I am delighted to communicate my enthusiasm regarding the proposed measure to enhance the security of the payroll envelope mail that is slated for transmission within the Human Resources (HR) module. This enhancement involves the implementation of encryption to fortify the confidentiality and integrity of the sensitive information contained in the payroll documentation.
I have employed a third-party tool supplied by ‘VeryPDF‘ to implement PDF encryption with a password.
Specifically, the ‘Encrypt PDF Command Line‘ tool from VeryPDF facilitates the encryption of PDFs with a password through the Windows Command Prompt. We can easily trigger that tool from SAP. It is noteworthy that a trial version is available for testing purposes.
You may refer to the help file within the trial version of VeryPDF for comprehensive guidance and information. The assistance provided in the help file will offer insights into the features and functionalities of the trial version of VeryPDF
‘ Encrypt PDF software is a very flexible and powerful program, Encrypt PDF software allows you to encrypt
(using standard 40-bit or 128-bit supported by Acrobat Reader 5.0 and up) existing PDFs, set permissions,
add user and owner password. For example you can encrypt a PDF without to allow to print it. The button to
print the file will be disabled in Acrobat Reader application, you also can encrypt a PDF allowing the user
to read it only if he know the correct password. ‘
EncryptPDF -i c:\sample.pdf -o c:\out.pdf -w owner -u user -l c:\out.log
EncryptPDF -i c:\sample.pdf -w owner -u user -e 40 -p
EncryptPDF -i c:\sample.pdf -w owner -u user -e 40 -k -828
EncryptPDF -i c:\pdfdir\ -o d:\ -w owner -p -c -m -l c:\error.log
‘
It is imperative to note that, prior to executing the external operating system command, the source PDF file, intended for encryption, must be meticulously created within the designated working directory.
We employ a comparable procedure for encrypting PDF documents. SAP offers the capability to execute external operating system commands either in the front end or in the background. The configuration of external commands can be accomplished using the transaction SM69.
Additionally, it is recommended to conduct a test to verify the feasibility of encryption through the command system. This will allow you to confirm the accuracy of your designated file path.
I have utilized the function module ‘SXPG_COMMAND_EXECUTE’ to execute the pre-configured external operating system command. An advantageous feature of this function module is its capability to execute the program in the background.
“We convert the data set that we want to encrypt to binary.
CALL FUNCTION 'SCMS_XSTRING_TO_BINARY'
EXPORTING
buffer = pdf_xstring
TABLES
binary_tab = it_lines[].
“create a unique name to write data to application server (AL11).
CALL FUNCTION 'SYSTEM_UUID_C_CREATE'
IMPORTING
uuid = unique_name.
” write a file to AL11 with guid
CONCATENATE 'D:\usr\sap\pdfencrypt\' unique_name '.pdf' INTO l_file.
OPEN DATASET l_file FOR OUTPUT IN BINARY MODE.
IF sy-subrc = 0.
CLEAR : wa_lines.
LOOP AT it_lines INTO wa_lines.
TRANSFER wa_lines TO l_file .
ENDLOOP.
CLOSE DATASET l_file.
PERFORM encryptpdf.
ENDIF.
PERFORM send_mail.
FORM encryptpdf.
l_cmd = 'Z_PDF_ENCRYPT'.
CLEAR wa_params.
// We can set the password after | -u | expression, in this example the ID No is used.
wa_params = |{ |-i | && l_file && | -o | && l_file && | -u | && gs_sf01-wausw }|.
CALL FUNCTION 'SXPG_COMMAND_EXECUTE'
EXPORTING
operatingsystem = sy-opsys
commandname = l_cmd
additional_parameters = wa_params
targetsystem = VALUE rfcdisplay( rfchost = sy-host )
stdout = 'X'
stderr = 'X'
terminationwait = 'X'
IMPORTING
status = w_status
exitcode = w_exit
TABLES
exec_protocol = it_log
EXCEPTIONS
no_permission = 1
command_not_found = 2
parameters_too_long = 3
security_risk = 4
wrong_check_call_interface = 5
program_start_error = 6
program_termination_error = 7
x_error = 8
parameter_expected = 9
too_many_parameters = 10
illegal_command = 11
wrong_asynchronous_parameters = 12
cant_enq_tbtco_entry = 13
jobcount_generation_error = 14
OTHERS = 15.
IF sy-subrc = 0.
CLOSE DATASET l_file.
OPEN DATASET l_file FOR INPUT IN BINARY MODE.
IF sy-subrc EQ 0.
REFRESH it_lines.
DO.
CLEAR wa_lines.
READ DATASET l_file INTO wa_lines.
IF sy-subrc = 0.
APPEND wa_lines TO it_lines.
ELSE.
IF wa_lines IS NOT INITIAL.
APPEND wa_lines TO it_lines.
ENDIF.
EXIT.
ENDIF.
ENDDO.
CLOSE DATASET l_file.
DELETE DATASET l_file.
ENDIF.
ENDIF.
ENDFORM.
” add encrypted PDF as an attachment, call this method before the sending mail.
CALL METHOD document->add_attachment
EXPORTING
i_attachment_type = 'PDF'
i_attachment_subject = a_subject
i_att_content_hex = it_lines.
PS : If the mail settings for your system are unavailable, it can be observed that the emails sent through the SOST transaction are encrypted.
No comments:
Post a Comment