> Installing WebLogic RFID Enterprise Server > Configuring WebLogic RFID Enterprise Server

Installing WebLogic RFID Enterprise Server

     Previous  Next    Open TOC in new window  Open Index in new window  View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Configuring WebLogic RFID Enterprise Server

The following sections provide information about WebLogic RFID Enterprise Server for use after creating a domain:

When configuring and tuning WebLogic RFID Enterprise Server, you have access to all the WebLogic Server administrative tools. For example, use the WebLogic Server Administration Console to view the list of WLRFID libraries and applications under Deployments.

To access the WebLogic RFID Enterprise Server Consoles go to: 

http://localhost:7001/enterprise

 

Browser Requirements

The following browsers are supported for accessing the GUIs provided with WebLogic RFID Enterprise Server 2.0:

Although both browsers are supported, there are some minor issues with support for Firefox. For example, when using the Edge Server Administration Console to edit an ECSpec, Firefox does not detect when you close the editing window. If you re-open the window, Firefox displays a message stating that you can have only one editing session at a time (you can click OK on the message window to open an editing session).

Because there are these minor UI issues, BEA recommends that you use Internet Explorer. However, you can access all RFID Enterprise Server features with Firefox, just be aware you might encounter some minor UI idiosyncrasies.

Whichever browsers you use, the configuration and requirements include:

 

Backwards Compatibility with Enterprise Server 1.1

JMS Queues

Three message queues are provided in 2.0:

The EPCISMessages queue used in version 1.1 is also available in 2.0. Therefore applications that sent messages to this queue in Enterprise Server 1.1 can send continue to send messages to the same queue in Enterprise Server 2.0 without any modifications. This queue should operate seamlessly, assuming that security configurations are compatible between the sending and receiving systems.

The EPCISCapture queue is a new queue for capturing messages formatted for Enterprise Server 2.0.

The EPCISFailedMessages queue can hold messages of either type. When an error occurs during capture, a message is automatically moved to this queue after the number of retries is exceeded.

SOAP API

The 1.1 SOAP API is exposed in the 2.0 release. The URL for the 1.1 SOAP service is: 

http://[host]:[port]/legacyepcis/LegacyEPCIS

(The inbound-message URL for the WebLogic RFID Enterprise Server 2.0 SOAP service is http://[host]:[port]/epcis/EPCIS.)

 

Capturing Data from the Edge

For information about sending event data from WebLogic RFID Edge Server to WebLogic RFID Enterprise Server, see the Edge Server documentation at:

http://download.oracle.com/docs/cd/E13197_01/rfid/edge_server/docs21/workflow_reference/index.html

For information about the JMS queues used to capture incoming event data in WebLogic RFID Enterprise Server, see JMS Queues.

 

Initializing Databases

If you did not configure and initialize a database with the Configuration Wizard, you will need to do so before running Enterprise Server.

First, you will need to create the tables and populate them with the default data.

  1. In the BEA_HOME/user_projects/domains/your-domain/config directory, modify following properties in the kodo.properties file in order to connect to your database (the example uses PointBase properties, set the properties for your database):
    2. javax.jdo.option.ConnectionDriverName:
     com.pointbase.jdbc.jdbcUniversalDriver
    javax.jdo.option.ConnectionURL: jdbc:pointbase:embedded:ent_server;new
    javax.jdo.option.ConnectionUserName: es
    javax.jdo.option.ConnectionPassword: es
    Note: If you configured your database using the Configuration Wizard, these properties should already be set correctly except for the password, which you should provide (you will delete the password after the database is initialized).
  2. If the Enterprise Server will be connecting to an Oracle database, uncomment the following line:
    3. #kodo.jdbc.DBDictionary: oracle (TimestampTypeName=TIMESTAMP)
  3. Make sure that the database is running; that the user, schema, and database that are going to be used have been created; and that the user specified in the Kodo configuration file has the appropriate permissions to create tables and read and write to them.
    4. Note: If your are initializing a SQL Server database for use with Enterprise Server, make sure that the database is configured with a case-insensitive collation option (for example, _CI); otherwise, the Enterprise Server database initialization scripts will fail.
  4. In the BEA_HOME/user_projects/domains/your-domain/bin directory, run the following scripts to create the application tables and populate them with initial data:
    • initEventServiceDatabase
    • initSerialNumberDatabase
      • Note: If you are using a driver that does not ship with WebLogic Server 9.2, you will need to add it to the classpath for the scripts in order for them to run.
  5. When the database is initialized, remove the password from the kodo.properties file.
  6. Edit the ra.xml file:
    1. Change directory to:
      2. BEA_HOME/user_projects/applications/your-domain/kodo.ear/kodo.rar/META-INF
    2. In the file ra.xml, update the following fields as necessary:
      3. <config-property>
         <description>The class name of either the JDBC java.sql.Driver, 
           or an instance of a javax.sql.DataSource to use to connect to
           the data source.
         </description>
         <config-property-name>ConnectionDriverName</config-property-name>
         <config-property-type>java.lang.String</config-property-type>
         <config-property-value>
           com.pointbase.jdbc.jdbcUniversalDriver
         </config-property-value>
      </config-property>
      <config-property>
         <description>The URL for the data source.</description>
         <config-property-name>ConnectionURL</config-property-name>
         <config-property-type>java.lang.String</config-property-type>
         <config-property-value>
           jdbc:pointbase:server://localhost:9092/ent_server
         </config-property-value>
      </config-property>

