AS2Receiver Bean
Properties Methods Events Configuration Settings Errors
The AS2Receiver component is used to process EDI messages and generate receipts.
Syntax
InEDI.As2receiver
Remarks
The AS2Receiver implements server-side processing of EDI messages, as specified in [AS2] and RFC 3335. It can be used to decrypt and verify incoming messages and to generate receipts including Message Disposition Notifications (MDNs). The bean is designed to be easily incorporated into an HTTP server, and features custom functionality for server environments such as ASP.NET.
BASIC OPERATION
When an AS2 request comes in, you should first invoke ReadRequest. This will populate AS2From and AS2To, and based on this information, you may then set the appropriate certificates. You may specify your certificate with the Certificate property, and your trading partner's (signing) certificate with the SignerCert property.
Then, invoke ProcessRequest to process the request and generate the MDN receipt as specified in [AS2] and RFC 3335. If the request was processed successfully, EDIData will contain the transmitted EDI data. If a problem occurred, EDIData will not be populated and an exception will be thrown. In either case MDNReceipt will contain the RFC-compliant receipt, which should be returned to the client.
The MDNReceipt may be returned by invoking SendResponse. The receipt will be returned either synchronously in the HTTP reply, or asynchronously over a separate HTTP, HTTPS, or SMTP connection, as requested by the client.
To create log files, set LogDirectory prior to invoking ProcessRequest. This will log all incoming and outgoing data.
The following example illustrates how to use the bean from an ASP.NET page. Note that in Java it will be necessary to provide an HTTPServletRequest as an argument to ReadRequest before processing the request.
EXAMPLE
AS2Receiver1.ReadRequest();
// At this point, you should check the values of AS2From and AS2To.
AS2Receiver1.Certificate = new Certificate(CertStoreTypes.cstPFXFile, "c:\\my_server_directory\\my_pfx_file.pfx", "my password", "CN=Me");
AS2Receiver1.SignerCert = new Certificate("c:\\my_server_directory\\my_partner_cer_file.cer");
AS2Receiver1.LogDirectory = "c:\\my_server_directory\\my_log_directory";
AS2Receiver1.ProcessRequest();
AS2Receiver1.SendResponse();
Additional functionality allows the user to examine details of the client's request, to permit certain types of errors, or to customize the outgoing MDN.
ADVANCED FUNCTIONALITY
Advanced functionality is provided to allow the user to break down the AS2 process, and to allow finer control over the operation of the server. Where ProcessRequest automates the entire process, additional methods are also provided to handle each step separately.
Parsing Incoming Data
To process an EDI message, invoke ReadRequest to process the headers from the server, or alternatively, manually set Request to the contents of the HTTP request. It may contain both headers and body, or the headers may be specified separately in RequestHeaders. This will provide more information about the client's request, without attempting to read the underlying EDI data.
After invoking ReadRequest, the AS2From, AS2To, and MessageId properties will contain the appropriate values. MDNTo will contain a nonempty string if an MDN is requested; RequestedSignatureProtocol, RequestedMICAlgorithms, and ReceiptDeliveryOption provide more information about the client's request. Finally, RequestHeaders contains the complete list of HTTP/AS2 headers.
Next, invoke ParseRequest. The certificate used to decrypt and sign should be specified with the Certificate property, and your partner's signing certificate should be specified with SignerCert. This will process the headers, decompress and/or decrypt the message (if applicable), and verify the signature (if present). EncryptionType, SignatureType, and CompressionFormat describe whether and how the data was encrypted, signed, and compressed, respectively.
ParseRequest will populate EDIType and Data.
Error Handling
If any errors occur an exception will be thrown and EDIData will not be populated. Information about the exception will be provided through the exception's error code and message and also through ScanResult. An MDN receipt reporting the error may still be generated; it is recommended that server software trap the error and invoke CreateMDNReceipt to report the error to the client.
