I have a requirement from a customer that insists that the data being transmitted across the webMethods IS is untraceable; I assume that this could be achieved in two ways:
Ensuring that webMethods saves no records about the messages
Encrypting the XML payload data (not the XML tags) before it enters the IS, and decrypting it when it comes out of the IS.
I’m not sure if either of these are feasible at the moment; has anybody had some experience with this kind of requirement, or can suggest some ideas?
I just read about x.509 authentication in the SAP Adapter guide; does anybody know if use of this will encrypt the message in the IS making the XML content unreadable in the Adapter monitor tool?
How is the document sent to webM ?
I guess you can use convertToBytes or stream services as the starting point of your service .That way it isn’t readable
I have heard from someone at webMethods that the data in the pipeline is already obfuscated as a blob, so it is only a matter of preventing the transaction log from recording the message contents I guess.
You can avoid data being logged/stored in webMethods by setting parameter Store message body to off for both Listener and Connection.