The username and password used to access the database are stored in a Credential Mapping in WebLogic Server. If you configured the database (but did not initialize it) using the Configuration Wizard, this Credential Map will be created the first time you start Weblogic Server. If you did not configure the database using the Configuration Wizard, a default Credential Mapping pointing to PointBase was created. You will need to delete that credential mapping and create a new one for your production database:

  1. Start WebLogic Server and log in to the WebLogic Console.
  2. In the left pane of the Console, select Security Realms.
  3. In the Summary of Security Realms table, click myrealm (or the name of your security realm).
  4. Select Credential Mappings.
  5. Locate the Credential Mapping with the following Resource Identifier:
    6. type=<remote>, protocol=, remoteHost=jdbc:pointbase:server://localhost:9092/ent_server
  6. Click the check box next the mapping.
  7. Click Delete.
  8. Click Yes to confirm that you want to delete the Credential Mapping.
  9. Click New.
  10. On the Create a New Security Credential Mapping page, enter your database connection URL as the Remote Host. For example, jdbc:bea:oracle://localhost:1521;SID=es;. Leave the other inputs blank.
  11. Click Next.
  12. Enter rfiduser as the Local User, and specify the username and password that will be used to access the database as the Remote User and Password.
  13. Click Finish.
  14. Restart WebLogic Server.

 

Configuring Enterprise Server for a Different Database

To change the database to which Enterprise Server is connected, make the following modifications.

First, modify properties in ra.xml:

  1. Change directory to:
    2. BEA_HOME/user_projects/applications/your-domain/kodo.ear/kodo.rar/META-INF
  2. In the file ra.xml, update the following fields as necessary:
    3. <config-property>
       <description>The class name of either the JDBC java.sql.Driver, 
         or an instance of a javax.sql.DataSource to use to connect to the
         data source.
       </description>
       <config-property-name>ConnectionDriverName</config-property-name>
       <config-property-type>java.lang.String</config-property-type>
       <config-property-value>
         com.pointbase.jdbc.jdbcUniversalDriver
       </config-property-value>
    </config-property>
    <config-property>
       <description>The URL for the data source.</description>
       <config-property-name>ConnectionURL</config-property-name>
       <config-property-type>java.lang.String</config-property-type>
       <config-property-value>
         jdbc:pointbase:server://localhost:9092/ent_server
       </config-property-value>
    </config-property>

Then, create a Credential Mapping for the new connection:

  1. Start WebLogic Server and log in to the WebLogic Console.
  2. In the left pane of the Console, select Security Realms.
  3. In the Summary of Security Realms table, click myrealm (or the name of your security realm).
  4. Select Credential Mappings.
  5. Click New.
  6. On the Create a New Security Credential Mapping page, enter your database connection URL as the Remote Host. For example, jdbc:bea:oracle://localhost:1521;SID=es;. Leave the other inputs blank.
  7. Click Next.
  8. Enter rfiduser as the Local User, and specify the username and password that will be used to access the database as the Remote User and Password.
  9. Click Finish.
  10. Restart WebLogic Server.

