Registering the Jersey JAX-RS RI Shared Libraries With Your WebLogic Server Instances

Shared Java EE libraries are registered with one or more WebLogic Server instances by deploying them to the target servers and indicating that the deployments are to be shared. Shared Java EE libraries must be targeted to the same WebLogic Server instances you want to deploy applications that reference the libraries.

If you wish to use Jersey JAX-RS RI Version 1.1.5.1, the following shows an example of how to deploy the shared libraries that provide support for the basic Jersey JAX-RS RI functionality and JAX-RS API.

• Change to the WLS_HOME/server/bin and run the command

          setWLSEnv.cmd

• Change to the WLS_HOME/server/lib directory

           cd C:\WLS1036\Oracle\Middleware\wlserver_10.3\server\lib

•  Give the command

java weblogic.Deployer -verbose -noexit -source C:\WLS1036\Oracle\Middleware\wlserver_10.3\common\deployable-libraries\jersey-bundle-1.1.5.1.war -targets AdminServer -adminurl t3://localhost:7001 -user weblogic -password *** -deploy -library

• Give the command

 java weblogic.Deployer -verbose -noexit -source C:\WLS1036\Oracle\Middleware\wlserver_10.3\common\deployable-libraries\jsr311-api-1.1.1.war -targets AdminServer -adminurl t3://localhost:7001 -user weblogic -password Satnaam111 -deploy -library

Weblogic 10.3.6: Export data from a security provider

Security data (authentication, authorization, credential map, and role data) from one security realm can be exported into a file and then imported into another security realm. This feature allows you to develop and test new security realms without recreating all the security data (for example, when moving a development security realm to production). Only information from the WebLogic security providers can be exported and imported. Two options are available:

• Export all security data from all of the security providers in a security realm. 
• Export specific data (for example, user and groups or roles) from a specific provider, as described in this topic.

To export security data from a security provider to a file:

1. In the left pane, select Security Realms and then select the name of the realm you are configuring (for example, myrealm).
2. Select the type of provider from which you want to export security data (for example, Authentication).
3. Select the security provider from which you want to export security data.

    4. Select Migration > Export.

    5. Specify the directory and filename in which to export the security data in the Export File on Server field. The directory must exist.

Note: The directory and file into which you export the security data should be carefully protected with operating system security as they contain secure information about your deployment.

6.Optionally, define a specific set of security data to be exported in the Export Constraints box.

7. Click Save.

Note: Once the data is exported from the security provider, it can be imported at any time.

Fusion Middleware/ Oracle SOA 11.1.1.6 :Switching the JVM from Sun JDK to JRockit JDK

Fusion Middleware/ Oracle SOA 11.1.1.6 :Switching the JVM from Sun JDK to JRockit JDK


1. Download and install Oracle JRockit JDK (latest version currently 28.2.0):

• Download JRockit for Linux x86-64 from http://www.oracle.com/technetwork/middleware/jrockit/downloads/index.html.
• Execute the following command to change permissions and start the installer:

           chmod 750 jrockit-jdk1.6.0_29-R28.2.0-4.1.0-linux-x64.bin
          ./jrockit-jdk1.6.0_29-R28.2.0-4.1.0-linux-x64.bin

• On the Welcome prompt, press Enter.
• On the Choose Production Installation Directory prompt, enter a directory such as /u01/app/oracle/jrockit1.6.0_29, to install JRockit and press Enter twice.
• On the Optional Components 1 prompt, press Enter to accept the default (which is not to install Demos and Samples).
• On the Optional Components 2 prompt, press Enter to accept the default (which is not to install Source Code).
• On the Installation Complete prompt, press Enter to exit the installer.

2. Log on to the Linux server hosting your Oracle SOA Suite 11g installation as the oracle user.

3. Stop the AdminServer as well as all managed servers.

4. Stop the Node Manager.

5. Edit the file $MW_HOME/wlserver_10.3/common/bin/commEnv.sh and replace the following two entries     

     as follows:

         OLD: JAVA_HOME="/u01/app/oracle/jdk1.6.0_26"

         NEW: JAVA_HOME="/u01/app/oracle/jrockit1.6.0_29"

         OLD: JAVA_VENDOR=Sun

         NEW: JAVA_VENDOR=Oracle

6.Edit the file $MW_HOME/user_projects/domains/[Domain]/bin/setDomainEnv.sh, and replace the 

   following two entries as follows:

   OLD: BEA_JAVA_HOME=""

   NEW: BEA_AVA_HOME="/u01/app/oracle/jrockit1.6.0_29"

   OLD: SUN_JAVA_HOME="/u01/app/oracle/jdk1.6.0_26"

   NEW: SUN_JAVA_HOME=""

7. Edit the domain configuration file $MW_HOME/user_projects/domains/[Domain]/bin/setSOADomainEnv.sh, and replace the following entry

as follows:  

    OLD: PORT_MEM_ARGS="-Xms768m -Xmx1536m"

    NEW: PORT_MEM_ARGS="-Xms1536m -Xmx1536m -Xgcprio:throughput

    -XX:+HeapDumpOnOutOfMemoryError

8.Start up the Node Manager.

