Upload
truongbao
View
249
Download
0
Embed Size (px)
Citation preview
Messenger Installation and Configuration Guide
Manual Version 23
August 5 2005
Content
FURTHER INFORMATION AND SUPPORT 4 1 INTRODUCTION 5
11 ABOUT PONTON XP5 12 ARCHITECTURE OVERVIEW 6 13 FEATURES 6
2 DOWNLOADING PONTON XP 23 8 21 COMPONENTS8
3 INSTALLING PONTON XP 23 9 31 MINIMUM SYSTEM REQUIREMENTS9 32 INSTALLATION PROCEDURE 10 33 UPDATING FROM A PREVIOUS VERSION 11
4 QUICK-STARTING THE SOFTWARE12 41 LOGGING IN 12 42 STOPPING THE MESSENGER 13 43 BASIC CONFIGURATION 13 44 CHECK IF ADAPTERS ARE RUNNING 21 45 CHECK THE STATUS OF YOUR MESSAGES 24
5 CONFIGURATION OPTIONS 26 51 MESSENGER CONFIGURATION 26 52 PARTNER CONFIGURATION 42 53 PARTNER AGREEMENTS 51 54 CA CERTIFICATES 56 55 HOT FOLDER ADAPTER 58 56 DISPLAY SCHEMA CONFIGURATION 62 57 USER ADMINISTRATION 63
6 ADVANCED CONFIGURATION 64 61 XML SCHEMA CONFIGURATION 64 62 ADVANCED DATABASE CONFIGURATION 65 63 ADVANCED MESSAGE MONITOR CONFIGURATION 66 64 DISTRIBUTED INSTALLATION 67 65 ACCESS TO THE ADMINISTRATION TOOL 70
Ponton XP 23 ndash Installation and Configuration Guide 2
66 CONTENT RULES 71 67 PORT CONFIGURATION 72
Ponton XP 23 ndash Installation and Configuration Guide 3
Further Information and Support
Technical SupportHelpdesk
E-mail xp-helpdeskponton-consultingde
Phone +494069213-344
Ponton Consulting
wwwponton-consultingde
xpponton-consultingde
XML Information Pages
wwww3org (World Wide Web Consortium)
wwwoasis-openorg (OASIS standards organization)
wwwebxmlorg (all about ebXML)
wwwxmlorg (XML industry portal)
xmlcoverpagesorg (XML Cover Pages)
wwwxmlsoftwarecom (software products for XML processing)
Ponton XP 23 ndash Installation and Configuration Guide 4
1 Introduction
11 About Ponton XP
Ponton XP is the ebXML compliant Message Service developed by Ponton Consulting It ensures encrypted signed compressed validated archived and guaranteed transfer of XML documents between business partners
Ponton XP is packaged with an embedded HSQL database and webserver so that the installation process only requires a few configuration steps
The Message Service also includes use of the Ponton Certificate Authority which is integrated into the Messenger network Business partners may thus kick-start their integration within minutes If users of Ponton XP prefer migration to third-party certificate authorities such as VeriSignreg Thawtereg or GlobalSignreg this can easily be done just by requesting and installing the corresponding certificate
Moreover Ponton XP allows for flexible back-end integration based on a large range of adapters from Ponton Consulting or third parties
The Ponton X Series
Apart from Ponton XP the X Series comprises two other tools
Ponton XE is the form-based XML Editor to easily create papiNet documents or any other document that is based on XML Schema Find more information on Ponton XE at httpwwwponton-consultingdeenglishxehtml Ponton XD is a database adapter that is used for direct exportimport of
documents to and from application data It is being used both with standard ERP systems like SAP R3 or JD Edwards and with home-grown application software Find more information at httpwwwponton-consultingdeenglishxdhtml
DB
ERPSystem
Ponton
Ponton
PontonXP
User
ApplicationBusin
ess
Partn
er
Ponton X Series
XE
XDXML
Document
Ponton XP 23 ndash Installation and Configuration Guide 5
Introduction
12 Architecture Overview
Ponton XP consists of the following main modules
1 Messenger ndash This is the core of Ponton XP It transforms Messages received from the back-end (user or ERP system) into a standards conforming ebXML message Several processing steps are performed before the ebXML message is sent to the receiver
2 Listener ndash This optional module is usually located in the DMZ to receive message from the outside and to forward them to the Messenger within the secure zone of an organization No further processing takes place by the Listener No Listeners are required if Messengers are installed within the DMZ or if they are used for internal integration
3 Adapters ndash The are many ways to integrate the Messenger with the application software in the back-end An adapter helps bridging this gap To name some of the adapters Ponton XD is a Database Adapter that maps XML payload content directly to and from a database The Hot Folder Adapter frequently scans outbox folders and transfers these documents to the Messenger Vice-versa messages received from a business partner will be dropped into an inbox folder
Messenger
Listener
Listener
ebXML Message
ebXML Acknowledgement
Gen
eric
Ada
pter
Gen
eric
Ada
pter
Test
Ada
pter
Hot
Fol
der
Ada
pter
ERP
Generic
Adapter
Generic
Adapter
TestA
dapterH
ot FolderA
dapter ERP
Messenger
13 Features
Platform independence Currently in productive use under Windows (from NT to XP) Linux Solaris AIX HPUX Supports vendor independent messaging standards ebXML 20 AS1 and AS2 Processing of XML documents with a size of up to 150 MB Encryption of documents Validation of documents against any document types based on XML Schemas ndash in particular all papiNet and EFETnet documents Electronic signatures based on the PKCS and XML Signature standards Compression of documents to less than 5 of their original size Archiving of documents signatures certificates etc Comprehensive logging and notification services
Ponton XP 23 ndash Installation and Configuration Guide 6
Introduction
Synchronous or asynchronous data transmission ndash supporting transmission via HTTP HTTPS SMTP or SMIME Simple installation of electronic keys and certificates Use of the built-in Ponton CA or third-party certification authorities Set-up configuration and monitoring via Web interface Supports SOAP as base communication protocol Extension of the processing pipeline by means of supplementary modules Partner specific configuration of communication and security functions Simple installation ndash just 5 clicks Localized versions for English German and French Bundled with Ponton XE ndash the visual XML Editor developed by Ponton Consulting to easily create and send papiNet PurchaseOrders or any other XML documents based on XML Schema Backward compatibility with EPC Messenger 203 ndash 22 Comes with a complete preinstalled set of papiNet Schemas and XML stylesheets Guaranteed delivery of documents by using ebXML message acknowledgement Configuration of different users and access rights Archiving of all information papiNet documents ebXML envelopes PKCS objects certificates back-end envelope etc Verification of stored signatures via the GUI Extended and enriched Adapter API with access to ebXML acknowledgement data Easy installation of electronic keys and certificates ndash from Ponton or from third parties Extensive testing facilities ndash including Pontonrsquos preinstalled XPTEST server to test external document transfer (httpxptestponton-consultingde8080pontonxp) Extended processing pipeline with software development framework for custom filters (ie an extended archiving components alternate signing modules etc) A set of useful pre-packaged adapters Test Adapter Stress Test Adapter Hot Folder Adapter and HTTP Adapter In-depth product documentation providing a look ldquounder the hoodrdquo Can be integrated with Ponton XD ndash the Database Adapter for direct data exchange between XML documents and your database (see httpwwwponton-consultingdeenglishxdhtml)
Ponton XP 23 ndash Installation and Configuration Guide 7
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Content
FURTHER INFORMATION AND SUPPORT 4 1 INTRODUCTION 5
11 ABOUT PONTON XP5 12 ARCHITECTURE OVERVIEW 6 13 FEATURES 6
2 DOWNLOADING PONTON XP 23 8 21 COMPONENTS8
3 INSTALLING PONTON XP 23 9 31 MINIMUM SYSTEM REQUIREMENTS9 32 INSTALLATION PROCEDURE 10 33 UPDATING FROM A PREVIOUS VERSION 11
4 QUICK-STARTING THE SOFTWARE12 41 LOGGING IN 12 42 STOPPING THE MESSENGER 13 43 BASIC CONFIGURATION 13 44 CHECK IF ADAPTERS ARE RUNNING 21 45 CHECK THE STATUS OF YOUR MESSAGES 24
5 CONFIGURATION OPTIONS 26 51 MESSENGER CONFIGURATION 26 52 PARTNER CONFIGURATION 42 53 PARTNER AGREEMENTS 51 54 CA CERTIFICATES 56 55 HOT FOLDER ADAPTER 58 56 DISPLAY SCHEMA CONFIGURATION 62 57 USER ADMINISTRATION 63
6 ADVANCED CONFIGURATION 64 61 XML SCHEMA CONFIGURATION 64 62 ADVANCED DATABASE CONFIGURATION 65 63 ADVANCED MESSAGE MONITOR CONFIGURATION 66 64 DISTRIBUTED INSTALLATION 67 65 ACCESS TO THE ADMINISTRATION TOOL 70
Ponton XP 23 ndash Installation and Configuration Guide 2
66 CONTENT RULES 71 67 PORT CONFIGURATION 72
Ponton XP 23 ndash Installation and Configuration Guide 3
Further Information and Support
Technical SupportHelpdesk
E-mail xp-helpdeskponton-consultingde
Phone +494069213-344
Ponton Consulting
wwwponton-consultingde
xpponton-consultingde
XML Information Pages
wwww3org (World Wide Web Consortium)
wwwoasis-openorg (OASIS standards organization)
wwwebxmlorg (all about ebXML)
wwwxmlorg (XML industry portal)
xmlcoverpagesorg (XML Cover Pages)
wwwxmlsoftwarecom (software products for XML processing)
Ponton XP 23 ndash Installation and Configuration Guide 4
1 Introduction
11 About Ponton XP
Ponton XP is the ebXML compliant Message Service developed by Ponton Consulting It ensures encrypted signed compressed validated archived and guaranteed transfer of XML documents between business partners
Ponton XP is packaged with an embedded HSQL database and webserver so that the installation process only requires a few configuration steps
The Message Service also includes use of the Ponton Certificate Authority which is integrated into the Messenger network Business partners may thus kick-start their integration within minutes If users of Ponton XP prefer migration to third-party certificate authorities such as VeriSignreg Thawtereg or GlobalSignreg this can easily be done just by requesting and installing the corresponding certificate
Moreover Ponton XP allows for flexible back-end integration based on a large range of adapters from Ponton Consulting or third parties
The Ponton X Series
Apart from Ponton XP the X Series comprises two other tools
Ponton XE is the form-based XML Editor to easily create papiNet documents or any other document that is based on XML Schema Find more information on Ponton XE at httpwwwponton-consultingdeenglishxehtml Ponton XD is a database adapter that is used for direct exportimport of
documents to and from application data It is being used both with standard ERP systems like SAP R3 or JD Edwards and with home-grown application software Find more information at httpwwwponton-consultingdeenglishxdhtml
DB
ERPSystem
Ponton
Ponton
PontonXP
User
ApplicationBusin
ess
Partn
er
Ponton X Series
XE
XDXML
Document
Ponton XP 23 ndash Installation and Configuration Guide 5
Introduction
12 Architecture Overview
Ponton XP consists of the following main modules
1 Messenger ndash This is the core of Ponton XP It transforms Messages received from the back-end (user or ERP system) into a standards conforming ebXML message Several processing steps are performed before the ebXML message is sent to the receiver
2 Listener ndash This optional module is usually located in the DMZ to receive message from the outside and to forward them to the Messenger within the secure zone of an organization No further processing takes place by the Listener No Listeners are required if Messengers are installed within the DMZ or if they are used for internal integration
3 Adapters ndash The are many ways to integrate the Messenger with the application software in the back-end An adapter helps bridging this gap To name some of the adapters Ponton XD is a Database Adapter that maps XML payload content directly to and from a database The Hot Folder Adapter frequently scans outbox folders and transfers these documents to the Messenger Vice-versa messages received from a business partner will be dropped into an inbox folder
Messenger
Listener
Listener
ebXML Message
ebXML Acknowledgement
Gen
eric
Ada
pter
Gen
eric
Ada
pter
Test
Ada
pter
Hot
Fol
der
Ada
pter
ERP
Generic
Adapter
Generic
Adapter
TestA
dapterH
ot FolderA
dapter ERP
Messenger
13 Features
Platform independence Currently in productive use under Windows (from NT to XP) Linux Solaris AIX HPUX Supports vendor independent messaging standards ebXML 20 AS1 and AS2 Processing of XML documents with a size of up to 150 MB Encryption of documents Validation of documents against any document types based on XML Schemas ndash in particular all papiNet and EFETnet documents Electronic signatures based on the PKCS and XML Signature standards Compression of documents to less than 5 of their original size Archiving of documents signatures certificates etc Comprehensive logging and notification services
Ponton XP 23 ndash Installation and Configuration Guide 6
Introduction
Synchronous or asynchronous data transmission ndash supporting transmission via HTTP HTTPS SMTP or SMIME Simple installation of electronic keys and certificates Use of the built-in Ponton CA or third-party certification authorities Set-up configuration and monitoring via Web interface Supports SOAP as base communication protocol Extension of the processing pipeline by means of supplementary modules Partner specific configuration of communication and security functions Simple installation ndash just 5 clicks Localized versions for English German and French Bundled with Ponton XE ndash the visual XML Editor developed by Ponton Consulting to easily create and send papiNet PurchaseOrders or any other XML documents based on XML Schema Backward compatibility with EPC Messenger 203 ndash 22 Comes with a complete preinstalled set of papiNet Schemas and XML stylesheets Guaranteed delivery of documents by using ebXML message acknowledgement Configuration of different users and access rights Archiving of all information papiNet documents ebXML envelopes PKCS objects certificates back-end envelope etc Verification of stored signatures via the GUI Extended and enriched Adapter API with access to ebXML acknowledgement data Easy installation of electronic keys and certificates ndash from Ponton or from third parties Extensive testing facilities ndash including Pontonrsquos preinstalled XPTEST server to test external document transfer (httpxptestponton-consultingde8080pontonxp) Extended processing pipeline with software development framework for custom filters (ie an extended archiving components alternate signing modules etc) A set of useful pre-packaged adapters Test Adapter Stress Test Adapter Hot Folder Adapter and HTTP Adapter In-depth product documentation providing a look ldquounder the hoodrdquo Can be integrated with Ponton XD ndash the Database Adapter for direct data exchange between XML documents and your database (see httpwwwponton-consultingdeenglishxdhtml)
Ponton XP 23 ndash Installation and Configuration Guide 7
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
