Configuring Human Workflow Task Service Properties
19.7.1 Adding an Authentication Provider
You can add an authentication provider to a security realm using the Oracle WebLogic Server Administration Console. To add an authentication provider: 1. Log in to the Oracle WebLogic Server Administration Console.2. Click Security Realms in the Domain Structure pane, and click the name of a
realm in the list myrealm, for example. 3. Click Providers Authentication. The Authentication Providers page appears. Note: Although you can configure an alternative LDAP authentication provider for Oracle BPM Worklist, Oracle Platform Security Services does not support multiple LDAP authentication providers. The provider you want to use for Human Workflow authentication must be the first one listed in the order of authentication providers for Oracle SOA Suite. Note: Oracle Fusion Middleware supports providers that enable the User and Role API to interact with custom identity stores. For more information, see Chapter Developing with the User and Role API of the Oracle Fusion Middleware Application Security Guide. 19-14 Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle BPM Suite4. Click New to add a new authentication provider.
The Create a New Authentication Provider page appears.5. In the Name field, type a name for the provider, choose the authenticator type
using the Type drop-down list, and click OK. For example, you can type OIDAuthenticator as the name and choose OracleInternetDirectoryAuthenticator as the type for a provider that authenticates users using the Oracle Internet Directory. Similarly, you can type a name and choose ActiveDirectoryAuthenticator, iPlanetAuthenticator , openLDAPAuthenticator, or NovellAuthenticator from the list to specify the corresponding authenticator. Configuring Human Workflow Service Components and Engines 19-156. On the Providers Authentication page, click the authenticator that you just
created. The settings for the authentication provider appears.7. From the Control Flag drop-down list, choose SUFFICIENT, and click Save.
This specifies that if a user is authenticated successfully using this authenticator, WebLogic should accept the authentication and not continue to invoke any additional authenticators. If the authentication fails, Oracle WebLogic Server attempts to authenticate the user using the next authenticator in the list. If you set the Control Flag to SUFFICIENT, ensure that all subsequent authenticators also have the Control Flag set to SUFFICIENT. Likewise, ensure that the Control Flag of the default authenticator is set to SUFFICIENT as well.8. Click Provider Specific to enter the details for the authenticator server.
9. Enter the provider-specific information about the authentication provider, check the Use Retrieved User Name as Principal checkbox, and click Save. You must specify the following information. Use the default setting for the rest of the fields. Note: When using Oracle Internet Directory as the authentication provider, you must set the orclsslinteropmode attribute to 0 zero using Oracle Directory Services Manager. See Section 19.7.3, Configuring the Directory Service for more information. Field Description Host The hostname or IP address on which the authenticator server is running. Port The port number on which the authenticator server is running. 19-16 Oracle Fusion Middleware Administrators Guide for Oracle SOA Suite and Oracle BPM Suite If the user attribute being used is other than the default username attribute in the LDAP server, add the following entries to the identity store instance in the jps-config.xml file: property name=username.attr value=desired_attr property name=user.login.attr value=desired_attr where desired_attr can be one of CN, UID, or MAIL.10. Click Security Realms Providers Authentication to return to the list of
authentication providers.11. Click Reorder.
The Reorder Authentication Providers page appears.12. Select the new authentication provider, click the Up arrow to move the provider to
the top of the list, and click OK. After reordering, the DefaultAuthenticator should appear at the bottom of the list. This action enables the system to handle logins as weblogic that are not typically in an LDAP directory, but still must be authenticated to start the server. Principal The Distinguished Name DN of the authenticator server user that Oracle WebLogic Server should use when connecting to the server. Credential The credential usually a password used to connect to the authenticator server. User Base DN The base Distinguished Name DN of the tree in the LDAP directory that contains users. Group Base DN The base Distinguished Name DN of the tree in the LDAP directory that contains groups. Use Retrieved User Name as Principal Specifies whether to use the user name retrieved from the LDAP server as the principal in the subject. User Name Attribute The attribute of an LDAP user object class that specifies the name of the user for example, UID, CN, MAIL. Field Description Configuring Human Workflow Service Components and Engines 19-17 Note that if multiple authentication providers are configured, authentication falls through the list of authenticators according to the control flags set. But the Java Portlet Specification JPS provides authorization against only the first entry in the list of providers.19.7.2 Creating Users and Groups in the Authentication Provider
You can create users and groups in the authentication provider using either Oracle WebLogic Server Administration Console or Oracle Directory Services Manager.19.7.2.1 Creating Users and Groups Using WebLogic Console
You can create users and groups for a specific provider, and define user and group membership, using the Oracle WebLogic Server Administration Console. To create a user using WebLogic Console: 1. Log in to the Oracle WebLogic Console.2. Click Security Realms in the Domain Structure pane, and click the name of a
realm in the list myrealm, for example. 3. Click Users and Groups Users. The Users page appears.4. Click New to add a new user. The Create a New User page appears.