The ErrorProcessingFlags property may be configured to allow predetermined types of errors. If ErrorProcessingFlags is set when ParseRequest (or ProcessRequest) is invoked, the errors specified will be allowed, an exception will not be thrown, and EDIData will still be determined. However, ScanResult will still report the error, as will the receipt generated by CreateMDNReceipt. To avoid reporting the errors in the receipt, set the ErrorReportingFlags property.
Creating an MDN-based Receipt
An MDN-based receipt may be created by invoking CreateMDNReceipt. Regardless of the success or failure of ProcessRequest, the receipt may be created as specified in RFCs 3335 and 2298. If no errors occurred when ProcessRequest was invoked, the receipt will report success and will be suitable for non-repudiation of receipt (NRR) if signed. If errors occurred, the MDN will report that an error occurred and that the EDI data was not processed. It is strongly recommended that server software trap any errors thrown by ProcessRequest and return the receipt in this case as well.
The MDNReceipt will consist of the MDN itself, a human-readable message, MIME headers and footers, and a signature if applicable. The receipt may be generated by invoking CreateMDNReceipt and customized further by setting the parameters to CreateMDNReceipt.
The Message parameter to CreateMDNReceipt may be used to customize the human-readable message in the receipt. If it is set to an empty string, an appropriate message will automatically be written whenever MDNReceipt is regenerated.
The receipt will be signed using the protocol specified by ReceiptSigningProtocol, if any. The certificate used to sign the receipt is specified by Certificate. By default the receipt will be signed if explicitly requested by the client, and unsigned otherwise.
Error reporting may be controlled by configuring ErrorReportingFlags. By default, any errors will cause MDNReceipt to report a failure to process the message (either "failed/Failure" or "processed/Error" will be reported, according to the specification and the type of error). Setting ErrorReportingFlags will cause the MDNReceipt to overlook the chosen types of errors. If all errors are overlooked, the MDNReceipt will report success and calculate a MIC on the original message as usual. A warning may be reported by setting the MDNWarning configuration setting.
Additional Server-Side Functionality
When used in a server environment such as ASP.NET, the bean may be used to interface directly with the underlying HTTP context. If Request is not set by the user, ParseRequest and ProcessRequest will first get the request from the underlying HTTP environment, if possible. SendResponse will send the reply in this environment if able; otherwise the reply will be directed to standard out.
ASP.NET Core Notes
The bean may be used within any .NET Standard compatible platform, including .NET Core and ASP.NET Core. When using AS2Receiver within an ASP.NET Core MVC application the bean can be configured to automatically read from the request context, and send using the response context. To do so pass the HttpContext to the constructor of the AS2Receiver class. For instance:
//Inside HomeController.cs
As2receiver as2 = new As2receiver(HttpContext);
Property List
The following is the full list of the properties of the bean with short descriptions. Click on the links for further details.
| AS2From | The AS2 Identifier of the sending system. |
| AS2To | The AS2 Identifier of the receiving system. |
| Attachments | Collection of files attached to the current message. |
| CEMDetails | A collection of Certificate Exchange Messaging (CEM) details. |
| Certificate | The decryption and receipt signing certificate. |
| CompressionFormat | The compression format used on the incoming message. |
| EDIData | The EDI data sent in Request . |
| Firewall | A set of properties related to firewall access. |
| IncomingDirectory | The directory to be used to store incoming messages. |
| LocalHost | The name of the local host or user-assigned IP interface through which connections are initiated or accepted. |
| LogDirectory | The path to a directory for logging. |
| LogFile | The log file written. |
| MDNReceipt | The MDN-based receipt generated by the component. |
| MDNTo | The recipient for the Message Disposition Notification (MDN). |
| MessageId | The message ID of the incoming message. |
| ReceiptDeliveryOption | A URL indicating how the receipt is to be delivered. |
| Request | The HTTP request to be processed. |
| RequestHeaders | The HTTP headers in the AS2 request. |
| RequestHeadersString | The HTTP headers in the AS2 request. |
| RestartDirectory | The directory to log cached files when using AS2 restart functionality. |
| RolloverCertificate | The rollover decryption and receipt signing certificate. |
| ScanResult | The result of invoking ParseRequest . |
| SignerCert | Your trading partner's certificate. |
| SSLAcceptServerCert | For sending HTTPS asynchronous MDNs, a server certificate to unconditionally accept. |
| SSLCert | The certificate used for client authentication. |
Method List
The following is the full list of the methods of the bean with short descriptions. Click on the links for further details.
