Introduction to Securing SOA Composite Applications
6.5 Listing the Authentication Provider
This section describes how to set the first authentication provider.6.5.1 Listing Oracle Internet Directory as the First Authentication Provider
The Oracle BPM Worklist and workflow services use Java Platform Security JPS and the User and Role API. For this reason, the Oracle Internet Directory authenticator must be the first provider listed when workflow is used with Oracle Internet Directory. If Oracle Internet Directory is not listed first for example, it is listed below DefaultAuthenticator, login authentication fails. For information about changing the order of authentication providers, see Oracle Fusion Middleware Securing Oracle WebLogic Server.6.5.2 Accessing Web-based Applications with the Default Authentication Provider
Logins to web-based applications may fail when using Oracle Internet Directory authentication. This is caused when the Oracle WebLogic Server configuration is set to use the Oracle Internet Directory authentication before default authentication. This may produce the following error: User weblogic is not found in configuration jazn.com Check if the user exists in the repository specified by the configurations. Check the error stack and fix the cause of the error. Contact oracle support if error is not fixable. The order of the security providers should be: 6-6 Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle BPM Suite 1. Default authentication 2. Oracle Internet DirectoryLDAP authentication6.6 Configuring SSL
This section describes configuring SSL in Oracle SOA Suite and Oracle Business Process Management environments.6.6.1 Recommendation to Configure Either All on No Managed Servers with SSL
As a best practice, Oracle recommends that you configure either all managed servers or no managed servers with SSL SOA, BAM, and so on. Configuring some managed servers with SSL, while not configuring others, may lead to undesirable results in Oracle BPM Worklist and Oracle Web Services Manager OWSM. For example, if there is an SSL-configured managed server bam_server, servers not configured with SSL are not be used by OWSM. In cases in which an SSL-configured server is down, it causes OWSM to be in a down state, which in turn causes Oracle BPM Worklist to be in a down state.6.6.2 Switching from Non-SSL to SSL Configurations with Oracle BPM Worklist
Switching from non-SSL to SSL configurations with Oracle BPM Worklist requires the Frontend Host and Frontend HTTPS Port fields to be set in Oracle WebLogic Server Administration Console. Not doing so results in exception errors when you attempt to create to-do tasks. To switch from non-SSL to SSL configurations with Oracle BPM Worklist: 1. Log in to Oracle WebLogic Server Administration Console.2. In the Environment section, select Servers.
3. Select the name of the managed server for example, soa_server1.
4. Select Protocols, then select HTTP.
5. In the Frontend Host field, enter the hostname on which Oracle BPM Worklist is
located.6. In the Frontend HTTPS Port field, enter the SSL listener port.
7. Click Save.
6.6.3 Configuring SOA Composite Applications for Two-Way SSL Communication
Oracle SOA Suite uses both Oracle WebLogic Server and Sun Secure Socket Layer SSL stacks for two-way SSL configurations. ■ For the inbound web service bindings, Oracle SOA Suite uses the Oracle WebLogic Server infrastructure and, therefore, the Oracle WebLogic Server libraries for SSL. ■ For the outbound web service bindings, Oracle SOA Suite uses JRF HttpClient and, therefore, the Sun JDK libraries for SSL. Due to this difference, start Oracle WebLogic Server with the following JVM option. To configure SOA composite applications for two-way SSL communication: 1. Open the following file:Parts
» Oracle Fusion Middleware Online Documentation Library
» Introduction to the SOA Infrastructure Application
» Introduction to SOA Composite Applications
» Introduction to SOA Composite Application Instances
» Introduction to Service Components and Service Component Instances
» Introduction to Binding Components
» Introduction to Service Engines
» Introduction to the Service Infrastructure
» Introduction to the Contents of SOA Composite Applications
» What Is Oracle Fusion Middleware? What Is Oracle Business Process Management Suite?
» Introduction to the Order of Precedence for Audit Level Settings
» Monitoring of Oracle SOA Suite and Oracle BPM Suite
» Introduction to Fault Recovery
» Introduction to How Policies are Executed Policies are executed before a message
» Introduction to the Lifecycle State of SOA Composite Applications
» Administration for Application Developers
» Logging In to Oracle Enterprise Manager Fusion Middleware Control
» Navigating Through the SOA Infrastructure Home Page and Menu
» Navigating Through the SOA Composite Application Home Page and Menu
» Navigating Through the Partition Home Page and Menu Navigating to Deployed Java EE Applications
» Logging Out of Oracle Enterprise Manager Fusion Middleware Control
» Disabling Instance and Fault Count Metrics Retrieval with the System MBean Browser
» Waiting for SOA Infrastructure Startup Initialization to Complete
» Changing the SOA Infrastructure Server URL Property Port
» Configuring Log Files Oracle Fusion Middleware Online Documentation Library
» Configuring the Logging File Encoding Property
» Specifying a Nondefault XA Transaction Timeout Value for XA Data Sources
» Monitoring SOA Infrastructure Recent Instances and Faults
» Redeploying Applications Oracle Fusion Middleware Online Documentation Library
» Undeploying Applications Oracle Fusion Middleware Online Documentation Library
» Introduction to Securing SOA Composite Applications
» Configuring Oracle HTTP Server with Oracle BPM Worklist
» Setting up SAML Message-Protected Policy Configuration for the SOA Infrastructure
» Automatically Authenticating Oracle BPM Worklist Users in SAML SSO Environments
» In the Oracle WebLogic Server Administration Console, select Security
» Select the Providers tab, and then the Authentication subtab.
