Scenario: Receiving an AS2 inbound request

An exchange profile defines how messages are exchanged with a trading partner, and how those messages are processed internally. You can exchange data and messages synchronously or asynchronously with your trading partner using the AS2 protocol based on the requirements and agreement.

The following scenarios demonstrate two use cases for the AS2 inbound request:

Synchronous inbound exchange - Your organization (owner organization A) receives a product promotion update from a trading partner (organization B). Assuming that your organization has agreed up on a synchronous exchange, B2B Advanced Communications sends a synchronous (on the same HTTP or HTTPS connection) message disposition notification (MDN) to the trading partner (organization B).
Asynchronous inbound exchange - Your organization (owner organization A) receives a large message with security enabled from a trading partner (organization B). As it would require some time to process a large message with security enabled, you might have agreed up on an asynchronous exchange (MDN). Asynchronous exchanges are also used when the HTTP or HTTPS adapters or proxy servers have definitive timeout configured.

Note: If Sterling B2B Integrator is the business application, you must install the Sterling B2B Integrator bridge and configure the required adapters and business processes. For more information about Sterling B2B Integrator bridge adapters and business processes, see Configuring B2B Advanced Communications integration module.

Configuration requirements

The following table provides information about an AS2 inbound exchange profile configuration.

Table 1. AS4 inbound exchange profile configuration
Configuration	Requirement
Security policy	Security policies establish guidelines to govern and ensure secure partner communications. B2B Advanced Communications security policies define the most fortified transport security options, integrity options, nonrepudiation options, and confidentiality options. You can configure a security policy based on the agreement with your trading partner. For more information about configuring a security policy, see Adding an AS2 security policy.
Organizations	You must configure partner organizations that are participating in the exchange. For information about configuring partner organizations, see Creating an organization.
Organization credentials	If basic HTTP authentication is enabled in the security policy, organization credentials are required to authenticate a trading partner. When configuring connection settings for the inbound request, you must select appropriate organization credentials. For information about configuring organization credentials, see Adding organization credentials.
Message queues	A message queue is required to configure a messaging receiver and messaging destination. A message queue must be configured by a System Administrator. For information about configuring a message queue, see Configuring a message queue.
Trading partner certificates	If HTTPS client authentication, signed messages, and encrypted messages are enabled in the security policy, you must add a trading partner certificate to your system. The certificate (or one certificate for each usage) is looked up during HTTPS authentication and processing of the inbound message. For information about adding trading partner certificates, see Adding a trading partner digital certificate.
Owner organization certificates	If signed MDN is enabled in the security policy, the private/public key pairs and CA certificates must be added to B2B Advanced Communications and the public key must be shared with the trading partner. For information about adding CA certificates, see Adding a CA digital certificate. For information about adding private/public key pairs, see Adding a private and public key pair digital certificate
Messaging destination	Two messaging destinations are used in an AS2 inbound flow. One messaging destination is associated with the AS2 receiver and another one is specified when configuring the exchange profile. For information about configuring a messaging destination, see Configuring a messaging destination. After receiving the message, the AS2 receiver sends the message to the messaging destination that is specified in the AS2 receiver configuration. A messaging receiver configured with the message queue (which is also associated with the messaging destination) picks the message and sends it to the AS2 engine for further processing.
Messaging receiver	You must configure a messaging receiver from where the received message is picked up and sent to the AS2 engine for processing. For information about configuring a messaging receiver, see Configuring a messaging receiver. Note: The messaging destination and the messaging receiver must be associated with the same message queue.
Asynchronous MDN destination	Configure a destination to send the MDN. Note: Currently, configuring an MDN destination is mandatory for both synchronous and asynchronous exchanges. The message headers determine whether a message is synchronous or asynchronous. If a message contains the header `Disposition-Notification-To` with a value specified for the header, that means an MDN is required. If a message contains the header `Receipt-Delivery-Option` with a return URL specified for it, that means, the message requires an asynchronous MDN. If a return URL is not present in the `Receipt-Delivery-Option`, then the message requires a synchronous MDN. For information about configuring an MDN destination, see Configuring an MDN destination.
HTTP or HTTPS server	An HTTP or HTTPS server is an endpoint that is associated with an AS2 or AS4 receiver. For information about configuring an HTTP or HTTPS server, see Configuring an HTTP server or Configuring an HTTPS server
Thread pool	A thread pool is a collection of threads. A thread pool manages the threads in the pool to process the tasks. To handle large files or a large volume of files, you can have a thread pool with more number of threads and associate the thread pool to the HTTPS destination. For information about configuring a thread pool, see Configuring a thread pool.
Retry policy	You must configure appropriate retry policy and associate it with the HTTP or HTTPS destination. The retry settings that are specified in the retry policy are used when an HTTP or HTTPS destination is not available (down) during the transmission. For information about configuring a retry policy, see Configuring a retry policy.
AS2 receiver	You must configure an AS2 receiver to receive the inbound request. For information about configuring an AS2 receiver, see Configuring an AS2 receiver.
Storage settings	You must configure appropriate storage settings, including data retention and divulge information. For information about configuring storage, see Configuring storage.

