|Oracle E-Business Suite Integrated SOA Gateway Implementation Guide|
Part Number E12169-09
This chapter covers the following topics:
Building on top of Oracle Fusion Middleware and service-oriented architecture (SOA) technology, Oracle E-Business Suite Integrated SOA Gateway (ISG) is a complete set of service infrastructure to provide, consume, and administer Oracle E-Business Suite Web services.
With service enablement feature, integration interfaces published in the Oracle Integration Repository can be transformed into SOAP and REST based Web services.
SOAP-based services are described in WSDLs and are deployed to the application server for service consumption. REST services described in WADLs are used for user-driven applications such as Oracle E-Business Suite mobile applications.
Oracle E-Business Suite Integrated SOA Gateway provides Service Invocation Framework to invoke and consume Web services provided by other applications.
For more information about each integration interface and service, see the Oracle E-Business Suite Integrated SOA Gateway User's Guide; for more information about Web service invocation and performing service integration activities, see the Oracle E-Business Suite Integrated SOA Gateway Developer's Guide.
Oracle E-Business Suite Integrated SOA Gateway contains the following features:
Display all Oracle E-Business Suite integration interface definitions through Oracle Integration Repository
Support custom integration interfaces from Oracle Integration Repository
Provide service enablement capability (SOAP and REST services) for seeded and custom integration interfaces within Oracle E-Business Suite
Use the Integration Repository user interface to perform design-time activities such as generate and deploy Oracle E-Business Suite Web services
Support synchronous interaction pattern for both SOAP-based and REST-based Web services
Note: In this release, only PL/SQL APIs and Concurrent Programs can be exposed as both SOAP and REST services. Java Bean Services, Application Module Services, Open Interface Tables, and Open Interface Views can be exposed as REST services only.
Support multiple authentication types for inbound service requests in securing Web service content
Enforce function security and role-based access control security to allow only authorized users to execute administrative functions
Provide centralized, user-friendly user interface for logging configuration
Audit and monitor Oracle E-Business Suite service operations from native SOA Monitor
Leverage Oracle Workflow Business Event System to enable Web service invocation from Oracle E-Business Suite
The better understand Oracle E-Business Suite Integrated SOA Gateway and its key components, this section describes some key features and the definition of each component.
Service enablement is the key feature within Oracle E-Business Suite Integrated SOA Gateway. It provides a mechanism that allows native packaged integration interface definitions residing in Oracle Integration Repository to be further transformed into Web services that comply with Web standards. Additionally, these services can be deployed from the Integration Repository to the application server allowing more consumptions over the Web.
To understand the basic concept of Web services and how the service works, the following diagram illustrates the essential components for service enablement:
Major Components for Service Enablement
A Service Provider is the primary engine underlying the Web services. It facilitates the service enablement for various types of interfaces.
A Service Consumer (Web service client) is the party that uses or consumes the services provided by the Service Provider.
A Service Broker (Service Registry) describes the service's location and contract to ensure service information is available to any potential service consumer.
Composite services use the native service as building blocks to construct the sequence of business flows. Basically, this interface type orchestrates the invocation sequence of discrete Web services into a meaningful end-to-end business process through a Web service composition language BPEL (business process execution language).
For example, use Oracle BPEL Process Manager (BPEL PM) to integrate the Order-to-Receipt business process that contains sales order entry, item availability check, pack and ship, and invoice to Accounts Receivable sub processes handled by various applications. This approach effectively tightens up the control of each individual process and makes the entire business flow more efficiently.
Oracle Integration Repository, an integral part of Oracle E-Business Suite, is the centralized repository that contains numerous interface endpoints exposed by applications within the Oracle E-Business Suite.
To effectively manage all integration interfaces and services incurred within the Oracle E-Business Suite, Oracle E-Business Suite Integrated SOA Gateway now supports complex business processes or composite services, Web service generation and deployment, as well as business event subscriptions through the centralized Integration Repository.
You can browse these interface definitions and services through the Oracle Integration Repository user interfaces. Users with administrator privileges can further perform administrative tasks through the same interfaces.
Oracle Integration Repository supports the following interface types:
Open Interface Tables and Open Interface Views
Business Service Object (Service Beans)
Apart from normal Java APIs, Java interface includes the following subcategories:
Application Module Services
Note: Application Module Implementation class is a Java class that provides access to business logic governing the OA Framework-based components and pages. Such Java classes are called Application Module Services and are categorized as a subtype of Java interface.