9. Boot up the AdminServer and all managed servers back again.

10. View the new JDK being used in the $DOMAIN_HOME/servers/AdminServer/logs/AdminServer.log

Weblogic 10.3.5: WLST Scripts to Configure Credential Store Framework (CSF) For Access Level/Message Level security

Weblogic 10.3.5: WLST Scripts to Configure Credential Store Framework (CSF) For Access Level/Message Level security.

Follow these steps to configure the credential store to access the Oracle WSM keystore using WLST commands

• Go to the Oracle Common home directory for your installation, for example /home/Oracle/Middleware/oracle_common.

• Start WLST using the WLST.sh/cmd command located in the oracle_common/common/bin directory. For example:

• /home/Oracle/Middleware/oracle_common/common/bin/wlst.sh (UNIX)
• C:\Oracle\Middleware\oracle_common\common\bin\wlst.cmd (Windows)

                 When executed, these commands start WLST in offline mode. To use the credential store WLST  

                 commands, you must use WLST in online mode.

• Start Oracle WebLogic Server. 

• Connect to the running WebLogic Server instance using the connect() command. For example, the following command connects WLST to the Administration Server at the URLmyAdminServer.oracle.com:7001 using the username/password credentials weblogic/welcome1:
  
  

  connect("weblogic","welcome1","t3://myAdminServer.oracle.com:7001")

  Enter the createCred command to create an entry in the credential store for the keystore name and password as follows:
  

  createCred(map="oracle.wsm.security", key="keystore-csf-key", user="owsm", password="welcome1", desc="Keystore key")
  
  
  Enter the createCred command to create an entry in the credential store for the keystore name and password as follows:
  
  createCred(map="oracle.wsm.security", key="keystore-csf-key", user="owsm", password="welcome1", desc="Keystore key")
  
  
  Enter the createCred command to create an entry in the credential store for the signature key alias and password as follows:
  createCred(map="oracle.wsm.security", key="sign-csf-key", user="orakey", password="welcome1", desc="Signing key")
  
  
  Enter the createCred command to create an entry in the credential store for the encryption key alias and password as follows:
  createCred(map="oracle.wsm.security", key="enc-csf-key", user="orakey", password="welcome1", desc="Encryption key")
  
  
  

Oracle Fusion Middleware Security for Web Services 11g Release 1 (11.1.1.6) Policy Sets using WLST

Policy sets provide a means to attach policies globally to a range of endpoints of the same type. 

• In addition to attaching policies directly to endpoints, you can create policy sets that allow you to attach policies globally to a range of endpoints of the same type, regardless of the deployment state. You can create and manage policy sets using both Fusion Middleware Control and the WebLogic Scripting Tool, WLST. 
• Attaching policies globally using policy sets allows an administrator to ensure that all subjects are secured in situations where the developer, assembler, or deployer did not explicitly specify the policies to be attached.
• Policies attached globally using policy sets also provide the following:
• Override the policies
• Specify run time constraint
• Policy subjects to which policy sets can be attached include SOA components, SOA service endpoints, SOA references, Web services endpoints, Web service clients, Web service connections, and asynchronous callback clients. Policy sets can be attached at the following scopes:
  • Domain — all policy subjects of the specified type in a domain
  • Server instance—all policy subjects of the specified type in a server instance
  • Application or Partition—all policy subjects of the specified type in an application or SOA partition
  • Application module or SOA composite—all policy subjects of the specified type in an application module or SOA composite
  • Service or reference—all policy subjects of the specified type in a SOA service or reference
  • Port or component—all policy subjects of the specified type in a port or SOA component

CREATING A POLICY SET USINg  WLST

CreatePolicySet.py

import os

propInputStream = FileInputStream("PolicySets.properties")

configProps = Properties()

configProps.load(propInputStream)

connect(configProps.get("userName"),configProps.get("passWord"),'t3://'+configProps.get("wlsHost")+':'+configProps.get("adminServerListenPort"))

splits=String(configProps.get("policysets_to_be_created")).split(",")

for dsIndex in splits:

    beginRepositorySession()

