AS ABAP 7.00:
- SAP Notes: 1176558, 1325457
- Kernel Patch level: 207
- Support Package SP5
- Kernel patch level: 74
- SAP Notes 1170238, 1325457
- Kernel patch level: 150
1) Axis 1.4.1 from http://ws.apache.org/axis2/download.cgi
2) Wss4J 1.5.7 from http://www.apache.org/dyn/closer.cgi/ws/wss4j/
Due to a bug in wss4j version 1.5.4 shipped with Axis2 1.4.1, I replaced the wss4j with version 1.5.7. wss4j 1.5.4 ignores the SignedParts elements in axis2.xml and does not sign the timestamp element.
Any SAML assertion created by Axis2 needs to be trusted by the SAP system and be mapped to an SAP user. Please follow the instructions from section Configure Trust for SAML SenderVouches authentication ( ABAP) using the following information:
- SAML Issuer: Axis
- SAML Name Identifier: (empty,not used)
- Subject of the X.509 certificate used for the message signature (from the example): CN=Axis, OU=NW SIM, O=NW, L=Walldorf, SP=Baden Wuerttemberg, C=DE
The second file crypto.properties contains the configuration information for the keystore
Save the WSDL in a file.
The property file saml.properties contains the SAML specific configuration. Ramparts default implementation for creating SAML assertions does not define the validity of the SAML assertion, which is required by SAPs implementation. Use the example implementation below to generate SAML assertions accepted by SAP. The response contains a timestamp, which is configured in the InflowSecurity section.
- Endpoint url of the web service
- Path to Axis2 repository
- Path to axis2 configuation file
- Name of the user to write into the SAML assertion