66 CONTENT RULES 71 67 PORT CONFIGURATION 72
Ponton XP 23 ndash Installation and Configuration Guide 3
Further Information and Support
Technical SupportHelpdesk
E-mail xp-helpdeskponton-consultingde
Phone +494069213-344
Ponton Consulting
wwwponton-consultingde
xpponton-consultingde
XML Information Pages
wwww3org (World Wide Web Consortium)
wwwoasis-openorg (OASIS standards organization)
wwwebxmlorg (all about ebXML)
wwwxmlorg (XML industry portal)
xmlcoverpagesorg (XML Cover Pages)
wwwxmlsoftwarecom (software products for XML processing)
Ponton XP 23 ndash Installation and Configuration Guide 4
1 Introduction
11 About Ponton XP
Ponton XP is the ebXML compliant Message Service developed by Ponton Consulting It ensures encrypted signed compressed validated archived and guaranteed transfer of XML documents between business partners
Ponton XP is packaged with an embedded HSQL database and webserver so that the installation process only requires a few configuration steps
The Message Service also includes use of the Ponton Certificate Authority which is integrated into the Messenger network Business partners may thus kick-start their integration within minutes If users of Ponton XP prefer migration to third-party certificate authorities such as VeriSignreg Thawtereg or GlobalSignreg this can easily be done just by requesting and installing the corresponding certificate
Moreover Ponton XP allows for flexible back-end integration based on a large range of adapters from Ponton Consulting or third parties
The Ponton X Series
Apart from Ponton XP the X Series comprises two other tools
Ponton XE is the form-based XML Editor to easily create papiNet documents or any other document that is based on XML Schema Find more information on Ponton XE at httpwwwponton-consultingdeenglishxehtml Ponton XD is a database adapter that is used for direct exportimport of
documents to and from application data It is being used both with standard ERP systems like SAP R3 or JD Edwards and with home-grown application software Find more information at httpwwwponton-consultingdeenglishxdhtml
DB
ERPSystem
Ponton
Ponton
PontonXP
User
ApplicationBusin
ess
Partn
er
Ponton X Series
XE
XDXML
Document
Ponton XP 23 ndash Installation and Configuration Guide 5
Introduction
12 Architecture Overview
Ponton XP consists of the following main modules
1 Messenger ndash This is the core of Ponton XP It transforms Messages received from the back-end (user or ERP system) into a standards conforming ebXML message Several processing steps are performed before the ebXML message is sent to the receiver
2 Listener ndash This optional module is usually located in the DMZ to receive message from the outside and to forward them to the Messenger within the secure zone of an organization No further processing takes place by the Listener No Listeners are required if Messengers are installed within the DMZ or if they are used for internal integration
3 Adapters ndash The are many ways to integrate the Messenger with the application software in the back-end An adapter helps bridging this gap To name some of the adapters Ponton XD is a Database Adapter that maps XML payload content directly to and from a database The Hot Folder Adapter frequently scans outbox folders and transfers these documents to the Messenger Vice-versa messages received from a business partner will be dropped into an inbox folder
Messenger
Listener
Listener
ebXML Message
ebXML Acknowledgement
Gen
eric
Ada
pter
Gen
eric
Ada
pter
Test
Ada
pter
Hot
Fol
der
Ada
pter
ERP
Generic
Adapter
Generic
Adapter
TestA
dapterH
ot FolderA
dapter ERP
Messenger
13 Features
Platform independence Currently in productive use under Windows (from NT to XP) Linux Solaris AIX HPUX Supports vendor independent messaging standards ebXML 20 AS1 and AS2 Processing of XML documents with a size of up to 150 MB Encryption of documents Validation of documents against any document types based on XML Schemas ndash in particular all papiNet and EFETnet documents Electronic signatures based on the PKCS and XML Signature standards Compression of documents to less than 5 of their original size Archiving of documents signatures certificates etc Comprehensive logging and notification services
Ponton XP 23 ndash Installation and Configuration Guide 6
Introduction
Synchronous or asynchronous data transmission ndash supporting transmission via HTTP HTTPS SMTP or SMIME Simple installation of electronic keys and certificates Use of the built-in Ponton CA or third-party certification authorities Set-up configuration and monitoring via Web interface Supports SOAP as base communication protocol Extension of the processing pipeline by means of supplementary modules Partner specific configuration of communication and security functions Simple installation ndash just 5 clicks Localized versions for English German and French Bundled with Ponton XE ndash the visual XML Editor developed by Ponton Consulting to easily create and send papiNet PurchaseOrders or any other XML documents based on XML Schema Backward compatibility with EPC Messenger 203 ndash 22 Comes with a complete preinstalled set of papiNet Schemas and XML stylesheets Guaranteed delivery of documents by using ebXML message acknowledgement Configuration of different users and access rights Archiving of all information papiNet documents ebXML envelopes PKCS objects certificates back-end envelope etc Verification of stored signatures via the GUI Extended and enriched Adapter API with access to ebXML acknowledgement data Easy installation of electronic keys and certificates ndash from Ponton or from third parties Extensive testing facilities ndash including Pontonrsquos preinstalled XPTEST server to test external document transfer (httpxptestponton-consultingde8080pontonxp) Extended processing pipeline with software development framework for custom filters (ie an extended archiving components alternate signing modules etc) A set of useful pre-packaged adapters Test Adapter Stress Test Adapter Hot Folder Adapter and HTTP Adapter In-depth product documentation providing a look ldquounder the hoodrdquo Can be integrated with Ponton XD ndash the Database Adapter for direct data exchange between XML documents and your database (see httpwwwponton-consultingdeenglishxdhtml)
Ponton XP 23 ndash Installation and Configuration Guide 7
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Further Information and Support
Technical SupportHelpdesk
E-mail xp-helpdeskponton-consultingde
Phone +494069213-344
Ponton Consulting
wwwponton-consultingde
xpponton-consultingde
XML Information Pages
wwww3org (World Wide Web Consortium)
wwwoasis-openorg (OASIS standards organization)
wwwebxmlorg (all about ebXML)
wwwxmlorg (XML industry portal)
xmlcoverpagesorg (XML Cover Pages)
wwwxmlsoftwarecom (software products for XML processing)
Ponton XP 23 ndash Installation and Configuration Guide 4
1 Introduction
11 About Ponton XP
Ponton XP is the ebXML compliant Message Service developed by Ponton Consulting It ensures encrypted signed compressed validated archived and guaranteed transfer of XML documents between business partners
Ponton XP is packaged with an embedded HSQL database and webserver so that the installation process only requires a few configuration steps
The Message Service also includes use of the Ponton Certificate Authority which is integrated into the Messenger network Business partners may thus kick-start their integration within minutes If users of Ponton XP prefer migration to third-party certificate authorities such as VeriSignreg Thawtereg or GlobalSignreg this can easily be done just by requesting and installing the corresponding certificate
Moreover Ponton XP allows for flexible back-end integration based on a large range of adapters from Ponton Consulting or third parties
The Ponton X Series
Apart from Ponton XP the X Series comprises two other tools
Ponton XE is the form-based XML Editor to easily create papiNet documents or any other document that is based on XML Schema Find more information on Ponton XE at httpwwwponton-consultingdeenglishxehtml Ponton XD is a database adapter that is used for direct exportimport of
documents to and from application data It is being used both with standard ERP systems like SAP R3 or JD Edwards and with home-grown application software Find more information at httpwwwponton-consultingdeenglishxdhtml
DB
ERPSystem
Ponton
Ponton
PontonXP
User
ApplicationBusin
ess
Partn
er
Ponton X Series
XE
XDXML
Document
Ponton XP 23 ndash Installation and Configuration Guide 5
Introduction
12 Architecture Overview
Ponton XP consists of the following main modules
1 Messenger ndash This is the core of Ponton XP It transforms Messages received from the back-end (user or ERP system) into a standards conforming ebXML message Several processing steps are performed before the ebXML message is sent to the receiver
2 Listener ndash This optional module is usually located in the DMZ to receive message from the outside and to forward them to the Messenger within the secure zone of an organization No further processing takes place by the Listener No Listeners are required if Messengers are installed within the DMZ or if they are used for internal integration
3 Adapters ndash The are many ways to integrate the Messenger with the application software in the back-end An adapter helps bridging this gap To name some of the adapters Ponton XD is a Database Adapter that maps XML payload content directly to and from a database The Hot Folder Adapter frequently scans outbox folders and transfers these documents to the Messenger Vice-versa messages received from a business partner will be dropped into an inbox folder
Messenger
Listener
Listener
ebXML Message
ebXML Acknowledgement
Gen
eric
Ada
pter
Gen
eric
Ada
pter
Test
Ada
pter
Hot
Fol
der
Ada
pter
ERP
Generic
Adapter
Generic
Adapter
TestA
dapterH
ot FolderA
dapter ERP
Messenger
13 Features
Platform independence Currently in productive use under Windows (from NT to XP) Linux Solaris AIX HPUX Supports vendor independent messaging standards ebXML 20 AS1 and AS2 Processing of XML documents with a size of up to 150 MB Encryption of documents Validation of documents against any document types based on XML Schemas ndash in particular all papiNet and EFETnet documents Electronic signatures based on the PKCS and XML Signature standards Compression of documents to less than 5 of their original size Archiving of documents signatures certificates etc Comprehensive logging and notification services
Ponton XP 23 ndash Installation and Configuration Guide 6
Introduction
Synchronous or asynchronous data transmission ndash supporting transmission via HTTP HTTPS SMTP or SMIME Simple installation of electronic keys and certificates Use of the built-in Ponton CA or third-party certification authorities Set-up configuration and monitoring via Web interface Supports SOAP as base communication protocol Extension of the processing pipeline by means of supplementary modules Partner specific configuration of communication and security functions Simple installation ndash just 5 clicks Localized versions for English German and French Bundled with Ponton XE ndash the visual XML Editor developed by Ponton Consulting to easily create and send papiNet PurchaseOrders or any other XML documents based on XML Schema Backward compatibility with EPC Messenger 203 ndash 22 Comes with a complete preinstalled set of papiNet Schemas and XML stylesheets Guaranteed delivery of documents by using ebXML message acknowledgement Configuration of different users and access rights Archiving of all information papiNet documents ebXML envelopes PKCS objects certificates back-end envelope etc Verification of stored signatures via the GUI Extended and enriched Adapter API with access to ebXML acknowledgement data Easy installation of electronic keys and certificates ndash from Ponton or from third parties Extensive testing facilities ndash including Pontonrsquos preinstalled XPTEST server to test external document transfer (httpxptestponton-consultingde8080pontonxp) Extended processing pipeline with software development framework for custom filters (ie an extended archiving components alternate signing modules etc) A set of useful pre-packaged adapters Test Adapter Stress Test Adapter Hot Folder Adapter and HTTP Adapter In-depth product documentation providing a look ldquounder the hoodrdquo Can be integrated with Ponton XD ndash the Database Adapter for direct data exchange between XML documents and your database (see httpwwwponton-consultingdeenglishxdhtml)
Ponton XP 23 ndash Installation and Configuration Guide 7
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
1 Introduction
11 About Ponton XP
Ponton XP is the ebXML compliant Message Service developed by Ponton Consulting It ensures encrypted signed compressed validated archived and guaranteed transfer of XML documents between business partners
Ponton XP is packaged with an embedded HSQL database and webserver so that the installation process only requires a few configuration steps
The Message Service also includes use of the Ponton Certificate Authority which is integrated into the Messenger network Business partners may thus kick-start their integration within minutes If users of Ponton XP prefer migration to third-party certificate authorities such as VeriSignreg Thawtereg or GlobalSignreg this can easily be done just by requesting and installing the corresponding certificate
Moreover Ponton XP allows for flexible back-end integration based on a large range of adapters from Ponton Consulting or third parties
The Ponton X Series
Apart from Ponton XP the X Series comprises two other tools
Ponton XE is the form-based XML Editor to easily create papiNet documents or any other document that is based on XML Schema Find more information on Ponton XE at httpwwwponton-consultingdeenglishxehtml Ponton XD is a database adapter that is used for direct exportimport of
documents to and from application data It is being used both with standard ERP systems like SAP R3 or JD Edwards and with home-grown application software Find more information at httpwwwponton-consultingdeenglishxdhtml
DB
ERPSystem
Ponton
Ponton
PontonXP
User
ApplicationBusin
ess
Partn
er
Ponton X Series
XE
XDXML
Document
Ponton XP 23 ndash Installation and Configuration Guide 5
Introduction
12 Architecture Overview
Ponton XP consists of the following main modules
1 Messenger ndash This is the core of Ponton XP It transforms Messages received from the back-end (user or ERP system) into a standards conforming ebXML message Several processing steps are performed before the ebXML message is sent to the receiver
2 Listener ndash This optional module is usually located in the DMZ to receive message from the outside and to forward them to the Messenger within the secure zone of an organization No further processing takes place by the Listener No Listeners are required if Messengers are installed within the DMZ or if they are used for internal integration