» From the provider list, select the provider with the description SAML 2.0
» Scroll down the page until you see the field Redirect URIs.
» Configuring SOA Composite Applications for Two-Way SSL Communication
» From the SOA Infrastructure menu, select SOA Administration Common
» At the bottom of the page, click More SOA Infra Advanced Configuration
» Click KeystoreLocation. Oracle Fusion Middleware Online Documentation Library
» In the Value column, enter the keystore location.
» Click Apply. Oracle Fusion Middleware Online Documentation Library
» Invoking References in One-Way SSL Environments in Oracle JDeveloper
» Configuring Oracle HTTP Server for SSL Communication
» Configuring Certificates for Oracle Client, Oracle HTTP Server, and Oracle WebLogic Server
» Configuring SSL Between SOA Composite Application Instances and Oracle WebCache
» Using a Custom Trust Store for One-Way SSL During Design Time
» Configuring Security for Human Workflow WSDL Files
» Monitoring SOA Composite Application Recent Instances and Faults
» Specifying RPCLiteral-Style WSDL Files on the Test Page
» Managing the State of All Applications at the SOA Infrastructure Level
» Managing the State of an Application from the SOA Composite Application Home Page
» Starting and Stopping a Managed Oracle WebLogic Server
» Monitoring and Deleting SOA Composite Application Instances from the Application Home Page
» In the Instance ID column, click a specific instance ID to show the message
» In the State column, if an instance state is marked as Unknown, click it to
» Recovering from SOA Composite Application Faults at the SOA Infrastructure Level
» From the View list, select Columns Fault ID to display the fault IDs for each
» In the Composite column, click a specific SOA composite application to access
» In the Fault Location column, click a specific location to access the faults page
» In the Composite Instance ID column, click a specific ID to access the flow
» Example: Single Fault Recovery for BPEL Processes
» Example: Bulk Fault Recovery for BPEL Processes
» Example: Single Fault Recovery for BPMN Processes
» Example: Single Fault Recovery for Oracle Mediator
» Recovering from SOA Composite Application Faults in the Application Home Page
» Automating the Testing of SOA Composite Applications
» WS-RM Sessions Policy Attachments and Local Optimization in Composite-to-Composite Invocations
» Exporting a Running SOA Composite Application
» Creating and Deleting Partitions
» In the Name field, enter a partition name, and click Create.
» Performing Bulk Lifecycle Management Tasks on Composites in Partitions
» Deleting Large Numbers of Instances with the Purge Script
» Referential Integrity and Equipartioning
» Introduction to Partition Key Selection
» Developing a Purging and Partitioning Methodology
» delete_instances Procedure Looped Purge Script
» Purge States Deleting Large Numbers of Instances with the Purge Scripts
» Configuring Partitions Introduction to the Verification Scripts
» Component Tables Partitioning Component Tables
» Executing the Verification Scripts
» Verifying and Dropping Partitions
» Partial Partitioning of Components
» Retrieving the State of a Composite Finding Composite and Component Instances
» Configuring Automatic Recovery Attempts for Invoke and Callback Messages
» Setting the Audit Level at the BPEL Process Service Component Level
» Monitoring BPEL Process Service Component Instances and Faults
» Monitoring BPEL Process Service Component Instances
» Behavior of Activity Sensors in Compensate and CompensateScope Activities in BPEL 2.0
» Monitoring BPEL Process Service Engine Instances
» In the Instance ID column, click an instance ID for a service component to
» In the Component column, click a specific service component to access its
» In the Logs column, click a specific log to access the Log Messages page with
» Monitoring Deployed BPEL Processes in the Service Engine
» Recovering from BPEL Process Service Component Faults
» Click the Show only recoverable faults checkbox to display only faults from
» From the Fault Type list, select to display all faults, system faults, business
» Recovering from BPEL Process Service Engine Faults
» Configuring Oracle Mediator Service Engine Properties
» Configuring Resequenced Messages Oracle Fusion Middleware Online Documentation Library
» Monitoring Oracle Mediator Service Component Instances and Faults
» In the Instance ID column, click an instance ID to view its instance details,
» Introductions to the Sections of the Dashboard Page
» Monitoring Oracle Mediator Instance Information
» Monitoring Oracle Mediator Faults
» Dashboard Page Instances Page Faults Page
» Mediator Resequencing Group Dialog
» Monitoring Resequenced Messages from the Mediator Instance Dialog
» Managing Oracle Mediator Faults
» Managing Oracle Mediator Policies
» Deleting Cross-Reference Values Oracle Fusion Middleware Online Documentation Library
» Monitoring Business Rules Service Engine Instances and Faults
» Monitoring Business Rules Service Engine Statistics
» Monitoring Business Rules Service Engine Instances
» Tracing Rule Execution at the Development Audit Level
