Skip to Content

This document is a continuous supplement to the blog Creating Web Services with B1if and Consuming by DotNet, in which it has discussed how to create Web Service with B1if, and consume the B1if Web Service with DotNet with two options as No Authentication (anonymous) and Basic Authentication (user name and password required), all the communication is based on HTTP. Often people ask for HTTPS communication over Internet instead of HTTP in the B1if for security concern. For instance, an eCommerce web site integrated with SAP Business One backend via B1if would prefer HTTPS communication than HTTP for sensitive business data is transport through Internet.

This time we’ll learn:

  • How to generate and install a SSL certificate for B1if tomcat?
  • How to setup a Web Service package in B1if with Basic Secure Authentication? Which requires a HTTPS connection with B1if run-time user name and password?
  • How to consume the B1if Web Service with HTTPS connection by DotNet?

Sample project available here:

Sample of B1if Web Services and DotNet Client

Step 1: Generate and install a SSL certificate for B1if tomcat

Please refer to this document for details: How to generate and install a SSL certificate for B1if tomcat?

Step 2: Configure the authorization of the web service package in B1if as “Basic Secure Authentication”

You’ll need to deactivate the package before changing the authentication if the package is already active.

Then configure the authorization of through:

Menu path: B1if=>Scenario=>Package Design=>Select your web service package=>Select “Basic Authentic Authentication” as Authentication.

Finally, activate the package again.

Step 3. Generate the XSD and WSDL for the B1if Web Service

If you just switch the existing B1if web service from HTTP to HTTPS, and already have the XML schema definition (xsd) files ready for the input and output of the web service, then you can reuse them, and skip the XSL generation below, just generate the WSDL again.

To Generate XSD:

Before the XSD generation, you should have test run the process of the scenario step of the web service successfully. B1if will record the samples of the input message and output message during the test run, which will be used to generate XSD.

Menu path to generate XSD: B1if=>Scenario=>Setup=> Select your web service package=>Tools=>Generate XSD

After the XSD generated, you can find <name_space><scenario_step>_in.xsd and <name_space><scenario_step>_out.xsd in the package design bizstore. The XSD may not be correct, which often need to be corrected by manual, especially for the case of multiple rows, one sequence data type is generated per each row, hence multiple data types are generated with same definition, such as row1Type, row2Type…which should be only one complex data type generated with multi-occurrence for Array.

The samples as below:
An inbound request sample.

<GetDocList>

            <TableName>ORDR</TableName>

</GetDocList>

Inbound xsd (xxxGetDocList_in.xsd):

<?xml version=”1.0″ encoding=”UTF-8″ ?>

<xs:schema xmlns:bfa=”urn:com.sap.b1i.bizprocessor:bizatoms xmlns:xs=”http://www.w3.org/2001/XMLSchema elementFormDefault=”qualified“>

<xs:element name=”GetDocList“>

<xs:complexType>

<xs:sequence>

<xs:element name=”TableName type=”xs:string” />

</xs:sequence>

                   </xs:complexType>

          </xs:element>

</xs:schema>

An outbound response sample:

Outbound xsd (xxxGetDocList_out.xsd):

<?xml version=”1.0″ encoding=”UTF-8″ ?>

  <xs:schema xmlns:bfa=”urn:com.sap.b1i.bizprocessor:bizatoms xmlns:xs=”http://www.w3.org/2001/XMLSchema elementFormDefault=”qualified“>

<xs:element name=”GetDocsListResponse“>

<xs:complexType>

         <xs:sequence>

                      <xs:element name=”GetDocListResult type=”GetDocListResultType” />

</xs:sequence>

</xs:complexType>

</xs:element>

<xs:complexType name=”GetDocListResultType“>

<xs:sequence>

                      <xs:element name=”row type=”rowType” />

                   </xs:sequence>

</xs:complexType>

<xs:complexType name=”rowType“>

<xs:sequence>

                      <xs:element name=”DocEntry type=”xs:integer” />

                      <xs:element name=”CardCode type=”xs:string” />

                      <xs:element name=”CardName type=”xs:string” />

                      <xs:element name=”DocTotal type=”xs:integer” />

                      <xs:element name=”DocDate type=”xs:string” />

                   </xs:sequence>

</xs:complexType>

</xs:schema>

To Generate WSDL:

Menu path: B1if=>Scenario=>Setup=> Select your web service package=>Tools=>Generate XSD

The WSDL file will be generated in the bizstore /com.sap.b1i.vplatform.scenarios.setup/<Your Package Name>/<system id of WS B1i system>_<Package Name>.wsdl

You can view the WSDL file in browser, just copy the URL of WSDL that will be used later on.

Step 4. Create a B1i run-time user for the Web Service access instead of B1iadmin user

B1iadmin user is the system administrator user of B1if with the highest system access privilege. It is recommended to consume the web service of B1if with a run-time user, who only has minimal required privilege of invoking the B1if web service.

To add a run-time user of B1i:

B1if=>Maintenance=>User Administration=>Runtime User=>Add User

Step 5. Add service reference of

WSDL to your DotNet project, and amend App.config of your DotNet project for basic secure authentication.

Now you can add the service reference with the WSDL address of B1if Web Service, if it is already added, please remove it first.

WSDL address may be slightly different when viewing it in browser due to some change in B1if 88.2 PL07.

The correct WSDL address example:

Prior to B1if 88.2 PL07

HTTPS://melv50804327b:8443/B1iXcellerator/exec/dummy/com.sap.b1i.vplatform.scenarios.setup/vPac.xxx.WStest/0010000105_xxx.WStest.wsdl

Since B1if 88.2 PL07

HTTPS://melv50804327b:8443/B1iXcellerator/exec/webdav/com.sap.b1i.vplatform.scenarios.setup/vPac.xxx.WStest/0010000105_xxx.WStest.wsdl

A login window will pop up twice. Please enter B1iadmin credential.

