Upgrade Guide
When upgrading from WebLogic Integration 2.1 SP2 or WebLogic Integration 7.0 SP2 to WebLogic Integration 8.1, security features must be upgraded manually. This section contains information about these procedures.
WebLogic Server ACLs, users, groups, certificates, and so on must be upgraded by following the Security section of the WebLogic Server 8.1 Upgrade Guide at the following URL:
http://download.oracle.com/docs/cd/E13222_01/wls/docs81/security.html
WebLogic Integration 8.1 uses the Default Security Configuration in WebLogic Server 8.1. For more information refer to Managing WebLogic Security.
Upgrading WebLogic business process management (BPM) security affects users, roles, organizations, calendars, e-mail, and permissions.
WebLogic business process management (BPM) security upgrades to users are handled separately from roles and organizations.
All WebLogic BPM users must become WebLogic Server users.
User wlisystem
is no longer a special user. The following table shows its replacement in WebLogic Integration 8.1.
Table 6-1 WebLogic Integration 2.1 and 7.0 SP2 wlisystem User vs WebLogic Integration 8.1 Functionality
The following table shows the replacement in WebLogic Integration 8.1 for BPM roles and organizations.
Table 6-2 WebLogic Integration 2.1 and 7.0 SP2 BPM Roles and Organizations vs WebLogic Integration 8.1 Functionality
WebLogic Integration 2.1 SP2 and WebLogic Integration 7.0 SP2 Roles and Organizations | |
---|---|
A BPM role and organization are combined and mapped to a WebLogic Server group. |
WebLogic Integration BPM Calendars and Email have been replaced with new functionality. The following table shows the change in WebLogic Integration 8.1 for BPM calendars and email.
Table 6-3 WebLogic Integration 2.1 SP2 and 7.0 SP2 BPM Calendars and Email vs 8.1 Functionality
Permissions in WebLogic Integration 8.1 are set via the WebLogic Integration Administration Console. The following table shows the change in WebLogic Integration 8.1 for BPM permissions.
Table 6-4 WebLogic Integration 2.1 SP2 and 7.0 SP2 BPM permissions vs 8.1 Functionality
Upgrading WebLogic B2B security affects certificates, trading partner configuration, and the packaging of some Java classes you may be using.
For WebLogic Integration 8.1, the B2B system user is no longer used. Instead you will use the users and roles provided when you create a new WebLogic Integration domain.
Certificates must be placed in keystores before they can be upgraded. In WebLogic Integration 2.1 SP2 keystores were not available. In WebLogic Integration 7.0 SP2 the use of keystores was optional.
Certificates used by WebLogic Integration 2.1 SP2 B2B must be imported into the WebLogic Integration 8.1 keystore one at a time by using a JavaSoft JDK keytool
utility, or the WebLogic ImportPrivateKey utility as described in "ImportPrivateKey" in the Using the WebLogic Java Utilities section of the WebLogic Server Administration Guide at the following URL:
http://download.oracle.com/docs/cd/E13222_01/wls/docs70/adminguide/utils.html
and in the Configuring the Keystore section of the WebLogic Integration 7.0 B2B Security Guide at the following URL:
http://download.oracle.com/docs/cd/E13214_01/wli/docs70/b2bsecur/keystore.htm
To upgrade certificates used by WebLogic Integration 7.0 SP2 B2B to WebLogic Integration 7.0 8.1, your certificates must be in a private keystore and your trusted certificate authorities must be in the CA keystore. If you have not yet set up these keystores, follow the instructions in the Configuring the Keystore section of the WebLogic Integration 7.0 B2B Security Guide.at the following URL:
http://download.oracle.com/docs/cd/E13214_01/wli/docs70/b2bsecur/keystore.htm
After your certificates are in keystores, you can upgrade to WebLogic Integration 8.1 following these steps:
A script is provided to upgrade your trading partner security and message encryption configuration.
BEA_HOME
/weblogic81/integration/upgrade/upgradeTPM.cmd
BEA_HOME
/weblogic81/integration/upgrade/upgradeTPM.sh
In these commands, BEA_HOME
represents the WebLogic Platform home directory.
You will need to change and recompile your applications that use the com.bea.b2b.security package. The following table shows the changes in class names:
Table 6-5 WebLogic Integration 2.1 SP2 and WebLogic Integration 7.0 SP2 Classes vs WebLogic Integration8.1 Classes
Upgrading WebLogic Application Integration security affects EIS authentication and authorization, and application view access control.
Java classes for adapters must conform to a new package scheme. A script is provided to repackage your adapter code.
BEA_HOME
/weblogic81/integration/upgrade/aiRepackageAdapter.cmd
BEA_HOME
/weblogic81/integration/upgrade/aiRepackageAdapter.sh
In these commands, BEA_HOME represents the WebLogic Platform home directory.
The security information for WebLogic Application Integration is no longer held in ACL format. Instead, a role-based authorization scheme uses the underlying WebLogic Server 8.1 security infrastructure. Go to the Application Integration section of the WebLogic Integration 8.1 console to reconfigure the security information to access the application view.