| ackRequest | Optional. Acknowledges the incoming request. |
| config | Sets or retrieves a configuration setting . |
| createMDNReceipt | Creates MDNReceipt . |
| parseRequest | Parses the EDI message and determines the EDIData . |
| processRequest | Processes the EDI data, and generates the receipt. |
| processRestartRequest | Processes the AS2 restart request, and sends a response to the client. |
| readRequest | Reads the AS2 request from the HTTP session. |
| reset | Resets the state of the control. |
| sendAsyncMDN | Sends the MDNReceipt to the RemoteURL specified. |
| sendResponse | In a server environment, responds to the requesting client with MDNReceipt . |
| setRequestStream | Sets the stream from which the component will read the AS2 request. |
| setTPInfo | A convenient way to set AS2 communication parameters using XML strings. |
Event List
The following is the full list of the events fired by the bean with short descriptions. Click on the links for further details.
| CEMRequest | Fired when a Certificate Exchange Messaging (CEM) request is received. |
| CEMResponse | Fired when a Certificate Exchange Messaging (CEM) response is received. |
| EDIDataInfo | Fired when processing an incoming message. |
| Error | Information about errors during data delivery. |
| Log | Fires with log information during processing. |
| RecipientInfo | Fired for each recipient certificate of the encrypted message. |
| SignerCertInfo | Fired during verification of the signed message. |
| SSLServerAuthentication | For asynchronous HTTPS MDNs, fired after the server presents its certificate. |
| SSLStatus | Shows the progress of the secure connection. |
Configuration Settings
The following is a list of configuration settings for the bean with short descriptions. Click on the links for further details.
| AcceptAnySignerCert | Used to accept trust any signing certificate unconditionally. |
| AlternateCharsetNames | Maps alternate charset names to the specified name. |
| AS2VersionIncoming | The version of AS2 that was used in the incoming message. |
| AS2VersionOutgoing | The version of AS2 to be used in the outgoing message. |
| CEMCertDir | Specifies the directory where certificates are saved when receiving a CEM request. |
| OverwriteCEMCerts | Whether existing CEM certificates are overwritten when a duplicate is received. |
| CloseStreamAfterProcessing | Specifies whether or not the OutputStream should be closed after processing. |
| DecodeTempDirectory | The temp directory the component will use to decode messages. |
| DetectDuplicates | Whether to detect duplicate messages. |
| EncryptionAlgorithm | The encryption algorithm used to encrypt the incoming data. |
| EncryptionType | The MIME type of the encrypted data. |
| EncryptionPaddingScheme | The encryption padding scheme used when encrypting the incoming data. |
| ErrorProcessingFlags | Flags controlling how errors affect ProcessRequest. |
| ErrorReportingFlags | Flags controlling how errors affect the MDNReceipt. |
| FilenameSource | The location from which to read the filename. |
| InvalidFilenameMDNAction | Instructs MDN disposition on invalid and duplicate filenames. |
| LogOptions | The information to be written to log files. |
| MaxParts | The maximum number of MIME parts to process. |
| MDNMICAlgorithm | The algorithm used to sign the outgoing MDN. |
| MDNDisposition | Overrides the automatically calculated MDN disposition. |
| MDNReportingUA | The name of the user agent performing the disposition. |
| MDNSendingMode | The level of end user interaction involved in sending the MDN. |
| MDNWarning | A warning to appear in the MDN. |
| ProcessChunkedEncoding | Whether the component will process chunked-encoding. |
| ProcessingError | A processing error occurred in the received EDI message. |
| ProxyAuthorization | The authorization string to be sent to the proxy server. |
| ProxyPassword | A password if Basic authentication is to be used for the proxy. |
| ProxyPort | Port for the proxy server (default 80). |
| ProxyServer | Name or IP address of a proxy server (optional). |
| ProxyUser | A user name if Basic authentication is to be used for the proxy. |
