SAP PI/PO, How to validate and add Cipher Suites for SAP NetWeaver Server

A few mothns ago I had to enable some chiper suites for the SAP netweaver server to support the old communication for some web services. In this entry I would like to share with you how I did it.

How to validate supported chipher suites on the server

The must simple way to do it is using the xpi_inspector tool, set target url and execute the analyse to get the report.

When the analyse is stopped the Enabled chiper suits list is showed with the handshake error during the negotiation, the default chiper suites are described in SAP note 2284059 – Update of SSL library within NW Java server:

Seguir leyendo →

SAP PO, print log messages during Message Mapping tests

Hi! this is a quick tip, whenever that we used a java UDF into a message mapping it could be possible to print log trace message during the tests using the AbstracTrace object.

This is an example of one function to print a file name using the level info:

public String buildFilename(String filenamePattern, String tableName, String date, String replacementDate, String hour, String replacementHour, Container container) throws StreamTransformationException{

	AbstractTrace trace = container.getTrace();

	String formattedDate = date.replaceAll(REGEX_DATE, replacementDate);
	String formattedHour = hour.replaceAll(REGEX_HOUR, replacementHour);

	String filename = filenamePattern
                .replace("{tableName}", tableName)
                .replace("{date}", formattedDate)
                .replace("{hour}", formattedHour);

	trace.addInfo("Set filename to: "+ filename);

return filename;

When the test is executed the message must be showed into the log, like this:

That’s all, bye!

Windows Powershell, how to temporarily set Java and Maven varables on the current terminal session

This is a quick tip, in order to configure the Windows Powershell for set the Java and Maven variables when is there another Java installation on the system, but you only want to apply on the current terminal session to avoid change the system configuration.

There are two ways to do that:

1. Replacing current environment variables in session.

$env:JAVA_HOME = "C:\Program Files\Java\jdk-11"
$env:PATH = "$env:JAVA_HOME\bin;" + $env:PATH
$env:M2_HOME = "C:\Program Files\maven\apache-maven-3.5.3"
$env:PATH = "$env:M2_HOME\bin;" + $env:PATH

Execution output:

> java -version
openjdk version "11" 2018-09-25
OpenJDK Runtime Environment 18.9 (build 11+28)
OpenJDK 64-Bit Server VM 18.9 (build 11+28, mixed mode)
> mvn.cmd -version
Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02-24T13:49:05-06:00)
Maven home: C:\Program Files\maven\apache-maven-3.5.3\bin..
Java version: 11, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk-11
Default locale: es_419, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"

2. Replacing current environment variables and execute with the specific Java home

$env:JAVA_HOME = "C:\Program Files\Java\jdk-11"
$M2_HOME = "C:\Program Files\maven\apache-maven-3.5.3"
$env:Path += ";"+$M2_HOME+"\bin"
$env:Path += ";"+$JAVA_HOME+"\bin"

Execution output:

> java -version
java version "1.8.0_321"
Java(TM) SE Runtime Environment (build 1.8.0_321-b07)
Java HotSpot(TM) 64-Bit Server VM (build 25.321-b07, mixed mode)
> & $env:JAVA_HOME\bin\java.exe -version
openjdk version "11" 2018-09-25
OpenJDK Runtime Environment 18.9 (build 11+28)
OpenJDK 64-Bit Server VM 18.9 (build 11+28, mixed mode)
> mvn.cmd -version
Apache Maven 3.5.3 (3383c37e1f9e9b3bc3df5050c29c8aff9f295297; 2018-02-24T13:49:05-06:00)
Maven home: C:\Program Files\maven\apache-maven-3.5.3\bin..
Java version: 11, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk-11
Default locale: es_419, platform encoding: Cp1252
OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"

This last is very useful when you have installed different Java versions and you don’t need to change your system configuration.

In order to reset the configuration restart the terminal session.