» Tracing Rule Execution at the Production Audit Level
» Viewing Decision Service Component Logs
» Setting the Diagnostic Logging Level with a Log Configuration
» Configuring Human Workflow Notification Properties
» Configuring Human Workflow Task Service Properties
» Pluggable Notification Service Implementation Pluggable Notification Service Registration
» Configuring Oracle HTTP Server for Task Form Attachments Configuring Multiple Send Addresses
» Adding an Authentication Provider
» Creating Users and Groups Using WebLogic Console
» Creating Users and Groups Using Oracle Internet Directory
» Configuring the Directory Service
» Changing the Default Password in the Embedded LDAP Server
» Click Edit. Add application roles and groups in the Roles section and users in the Users
» Configuring Security Policies for Human Workflow Web Services
» Monitoring Human Task Service Component Instances and Faults
» Viewing the Status of Human Workflow Tasks
» Monitoring Human Task Service Component Instances
» Monitoring Human Workflow Service Engine Instances and Faults
» Click Show All below the section to access the Instances page of the service
» In the Name column, click a specific service component to access its home
» In the Composite columns, click a specific SOA composite application to
» Click Show All below the section to access the Deployed Components page of
» Monitoring Human Workflow Service Engine Active Requests and Operation Statistics
» Monitoring Deployed Human Workflows in the Service Engine
» Managing Human Task Service Component Policies
» Recovering from Human Workflow Service Engine Faults
» In the Error Message column, click a specific message to display complete
» In the Recovery column, click a fault that is marked as recoverable to invoke
» In the Component Instance ID column, click a specific service component ID
» Managing the URI of the Human Task Service Component Task Details Application
» Recovering from Human Task Service Component Faults
» Managing Outgoing Notifications and Incoming Email Notifications
» Moving Human Workflow Data from Test to Production Environments
» Exporting All Attribute Labels The following example exports all attribute
» Importing Task Payload Mapped Attribute Mappings for All Task Definition IDs The
» Exporting Task Payload Mapped Attribute Mappings for a Specific Task Definition ID
» Importing Task Payload Mapped Attribute Mappings for a Specific Task Definition ID
» Exporting All User Views This example exports all user views.
» Importing All User Views This example imports all user views.
» Exporting a Specific User View This example exports a specific user view.
» Importing a Specific User View This example imports a specific user view.
» Export All Standard Views This example exports all standard views.
» ant Script Data Migration Syntax
» Configuring Oracle BAM Web Applications Properties
» Configuring Oracle BAM Server Properties
» Configuring Data Source JNDI Configuring Application URL
» Configuring Oracle Data Integrator Integration Properties
» Introduction to Configuring Oracle BAM Configuring the Logger
» Configuring Oracle User Messaging Service
» Configuring Oracle BAM Distribution Lists
» Configuring HTTPS for Oracle BAM Adapter
» Configuring Trusted Domains Configuring Credential Mapping
» Configuring Oracle BAM Batching Properties
» Configuring Credential Mapping Configuring Security
» Configuring Oracle BAM User Permissions
» Configuring Secure Socket Layer
» Using Oracle Internet Directory With Oracle BAM
» Securing Oracle BAM JMS Resources
» Protecting Oracle BAM Web Services, An Example
» Configuring Advanced Properties Oracle Fusion Middleware Online Documentation Library
» Oracle BAM Configuration Property Reference
» Monitoring Oracle BAM Active Data Cache
» Monitoring the Event Engine Component
» Monitoring the Report Cache Component Monitoring the Enterprise Message Sources
» Monitoring Oracle BAM Report Server
» Monitoring Open Connections Monitoring Oracle BAM Web Applications
» Introduction to Monitoring Oracle BAM Monitoring Oracle BAM Web Services
» Monitoring Oracle BAM Performance
» Introduction to Managing Oracle BAM
» Managing Oracle BAM Availability
» Using Previously Seeded Group Members
» Adding Members to Application Roles Introduction to Oracle BAM Application Roles
» Using the Oracle WebLogic Server Administration Console
» Adding a Group Configuring Oracle WebLogic Server Embedded LDAP Server
» Adding a User Configuring Oracle WebLogic Server Embedded LDAP Server
» Using the Registerusers Utility
» Managing Oracle BAM Object Ownership Removing Invalid Users from Oracle BAM Administrator
» Components Introduction to User Messaging Service
» Introduction to Oracle User Messaging Service Configuration
» Adding Business Terms Adding or Removing User Messaging Preferences Business Terms
» Introduction to Driver Properties
» Securing Passwords Configuring a Driver
» Driver Application Archive EAR The EAR file is oracle_
» Common Properties These are common driver properties that are indicative of
» Implement and deploy a web service listener endpoint based on the
» Click User Messaging Service Driver Properties.
