This chapter describes the tasks that you must perform before running the Oracle Communications Billing Care installer. The procedures include links to relevant documentation in related product documentation.
In production installations, the Billing Care installer deploys Billing Care on a running Oracle Entitlements Server (OES) Client domain. The installer assumes that the following required software pre-installation tasks, including applying patches and workarounds, have already been completed successfully.
Note:
A test installation without Oracle Identity and Access Management (IAM) can be performed on a basic WebLogic domain. Test installations do not require the following IAM pre-installation tasks. See "Installing Billing Care for Testing" for more information. Do not use a test installation in production.Pre-installation tasks for Billing Care consist of the following steps:
Billing Care uses Oracle Identity and Access Management (IAM) for user authentication and authorization. IAM requires an Oracle Enterprise Database for storing information. You must install a database before using the Life Cycle Management (LCM) tools to install and deploy IAM components.
Oracle recommends that an experienced database administrator install and configure your database. To install and configure Oracle Database, see the Oracle Database installation documentation at:
https://docs.oracle.com/en/database/
Record your database details in Table 4-7, "IAM Database Connection Information".
Use the Oracle Fusion Middleware Repository Creation Utility (RCU) to create the required IAM database schema.
See "Creating Database Schema Using the Oracle Fusion Middleware Repository Creation Utility (RCU)" in Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management for more information.
Note:
If you are using version 11gR2PS3 or later of the Oracle Identity and Access Management Deployment Repository Life Cycle Management tools, the required schema configuration can be created when generating your response file. You do not need to run RCU before running the response file. The Deployment Wizard creates the required schemas during deployment.Installing and configuring IAM requires a pre-existing Oracle WebLogic Server middleware home directory. Download and install WebLogic Server before installing IAM.
See "Obtaining the Oracle Fusion Middleware Software" in Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management for more information on downloading WebLogic Server.
See Oracle Fusion Middleware Installation Guide for Oracle WebLogic Server for information on installing WebLogic Server.
To install required IAM components, use the IAM Life Cycle Management (LCM) tools. LCM tools are included in the Oracle Identity and Access Management Deployment Repository.
Download the Oracle Identity and Access Management Deployment Repository for your operating system from Oracle Software Delivery Cloud at:
After you have downloaded all required files, uncompress the archives to create your repository in a location on your IAM host.
See "About the Lifecycle Management and Deployment Repository" in Oracle Fusion Middleware Deployment Guide for Oracle Identity and Access Management 11g Release 2 for more information about the repository.
After creating your IAM Deployment Repository, install the LCM tools.
To install the LCM tools, follow the procedure "Installing and Preparing to Use the Life Cycle Management Tools" in Deployment Guide for Oracle Identity and Access Management.
Use the LCM tools Deployment Wizard to create a response file specifying the IAM components, including the OES Administration Server, required by Billing Care.
Note:
If you are using a JDK version 1.7.0_40 or later, you must disable the certificates key length limitation to install OES. See "x.509 Certificates Key Length Limitation for JDL1.7.0_40 and Later" in Oracle Fusion Middleware Identity Management Release Notes for information on disabling the limitation.See "Overview of Deployment Response File" in Oracle Fusion Middleware Deployment Guide for Oracle Identity and Access Management 11g Release 2 for information on creating a response file.
Select the options listed in Table 4-1 when creating your response file.
Table 4-1 Deployment Tool Response File Options for Billing Care
| Screen | Selection |
|---|---|
|
Suite Selection |
OIM-OAM-OMSS Integrated with Directory |
|
Directory Configuration |
Configure New Directory, Oracle Unified Directory |
|
OIM Database Configuration |
Select Create Schema Using RCU and enter the information for the database you previously created (for Oracle Identity and Access Management Deployment Repository version 11gR2PS3). |
Deploy your response file using the Deployment Wizard. See "Performing Deployment Using the Oracle Identity and Access Management Deployment Wizard" in Oracle Fusion Middleware Deployment Guide for Oracle Identity and Access Management 11g Release 2 for more information on deploying response files.
Record your OES Administration Server details in Table 4-8, "OES Administration Server Domain Information".
Record your IAM details in Table 4-11, "Oracle Identity and Access Management Console URLs".