5. Enter the required information about the user, and click OK.
You must specify the following information. Field Description Name Required The name of the new user. Description A description of the new user. Provider The provider for the user. Password The password associated with the login name for the new user. Confirm Password Confirmation of the password.Parts
» Oracle Fusion Middleware Online Documentation Library
» Introduction to the SOA Infrastructure Application
» Introduction to SOA Composite Applications
» Introduction to SOA Composite Application Instances
» Introduction to Service Components and Service Component Instances
» Introduction to Binding Components
» Introduction to Service Engines
» Introduction to the Service Infrastructure
» Introduction to the Contents of SOA Composite Applications
» What Is Oracle Fusion Middleware? What Is Oracle Business Process Management Suite?
» Introduction to the Order of Precedence for Audit Level Settings
» Monitoring of Oracle SOA Suite and Oracle BPM Suite
» Introduction to Fault Recovery
» Introduction to How Policies are Executed Policies are executed before a message
» Introduction to the Lifecycle State of SOA Composite Applications
» Administration for Application Developers
» Logging In to Oracle Enterprise Manager Fusion Middleware Control
» Navigating Through the SOA Infrastructure Home Page and Menu
» Navigating Through the SOA Composite Application Home Page and Menu
» Navigating Through the Partition Home Page and Menu Navigating to Deployed Java EE Applications
» Logging Out of Oracle Enterprise Manager Fusion Middleware Control
» Disabling Instance and Fault Count Metrics Retrieval with the System MBean Browser
» Waiting for SOA Infrastructure Startup Initialization to Complete
» Changing the SOA Infrastructure Server URL Property Port
» Configuring Log Files Oracle Fusion Middleware Online Documentation Library
» Configuring the Logging File Encoding Property
» Specifying a Nondefault XA Transaction Timeout Value for XA Data Sources
» Monitoring SOA Infrastructure Recent Instances and Faults
» Redeploying Applications Oracle Fusion Middleware Online Documentation Library
» Undeploying Applications Oracle Fusion Middleware Online Documentation Library
» Introduction to Securing SOA Composite Applications
» Configuring Oracle HTTP Server with Oracle BPM Worklist
» Setting up SAML Message-Protected Policy Configuration for the SOA Infrastructure
» Automatically Authenticating Oracle BPM Worklist Users in SAML SSO Environments
» In the Oracle WebLogic Server Administration Console, select Security
» Select the Providers tab, and then the Authentication subtab.
» From the provider list, select the provider with the description SAML 2.0
» Scroll down the page until you see the field Redirect URIs.
» Configuring SOA Composite Applications for Two-Way SSL Communication
» From the SOA Infrastructure menu, select SOA Administration Common
» At the bottom of the page, click More SOA Infra Advanced Configuration
» Click KeystoreLocation. Oracle Fusion Middleware Online Documentation Library
» In the Value column, enter the keystore location.