3 Adapters ndash The are many ways to integrate the Messenger with the application software in the back-end An adapter helps bridging this gap To name some of the adapters Ponton XD is a Database Adapter that maps XML payload content directly to and from a database The Hot Folder Adapter frequently scans outbox folders and transfers these documents to the Messenger Vice-versa messages received from a business partner will be dropped into an inbox folder
Messenger
Listener
Listener
ebXML Message
ebXML Acknowledgement
Gen
eric
Ada
pter
Gen
eric
Ada
pter
Test
Ada
pter
Hot
Fol
der
Ada
pter
ERP
Generic
Adapter
Generic
Adapter
TestA
dapterH
ot FolderA
dapter ERP
Messenger
13 Features
Platform independence Currently in productive use under Windows (from NT to XP) Linux Solaris AIX HPUX Supports vendor independent messaging standards ebXML 20 AS1 and AS2 Processing of XML documents with a size of up to 150 MB Encryption of documents Validation of documents against any document types based on XML Schemas ndash in particular all papiNet and EFETnet documents Electronic signatures based on the PKCS and XML Signature standards Compression of documents to less than 5 of their original size Archiving of documents signatures certificates etc Comprehensive logging and notification services
Ponton XP 23 ndash Installation and Configuration Guide 6
Introduction
Synchronous or asynchronous data transmission ndash supporting transmission via HTTP HTTPS SMTP or SMIME Simple installation of electronic keys and certificates Use of the built-in Ponton CA or third-party certification authorities Set-up configuration and monitoring via Web interface Supports SOAP as base communication protocol Extension of the processing pipeline by means of supplementary modules Partner specific configuration of communication and security functions Simple installation ndash just 5 clicks Localized versions for English German and French Bundled with Ponton XE ndash the visual XML Editor developed by Ponton Consulting to easily create and send papiNet PurchaseOrders or any other XML documents based on XML Schema Backward compatibility with EPC Messenger 203 ndash 22 Comes with a complete preinstalled set of papiNet Schemas and XML stylesheets Guaranteed delivery of documents by using ebXML message acknowledgement Configuration of different users and access rights Archiving of all information papiNet documents ebXML envelopes PKCS objects certificates back-end envelope etc Verification of stored signatures via the GUI Extended and enriched Adapter API with access to ebXML acknowledgement data Easy installation of electronic keys and certificates ndash from Ponton or from third parties Extensive testing facilities ndash including Pontonrsquos preinstalled XPTEST server to test external document transfer (httpxptestponton-consultingde8080pontonxp) Extended processing pipeline with software development framework for custom filters (ie an extended archiving components alternate signing modules etc) A set of useful pre-packaged adapters Test Adapter Stress Test Adapter Hot Folder Adapter and HTTP Adapter In-depth product documentation providing a look ldquounder the hoodrdquo Can be integrated with Ponton XD ndash the Database Adapter for direct data exchange between XML documents and your database (see httpwwwponton-consultingdeenglishxdhtml)
Ponton XP 23 ndash Installation and Configuration Guide 7
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Introduction
12 Architecture Overview
Ponton XP consists of the following main modules
1 Messenger ndash This is the core of Ponton XP It transforms Messages received from the back-end (user or ERP system) into a standards conforming ebXML message Several processing steps are performed before the ebXML message is sent to the receiver
2 Listener ndash This optional module is usually located in the DMZ to receive message from the outside and to forward them to the Messenger within the secure zone of an organization No further processing takes place by the Listener No Listeners are required if Messengers are installed within the DMZ or if they are used for internal integration
3 Adapters ndash The are many ways to integrate the Messenger with the application software in the back-end An adapter helps bridging this gap To name some of the adapters Ponton XD is a Database Adapter that maps XML payload content directly to and from a database The Hot Folder Adapter frequently scans outbox folders and transfers these documents to the Messenger Vice-versa messages received from a business partner will be dropped into an inbox folder
Messenger
Listener
Listener
ebXML Message
ebXML Acknowledgement
Gen
eric
Ada
pter
Gen
eric
Ada
pter
Test
Ada
pter
Hot
Fol
der
Ada
pter
ERP
Generic
Adapter
Generic
Adapter
TestA
dapterH
ot FolderA
dapter ERP
Messenger
13 Features
Platform independence Currently in productive use under Windows (from NT to XP) Linux Solaris AIX HPUX Supports vendor independent messaging standards ebXML 20 AS1 and AS2 Processing of XML documents with a size of up to 150 MB Encryption of documents Validation of documents against any document types based on XML Schemas ndash in particular all papiNet and EFETnet documents Electronic signatures based on the PKCS and XML Signature standards Compression of documents to less than 5 of their original size Archiving of documents signatures certificates etc Comprehensive logging and notification services
Ponton XP 23 ndash Installation and Configuration Guide 6
Introduction
Synchronous or asynchronous data transmission ndash supporting transmission via HTTP HTTPS SMTP or SMIME Simple installation of electronic keys and certificates Use of the built-in Ponton CA or third-party certification authorities Set-up configuration and monitoring via Web interface Supports SOAP as base communication protocol Extension of the processing pipeline by means of supplementary modules Partner specific configuration of communication and security functions Simple installation ndash just 5 clicks Localized versions for English German and French Bundled with Ponton XE ndash the visual XML Editor developed by Ponton Consulting to easily create and send papiNet PurchaseOrders or any other XML documents based on XML Schema Backward compatibility with EPC Messenger 203 ndash 22 Comes with a complete preinstalled set of papiNet Schemas and XML stylesheets Guaranteed delivery of documents by using ebXML message acknowledgement Configuration of different users and access rights Archiving of all information papiNet documents ebXML envelopes PKCS objects certificates back-end envelope etc Verification of stored signatures via the GUI Extended and enriched Adapter API with access to ebXML acknowledgement data Easy installation of electronic keys and certificates ndash from Ponton or from third parties Extensive testing facilities ndash including Pontonrsquos preinstalled XPTEST server to test external document transfer (httpxptestponton-consultingde8080pontonxp) Extended processing pipeline with software development framework for custom filters (ie an extended archiving components alternate signing modules etc) A set of useful pre-packaged adapters Test Adapter Stress Test Adapter Hot Folder Adapter and HTTP Adapter In-depth product documentation providing a look ldquounder the hoodrdquo Can be integrated with Ponton XD ndash the Database Adapter for direct data exchange between XML documents and your database (see httpwwwponton-consultingdeenglishxdhtml)
Ponton XP 23 ndash Installation and Configuration Guide 7
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Introduction
Synchronous or asynchronous data transmission ndash supporting transmission via HTTP HTTPS SMTP or SMIME Simple installation of electronic keys and certificates Use of the built-in Ponton CA or third-party certification authorities Set-up configuration and monitoring via Web interface Supports SOAP as base communication protocol Extension of the processing pipeline by means of supplementary modules Partner specific configuration of communication and security functions Simple installation ndash just 5 clicks Localized versions for English German and French Bundled with Ponton XE ndash the visual XML Editor developed by Ponton Consulting to easily create and send papiNet PurchaseOrders or any other XML documents based on XML Schema Backward compatibility with EPC Messenger 203 ndash 22 Comes with a complete preinstalled set of papiNet Schemas and XML stylesheets Guaranteed delivery of documents by using ebXML message acknowledgement Configuration of different users and access rights Archiving of all information papiNet documents ebXML envelopes PKCS objects certificates back-end envelope etc Verification of stored signatures via the GUI Extended and enriched Adapter API with access to ebXML acknowledgement data Easy installation of electronic keys and certificates ndash from Ponton or from third parties Extensive testing facilities ndash including Pontonrsquos preinstalled XPTEST server to test external document transfer (httpxptestponton-consultingde8080pontonxp) Extended processing pipeline with software development framework for custom filters (ie an extended archiving components alternate signing modules etc) A set of useful pre-packaged adapters Test Adapter Stress Test Adapter Hot Folder Adapter and HTTP Adapter In-depth product documentation providing a look ldquounder the hoodrdquo Can be integrated with Ponton XD ndash the Database Adapter for direct data exchange between XML documents and your database (see httpwwwponton-consultingdeenglishxdhtml)
Ponton XP 23 ndash Installation and Configuration Guide 7
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
2 Downloading Ponton XP 23 The software can be downloaded from the product page of Ponton Consulting
httpwwwponton-consultingdeenproductsdownloadshtml
Please fill in the download request form You will receive an e-mail containing a hotlink for access to the installation file
21 Components
You will find the following components in the installation package
Ponton XP Messenger ndash the core component for guaranteed secure delivery of XML messages Ponton XP Hot Folder Adapter ndash allows easy connection of the Messenger to your application software HTTP Adapter ndash allows HTTP-based back-end integration with your ERP system(s) HTTP Listener ndash a lightweight process to receive XML documents via HTTP and forward them to your Messenger over the firewall E-mail Listener ndash another lightweight process that polls your mail server for new messages
Ponton XP 23 ndash Installation and Configuration Guide 8
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
3 Installing Ponton XP 23
31 Minimum system requirements
Hardware
Disk space 100 MB Memory space 256 MB Processor Pentium III 500 MHz
Depending on the number of XML schema files and the corresponding XSL stylesheets that are pre-loaded by your Messenger you should increase your main memory as follows
5-8 schemas 512 MB 8-20 schemas 1024 MB
This avoids unnecessary swapping overhead
Operating systems
Windows NT4 Service Pack 6 (Workstation or Server) Windows 2000 Service Pack 2 (Workstation or Server) Windows XP Home or Professional Service Pack 1 Linux Solaris AIX HP-UX In general any platform supporting Java Runtime Environment 14
Ponton XP 23 ndash Installation and Configuration Guide 9
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Installing Ponton XP 23
Databases
HSQL ndash an open source database bundled with the distributed configuration of Ponton XP Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
32 Installation procedure
The software is installed using a self-extracting executable which guides the user through the installation process If only standard options are chosen the whole installation should not take more than 10 minutes
Note Under certain circumstances the installer may run into conflicts with other software running on the same computer In this case you should exit all other applications and then restart the installation
Start the installation by double-clicking the Ponton XP 23 setup file and go through the installation screens as follows
Welcome A short introduction to the installation process Click on Next to continue License Agreement This screen contains the license terms for use of Ponton XP To continue the installation you have agree to the license terms by clicking on I Agree Choose Components Select the components you want to install If you are sure you wonrsquot need certain components such as the Stress Adapter or the XML Editor you can exclude them from the installation to save disk space Simply deactivate the relevant check boxes Click on Next to continue Choose Install Location Select the installation root folder either by typing it in or by clicking on Browse and navigating to the folder you want to use Click on Next to continue
For the purposes of this documentation letrsquos assume that you have installed Ponton XP in CPonton XP 23 (or in a UNIX environment in Ponton XP 23) This folder will be referred to here as the installation root Choose Start Menu Folder Specify a folder in the Start Menu in which you want to install the program shortcuts Click on Next to continue Installing Shows a progress bar to indicate how far the actual installation has proceeded
Ponton XP 23 ndash Installation and Configuration Guide 10
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Installing Ponton XP 23
Installation Complete The installation is now complete After clicking on Next and Finish you can procede with the configuration of the software
33 Updating from a previous version
At this time Ponton XP only supports updating from Ponton XP version 22 Using the setup program you can install the new version in the same program folder as your previous version ndash your current configuration will be retained
In addition one further step is necessary when updating from version 22 Due to a slight change in the database structure you will need to run a database update script Scripts for the following databases are included in the distribution
Oracle MS SQL Server MySQL Sybase DB2
The scripts are located in the subfolders of ltinstallation rootgtsql ndash the filename is upgrade_to_23sql
Ponton XP 23 ndash Installation and Configuration Guide 11
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
4 Quick-Starting the Software You can start the Messenger either via the Windows Start menu or by executing startupbat in the installation root directory If you have not started the Messenger from a command shell but via the Windows interface this will open an output window