Note:
Deploying the response file may take a long time depending on your hardware. Monitor the console log for information on deployment progress.After deployment is complete, configure the OES Administration Server to use Oracle Unified Directory (OUD) as the authentication provider.
See "Configuring an Authentication Provider for Oracle Unified Directory" in Oracle Fusion Middleware Securing Oracle WebLogic Server for information on setting up OUD as your authentication provider.
See "Introduction to Oracle Unified Directory" in Oracle Fusion Middleware Administering Oracle Unified Directory for information on setting up OUD, including how to synchronize OUD with existing directories that you may already have.
Record your OUD details in Table 4-10, "OES Unified Directory Information".
Create a Billing Care application domain in Oracle Access Manager (OAM) and configure an application domain policy that controls access to the Billing Care application.
To create your Billing Care application domain in OAM, complete the following steps:
Creating the Billing Care Authentication Policy and Adding Resources
Creating the Billing Care Authorization Policy and Adding Resources
See "Introduction to Application Domain and Policy Creation" in Oracle Fusion Middleware Administrator's Guide for Oracle Access Management for more information on application domains and policies.
To create the Billing Care application domain:
Log into your OAM web console at http://Host:port/oamconsole where Host and port are the server name or IP address and port for your OAM instance.
Click Application Domains in the Access Manager frame.
Click Create Application Domain.
In the Name field, enter a name fro your application domain.
(Optional) Provide Description, Session Idle Timeout (minutes), Allow OAuth Token, and Allow Session Impersonation values.
Click Apply.
The Billing Care application domain is created.
See "Creating a Fresh Application Domain Using the Console" in Oracle Fusion Middleware Administrator's Guide for Oracle Access Management for more information on creating an application domain in OAM console.
Define the /bc**, /bc*, and /** resources for your Billing Care application domain. Repeat steps 1 through 4 for each of these resources.
To define Billing Care resources in your Billing Care application domain:
Click Application Domains in the Access Manager frame.
Click the link for your Billing Care application domain.
The Summary tab for your Billing Care application domain is shown.
Click the Resources tab.
Enter or select the following values listed in Table 4-2.
Define an excluded resource for /fav.ico.
To define the excluded resource, repeat steps 1 through 4 using the values listed in Table 4-3.
Table 4-3 Billing Care Excluded Resource Creation Values
| Field | Value |
|---|---|
|
Type |
HTTP |
|
Description |
(Optional) Enter text description |
|
Host Identifier |
IAMSuiteAgent |
|
Protection Level |
Excluded |
|
Resource URL (String) |
/favicon.ico |
See "About Defining Resources in an Application Domain" in Oracle Fusion Middleware Administrator's Guide for Oracle Access Management for more information on creating resources in OAM console.
Create an OIMIDStore authentication model in OAM for authenticating Billing Care users.
To create the required authentication model in OAM:
Click Authentication Modules in the Access Manager frame.
The Authentication Modules node is shown.
Click the Create Authentication Module menu and select Create LDAP Authentication Module.
In the Name field, provide a name for your authentication module.
In User Identity Store, select OIMIDStore.
Click Apply.
See "Creating a New Authentication Module of an Existing Type" in Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service for more information on creating an authentication module in OAM console.
The authentication module you previously created must be added to a authentication scheme in your Billing Care application domain.
To create an authentication scheme and add the authentication module to it:
Click Authentication Schemes in the Access Manager frame.
The Authentication Schemes node is shown.
Click Create Authentication Scheme.
Enter or select the following values listed in Table 4-4.
Table 4-4 Billing Care Authentication Scheme Creation Values
| Field | Value |
|---|---|
|
Name |
Billing Care LDAP Scheme name |
|
Description |
(Optional) Enter text description |
|
Authentication Level |
2 |
|
Challenge Method |
FORM |
|
Challenge Redirect URL |
/oam/server |
|
Authentication Module |
Select the authentication module created in the previous step |
|
Challenge URL |
/pages/login.jsp |
|
Context Type |
default |
|
Context Value |
/oam |
Click Apply.
See "Creating an Authentication Scheme" in Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service for more information on creating an authentication scheme in OAM console.
Create an authentication policy that the Billing Care application domain uses to manage the resources, authentication module, and authentication scheme previously created.
