This document is a continuous supplement to the blog Creating Web Services with B1if and Consuming by DotNet, in which it has discussed how to create Web Service with B1if, and consume the B1if Web Service with DotNet with two options as No Authentication (anonymous) and Basic Authentication (user name and password required), all the communication is based on HTTP. Often people ask for HTTPS communication over Internet instead of HTTP in the B1if for security concern. For instance, an eCommerce web site integrated with SAP Business One backend via B1if would prefer HTTPS communication than HTTP for sensitive business data is transport through Internet.

This time we’ll learn:

• How to generate and install a SSL certificate for B1if tomcat?
• How to setup a Web Service package in B1if with Basic Secure Authentication? Which requires a HTTPS connection with B1if run-time user name and password?
• How to consume the B1if Web Service with HTTPS connection by DotNet?

Sample project available here:

Sample of B1if Web Services and DotNet Client

Step 1: Generate and install a SSL certificate for B1if tomcat

Please refer to this document for details: How to generate and install a SSL certificate for B1if tomcat?

Step 2: Configure the authorization of the web service package in B1if as “Basic Secure Authentication”

You’ll need to deactivate the package before changing the authentication if the package is already active.

Then configure the authorization of through:

Menu path: B1if=>Scenario=>Package Design=>Select your web service package=>Select “Basic Authentic Authentication” as Authentication.

Finally, activate the package again.

Step 3. Generate the XSD and WSDL for the B1if Web Service

If you just switch the existing B1if web service from HTTP to HTTPS, and already have the XML schema definition (xsd) files ready for the input and output of the web service, then you can reuse them, and skip the XSL generation below, just generate the WSDL again.

To Generate XSD:

Before the XSD generation, you should have test run the process of the scenario step of the web service successfully. B1if will record the samples of the input message and output message during the test run, which will be used to generate XSD.

Menu path to generate XSD: B1if=>Scenario=>Setup=> Select your web service package=>Tools=>Generate XSD

After the XSD generated, you can find <name_space><scenario_step>_in.xsd and <name_space><scenario_step>_out.xsd in the package design bizstore. The XSD may not be correct, which often need to be corrected by manual, especially for the case of multiple rows, one sequence data type is generated per each row, hence multiple data types are generated with same definition, such as row1Type, row2Type…which should be only one complex data type generated with multi-occurrence for Array.

The samples as below:
An inbound request sample.

<GetDocList>

            <TableName>ORDR</TableName>

</GetDocList>

Inbound xsd (xxxGetDocList_in.xsd):

<?xml version="1.0" encoding="UTF-8" ?>

<xs:schema xmlns:bfa="urn:com.sap.b1i.bizprocessor:bizatoms" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified">

<xs:element name="GetDocList">

<xs:complexType>

<xs:sequence>

<xs:element name="TableName" type="xs:string" />

</xs:sequence>

                   </xs:complexType>

          </xs:element>

</xs:schema>

An outbound response sample:

Outbound xsd (xxxGetDocList_out.xsd):

<?xml version="1.0" encoding="UTF-8" ?>

  <xs:schema xmlns:bfa="urn:com.sap.b1i.bizprocessor:bizatoms" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified">

<xs:element name="GetDocsListResponse">

<xs:complexType>

         <xs:sequence>

                      <xs:element name="GetDocListResult" type="GetDocListResultType" />

</xs:sequence>

</xs:complexType>

</xs:element>

<xs:complexType name="GetDocListResultType">

<xs:sequence>

                      <xs:element name="row" type="rowType" />

                   </xs:sequence>

</xs:complexType>

<xs:complexType name="rowType">

<xs:sequence>

                      <xs:element name="DocEntry" type="xs:integer" />

                      <xs:element name="CardCode" type="xs:string" />

                      <xs:element name="CardName" type="xs:string" />

                      <xs:element name="DocTotal" type="xs:integer" />

                      <xs:element name="DocDate" type="xs:string" />

                   </xs:sequence>

</xs:complexType>

</xs:schema>

To Generate WSDL:

Menu path: B1if=>Scenario=>Setup=> Select your web service package=>Tools=>Generate XSD

The WSDL file will be generated in the bizstore /com.sap.b1i.vplatform.scenarios.setup/<Your Package Name>/<system id of WS B1i system>_<Package Name>.wsdl

You can view the WSDL file in browser, just copy the URL of WSDL that will be used later on.

Step 4. Create a B1i run-time user for the Web Service access instead of B1iadmin user

B1iadmin user is the system administrator user of B1if with the highest system access privilege. It is recommended to consume the web service of B1if with a run-time user, who only has minimal required privilege of invoking the B1if web service.