» Under Driver-Specific Configuration, add a new extension endpoint
» Under Common Configuration, update Supported Protocols with a Click OK to save the configuration.
» Configuring User Messaging Service Access to LDAP User Profile
» Troubleshooting Oracle User Messaging Service
» Using Message Status Monitoring Oracle User Messaging Service
» Viewing Metrics and Statistics
» Deploying Drivers Using Oracle Enterprise Manager Fusion Middleware Control
» Deploying Drivers Using the Oracle Fusion Middleware Configuration Wizard
» Undeploying and Unregistering Drivers
» Click Invoke. Oracle Fusion Middleware Online Documentation Library
» Adding Predefined Properties for an Inbound Adapter
» Creating a New Property for an Inbound Adapter
» Deleting a Property for an Inbound Adapter
» Click the Properties tab to see a list of the currently defined binding
» Select the property you want to delete, and then click Delete.
» Reverting a Property Value for an Inbound Adapter
» Editing a Predefined Property for an Outbound Adapter
» Select the property you want to edit.
» Adding a Predefined Property for an Outbound Adapter
» Click the Select Value icon in the Name field of the new row.
» Creating a New Property for an Outbound Adapter
» Specify the property name and value in the Name and the Value fields of the
» Deleting a Property for an Outbound Adapter
» Reverting a Property Value for an Outbound Adapter
» Click OK to confirm. Click the Properties tab to see a list of the currently defined binding
» Select the property you want to revert, and then click Revert. Click OK to confirm.
» Click Save. Oracle Fusion Middleware Online Documentation Library
» Searching for Rejected Messages for an Inbound Adapter
» Monitoring Properties for an Inbound Adapter Click Properties.
» Click Dashboard. Oracle Fusion Middleware Online Documentation Library
» View the recent faults listed in the Recent Faults section.
» Monitoring Faults for an Outbound Adapter
» Monitoring Adapter Logs Oracle Fusion Middleware Online Documentation Library
» Configuring Oracle B2B Server Properties Configuring Oracle B2B Operations
» Configuring Oracle B2B Attributes
» Monitoring the Oracle B2B Infrastructure
» Introduction to the Event Delivery Network
» Subscribing to Business Events
» Managing Business Event Subscribers
» Recovering from Business Event Faults
» Configuring Properties for Web Services
» Oracle AQ Adapter Configuring Properties for Oracle JCA Adapters
» Oracle Database Adapter Configuring Properties for Oracle JCA Adapters
» Oracle File Adapter Configuring Properties for Oracle JCA Adapters
» Oracle FTP Adapter Configuring Properties for Oracle JCA Adapters
» Oracle JMS Adapter Configuring Properties for Oracle JCA Adapters
» Oracle Socket Adapter Configuring Properties for Oracle JCA Adapters
» Oracle JCA Adapters Endpoint Properties
» Configuring Caching of WSDL URLs
» Monitoring Binding Component Instances and Faults
» Monitoring Binding Component Rejected Messages
» Configuring the Environment for Publishing Web Services to UDDI
» Enter the following syntax and provide host, port, and proxy host details
» Run setDomainEnv.sh or setDomainEnv.bat.
» Publishing a Web Service to the UDDI Registry
» Configuring BPMN Process Service Engine Properties
» Task 1: Configure the Oracle BAM Adapter on Oracle BPM Server
» Task 2: Enable Oracle BAM on the Oracle BPM Server
» Viewing the Audit Trail and Process Flow of a BPMN Process Service Component
» Monitoring BPMN Process Service Component Instances and Faults
» Monitoring BPMN Process Service Engine Request and Thread Statistics
» Monitoring BPMN Process Service Engine Instances
» Monitoring Deployed BPMN Processes in the Service Engine
» Recovering from BPMN Process Service Component Faults
» Managing BPMN Process Service Component Policies
» Recovering from BPMN Process Service Engine Faults
Show more