Configuring the Worklist Manager External System
The Worklist Manager is a web-based interface that allows you to view, assign, escalate,
and execute the tasks generated from user activities. The functions that can be
performed in the Worklist Manager are based on user hierarchy. BPM supports the
definition of organization hierarchies and user roles for task assignment. Tasks can be
escalated and delegated by users from custom worklists and activity processing windows. The
Worklist Manager requires an LDAP directory to define users, their roles, and their
hierarchy.
Configuring the WorkList Manager
When you create the Environment for a user activity Business Process, you need
to create and configure a Worklist Manager External System. The properties you configure
for the external system define the Worklist Manager database connectivity, LDAP server and directory
information, and custom labels for flex attributes. Perform the following steps to configure
the Worklist Manager.
In addition, you must perform one of the following tasks:
Creating the Worklist Manager External System
The Worklist Manager External System is created from the Services window.
To Create the Worklist Manager External System
- In the Services window, right-click the Environment for the user activity Project.
- Point to New, and then click Worklist Manager.
- Enter a name for the Worklist Manager External System, and then click OK.
The Properties window appears.
- Configure the Worklist Manager, as described in the following sections.
Defining Configuration Properties
The configuration properties of the Worklist Manager define information about the Worklist Manager database
and application.
To Define Configuration Properties
- On the Worklist Manager Properties window, click WLMConnector External System Configuration.
- Enter values for the properties described in the following table.
- Click OK.
|
|
|
The type of database you are using. Select from oracle, sybase,
sqlserver, or db2. |
|
The name of the database server. |
|
The port number on which
the database is listening. |
|
The SID name of the database. |
|
The login
ID of the WLM user for the database. This should be the same
user as was created by the WLM database installation scripts. |
|
The password
for the WLM user. |
Database Connection Retry Count |
The number of times the driver
will try to connect to the database after an unsuccessful attempt. |
Database Connection Retry
Delay |
The number of seconds the driver waits before retrying to connect to the
database server. |
Database Initial Pool Size |
The number of physical connections with which the
database will be initialized. |
Database Pool Minimum Pool Size |
The minimum number of physical connections
in the database pool. |
Database Pool Maximum Pool Size |
The maximum number of physical
connections in the database pool. |
Database Pool Property Cycle |
The frequency in seconds that
the database pool manager should check the pool. |
|
The length of
time a physical connection can be inactive. |
|
An indicator of whether to enable
the auto-commit feature of the database. |
|
The type of LDAP directory you are
using. Select from Sun Java System Directory Server, ActiveDirectoryConnection, Oracle Internet Directory or OpenLdapConnection. |
|
The name of
the Worklist Manager application that is generated when you deploy the Project. This
name is part of the URL used to log into the Worklist Manager
and should be unique for each user activity Business Process. You can deploy
multiple Business Processes with user activities to the same Environment, but each WLM
application must have a unique name. In that case, the Environment must include multiple
Worklist Manager External Systems. |
WLM Session Timeout (minutes) |
The number of minutes the Worklist
Manager can remain idle before timing out. |
|
The order of the fields
on the Worklist Manager. When you click the ellipses next to this property,
the Ordering Sequence dialog box appears, where you can select the fields to
display on the Worklist Manager, and the order in which they appear. |
|
Customizing Flex Attribute Labels
Flex attributes are customizable attributes that aid in task assignment. The attributes appear
in the Business Rule Designer as well as in columns of the Worklist
Manager.
You can map values to these attributes in the Business Rule Designer so
the values appear in the Worklist Manager. You can also label the attributes
to make them easy to identify in the Worklist Manager.
To Customize Flex Attribute Labels
- From the Services window, right-click the Worklist Manager External System.
- Click Properties.
The Properties dialog box appears.
- Click Custom Attribute Labels.
- Define labels for as many attributes as necessary.
- Click OK.
Defining email Notification Properties
If you defined email notifications on the Worklist Manager window for a user
activity, you need to define the connection properties for the email server in the
Worklist Manager External System properties. You also need to modify the LDAP properties
for the directory server you are using by specifying the name of the
attribute that contains the users’ email addresses.