 

Modifying the Username and Password Used to Connect to a Database

To change the username and password, but not the Connection URL, used to access a database, do the following:

  1. Start WebLogic Server and log in to the WebLogic Console.
  2. In the left pane of the Console, select Security Realms.
  3. In the Summary of Security Realms table, click myrealm (or the name of your security realm).
  4. Select Credential Mappings.
  5. Locate the Credential Mapping that contains the Resource Identifier you want to modify.
    6. Note: Write down the resource identifier information so you will have it available after you delete this identifier.
  6. Click the check box next the identifier.
  7. Click Delete.
  8. Click Yes to confirm that you want to delete the Credential Mapping.
  9. Click New.
  10. On the Create a New Security Credential Mapping page, for Remote host, enter the same database connection URL. Leave the other inputs blank.
  11. Click Next.
  12. Enter rfiduser as the Local User, and specify the username and password that will be used to access the database as the Remote User and Password.
  13. Click Finish.
  14. Restart WebLogic Server.

 

Configuring Enterprise Server to Send Query Subscription Results to an AS2 Destination

Enterprise Server supports sending subscription results to AS2 destinations via Synchrony Gateway (formerly Cyclone Interchange 5.4). Subscription results are sent via JMS. Synchrony Gateway uses information in the StandardBusinessDocumentHeader or JMS headers portion of the EPCISDocument that is delivered to determine the AS2 trading partner to whom the subscription should be forwarded. Some basic configuration, outlined below, is required to configure Enterprise Server to send subscription results to AS2 destinations. For the specifics of creating a subscription to send to an AS2 trading partner, see Understanding the Event, Master Data, and Data Exchange Services.

  1. Set the default JMS provider URL for the scheduling engine to the JMS provider URL of your AS2 engine:
    1. Change directory to: BEA_HOME/user_projects/applications/your-domain/epcis-lib.ear/epcis-scheduler-ejb.jar/META-INF
    2. In the ejb-jar.xml file, uncomment and edit the defaultJMSProviderURL entry as needed:
      3. <!-- optional entry for default JMS provider URL - uncomment this block and set the desired value
      <env-entry>
        <env-entry-name>defaultJMSProviderURL</env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>t3://localhost:7001</env-entry-value>
      </env-entry>
      -->
  2. Configure the as2JMSConnectionFactory, as2JMSQueueName, and as2JMSReceivingProperty:
    1. Change directory to: BEA_HOME/user_projects/applications/your-domain/epcis-lib.ear/epcis-ejb.jar/META-INF.
    2. In the ejb-jar.xml file, modify the values for the following properties as needed:
      3. <env-entry>
        <env-entry-name>as2JMSConnectionFactory</env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>
            weblogic.jms.ConnectionFactory
        </env-entry-value>
      </env-entry>
      <env-entry>
        <env-entry-name>as2JMSQueueName</env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>cyclone-outbound</env-entry-value>      </env-entry>
      <env-entry>
        <env-entry-name>as2JMSReceiverProperty</env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>ReceiverRoutingId</env-entry-value>
      </env-entry>
    • as2JMSConnectionFactory is the connection factory that will be used to send JMS messages to the AS2 engine (weblogic.jms.ConnectionFactory is an acceptable default).
    • as2JMSQueueName is the name of the JMS queue on which the AS2 engine is listening for incoming subscriptions.
    • as2JMSReceiverProperty is the name of the JMS header item where the trading partner's ID should be set. ReceiverRoutingId is the correct value to use with Synchrony Gateway.
    1. Keep the ejb-jar.xml file open. The remaining steps are also edits to this file.
  3. In ejb-jar.xml, configure the static names and values of other items included in the JMS header of AS2 subscriptions.
    1. Header item names are specified as a space-delimited list in an as2JMSHeaderItems entry. To specify header items, uncomment the entry and edit the list:
      2. <!--
      <env-entry>
        <env-entry-name>as2JMSHeaderItems</env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>ContentMimeType SenderRoutingId BusinessProtocol
            DocumentClass BusinessProtocolVersion</env-entry-value>
      </env-entry>
      -->
    2. The file contains example entries that demonstrate the name, type, and value for commonly used header items. For each header item that you made visible in the previous step, uncomment its associated name and value entries. For example, if you specify ContentMimeType as a value in as2JMSHeaderItems, uncomment the ContentMimeType name and value entries and modify them as needed:
      3. <env-entry>
        <env-entry-name>
          as2JMSHeaderItem.ContentMimeType.name
        </env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>ContentMimeType</env-entry-value>
      </env-entry>
      <env-entry>
        <env-entry-name>
          as2JMSHeaderItem.ContentMimeType.value
        </env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>application/xml</env-entry-value>
      </env-entry>
  4. The EPCIS specification recommends that the Standard Business Document Header element be included in the EPCIS Query Results. The values used in this header may also be configured in ejb-jar.xml. Uncomment and modify the entries as needed:
    1. To include a Standard Business Document Header in messages sent by AS2, uncomment the sbdhSenderIdentifier entry and set the value to the identifier you want to include in the Standard Business Document Header as the identifier in the PartnerIdentification element:
      2. <env-entry>
        <env-entry-name>sbdhSenderIdentifier</env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>...</env-entry-value>
      </env-entry>
    2. To specify a sender authority, uncomment and edit the sbdhSenderAuthority entry.
    3. The Receiver Identifier used in the Standard Business Document Header is identical to the AS2 trading partner name. You can specify the associated receiver authority by uncommenting and editing the sbdhReceiverAuthority entry. (The BEA-EPCIS value is simply a placeholder):
      4. <env-entry>
        <env-entry-name></env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <env-entry-value>BEA-EPCIS</env-entry-value>
      </env-entry>
    4. For the DocumentIdentification element of the Standard Business Document Header, sbdhDocidStandard sets the value for the standard element, sbdhDocidTypeVersion sets the value for the typeVersion element, and sbdhDocidType sets the value for the type element. These may be omitted, in which case the corresponding fields will be omitted from the Standard Business Document Header. To use these entries, uncomment and edit them as required.