» Click Apply. Oracle Fusion Middleware Online Documentation Library
» Invoking References in One-Way SSL Environments in Oracle JDeveloper
» Configuring Oracle HTTP Server for SSL Communication
» Configuring Certificates for Oracle Client, Oracle HTTP Server, and Oracle WebLogic Server
» Configuring SSL Between SOA Composite Application Instances and Oracle WebCache
» Using a Custom Trust Store for One-Way SSL During Design Time
» Configuring Security for Human Workflow WSDL Files
» Monitoring SOA Composite Application Recent Instances and Faults
» Specifying RPCLiteral-Style WSDL Files on the Test Page
» Managing the State of All Applications at the SOA Infrastructure Level
» Managing the State of an Application from the SOA Composite Application Home Page
» Starting and Stopping a Managed Oracle WebLogic Server
» Monitoring and Deleting SOA Composite Application Instances from the Application Home Page
» In the Instance ID column, click a specific instance ID to show the message
» In the State column, if an instance state is marked as Unknown, click it to
» Recovering from SOA Composite Application Faults at the SOA Infrastructure Level
» From the View list, select Columns Fault ID to display the fault IDs for each
» In the Composite column, click a specific SOA composite application to access
» In the Fault Location column, click a specific location to access the faults page
» In the Composite Instance ID column, click a specific ID to access the flow
» Example: Single Fault Recovery for BPEL Processes
» Example: Bulk Fault Recovery for BPEL Processes
» Example: Single Fault Recovery for BPMN Processes
» Example: Single Fault Recovery for Oracle Mediator
» Recovering from SOA Composite Application Faults in the Application Home Page
» Automating the Testing of SOA Composite Applications
» WS-RM Sessions Policy Attachments and Local Optimization in Composite-to-Composite Invocations
» Exporting a Running SOA Composite Application
» Creating and Deleting Partitions
» In the Name field, enter a partition name, and click Create.
» Performing Bulk Lifecycle Management Tasks on Composites in Partitions
» Deleting Large Numbers of Instances with the Purge Script
» Referential Integrity and Equipartioning
» Introduction to Partition Key Selection
» Developing a Purging and Partitioning Methodology
» delete_instances Procedure Looped Purge Script
» Purge States Deleting Large Numbers of Instances with the Purge Scripts
» Configuring Partitions Introduction to the Verification Scripts
» Component Tables Partitioning Component Tables
» Executing the Verification Scripts
» Verifying and Dropping Partitions
» Partial Partitioning of Components
» Retrieving the State of a Composite Finding Composite and Component Instances
» Configuring Automatic Recovery Attempts for Invoke and Callback Messages
» Setting the Audit Level at the BPEL Process Service Component Level
» Monitoring BPEL Process Service Component Instances and Faults
» Monitoring BPEL Process Service Component Instances
» Behavior of Activity Sensors in Compensate and CompensateScope Activities in BPEL 2.0
» Monitoring BPEL Process Service Engine Instances
» In the Instance ID column, click an instance ID for a service component to
» In the Component column, click a specific service component to access its
» In the Logs column, click a specific log to access the Log Messages page with
» Monitoring Deployed BPEL Processes in the Service Engine
» Recovering from BPEL Process Service Component Faults
» Click the Show only recoverable faults checkbox to display only faults from
» From the Fault Type list, select to display all faults, system faults, business
» Recovering from BPEL Process Service Engine Faults
» Configuring Oracle Mediator Service Engine Properties
» Configuring Resequenced Messages Oracle Fusion Middleware Online Documentation Library
» Monitoring Oracle Mediator Service Component Instances and Faults
» In the Instance ID column, click an instance ID to view its instance details,
» Introductions to the Sections of the Dashboard Page
» Monitoring Oracle Mediator Instance Information
» Monitoring Oracle Mediator Faults
» Dashboard Page Instances Page Faults Page
» Mediator Resequencing Group Dialog
» Monitoring Resequenced Messages from the Mediator Instance Dialog
» Managing Oracle Mediator Faults
» Managing Oracle Mediator Policies
» Deleting Cross-Reference Values Oracle Fusion Middleware Online Documentation Library
» Monitoring Business Rules Service Engine Instances and Faults
» Monitoring Business Rules Service Engine Statistics
» Monitoring Business Rules Service Engine Instances
» Tracing Rule Execution at the Development Audit Level
» Tracing Rule Execution at the Production Audit Level
» Viewing Decision Service Component Logs
» Setting the Diagnostic Logging Level with a Log Configuration
» Configuring Human Workflow Notification Properties
» Configuring Human Workflow Task Service Properties
