Jul 4, 2010

Exposing And Consuming Web Services by SAP

You can consume Web Services by SAP framework for web services and also expose RFC as Web Services without any need of external integration tools like SAP netweaver xi.
One of the most impotent things in SOA solution is the ability to monitor the traffic.
There is a great logging tool out of the box which is provided as part of SAP WAS, SOA Management. it's provide information on the calls time and also it's can capture the requests/responses.

The process of consuming or exposing Web Services is not difficult at all, it evolves work with:
- Wizards : Creating the BAPI objects or exposing existing RFC.
- BAPI : Developing the Web Service proxy for consuming, working with objects and types created by the Wizard.
- SOA Management : Deploying the WSDLs/Exposing RFC , configure the logs.

There is some interoperability issues that you need to keep in mind when going for this solutions:

- We didn't find a solution for consuming an existing WSDL as an interface and implement it.

- xsi:nil attribute is not supported, opened OSS, waiting for SAP response.

- You can't generate custom Namespace.

There are more...

The throughput was much more faster than thru XI. (10 times faster).

In conclusion it is more than possible to expose SAP structures and types as standard Web Services and to consume them.
So if synchronous solution is suite for you you don't need to use adapters or XI.

If you need help on this fill free to contact me for forward details.


Anonymous said...

Hi, consuming web services from SAP is pretty easy. The problem is security or perception that openning a logical port to consume web services is dangerous. Basis folks here won't allow development team to create logic ports using SOAMANAGER due to fears that data hackers could then access our SAP system. Is it possible to configure a port in such away to aleviate security fears?

Alex Linder said...

You want to expose or consume web services?
Did have a chance to go over the security documentation http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/ac469337a24845e10000000a421138/content.htm?
You can turn on SSL, two phase authentication, thus you can manage who can access the service.
Also you probably can manage a white list of authorized server on the basis system. I don't recommend it, because it is very easy today to pass this, by faking the ip.

Does the SAP exposed on the internet? exposed to the outer world?

hope I managed to assist you.

Thanks for reading the blog.

Alex Linder said...

Also check this document https://media.blackhat.com/bh-dc-11/Nunez%20Di%20Croce/BlackHat_DC_2011_NunezDiCroce_Onapsis-wp.pdf

There are some configuration suggestions to secure the web server.

Anonymous said...

Did you ever hear back from SAP about the xsi:nil issue? It's causing problems for a project I'm on. I'm somewhat shocked that they don't support such a commonly used xml attribute.

Alex Linder said...

Yep, it is strange that they don't support xsi:nil. I didn't follow that issue, so I can't provide more details regarding it. But you should check with SAP again, hope for them that they have closed the gap.