 

Configuring Company Prefix Lookups

By default, the Company Prefix component uses the following URL when performing lookups: 


http://www.onsepc.com/ManagerTranslation.xml

The lookup location is controlled by an entry in BEA_HOME/user_projects/applications/your-domain/companyprefix-lib.ear\companyprefix-ejb.jar\META-INF\ejb-jar.xml: 

  <env-entry>
    <env-entry-name>epcIndexTableURL</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>
       http://www.onsepc.com/ManagerTranslation.xml
    </env-entry-value>
  </env-entry>

To use a custom company prefix lookup table, change the URI value of env-entry-value. For example, to use a local file named mytable.xml for resolving company prefixes: 

  <env-entry>
    <env-entry-name>epcIndexTableURL</env-entry-name>
    <env-entry-type>java.lang.String</env-entry-type>
    <env-entry-value>
       file:///c:/mytable.xml
    </env-entry-value>
  </env-entry>
Note: In a cluster, using a local file may be an issue.

 

Security

Global Roles

Table 8-1 defines the global roles added during domain configuration.

Table 8-2 maps WebLogic RFID Enterprise Server components to these roles.

Table 8-1 Global Role Definitions
Role
Definition
rfid_admin
Access to all applications and consoles except the Edge Server Console, which requires the Administrator role.
epcis_admin
General read-write administrative access to the consoles and features related to the Event and Master Data Services (Query Subscription Administration, Master Data Administration, Reporting Service).
epcis_mgr
Access to most of the consoles and features for the Event and Master Data Services, but less than epcis_admin. For example, epcis_mgr can view and update Master Data entries but cannot access the Query Subscription Administration Console.
epcis_user
In general, read-only access to data.
provisioning_bea
A specialized Serial Number Assignment Service role used to integrate with other applications via JMS.
provisioning_mgr
Access to the Serial Number Assignment Service Console.
provisionsing_user
Used to authenticate and authorize SOAP requests from the edge.

Table 8-2 Default Global Roles for RFID Enterprise Server Components
Component
Roles
RFID Edge Server Administration Console
Administrator
Query Subscription Administration Console
epcis_admin
rfid_admin
EPCIS Event Capture JMS queues
epcis_admin
epcis_mgr
rfid_admin
EPCIS Event Capture and Query SOAP APIs
epcis_admin
epcis_mgr
rfid_admin
Master Data Administration Console
epcis_admin
epcis_mgr
rfid_admin
Master Data SOAP API
epcis_admin
epcis_mgr
rfid_admin
Reporting Service
epcis_mgr
rfid_admin
Serial Number Assignment Service Console
provisioning_mgr
rfid_admin
Serial Number Assignment Service JMS Interface
provisioning_bea
rfid_admin
Serial Number Assignment SOAP API
provisioning_bea
provisioning_user
rfid_admin

As shipped, each role is a member of group Administrators. You can modify the roles to fit your site's security policies. To view these roles in the WebLogic Server Administration Console, navigate to Security Realms Arrow symbol your-realm Arrow symbol Roles and Policies. In the Roles table expand Global Roles, then expand Roles. For more information, see Security Realms in Understanding WebLogic Security.