Please wait until the webserver has fully initialized all the software components When the initialization is finished the following text should be shown near the bottom of the output window Messenger 23 is initialized (c) Ponton Consulting GmbH Please log in to the Admin tool at ltyour URLgt If any errors occur during startup this will be indicated in the output window and logged in the file
[installation root]xmlpipewebrootWEB-INFlogBootlog
Please note that the Messengerrsquos processing log file
[installation root]xmlpipewebrootWEB-INFlogMessengerlog
does not come into play until the Messenger has initialized successfully
41 Logging in
Now the Messenger is ready for use open your web browser and enter the URL
httplocalhost8080pontonxp
This will bring up the login screen allowing you to log in to the Ponton XP Administration Tool
The initial user name and password are
User xpadmin
Password xppass
Ponton XP 23 ndash Installation and Configuration Guide 12
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
Note Since these initial user login settings are the same on every installation you are advised to change the password as soon as possible to prevent unauthorized access to the Administration Tool
On startup the Messenger status screen is displayed showing information on the current server configuration and the status of different Messenger processes (Threads) You can switch to this screen at any time by choosing Messenger Status from the menu
Note Click on the folder icons in the menu panel to open and close the folders Click on the page labels to display the corresponding screens
42 Stopping the Messenger
If you started the software from the start menu (or if it was installed as a Windows service) you can stop the Messenger by selecting Stop Ponton XP from the start menu Alternatively you can execute the batch file shutdownbat (located in the installation root directory)
If you started the Messenger from a command shell you may also press CTRL-C to stop the process
43 Basic configuration
The basic functionality of Ponton XP is to enable the secure exchange of messages between business partners This entails setting up at least two partner configurations
Ponton XP 23 ndash Installation and Configuration Guide 13
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
a local partner (representing your own organization) a remote partner (representing your business partnerrsquos organization)
Of course for your actual daily business you will generally exchange messages with a number of different business partners so you will need to define different remote partner configurations
If you want to set up an initial test installation it is often easier to install two Messengers on separate PCs within your local environment to avoid firewall restrictions On the other hand if you want to immediately test with a remote partner please ensure with your technical administration staff that your firewall is configured to allow the necessary connections
The following steps describe a basic configuration for test purposes
Define a local partner
Create a local partner
Open the Configuration menu in the left frame then click on Partners rarr CreateDelete Partners
On the CreateDelete Partners screen enter a Local ID for yourself and activate the local radio button in order to create a local partner Then click Create New Partner
The next step is to specify the configuration details for this new partner When you create a new partner the Local Partner Configuration screen is displayed with the new partner name selected You can call up a partner configuration afterwards by going to
Ponton XP 23 ndash Installation and Configuration Guide 14
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
Configuration rarr Partners rarr Local Partners and selecting a partner name from the drop down menu at the top of the page The configuration settings are distributed on different tabs Identification Communication etc
Identification settings
On the Identification tab you can edit the different IDs used to refer to the given partner (in this case your new local partner)
t
Partner Display Name ndash the Display Name is used within Ponton XP in menus selection lists etc Internal Partner ID ndash the Internal Partner ID is used for communication with the backend (ERP) system PartyID ndash the PartyID is used for the identification of business partners in the messaging process Please note that the different partners have to use correct PartyIDs in their partner configurations to identify the relevant partners For further details see the Define remote par ners section below
Note By default the Partner Display Name the Internal Partner ID and the PartyID are all preset to the same value as the Local ID used when a new partner is created On the Identification tab you can modify these settings as required
The default PartyID Type is PontonCertificate (issued by the Ponton Certificate Authority) Other Party ID types can also be used for example EIC Duns Number GLN (Global Location Number) or URI For a single partner you can create multiple Party IDs by using different Party ID types
Click Save to confirm your settings for this new partner
Ponton XP 23 ndash Installation and Configuration Guide 15
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
Note After making any changes in your configuration settings remember to click the Save button before you move on If you switch to a different page or tab without saving the new settings your modifications will be lost
Communication settings
On the Communication tab enter the communication settings for your new partner configuration Please specify the access details for the communication protocols you want to support HTTP HTTPS SMTP and SMIME
URI of Messenger Service ndash when entering the URI for HTTP (or HTTPS) please be sure to include the port A complete setting looks like this httpyourservercom8080pontonxpSoapListener
Other settings
On the Schema Sets tab indicate which schema sets you want to support
Certificates
Ponton XP enables you to send signed andor encrypted messages based on the use of certificates The installation of a certificate is not required however and you may want to skip this step for your initial tests In this case please take note of the restrictions described below under Basic testing without certificates In any case your configuration for actual business purposes should include the installation of certificates for your local and remote partners
Requesting and installing a certificate
Ponton offers a lightweight certificate authority (CA) that allows you to easily request and install certificates for the Messenger The Certificate tab has subordinate tabs for requesting installing and subsequently exporting a certificate (for a local partner) To request a certificate from the Ponton CA click on the Request tab and fill in the certificate request form
Ponton XP 23 ndash Installation and Configuration Guide 16
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
If you activate the Send request to CA check box your request will be sent directly to the CA (using the configured E-Mail connection) Otherwise you will see a page with a text box containing the certificate request This page includes an e-mail link that can be used to submit the certificate request to the Ponton CA
For further details on working with certificates see the Partner Certificates section (beginning on page 48)
Basic testing without certificates
If you decide to run your initial tests without installing certificates for your partner configurations please note that the following settings have to be modified to compensate for the absence of a certificate
For your local partner configuration
rArr
rArr
rArr
rArr
Configuration rarr Partners rarr ltlocal partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltlocal partnergt rarr Packaging Deactivate the Use XML Signatur option
For each of your remote partner configurations (see below)
Configuration rarr Partners rarr ltremote partnergt rarr Processing Deactivate the Signing and Encryption options
Configuration rarr Partners rarr ltremote partnergt rarr Packaging Deactivate the Use XML Signatur option
Ponton XP 23 ndash Installation and Configuration Guide 17
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
Activate the software (trial version) You can run Ponton XP as a trial version for 60 days To activate the trial version go to Configuration rarr Messenger rarr ActivationLicense and click on the Activation Request tab - or simply click the Create Activation Request link shown on the startup screen (Messenger Status) This will call up the Activation Request tab with a box containing your activation request
For the trial version please click on the e-mail link at the top of the page This will copy the activation request to your e-mail client Using your e-mail client please send the activation request to activationponton-consultingde
Note The Send Activation Request by HTTP option is only available for license activation and is disabled in the trial version
You will receive a reply e-mail containing the activation code for your system Please copy the complete activation code and paste it into the text box on the Install tab
Ponton XP 23 ndash Installation and Configuration Guide 18
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
Notes
t
r
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines After installing a license key you may have to epeat the activation process to activate your license (depending on certain license conditions)
Define remote partners To test your Messenger configuration Ponton Consulting offers a test server called xptestponton-consultingde This server is pre-configured in your Messenger set-up Before integrating with your business partners you can start out using this test server as your messaging partner to experiment with different functions and configuration options etc Please note however that your new Messenger configuration is not known to the Ponton test server For this reason you only have limited options available for exchanging messages with the Ponton test server ndash in particular you can send messages to the test server but the replies will generally indicate that the sender was ldquounknownrdquo If your tests with the xptest server are successful you can go ahead and create
external partner settings for your business partners The procedure is the same
Ponton XP 23 ndash Installation and Configuration Guide 19
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
as with a local partner with a few minor exceptions The main difference is that you have to have your partners inform you about the settings used in their respective Messenger installations and also have them send you their certificates for installation in your respective partner configurations Hint To check if your partnerrsquos Messenger is up and running open your browser
and go to the URL
httpltyourpartnersdomainnamegtltport-numbergtpontonxpSoapListener
The URL for the test server (version 23) at Ponton Consulting is
httpxptestponton-consultingdepontonxpSoapListener
Note When exchanging partner configurations with your business partners please keep in mind that identical party IDs have to be used in the local and remote configurations The partner display names and internal IDs on the other hand may be different
ABCrsquos local partner config
ABCrsquos external
partner config
XYZrsquos local
partner config
XYZrsquos external
partner config
Partner display name ABC Local XYZ Global XYZ Local ABC Corp
Internal partner ID ABC015 (ERP ID) XYZ381 (ERP ID) 401690 (DB ID) 494230 (DB ID)
Party ID ABC12201 XYZ2950A XYZ2950A ABC12201
Set up a partner agreement
The partner configuration settings specify the options supported by each partner Agreements on the other hand determine the actual settings to be used for communication and processing between two specific partners For test purposes it may be helpful to switch off encryption and signing in your partner agreement (on the Processing tab) In any case please ensure that the settings are compatible for both partners ndash otherwise you may experience errors in the transfer or processing of messages between the two partners
Ponton XP 23 ndash Installation and Configuration Guide 20
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
In any case your partner configurations must be set up so that the encryption and signing options match the settings chosen by the respective partner
For further details on partner agreements see the Par ner Agreements section t
44 Check if adapters are running
To check whether your adapters are running go to Adapter Monitor in the main menu If no built-in adapter was used before (Test Adapter or Hot Folder Adapter) and no external adapter has connected to the Messenger the Adapter Monitor will indicate ldquoNo adapter info availablehelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 21
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
Now start the Test Adapter and go back to the Adapter Monitor It should indicate ldquoTest Adapter ready to receive messageshelliprdquo
Ponton XP 23 ndash Installation and Configuration Guide 22
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
Call up the Test Adapter from the main menu of Ponton XP
Send your partner a Ping
To check whether the Messenger configurations (on both your own system and your remote partnerrsquos system) are set up correctly you can begin by sending a Ping message
1 Select a sending partner (your local partner)
2 Select a receiving partner (one of the defined remote partners)
3 Click the Ping button to test whether communication with the selected partner is possible
If your connection to the remote partner is successful you should see Remote reply Pong Message in the Status column of the ping message If not you will see an error message in the Status column
For further details on the status of your messages check the Message Monitor as described in the Message Monitor section below
Send your partner a test message
As your next step please send a test message to your remote partner
1 Select a document (from the File on server list or by choosing a Local file)
2 For test purposes activate the Test Message checkbox
Ponton XP 23 ndash Installation and Configuration Guide 23
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
3 Send the document by clicking Send Message
Your Test Adapter then forwards the document to your Messenger The document is processed by the Messenger according to the settings and filters defined in the relevant partner agreement Finally the document is sent to the specified receiver partyrsquos Messenger (or Listener) address
45 Check the status of your messages
The status of messages can be monitored in the Message Monitor window which you can select from the main menu of Ponton XP This is where you can check whether your messages have been properly transferred to the receiver The status of your messages is shown in the Result column (located in the message overview in the upper right panel)
