This chapter contains these topics:
You must deploy the World Web Service EAR file to an Oracle WebLogic or IBM WebSphere application server. For more information about release requirements, see the JD Edwards World Minimum Technical Requirements Guide and A9.2.1. All necessary Java security setup occurs after deployment. This guide contains specific deployment and security setup instructions for both application servers. Make sure you have installed and configured the application server before deploying the EAR file.
You need to configure an appropriate WebLogic Application Server using the procedure inAppendix A, "Install WebLogic Application Server" in this guide.
To configure the WebLogic Application Server
Start the WebLogic Admin Server:
%SystemRoot%\system32\cmd.exe /k"C:\Oracle\Middleware\user_projects\domains\base_domain\bin\startWebLogic.cmd"
Launch the application server console:
http://localhost:7001/console
From WebLogic console select Security Realms to create a Security Realm.
Click New.
Enter a Realm Name and then click OK.
Figure 2-2 Summary of Security Realms screen
Click New to create a realm.
Figure 2-3 Settings for MyRealms (General Tab) screen
Select the Providers tab and then click New.
Figure 2-4 Create a New Authentication Provider screen
Enter the Name and select the Type WorldAuthenticator from the dropdown list.
Click OK.
The WorldAuthenticator displays as one of the Authentication Providers.
Figure 2-5 Settings for MyRealm (Authentication Tab) screen
Make sure the WLS DefaultAuthenticator is before the WorldAuthenticator.
Click the WorldAuthenticator link.
Figure 2-6 Settings for WorldAuthentication (Common Tab) screen
Set the Control Flag to REQUIRED and then click Save.
Figure 2-7 Settings for Default Authenticator (Common Tab) screen
Select the DefaultAuthenticator link and Change the Control Flag of the DefaultAuthenticator to SUFFICIENT.
Click Save.
Create a machine. Use the default values.
http://localhost:7001/consolehelp/console-help.portal?_nfpb=true&_pageLabel=page&helpId=machines.ConfigureMachines
Select Local Machine.
Figure 2-9 Settings for Local (Mode Manager Tab) screen
Create a managed server for the Web Services.
http://localhost:7001/consolehelp/console-help.portal?_nfpb=true&_pageLabel=page&helpId=domainconfig.CreateManagedServers
Figure 2-10 Summary of Servers (Configuration Tab) screen
Select WorldServer.
Set Machine to machine configured in step 12.
Figure 2-11 Configuration (General tab) screen
Services use the SSL port (https://). Make sure to verify that the SSL Listen Port is Enabled.
If using NodeManager to start and stop the managed server, select the Server Start tab and configure as the following graphic displays:
Figure 2-12 Settings for WorldServer (Configuration Tab) screen
Class Path:
\Oracle\Middleware\user_projects\domains\base_domain\lib\BaseJar.jar;\Oracle\Middleware\user_projects\domains\base_domain\lib\JDEWorldJDBC.jar;\Oracle\Middleware\user_projects\domains\base_domain\lib\jt400.jar;\Oracle\Middleware\user_projects\domains\base_domain\lib\log4j-1.2.14.jar;\Oracle\Middleware\wlserver_10.3\server\lib\weblogic.jar;\Oracle\Middleware\wlserver_10.3\server\lib\weblogic_sp.jar;
Note:
For details about the latest version supported for log4j, see Doc ID 2318897.1 in My Oracle Support. (WS: Instructions to Address JD Edwards World Security Vulnerabilities (Doc ID 2318897.1)(Release A9.3 Update)Arguments:
-Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=256m -XX:MaxPermSize=128m
Deploy Services to managed server On Server Console, select Deployments.
Figure 2-13 Summary of Deployments (Control Tab) screen
Click Install.
Figure 2-14 Install Application Assistant (Locate Deployment Tab) screen
17. Locate service WAR file and then click Next.
Figure 2-15 Install Application Assistant (Choose Targeting Style Tab) screen
Select Install this deployment as an application and then click Next.
Figure 2-16 Install Application Assistant (Select Deployment Targets Tab) screen
Verify the managed server you created earlier, and click Next.
Figure 2-17 Install Application Assistant (Optional Settings Tab) screen
Click Finish.
Figure 2-18 Summary of Deployments (Control Tab) screen
The Summary of Deployments displays your service.
Configure security for service (the service must be started).
From the Deployments screen, expand the service you want to secure.
Figure 2-19 Expanded Service Deployment (Name) screen
Select the web service and then select the Configuration-> WS-Policy tab.
Figure 2-20 Settings for Contact Phones Implemented Service (Configuration Tab, WS-Policy Subtab) screen
Select the service.
Figure 2-21 Configure a Web Service Policy screen
Select:
policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml
Click the right arrow to move it from the Available Endpoint Policies to the Chosen Endpoint Policies area.
Click OK.
Save the deployment plan.
Figure 2-22 Save Deployment Plan Assistant screen
Click OK and then restart the server.
All web services need to specify a security string as part of the SOAP Header in the format DN=username, ADR=machineName, ENV=environment, for example:
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<Username>DN=SOAPROXY,ADR=JDED, ENV=A93TS</Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">edduser93</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>