| ReceiptSigningProtocol | The protocol used to sign the outgoing MDN receipt. |
| RequestFile | Reads the AS2 message from disk. |
| RequestedMICAlgorithms | The Message Integrity Check algorithm(s) requested by the client, if any. |
| RequestedSignatureProtocol | The signing protocol requested by the client, if any. |
| RequireAS2To | Ensure that the received message is intended for the given AS2 identifier. |
| RequireEncrypt | Ensure that the received message is encrypted. |
| RequireSign | Ensure that the received message is signed. |
| RequirePSS | Ensure that the signature scheme in the received message is RSASSA-PSS. |
| RequireOAEP | Ensure that the encryption padding mode is RSAES-OAEP. |
| ResponseSubject | The subject to be used for the MDN response. |
| SenderSignatureAlgorithm | The algorithm used by the sender to sign the message. |
| SenderSignatureScheme | The signature scheme used by the sender to sign the message. |
| SignatureType | The MIME type of the signature (if any). |
| SignerCACert | CA certificate used to verify signed messages. |
| SMTPFrom | The email address of the sender of the message. |
| SMTPServer | The SMTP server to be used. |
| WarnOnMDNFailure | Whether to log a .wrn file instead of a .err file when MDN delivery fails. |
| LogDebug | Whether to log debug data. |
| NormalizeMIC | Whether to normalize line endings before calculating the MIC. |
| UsePSS | Whether to use RSA-PSS when signing. |
| AuthScheme | The authorization scheme to be used when server authorization is to be performed. |
| Authorization | The Authorization string to be sent to the server. |
| User | A user name if authentication is to be used. |
| Password | A password if authentication is to be used. |
| LogFilename | The base name of the log file. |
| AcceptEncoding | Used to tell the server which types of content encodings the client supports. |
| AllowHTTPCompression | This property enables HTTP compression for receiving data. |
| AllowHTTPFallback | Whether HTTP/2 connections are permitted to fallback to HTTP/1.1. |
| AllowNTLMFallback | Whether to allow fallback from Negotiate to NTLM when authenticating. |
| Append | Whether to append data to LocalFile. |
| Authorization | The Authorization string to be sent to the server. |
| BytesTransferred | Contains the number of bytes transferred in the response data. |
| EncodeURL | If set to true the URL will be encoded by the component. |
| FollowRedirects | Determines what happens when the server issues a redirect. |
| GetOn302Redirect | If set to true the component will perform a GET on the new location. |
| HTTPVersion | The version of HTTP used by the component. |
| HTTP2HeadersWithoutIndexing | HTTP2 headers that should not update the dynamic header table with incremental indexing. |
| IfModifiedSince | A date determining the maximum age of the desired document. |
| KeepAlive | Determines whether the HTTP connection is closed after completion of the request. |
| LogLevel | The level of detail that is logged. |
| MaxHeaders | Instructs component to save the amount of headers specified that are returned by the server after a Header event has been fired. |
| MaxHTTPCookies | Instructs component to save the amount of cookies specified that are returned by the server when a SetCookie event is fired. |
| MaxRedirectAttempts | Limits the number of redirects that are followed in a request. |
| NegotiatedHTTPVersion | The negotiated HTTP version. |
| OtherHeaders | Other headers as determined by the user (optional). |
| ProxyAuthorization | The authorization string to be sent to the proxy server. |
| ProxyAuthScheme | The authorization scheme to be used for the proxy. |
| ProxyPassword | A password if authentication is to be used for the proxy. |
| ProxyPort | Port for the proxy server (default 80). |
| ProxyServer | Name or IP address of a proxy server (optional). |
| ProxyUser | A user name if authentication is to be used for the proxy. |
| TransferredData | The contents of the last response from the server. |
| TransferredDataLimit | The maximum number of incoming bytes to be stored by the component. |