To Define email Notification Properties
- On the Worklist Manager Properties window, click Email Server Connection Parameters.
- Enter values for the properties.
- Click OK.
|
|
|
The name of the email server on which the Worklist
Manager email notifications are sent. |
|
The login ID for the email account used
by the Worklist Manager. |
|
The password for the email account. |
|
The name that
should appear in the email as the sender. This property is used to
create a URL, so it cannot contain any spaces. |
|
A footer
for the email notifications. |
Second footer/Disclaimer of Email |
A second footer or disclaimer for
the email notifications. |
|
Configuring an OpenLDAP Connection
To use OpenLDAP with the Worklist Manager, you must specify certain information about
the LDAP directory structure so the Worklist Manager knows where to find the user
information defined in the directory. You can use your existing directory structure as
long as there is a mechanism for defining a user reporting hierarchy.
The Worklist Manager uses an anonymous bind with OpenLDAP, so you do not
need to specify credentials for the security principal.
To Configure an OpenLDAP Connection
- From the Services window, right-click the Worklist Manager External System, and then click
Properties.
- On the properties page that appears, verify that the Connection Parameters property is
set to OpenLdapConnection.
- Expand WLMConnector External System Configuration, and then click Open Ldap Parameters.
- Enter values for the properties.
Note - The default values for these properties are based on the values for the
user activity sample and the and audit processing tutorial. Modify these values to
suit your existing directory structure and attributes.
- Click OK.
|
|
LDAP Initial Context Factory |
The fully qualified name of the factory class
that creates the initial context. The initial context is the starting point for
JNDI naming operations. |
|
The URL of the LDAP server. The format of
the URL is ldap://host:port, where host is the name of the computer
hosting the LDAP server, and port is the port number on which the LDAP
server is listening for requests. |
|
The name of the root node in
the LDAP directory. For example, if the root node is dc=Oracle,dc=com, the value for
this property would be Oracle. |
|
The version of OpenLDAP you are running. |
|
A search filter used by the Worklist Manager to search for
users. The Worklist Manager will only find those users described by the filter. For
example, to use an organization name as the search filter where all Worklist
Managers are assigned to the Oracle organization, the value for this property would
be (o=Oracle). |
|
The DN of the root entry of the portion
of the LDAP directory where the Worklist Manager will start the search for
users. For example, if users are all defined in an organizational unit named People,
the value for this property would be similar to ou=People,dc=oracle,dc=com. |
|
The name
of the role attribute in the LDAP directory to which Worklist Manager users
belong. Only enter a value for this property if you have defined a
role to which all Worklist Manager users are assigned. |
Open LDAP Attribute Manager |
The name
of the attribute that specifies reporting hierarchy in the LDAP directory. This is
the attribute assigned to a user that specifies who they report to. You
can use Manager, the predefined attribute for OpenLDAP, or you can create a
custom attribute. The Worklist Manager uses this entry to create the list of users
to whom a supervisor can reassign tasks, and to specify the supervisor when
a task is escalated. |
|
The name of the group attribute in the
LDAP directory to which Worklist Manager users belong. Only enter a value for
this property if you have defined a group to which all Worklist Manager
users are assigned. |
|
The name of the attribute that contains a user’s email addresses.
This is used in email notification. |
Open LDAP Attribute Given Name |
The name of
the attribute that contains a user’s first name. This is used in email
notification. |
|
Configuring an Oracle Internet Directory Connection
To use Oracle Internet Directory with the Worklist Manager, you must specify certain
information about the LDAP directory structure so the Worklist Manager knows where to find
the user information defined in the directory. You can use your existing directory
structure as long as there is a mechanism for defining a user reporting
hierarchy.
To Configure an Oracle Internet Directory Connection
- From the Services window, right-click the Worklist Manager External System, and then click
Properties.
- On the properties page that appears, verify that the Connection Parameters property is
set to Oracle Internet Directory.
- Expand WLMConnector External System Configuration, and then click Sun Java System Directory Server/ADS/OID.
