming application sends a request, but there is no response messge on business level. In reliable communication messages are exchanged exactly once and in correct order. A non blocking programming model is supported, the consumerÂ continues processing after triggering the call.Â SAP calls this pattern asynchronous communication.
An SAP ABAP backend system (SAP) or a Microsoft .NET framework 3.5 compliant system is either the Web service provider or the Web service consumer. All message exchange is brokered by SAP NetWeaver PI. All communication is configured in the Integration DirectoryÂ using adapter type WS.
Recommended Interoperable Scenarios
Set up interoperable scenarios for secureÂ synchronous and asynchronousÂ standards-based communication (WS-RM 1.1) between SAP NetWeaver PI and .NET Framework 3.5 compliant applications by using HTTPSÂ on the transport level combined withÂ authentication methods X.509 SSL Client Certificate (Transport Channel Authentication), User ID/Password (Message Authentication), or X.509 Certificate (Message Authentication).
Alternatively secure the message transport by using symmetric/asymmetric message signature/encryptionÂ on message level and combine it with authentication methods
User ID/Password (Message Authentication) or X.509 Certificate (Message Authentication).
Additionally make use of WS SecureConversationÂ to build a security context.Â Â SAP is initially using the security context primarily to allow WS-ReliableMessaging to reuse a security context.
Guide and Demo
Markus HardankÂ createdÂ a demo and a guideÂ showing how to set up and configure an Â interoperable scenario, starting with creating and providingÂ certificates in the SAP and in the MicrosoftÂ environment, configuration in the Integration Directory and executing and monitoring the scenario.