3 Configuring the AIS Server

This chapter contains the following topics:

3.1 Deploying the AIS Server through Server Manager

Deploy the AIS Server as a managed instance through Server Manager. You can deploy the AIS Server on Oracle WebLogic Server or IBM WebSphere Application Server.

If you are using Oracle WebLogic Server 12.2.1 to host the AIS Server, you must upgrade the AIS Server and Server Manager to EnterpriseOne Tools 9.2.0.5 or higher. You cannot run AIS Server releases 9.2.0.4 and lower on Oracle WebLogic Server 12.2.1.

See "Create an Application Interface Services (AIS) Server as a New Managed Instance" in the JD Edwards EnterpriseOne Tools Server Manager Guide for instructions on how to deploy the AIS Server as a managed instance.

Important for Mobile Enterprise Applications:

When you deploy the AIS Server, remember the server name and port number. These values make up the URL that you need to provide users of mobile enterprise applications for login:

http://<ais_servername>:<portnumber>

The first time users open a mobile application, they are prompted to enter this URL to connect to the AIS Server. However, if you deploy mobile application archives with an integration with Oracle Mobile Cloud Service, mobile applications users would enter the URL to the backend Mobile Cloud Service instance for login. See "Integration with Oracle Mobile Cloud Service" in the JD Edwards EnterpriseOne Tools Developing and Customizing Mobile Enterprise Applications Guide for details.

3.2 Additional Required AIS Server Configurations

After deploying the AIS Server through Server Manager, perform the following tasks to complete the configuration:

3.2.1 Configuring the Allowed Hosts Setting for the EnterpriseOne HTML Server

In Server Manager, configure the Allowed Hosts setting for the EnterpriseOne HTML Server to specify the AIS Server host from which the EnterpriseOne HTML Server will receive requests.

  1. In Server Manager, access the EnterpriseOne HTML Server managed instance.

  2. Expand the Web Runtime area (Advanced View), and in the Allowed Hosts field, enter the IP address of the AIS Server.

  3. Restart the server for the changes to take effect.

Note:

If the AIS client application fails to connect to the server, verify that the IP Address of the AIS Server has been entered correctly in the Allowed Hosts field. If the IP Address is correct and the connection still fails, then enter an * (asterisk) in the Allowed Hosts setting, which enables the EnterpriseOne HTML Server to accept requests from any host.

3.2.2 Configuring the AIS Server with an EnterpriseOne Enterprise Server (Release 9.2.2.2)

Starting with EnterpriseOne Tools 9.2.2.2, an AIS Server requires a configuration with the EnterpriseOne Enterprise Server (Security Server). This configuration ensures that login requests to the AIS Server use the site key on the Enterprise Server for encryption. If not configured, all login requests to the AIS Server will fail.

Also, starting with EnterpriseOne Tools 9.2.3, the AIS Server supports calls from the Enterprise Server when B98ORCH is executed on the Enterprise Server to call an orchestration or notification on the AIS Server.

In Server Manager, access the AIS Server Security Information settings and define a valid Security Server and port for the AIS Server. For a description of each field, access the field-level help within Server Manager.

Surrounding text describes security_server_n.png.

3.2.3 Verifying the JAVA Argument for AIS Server (Oracle WebLogic Server Only)

If the AIS Server is deployed on Oracle WebLogic Server, you must make sure that the server configuration includes a JAVA argument for starting the server. To do so:

  1. In the WebLogic Admin Console, locate the AIS Server instance.

  2. Click the Server Start tab.

  3. Verify that the following argument is in the Arguments field:

    -DuseSunHttpHandler=true

3.2.4 Configuring the Keep JAS Session Open Setting for the AIS Server

In Server Manager, ensure that the Keep JAS Session Open setting for the AIS Server is set to True/Checked.

3.2.5 Configuring SSL/TLS for the AIS Server (Release 9.2.1)

The availability of the AIS Server port number can enable AIS client access to the AIS Server without the use of a VPN. To protect information sent between an AIS client and the AIS Server, you should use SSL when configuring the AIS Server. If you enable the AIS Server for SSL/TLS (HTTPS), you must use a valid certificate. The encryption algorithm for the certificate must be this type:

  • Signature.SHA1withRSA

3.2.6 Configuring the Allow PS Token Login Setting for EnterpriseOne ADF Applications (Release 9.2.0.5)

If you are running EnterpriseOne ADF applications, make sure that the Allow PS Token Login check box is selected in the AIS Server Security Settings section in Server Manager. EnterpriseOne ADF applications running in JD Edwards EnterpriseOne use the PS Token to establish a session with the AIS Server. If this setting is not checked, the ADF integration will fail.

3.2.7 Configuring Oracle WebLogic Server Domain for HTTP Basic Authentication

REST services on the JD Edwards EnterpriseOne AIS Server can use HTTP Basic Authentication for access. Support for HTTP Basic Authentication is enabled out of the box and is required to run the EnterpriseOne Orchestrator Client, create custom Java calls from orchestrations, and use the AIS client Java API (versions 1.2.1.x and higher).

If the AIS Server is deployed on Oracle WebLogic Server, Oracle WebLogic Server may require the following additional configuration depending on how you manage users:

  • If you are maintaining a user registry in Oracle WebLogic Server that matches the user registry in EnterpriseOne, with identical sets of user names and passwords in each system, you do NOT need to modify your configuration.

  • If you are NOT maintaining identical sets of users in Oracle WebLogic Server and EnterpriseOne, then you need to perform the following steps to modify your Oracle WebLogic Server configuration. This ensures that Oracle WebLogic Server will not intercept HTTP Basic Authentication credentials passed from the REST service.

    1. In the WebLogic Server domain for your AIS Server, in the Config directory, find the config.xml file.

    2. Add this configuration as the last line within the <security-configuration> element, just before the </security-configuration> tag:

      <enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>

    3. Restart the AIS Server for the changes to take effect.

The following is an example of this configuration in the <security-configuration> element:

<node-manager-password-encrypted>{AES}tzAokzTHACTNNmkuutLPQEpP8bfk7Ble24vmoycooic=</node-manager-password-encrypted>
    <enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
  </security-configuration>
  <server>

3.2.8 Configuring the AIS Server as a Cluster

If using an AIS cluster configuration for notifications, the AIS Server needs to be tied to a single EnterpriseOne HTML Server, not a cluster. You can still cluster the AIS Server, but you must have every AIS node point to its own HTML Server.

3.3 Testing the AIS Server Configuration

In Server Manager, use the "Test Configuration" button to test the AIS Server setup. This uses the Defaultconfig service on the AIS Server to test communication between the AIS Server and the EnterpriseOne HTML Server.

Using a REST client testing tool, you can perform an additional test by performing a POST to the following URL:

http://<host>:<port>/jderest/formservice

Make sure to include Basic Authorization credentials in the request and include the following JSON in the body:

{
   "formName":"P01012_W01012B"
}

If you encounter any issues with the AIS Server configuration, see Appendix A, "AIS Troubleshooting" in this guide.