The following table lists the user permissions that are required to complete an AS2 inbound exchange.

Table 2. Permissions required to complete an AS2 inbound exchange
User permission	Requirement
User with Master Account Administrator permissions	To create or configure the following components: Security policy AS2 inbound exchange profile Messaging destination Certificate alias (both trading partner certificates and owner organization certificates) HTTP or HTTPS server AS2 receiver Retry policy Organization credential Trading partner and owner organization Asynchronous MDN destination
User with System Administrator permissions	To create message queue and thread pools.

Creating a sample AS2 inbound exchange profile

To create an exchange profile that can be used to receive AS2 messages from your trading partner, complete the following tasks in B2B Advanced Communications:

Note: The following list provides information about the mandatory fields or settings that are required for an AS2 inbound exchange profile. For information about other fields, see Configuring an AS2 inbound exchange profile.

Note: This procedure assumes that the following components are created in B2B Advanced Communications:

Message queues
Thread pools
Retry policy
Security policy - inbound_securitypolicy
Messaging destination - inbound_msgdest
Messaging receiver - inbound_msgrcvr
HTTPS server - inbound_httpsserver
AS2 receiver - inbound_as2receiver
Participating organizations - Organization A and Organization B
Organization credentials - inbound_user and associated with Organization A (the owner organization)
Certificate alias of Organization A - OrganizatoinAcertalias (usage - Signed MDN)
Certificate alias of Organization B - OrganizationBcertalias (usage - HTTPS client authentication and message signing/signature verification, and message encryption)

Log in to B2B Advanced Communications with Master Account Permissions.
Click Exchanges > Exchange Profiles.
On the Exchange Profiles page, click New and select AS2 Inbound.
On the New Exchange Profile dialog box, specify values for the following fields and click Save.
Field Description

Profile name

Type inbound_as2exchangeprofile as the profile name.

Exchange pattern

Select AS2 Inbound.

Field	Description
Profile name	Type `inbound_as2exchangeprofile` as the profile name.
Exchange pattern	Select AS2 Inbound.

Click Participating Organizations to specify the participating organizations.

Field	Description
Owner Organization	Click Select and select Organization A. In an AS2 inbound exchange, the owner organization is the receiver.
Receiver ID	Select a mutually agreed on ID for your organization.
Trading Partner Organization	Click Select and select Organization B. In an AS2 inbound exchange, the trading partner organization is the sender.
Sender ID	Select a mutually agreed on ID for the trading partner organization.

Click Trigger: Receive AS2 Messages from Trading Partners and specify the trigger and security settings for the inbound request.

Field	Description
Receiver	Click Select and select inbound_as2receiver to receive the inbound AS2 message.
Configure connection	Click Configure and specify the sender ID, receiver ID, and asynchronous MDN destination.
Security Policy	Click Select and select inbound_securitypolicy.
Configure security	Click Configure and specify the security settings. The security options (transport layer security, integrity and nonrepudiation, and confidentiality) are displayed based on the security policy settings.

Click Action: Deliver Message Data and specify the action for the inbound message.

Field	Description
Select Destination	Click Select and select inbound_msgdest. After the AS2 message is processed, the payload, attachments, and the business document object are sent to the messaging destination specified here.

In the Deploy Exchange Profile section, click Deploy to deploy or enable the exchange profile.
Attention: The Deploy button is enabled only when all the sections of the exchange profile are in Complete status.

Using inbound_as2exchangeprofile to receive an inbound as2 request

Following is a representation of the AS2 inbound flow:

AS2 Receiver > Messaging destination (associated with the AS2 receiver) > Message queue > Messaging receiver (must have the same message queue as the messaging destination) > AS2 Engine > Messaging destination (configured in the exchange profile) > Business application

Note: You can use the default messaging destination, message queue, and messaging receiver or configure them as required.

The following list describes the steps that are involved in receiving an inbound request from Organization B:

The HTTP server (inbound_httpsserver, associated with the AS2 receiver that is configured in the inbound_as2exchangeprofile) receives the AS2 message. This is the trigger for the message exchange.
The HTTP server determines the appropriate AS2 receiver from the URI in the message and sends the message to the receiver.
The AS2 receiver sends the received message to the messaging destination that is associated with the receiver.
A messaging receiver (associated with the same message queue as the messaging destination) picks the message and sends it to the AS2 engine.
The AS2 engine unpacks the message and determines the messaging destination (according to the exchange profile configuration) to which the unpacked message (BDO, payload, and attachments) must be sent.
If synchronous MDN is specified, an MDN is sent to the trading partner on the same HTTP or HTTPS connection. If asynchronous MDN is specified, an MDN is sent later, on a different HTTP or HTTPS connection, to the trading partner.
The message service handler packages the response and sends it to the trading partner.