» Pluggable Notification Service Implementation Pluggable Notification Service Registration
» Configuring Oracle HTTP Server for Task Form Attachments Configuring Multiple Send Addresses
» Adding an Authentication Provider
» Creating Users and Groups Using WebLogic Console
» Creating Users and Groups Using Oracle Internet Directory
» Configuring the Directory Service
» Changing the Default Password in the Embedded LDAP Server
» Click Edit. Add application roles and groups in the Roles section and users in the Users
» Configuring Security Policies for Human Workflow Web Services
» Monitoring Human Task Service Component Instances and Faults
» Viewing the Status of Human Workflow Tasks
» Monitoring Human Task Service Component Instances
» Monitoring Human Workflow Service Engine Instances and Faults
» Click Show All below the section to access the Instances page of the service
» In the Name column, click a specific service component to access its home
» In the Composite columns, click a specific SOA composite application to
» Click Show All below the section to access the Deployed Components page of
» Monitoring Human Workflow Service Engine Active Requests and Operation Statistics
» Monitoring Deployed Human Workflows in the Service Engine
» Managing Human Task Service Component Policies
» Recovering from Human Workflow Service Engine Faults
» In the Error Message column, click a specific message to display complete
» In the Recovery column, click a fault that is marked as recoverable to invoke
» In the Component Instance ID column, click a specific service component ID
» Managing the URI of the Human Task Service Component Task Details Application
» Recovering from Human Task Service Component Faults
» Managing Outgoing Notifications and Incoming Email Notifications
» Moving Human Workflow Data from Test to Production Environments
» Exporting All Attribute Labels The following example exports all attribute
» Importing Task Payload Mapped Attribute Mappings for All Task Definition IDs The
» Exporting Task Payload Mapped Attribute Mappings for a Specific Task Definition ID
» Importing Task Payload Mapped Attribute Mappings for a Specific Task Definition ID
» Exporting All User Views This example exports all user views.
» Importing All User Views This example imports all user views.
» Exporting a Specific User View This example exports a specific user view.
» Importing a Specific User View This example imports a specific user view.
» Export All Standard Views This example exports all standard views.
» ant Script Data Migration Syntax
» Configuring Oracle BAM Web Applications Properties
» Configuring Oracle BAM Server Properties
» Configuring Data Source JNDI Configuring Application URL
» Configuring Oracle Data Integrator Integration Properties
» Introduction to Configuring Oracle BAM Configuring the Logger
» Configuring Oracle User Messaging Service
» Configuring Oracle BAM Distribution Lists
» Configuring HTTPS for Oracle BAM Adapter
» Configuring Trusted Domains Configuring Credential Mapping
» Configuring Oracle BAM Batching Properties
» Configuring Credential Mapping Configuring Security
» Configuring Oracle BAM User Permissions
» Configuring Secure Socket Layer
» Using Oracle Internet Directory With Oracle BAM
» Securing Oracle BAM JMS Resources
» Protecting Oracle BAM Web Services, An Example
» Configuring Advanced Properties Oracle Fusion Middleware Online Documentation Library
» Oracle BAM Configuration Property Reference
» Monitoring Oracle BAM Active Data Cache
» Monitoring the Event Engine Component
» Monitoring the Report Cache Component Monitoring the Enterprise Message Sources
» Monitoring Oracle BAM Report Server
» Monitoring Open Connections Monitoring Oracle BAM Web Applications
» Introduction to Monitoring Oracle BAM Monitoring Oracle BAM Web Services
» Monitoring Oracle BAM Performance
» Introduction to Managing Oracle BAM
» Managing Oracle BAM Availability
» Using Previously Seeded Group Members
» Adding Members to Application Roles Introduction to Oracle BAM Application Roles
» Using the Oracle WebLogic Server Administration Console
» Adding a Group Configuring Oracle WebLogic Server Embedded LDAP Server
» Adding a User Configuring Oracle WebLogic Server Embedded LDAP Server
» Using the Registerusers Utility
» Managing Oracle BAM Object Ownership Removing Invalid Users from Oracle BAM Administrator
» Components Introduction to User Messaging Service
» Introduction to Oracle User Messaging Service Configuration
» Adding Business Terms Adding or Removing User Messaging Preferences Business Terms
» Introduction to Driver Properties
» Securing Passwords Configuring a Driver
» Driver Application Archive EAR The EAR file is oracle_
» Common Properties These are common driver properties that are indicative of
» Implement and deploy a web service listener endpoint based on the
» Click User Messaging Service Driver Properties.