To add a run-time user of B1i:

B1if=>Maintenance=>User Administration=>Runtime User=>Add User

Step 5. Add service reference of

WSDL to your DotNet project, and amend App.config of your DotNet project for basic secure authentication.

Now you can add the service reference with the WSDL address of B1if Web Service, if it is already added, please remove it first.

WSDL address may be slightly different when viewing it in browser due to some change in B1if 88.2 PL07.

The correct WSDL address example:

Prior to B1if 88.2 PL07

HTTPS://melv50804327b:8443/B1iXcellerator/exec/dummy/com.sap.b1i.vplatform.scenarios.setup/vPac.xxx.WStest/0010000105_xxx.WStest.wsdl

Since B1if 88.2 PL07

HTTPS://melv50804327b:8443/B1iXcellerator/exec/webdav/com.sap.b1i.vplatform.scenarios.setup/vPac.xxx.WStest/0010000105_xxx.WStest.wsdl

A login window will pop up twice. Please enter B1iadmin credential.

A sample App.config for the B1if Web Service with Basic Secure Authentication below:

<?xml version="1.0" encoding="utf-8" ?>

<configuration>

<startup>

<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0,Profile=Client" />

</startup>

<system.serviceModel>

<bindings>

          <basicHttpBinding>

                <binding name="ipostep_vP.0010000105.in_WCSX_com.sap.b1i.vplatform.runtime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPT.ipo_proc_SoapBinding1"

                    closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00"

                    sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false"

                    hostNameComparisonMode="StrongWildcard" maxBufferSize="655360"

                    maxBufferPoolSize="524288" maxReceivedMessageSize="655360"

                    messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"

                    useDefaultWebProxy="true">

                    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"

                        maxBytesPerRead="4096" maxNameTableCharCount="16384" />

                    <security mode="Transport">

                        <transport clientCredentialType="Basic" proxyCredentialType="None"

                            realm="" />

                        <message clientCredentialType="UserName" algorithmSuite="Default" />

                    </security>

                </binding>

            </basicHttpBinding>

</bindings>

<client>

<endpoint address="HTTPS://MELV50804327B:8443/B1iXcellerator/exec/soap/vP.0010000105.in_WCSX/com.sap.b1i.vplatform.runt..."

                binding="basicHttpBinding" bindingConfiguration="ipostep_vP.0010000105.in_WCSX_com.sap.b1i.vplatform.runtime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPT.ipo_proc_SoapBinding1"

                contract="GetDocListService.ipostep_vP0010000105in_WCSX_comsapb1ivplatformruntime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPTipo_proc"

                name="ipostep_vP.0010000105.in_WCSX_com.sap.b1i.vplatform.runtime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPT.ipo_proc_SoapBinding_HTTPS" />

</client>

</system.serviceModel>

</configuration>

You may need to comment or remove the other bindings and endpoints if you receive some exception about the mismatched or wrong binding or endpoint. The security part marked in yellow is relevant to enable the basic secure authentication. The endpoint of the service is used HTTPS for connection.

The code snip of VB.DotNet to consuming the B1if Web Service as below:

Dim request As GetDocListService.GetDocList = New GetDocListService.GetDocList

request.TableName = "ORDR"

        Dim response As GetDocListService.GetDocsListResponse = New GetDocListService.GetDocsListResponse

        Try

Dim service As ipostep_vP0010000105in_WCSX_comsapb1ivplatformruntime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPTipo_procClient = _

New ipostep_vP0010000105in_WCSX_comsapb1ivplatformruntime_INB_WS_CALL_SYNC_XPT_INB_WS_CALL_SYNC_XPTipo_procClient

'Yatsea: Please replace the password with your own password.

service.ClientCredentials.UserName.UserName = "<Your B1i runtime user>"

service.ClientCredentials.UserName.Password = "<Your B1i runtime user’s password>"

response = service.xxxGetDocList(request)

MsgBox("B1if Web Services Invoked successfully")

Dim row As rowType = response.GetDocListResult.row

Me.txtResponse.Text = row.CardCode

        Catch ex As Exception

MsgBox(ex.Message)

        End Try

In summary,  HTTPS is by default enabled in B1if. For a scenario package, B1if provides  basic secure authentication , which requires HTTPS communication. In order to consume the web service package with HTTPS, a certificate from B1if server is required to be installed in the client machine. The configuration of service reference for B1if need to be setup accordingly. Now you can use the web service of B1if in a more secure way.