Single Sign-On

The following Consoles share the a session (BEARFIDENTERPRISE) because the anticipated audience is business users:

The RFID Edge Server Administration Console shares a session (ADMINCONSOLESESSION) with the WebLogic Server Administration Console because the target audience is technical users.

These settings can be modified by changing the session cookie setting in weblogic.xml in each Web application.

For those applications that use BEARFIDENTERPRISE: 

   <session-descriptor>
      <cookie-name>BEARFIDENTERPRISE</cookie-name>
      <sharing-enabled>true</sharing-enabled>
   </session-descriptor>

For those applications that use ADMINCONSOLESESSION: 

   <session-param>
      <param-name>CookieName</param-name>
      <param-value>ADMINCONSOLESESSION</param-value>
   </session-param>

 

Performance Tuning

The following sections provide information about tuning WebLogic RFID Enterprise Server performance:

JVM Settings

Your JVM settings will vary according to how you use Enterprise Server 2.0. A good starting point is to set your initial heap size equal to max heap size, and nursery size to 25% of max heap size. For example: 

-Xms1024m -Xmx1024m -Xns256m

For more on information, see WebLogic Server Performance and Tuning at http://download.oracle.com/docs/cd/E13222_01/wls/docs92/perform/.

Queries, Subscriptions, and Reports

Depending on your system configuration and the size of your event repository, the default settings for database query timeouts may need to be adjusted. If you run a report, a query, or a subscription which results in a timeout exception on the console, you can modify two settings to give the query more time to run:

The default timeout for database transactions is 180 seconds. To modify that value, edit BEA_HOME/user_projects/applications/your-domain/kodo.ear/kodo.rar/META-INF/ra.xml and modify the QueryTimeout property: 

<config-property>
  <description>A comma-separated list of properties used to 
   configure the javax.sql.DataSource used as the ConnectionFactory.
   Each property should be of the form "key=value", where "key" is the
   name of some bean-like property of the data source.</description>
  <config-property-name>ConnectionFactoryProperties</config-property-name>
  <config-property-type>java.lang.String</config-property-type>
  <config-property-value>
    MaxActive=60, MaxIdle=10, QueryTimeout=180
  </config-property-value>
</config-property>

You will also need to modify the transaction timeouts on the relevant EJB(s). The default timeout value is 30 seconds. To change it, modify the deployment descriptor(s) as outlined below and set the timeout values to values that are more appropriate for your system and usage.

For queries and subscriptions, modify the value for trans-timeout-seconds in BEA_HOME/user_projects/applications/your-domain/epcis-lib.ear/epcis-ejb.jar/META-INF/weblogic-ejb-jar.xml: 

<weblogic-ejb-jar xmlns="http://www.bea.com/ns/weblogic/90" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <weblogic-enterprise-bean>
    <ejb-name>EPCIS</ejb-name>
    <stateless-session-descriptor></stateless-session-descriptor>
    <transaction-descriptor>
      <trans-timeout-seconds>600</trans-timeout-seconds>
    </transaction-descriptor>
    <enable-call-by-reference>true</enable-call-by-reference>
  </weblogic-enterprise-bean>
  <weblogic-compatibility>
    <entity-always-uses-transaction>true</entity-always-uses-transaction>
  </weblogic-compatibility>
</weblogic-ejb-jar>

For reports, modify BEA_HOME/user_projects/applications/your-domain/epcis-lib.ear/epcis-reports-ejb.jar/META-INF/weblogic-ejb-jar.xml. Uncomment the highlighted lines and change the value for trans-timeout-seconds: 

<weblogic-ejb-jar xmlns="http://www.bea.com/ns/weblogic/90"
                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <weblogic-enterprise-bean>
    <ejb-name>Reports</ejb-name>
    <stateless-session-descriptor />
    <!--<transaction-descriptor>
      <trans-timeout-seconds>500</trans-timeout-seconds>
    </transaction-descriptor>-->
    <enable-call-by-reference>true</enable-call-by-reference>
  </weblogic-enterprise-bean>
  <weblogic-compatibility>
    <entity-always-uses-transaction>true</entity-always-uses-transaction>
  </weblogic-compatibility>
</weblogic-ejb-jar>

Running large queries against a high-volume production database may have performance implications. See you BEA representative for more information.


  Back to Top       Previous  Next