Building on top of Oracle Fusion Middleware and service-oriented architecture (SOA) technology, Oracle E-Business Suite Integrated SOA Gateway (ISG) is a complete set of service infrastructure to provide, consume, and administer Oracle E-Business Suite web services.
With service enablement feature, integration interfaces published in the Oracle Integration Repository can be transformed into SOAP and REST based web services.
SOAP-based services are described in WSDLs and are deployed to the application server for service consumption. REST services described in WADLs are used for user-driven applications such as Oracle E-Business Suite mobile applications.
Oracle E-Business Suite Integrated SOA Gateway provides Service Invocation Framework to invoke and consume web services provided by other applications.
For more information about each integration interface and service, see the Oracle E-Business Suite Integrated SOA Gateway User's Guide; for more information on implementing and administering Oracle E-Business Suite Integrated SOA Gateway, see the Oracle E-Business Suite Integrated SOA Gateway Implementation Guide.
Oracle E-Business Suite Integrated SOA Gateway contains the following features:
Display all Oracle E-Business Suite integration interface definitions through Oracle Integration Repository
Support custom integration interfaces from Oracle Integration Repository
Provide service enablement capability (SOAP and REST services) for seeded and custom integration interfaces within Oracle E-Business Suite
Use the Integration Repository user interface to perform design-time activities such as generate and deploy Oracle E-Business Suite web services
Support synchronous interaction pattern for both SOAP-based and REST-based web services
Note: In this release, only PL/SQL APIs, Concurrent Programs, and Business Service Objects can be exposed as both SOAP and REST services. Java Bean Services, Application Module Services, Open Interface Tables, and Open Interface Views can be exposed as REST services only.
Support multiple authentication types for inbound service requests in securing web service content
Enforce function security and role-based access control security to allow only authorized users to execute administrative functions
Provide centralized, user-friendly user interface for logging configuration
Audit and monitor Oracle E-Business Suite service operations from native SOA Monitor
Leverage Oracle Workflow Business Event System to enable web service invocation from Oracle E-Business Suite
The better understand Oracle E-Business Suite Integrated SOA Gateway and its key components, this section describes some key features and the definition of each component.
Service enablement is the key feature within Oracle E-Business Suite Integrated SOA Gateway. It provides a mechanism that allows native packaged integration interface definitions residing in Oracle Integration Repository to be further transformed into web services that comply with web standards. Additionally, these services can be deployed from the Integration Repository to the application server allowing more consumptions over the web.
To understand the basic concept of web services and how the service works, the following diagram illustrates the essential components for service enablement:
Major Components for Service Enablement
A Service Provider is the primary engine underlying the web services. It facilitates the service enablement for various types of interfaces.
A Service Consumer (web service client) is the party that uses or consumes the services provided by the Service Provider.
A Service Broker (Service Registry) describes the service's location and contract to ensure service information is available to any potential service consumer.
Composite services use the native service as building blocks to construct the sequence of business flows. Basically, this interface type orchestrates the invocation sequence of discrete web services into a meaningful end-to-end business process through a web service composition language BPEL (business process execution language).
For example, use Oracle BPEL Process Manager (BPEL PM) to integrate the Order-to-Receipt business process that contains sales order entry, item availability check, pack and ship, and invoice to Accounts Receivable sub processes handled by various applications. This approach effectively tightens up the control of each individual process and makes the entire business flow more efficiently.
Oracle Integration Repository, an integral part of Oracle E-Business Suite, is the centralized repository that contains numerous interface endpoints exposed by applications within the Oracle E-Business Suite.
To effectively manage all integration interfaces and services incurred within the Oracle E-Business Suite, Oracle E-Business Suite Integrated SOA Gateway now supports complex business processes or composite services, web service generation and deployment, as well as business event subscriptions through the centralized Integration Repository.
You can browse these interface definitions and services through the Oracle Integration Repository user interfaces. Users with administrator privileges can further perform administrative tasks through the same interfaces.
Oracle Integration Repository supports the following interface types:
PL/SQL
XML Gateway
Concurrent Programs
Business Events
Open Interface Tables/Views
EDI
Business Service Object (Service Beans)
Java
Apart from normal Java APIs, Java interface includes the following subcategories:
Application Module Services
Note: Application Module Implementation class is a Java class that provides access to business logic governing the OA Framework based components and pages. Such Java classes are called Application Module Services and are categorized as a subtype of Java interface.
Java Bean Services
Note: Java APIs whose methods use parameters of either simple data types or serializable Java Beans are categorized as Java Bean Services. Such Java APIs can be exposed as REST-based web services.
Security Services
Note: Security Services are a set of predefined and pre-deployed REST services from Oracle Application Object Library. These services include Authentication and Authorization services for mobile applications. These services are built on Java; therefore, they are categorized as a subtype of Java interface.
Note that Java APIs for Forms web services are desupported in Oracle E-Business Suite Release 12.2. If you are planning to use this type of interfaces as web services, you are advised to use alternate serviceable interfaces, such as PL/SQL and Business Service Objects interfaces, which can be deployed as web services. Refer to My Oracle Support Knowledge Document 966982.1 for the suggested alternatives to the existing Java APIs for Forms services.
Composite Services
To invoke all integration services from Oracle E-Business Suite, Oracle E-Business Suite Integrated SOA Gateway uses the Service Invocation Framework (SIF) that leverages Oracle Workflow Java Business Event System (JBES) and a seeded Java rule function to allow any WSDL-described service to be invoked.
By using this service invocation framework, developers or implementors can interact with web services through WSDL descriptions instead of working directly with SOAP APIs, the usual programming model. This approach lets you use WSDL as a normalized description of disparate software, and allows you to access this software in a manner that is independent of protocol or location.
Since this feature is the major development framework in invoking web services within the entire Oracle E-Business Suite, detailed implementation information is described in a separate chapter in this book.
See Web Service Invocation Using Service Invocation Framework.
SOA Monitor is a centralized, light-weight service execution monitoring and management tool. It not only monitors all the SOAP requests that SOA Provider and Web Service Provider process, but also provides auditing feature for the SOAP messages if the auditing feature is enabled.
With SOA Monitor, the Integration Repository Administrator can effectively manage and identify errors incurred during the service deployment life cycle and take necessary actions to expedite the interaction between services.
Oracle E-Business Suite integrated SOA Gateway enforces the security rules through subject authentication and authorization:
To authenticate users who request Oracle E-Business Suite web services, request messages must be checked based on the selected authentication type:
The SOAP messages must be authenticated using UsernameToken or SAML Token based security. The identified authentication information is embedded in the wsse:security
Web Security headers.
The REST messages are authenticated using HTTP Basic Authentication or Token Based Authentication at HTTP or HTTPS transport level.
To authorize users on specific services or operations, the access permissions must be explicitly given to the users through security grants. Multiple organization access control (MOAC) security rule is also implemented for authorizing interface execution related to multiple organizations.
Additionally, input message header (such as SOAHeader for SOAP services or RESTHeader for REST services) is used to pass application contexts needed in invoking Oracle E-Business Suite services as part of the subject authorization.