Learning Series: SAP NetWeaver Process Orchestration, Business to

SAP COMMUNITY NETWORK scn.sap.com

© 2012 SAP AG 1

Learning Series: SAP NetWeaver

Process Orchestration, Business

to Business Add-on 2d OFTP

Adapter

Applies to:

SAP NetWeaver Process Orchestration, business to business add-on 1.0 SP00

Summary

This article explains various use cases and corresponding configuration options of OFTP Adapter which is available as part of SAP NetWeaver Process Orchestration’s B2B add-on.

Author: Sivasubramaniam Arunachalam

Company: SAP Labs India Pvt. Ltd.

Created on: May 5 2012

Author Bio

Sivasubramaniam Arunachalam is a developer at SAP Labs. He is currently working with development activities of SFTP, PGP and OFTP components.

Learning Series: SAP NetWeaver Process Orchestration, Business to Business Add-on 2d OFTP Adapter


© 2012 SAP AG 2

Table of Contents

1 Introduction ............................................................................................................................................ 4

1.1 History .................................................................................................................................................... 4

1.2 Current Scenario .................................................................................................................................... 4

1.3 OFTP 2.0 ............................................................................................................................................... 4

2 Limitations of Existing FTP Solutions .................................................................................................... 4

3 Exchanging Business Data – Expectations from the Protocol .............................................................. 4

4 OFTP - Features .................................................................................................................................... 5

5 Overview of OFTP2 Communication ..................................................................................................... 5

6 Introduction to SAP’s OFTP2 Adapter ................................................................................................... 5

7 Prerequisites .......................................................................................................................................... 6

7.1 Infrastructure .......................................................................................................................................... 6

7.2 OFTP Keys ............................................................................................................................................ 6

8 Supported Algorithms ............................................................................................................................ 6

8.1 Encryption .............................................................................................................................................. 6

8.2 Signing ................................................................................................................................................... 6

9 Configuration Options ............................................................................................................................ 7

9.1 Message Protocol .................................................................................................................................. 7

9.2 Transport Protocols ............................................................................................................................... 7

9.3 TCP/IP Settings ..................................................................................................................................... 8 9.3.1 Sender Communication Channel ................................................................................................................ 8

9.3.2 Receiver Sender Communication Channel ................................................................................................ 8

9.4 SSL ........................................................................................................................................................ 8

9.5 ISDN Router Settings ............................................................................................................................ 9

9.6 General ISDN Settings .......................................................................................................................... 9 9.6.1 Sender Communication Channel ................................................................................................................ 9

9.6.2 Receiver Communication Channel ............................................................................................................. 9

9.7 Polling .................................................................................................................................................... 9

9.8 Connection Settings ............................................................................................................................. 10

9.9 File Settings ......................................................................................................................................... 10 9.9.1 Sender Communication Channel .............................................................................................................. 10

9.9.2 Receiver Communication Channel ........................................................................................................... 11

9.10 Quality of Service ................................................................................................................................. 11

9.11 Archive Messages ............................................................................................................................... 12

9.12 Adapter Status ..................................................................................................................................... 12

9.13 Technical Settings ............................................................................................................................... 12

9.14 CMS Parameter ................................................................................................................................... 14 9.14.1 Sender Communication Channel ......................................................................................................... 14

9.14.2 Receiver Communication Channel ....................................................................................................... 14

10 Example Scenario ................................................................................................................................ 15

10.1 Basic Scenario ..................................................................................................................................... 15 10.1.1 Trading Partner 01 Configuration ......................................................................................................... 15



© 2012 SAP AG 3

10.1.2 Trading Partner 02 Configuration ......................................................................................................... 18

10.1.3 Trading Partner 01 Message Logs ....................................................................................................... 20

10.1.4 Trading Partner 02 Message Logs ....................................................................................................... 21

10.2 More Scenarios .................................................................................................................................... 23

11 Notes.................................................................................................................................................... 23

12 Related Content ................................................................................................................................... 24

Other Learning Series Articles .......................................................................................................................... 25

Copyright........................................................................................................................................................... 26



© 2012 SAP AG 4

1 Introduction

The Odette FTP Protocol was developed by the Odette International Ltd. It’s a non-profit organization working on establishing standards for electronic communication between automotive industry-related companies throughout Europe.

1.1 History

The first version of the OFTP standard was released in 1987, using the CCITT X.25 network for electronic data interchange. In the following years some minor changes were made to the specification, the last one, OFTP 1.4 was released in 1997.

