7 RSB Home

The RSB configuration and installation process follows the RSB lifecycle phases. Each of the lifecycle phases can be managed by a certain role. To support the separation of roles and responsibilities and to clearly define these phases, RSB has adopted a specific directory structure. The tools required for each of these roles are provided within this directory structure.

This directory structure supports access permissions to different tools that are managed according to the site-specific business requirements. For example, a systems administrator can be given access permissions to all the tools, while a RSB administrator or applications administrator can be provided access to only certain operation tools.

The RSB directory structure is fixed and is created by the RSB kernel tar file: RsbKernel<version>ForAll<version>Apps_eng_ga.tar.

The rsb-home is a controlled structure and there are very specific rules for using the tools and the key files within it. A key rule is that the tools scan and check versions of all files within rsb-home.

Directory Structure and Key Files

RSB uses a well defined directory structure for the lifecycle management of the services. rsb-home is the root of this directory structure. Each of the lifecycle operation has a subdirectory under it. These are

download-home: All the component archives are downloaded into subdirectory under this directory. This directory contains following additional subdirectories.
- all-app-service-decorator: Download location of all the decorator archives.
- all-business-process-service-decorator: This is for future use.
- all-functional-business-process: This is for future use.
- all-functional-service-int-flow: Download location of all the service integration flow archives.
service-assembly-home: This subdirectory hosts the service compilation related configurations and scripts
deployment-home: This subdirectory has all the deployment configurations and deployment scripts.

Each of the lifecycle directories has one or more of the following subdirectories

bin: contains all the executables
conf: contains all the configuration files
log: contains all the log files

The structure of the directory is shown below. Files are shown in italics and scripts are shown in bold-italics.

  rsb-home
|
|---- deployment-home
|     |---- bin
|     |     |---- configure-rsb-app-server-for-security-policy-b.sh
|     |     `---- rsb-deployer.sh
|     |---- conf
|     |     |---- ddl
|     |     |     `---- RSB_INFRASTRUCTURE_SCHEMA_DEFINITION.SQL
|     |     |---- rsb-decorator-instrumentation.properties
|     |     |---- rsb-decorator-service-to-family-name-association.properties
|     |     |---- rsb-deployment-env-info.properties
|     |     |---- ddi-integration-flows.xml
|     |     |---- ddi-integration-flows.xsd
|     |     `---- rsb-integration-flows.xml
|     `---- log
|---- download-home
|     |---- all-app-service-decorator
|     |---- all-business-process-service-decorator
|     |---- all-functional-business-process
|     |---- all-functional-service-int-flow
|     |---- bin
|     |     `---- check-version-and-unpack.sh
|     `---- log
|---- integration-lib
`---- service-assembly-home
        |---- app-service-decorator
        |---- bin
        |     |---- download-app-service-wsdl.sh
        |     |---- generate-rsb-decorator-security-config.sh
        |     |---- rsb-compiler.sh
        |     `---- setup-message-protection-security-credentials.sh
        |---- conf
        |     |---- logging.properties
        |     |---- app-service-policy-id-to-decorator-service-policy-id-map.properties
        |     `---- rsb-builder-internal-trust-store.jks
        |---- log
        |---- service-integration-flow
        `---- service-policy-config
                |---- input
                |     |---- app-service-provider-wsdl
                |     `---- security-policy
                `---- output
                        |---- app-service-provider-security-policy
                        |---- decorator-service-biz-security-policy
                        |---- decorator-service-consumer-client-security-policy
                        |---- decorator-service-proxy-security-policy
                        |     `---- service-name-to-policy-id-map.properties
                        `---- decorator-service-proxy-wsdl

Deployment Property File

Deployment property file (rsb-deployment-env-info.properties) is where you make most, if not all, of the configurations you need to make to configure RSB for your enterprise. The details of the properties in the file are described later in the document. During upgrades, it is recommended to backup this file and restore after extracting the RSB kernel. After any changes are made to this file, RSB must be compiled and the affected components must be redeployed.

check-version-and-unpack.sh

This script is run after the download of components or during upgrade. It checks for version compatibility and extracts each downloaded archive to its appropriate location in rsb-home.