» Under Driver-Specific Configuration, add a new extension endpoint
» Under Common Configuration, update Supported Protocols with a Click OK to save the configuration.
» Configuring User Messaging Service Access to LDAP User Profile
» Troubleshooting Oracle User Messaging Service
» Using Message Status Monitoring Oracle User Messaging Service
» Viewing Metrics and Statistics
» Deploying Drivers Using Oracle Enterprise Manager Fusion Middleware Control
» Deploying Drivers Using the Oracle Fusion Middleware Configuration Wizard
» Undeploying and Unregistering Drivers
» Click Invoke. Oracle Fusion Middleware Online Documentation Library
» Adding Predefined Properties for an Inbound Adapter
» Creating a New Property for an Inbound Adapter
» Deleting a Property for an Inbound Adapter
» Click the Properties tab to see a list of the currently defined binding
» Select the property you want to delete, and then click Delete.
» Reverting a Property Value for an Inbound Adapter
» Editing a Predefined Property for an Outbound Adapter
» Select the property you want to edit.
» Adding a Predefined Property for an Outbound Adapter
» Click the Select Value icon in the Name field of the new row.
» Creating a New Property for an Outbound Adapter
» Specify the property name and value in the Name and the Value fields of the
» Deleting a Property for an Outbound Adapter
» Reverting a Property Value for an Outbound Adapter
» Click OK to confirm. Click the Properties tab to see a list of the currently defined binding
» Select the property you want to revert, and then click Revert. Click OK to confirm.
» Click Save. Oracle Fusion Middleware Online Documentation Library
» Searching for Rejected Messages for an Inbound Adapter
» Monitoring Properties for an Inbound Adapter Click Properties.
» Click Dashboard. Oracle Fusion Middleware Online Documentation Library
» View the recent faults listed in the Recent Faults section.
» Monitoring Faults for an Outbound Adapter
» Monitoring Adapter Logs Oracle Fusion Middleware Online Documentation Library
» Configuring Oracle B2B Server Properties Configuring Oracle B2B Operations
» Configuring Oracle B2B Attributes
» Monitoring the Oracle B2B Infrastructure
» Introduction to the Event Delivery Network
» Subscribing to Business Events
» Managing Business Event Subscribers
» Recovering from Business Event Faults
» Configuring Properties for Web Services
» Oracle AQ Adapter Configuring Properties for Oracle JCA Adapters
» Oracle Database Adapter Configuring Properties for Oracle JCA Adapters
» Oracle File Adapter Configuring Properties for Oracle JCA Adapters
» Oracle FTP Adapter Configuring Properties for Oracle JCA Adapters
» Oracle JMS Adapter Configuring Properties for Oracle JCA Adapters
» Oracle Socket Adapter Configuring Properties for Oracle JCA Adapters
» Oracle JCA Adapters Endpoint Properties
» Configuring Caching of WSDL URLs
» Monitoring Binding Component Instances and Faults
» Monitoring Binding Component Rejected Messages
» Configuring the Environment for Publishing Web Services to UDDI
» Enter the following syntax and provide host, port, and proxy host details
» Run setDomainEnv.sh or setDomainEnv.bat.
» Publishing a Web Service to the UDDI Registry
» Configuring BPMN Process Service Engine Properties
» Task 1: Configure the Oracle BAM Adapter on Oracle BPM Server
» Task 2: Enable Oracle BAM on the Oracle BPM Server
» Viewing the Audit Trail and Process Flow of a BPMN Process Service Component
» Monitoring BPMN Process Service Component Instances and Faults
» Monitoring BPMN Process Service Engine Request and Thread Statistics
» Monitoring BPMN Process Service Engine Instances
» Monitoring Deployed BPMN Processes in the Service Engine
» Recovering from BPMN Process Service Component Faults
» Managing BPMN Process Service Component Policies
» Recovering from BPMN Process Service Engine Faults
Show more