1.2 Current Scenario

Nowadays most OFTP installations use OFTP 1.4 based on the ISDN network rather than X.25, which is about to be turned off by its administration authorities.

While OFTP 1.4 was specified explicitly to be used with TCP/IP as connection layer, in practice ISDN stayed the preferred choice due to its wide availability and relative secure connections.

1.3 OFTP 2.0

In 2007, OFTP 2.0 was released with minor changes to the main protocol. It enhanced the support for secure TCP connections. Alongside with TLS encrypted connections, file based security was introduced, allowing OFTP files to be encrypted and signed in the same manner as acknowledgement messages. This file based services use the CMS standard including X.509 Certificates and an Odette specific PKI3 implementation to guarantee secure, trusted and non repudiatable message exchange. Larger automobile vendors are currently in the process of transition to a TCP based OFTP 2.0 infrastructure.

2 Limitations of Existing FTP Solutions

• No Acknowledgement support

• No Encryption

• No Signing

• No Reliable Messaging

3 Exchanging Business Data – Expectations from the Protocol

Since it’s an business data, the should provide the following mandatory features.

• Proof of Origin

• Proof of Delivery

• Proof Data Integrity

• Message Security



© 2012 SAP AG 5

4 OFTP - Features

• Message Encryption

• Message Signatures (Proof of Origin)

• Message Integrity (Proof Data Integrity)

• Message Compression

• Session Encryption (SSL/TLS)

• Session Authentication

• Signed Receipts (Proof of Delivery)

• Secure Authentication

• Large File Transfer Support Up to 9 PB (CAD/CAM Files)

• File restart

• Push / Pull operation

• Automated Certificate Exchange

5 Overview of OFTP2 Communication

• Start Session

• Start File

• Data Transfer

• End File

• End Session

6 Introduction to SAP’s OFTP2 Adapter

SAP B2B Add-on’s OFTP2 Adapter supports the following features

• OFTP Version 1.4 and 2.0 Support

• TCP/IP and ISDN (including X.25)

• PI Archiving on both the directions

• File Formats (Unstructured, Fixed Length, Variable & Text)

• Encoding (EBCDIC & ISO-8859-1)

• Buffer Compression

• Versions can be negotiated between trading partners

• Force Incoming End Response (EERP/NERP)

• Suppress End Response (EERP/NERP)

• Signed End Response (EERP/NERP)

• CMS (Cryptographic Message Syntax)



© 2012 SAP AG 6

Encryption

Symmetric

Asymmetric

Signing

• Secure Authentication

• Message Compression

• OFTP Log Viewer

7 Prerequisites

7.1 Infrastructure

OFTP Adapter should be deployed as per the supplied installation guide

The JVM should be installed with unlimited JCE policy (SAP Note 1240081)

Other PI related prerequisites will apply

7.2 OFTP Keys

The keys representing the trading partners are required to use the CMS & SSL feature

The following wikis will explain the steps to create keys used for SSL and CMS

• Generating OFTP Test Keys with Extended Key Usage • Importing OFTP Test Keys into NWA Key Storage

These keys should be used for testing purpose only. For production use, keys should be obtained from Odette representing individual trading partners

8 Supported Algorithms

8.1 Encryption

• AES_256_CBC • 3DES_EDE_CBC_3KEY

8.2 Signing

• MD5 • SHA1 • SHA224 • SHA256 • SHA384 • SHA512

http://wiki.sdn.sap.com/wiki/display/XI/Generating+OFTP+Test+Keys+with+Extended+Key+Usage

http://wiki.sdn.sap.com/wiki/display/XI/Importing+OFTP+Test+Keys+into+NWA+Key+Storage



© 2012 SAP AG 7

9 Configuration Options

9.1 Message Protocol

OFTP Adapter provides the support for following OFTP versions

2.0 1.4

But if the inbound connection for third party OFTP solution negotiates for the lower versions like 1.3 & 1.2, it will be supported.

9.2 Transport Protocols

OFTP supports both TCP/IP and ISDN (including X.25) transport protocols.



© 2012 SAP AG 8

9.3 TCP/IP Settings

9.3.1 Sender Communication Channel

Need to provide the local host name and the port number where the OFTP Server should listen.

9.3.2 Receiver Sender Communication Channel

Need to configure the partners’ host name and the port number where the OFTP Client should connect. If there are multiple IP addresses assigned, any specific IP address can be selected with ’Specify Local host’ option through which the outbound communication can happen.