That’s all, bye

How to do a HTTP request from terminal

A quick tip for use in terminal:

# print string auth 
echo -n "dummyuser:MyPassword" | base64

# Unix terminal (basic auth, doing http request with GET method)

curl -X GET \
  -H "Content-Type: text/xml" \
  -H "Authorization: Basic ZHVtbXl1c2VyOk15UGFzc3dvcmQ=" \
  "http://dummyserver:5000/dir/wsdl?p=ic/6e7abd99891231jij123ndb769978566c470"


# Unix terminal (basic auth, doing http request with POST method to send payload from file)

curl -X POST \
  -H "Content-Type: application/soap+xml" \
  -H "Authorization: Basic ZHVtbXl1c2VyOk15UGFzc3dvcmQ=" \
  -d @./request.xml \
  "https://dummyserver:50001/XISOAPAdapter/MessageServlet?senderParty=&senderService=SYS_LEGACY&receiverParty=&receiverService=&interface=BookingFlight_Out&interfaceNamespace=http://LGCY/namespace"


# Unix terminal (basic auth, doing http request with POST method)

curl -X POST \
  -H "Content-Type: text/xml" \
  -H "Authorization: Basic ZHVtbXl1c2VyOk15UGFzc3dvcmQ=" \
  -d "<soapenv:Envelope>....ommited lines </soapenv:Envelope>" \
  "https://dummyserver:50001/XISOAPAdapter/MessageServlet?senderParty=&senderService=SYS_LEGACY&receiverParty=&receiverService=&interface=BookingFlight_Out&interfaceNamespace=http://LGCY/namespace"

# Windows Powershell (basic auth, doing http request with GET method)

$Username = "dummyuser"
$Password = ConvertTo-SecureString "MyPassword" -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ($Username, $Password)

Invoke-RestMethod -Uri "http://dummyserver:5000/dir/wsdl?p=ic/6e7abd99891231jij123ndb769978566c470" -Method GET -Credential $Credential


# Windows Powershell (basic auth, doing http request with POST method to send payload from file)
 
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes("dummyuser:MyPassword"))
$headers = @{
    Authorization = "Basic $base64AuthInfo"
    "Content-Type" = "text/xml"
}

Invoke-RestMethod -Uri "https://dummyserver:50001/XISOAPAdapter/MessageServlet?senderParty=&senderService=SYS_LEGACY&receiverParty=&receiverService=&interface=BookingFlight_Out&interfaceNamespace=http://LGCY/namespace" -Method Post -Headers $headers -Body (Get-Content -Path "request.xml" -Raw)

Bye!

SAP PI/PO, Configure Dual Authentication for SFTP receiver adapter

In this entry I would like to share how I’ve configured a SFTP receiver adapter with Dual authentication (using Password and a ssh key file), in this case I’ve received the key file from another team (created with puttygen in a file with extension .ppk) and I’m going to convert and import it into the Key Manager of SAP PO.

Let’s get started.

1. Export private key in OpenSSH format, open PuttyGen and choose menu Conversions > Import key and select the ppk file, then go back to Conversions > Export OpenSSH key and save the private key. The output file must be something like this:

-----BEGIN RSA PRIVATE KEY-----
ct0Nd/ZYquo+o3mPaoGuw3kXQ5lEM+Ui3vzSoNfUXmcaLL41mrNqCmp7uTVyhm6i
Yj/7z6jtKWH5r6qh82893muS2O+CNTqrRbTvYpVdCUZ4an8QBOduFYGACcm5SeSC
vd9yNuQV3NXcB99xsZ72uoQsDsa3FbT1EUgU+of/91EBm9vW3VcihTjKeficvyNP
JmjsCHDBAoGBAN7SPfmIN2N/TK/dch7g8xt8gKKgOvaln0GzCRx17dY0wMoUz1Q/
IJcLRMGU9rDjkH4zFR3GWX8ZhIPjHrVzIGxtfq5Vb1YqFul31hs1ex/5KNgYC5yN
4MFKYoldR7Zt+sc1VJx543EUMeA9lDxJN5ggW+Dyh7M+vfGN+/yHo21V2YnaMUkV
Kxa2/FKa7XdKQ/4h5BayO7dmSiUqFfWNN6C8kJv3F0GD5Jft9Q32b4KQ+Y/hYjOm
MgY0/HyizobfW9g2YvCubpfSWyjduVq2HDO4YsFpAoGBAJoA1bTR4PZz1Zz3gRi2
xapVfApZUVmvd6PBZ6qlYUStTMI3FyFixH3hxqCbXchOrU5hJTcsmpUlAoGBAK0l
llqZNAF+82Ayo2pznlNZuIr58ColWC9D0iQkNngsq3V/HLEkygD1mLeSbk6vKAK0
KR7wnFY0XK3SYEpeGyJRK7UJreOdcDlf/9UWV9CLWUBuf+376DNrLLPRoZEq7c8m
MIIEpAIBAAKCAQEAlrTLIqGxCNTKpQuQFcfkpyfugD1JdmuJvYY1k/P4wTXBb2Oz
DmOfP0eyULhyjFEXYudP0Bq+RjQfQ4y11ic17dtOiA4oBEpGSC2PFx1H0hbBkXNW
.... ommited lines ....
OT+H/LCksXzwY/f4TLCFs5HBAoGALwWULYqJqxZU9f0KkDBSAQTOrz9tT6TQrBVZ
ok2FDFs7D/Yt8iBcd9yjNjOVykMPG4NEB2PZ7xcNXwtKjOvtyOC/fQ==
-----END RSA PRIVATE KEY-----

