Moving from a Test to a Production Environment 21-33 ■ Deployed one or more applications or SOA Composite applications. The applications have internal and external references. ■ Changed some configuration settings. For example, you may have changed something in the config directory, in MDS, or another data source. ■ Optionally, configured Oracle WebLogic Server dependent artifacts for Oracle Business Activity Monitoring, such as: – BAM Adapter – Data sources for the database or JMS ■ Configured and populated the identity store for Oracle Business Activity Monitoring users. ■ Set up UMS and all required subcomponents, configured UMS drivers and user preferences in a test environment.

21.4.2.1 Moving Oracle SOA Suite to a New Production Environment

To move Oracle SOA Suite to a new production environment, perform the following tasks: ■ Task 1, Move the Database, Middleware Home and Perform the Initial Configuration ■ Task 3, Export JKS Certificates ■ Task 4, Move Human Workflow to the New Production Environment ■ Task 5, Move Oracle Business Activity Monitoring Data to the New Production Environment ■ Task 6, Move Oracle Business Process Management to the New Production Environment ■ Task 7, Move UMS-Related Details to the New Production Environment ■ Task 8, Enable SSL and Create Custom Keystores Task 1 Move the Database, Middleware Home and Perform the Initial Configuration To move the database and Middleware home and perform the initial configuration: 1. Move or create the database and the schemas, as described in Section 21.3.2 . 2. Move Identity Management components, as described in Section 21.4.1 . Note: The Oracle User Messaging Service UMS is used in SOA and BAM scenarios. The functionality and actions in both scenarios are similar, but there are small differences. In particular, for BAM, only the e-mail driver is supported, so the reconfiguration steps for UMS only apply to the e-mail driver. Also, BAM does not make use of the UMS User Preferences in this release. Hence, the userprefs migration in UMS migration does not apply to BAM. See Task 7 for details on moving UMS from a test to a production environment. See Also: Oracle Fusion Middleware Enterprise Deployment Guide for Oracle SOA Suite for information about setting up an enterprise deployment for Oracle SOA Suite 21-34 Oracle Fusion Middleware Administrators Guide 3. Move the Middleware home and binary files, as described in Section 21.3.3 . 4. Move the configuration, as described in Section 21.3.4 . Note that when you move the configuration, the pasteConfig script copies the configuration of the domain, including the domain, Administration Server, and Managed Servers. In addition, that step: ■ Moves SOA composite applications. ■ Moves Oracle Human Workflow attribute labels, flex field mappings, approval groups and standard views. ■ Moves Oracle B2B. ■ Reassociates the security store to an LDAP or database-based store, based on the values provided in move plan. ■ Moves Oracle Platform Security. ■ Moves Oracle Web Services Manager, any policies that are stored in the MDS Repository or deployment plans, and any custom policies that are stored in DOMAIN_HOMElib. ■ Deploys applications in the production environment. ■ Configures adapters, such as the database adapters, AQ adapters, JMS adapters. Note, however, that you must edit the deployment plan of any adapters before you use the pasteConfig script. ■ Configures data sources. ■ Configures JMS resources. ■ Starts the Administration Server. 5. Configure users, groups, the security policies, and the credential store, as described in Section 21.3.6 . Task 2 Create Directory Structures Create directory structures for any inbound or outbound files. For example, if you are using a file adapter that reads an inbound file from the tmpinbound_msg directory and writes outbound files to the tmpoutbound_msg directory, create those directories on the production environment. Similarly, if Oracle B2B is using a listening channel that reads inbound messages from the tmpinbound directory and writes outbound messages to the tmpoutbound directory, create those directories. Task 3 Export JKS Certificates Export any JKS certificates for B2B endpoints from the test environment to the production environment. Then, import them to the production environment. For information about exporting and importing JKS certificates, see Section 8.3.3 . Task 4 Move Human Workflow to the New Production Environment When you moved a copy of the domain from the test environment to the production environment, the scripts moved the following Human Workflow entities: ■ Attribute labels See Also: Oracle Fusion Middleware Enterprise Deployment Guide for Oracle SOA Suite for information about setting up an enterprise deployment for Oracle SOA Suite Moving from a Test to a Production Environment 21-35 ■ Flex field mappings ■ Approval groups ■ Standard views The scripts do not move the following: ■ User views ■ Rules To move Human Workflow user views and roles to a new production environment: 1. Move Human Workflow user metadata, such as user views or vacation rules, from the test environment to the production environment, using the Data Migrator. The Data Migrator is available as an ant target that can be executed in the command line. It calls a properties file, migration.properties, that you create specifying the input parameters for the migration of data. The migration.properties file contains the following input parameters: operationType = {EXPORT | IMPORT} objectType = {VIEW | RULE | APPROVAL_GROUP | TASK_PAYLOAD_FLEX_FIELD_MAPPING} name = name of VIEW or APPROVAL_GROUP or TASK_PAYLOAD_FLEX_FIELD_MAPPING user = username of VIEW or RULE group = groupname for RULE grantPermission = {true | false} migrateAttributeLabel = {true | false} override = {true | false} skip = {true | false} migrateToActiveVersion = {true | false} You use the following script: ORACLE_HOMEbinant-t2p-worklist.xml The command has the following format: ant -f ant-t2p-worklist.xml -Dbea.home=BEA_HOME -Dsoa.home=SOA_HOME -Dmigration.properties.file=MIGRATION_PROPERTY_FILE_PATH -Dsoa.hostname=SOA_HOSTNAME -Dsoa.rmi.port=SOA_RMI_PORT -Dsoa.admin.user=SOA_ADMIN_USER -Dsoa.admin.password=SOA_ADMIN_PASSWORD -Drealm=REALM -Dmigration.file=MIGRATION_FILE -Dmap.file=MAP_FILE For additional information about the migration utility, see Using the User Metadata Migration Utility in the Oracle Fusion Middleware Modeling and Implementation Guide for Oracle Business Process Management. Take the following steps: a. Ensure that the PATH environment variable contains the required JAVA_ HOME and ANT_HOME environment variables and that they point to the locations within the Oracle SOA Suite installation. b. Create a migration.properties file to export user metadata for the worklist application for example rules, user views, vacation rules from the test 21-36 Oracle Fusion Middleware Administrators Guide environment. You can create the migration.properties file in any location. Note the following: – You can only export one type of data at a time. – When you are exporting data for a particular user or group, you must migrate them in separate operations. For example, to export all rules for a given user, the migration.properties file would contain the following: operationType = EXPORT objectType = RULE name = ALL user = username group = grantPermission = true migrateAttributeLabel = false override = true skip = true migrateToActiveVersion = false Note that the parameter group is left blank when you export rules for a given user. To export all rules for a given group, the migration.properties file would contain the following: operationType = EXPORT objectType = RULE name = ALL user = group = LoanAgentGroup grantPermission = true migrateAttributeLabel = false override = true skip = true migrateToActiveVersion = false Note that the parameter user is left blank when you export rules for a given group. c. Export the data. The following example shows how to invoke the command and specify the parameters: ant -f ant-t2p-worklist.xml -Dbea.home=scratchoracleMW_HOME -Dsoa.home=scratchoracleMW_HOMEAS11gR1SOA -Dmigration.properties.file=migration.properties -Dsoa.hostname=hostname -Dsoa.rmi.port=7001 -Dsoa.admin.user=weblogic -Dsoa.admin.password=password -Drealm=jazn.com -Dmigration.file=tmpexport_all_userRules.xml -Dmap.file=tmpexport_all_userRules_mapper.xml d. Ensure that the application is deployed to the production environment. e. Create the migration.properties file to import user metadata for the worklist application to the production environment. Note the following: – You can only import one type of data at a time. Moving from a Test to a Production Environment 21-37 – When you are importing data for a particular user or group, you must import them in separate operations. For example, to import all rules for a given user, the migration.properties file would contain the following: operationType = IMPORT objectType = RULE name = ALL user = username group = grantPermission = true migrateAttributeLabel = false override = true skip = true migrateToActiveVersion = false Note that the parameter group is left blank when you import rules for a given user. To import all rules for a given group, the migration.properties file would contain the following: operationType = IMPORT objectType = RULE name = ALL user = group = LoanAgentGroup grantPermission = true migrateAttributeLabel = false override = true skip = true migrateToActiveVersion = false Note that the parameter user is left blank when you import rules for a given group. f. Import the data to the production environment from the file export_all_ userRules.xml, which you created in the previous steps. The following example shows how to invoke the command and specify the parameters: ant -f ant-t2p-worklist.xml -Dbea.home=scratchoracleMW_HOME -Dsoa.home=scratchoracleMW_HOMEAS11gR1SOA -Dmigration.properties.file=migration.properties -Dsoa.hostname=hostname -Dsoa.rmi.port=7001 -Dsoa.admin.user=weblogic -Dsoa.admin.password=password -Drealm=jazn.com -Dmigration.file=tmpexport_all_userRules.xml -Dmap.file=tmpexport_all_userRules_mapper.xml Note that if the data, such as rules and views, are attached to the user, then the user should be an available user in the production SOA server. 2. Deploy Java EE Human Task Forms, as you would deploy any .ear file. See Section 10.3.1 for more information. 3. If necessary, update the workflow notification configuration with production mail server and inbound and outbound e-mail accounts. See Configuring Oracle User 21-38 Oracle Fusion Middleware Administrators Guide Messaging Service in the Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle Business Process Management Suite. Task 5 Move Oracle Business Activity Monitoring Data to the New Production Environment To move Oracle Business Activity Monitoring to the new production environment: 1. On the test environment, export the ORACLEBAM database schema, using the following commands ORACLE_HOME is the Oracle home for the Oracle Database: ORACLE_HOMEbinsqlplus syspassword as sysdba create or replace directory directory as path; grant read,write on DIRECTORY directory to oraclebam; exit; ORACLE_HOMEbinexpdp userid=oraclebambamconnect_id directory=directory dumpfile=orabam.dmp schemas=oraclebam logfile=oraclebam_date.log The Oracle BAM objects, such as reports, alerts, and data definitions from the test environment are exported. 