9.4 SSL

SSL is supported for TCP/IP connectivity. The key store view which contains the key pair of SSL certificates should be configured. For client authentication, the key store view which contains the trusted certificates also needs to be configured.

In the receiver channel, “verifying hostname” of the OFTP server is supported. It actually verifies the hostname from the SSL certificate.



© 2012 SAP AG 9

9.5 ISDN Router Settings

ISDN connectivity can be achieved by connecting to the ISDN router installed in the DMZ landscape. To connect to ISDN router, the corresponding router’s IP Address/Port and authentication details are required.

9.6 General ISDN Settings


In this section, own ISDN number where it should listen needs to be configured. If the ISDN router has more than one number, the corresponding controller needs to be specified.

9.6.2 Receiver Communication Channel

In this section, the partner’s ISDN number to be dialed and own ISDN number where it should listen needs to be configured. If the ISDN router has more than one number, the corresponding controller needs to be specified.

9.7 Polling



© 2012 SAP AG 10

Polling is supported in both TCP/IP and IDSN transport protocol in Sender Channel. The poll interval can be specified in minutes. The corresponding polling & sender channel options can be enabled to associate with the same SSID & password for session negotiation.

9.8 Connection Settings

There are 3 different details needs to be configured.

Odette-ID (Own & Partner) File Originator & Destination [SFIDORIG & SFIDDEST] Password (Own & Partner)

If the File Originator (or) Destination is not configured, the corresponding Odette-ID representing each party will be used as a default.

9.9 File Settings


Parameter Description

Expected Virtual File Dataset Name The virtual file’s dataset name to be picked (or) received

Encoding The format in which the file is encoded.

No Conversion (No Encoding)

ISO-8859-1

EBCDIC



© 2012 SAP AG 11



Outgoing Virtual File Dataset Name(SFIDDSN) The dataset name of the virtual file which is about to be transferred

File Format (SFIDFMT) The format which the file is encoded. Supported formats are

Unstructured

Fixed Length

Variable

Text

Encoding The type of the data (or) records present in the file which is about to be transferred. Supported formats are

No Conversion (No Encoding)

ISO-8859-1

EBCDIC

Description (SFIDDESC & SFIDDESCL) The description of the virtual file being transferred

9.10 Quality of Service

Best Effort (BE)

Exactly Once (EO)

Exactly Once In Order (EOIO)



© 2012 SAP AG 12

9.11 Archive Messages

Messages can be archived in PI in both the directions

The configured archiving folders should be created and accessible

Time and Sequence Number can be configured in the archived file name

9.12 Adapter Status

The adapter provides an option to active (or) deactivate (inactive) the channel in the configuration.

9.13 Technical Settings



© 2012 SAP AG 13


Allow Compression (1.X RLE) (SFIDCOMP)

Value: 'Y' The location can handle OFTP data buffer compression

Value: 'N' The location cannot handle OFTP buffer compression

Compression is only used if supported by both locations

Allow Restart – Restart Indicator (SFIDREST)

Value: ‘Y’ The location can handle the restart of a partially transmitted file

Value: 'N' The location cannot restart a file

Max Credit Count [Credit]

The number of consecutive Data Exchange Buffers sent by the Speaker before it must wait for a Credit (CDT) command from the Listener

Max Exchange Buffer Size [Data Exchange Buffer Size]

The length, in octets, of the largest Data Exchange Buffer that can be accepted by the location. The length includes the command octet but does not include the Stream Transmission Header. After negotiation, the smallest size will be selected

User field SSID (SSIDUSER)

May be used by ODETTE-FTP in any way. If unused, it should be initialized to spaces. It is expected that a bilateral Agreement exists as to the meaning of the data

User field SFID (SFIDUSER)

May be used by ODETTE-FTP in any way. If unused, it should be initialized to spaces. It is expected that a bilateral Agreement exists as to the meaning of the data



© 2012 SAP AG 14

9.14 CMS Parameter


Key Store Containing own certificates and keys

NWA Key Storage view which contains own certificates and keys

Key Store Containing partner keys NWA Key Storage view which contains partner certificates and keys

Use Secure Handshake Authentication Challenge Indicator

Use Compression File Compression indicator

Force Signed ERP Mandatory of singed EERP/NERP



Encrypt Files (AES & 3DES) Encrypt the file using AES or 3DES algorithm

Sign Files (SHA1 & MD5) Sign the file with SHA1 or MD5 algorithm



Decrypt Files decrypt the received file

Verify Signature Verify the signature of the received file



© 2012 SAP AG 15

10 Example Scenario

This scenario uses 2 different PI systems representing individual trading partners. It can be configured as a back to back scenario in a single PI system

No ERP systems used. File Adapter is used instead

The typical end to end configuration will look like below

10.1 Basic Scenario

This scenario will explain the configurations of basic OFTP connectivity between 2 different partners over TCP/IP.