Java Bean Services
Note: Java APIs whose methods use parameters of either simple data types or serializable Java Beans are categorized as Java Bean Services. Such Java APIs can be exposed as REST-based Web services.
Note: Security Services are a set of predefined and predeployed REST services from Oracle Application Object Library. These services include Authentication and Authorization services for mobile applications. These services are built on Java; therefore, they are categorized as a subtype of Java interface.
Please note that Java APIs for Forms (Forms-based Web services) are desupported in Oracle E-Business Suite Release 12.2. If you are planning to use this type of interfaces as Web services, you are advised to use alternate serviceable interfaces, such as PL/SQL and Business Service Objects interfaces, which can be deployed as Web services. Refer to My Oracle Support Knowledge Document 966982.1 for the suggested alternatives to the existing Java APIs for Forms services.
Please note that not all the interface types resided in the Integration Repository can be service enabled. The supported interface types for service enablement are XML Gateway, PL/SQL, Concurrent Program, Business Service Object, Application Module Services, Java Bean Services, Open Interface Tables, and Open Interface Views.
As mentioned earlier, security services are pregenerated REST services from Oracle Application Object Library. Therefore, there is no need to enable the security services from the repository as required by other supported interface types.
To protect application data from unauthorized access, Oracle E-Business Suite integrated SOA Gateway enforces the security rules through subject authentication and authorization:
To authenticate users who request Oracle E-Business Suite Web services, request messages must be checked based on the selected authentication type:
The SOAP messages must be authenticated using UsernameToken or SAML Token based security. The identified authentication information is embedded in the
wsse:security Web Security headers.
The REST messages are authenticated using HTTP Basic Authentication security (either username/password or security token) at HTTP transport level.
To authorize users on specific services or operations, the access permissions must be explicitly given to the users through security grants. Multiple organization access control (MOAC) security rule is also implemented for authorizing interface execution related to multiple organizations.
SOA Monitor is a centralized, light-weight service execution monitoring and management tool. It not only monitors all the SOAP requests that SOA Provider and Web Service Provider process, but also provides auditing feature for the SOAP messages if the auditing feature is enabled.
With SOA Monitor, the integration repository administrator can effectively manage and identify errors incurred during the service deployment life cycle and take necessary actions to expedite the interaction between services.
To invoke all integration services from Oracle E-Business Suite, Oracle E-Business Suite Integrated SOA Gateway uses the Service Invocation Framework (SIF) that leverages Oracle Workflow Java Business Event System (JBES) and a seeded Java rule function to allow any WSDL-described service to be invoked.
By using this service invocation framework, developers or implementors can interact with Web services through WSDL descriptions instead of working directly with SOAP APIs, the usual programming model. This approach lets you use WSDL as a normalized description of disparate software, and allows you to access this software in a manner that is independent of protocol or location.
Since this feature is the major development framework in invoking Web services within the entire Oracle E-Business Suite, detailed implementation information is described in a separate chapter in this book.
See Implementing Service Invocation Framework.
Oracle E-Business Suite Integrated SOA Gateway employs essential key components that enable native service integration at design time and run time, and ease the service management throughout the entire service integration and deployment life cycle.
The following diagram illustrates the integration architecture flow between each SOA component:
All the native packaged public integration interfaces are published in the Oracle Integration Repository by default. Users who have the Integration Repository Administrator role can then transform these native integration interfaces into Web services by service generator. Service loader uploads service artifacts to Oracle Integration Repository. Service deployer deploys service artifacts from the Integration Repository to the application server where services can be exposed to customers through service provider.
Service provider identifies and processes inbound SOAP requests from service consumers or Web service clients, reinforces function security and Web service security, as well as passes all SOAP request and response messages to SOA Monitor (if the monitoring feature is enabled) for further monitoring to ensure the seamless service invocations throughout the entire service life cycle.
Service provider is the primary engine enabling the Oracle E-Business Suite services. It is the engine that performs the actual service generation and deployment behind the scene for both SOAP and REST services.
In SOAP-based service enablement, it provides standard Web services for business integration.
In REST-based service enablement, it provides light weight, out-of-box services for mobile applications and chatty UI applications.
All the native packaged public integration interfaces are published in Oracle Integration Repository by default.