To create an authentication policy:
Click Application Domains in the Access Manager frame.
The Application Domain tab is shown.
In the Search field, enter the name of your Billing Care application domain and press enter.
In Search Results, click the name of your Billing Care application domain.
Click the Authentication Policies tab.
The Authentication Policy node is shown.
Click Create Authentication Policy.
Enter or select the following values listed in Table 4-5.
Click Apply.
To add your Billing Care resources to your authentication policy:
In the Authentication Policy node for your previously created policy, click the Resources tab.
Click Add.
Select all of the Billing Care resources created in "Defining Billing Care Resources".
Click Apply.
See "Adding an Authentication Policy and Resources" in Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service for more information on creating an authentication policy and adding resources in OAM console.
Create an authorization policy and add resources to this policy for the Billing Care application domain.
To create the Billing Care application domain authorization policy:
Click Application Domains in the Access Manager frame.
The Application Domain tab is shown.
In the Search field, enter the name of your Billing Care application domain and press enter.
In Search Results, click the name of your Billing Care application domain.
Click the Authorization Policies tab.
Enter or select the following values listed in Table 4-6.
Click Apply.
Click the Resources tab.
Click Add.
Select all of the Billing Care resources created in "Defining Billing Care Resources".
Click Apply.
See "Creating an Authorization Policy and Specific Resources" in Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager for more information on creating an authorization policy and adding resources in OAM console.
After configuring the required Billing Care OAM components, edit the Oracle HTTP Server (OHS) idm.conf file in your OAM instance to specify the handler, host, and port for the /bc resource. Restart your OHS instance after editing this file.
To configure the /bc resource in the OHS idm.conf file:
Open a secure shell or terminal window to your OAM host as a user with administrative permissions.
Change to the Middleware_home/config/OHS/OHS_Instance/moduleconf directory where Middleware_home is the middleware home directory of the OAM WebLogic Server instance and OHS_Instance is the OHS instance where OAM is hosted.
Append the following entry into the idm.conf file before the </VirtualHost> closing tag:
<Location /bc>
SetHandler weblogic-handler
WebLogicHost host name or IP address of your OES Administration Server
WeblogicPort port number the WebLogic host is listening on
</Location>
Save the file.
Change to the OHS_home/bin directory where OHS_home is the Oracle home directory of your OHS installation.
Restart OHS with the following commands:
./opmnctl status
./opmnctl stopall
./opmnctl startall
See "The idm.conf File" in Oracle Fusion Middleware Integration Guide for Oracle Identity Management Suite for more information on the OHS idm.conf file.
Install OES Client on each managed server on which you plan to deploy Billing Care on. A WebLogic Server installation is required before installing the OES Client.
See "Installing Oracle Entitlements Server Client" in Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management for information on downloading and installing OES Client.
Record your OES Client domain details in Table 4-9, "OES Client Domain Information".
OES Client includes the WebLogic Security Module (SM) used by Billing Care to connect to the OES Administration Server. Configure the OES Client WebLogic Server SM to connect to the OES Administration Server by specifying the OES Administration Server host name and port number in the smconfig.wls.controlled.prp file found in Oracle_home/oessm/SMConfigTool where Oracle_home is the directory where you installed the OES Client package.
Run the config.sh script located in Oracle_home/oessm/bin to set up the WebLogic Server Security Module and create the OES Client domain on which you will deploy Billing Care. The OES client domain is created by the Fusion Middleware Configuration Wizard when you run the config.sh script.
See "Configuring Oracle WebLogic Server Security Module in a Controlled Push Mode" in Oracle Fusion Middleware Installation Guide for Oracle Identity and Access Management for information on configuring the WebLogic Server SM for use with Billing Care.
This section describes the information that you will be required to provide during and after the Billing Care installation procedure. You define some of these configuration values when you complete the previous steps. After you have completed all of the pre-installation steps, see "Installing Billing Care" for information on running the Billing Care installer to install Billing Care.
Note:
Oracle recommends that you print the tables and record the values for when you run the Billing Care installer.Table 4-7 lists the database details that are required during response file configuration. Use the Value column to record your environment's details.