10.1.1 Trading Partner 01 Configuration

10.1.1.1 File Sender Channel



© 2012 SAP AG 16

10.1.1.2 OFTP Receiver Channel



© 2012 SAP AG 17



© 2012 SAP AG 18

10.1.2 Trading Partner 02 Configuration

10.1.2.1 OFTP Sender Channel



© 2012 SAP AG 19

10.1.2.2 File Receiver Channel



© 2012 SAP AG 20

10.1.3 Trading Partner 01 Message Logs

10.1.3.1 OFTP Receiver - Channel Short Logs

10.1.3.2 OFTP Receiver - Audit Logs



© 2012 SAP AG 21

10.1.4 Trading Partner 02 Message Logs

10.1.4.1 OFTP Sender - Channel Short Logs



© 2012 SAP AG 22

10.1.4.2 OFTP Sender - Audit Logs



© 2012 SAP AG 23

10.2 More Scenarios

More scenarios which explain SSL, ISDN, Version Negotiation and CMS will be published in upcoming blogs and articles.

11 Notes

If the JVM doesn’t have unlimited JCE policy, the algorithms which use more than 128 bit won’t be supported.



© 2012 SAP AG 24

12 Related Content



http://tools.ietf.org/html/rfc5024

https://forum.odette.org/publications/telecommunications/OFTP2-OP06.pdf



http://tools.ietf.org/html/rfc5024

https://forum.odette.org/publications/telecommunications/OFTP2-OP06.pdf



© 2012 SAP AG 25

Other Learning Series Articles

SL No

Product Name Topic Name

1. SAP NetWeaver Process Orchestration, secure connectivity add-on 1.0

a) How to Proceed Guide

b) Installation Guide

c) SFTP Adapter

d) PGP Module

2. SAP NetWeaver Process Orchestration, business to business add-on 1.0

a) How To Proceed Guide

b) Installation Guide

c) AS2 Adapter

d) OFTP Adapter

e) X400 Adapter

f) EDI Separator

g) Archiver Module and Archiver Mapping

h) Number Range Objects Module

i) EDI XML Converter I. Master Guide: EDI XML Converter II. EDIFACT_Info_Guide

III. X12_Info_Guide IV. TRADACOMS_Info_Guide V. ODETTE_Info_Guide VI. VDA_Info_Guide VII. PLAIN_Info_Guide

j) B2B Content

3. SAP NetWeaver Process Orchestration, business to business add-on 1.0

a) Sample Scenario Set-up (contains File Adapter, AS2 Adapter, EDI XML Converter, Mapping Templates, and NRO Module)

b) Sample Scenario Set-up (contains File Adapter,

OFTP Adapter, EDI XML Converter, Mapping Templates, and PGP Module)

c) Sample Scenario Set-up (contains File Adapter,

X400 Adapter, EDI Separator Adapter, Mapping Templates, EDI XML Converter and Archiver Module)



© 2012 SAP AG 26

Copyright © Copyright 2012 SAP AG. All rights reserved.

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice.

Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors.

Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation.

IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, System z9, z10, z9, iSeries, pSeries, xSeries, zSeries, eServer, z/VM, z/OS, i5/OS, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM, Power Architecture, POWER6+, POWER6, POWER5+, POWER5, POWER, OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX, Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are trademarks or registered trademarks of IBM Corporation.

Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.

Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries.

Oracle is a registered trademark of Oracle Corporation.

UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.

Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc.

HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C®, World Wide Web Consortium, Massachusetts Institute of Technology.

Java is a registered trademark of Oracle Corporation.

JavaScript is a registered trademark of Oracle Corporation, used under license for technology invented and implemented by Netscape.

ANSI, ASC X.12, EDIFACT, TRADACOMS, VDA, ODETTE are registered trademarks and/or copyrighted and/or wordmarks of their respective companies/associations.

SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP Business ByDesign, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries.

Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects S.A. in the United States and in other countries. Business Objects is an SAP company.

All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary.

These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.

Documents

Learning Series: SAP NetWeaver Process Orchestration, Business to