2. Create a dummy certificate (in a pem file), open the terminal an execute next command, you have to complete the propmt data for the certificate.

openssl req -new -x509 -days 9999 -key private.key -out cert.pem

Output:

$ openssl req -new -x509 -days 9999 -key private.key -out cert.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:MX
State or Province Name (full name) [Some-State]:Ciudad de Mexico
Locality Name (eg, city) []:CDMX
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Dummy
Organizational Unit Name (eg, section) []:IT Dummy
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:

Seguir leyendo →

How to connect to a SFTP server from terminal using Password and SSH key authentication

Hi! this is a quick tip connect to SFTP server using a SSH key and password authentication.

Recently I’ve received a file created with Putty Key Generator «file.ppk», in order to establish the connection from terminal I had to use the private key and password to comply with the authentication method.

So, I had to extract the private key as shown as follow:

1. Open Putty Key Generator, select menu Conversions > Import key and load the ppk file

2. Select Conversions > Export OpenSSH key, you can save it with or without passphrase

3. Grant the permissions at the created file only for your user:

# Windows
icacls filename /inheritance:r /grant username:F

# Unix
chmod 700 filename 

4. Open the terminal and go to the folder where you saved the key, then execute the next command:

sftp -oHostKeyAlgorithms=+ssh-rsa -i <key> <username>@<server ip>

Complete the pasword prompt (and the passphrase if you setted one) to establish the connection, the output must show something like this:

$ sftp -oHostKeyAlgorithms=+ssh-rsa -i id_dummy_rsa dummyuser@111.222.33.321
(dummyuser@111.222.33.321) Enter password: 
Connected to 111.222.33.321.
sftp>

And thats it!

bye! =D

SAP PO, describe table using a function module to create Data Types

Hi in this entry I would like to share a quick tip to create the XSD Data Type from ABAP table structure with a lot of fields using a funtion module to save time.

Recently I had to create some structures in SAP PO from different ABAP tables, in order to simplify the process I’ve donwloaded the required table data using a function module as follow:

1. Go to SE37 transaction and execute the function DDIF_TABL_GET, then set the import parameters (table name and language):

Seguir leyendo →

SAP PO, Receiver REST Adapter with OAuth authentication using a UDF

Hi, in this entry I would like to share the source code that I’ve used to develop a service interface which must to authenticate with a OAuth service.

I know there is an option to manage the authtentication by default into the receiver REST adapter, but it only works if the OAuth service have a specific response structure, like this:

{
    "access_token": "eyJ0b2tlbkNvbnRlbnQ***ZMm5Tdz0ifQ==",
    "token_type": "Bearer",
    "expires_in": 86399
}

Unfortunately I don’t have that structure because my auth provider have something custom with their own fields, also I must to renew the authentication token every 20 minutes. So then, my only option to handle this is using a UDF into Message Mapping and not use the deafult functionality in the adapter.

So lets get started.

Seguir leyendo →

React and React Native demo applications

Hi, in this entry I would like to share the projects that I’ve developed during the course to create web and mobile applications using React and React Native given by Universidad Politécnica de Valencia (UPV) from Miriada X.

During the course I’ve learn how to use some basic concepts to create the applications with new components and I would like to share here the projects as referece with the GitHub repositories for each one.

react-native-user-search: A mobile application to show how to consume API REST to search users and render the result in a list.

Seguir leyendo →

Fórmula del interés compuesto

Durante los estudios de mi segunda licenciatura fue interesante recordar mi odio/temor por las matemáticas, porque nunca he sido, ni me considero bueno en ello, pero durante las clases de cálculo no sentía la misma presión como cuando era joven… y resulto ser muy diferente y liberador, porque realmente quería aprender y no solo obtener una nota aprobatoria. Fue duro sí, pero de cierta forma lo disfruté.

Así que hoy quiero comenzar a escribir sobre fórmulas y ecuaciones pero aplicado a situaciones comunes. Creo que será una buena forma de reforzar algunas habilidades.

Seguir leyendo →