Oracle E-Business Suite Integrated SOA Gateway Overview

Oracle E-Business Suite Integrated SOA Gateway Overview

Building on top of Oracle Fusion Middleware and service-oriented architecture (SOA) technology, Oracle E-Business Suite Integrated SOA Gateway (ISG) is a complete set of service infrastructure to provide, consume, and administer Oracle E-Business Suite web services.

With service enablement feature, integration interfaces published in the Oracle Integration Repository can be transformed into SOAP and REST based web services.

SOAP-based services are described in WSDLs and are deployed to the application server for service consumption. REST services described in WADLs are used for user-driven applications such as Oracle E-Business Suite mobile applications.

Oracle E-Business Suite Integrated SOA Gateway provides Service Invocation Framework to invoke and consume web services provided by other applications.

For more information about each integration interface and service, see the Oracle E-Business Suite Integrated SOA Gateway User's Guide; for more information on implementing and administering Oracle E-Business Suite Integrated SOA Gateway, see the Oracle E-Business Suite Integrated SOA Gateway Implementation Guide.

Major Features

Oracle E-Business Suite Integrated SOA Gateway contains the following features:

• Display all Oracle E-Business Suite integration interface definitions through Oracle Integration Repository

• Support custom integration interfaces from Oracle Integration Repository

• Provide service enablement capability (SOAP and REST services) for seeded and custom integration interfaces within Oracle E-Business Suite

• Use the Integration Repository user interface to perform design-time activities such as generate and deploy Oracle E-Business Suite web services

• Support synchronous interaction pattern for both SOAP-based and REST-based web services

  Note: In this release, only PL/SQL APIs, Concurrent Programs, and Business Service Objects can be exposed as both SOAP and REST services. Java Bean Services, Application Module Services, Open Interface Tables, and Open Interface Views can be exposed as REST services only.

• Support multiple authentication types for inbound service requests in securing web service content

• Enforce function security and role-based access control security to allow only authorized users to execute administrative functions

• Provide centralized, user-friendly user interface for logging configuration

• Audit and monitor Oracle E-Business Suite service operations from native SOA Monitor

• Leverage Oracle Workflow Business Event System to enable web service invocation from Oracle E-Business Suite

Major Components Features and Definitions

The better understand Oracle E-Business Suite Integrated SOA Gateway and its key components, this section describes some key features and the definition of each component.

Native Service Enablement

Service enablement is the key feature within Oracle E-Business Suite Integrated SOA Gateway. It provides a mechanism that allows native packaged integration interface definitions residing in Oracle Integration Repository to be further transformed into web services that comply with web standards. Additionally, these services can be deployed from the Integration Repository to the application server allowing more consumptions over the web.

To understand the basic concept of web services and how the service works, the following diagram illustrates the essential components for service enablement:

Major Components for Service Enablement

A Service Provider is the primary engine underlying the web services. It facilitates the service enablement for various types of interfaces.

A Service Consumer (web service client) is the party that uses or consumes the services provided by the Service Provider.

A Service Broker (Service Registry) describes the service's location and contract to ensure service information is available to any potential service consumer.

Composite Services

Composite services use the native service as building blocks to construct the sequence of business flows. Basically, this interface type orchestrates the invocation sequence of discrete web services into a meaningful end-to-end business process through a web service composition language BPEL (business process execution language).

For example, use Oracle BPEL Process Manager (BPEL PM) to integrate the Order-to-Receipt business process that contains sales order entry, item availability check, pack and ship, and invoice to Accounts Receivable sub processes handled by various applications. This approach effectively tightens up the control of each individual process and makes the entire business flow more efficiently.

Oracle Integration Repository and Service Enablement

Oracle Integration Repository, an integral part of Oracle E-Business Suite, is the centralized repository that contains numerous interface endpoints exposed by applications within the Oracle E-Business Suite.

To effectively manage all integration interfaces and services incurred within the Oracle E-Business Suite, Oracle E-Business Suite Integrated SOA Gateway now supports complex business processes or composite services, web service generation and deployment, as well as business event subscriptions through the centralized Integration Repository.

You can browse these interface definitions and services through the Oracle Integration Repository user interfaces. Users with administrator privileges can further perform administrative tasks through the same interfaces.

Oracle Integration Repository supports the following interface types:

• PL/SQL

• XML Gateway

• Concurrent Programs

• Business Events

• Open Interface Tables/Views

• EDI

• Business Service Object (Service Beans)

• Java

  Apart from normal Java APIs, Java interface includes the following subcategories:

  • Application Module Services

    Note: Application Module Implementation class is a Java class that provides access to business logic governing the OA Framework based components and pages. Such Java classes are called Application Module Services and are categorized as a subtype of Java interface.

  • Java Bean Services

    Note: Java APIs whose methods use parameters of either simple data types or serializable Java Beans are categorized as Java Bean Services. Such Java APIs can be exposed as REST-based web services.

  • Security Services

    Note: Security Services are a set of predefined and pre-deployed REST services from Oracle Application Object Library. These services include Authentication and Authorization services for mobile applications. These services are built on Java; therefore, they are categorized as a subtype of Java interface.

  Note that Java APIs for Forms web services are desupported in Oracle E-Business Suite Release 12.2. If you are planning to use this type of interfaces as web services, you are advised to use alternate serviceable interfaces, such as PL/SQL and Business Service Objects interfaces, which can be deployed as web services. Refer to My Oracle Support Knowledge Document 966982.1 for the suggested alternatives to the existing Java APIs for Forms services.

• Composite Services

Service Invocation Framework

To invoke all integration services from Oracle E-Business Suite, Oracle E-Business Suite Integrated SOA Gateway uses the Service Invocation Framework (SIF) that leverages Oracle Workflow Java Business Event System (JBES) and a seeded Java rule function to allow any WSDL-described service to be invoked.

By using this service invocation framework, developers or implementors can interact with web services through WSDL descriptions instead of working directly with SOAP APIs, the usual programming model. This approach lets you use WSDL as a normalized description of disparate software, and allows you to access this software in a manner that is independent of protocol or location.

Since this feature is the major development framework in invoking web services within the entire Oracle E-Business Suite, detailed implementation information is described in a separate chapter in this book.

See Web Service Invocation Using Service Invocation Framework.

SOA Monitor

SOA Monitor is a centralized, light-weight service execution monitoring and management tool. It not only monitors all the SOAP requests that SOA Provider and Web Service Provider process, but also provides auditing feature for the SOAP messages if the auditing feature is enabled.

With SOA Monitor, the Integration Repository Administrator can effectively manage and identify errors incurred during the service deployment life cycle and take necessary actions to expedite the interaction between services.

Manage Security

Oracle E-Business Suite integrated SOA Gateway enforces the security rules through subject authentication and authorization:

• To authenticate users who request Oracle E-Business Suite web services, request messages must be checked based on the selected authentication type:

  • The SOAP messages must be authenticated using UsernameToken or SAML Token based security. The identified authentication information is embedded in the wsse:security Web Security headers.

  • The REST messages are authenticated using HTTP Basic Authentication or Token Based Authentication at HTTP or HTTPS transport level.

• To authorize users on specific services or operations, the access permissions must be explicitly given to the users through security grants. Multiple organization access control (MOAC) security rule is also implemented for authorizing interface execution related to multiple organizations.

Additionally, input message header (such as SOAHeader for SOAP services or RESTHeader for REST services) is used to pass application contexts needed in invoking Oracle E-Business Suite services as part of the subject authorization.