Table 4-7 IAM Database Connection Information
| Field | Description | Value |
|---|---|---|
|
Host Name |
The IP address or the host name of the computer on which the database is configured. |
- |
|
Port Number |
The port number assigned to the database service. |
- |
|
User Name |
The database user name. This user should have the following capabilities on the database: create user, grant any role, grant any privileges, and select any table for Enterprise edition. |
- |
|
Password |
The database user password. |
- |
|
Service Name |
The name of the database service. |
- |
Table 4-8 lists the details for the OES Administration Server domain that are required during Billing Care installation. Use the Value column to record your environment's details.
Table 4-8 OES Administration Server Domain Information
| Field | Description | Value |
|---|---|---|
|
Host Name |
The IP address or the host name of the computer on which the OES Administration Server domain is configured. |
- |
|
Port Number |
The port number assigned to the OES Administration Server domain server. |
- |
|
User Name |
The OES Administration Server domain administrator user name. |
- |
|
Password |
The password for the OES Administration Server administrator user. |
- |
|
WebLogic Home |
The path of the directory in which the WebLogic Server software is installed on the OES Administration Server host. |
- |
Table 4-9 lists the details for the OES Client domain that are required during Billing Care installation. Use the Value column to record your environment's details.
Table 4-9 OES Client Domain Information
| Field | Description | Value |
|---|---|---|
|
Host Name |
The IP address or the host name of the computer on which the OES Client domain is configured. |
- |
|
Port Number |
The port number assigned to the OES Client domain administration server. |
- |
|
User Name |
The OES Client domain administrator user name. |
- |
|
Password |
The password for the OES Client domain administrator user. |
- |
|
WebLogic Home |
The path of the directory in which the WebLogic Server software is installed on the OES Client domain server. |
- |
Table 4-10 lists the details for the Oracle Unified Directory (OUD) authentication provider that are required during Billing Care installation. Use the Value column to record your environment's details.
Table 4-10 OES Unified Directory Information
| Field | Description | Value |
|---|---|---|
|
Provider Name |
Name of OUD Authentication provider. |
- |
|
Host Name |
The host name or IP address of the LDAP server. |
- |
|
Port Number |
The port number on which the LDAP server is listening. |
- |
|
Admin User Name |
The Distinguished Name (DN) of the LDAP user that WebLogic Server should use to connect to the LDAP server. |
- |
|
Admin Password |
The credential (usually a password) used to connect to the LDAP server. |
- |
|
User Base DN |
The base distinguished name (DN) of the tree in the LDAP directory that contains use. |
- |
|
Group Base DN |
The base distinguished name (DN) of the tree in the LDAP directory that contains group. |
- |
|
Asserter Name |
The name of the OAM Identity Asserter. |
- |
Table 4-11 lists the Oracle Identity and Access Management Console URLs which are required to complete Billing Care pre-installation and configuration. The Host is the server name or IP address of your OES Administration Server. Default values are provided for the ports. Use the Value column to record your environment's details.
Table 4-12 lists the BRM connection manager (CM) and, if used, Oracle Business Intelligence Publisher (BIP) details that are required after Billing Care installation. Use this information to configure your Infranet.properties file, to specify the BRM connection manager and BIP instance to which Billing Care connects to.
See "Encrypting and Adding BI Publisher Connection Information in Infranet.properties" for more information on how to configure the Billing Care to BRM and BIP connections in the each OES Client domain on which Billing Care is deployed. Use the Value column to record your environment's details.
Table 4-12 Billing Care Connection Information for Infranet.properties
| Field | Description | Value |
|---|---|---|
|
__USER__ |
BRM system user with connection manager access |
- |
|
__PASSWORD__ |
Encrypted BRM system user's password |
- |
|
__HOST__ |
BRM host where connection manager is running |
- |
|
__PORT__ |
Port number for connection manager |
- |
|
__SSL_ENABLED__ |
Boolean indicating if SSL connection to BRM CM is enabled |
- |
|
__WALLET_DIR__ |
Directory where the BRM Oracle wallet file is stored |
- |
|
__WALLET_FILE__ |
Name of the Oracle wallet file |
- |
|
__BIP_USERID__ |
BIP user with web access |
- |
|
__BIP_PASSWORD__ |
Encrypted BIP user's password |
- |
|
__BIP_URL__ |
URL address to access BIP instance |
- |