Note In the Message Monitor please be sure to click the Search button (located below the filter settings on the left) otherwise the list of messages on the right will be empty If you want to include Ping messages Acknowlegements and other non-business documents in the list please set the Type to All documents (instead of All business documents)
The following color codes are used to indicate the transferprocessing status
Green checkmark ndash the transfer was successful Red cross ndash something went wrong (in this case the complete entry is highlighted red) Question mark ndash the message is still unconfirmed (in this case the entry is highlighted yellow)
Ponton XP 23 ndash Installation and Configuration Guide 24
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Quick-Starting the Software
To check for details click on the MessageID and look at the log information (in the lower right panel) Each processing step carried out by your Messenger is displayed here As long as no errors occurred the log entries are highlighted green
The right-hand columns show
How the message was transferred from your test adapter to the Messenger Which Messenger filters were applied to the message How the document was transferred to the receiver
You may experiment with the Test Adapter and the Message Monitor and send other documents Please also ask your test partner to send documents to your Messenger
The results shown in the Message Monitor indicate the processing sequence
A Senderrsquos Adapter M Senderrsquos Messenger L Senderrsquos Listener Net NetworkTransmission L Receiverrsquos Listener M Receiverrsquos Messenger A Receiverrsquos Adapter
Ponton XP 23 ndash Installation and Configuration Guide 25
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
5 Configuration Options The overall configuration of Ponton XP breaks down into the following sections
Messenger configuration This section focuses on your local setting for the Messenger This includes database connections default filter settings communication protocol selection etc Partner configuration Per partner several setting are required Partner identification filter activation (which overrides the default setting) communication settings etc Certificate management For own partners key pairs may be created and certificates requested For certificate authorities as well as for each individual partner certificates can be installed Certificates may be requested for signing and encryption for SSL and for SMIME Hot folder configuration The Hot Folder Adapter is tightly integrated with the Messenger and can therefore be configured through the same interface It supports the definition of multiple hot folders for sending and receiving documents as well as dedicated folders for business partners
51 Messenger Configuration
Messenger Database The Messenger stores log entries in a database By default the log database is pre-configured as an HSQL database HSQL is an open source database implementation written entirely in Java If there is no requirement to store log data in an existing database in your organization you may continue with HSQL
It is also possible to configure the Messenger to use a different database system for example
Oracle (version 815 or higher) MS SQL Server 2000 MySQL (version 32 or higher) SAPdb (version 73) Informix (on request) Sybase (on request) DB2 (on request) Any other database that supports JDBC 20
The log database is accessed via JDBC connection The Ponton XP distribution includes configuration scripts to set up the tables for the database systems mentioned
Ponton XP 23 ndash Installation and Configuration Guide 26
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
above You can refer to these scripts as examples to create scripts for your own database system
If you do not yet have a database system with JDBC support in use you can download the setup files for MySQL from httpdevmysqlcomdownloads
To configure the Messenger database the following set-up needs to be performed
1 Go to Configuration rarr Messenger rarr Database
2 Enter the driver class name and the URL for the JDBC connection to your database
3 Enter the user name and password for the connection if required
4 Click Test to test the connection
5 Important Donrsquot click Save unless the connection test was successful
Note The connection to the standard HSQL database supplied with the Messenger requires a ldquotruncatedrdquo URL that does not contain the database name (as shown above) When using a different database system please consult the relevant driver documentation for details on how to specify the database URL
Ponton XP 23 ndash Installation and Configuration Guide 27
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Logging Level To specify the logging level go to Configuration rarr Messenger rarr Logging and select the desired settings for Messenger and JDBC logging
There is a range of settings available
OFF turns logging off completely hellip DEBUG logs all the messages output by the system
Note Please keep in mind that the chosen logging level can have an effect on the performance of your system In particular it is advisable to use DEBUG logging only in connection with error tracking and analysis
Ponton XP 23 ndash Installation and Configuration Guide 28
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Message Queue Scan Interval Under Configuration rarr Messenger rarr Message Queues you can specify the interval to scan the (inbound and outbound) message queues
The default setting is 5000 msec To boost the message throughput on a faster system you can increase the scan frequency by setting this interval to a lower (ie shorter) value
Ponton XP 23 ndash Installation and Configuration Guide 29
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Partner Registry Configuration The partner registry allows you to exchange profiles with other partners by uploading and downloading partner configurations tofrom the registry The connection and authentication to access the registry are configured on this page
Registry URL ndash enter the address where the registry is to be accessed UsernamePassword ndash enter the user name and password for access to the registry These will be provided by the registry administrator Automatic updates ndash this option allows you to automatically update your imported profiles at a specified interval Please note that the download interval is only enabled when automatic updating is active Download partners now ndash click on the Download button to update your imported profiles immediately
Ponton XP 23 ndash Installation and Configuration Guide 30
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
E-mail Configuration By setting up inbound and outbound e-mail connections in your Messenger configuration you can enable a number of useful options in particular
E-mail notification ndash this requires an outbound e-mail connection SMTP and SMIME protocols ndash the use of SMTP andor SMIME as a transport protocols requires an outbound e-mail connection for sending messages and an inbound e-mail connection for receiving messages
Inbound connection
You can enable your Messenger to receive e-mail messages by setting up a POPIMAP connection with the following entries
Protocol ndash set to pop3 IMAP (depending on the type of mail server) Server ndash the hostname or IP address of your mail server Interval ndash the frequency for accessing the server for mail download Username password ndash must be properly set to authenticate the Messenger on the mail server
Ponton XP 23 ndash Installation and Configuration Guide 31
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Outbound connection
This connection is used for e-mail messages sent by your Messenger to your business partners The following data needs to be configured
From ndash the senderrsquos address to be used for your e-mails SMTP ndash the outgoing mail server to be contacted by your Messenger in order to submit the e-mail Username password ndash must be entered if your mail server requires authentication for outgoing e-mails in this case enter the settings to be used by the Messenger to log in on the mail server
To test the e-mail connection enter a receiver e-mail address (in the Send test mail to field) and click on Test
Certificate
This tab is used to request and install an SMIME certificate for your Messenger allowing you to exchange messages via e-mail Fill in the request form and submit your request to the Ponton CA When you receive the SMIME certificate go to the ShowInstall tab and paste it in the entry box
Note This is the SMIME certificate for your local Messenger configuration For information on requesting and installing SMIME certificates for your remote partner
Ponton XP 23 ndash Installation and Configuration Guide 32
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
configurations please refer to the Transport Certificates section Further details on requesting and installing certificates can be found in the Partner Certificates section
Ponton XP 23 ndash Installation and Configuration Guide 33
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
E-mail Notification You can use the notification service to send e-mails to specified addresses whenever certain events occur For example you might want to notify your system administrator whenever certain errors are encountered
To specify an address go to Messenger rarr eMail Notification and click New Receiver Enter the e-mail address for this receiver in the text field and select the events for which this receiver is to be notified You can use CTRL-click to activate multiple entries in the list
Subject Elements
If no subject elements are defined the subject of the e-mail notification will be as follows
ldquoNotification for messagerdquo + Message ID
By defining one or more subject elements you can customize the subject of the e-mail notification If you define several subject elements they will be separated by blanks in the subject line
Ponton XP 23 ndash Installation and Configuration Guide 34
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
For defining subject elements you can use the following element types
rArr
rArr
rArr
rArr
Text ndash a static text that you enter in the text box Variable - a predefined variable such as the Message ID the Message Type or the Receiver IDDisplay Name Xpath - the xpath to an elementvalue contained in the payload message
Please note that the use of xpath values as notification subject elements may lead to decreased performance because the entire payload message has to be parsed in order to resolve the xpath expression
Please note as well that only a subset of the complete xpath syntax is supported for the definition of subject elements In particular the following restrictions apply
The xpath must be an absolute path starting with the root node of the payload document
The xpath must refer to an actual node within the document In the case of multiple nodes that satisfy the xpath the first occurrence will be used
Reference to node attributes is not possible
Use of conditional expressions is not possible
Ponton XP 23 ndash Installation and Configuration Guide 35
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Communication Settings On this screen you can specify
Proxy settings ndash if your Messenger will be connecting to the Internet via a proxy server Please note The NT Domain is only required if your proxy server uses NTLM authentication Retransmission Handling ndash you can use this setting to specify the number of retransmission attempts and the interval (in seconds) between attempts If a message cannot be transmitted successfully in the specified number of retries the Messenger will give up and mark the message as ldquofailedrdquo
Tomcat SSL Configuration This page allows you to request and install a certificate for use with a Tomcat SSL connection To request a certificate go to the Request tab and fill in the form ndash then click OK
Note If your messenger is configured to send outgoing e-mail messages you can activate the Send request to CA checkbox Your certificate request will then be forwarded to the Ponton CA automatically If you leave this checkbox deactivated the certificate request will be generated and displayed on the next page In this case please copy the request to a text file and send it via e-mail to the address indicated (from a computer that has an e-mail connection)
Ponton XP 23 ndash Installation and Configuration Guide 36
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
When you receive the SSL certificate copy and paste it into the text box on the ShowInstall tab
Ponton XP 23 ndash Installation and Configuration Guide 37
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Listener Settings The settings on this page can be used to specify the Listener configuration in a distributed installation If your Messenger is to receive incoming connections directly there is no need to set up a Listener configuration as the Listener then runs internally within the Messenger
For details on setting up a distributed system please refer to the Distribu ed Installation section
t
Archive Settings The archiving filter stores the following information in a dedicated directory
Backend Envelope ebXML Envelope Payload ndash this is the actual business document Certificate Signature Attachment
Each part is stored in a separate file
Ponton XP 23 ndash Installation and Configuration Guide 38
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
The Archive Folder setting can be used to indicate the location of the archiving folder This can be expressed as
An absolute path to the required folder A relative path beginning with $CONTEXT ndash this placeholder refers to the folder [installation root]xmlpipewebroot
The Maximum Age setting specifies how long the files will be archived ndash expressed in days
Activation License Configuration This section describes how to install and activate licenses for Ponton XP If you want to activate the software as a trial version please see the description starting on page 18
Installing a license
You will generally receive your Ponton XP license as a text or e-mail from Ponton or from your licensing organization
To install your license go to Configuration rarr Messenger rarr Activation License and click on the License tab Copy the complete license text (including the lines -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----) and paste the license text into the text box on the Install tab
Click on Save to complete the installation of the license You should see a message indicating that the license was successfully installed
Ponton XP 23 ndash Installation and Configuration Guide 39
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Activating an installed license