    #Variable Definitions

    policySetName=configProps.get("policySetName_"+ str(dsIndex))

    policySetType=configProps.get("policySetType_"+ str(dsIndex))

    policySetAttachTo=configProps.get("policySetAttachTo_"+ str(dsIndex))

    policySetDescription=configProps.get("policySetDescription_"+ str(dsIndex))

    policySetEnabled=configProps.get("policySetEnabled_"+ str(dsIndex))

    policySetUrl=configProps.get("policySetUrl_"+ str(dsIndex))

    print "Creating Policy Sets for System Resource Name:"+policySetName + ", Policy Set Type:" + policySetType +" Attached To: "+ policySetAttachTo + " , Description:" + policySetDescription + ", Enabled true or false: "+ policySetEnabled 

    createPolicySet(policySetName,policySetType,policySetAttachTo,description=policySetDescription,enable=policySetEnabled)

    print "Attaching Policy Sets"

    attachPolicySetPolicy(policySetUrl)

    print "Commiting Session"

    commitRepositorySession() 

PolicySets.properties

userName=username

passWord=password

wlsHost=localhost

domainDir=domainDir

adminServerListenPort=7001

#Total Number of Data Sources 

policysets_to_be_created=1

#Properties for the first PolicySets

policySetName_1=TestWSClientPolicySet

policySetType_1=sca-reference

policySetAttachTo_1=Domain("domain") and Server("server1") and Composite("*CBP*")

policySetDescription_1=Global policy attachments for SOA Reference resources.

policySetEnabled_1=true

policySetUrl_1=oracle/wss10_saml_token_client_policy_OPT_ON

Oracle Fusion Middleware Security for Web Services 11g Release 1 (11.1.1.6) Policy Sets

Oracle Fusion Middleware Security  for Web Services 11g Release 1 (11.1.1.6) Policy Sets

Policy sets provide a means to attach policies globally to a range of endpoints of the same type. 

• In addition to attaching policies directly to endpoints, you can create policy sets that allow you to attach policies globally to a range of endpoints of the same type, regardless of the deployment state. You can create and manage policy sets using both Fusion Middleware Control and the WebLogic Scripting Tool, WLST. 
• Attaching policies globally using policy sets allows an administrator to ensure that all subjects are secured in situations where the developer, assembler, or deployer did not explicitly specify the policies to be attached.
• Policies attached globally using policy sets also provide the following:
• Override the policies
• Specify run time constraint
• Policy subjects to which policy sets can be attached include SOA components, SOA service endpoints, SOA references, Web services endpoints, Web service clients, Web service connections, and asynchronous callback clients. Policy sets can be attached at the following scopes:
  • Domain — all policy subjects of the specified type in a domain
  • Server instance—all policy subjects of the specified type in a server instance
  • Application or Partition—all policy subjects of the specified type in an application or SOA partition
  • Application module or SOA composite—all policy subjects of the specified type in an application module or SOA composite
  • Service or reference—all policy subjects of the specified type in a SOA service or reference
  • Port or component—all policy subjects of the specified type in a port or SOA component

Creating a Policy Set

• Navigate to the Policy Set Summary page.

• From the Policy Set Summary page, click Create.
• In the Enter General Information page, as shown in enter a name for the policy set.
• Select the Enabled check box if you want to enable the policy set.
• In the Type of Resources field, select the type of policy subject to which you want to attach policies. On the next page you define the scope of resources to which you want the policy set to apply. The type of policy subjects that you can select are as follows:
  
  • SOA Component
  • SOA Service
  • SOA Reference
  • Web Service Connection
  • Web Service Endpoint
  • Web Service Client
  • Asynchronous Callback Client
  • Press Next on the Top Right

• Attach the policies and selecting the policy and pressing the Attach button; press Next

OSB (Oracle Service Bus) 11.1.1.6 Call REST ful Services

OSB (Oracle Service Bus) 11.1.1.6 Call REST ful Services from OSB

For details on how to create a Proxy Service and Business Services along with OSB security, please refer to my earlier posts on on OSB Tutorial: How to create proxy and business service by clicking here.

• Create a Project as shown below.

 

• Create a new business service, name it CustomerService. 

• Create a new business service, name it CustomerService.

•  Choose this service to be a Messaging Service.

• Choose the request and response payload to be of XML type

• Click next and choose "basic" authentication if authentication is required.
• Choose a service account for credentials.
• Save and Activate session