5 ORDS Web Services

The RESTful API enabling Omnichannel applications to access the Merchandising and Pricing data from OCDS runs on Oracle REST Data Services (ORDS).

Performance Tuning

As the number of Omnichannel clients of OCDS increases, it is possible to experience performance degradation due to there being too few database connections to service the load. ORDS uses the Oracle Universal Connection Pool (UCP), a cache of reusable database connection objects. The out-of-the-box ORDS defaults for initial number of connections created and the maximum number of connections allowed is 3 and 10 respectively, which may be low for very active environments.

These properties, and others, are stored in the Oracle REST Data Services <config-folder>/ords/defaults.xml file that is created at the install time.

Increase these connection limits by setting the jdbc.InitialLimit and jdbc.MaxLimit configuration file parameters to higher values.

See section B.4 Understanding the Configuration File Format of the Oracle REST Data Services Documentation Release 18.1 (Oracle REST Data Services Installation, Configuration, and Development Guide) for details on all ORDS configurations.

REST Services

This chapter deals with the REST Services.

Authentication

REST Services are secured with SSL and basic authentication. Successful authentication of a REST request requires the caller provide the username and password of a WebLogic User in the OcdsMonitorGroup.

Endpoints

The root URL pattern for the OCDS (ORDS) Web Services is shown below, where {path-prefix} is defined at install time. http[s]://{host}[:{port}]/ords/{path-prefix}/omnichannel/

For individual URL endpoint patterns, see this guide's section titled: Appendix A: REST Web Service API.

WebLogic Users and Groups

WebLogic security realms provide a mechanism for protecting WebLogic resources. Users are entities that can be authenticated in a security realm. Users are organized into Groups that can have different levels of access to WebLogic resources.

This section lists the default security realm's Groups and Users used by the ORDS web service component.

Groups

Table 5-1 WebLogic Groups

Name	Description	Component
OcdsMonitorGroup	REST Authentication User Group	ORDS

Users

The credentials of Users in the OcdsMonitorGroup are used for REST web service authentication. It is recommended that one user be created for each Omnichannel application that is integrated with OCDS.

Table 5-2 WebLogic Users

Type	Group	Description	Component
Omnichannel Application User	OcdsMonitorGroup	Omnichannel Applications Web Service User	ORDS

Changing User Passwords

The user password, supplied in HTTP requests to any OCDS (ORDS) Web Service endpoint, is authenticated by the default Authentication Provider configured for the security realm of the WebLogic domain. The WebLogic security architecture supports a variety of types of Authentication Providers, including custom. The out of the box Authentication Provider is the WebLogic Authentication provider, also known as the DefaultAuthenticator, which accesses user and group information in WebLogic Server's embedded LDAP server.

When using the DefaultAuthenticator, a user password can be reset directly by accessing the Users and Groups tab of the security realm's settings in the WebLogic Admin Console.