At design time, an integration repository administrator performs the Web service generation task through the Integration Repository user interface. This sends a request for service generation and invokes the Service Generator to create service artifacts and stores them in the application server file system. Service loader then uploads these artifacts to Oracle Integration Repository.
These tasks are completed through the Oracle Integration Repository user interfaces and they are actually executed by SOA Provider behind the scenes.
Important: In Release 12.0, Oracle E-Business Suite is service partially enabled using Web Service Provider for the following interface types:
XML Gateway Map
Business Service Object that was formerly known as Service Bean
In this release, Oracle E-Business Suite Integrated SOA Gateway will continue to support the Release 12.0 based Web Service Provider service enablement, plus the following additional interface types using SOA Provider:
Inbound Native Interfaces
XML Gateway Map
Composite Service - BPEL
For backward compatibility in supporting the XML Gateway Map service enablement, a profile option FND: XML Gateway Map Service Provider (FND_SOA_SERVICE_PROVIDER) is used to let you select an appropriate service provider in enabling services for XML Gateway Map interface type. Based on the selected profile value, you may find the Web Service - SOA Provider region, or Web Service - Web Service Provider region, or both regions displayed in the XML Gateway Interface Details Page. See XML Gateway Map Web Service Region, Oracle E-Business Suite Integrated SOA Gateway User's Guide.
The following diagram illustrates the service generation function flows at design time:
Integration Repository UI sends a request for a service generation to SOA Provider.
SOA Provider passes the request to Service Generator.
Service Generator generates the service artifact.
Note: Service artifacts
are generated in the application server file system at location specified
by system property
These artifacts are located in
OAFM container. The
file system storage structure on server (may use
(APPLRGF)) can be as follows:
TEMP_LOCATION |_Type (such as PL/SQL, concurrent program, etc.) |_ClassID (contains all SQL Wrapper packages)
Service Loader uploads the service artifact to Oracle Integration Repository.
Integration repository administrators as defined by the Integration Repository Administrator role can further deploy the services from Oracle Integration Repository to the application server where services can be exposed to customers through service provider.
Note: For information about the Integration Repository Administrator role, see Role-Based Access Control (RBAC) Security for Oracle E-Business Suite Integrated SOA Gateway.
REST services are developed based on Oracle E-Business Suite technology infrastructure. At design time, an integration repository administrator can deploy a selected interface as a REST service. Additionally, the administrator can undeploy the service if needed.
At run time, a service consumer or Web service client sends a SOAP request message. SOA Provider receives the request message and references integration services and data from Oracle Integration Repository in processing the request that invokes Web service. Function security is enforced at this time to secure the Web service content from unauthorized access. After passing security checks on the inbound request, SOA Provider then sends the SOAP response message out back to the Web service client.
The following diagram illustrates the Web service process flows between a Web service client and Oracle E-Business Suite through SOA Provider at run time:
Web service client sends a SOAP request to WSDL URL that is redirected to SOA Provider Servlet.
The inbound SOAP message is passed to OC4J Web Service Framework.
The OC4J Web Service
Framework authenticates the SOAP message based on the
wsse:security headers. To validate username and password, the Framework calls
Application Security Handler.
On authentication of the SOAP message user, the Framework hands over the message along with its context to SOA Provider.
SOA Provider hands over the request to Service Handler.
Service Handler calls the Function Security Handler to decide whether the user is authorized to execute the particular interface.
After passing authorization check, the request is passed on to Service Run Time Engine.
Service Run Time Engine executes the interface on Oracle E-Business Suite.
Response is returned back to the Service Run Time Engine.
Response is converted to a SOAP response and returned back to Service Handler.
Service Handler returns the SOAP response back to SOA Provider.
SOA Provider returns the SOAP response back to SOA Provider Servlet.
SOA Provider Servlet returns the SOAP response back to Web service client.
Web Service Clients
To enable integration interfaces become Web services, Oracle E-Business Suite Integrated SOA Gateway uses the following technologies or tools for Web service enablement:
.NET Web Service Client
Oracle JDeveloper is used to help create Web service clients through Java SOAP APIs.
Oracle BPEL Process Manager (Oracle BPEL PM)
Business process execution language (BPEL) is particularly used in orchestrating composite Web services.
Oracle Enterprise Service Bus (ESB)
Similar to the composite service creation through BPEL, composite services can also be created using Oracle ESB.
Copyright © 2008, 2018, Oracle and/or its affiliates. All rights reserved.