- Enter the property values for the properties described in the following table.
Note - Depending on how your LDAP directory is set up, not all of these
fields are required. The default configuration is not necessarily illustrative of an actual
implementation.
- Click OK to close the Properties dialog box.
|
|
|
The URL of
the LDAP server. The format of the URL is ldap://host:port, where host
is the name of the computer hosting the LDAP server, and port is
the port number on which the LDAP server is listening for requests. |
Java Naming
Factory Initial |
The fully qualified name of the factory class that creates the initial
context. The initial context is the starting point for JNDI naming operations. |
Java Naming
Security Authentication |
The security level to use in JNDI naming operations. Enter one of
the following values:
|
Java Naming Security Principal |
The DN of the security principal used
for connecting to the LDAP server. |
Java Naming Security Credentials |
The password of the naming
security principal. |
|
The parent DN of the user entries. This property specifies the root
entry of the Users portion of the LDAP directory; for example, ou=People,dc=oracle,dc=com. |
UserDN
Attribute Name In User |
The name of the attribute in a user entry
where the user’s DN is defined. The default value is entrydn, which is the
default name for the Oracle Directory server attribute. |
UserId Attribute Name In User |
The
name of the naming attribute in each user entry, typically uid or
cn. |
|
The parent DN of the role entries. This property specifies the root
entry of the Roles portion of the LDAP directory; for example, dc=oracle,dc=com. |
Role
Name Field In RoleDN |
The name of the attribute in a role entry
that specifies the name of the role. |
Role Name Attribute Name In User |
The
name of the attribute in a user entry that specifies the DNs of
the roles to which a user is assigned. |
|
The parent DN of
the group entries. This property specifies the root entry of the Groups portion
of the LDAP directory; for example ou=Groups,dc=oracle,dc=com. |
Group DN Attribute Name In Group |
The
name of the attribute in a group entry that specifies the name of
the group. |
Group Name Field In Group DN |
The name of the attribute
in a group entry that specifies the name of the group. |
Group Of
User Filter Under Groups ParentDN |
The LDAP search filter used to retrieve all
of a user’s groups. This property follows the syntax supported by the java.text.MessageFormat
class with {1} marking where the user’s DN should be inserted. For example,
uniquemember={1}. |
|
The name of the attribute in a user entry that specifies
the person the user reports to. The default value is manager.
Note - To enable task
escalation and reassignment, this value must be manager and each user entry in
the LDAP directory must include a manager attribute that specifies the supervisor by their
entrydn.
|
UserId Attribute Subordinate |
The name of the attribute in a user entry that
specifies the people who report to the user. The default value is directReports.
Note - To
enable task escalation and reassignment, this value must be entrydn and the reporting
structure for each user must be defined in their entrydn attribute in the
LDAP directory.
|
|
The name of the attribute in a user entry that
specifies an email address. The default value is mail, which is the attribute Oracle
Internet Directory provides for this purpose. This is used for email notifications (as
defined in the Worklist Manager window for a user activity in the Business
Process). |
UserId Attribute Given Name |
The name of the attribute in a user entry
that specifies a user’s first name. The default value is givenName, which is
the attribute the Oracle Internet Directory provides for this purpose. This is used
during email notification. |
|
Configuring an Oracle Directory Server Enterprise Edition Connection
To use the Oracle Directory Server Enterprise Edition (previously Sun Java System Directory
Server) with the Worklist Manager, you must specify certain information about the LDAP
directory structure so the Worklist Manager knows where to find the user information
defined in the directory. You can use your existing directory structure as long as
there is a mechanism for defining a user reporting hierarchy.
To Configure an Oracle Directory Server Enterprise Edition Connection
- From the Services window, right-click the Worklist Manager External System, and then click
Properties.
- On the properties page that appears, verify that the Connection Parameters property is
set to Sun Java System Directory Server.
- Expand WLMConnector External System Configuration, and then click Sun Java System Directory Server/ADS/OID.
- Enter the property values for the properties described in the following table.