| TransferredHeaders | The full set of headers as received from the server. |
| UseChunkedEncoding | Enables or Disables HTTP chunked encoding for transfers. |
| ChunkSize | Specifies the chunk size in bytes when using chunked encoding. |
| UsePlatformHTTPClient | Whether or not to use the platform HTTP client. |
| UserAgent | Information about the user agent (browser). |
| KerberosSPN | The Service Principal Name for the Kerberos Domain Controller. |
| ConnectionTimeout | Sets a separate timeout value for establishing a connection. |
| FirewallAutoDetect | Tells the component whether or not to automatically detect and use firewall system settings, if available. |
| FirewallHost | Name or IP address of firewall (optional). |
| FirewallListener | If true, the component binds to a SOCKS firewall as a server (IPPort only). |
| FirewallPassword | Password to be used if authentication is to be used when connecting through the firewall. |
| FirewallPort | The TCP port for the FirewallHost;. |
| FirewallType | Determines the type of firewall to connect through. |
| FirewallUser | A user name if authentication is to be used connecting through a firewall. |
| KeepAliveTime | The inactivity time in milliseconds before a TCP keep-alive packet is sent. |
| KeepAliveInterval | The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received. |
| Linger | When set to True, connections are terminated gracefully. |
| LingerTime | Time in seconds to have the connection linger. |
| LocalHost | The name of the local host through which connections are initiated or accepted. |
| LocalPort | The port in the local host where the component binds. |
| MaxLineLength | The maximum amount of data to accumulate when no EOL is found. |
| MaxTransferRate | The transfer rate limit in bytes per second. |
| ProxyExceptionsList | A semicolon separated list of hosts and IPs to bypass when using a proxy. |
| TCPKeepAlive | Determines whether or not the keep alive socket option is enabled. |
| UseIPv6 | Whether to use IPv6. |
| UseNTLMv2 | Whether to use NTLM V2. |
| CloseStreamAfterTransfer | If true, the component will close the upload or download stream after the transfer. |
| TcpNoDelay | Whether or not to delay when sending packets. |
| LogSSLPackets | Controls whether SSL packets are logged when using the internal security API. |
| ReuseSSLSession | Determines if the SSL session is reused. |
| SSLCipherStrength | The minimum cipher strength used for bulk encryption. |
| SSLEnabledProtocols | Used to enable/disable the supported security protocols. |
| SSLIncludeCertChain | Whether the entire certificate chain is included in the SSLServerAuthentication event. |
| SSLProvider | The name of the security provider to use. |
| SSLSecurityFlags | Flags that control certificate verification. |
| SSLCACerts | A newline separated list of CA certificate to use during SSL client authentication. |
| SSLContextProtocol | The protocol used when getting an SSLContext instance. |
| SSLTrustManagerFactoryAlgorithm | The algorithm to be used to create a TrustManager through TrustManagerFactory. |
| SSLEnabledCipherSuites | The cipher suite to be used in an SSL negotiation. |
| TLS12SignatureAlgorithms | Defines the allowed TLS 1.2 signature algorithms when UseInternalSecurityAPI is True. |
| TLS12SupportedGroups | The supported groups for ECC. |
| TLS13KeyShareGroups | The groups for which to pregenerate key shares. |
| TLS13SupportedGroups | The supported groups for (EC)DHE key exchange. |
| TLS13SignatureAlgorithms | The allowed certificate signature algorithms. |
| AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
| FirewallData | Used to send extra data to the firewall. |
| InBufferSize | The size in bytes of the incoming queue of the socket. |
| OutBufferSize | The size in bytes of the outgoing queue of the socket. |
| GUIAvailable | Tells the component whether or not a message loop is available for processing events. |
| UseDaemonThreads | Whether threads created by the component are daemon threads. |
| UseInternalSecurityAPI | Tells the component whether or not to use the system security libraries or an internal implementation. |