Depending on your license conditions it may be necessary to activate your license after it is installed If so you will see a Create Activation link in the upper right corner and on the Messenger Status screen
To activate your license go to Configuration rarr Messenger rarr Activation License and click on the Activation Request tab - or simply click the Create Activation link This will call up the Activation Request tab with a box containing your activation request
The easiest and fastest way to complete your license activation is to click on the Send button (below the text box on the Activation Request tab) This will activate the license almost immediately You should see a message indicating that the your license was successfully activated
Ponton XP 23 ndash Installation and Configuration Guide 40
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
You can also submit your activation request by e-mail as with the trial version (see page 18) To do so click on the e-mail link at the top of the Activation Request tab or copy the complete activation request and send it to activationponton-consultingde using your e-mail client
You will receive a reply e-mail containing your activation code which you can then copy and paste into the text box on the Install tab Then click the Save button to complete your license activation
Following the activation the message in the upper right corner and on the Messenger Status screen will indicate the name and the remaining lifetime of the license for example
Licensed for ABC Corp Days left 1096
Notes
t
When sending your activation request by e-mail it is important to copy the comple e activation request code including the lines ldquo----- Begin Activation Request -----rdquo and ldquo----- End Activation Request -----rdquo This is also the case when copying the activation code from the reply e-mail into the Install tab Again please be sure to include the ldquoBeginrdquo and ldquoEndrdquo lines Depending on your license conditions you may need to repeat the license activation process after making certain changes to your local partner configuration
Ponton XP 23 ndash Installation and Configuration Guide 41
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
52 Partner Configuration
The partner configuration distinguishes between Local and Remote partners ndash this distinction indicates whether the partner refers to a local partner configuration within your own Ponton XP system or to a remote partner configuration on an external system In certain cases the configuration steps may differ slightly For example you can submit a certificate request for a local partner but not for a remote partner In the case of remote partners you would receive the certificate from the partner directly or by downloading the partnerrsquos profile from the registry
A partner profile can be seen as representing the communication capability of the respective partner A partner may for example support HTTP HTTPS SMTP and SMIME as transport protocols An agreement (as explained further down) then restricts the capabilities of two partners to a choice of options that are supported by both sides In the case of the transport protocol the partners might define HTTP as the protocol they want to use
Create a Partner Entry To create a new partner entry go to Configuration rarr Partners rarr Create Partner enter a Local ID for the new partner (this is the local identifier for your configuration) and indicate whether this partner entry is for
A local partner ndash this might be a department within your organization A remote partner ndash these entries refer to your business partners for example customers suppliers carriers warehouse operators etc
Ponton XP 23 ndash Installation and Configuration Guide 42
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Finally click on Create New Partner to generate the new partner entry ndash you will then see the partner configuration screen
Delete a Partner Entry To delete a partner entry go to Configuration rarr Partners rarr Delete Partner select the relevant Partner Name (the display name in your configuration) and then click Delete Partner
Partner Identification
Partner display name ndash this is the name shown in the lists and screens within Ponton XP Disable ndash this option allows you to disable a specific partner within your Messenger configuration without deleting the partner configuration In this case the Messenger will reject any message received from this partner Internal Partner ID ndash this identifier is used internally by Ponton XP for communication with the backend and the file system PartyID PartyID Type ndash PartyIDs are used to identify partners externally To avoid name clashes and duplication well-known naming schemas exist to identify partners eg DUNS codes VAT numbers IANA codes etc For this reason trading partners should agree on a minimal set of identification types (like DUNS numbers and IANA codes) that is to be used by all partners
Ponton XP 23 ndash Installation and Configuration Guide 43
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Note Please ensure that identical PartyIDs are used in the different Messenger configurations ndash otherwise there will be errors when you attempt to exchange messages with your partners
More than one PartyID can be defined per partner The limit is given by the number of PartyID types These are configured separately ndash please check the Advanced Configuration section
Hint Please also check the Ponton XP Technical Overview document for a detailed explanation of ebXML codes and partner identification
Note There is an additional checkbox on this screen for the configuration of remote partners If the Automatic updates option is activated the profile for the remote partner will be downloaded from the registry automatically whenever it changes This is only the case however if the global setting to Enable automatic updates has been activated in the Profile Registry configuration
Communication Settings The communication settings specify the URI of Partnerrsquos Messenger Service for each of the supported communication protocols Enter the address to be used to access the partnerrsquos Messenger via the given protocol for example httppartnerserver8080pontonxpSoapListener
Ponton XP 23 ndash Installation and Configuration Guide 44
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 45
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Schema Sets The Schema Sets tab allows you to specify which schema sets are ldquoallowedrdquo for message exchange with this partner The actual set of schemas to be used can be specified individually in each partner agreement
On the Schema Sets tab you will see a list of the schema sets installed on your Messenger system Each entry in the list comprises the following elements
A checkbox for activatingdeactivating the given schema set The name of the schema set A numerical entry indicating the number of selecteddefined document types in the schema set ndash for example 810 means that there are 10 document types included in the schema set and 8 of them are currently activated A Details link that can be used to call up the document type configuration for the given schema set
To specify which of the document types contained in a schema set are to be used click on the Details link This calls up a window showing a list of the defined document types in the schema set You can use the checkboxes to activatedeactivate the individual document types The checkbox above the list (in the upper left corner) can be used as a select allselect none shortcut
Ponton XP 23 ndash Installation and Configuration Guide 46
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Note Please click the OK button after making any changes to the document type configuration and then be sure to click the Save button on the Schema Set tab Otherwise your changes will not be saved
Ponton XP 23 ndash Installation and Configuration Guide 47
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Processing Configuration The Validation Signing Compression Encryption options specify whether the relevant message processing methods are supported by the given partner
Partner Certificates For local partners you can go to the Request tab and fill in the certificate request form to obtain a certificate from the Ponton CA When you receive the certificate via e-mail copy and paste it into the text box on the ShowInstall tab You will need to enter the private key password (ie the password you entered when you filled in the certificate request) to confirm that this certificate is actually yours
To install a remote partnerrsquos certificate have the partner send you the certificate via e-mail and then cut and paste the certificate code into the relevant partner configuration Likewise you can share your certificate with your business partners by sending the certificate to them via e-mail and having them paste it into their partner configurations
Note It is important to cut and paste the complete certificate code including the lines ldquo----- Begin Certificate -----rdquo and ldquo----- End Certificate -----rdquo
Important A partner certificate will only be accepted after the certificate of the issuing CA (certificate authority) has been installed Otherwise the trust relationship between the partner and the CA cannot be traced The certificate for the Ponton CA is automatically included in the default installation For other certificate authorities you will need to obtain and install the relevant CA certificate
Ponton XP 23 ndash Installation and Configuration Guide 48
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 49
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Message Packaging The options on this page specify how the messages sent by this partner will be packaged for transmission and backend processing
The different settings specify whether the relevant packaging elements will be used by this partner For details on the specific settings please refer to the descriptions of packaging elements in the Partner Agreements section
Upload Partner Profile to Registry To upload the current partner configuration to the profile registry go to the Registry tab and click on Upload If the current partner configuration has not changed since it was last uploaded to the registry you will see a corresponding message
Please note that the Messenger has to establish a connection with the registry in order to compare the current partner configuration with the profile stored in the registry For this reason you may experience a short delay when you open the Registry tab
Ponton XP 23 ndash Installation and Configuration Guide 50
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Transport Certificates Transport certificates are used for SMIME connections
To install a transport certificate for a remote partner go to Configuration rarr Partners rarr Transport Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
To install a transport certificate for a local partner go to Configuration rarr Messenger rarr eMail rarr Certificate and select the intended SMIME connection from the URL list Then paste the certificate into the displayed text box
53 Partner Agreements
About Partner Agreements Partner agreements serve to specify the communication processing and other settings to be used when messages are exchanged between specific partners Each agreement applies to a given combination of a local and a remote partner The agreements define specific settings relating to the sending and the receipt of messages as well as global settings for both sending and receiving
When setting up a partner agreement it should be noted that the range of options available for selection is dependent on the options supported by the two partner configurations Only options that are activated in both partner configurations can be chosen as part of the partner agreement
Ponton XP 23 ndash Installation and Configuration Guide 51
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Messenger Partner ConfigurationInternal PartnerbdquoLondonTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 2031124133
Internal PartnerbdquoLondonTestldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 1772254215
Internal PartnerbdquoParisTradingldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 361172103
External PartnerbdquoStadtwerke XYZldquo- Use https- Use 30 Schemas- Encrypt Sign Compress- IP = 14421159172
External PartnerbdquoCentricaldquo- Use httphttpssmtpsmime
- Use 3031 Schemas- Encrypt Sign Compress- IP = 113742511
Internal PartnerbdquoTimbuktuTradingldquo- Use http- Use 31 Schemas- Encryption Signing- IP = 182144211
AgreementLTrXYZ-https 30- Signing Encr
AgreementLTrCentr-https 31- Signing Encr
AgreementLTstXYZ-https 30- Signing Encr
AgreementPtrTimbuktu-http- Signing Encr
Internal Partners External Partners
The settings in each partner agreement are based on how the two partners want to handle the communication packaging and processing of messages Each partner agreement implements a specific combination of settings according to the requirements of the given partners For details on what the individual settings mean and how they work please see the descriptions in the Par ner Configura ion section t t
t
Creating a Partner Agreement To create a new partner agreement go to Configuration rarr Agreements rarr CreateDelete Agreement From the list of Local and Remote Partners select your local partner and the intended remote partner for this new agreement Then click on Create New Agreement Note If an agreement already exists between the chosen partners you will get an error message In this case you can open the existing agreement by going to Configuration rarr Agreements rarr Agreements and selecting the two partners there For further details see Editing a Par ner Agreement below
Ponton XP 23 ndash Installation and Configuration Guide 52
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
This leads you to the agreement configuration page You can call up this page afterwards by going to Configuration rarr Agreements rarr Agreements and selecting the relevant partners at the top of the page or by clicking on an entry in the Agreements List (Configuration rarr Agreements rarr Agreements List)
Editing a Partner Agreement To display or edit the settings in an existing partner agreement go to Configuration rarr Agreements rarr Agreements From the list of Local and Remote Partners at the top of the screen select the local partner and remote partner the agreement applies to Then click the Outbound Inbound or Global radio button (in the upper right corner) to call up the respective settings for this agreement
Outbound ndash these settings apply to messages that the local partner sends to the remote partner Inbound ndash these settings apply to messages that the local partner receives from the remote partner Global ndash these settings apply to both outbound and inbound messages
