Technical Articles
Cloud Integration – Working with AS4 adapter
Introduction:
SAP Cloud Integration earlier released AS4 adapter for ATO integration with Light Client conformance profile. With February 2019 release, we have enhanced the functionality of AS4 adapter to support ebHandler Conformance Profile.
In this blog, I would describe distinctive features of our initial release of AS4 (ebHandler) adapter. We have enhanced the existing AS4 Receiver adapter and introduced a new AS4 Sender to support different requirements of AS4 ebHandler conformance profile.
AS2 vs AS4:
AS4 is a superset of AS2 with additional capabilities like support for multiple payloads*, support for pulling* and support for additional authentication types (e.g.: SAML).
Below table depicts the difference between AS2 and AS4 specifications.
AS2 |
In Common |
AS4 |
• MIME • S/MIME • MDN
|
• Payload Agnostic • Payload Compression • Signing & Encryption • Non-Repudiation of Origin • Non-Repudiation of Receipt |
• SwA (SOAP w Attachments) • WS-Security • Receipt
|
NOTE:* In this release, we do not support processing of multiple payloads and pull MEP (Message Exchange Pattern).
Features Supported in SAP AS4 Adapter:
The SAP Applicability Statement 4 (AS4) is a secure, reliable, and payload-agnostic protocol. It uses Web services to transmit business documents. For more information refer AS4 conformance profile defined by OASIS standard.
Below mentioned features are supported in AS4 adapter
- Payload Agnostic: All types of message payloads are supported.
- Payload Compression: The payload can be compressed in GZip format.
- Signing & Encryption: Message is signed using WS-Security before encrypted.
- Non-Repudiation of Origin: You can achieve this by signing the message on the Sending MSH.
- Non-Repudiation of Receipt: You can achieve this by signing the receipt on the Receiving MSH.
- MEP (Message Exchange Patterns): With the initial release, we support only One-Way/Push with “Response” pattern.
- Reliability: Correlating Receipt with previously sent user messages is supported. But Detection of missing receipt and Ability to report an error in case of missing receipt are not part of this release.
- Security: We support Digital Signatures and Encryption. username/password token is not supported with this release.
- Authentication: SAML, Basic and Client Certificate types of authentication are supported.
- Store Receipt: We support the storing of receipts.
- Verify Receipt: We support verification of receipt signature
- Dynamic Configuration: We also allow the configuration of the receiver adapter using dynamic headers.
- Message Size: Allows you to restrict body and attachment sizes of an incoming message.
Scenario:
To demonstrate AS4 capabilities offered on SAP Cloud Integration, I would consider a scenario of exchanging business documents between two B2B trading partners. In this scenario the trading partners are using two different cloud integration tenants as middleware in their landscape.
- Trading Partner 1(Supplier): Configures the SAP Cloud Integration tenant as Sending MSH (Message Service Handler).
- Trading Partner 2(Buyer): Configures the SAP Cloud Integration tenant as Receiving MSH (Message Service Handler).
Below diagram depicts the complete End to End B2B scenario that uses AS4 adapter for securely transferring the payload between two B2B trading partners.
Configuring the Sending MSH (Supplier Side):
I created a sample integration flow scenario to process the invoice document that comes from Supplier ERP. These incoming invoices from the ERP will be forwarded as AS4 message with the help of AS4 receiver to the buyer.
AS4 Receiver Configuration
In the below screenshots, I have mentioned the configuration required in the AS4 receiver adapter to establish the connection to the endpoint of the buyer
Connection
Processing
Security
Receipt
Configuring the Receiving MSH (Buyer Side):
I created another sample integration flow scenario on a different tenant to simulate and process the incoming AS4 message.These incoming AS4 messages will be processed on the AS4 Sender and forwarded to the Buyer ERP.
AS4 Sender also generates a receipt upon processing the incoming AS4 message.
AS4 Sender Configuration
In the below screenshots, I have mentioned the configuration required in the AS4 sender adapter to accept and process the incoming AS4 messages on the endpoint.
Connection
Processing
Security
Receipt
Conditions
Now, deploy and run the scenarios.
Summary:
We learnt how to configure and run integration flows with AS4 adapter to exchange business documents between B2B trading partners.
Hi Appala,
I can see that at the time of writing username/password token were not supported with this release. Do you have any idea of if or when support for username/password token will be added to the AS4 adapter?
Regards,