rsb-compiler.sh

This script compiles the configurations into the deployable components. Any change in the configuration must be compiled to take effect. When you are running the script for the very first time it should be called as

> rsb-compiler.sh -setup-security-credential

This is to setup the security credential information for databases, WebLogic console, and so on. The security information is persisted to rsb-home/deployment-home/conf/security folder in an encrypted credential wallet file (cwallet.sso). For subsequent compilations the -setup-security-credential parameter is not needed. It is recommended to backup the security folder to save data entry in case of any reinstallation.

rsb-deployer.sh

This script deploys the specified component to WebLogic server. The WebLogic server must be running for the deployment to work. The script has many options as described below. You cannot combine options in a single step.

-deploy-rsb-service <Decorator Jar File>

This option is used to deploy a single decorator. Specify the jar file name as the parameter.

-deploy-all-rsb-service

This option is used to deploy all the decorator services for all the apps in scope.

-deploy-all-rsb-service-for-app <appName>

This option is used to deploy all the decorator services for the specified app.

-prepare-wls

This option is used to create and configure WebLogic for RSB installation. This option does the following configurations:

Creates the required data sources for RSB (jdbc/rsbAdminDs). Database user ID and password are taken from the wallet file created at compile time.
Sets the log file size and number of log files to keep
Creates the Log Filter (RsbLogFilter) and log broadcasting configurations.
Creates the data retirement policies for all servers.

-undeploy-rsb-service <Decorator Jar Name>

This option is used to undeploy a single service.

-undeploy-all-rsb-service

This option is used to undeploy all the decorator services for all apps in scope.

-undeploy-all-rsb-service-for-app <appName>

This option is used to undeploy all the services of the specified app.

download-app-service-wsdl.sh

This script is used only if one or more services are attached with security Policy A or B. The usage of the script is:

download-app-service-security-policy.sh [-a] [-s] [-u] [-h]
 -a,--app <app>  Download by application. <app> is the acronym of the application.

For example, rms, sim etc

 -h,--help Show usage information
 -s,--service <app service-name>   Download a single service. Specify app and service name separated by space

As shown above the script can be called for an app or for a service. If no parameters are specified, the script downloads the WSDLs for all the apps in scope. If you are running the script for an app or a service, it checks if the corresponding app is in scope. If the services are secured with https, make sure the trust certificates are in the trust store used by the script (conf/rsb-builder-internal-trust-store.jks)

generate-rsb-decorator-security-config.sh

This script is used only if one or more services are attached with security Policy A or B.

This script is run with no parameters. It generates all the internal configuration files required to configure RSB for the selected policy. The policy information is extracted from the downloaded WSDL.

setup-message-protection-security-credentials.sh

This script is used only if one or more services are attached with security Policy B.

This script captures credential information required for Policy B configuration and stores in the wallet file. Following information is captured.

keystore-csf-key: Keystore password for the RSB server policy B keystore.
RSB Server Alias. This alias name is server -public-private-key-alias prefixed with short hostname (hostname without the domain name) of the RSB server. For example, rsbhost-public-private-key-alias

Following two aliases are setup for each application in scope that has Policy B configured.

-remote-host-public-key-alias prefixed with app name and short host name of the edge app server. For example, sim-simhost-remote-host-public-key-alias
-user-alias prefixed with app name and service name. For example, igs-ASNInPublishing-user-alias. This alias will store the username and password used by the edge app for the services.

configure-rsb-app-server-for-security-policy-b.sh

This script is used only if one or more services are attached with security Policy B.

This script does the following configuration changes:

Creates WebLogic users for the applications using policy B. The usernames and passwords are taken from the credential wallet file. These credentials are set at when the previous script (setup-message-protection-security-credentials.sh) was run.
Updates domain wallet file for OWSM security configuration. For each app the encryption alias and passwords set the service assemble phase is read from the wallet file. The domain wallet file is updated with the information collected at the time of setup.
Updates the JPS config with keystore file (<server host> + -keystore.jks) and private key alias (<server host> + -public-private-key-alias).