SSL / TLS settings for SAP NetWeawer

A lot of SAP product such as NetWeaver using sapcrypto / commoncrypto library (sapcryptolib.dll or sapcryptolib.so) for SSL / TLS and encryption.

SSL / TLS client configuration.

ssl/client_ciphersuites = 150:PFS:HIGH::EC_P256:EC_HIGH

SSL / TLS server configuration.

ssl/ciphersuites = 135:PFS:HIGH::EC_P256:EC_HIGH

You need at least 8.4.40 sapcrpytolib for SNI (Server Name Indication) support. Before SNI protocol client request certificate with domain IP instead of domain name. SNI used for hosting multiple site on same port with encryption.

ssl/client_sni_enabled = TRUE

We need updated kernel for using this parameter, details are in this note.

You can also set this option with OS environment variable.

SAPSSL_CLIENT_SNI_ENABLED = TRUE

Minimum sapcryptolib versions for protocols.

ProtocolVersion
TLS 1.05.5.5 PL 28
TLS 1.28.4.31
SNI8.4.40

Split string to lines for displaying

DATA: lv_content TYPE string,
      lv_pos     TYPE i,
      lv_len     TYPE i.
lv_content = 'dummy string'.
lv_pos = 1.
WHILE lv_pos LE strlen( lv_content ).
  lv_len = 80.
  IF lv_pos + lv_len GT strlen( lv_content ).
    lv_len = strlen( lv_content ) - lv_pos.
  ENDIF.
  WRITE lv_content+lv_pos(lv_len).
  lv_pos = lv_pos + 80.
ENDWHILE.

If SOAMANAGER not exists

Some old system hasn’t got SOAMANAGER for configuring/creating logical port or service. We can use below t-codes for same operation.

LPCONFIG
WSCONFIG
WSADMIN

My hybris development environment test

I am using my company mac pro 2015 for a lot of thing. So I need different environment look like C#, hybris, ABAP, etc. These environment needs service look like db. These service using my ram always. So I am using VM for environment which are not used often. I created VM for new hybris versions for testing (docker cannot pause / resume systems yet). I try some scenarios for my best hybris development environment.

VM: OS version Centos 7, Java 8 u162, MySQL 5.7.21 and hybris version 6.6.

Enviroment Compile time (ant clean all)
Hybris files in host shared with guest vm 21 minutes 9 seconds
Hybris files in guest vm 3 minutes 8 seconds
2 minutes 29 seconds
Hybris files in guest vm and shared with host (without nfs optimization)  5 minutes 44 seconds

 

Creating history for item

If you want create history for item look like backoffice, you can use below example.

public void updateConsignmentStatus(String userUid, ConsignmentModel consignment, ConsignmentStatus status) {
  Map originals = new HashMap();
  originals.put(ConsignmentModel.STATUS, consignment.getStatus());

  consignment.setStatus(status);

  Map news = new HashMap();
  news.put(ConsignmentModel.STATUS, consignment.getStatus());

  final SavedValues savedValues = JaloConnection.getInstance().logItemModification(consignment.getPk(), news, originals, false);
  savedValues.setUser(UserManager.getInstance().getUserByLogin(userUid));
  modelService.saveAll();
}

Creating,updating or deleting other items in interceptor

public class MyCustomerPrepareInterceptor implements PrepareInterceptor {
  private static final Logger LOG = Logger.getLogger(MyCustomerPrepareInterceptor.class);

  @Override
  public void onPrepare(CustomerModel customerModel, InterceptorContext interceptorContext) throws InterceptorException {

    ...
    final MyItemModel myItem = interceptorContext.getModelService().create(MyItemModel.class);
    interceptorContext.registerElement(myItem);
    //interceptorContext.registerElementFor(myItem, PersistenceOperation.DELETE);
    ...

  }
}

DB connection for DDL in groovy

DANGER!!!

In hybris hac, you cannot run DDL (data definition language) commands. You need unprotected connection to db. You can use below example. DDL commands are dangerous!!!

import java.util.List;
import javax.sql.DataSource;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.datasource.DriverManagerDataSource;

def config = spring.getBean("configurationService").getConfiguration();

DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(config.getString("db.driver"));
dataSource.setUrl(config.getString("db.url"));
dataSource.setUsername(config.getString("db.username"));
dataSource.setPassword(config.getString("db.password"));
JdbcTemplate jdbc = new JdbcTemplate(dataSource)
jdbc.execute("ALTER TABLE MYTABLE ALTER (P_MYFIELD BIGINT)");

Using separate file for different class logging

Below example logging flexiblesearch class to separate file with time based trigger policy. Also we can add rollover strategy for removing old files.

log4j2.appender.FlexlogAppender.type=RollingFile log4j2.appender.FlexlogAppender.name=FlexlogAppender
log4j2.appender.FlexlogAppender.fileName=${HYBRIS_LOG_DIR}/Flexlog.log
log4j2.appender.FlexlogAppender.filePattern=${HYBRIS_LOG_DIR}/Flexlog.log-%d{yyyy-MM-dd}.log
log4j2.appender.FlexlogAppender.ImmediateFlush=true log4j2.appender.FlexlogAppender.layout.type=PatternLayout
log4j2.appender.FlexlogAppender.layout.pattern=%m%n log4j2.appender.FlexlogAppender.policies.type = Policies
log4j2.appender.FlexlogAppender.policies.time.type = TimeBasedTriggeringPolicy log4j2.appender.FlexlogAppender.policies.time.interval = 1000000
log4j2.appender.FlexlogAppender.policies.time.modulate = true log4j2.logger.flexible.name = de.hybris.platform.jalo.flexiblesearch
log4j2.logger.flexible.level = DEBUG log4j2.logger.flexible.appenderRef.stdout.ref = FlexlogAppender log4j2.logger.flexible.additivity = false

Installing SAP Netware ABAP 7.51 SP02 on CentOS 7 Minimal

You can find great documentation for installing SAP Netware ABAP 7.51 SP02 at Julie blog post. I didn’t use shared OS because of huge disk/ram usage.

Prerequest

Install your favorite text editor

Install nano, vim, etc with yum.

yum install nano

Enable ssh for root

You can open multiple terminal and make copy paste with ssh to your server.

nano /etc/ssh/sshd_config

Remove # for uncomment line “PermitRootLogin yes” or add it if missing.

service sshd restart

Disable firewall

You need to open a lot of port for SAP Netware in firewall. You can disable firewall instead of configuring it.

service firewalld stop
systemctl disable firewalld

Install uuidd package

SAP Netware using uuidd library for generating GUID, install it.

yum install uuidd

Install vmware tools and shared folder

Install open-vm-tools.

yum install open-vm-tools

You can find vmware tools in VMWare Virtual Machine menu as Install VMware Tools. Then you can check /mnt folder for CD which including tools. Copy it to your temp.

cp VMwareTools-10.x.tar.gz /tmp
tar -zxvf VMwareTools-10.x.tar.gz

Install python for tools installer.

yum install python

Change directory to extracted folder then run tools installer.

phyton install vmware-install.pl

Installation

Start installation script with below arguments.

./install.sh -g -s