The agreement settings for communication packaging processing etc are located on different tabs Most of the settings in an agreement configuration are based on options specified in the partner configurations For details on the different topics please refer to the Partner Configuration section
Ponton XP 23 ndash Installation and Configuration Guide 53
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Once again please note that you will only be able to select options that have been activated for both of the partners in question So if you and your communication partner have not specified a common set of options there will be no options to agree upon and the page will have no content In this case the settings in the partner configurations will need to be modified so that an agreement configuration is possible Please note however that the agreement has to be compatible on both sides so you will want to contact the partner in question to specify the options to be supported
Note If you subsequently change your partner configurations so that certain settings in the partner agreement are no longer applicable you will see a red X at the top of the agreement configuration screens and the relevant settings will be highlighted red Please deactivate any settings in the agreement that are not supported by both partners You can quickly check which settings are affected by going to the Messenger Status screen The Events list at the bottom of the screen will contain an entry for each of the ldquoconflicting settingsrdquo To call up the relevant configuration screen you can simply click on the error description
Note If you imported a partner configuration from the profile registry you will not be able to change your partnerrsquos configuration settings locally You will have to contact the relevant partner agree on a common set of configuration options and then uploadupdate each otherrsquos modified configurations via the profile registry
Ponton XP 23 ndash Installation and Configuration Guide 54
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Communication
Transport Protocol ndash specifies the transport protocol to be used for sending messages based on this agreement Retries Retry Interval ndash indicates how often and how long the Messenger will try to send a message until it receives an acknowledgement
Packaging
The ebXML Service ebXML ServiceType settings can be used to specify the ebXML service that handles the message For papiNet messaging ldquoTESTFLAGrdquo can be used as the service identifier (to automatically set the service to Test or Production) and ldquopapiNetrdquo can be used as the service type ebXML Action ndash This setting identifies a process within the specified ebXML Service For papiNet messaging ldquoMESSAGETYPErdquo can be used here to automatically set the action to the message type CPA Id ndash The CPA Id specifies the parameters governing the exchange of messages between the parties For papiNet messaging the following agreement can be used wwwpapiNetorgdataCPABasicHTTPxml
Processing
Validation ndash enables XML validation for incomingoutgoing messages Signing ndash specifies whether signing is to be used If activated you can select the signature algorithm ldquoSHA1withRSArdquo or ldquoMD5withRSArdquo Compression Type ndash specifies whether compression is to be used If activated you can select the compression type ldquoZlibrdquo or ldquoDeflatedrdquo The default value is ldquoZlibrdquo Encryption ndash It is recommended to encrypt messages to achieve secure messaging
Rules
The settings on this tab can be used to specify Content Rules for inbound and outbound messages based on the current partner agreement The Inbound Outbound radio buttons are used to display the settings for the respective message processing direction
For details on defining Content Rules please refer to the Content Rules section (see page 71)
Schema Sets
The Schema Sets tab allows you to specify which schema sets are to be used for message exchange based on the current partner agreement To access the Schema Sets tab open the relevant partner agreement and click the Global settings button
Ponton XP 23 ndash Installation and Configuration Guide 55
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Please note that the schema sets available for selection in a given partner agreement are dependent on the basic settings in your partner profiles for the two relevant partners In the above example the schema set for EFET3 x cannot be activated because one of the partner profiles does not support this schema set Please keep in mind however that this consistency check is local ie it applies to the partner profiles and agreements in your own Messenger configuration To ensure successful message exchange with your remote partners you will need to cross check the selected options (as well as your other configuration settings) with your partners
t
For further details please refer to Partner ConfigurationrarrSchema Se s
54 CA Certificates
Ponton XP uses trusted certificates to ensure the identity and authorization of partner configurations Ponton offers its own lightweight certification authority which can be used in connection with Ponton XP messaging This is the default CA in a standard Ponton XP installation and the Ponton CA certificate is automatically installed with the software If you want to use certificates issued by a 3rd party CA you will need to request and install the root certificate of the CA You will not be able to install partner certificates issued by a given CA until the CArsquos root certificate has been installed When you receive the CArsquos root certificate go to Configuration rarr Certificates rarr Install CA Cert and then copy and paste the certificate into the text field
Ponton XP 23 ndash Installation and Configuration Guide 56
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Ponton XP 23 ndash Installation and Configuration Guide 57
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
55 Hot Folder Adapter
General Configuration Address Port ndash the Hot Folder Adapter (HFA) is addressed as a separate process that communicates with the Messenger via HTTP Therefore the hostname and port number need to be set up for the Messenger If the HFA is co-located with the Messenger on the same machine use ldquolocalhostrdquo for the IP address In this case the HFA does not run as a separate Java process but will be hosted on the same Tomcat server
Path ndash the HFA needs to know the Adapter communication path of the Messenger By default it is pontonxpAdapterService
Console File Log Level ndash the HFA provides log output to the console and to log files Both can be configured regarding the level of detail The console log is only useful if the HFA is running as a standalone application so you can safely leave it disabled in the default configuration
Create Delete Hot Folder Several HFAs may be created The HFAs are created and deleted on the respective configuration pages under Configuration rarr Hot Folder Adapters rarr Create Hot Folder (or Delete Hot Folder)
Ponton XP 23 ndash Installation and Configuration Guide 58
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
Each HFA registers under a different ID with the Messenger HFAs may be created for individual partners ndash in this case messages exchanged with other partners will be stored and processed by means of the default HFA
Configure a HFA Each HFA requires several directories to be defined
Inbox ndash a document will be stored in the Inbox whenever it was received from a partner Outbox ndash documents to be sent to the business partner are dropped here The HFA grabs them in a defined frequency Failed ndash if a document could not be sent to a partner and all retries failed it will be stored in this folder Work ndash if a document transfer is in progress or all attempts to send the document have not yet been tried the document will remain here After a final failure it will be transferred to the Failed folder
Ponton XP 23 ndash Installation and Configuration Guide 59
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
The following settings are also supported
Port ndash the port to be used by the HFA (optional) Receiver format ndash standard format is XML Save Backend envelope ndash the Backend envelope is retained for incoming messages Support attachments ndash the HFA will save any files attached to an incoming message to the selected inbox folder Scan Interval ndash the interval to wait (in seconds) between checking the outbox Max number of parallel messages ndash specifies the maximum number of receiving threads the adapter can process simultaneously Use partner subfolders ndash if this is set this HFA will create inbox and outbox folders for the defined local and remote partners Inbound messages are automatically sorted into the according folder depending on the specified (local) receiver Outbound messages on the other hand have to be stored to the (remote) receiving partnerrsquos outbox folder Note Please note that no backend message is used in this mode and it is ignored if it exists Without partner subfolders the HFA folder structure looks like this
Ponton XP 23 ndash Installation and Configuration Guide 60
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
If you activate the partner subfolders option subfolders for each defined partner will be added to the inbox (local partners) and the outbox (remote partners)
Use ERP acknowledgement ndash with this option activated the ERP application receives an acknowledgement from the receiving Messenger on the partnerrsquos side This acknowledgement will be provided via the specified Inbox
Ponton XP 23 ndash Installation and Configuration Guide 61
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
56 Display Schema Configuration
The schema sets to be supported for each partner are defined in the partner configuration The standard sets available with the installation are shown under Configuration rarr Schemata
Ponton XP 23 ndash Installation and Configuration Guide 62
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Configuration Options
57 User Administration
Two types of users are distinguished
Administrators ndash these users have full access to the Messengerrsquos configuration interface Operators ndash these users only have access to the Adapter Monitor the Message Monitor and the Test Adapter The options in the configuration menu are not available
Please note the following points in connection with the Messengerrsquos standard user administration
This is a very simple user administration based on the Tomcat implementation If you want to integrate the Messenger with another user administration such as LDAP please contact Ponton Consulting for support A userrsquos access rights (administratoroperator) are defined when the user account is created ndash they cannot be changed subsequently User accounts can only be created or deleted by administrators
Ponton XP 23 ndash Installation and Configuration Guide 63
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
6 Advanced Configuration
61 XML Schema Configuration
Important The Messenger distinguishes between available schema sets and activated schema sets Just inserting entries in the schema configuration as described in this section does not activate the schema sets or the corresponding schemas for use by the Messenger In order to make use of the schemas in a schema set you have to activate the schema set in the relevant partner configuration To view or modify the activated schema sets in a partner configuration go to
Configuration rarr Partners rarr ltpartner namegt rarr Processing
and activatedeactivate the relevant checkboxes
In the Messengerrsquos configuration interface you can activate and deactivate schema sets for specific partner configurations It is not possible however to modify the contents and specifications of the individual schema sets Any necessary changes have to be made in the configuration file
[installation root]xmlpipewebrootWEB-INFconfigschemataxml
The configuration entries in this file are structured as follows
ltSchemaSet Name=papinet21gt
ltSchemaName=httpwwwpapinetorgdataAvailabilityV2R10xsd MessageType=Availability MessageVersion=V2R10gt ltNamespacegtltNamespacegt ltDisplayNamegtAvailability 21ltDisplayNamegt ltSchemaFilegtAvailabilityV2R10xsdltSchemaFilegt ltXSLFilegtltXSLFilegt ltSchemagt ltSchema Name=yourSchema MessageType=yourMsgType MessageVersion=yourMsgVersgt ltNamespacegtyourNamespaceltNamespacegt ltDisplayNamegtYour Display NameltDisplayNamegt ltSchemaFilegtyourSchemaFileltSchemaFilegt ltXSLFilegtyourStylesheetltXSLFilegt ltSchemagt hellip ltSchemaFoldergtpapinet210ltSchemaFoldergt ltXSLFoldergtpapinet210ltXSLFoldergt ltSchemaSetgt
Ponton XP 23 ndash Installation and Configuration Guide 64
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
You can add a schema to an existing schema set in this file by inserting a ltSchemagt block (just copy and paste one of the existing blocks and modify the configuration as required) Please ensure that your new schema specification includes correct settings for the attributes of the Schema element
Name= This attribute corresponds with the ebXML Schema Location of incoming messages When an ebXML message is received the Messenger looks for a schema configuration where the Schema Name attribute matches the Schema Location specified in the ebXML envelope
MessageType= This attribute corresponds with the attribute MessageMetaDataDocumentInfoMessageName in the backend envelope of outgoing messages
MessageVersion= This attribute corresponds with the element MessageMe aDataDocumentInfoDTDVersionNumber in the backend envelope of outgoing messages
t
Note The specification of MessageType and MessageVersion must be used together for outgoing messages as they are combined to form an identifier for the message schema
You also have the option of adding a new schema set with your own schema definitions to the schema configuration In this case you would insert a ltSchemaSetgt block with subordinate ltSchemagt blocks Your added schema set will automatically be inserted in the list of available schema sets on the Messenger configuration pages
62 Advanced Database Configuration
Important Since the Messenger database is used for essential message processing and tracking purposes you should not experiment with the database configuration on a ldquoliverdquo system For test and debugging purposes you are advised to set up a trial system
Installation with other Databases This section describes the main steps required to install a different database system on the Messenger for example an Oracle database
1 Install database driver Copy the database driver to
[installation root]xmlpipewebrootWEB-INFlib