Note - Depending on how your LDAP directory is set up, not all of these
fields are required. The default configuration is not necessarily illustrative of an actual
implementation.
- Click OK to close the Properties dialog box.
|
|
|
The URL of
the LDAP server. The format of the URL is ldap://host:port, where host
is the name of the computer hosting the LDAP server, and port is
the port number on which the LDAP server is listening for requests. |
Java Naming
Factory Initial |
The fully qualified name of the factory class that creates the initial
context. The initial context is the starting point for JNDI naming operations. |
Java Naming
Security Authentication |
The security level to use in JNDI naming operations. Enter one of
the following values:
|
Java Naming Security Principal |
The DN of the security principal used for
connecting to the LDAP server. |
Java Naming Security Credentials |
The password of the naming security
principal. |
|
The parent DN of the user entries. This property specifies the root entry
of the Users portion of the LDAP directory; for example, ou=People,dc=oracle,dc=com. |
UserDN Attribute
Name In User |
The name of the attribute in a user entry where
the user’s DN is defined. The default value is entrydn, which is the
default name for the Oracle Directory Server Enterprise Edition attribute. |
UserId Attribute Name In
User |
The name of the naming attribute in each user entry. The default name
for this attribute in the Oracle Directory Server Enterprise Edition is uid, but
can also be cn. |
|
The parent DN of the role entries. This
property specifies the root entry of the Roles portion of the LDAP directory;
for example, dc=oracle,dc=com. |
Role Name Field In RoleDN |
The name of the attribute in
a role entry that specifies the name of the role. The default name
for this attribute in the Oracle Directory Server Enterprise Edition is cn. |
Role Name
Attribute Name In User |
The name of the attribute in a user entry
that specifies the DNs of the roles to which a user is assigned.
The default value is nsroledn, which is the default attribute name in the
Oracle Directory Server Enterprise Edition. |
|
The parent DN of the group entries. This
property specifies the root entry of the Groups portion of the LDAP directory;
for example ou=Groups,dc=oracle,dc=com. |
Group DN Attribute Name In Group |
The name of the attribute
in a group entry that specifies the name of the group. The default
value is entrydn, which is the default name for the Oracle Directory
Server Enterprise Edition attribute. |
Group Name Field In Group DN |
The name of the attribute
in a group entry that specifies the name of the group. The default
name for this attribute in the Oracle Directory Server Enterprise Edition is cn. |
Group
Of User Filter Under Groups ParentDN |
The LDAP search filter used to retrieve
all of a user’s groups. This property follows the syntax supported by the
java.text.MessageFormat class with {1} marking where the user’s DN should be inserted. For
example, uniquemember={1}. |
|
The name of the attribute in a user entry that
specifies the person the user reports to. The default value is manager, which
is the attribute the Oracle Directory Server Enterprise Edition provides for this purpose. You
can also use the entrydn for this purpose, or you can create custom
attributes to define an upward reporting structure.
Note - To enable task escalation and reassignment, this
value must be manager and each user entry in the LDAP directory must include
a manager attribute that specifies the supervisor by their entrydn.
|
UserId Attribute Subordinate |
The name
of the attribute in a user entry that specifies the people who report
to the user. The default value is directReports, which is not used in
the Oracle Directory Server Enterprise Edition. You can use a default attribute, such
as secretary or entrydn, or you can create custom attributes to define the
downward reporting structure.
Note - To enable task escalation and reassignment, this value must be entrydn and
the reporting structure for each user must be defined in their entrydn attribute
in the LDAP directory.
|
|
The name of the attribute in a user
entry that specifies an email address. The default value is mail, which is
the attribute the Oracle Directory Server Enterprise Edition provides for this purpose. This
is used for email notifications (as defined in the Worklist Manager window for
a user activity in the Business Process). |
UserId Attribute Given Name |
The name of the
attribute in a user entry that specifies a user’s first name. The default
value is givenName, which is the attribute the Oracle Directory Server Enterprise Edition
provides for this purpose. This is used during email notification. |
|
Configuring a Microsoft Active Directory Connection
To use Microsoft Active Directory with the Worklist Manager, you must specify
certain information about the LDAP directory structure so the Worklist Manager knows where to
find the user information defined in the directory. You can use your existing
directory structure as long as there is a mechanism for defining a user
reporting hierarchy.
