|
Siebel Field Service Integration to Oracle Real-Time Scheduler Implementation Guide > Installing SOA Composites and Configuring This Integration > Process of Installing SOA Composites for This Integration >
Adding User Credentials to the Credential Store
This task is a step in Process of Installing SOA Composites for This Integration. A credential store is a repository that includes security data. It can include user name and password combinations or the public key certificates that allow Oracle Fusion Middleware to access an external system, such as Siebel CRM. Some integration flows call Siebel Inbound Web Services, which are secured Web services. You must configure this integration so that it can authenticate with these services. Before calling them, the integration flow extracts credentials from the credential store and then adds them to the SOAP header in the request. To add Siebel user credentials to the credential store
- Log in to Oracle Enterprise Manager.
- Choose Farm from the drop-down list.
- Expand the Farm_soa_doman tree, expand the WebLogic Domain tree, and then click soa_domain.
- Right-click soa_domain, choose Security, and then choose the Credentials menu item.
Oracle Enterprise Manager displays the Credentials page.
- In the Credentials page, create a credential map:
- In the Credential Store Provider section, click Create Map.
- In the Create Map dialog box, enter the following map name:
oracle.wsm.security
- Click OK.
Oracle Enterprise Manager displays the new credential map name. It includes a map icon.
- Add a key to the credential map that you created in Step 5:
- Click Create Key.
- In the Create Key dialog box, enter values using information from the following table.
|
|
Select Map |
Choose oracle.wsm.security. |
Key |
Enter SBL_WS_USER. |
Type |
Choose Password. |
User Name |
Enter the name of the Siebel user who is authorized to call a Siebel Web service. For example, SADMIN. |
Password |
Enter the password of the Siebel user who is authorized to call a Siebel Web service. |
- Click OK.
Oracle Enterprise Manager displays the new key under the map icon that identifies the map you chose. For more information, see Administering a Credential Key.
- Add another key to the credential map that you created in Step 5:
- Click Create Key.
- In the Create Key dialog box, enter values using information from the following table.
|
|
Select Map |
Choose oracle.wsm.security. |
Key |
Enter mwm.key. |
Type |
Choose Password. |
User Name |
Enter the name of the Oracle Real-Time Scheduler user who is authorized to call an Oracle Real-Time Scheduler Web service, for example, SYSUSER. |
Password |
Enter the password of the Oracle Real-Time Scheduler user who is authorized to call a Siebel Web service. |
- Click OK.
Oracle Enterprise Manager displays the new key under the map icon that identifies the map you chose. For more information, see Administering a Credential Key.
- On the Oracle Fusion Middleware Server, navigate to the Oracle Fusion Middleware configuration directory.
For example:
home/eng-sm/unixuser/Oracle/Middleware_11gPS1/user_projects/domains/soa_domain/config/fmwconfig
- Use an XML editor to open the following file:
system-jazn-data.xml
- Add the following code to the system-jazn-data.xml file:
<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jps.internal.core.principals.JpsAnonymousUserImpl</class>
<name>anonymous</name>
</principal>
<principal>
<class>oracle.security.jps.internal.core.principals.JpsAnonymousUserImpl</class>
<name>anonymous-role</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.security.jps.service.credstore.CredentialAccessPermission</class>
<name>context=SYSTEM,mapName=oracle.wsm.security,keyName=SBL_WS_USER</name>
<actions>read</actions>
</permission>
</permissions>
<permission-set-refs>
</permission-set-refs>
</grant>
- Save the system-jazn-data.xml file.
- Restart the Oracle Fusion Middleware Server.
Administering a Credential Key
You can administer a credential key. To administer a credential key
- In Oracle Enterprise Manager, navigate to the Credentials page.
- Do any of the following:
- To remove a key or map, click Delete. If you delete a credential map, then Oracle Enterprise Manager deletes all keys in the map.
- To view or modify the data in a key or map, click Edit.
- To display credentials for a key, enter the key name in the Credential Key Name window and then click the arrow.
- To refresh the list of credentials after you examine the results of a query, repeat Step 4.
Deleting Policies from WSM Policies
NOTE: This topic is specific to only FMW 12C.
Few policies must be removed to prevent failing of scenarios related to AdminDataManagement flow. These unrequired policies are getting added to AdminDataManagementFlow. To remove policies
- Log into Weblogic Enterprise Manager, expand the WebLogic domain, and right-click on your domain, select WebServices>WSM Policies.
- Delete the following two policies:
- oracle/aia_wss_saml_or_username_token_service_policy_OPT_ON
- oracle/aia_wss10_saml_token_client_policy_OPT_ON
Granting Credential Map in System Policies
NOTE: This topic is specific to only FMW 12C.
This step is required because the SBL_WS_USER key that stores Siebel credentials is retrieved through Oracle BPEL Java Exec activity in FMW Composite flows for invoking Siebel webservices. To grant Credential Map
- Log into Weblogic Enterprise Manager, expand the WebLogic domain, and right-click on your domain, select Security>System Policies.
- Click on the Create button in System Policies.
- In Codebase, enter file:${domain.home}/servers/${weblogic.Name}/dc/- and click Add in Create System Grant.
- Select the checkbox Select here to enter details for a new permission.
- Enter the following properties:
- Permission Class: oracle.security.jps.service.credstore.CredentialAccessPermission
- Resource Name: context=SYSTEM, mapName=oracle.wsm.security,keyName=*
- Permission Actions: read
- Click Ok and Ok again.
|