Note Please note that only drivers with the extension jar are loaded by the Tomcat servlet engine If the JDBC driver you want to use is a zip file you will have to rename the file to jar The JDBC driver for Oracle 9i is the file ojdbc14jar
2 Create database and tables Ponton XP is supplied with SQL scripts for HSQL and for Oracle that can be used to create the tables for the Messenger database
Ponton XP 23 ndash Installation and Configuration Guide 65
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
If you are using another database you may need to modify these scripts to work correctly with your database system
The SQL scripts are located in the subfolders under [installation root]sql
Once the database tables are in place you will also need to carry out the SQL script that inserts the log messages into the database ie
[installation root]sqlinsert_log_messagessql
3 Set up database connection The configuration of database connections is described in the Messenger Database section beginning on page 26 To connect with a different database choose ldquootherrdquo from the list of database drivers and enter the configuration for your database on the next page
The entries for the Oracle 9i JDBC driver are
Driver oraclejdbcdriverOracleDriver
URL jdbcoraclethinlthostgtltportgtltdatabasegt
63 Advanced Message Monitor Configuration
In the configuration directory ldquoxmlpipewebrootWEB-INFconfigrdquo there is a file messagemonitorxml which can be used to change the selection and ordering of the Message overview window in the Message Monitor The default setting is displayed in the following picture
Here the number of line items per page can be set If a high resolution screen is used (beyond 1024 x 768 pixel) one may increase the number of lines
Ponton XP 23 ndash Installation and Configuration Guide 66
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
Further a mapping table defines which database column is to be displayed in which monitor column The number of columns again depends on the screen resolution
Finally if main memory size allows caching of XSL stylesheet definitions helps accelerating processing speed for XSL transformations
64 Distributed Installation
If the Messenger is installed on a server that cannot be reached from the Internet you will need to install the Listener as well The purpose of the Listener is to pick up incoming connections and forward them to the Messenger (across the firewall) The firewall rules must be set up to allow this connection between the Listener and the Messenger When a message is received the Listener notifies the Messenger and the Messenger then picks up the message
You also have the option of subsequently installing the Listener as a service under Windows ndash this service can then be configured to start automatically when the system starts up
Note If you are going to run the Messenger in combination with the Listener your partners will have to enter the URI of your Listener in their configurations (under Configuration rarr Partners rarr ltpartner namegt rarr URI of Partners Messenger Service)
Listener Installation and Configuration
The Listener is installed by running the installer program (eg PontonXP-23-setup-listener-windowsexe) on the relevant system You are asked to specify an installation folder and also have the option of creating a desktop or menu shortcut Thatrsquos it
The settings for the Listener are contained in the configuration file listenerproperties which is located in the folder [Listener root folder]config To modify these settings you will have to edit the configuration file directly Access via the Messengerrsquos configuration interface is not possible
The file contains the following settings
HttpPort = Port number (for external HTTP connections)
HttpsPort = Port number (for external HTTPS connections)
LogLevel = DEBUG | INFO | WARN | ERROR | FATAL | OFF
The following settings specify the host and port of the Messenger for forwarding connections (HTTPHTTPS) The forwarding connection mode is activated by entering the relevant host and port addresses (of the Messenger server) and removing the hash marks ()
HttpServer = messenger_hosthttp_port (HTTP forwarding connection)
HttpsServer = messenger_hosthttps_port (HTTPS forwarding connection)
Note Hash marks are used to designate ldquocomment linesrdquo in Java property files Thus you can deactivate a given setting by adding a hash mark or activate the setting by removing the hash mark
Ponton XP 23 ndash Installation and Configuration Guide 67
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
The following settings specify the Listenerrsquos port for callback connections (HTTPHTTPS) with the Messenger As with the forwarding connection the callback connection mode is activated by entering the relevant port addresses and removing the hash marks (Obviously it makes no sense to have both connections activated at the same time)
HttpServicePort = Port number (for internal HTTP connections to the Listener)
HttpsServicePort = Port number (for internal HTTPS connections to the Listener)
Starting the Listener
To start the Listener open a command prompt and start the class
depontonconsultingxmlpipeListener with the classpath
-cp libcommons-logging-api-103jarlibcommonutilsjarlibxp_listenerjarconfig
You can also use the installed batch file [Listener root folder]startListenerbat
Callback Mode
Details of the communication flow
When the Messenger starts up it searches for the Listener Note The Listener should start up first so that it can be found by the Messenger If the search is successful a permanent connection is established between the Messenger and the Listener The Messenger uses the following settings in the configuration to establish the connection with the Listener Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Hostname Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Listener Port
Ponton XP 23 ndash Installation and Configuration Guide 68
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
When the Listener receives an incoming message (or rather an HTTPHTTPS request) it informs the Messenger ndash by way of the permanent connection ndash about the arrival of the new request indicating which port the Messenger can use to pick up the connection Note This port number is randomly selected by the Listener and cannot be configured The Messenger picks up the connection on the Listenerrsquos specified port and redirects it to its own local port for further processing This local port corresponds to the setting for Configuration rarr Messenger rarr Listener rarr HTTP[S] rarr Internal Messenger Port in the configuration GUI
Forwarding Mode
Details of the communication flow
In forwarding mode no permanent connection is established between the Messenger and the Listener When the Listener receives an incoming HTTPHTTPS request it simply forwards the request to the Messenger using the address specified in listenerproperties (HttpServerHttpsServer) Note To allow this forwarding connection the firewall has to be configured so that the Listener is permitted to access the Messenger on the specified port(s)
Ponton XP 23 ndash Installation and Configuration Guide 69
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
65 Access to the Administration Tool
This section describes how to configure the Ponton XP system so that access to the Messenger administration tool (or other components) restricted based on IP addresses
By default only the HttpListener and the SoapListener are open to anyone All other components are restricted to only local and private IP addresses If you try to access any of these components from a non authorized IP address you will get an Error 403 ndash Access denied
The authorized IPs are by default
127001
19216800 ndash 192168255255
10000-10255255255
1721600-17216255255
16925400-169254255255
Note Clearly access restrictions to your Messenger system may also be defined by means of appropriate firewall settings
Within the Ponton XPTomcat configuration access is defined by means of so-called security valves any number of which may be specified These security valves can restrict access from certain addressesaddress spaces or to specific components of the Ponton XP system such as the Messenger the Listener the administration tool the adapter interface etc
The relevant access settings are specified in the Tomcat configuration file
[installation root]tomcat-4127confserverxml
as follows
By default you will see the following line at the end of the serverxml
ltValve className=depontonconsultingtomcatSecurityValve allow=1270011921681017216 169254 pattern=pontonxpprivatepontonxpindex pontonxpMesshellip gt
This will restrict the access to Admintool and Adapter-Service to just private IP networks The values for allowed IPs and the URI patterns are regular expressions for maximum flexibility These expressions have to be separated by commas
Characters in regular expressions have the following meaning
ndash any character will match
Ponton XP 23 ndash Installation and Configuration Guide 70
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
ndash escape character that causes the following character to be treated just as a regular character
ndash the previous character can exist many times
Example 192168 will cover IPs 19216800 to 192168255255
An unlimited number of SecurityValve definitions can be defined They will be used in the order they appear in the configuration
On each access to the webserver it will check all the SecurityValves if the requested URL matches the pattern of a definition If that is the case then the IP will be checked
All the definitions that have a matching pattern will be considered to the access check If just one of them denies the IP then the check is stopped and the request is denied
66 Content Rules
You can define special rules that determine how messages will be processed based on specified content (within the message or the envelope) The content rules are defined specifically for each partner agreement
To create a new content rule go to Configuration rarr Agreements and choose the agreement you want to modify (ie the relevant local and remote partner) Then open the Rules tab and click on Create New Rule
Ponton XP 23 ndash Installation and Configuration Guide 71
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
The basic definition of a content rule includes
t
t
XPath ndash this setting specifies the element or attribute to be checked for a given value or value range Operator ndash the operator used for comparing values Value ndash the value to be checked
In addition to the specification of an element or attribute within the document it is also possible to use the following reference keys in the XPath field to specify the associated message information
MessageType ndash The Message Type as specified in the document schema Note The available message types are displayed in the Message Monitor in the Message Type list MessageVersion ndash This field identifies the schema version The relevant version IDs can be found in the schema set definition files located under [installation root]xmlpipewebrootWEB-INFconfigSchemata TestFlag ndash This flag is set to TRUE for test messages otherwise it is FALSE LogInfo ndash This field may contain remarks or any other text The contents are displayed in the Message Monitor
For outgoing messages ndash based on the given agreement ndash the content rule simply serves to trigger a log entry andor an e-mail notification For incoming messages the content rule can also be used to determine which Adapter is used for message processing
The action to be taken is based on the Action setting
Action ndash you can select one of the following actions Flag EMailNotification ChangeDes inationAdapter (for incoming messages only)
Depending on the selected action different settings are required
For EMailNotification ndash specify the receiverrsquos e-mail address as well as any subject elements to be used For details on defining subject elements see the E-mail Notification section (beginning on page 34) For ChangeDestinationAdapter ndash choose the adapter to be used for message processing The Value field contains a list of the available adapters
Note The use of SenderId or ReceiverId as filter criteria is no longer supported since these are already specified as the local and remote partners of the relevant agreement In other words con ent rules are always sender and receiver specific
67 Port Configuration
The Messengerrsquos standard configuration uses port 8080 for HTTP connections and port 8443 for secure (HTTPS) connections This section describes how to set up the messenger to use a non-standard port configuration This involves making manual changes to several configuration files in particular the Tomcat serverxml and the Messengerrsquos adapter configuration files
Ponton XP 23 ndash Installation and Configuration Guide 72
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73
Advanced Configuration
Tomcat Settings The port setting for the Messengerrsquos HTTP and HTTPS connections are specified in the Tomcat configuration file
[installation root]tomcat-xxxconfserverxml
This file defines the connections (Connectors) for the Messenger as follows
lt-- Define a non-SSL Coyote HTTP11 Connector on port 8080 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourMessengerPort minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=yourRedirectPort acceptCount=100 debug=0 connectionTimeout=20000 useURIValidationHack=false disableUploadTimeout=true gt lt-- Define a SSL Coyote HTTP11 Connector on port 8443 --gt ltConnector className=orgapachecoyotetomcat4CoyoteConnector port=yourSSLPort minProcessors=5 maxProcessors=75 enableLookups=true acceptCount=100 debug=0 scheme=https secure=true useURIValidationHack=false disableUploadTimeout=truegt ltFactory className=orgapachecoyotetomcat4CoyoteServerSocketFactory clientAuth=false keystoreFile=ssl-keystore protocol=TLS gt ltConnectorgt
The standard settings for the Messenger ports are
HTTP 8080
SSL 8443
To modify your connections you will need to enter the relevant port numbers indicated above as yourMessengerPort yourRedirectPort (which normally points to the SSL connection) and yourSSLPort
Adapter Settings The settings for the Messenger adapters are contained in the relevant XML files under
[installation root]xmlpipewebrootWEB-INFconfig
In particular a standard installation includes the files testadap erxml and hotfolderxml Each of these configuration files contains a block specifying the connection to the messenger
t
ltMessengergt ltAddressgtyourMessengerHostltAddressgt ltPortNumbergtyourMessengerPortltPortNumbergt ltPathgthellipltPathgt ltMessengergt
If you have configured the Messenger to run on a different port (see above) you will need to enter the relevant port number here
Ponton XP 23 ndash Installation and Configuration Guide 73