A sample App.config for the B1if Web Service with Basic Secure Authentication below:

<?xml version=1.0encoding=utf-8 ?>

<configuration>

<startup>

<supportedRuntime version=v4.0sku=.NETFramework,Version=v4.0,Profile=Client />

</startup>

<system.serviceModel>

<bindings>

          <basicHttpBinding>

                <binding name=ipostep_vP.0010000105.in_WCSX_com.sap.b1i.vplatform.runtime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPT.ipo_proc_SoapBinding1

                    closeTimeout=00:01:00openTimeout=00:01:00receiveTimeout=00:10:00

                    sendTimeout=00:01:00allowCookies=falsebypassProxyOnLocal=false

                    hostNameComparisonMode=StrongWildcardmaxBufferSize=655360

                    maxBufferPoolSize=524288maxReceivedMessageSize=655360

                    messageEncoding=TexttextEncoding=utf-8transferMode=Buffered

                    useDefaultWebProxy=true>

                    <readerQuotas maxDepth=32maxStringContentLength=8192maxArrayLength=16384

                        maxBytesPerRead=4096maxNameTableCharCount=16384 />

                    <security mode=Transport>

                        <transport clientCredentialType=BasicproxyCredentialType=None

                            realm=“” />

                        <message clientCredentialType=UserNamealgorithmSuite=Default />

                    </security>

                </binding>

            </basicHttpBinding>

</bindings>

<client>

<endpoint address=HTTPS://MELV50804327B:8443/B1iXcellerator/exec/soap/vP.0010000105.in_WCSX/com.sap.b1i.vplatform.runtime/INB_WS_CALL_SYNC_XPT/INB_WS_CALL_SYNC_XPT.ipo/proc

                binding=basicHttpBindingbindingConfiguration=ipostep_vP.0010000105.in_WCSX_com.sap.b1i.vplatform.runtime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPT.ipo_proc_SoapBinding1

                contract=GetDocListService.ipostep_vP0010000105in_WCSX_comsapb1ivplatformruntime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPTipo_proc

                name=ipostep_vP.0010000105.in_WCSX_com.sap.b1i.vplatform.runtime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPT.ipo_proc_SoapBinding_HTTPS />

</client>

</system.serviceModel>

</configuration>

You may need to comment or remove the other bindings and endpoints if you receive some exception about the mismatched or wrong binding or endpoint. The security part marked in yellow is relevant to enable the basic secure authentication. The endpoint of the service is used HTTPS for connection.

The code snip of VB.DotNet to consuming the B1if Web Service as below:

Dim request As GetDocListService.GetDocList = New GetDocListService.GetDocList

request.TableName = “ORDR”

        Dim response As GetDocListService.GetDocsListResponse = New GetDocListService.GetDocsListResponse

       

        Try

Dim service As ipostep_vP0010000105in_WCSX_comsapb1ivplatformruntime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPTipo_procClient = _

New ipostep_vP0010000105in_WCSX_comsapb1ivplatformruntime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPTipo_procClient

‘Yatsea: Please replace the password with your own password.

service.ClientCredentials.UserName.UserName = “<Your B1i runtime user>”

service.ClientCredentials.UserName.Password = “<Your B1i runtime user’s password>”

response = service.xxxGetDocList(request)

MsgBox(“B1if Web Services Invoked successfully”)

Dim row As rowType = response.GetDocListResult.row

Me.txtResponse.Text = row.CardCode

        Catch ex As Exception

MsgBox(ex.Message)

        End Try


In summary,  HTTPS is by default enabled in B1if. For a scenario package, B1if provides  basic secure authentication , which requires HTTPS communication. In order to consume the web service package with HTTPS, a certificate from B1if server is required to be installed in the client machine. The configuration of service reference for B1if need to be setup accordingly. Now you can use the web service of B1if in a more secure way.

To report this post you need to login first.

3 Comments

You must be Logged on to comment or reply to a post.

  1. Joerg Aldinger

    Hello Yatsea!

    Thanks for this important piece of information – I have revisited it several times now.

    One question I have is about the generation of the WSDL file. In scenarios where you add B1 objects to the database you often would want a complete B1 object reference in the WSDL file. However, the current flow of the definition goes from the incoming test message to the XSD file and then to the WSDL file, more or less in an automated way.

    Where in this process would be the best place to insert a complete B1 object schema so that the generated WSDL actually contains all the possible properties? Is there any best-practice or suggestion to do this?

    Thanks and all the best,

    Joerg.

    (0) 
    1. Yatsea Li Post author

      Hi Joerg,

      Sorry for a far way belated reply.

      For development efficiency and the run-time performance, I will suggest use a compact b1 object(with the field needed only) or your own simple object schema, for the business object schema in B1 is quite big and complex.

      The inbound request or outbound respond XSD are automatically generated by the B1if tool, so please assure a good example in test inbound message and out message to generate them properly. And you should double check the schema if it is correct, if not, you may modify it accordingly.

      Actually, a RESTful like HTTP(s) (triggered by HTTP)+ JSON(data format) approach are simplified and efficient than Web Services.

      Kind Regards,Yatsea

      (0) 
      1. Joerg Aldinger

        Thank you Yatsea.

         

        I really hope the work on a Service Layer for SQL server advances quickly. I can already see the first bits and pieces embedded in the new Job Service Backend…

         

        Thanks!

         

        Joerg.

        (0) 

Leave a Reply