To Configure a Microsoft Active Directory Connection
- In the Services window, right-click the Worklist Manager External System, and then click
Properties.
- On the properties page that appears, verify that the Connection Parameters property is
set to ActiveDirectoryConnection.
- Expand WLMConnector External System Configuration, and then click Sun Java System Directory Server/ADS/OID.
- Enter the property values for the properties described in the following table.
Note - Depending on how your LDAP directory is set up, not all of these
fields are required. The default configuration is not necessarily illustrative of an actual
implementation.
- Click OK to close the Properties dialog box.
|
|
|
The URL of
the LDAP server. The format of the URL is ldap://host:port, where host
is the name of the computer hosting the LDAP server, and port is
the port number on which the LDAP server is listening for requests. |
Java Naming
Factory Initial |
The fully qualified name of the factory class that creates the initial
context. The initial context is the starting point for JNDI naming operations. |
Java Naming
Security Authentication |
The security level to use in JNDI naming operations. Enter one of
the following values:
|
Java Naming Security Principal |
The DN of the security principal used
for connecting to the LDAP server. |
Java Naming Security Credentials |
The password of the naming
security principal. |
|
The parent DN of the user entries. This property specifies the root
entry of the Users portion of the LDAP directory; for example, cn=Users,dc=oracle,dc=com. |
UserDN
Attribute Name In User |
The name of the attribute in a user entry
where the user’s DN is defined. If you are using the default schema
for Active Directory, enter distinguishedName for this property. |
UserId Attribute Name In User |
The name
of the attribute in a user entry that defines the user’s login ID.
The default name for this attribute in Active Directory is sAMAccountName. |
|
The parent DN
of the role entries. This property specifies the root entry of the Roles
portion of the LDAP directory; for example, ou=OracleRoles, dc=oracle,dc=com. |
Role Name Field In RoleDN |
The
name of the attribute in a role entry that specifies the name of
the role. The default name for this attribute in Active Directory is cn. |
Role
Name Attribute Name In User |
The name of the attribute in a user
entry that specifies the roles to which a user is assigned. The default value,
nsroledn, does not apply to Active Directory. The default attribute used by Active Directory
is memberOf. |
|
The parent DN of the group entries. This property specifies the root
entry of the Groups portion of the LDAP directory; for example cn=users,dc=oracle,dc=com. |
Group
DN Attribute Name In Group |
The name of the attribute in a group
entry that specifies the DN of the group. If you are using the
default schema for Active Directory, enter distinguishedName for this property. |
Group Name Field In
Group DN |
The name of the attribute in a group entry that specifies
the name of the group. The default name for this attribute in Active
Directory is cn. |
Group Of User Filter Under Groups ParentDN |
The LDAP search filter used
to retrieve all of a user’s groups. This property follows the syntax supported
by the java.text.MessageFormat class with {1} marking where the user’s DN should be
inserted. For example (for Active Directory only), (&(member={1})(objectclass=group)). |
|
The name of the attribute
in a user entry that specifies the person a user reports to. The
default value is manager, which is the attribute that Active Directory provides for
this purpose. You can also create custom attributes to define a reporting structure. |
UserId
Attribute Subordinate |
The name of the attribute in a user entry that specifies
the people who report to the user. The default value is directReports, which
is the attribute that Active Directory provides for this purpose. In Active Directory,
directReports is linked referentially to manager, above. |
|
The name of the user attribute
that specifies an email address. The default value is mail, which is the attribute
that Active Directory provides for this purpose. This is used for email notifications
(as defined in the Worklist Manager window for a user activity in the
Business Process). |
UserId Attribute Given Name |
The name of the user attribute that specifies
a user’s first name. The default value is givenName, which is the attribute
that Active Directory provides for this purpose. This is used during email notification. |
|