Skip to Content

Call WCF Service (.NET) from SAP with UsernameToken and SSL

     <security mode=”TransportWithMessageCredential“>

       <message clientCredentialType=”UserName“/>

Configure the service interface to process all actions: (otherwise a mismatch error occurs):

[OperationContract(Action = ““)]*

      string HelloWorld(string value);

SAP Proxy Configuration in transaction SOAMANAGER:



You must be Logged on to comment or reply to a post.
  • Hi Wolfgang Bauer,
    I can not reproduce your setting. How did you create the binding in the soamanger? Did you configure by loading the wsdl or by manual configuration?

    Was the service hosted in IIS? Can you provide the used web.config or app.config?

    I ask you this question because we get a parsing error at creating the binding with the wsdl of an IIS-Hosted Service.

    This services works with Java.

    • Hi Stefan,
      in my reply post to Wolfgang’s web.config I attached a web.config that will generate a compatible WSDL.

      Please use the WSDL based option for creating your logical port.

      After importing the WSDL you should only be asked for the username and a password for the WS Call. So the security tab differs from the UI Wolfgang posted. It only shows the username and the password field.


  • Hi,<br/><br/>I have created the binding manually in the soamanager.<br/><br/>Here is the web.config:<br/><br/><?xml version=”1.0″?><br/><!<br/>    Note: As an alternative to hand editing this file you can use the <br/>    web admin tool to configure settings for your application. Use<br/>    the Website->Asp.Net Configuration option in Visual Studio.<br/>    A full list of settings and comments can be found in <br/>    machine.config.comments usually located in <br/>    \Windows\Microsoft.Net\Framework\v2.x\Config <br/>>        ><br/>          <compilation debug=”true”><br/>               <assemblies><br/>                    <add assembly=”System.Core, Version=, Culture=neutral, PublicKeyToken=B77A5C561934E089″/><br/>                    <add assembly=”System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/><br/>               </assemblies><br/>          </compilation><br/>          <!        ><br/>          <authentication mode=”Windows”/><br/>          <!        ><br/>          <pages><br/>               <controls><br/>                    <add tagPrefix=”asp” namespace=”System.Web.UI” assembly=”System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/><br/>               </controls><br/>          </pages><br/>          <httpHandlers><br/>               <remove verb=”” path=”.asmx”/><br/>               <add verb=”” path=”.asmx” validate=”false” type=”System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/><br/>               <add verb=”” path=”_AppService.axd” validate=”false” type=”System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/><br/>               <add verb=”GET,HEAD” path=”ScriptResource.axd” type=”System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″ validate=”false”/><br/>          </httpHandlers><br/>          <httpModules><br/>               <add name=”ScriptModule” type=”System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/><br/>          </httpModules><br/>     </system.web><br/>     <system.codedom><br/>          <compilers><br/>               <compiler language=”c#;cs;csharp” extension=”.cs” warningLevel=”4″ type=”Microsoft.CSharp.CSharpCodeProvider, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089″><br/>                    <providerOption name=”CompilerVersion” value=”v3.5″/><br/>                    <providerOption name=”WarnAsError” value=”false”/><br/>               </compiler><br/>          </compilers><br/>     </system.codedom><br/>     <!               <add name=”ScriptHandlerFactory” verb=”” path=”.asmx” preCondition=”integratedMode” type=”System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/><br/>               <add name=”ScriptHandlerFactoryAppServices” verb=”” path=”_AppService.axd” preCondition=”integratedMode” type=”System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=, Culture=neutral, PublicKeyToken=31BF3856AD364E35″/>regards

    • Hi,

      thanks for the detailed information about your service. I also create the binding by manual configuration, but i do not have the same options in the soamanager like you. I miss the whole Transport and Authentication options you show in your first screenshot. The options I have here on an EHP 4 are the Autheticationmechanism (User-ID and Password or Sap-Authenticationticket). I translated the text from the options from a german system, so maybe it is not exact the same name in your system.

      In the transport settingstab I miss here your  fields ESR Target Client and WSDL Style.

      Do you know any reason why our soamanagers differ?

      By the way:
      I read where Martin Raepple writes about problems with basicHttpBinding.

    • Unfortunately the WSDL that will be generated out of Wolfgang’s example with the BasicHTTPBinding does use WS Security Policy 1.1. Creating a logical port out of this WSDL will throw an error in SOAMANAGER.                  <!serviceCredentials><br/>                        <serviceCertificate findValue=”WSS ABAP” x509FindType=”FindBySubjectName” /><br/>                    </serviceCredentials>

    • Hi,<br/>  I’m having same issue in our CRM system. I used your web.config file and getting error in Method: IF_SIDL_DESERIALIZER~DESERIALIZE of program CL_SIDL_DESERIALIZER==========CP. Reason is this method check for url in the file. I did following steps.<br/>1.From SE80 created Enterprise Services using WSDL file.<br/>2.In SOAMANAGER select my consumer proxy.<br/>3.Created Logical port ZXYZ by selecting WSDL based configuration and gave web.config.<br/>If I give original WSDL I’m getting only User name and password option.<br/><br/>My Actual Requirement is WSDL which I consume need password type as Passwordtext. <br/><br/>Now if use original wsdl and execute the proxy I getting login error. Same error which get in SOAPUi if I got use passwordtext. When checked the soapui Soap header is formed like below<br/><br/>    <soapenv:Header><br/>     <wsse:Security soapenv:mustUnderstand=”1″ xmlns:wsse=”“><br/>     <wsse:UsernameToken wsu:Id=”UsernameToken-1″ xmlns:wsu=”“><br/>     <wsse:Username>USERNAME</wsse:Username><br/>     <wsse:Password Type=”“>PASSWORD</wsse:Password><br/>     <wsse:Nonce EncodingType=”“>5oHK2KjEop8a6OPsl3pw6Q==</wsse:Nonce><br/>     <wsu:Created>2011-08-17T17:58:50.068Z</wsu:Created><br/>     </wsse:UsernameToken><br/>     </wsse:Security><br/>     </soapenv:Header><br/><br/>Can you suggest me how password type as passwordtext.<br/><br/>Thanks in advance

  • Hi,

    1. Create your binding manually in the soamanager.
    2. Save the binding.
    3. Choose again edit binding.
    4. Now on the first tab other fields are available… 😉


    • Hi Wolfgang Bauer,

      even if I follow your instructions we miss the listed fields for configuration.

      The fields are missing on our development system and on the productive system from our customer.

      regards Stefan Seeland

    • Hi Wolfgang Bauer,

      our first attempts gone through the same steps. I tried it one time again like you propose.

      We still miss the listed fields on our development system and at our customers development system.

      If you are interested I will send you a screenshot and the corespending oss-message.

      regards Stefan Seeland

  • Hello friends.

    I currently have a requirement to consume a WCF web service made in .Net in SAP GRC.

    Please I thank you if any of you have more detailed information on a step by step of how to carry out this process.

    From what I understand it is possible to modify the WSDL file and then create a logical port with that file in the SOAMANAGER, however, I do not know what are the modifications that must be made to the file, in addition to how to create SSL certificate validation.

    I appreciate all your help.

    Best Regards!!!