2. Set up the Oracle Internet Directory Authenticator, if it was not set up in the test environment. If it was set up in the test environment, moving the configuration moves the configuration to the production environment. a. From the Oracle WebLogic Server Administration Console, select Security Realms , then myrealm, then Providers. A default Authenticator is configured for the realm. b. Click New to add a new authenticator. c. Enter a name for the provider, such as OIDAuthenticator for a provider that authenticates the user to the Oracle Internet Directory. d. For Type, select OracleInternetDirectoryAuthenticator. e. Click OK. f. On the Providers tab, click the newly created OIDAuthenticator. g. For Control Flag, select Sufficient to indicate that if a user can be authenticated successfully by this authenticator, then it should accept that authentication and should not continue to invoke any additional authenticators. h. Select the Provider Specific tab. i. Enter the details of the LDAP provider. j. Click Save. k. In the Providers tab, reorder the authenticators so that the newly created authenticator is first. 3. Restart the Administration Server and the Managed Server. See Also: Overview of Oracle Data Pump and other chapters on Oracle Data Pump in Oracle Database Utilities, which is available at: http:www.oracle.comtechnetworkdatabaseenterprise-editio ndocumentationindex.html Moving from a Test to a Production Environment 21-39 4. Move BAM data and artifacts to the production environment: a. Create the BAM JPS root context by importing the ldif file. The following shows a sample ldif file: dn: cn=jpsroot_bam_test,dc=us,dc=oracle,dc=com cn: jpsroot_bam_test objectclass: top objectclass: orclcontainer b. Move the BAM application policy and roles to LDAP using Fusion Middleware Control: – From the navigation pane, right-click the domain that contains Oracle Business Activity Monitoring and choose Security, then Security Provider Configuration. – Follow the steps in Reassociating Domain Stores with Fusion Middleware Control in the Oracle Fusion Middleware Application Security Guide. c. Import the ORACLEBAM database schema that you exported from the test environment, using the following commands ORACLE_HOME is the Oracle home for the Oracle Database: ORACLE_HOMEbinimpdp userid=systempassword dumpfile=ORACLEBAM.DMP remap_schema=oraclebam:oraclebam TABLE_EXISTS_ACTION=replace ORACLE_HOMEbinsqlplus syspassword as sysdba alter user oraclebam account unlock; alter user oraclebam identified by bam; Note that impdp may report the following errors: – ORA-00959: tablespace source tablespace does not exist. You can fix this error by creating the tablespace in the import database before the import or use REMAP_TABLESPACES to change the tablespace referenced in the table definition to a tablespace in the import database. – You may see failure with restoring index statistics if you use an Oracle database version earlier than 11.2.0.2. You can work around this issue by rebuilding the index statistics after import. d. Modify the e-mail server configuration on the production environment, as described in Configuring Oracle User Messaging Service in the Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle Business Process Management Suite. e. Restart the Oracle Business Activity Monitoring Managed Server. Task 6 Move Oracle Business Process Management to the New Production Environment To move Oracle Business Process Management to the new production environment, you move Oracle Business Process Management user metadata, such as organizations and dashboards, from the test environment to the production environment, using the migration tool. The migration tool is available as an ant target that can be executed in the command line. It calls a configuration file that you create specifying the input parameters for the migration of data. Note that the migration tool does not move any user-specific configuration because users in the test and production environments would not be same. 21-40 Oracle Fusion Middleware Administrators Guide You use the following script: ORACLE_HOMEbinant-t2p-workspace.xml The command has the following format: ant -f ant-t2p-workspace.xml -Dbea.home=BEA_HOME -Dbpm.home=BPM_HOME -Dbpm.t2p.migration.config=MIGRATION_CONFIG_FILE For Organizations, the following objects are moved to the production environment: Organizational Units, Roles, Calendars, Organization Role, and Extended User Properties. For Dashboards, data with the BAM_WIDGET data type in the BPMUserApplicationData table is moved to the production environment. Take the following steps: 1. Ensure that the PATH environment variable contains the required JAVA_HOME and ANT_HOME environment variables and that they point to the locations within the Oracle SOA Suite installation. 2. Export Organizations and Dashboard: a. Create a configuration file to export Organizations. You pass that file to the ant command. The following shows a sample configuration file that exports Organizations: ?xml version=1.0 encoding=UTF-8 standalone=yes? testToProductionMigrationConfiguration xmlns=http:xmlns.oracle.combpmt2pmigrationconfig xmlns:ns2=http:xmlns.oracle.combpmcommon override=true skip=true sourceEndPoint serverEndPoint serverURLt3:hostname:portserverURL adminUserLoginadmin_usernameadminUserLogin adminUserPasswordadmin_passwordadminUserPassword realmjazn.comrealm serverEndPoint sourceEndPoint targetEndPoint fileEndPoint migrationFiletmpbpm_organization.xmlmigrationFile fileEndPoint targetEndPoint operationEXPORToperation objectORGANIZATIONobject objectDetails loginusernamelogin passwordpasswordpassword identityContextjazn.comidentityContext organization objectDetails testToProductionMigrationConfiguration In the configuration file, you must specify the values for the test environment in the following elements: