4Configuring Oracle Policy Automation

Overview of Oracle Policy Automation Configuration

This topic provides an overview of how Oracle Policy Automation is used within Public Sector Compliance and Regulation and how it is configured.

If your site already has an installation of Oracle Policy Automation, you can integrate its functionality with the permits service. The policy models created in Oracle Policy Automation can act as the logic models running behind questionnaires that citizens fill out to determine which permits they need to apply for depending on the nature of the project they are planning.

The topics in this chapter describe the setup pages that an administrator would view and use to configure the mapping of metadata between the permits service and the Oracle Policy Automation application.

Note: Most of the data displayed on the pages within the Policy Modeling menu folder are read-only. In the current release, you do not create or update the definitions such as entity models, metadata models, or enumerations. These definitions are provided for your implementation in the form of delivered seed data. This documentation is provided to describe the visible information related to the policy modeling feature. Only the Metadata Models page contains fields that can be updated.

Setting Up Entity Models

This topic describes the settings used to configure entity models used when implementing Oracle Policy Automation for use with the permits application.

Adding an Entity Model

Select Policy Modeling > Entity Models.
Click Add.

On the Entity Model Details page, enter these values:

Page Elements	Description
Name	Enter a name to identify the model within the application.
Description	Provide additional information regarding the purpose of the model.
Enabled	Use to enable or disable a model by turning the control on or off.

Click Add in the Entities grid.

On the Entity Details page, enter these values:

Page Elements	Description
Name	Name of the entity.
Description	Additional information to identify the entity and describe its purpose.
Hidden from Policy Modeling	If set to true, then this entry will not be present in the Get MetaData response to Oracle Policy Automation.
Top-Level Entity	Indicates if the object is the highest level entity object.
Policy Modeling Name	The functional name for an entity or attribute as it appears within Oracle Policy Automation.
Use as Mapped in Entity	Defines if the entity object can be selected as an input entity.
Use as Mapped Out Entity	Determines if the entity object can be selected as an output entity.
Parent Entity Name	The name of the parent entity object of a child object.
Cardinality with Parent Entity	Indicates the cardinality relationship with the parent entity object, such as one-to-one, one-to-many, many-to-one, or many-to-many.
Policy Modeling Relationship Name	The name of the relationship between two entities as it appears in Oracle Policy Automation.
Supports Attachment	Determines if attachments can be collected for rows of the entity object.

Click Add in the Entity Attributes grid to add attributes for the entity.

On the Entity Attribute Details page, enter these values:

Page Elements	Description
Name	The system name of the entity attribute.
Data Type	The data type of the attribute as it is defined in Oracle Policy Automation. For example: java.lang.String java.lang.Long
Primary Key	The primary key of the underlying view object.
Policy Modeling Name	The functional display name for an entity or attribute as it appears in Oracle Policy Automation.
Hidden from Policy Modeling	If set to true, then this entry will not be present in the Get MetaData response to Oracle Policy Automation.
Mandatory	Determines if the field must be mapped from an attribute in a policy model.
Policy Modeling Data Type	Describes the data type of the field defined in Oracle Policy Automation. It must be specified if no enumeration-type attribute is provided, and it cannot be specified if an enumeration-type attribute is provided. Options are: String Boolean Decimal Date Date-time Time-of-day
Use as Mapped In Attribute	Determines if the field can mapped from an attribute for the purpose of submitting data.
Use as Mapped Out Attribute	Determines if the field can mapped from an attribute for the purpose of submitting data.
Default Value	Enter a default value for this attribute. If added, the application includes the value in the load response to Oracle Policy Automation.
Enumeration Name	Specifies the ID of the enumeration that defines a field's data type.

Click Save.
Click Save on the Entity Details page.
Click Save on the Entity Model Details page.

Setting Up Metadata Models

This topic describes how to set up Oracle Policy Automation metadata models and define entity relationships.

To set up Oracle Policy Automation metadata models:

Select Policy Modeling > Metadata Models.
Click Add for the Metadata Models grid.

On the Metadata Models Details page, add enter these values:

Note: You can update the following fields for a metadata model definition: Supports Policy Modeling Checkpoints, Anonymous Users Can Save Data, and Active Model. By default these fields are turned-off. You can turn them on according to your business requirements.

Page Element	Description
Name	Enter the functional display name of the metadata model.
Description	Provide additional description to identify the purpose of the metadata model.
Supports Policy Modeling Checkpoints	Turn on to indicate that the metadata model is designed to support checkpoints.
Anonymous Users Can Save Data	Turn on to enable the anonymous (non-signed-in user) to save data.
Active Model	Turn on to activate or deactivate the model.

Click Add for the Metadata Entity Relationships grid, and enter these values:

Page Element	Description
Name	Enter the entity relationship name.
Mark as Global Entity	Turn on if the entity is global.
Cardinality with Global Entity	Indicate the cardinality with the global entity (one-to-many, many-to-one, and so on).
Policy Modeling Relationship Name	The name of the relationship between two entities as it defined within in Oracle Policy Automation.

Click Add for the Metadata Entity Links grid, and enter these values:

Page Element	Description
Source Entity Policy Modeling Name	Represents the policy modeling name for the entity in the source entity model.
Target Entity Model Name	Enter the target entity model.
Target Entity Policy Modeling Name	Represents the policy modeling name for the entity in the target entity model for this link.
Description	Provide any additional details to describe the purpose of metadata entity link.
Cardinality with Target Entity	Indicate the cardinality with the target entity (one-to-many, many-to-one, and so on).
Policy Modeling Relationship Name	The name of the relationship between two entities as it appears in Oracle Policy Automation.

Click Save.
Click Save on the Metadata Entity Relationship Details page.
Click Save on the Metadata Model Details page.

Setting Up Enumerations

This topic describes how to configure enumerations for policy modeling. An enumeration is a tool for managing lists of potential values for a non-boolean attribute in your policy model. Enumeration are also referred to as value lists.

To add an enumeration:

Select Policy Modeling > Enumerations.
On the Enumerations page, click Add.

On the Enumerations Details page, enter these values:

Page Element	Description
Enumeration Name	The functional display name of the enumeration.
Enumeration Type	The data type of the enumeration, such as: String Number Boolean Time
Description	Provide additional information to help describe the purpose of the enumeration.
Child Enumeration Name	Specify the name of a linked child enumeration, as needed.

Click Add for the Enumeration Values grid.

On the Enumeration Value Details page, enter these values:

Page Element	Description
Enumeration Value	Enter the function display name of the enumeration value.
Description	Provide additional information to describe the purpose of the enumeration value.

Click Add for the Child Enumeration Values grid for any child enumeration values.

Page Element	Description
Child Enumeration Value	Enter the function display name of the child enumeration value.
Description	Provide additional information to describe the purpose of the child enumeration value.

Click Save.
Click Save on the Enumeration Value Details page.
Click Save on the Enumeration Details page.

Mapping Enumerations to Metadata Models

This topic describes how to map defined enumerations to existing metadata models.

To map an enumeration to a metadata model:

Select Policy Modeling > Enumeration Mapping.
Click Add for the Metadata Models grid.
On the Metadata Models Details page, enter the name of the existing metadata model to which you want to map the enumeration.

Note: Once added, the remaining attributes, such as Supports Policy Modeling Checkpoints, are read from the metadata model definition.
Click Add for the Metadata Entity Relationships grid.

On the Metadata Entity Relationship Details page, enter these values:

Page Element	Description
Name	Enter a name for the relationship.
Mark as Global Entity	Indicates if this is a global entity for this metadata model.
Cardinality with Global Entity	Specify the cardinality relationship that this entity has with the global entity identified for this metadata model, such as one-to-one, one-to-many, and so on.
Policy Modeling Relationship Name	The name of the relationship between two entities as it appears in Oracle Policy Automation.

Click Add for the Metadata Entity Links grid.

On the Metadata Entity Link Details page, enter these values:

Page Element	Description
Source Entity Policy Modeling Name	Enter the policy modeling name for the entity in the source entity model for this link.
Target Entity Model Name	Enter the target entity model for this link.
Target Entity Policy Modeling Name	Enter the policy modeling name for the entity in the target entity model for this link.
Description	Provide any additional information to describe the purpose of this metadata entity link.
Cardinality with Target Entity	Specify the cardinality relationship that this entity has with the target entity model name identified for this metadata link, such as one-to-one, one-to-many, and so on.
Policy Modeling Relationship Name	The name of the relationship between two entities as it appears in Oracle Policy Automation.

Click Save.
Click Save on the Metadata Entity Relationship Details page.
Click Save on the Metadata Model Details page.

Managing Proxy Users

This topic describes how to manage proxy users for enabling integration between Oracle Policy Automation and your Public Sector Compliance and Regulation service.

Oracle Policy Automation connects to your Public Sector Compliance and Regulation service through a provided web service connector named pscOpaWSConnector.

This connector requires proper WS-Security credentials to handle the transactions between the Public Sector Compliance and Regulation service and the Oracle Policy Automation service.

When configuring the connection within the OPA hub, in the WS-Security section of the New Connection page, a user ID and password is required.

The user ID entered must have the following role within their role hierarchy:

PSC Oracle Policy Automation Proxy User (ORA_PSC_OPA_PROXY_USER_DUTY)

This duty role contains the following privilege:

Access Oracle Policy Automation Web Service Connector Privilege (PSC_OPA_WSC_PRIV)

This privilege allows the proxy user to integrate Oracle Policy Automation with your Public Sector Compliance and Regulation service.

By default, the delivered SYSTEM_ADMIN has the PSC System Administrator job role, which inherits the PSC Oracle Policy Automation Proxy User duty role. Any custom (cloned) role or created user must have PSC Oracle Policy Automation Proxy User duty role if you intend to use that user ID as the proxy user for the Oracle Policy Automation WS-Security credentials.

Managing OPA Hub

Administrators set up the Oracle Policy Automation required to integrate with Public Sector Compliance and Regulation services.

OPA Setup for Integrating with Public Sector Compliance and Regulation

This is a two-step process:

Authorizing Embedded Interviews
Creating Connections

Authorizing Embedded Interviews

Log in to the Policy Automation Hub web interface with the user credentials of Deploy Admin.
Click the Deployment tile to open the Deployment page. The page lists all the projects currently deployed. Click Actions and select the Authorize Embedded Interviews button to open the Authorize Hosts page.
On the Authorize Hosts page, click the Add a Host Address button and enter the Public Sector Compliance and Regulation application host address in the Host address field.
Click Apply.

Creating Connections

Log in to the Policy Automation Hub web interface with the user credentials of Deploy Admin.
Click the Connections button on the banner to open the Connections page.

On the Connections page, click the Actions drop-down menu and select Create a new Connection option to open the New Connection page and enter values for the various fields:

Page Element	Description
Name	Enter a name for the connection.
Type	Select Web service.
Collection Access	Select the collection that you have created, to gain access to the connection. Click Allow. The default value for this field is Default Collection. You can include any additional collections that you want to allow access to.
URL	Enter the URL of the connector, which is deployed with other services – the FSCM base URI from the topology manager. Append the below string to the URL of the connector as shown here: <FSCM base URI>/fscmPojoService/pscOpaWSConnector?MDMN=OPAResult
Use Custom Certificate (optional)	Select to use a custom certificate defined in Policy Automation Hub. These custom certificates will be recognized by outbound https calls made by a Policy Automation site. If not selected, the connection will only trust the built-in root certificates.
Version	Select the following web service version: http://xmlns.oracle.com/policyautomation/hub/12.2.5/metadata/types
SOAP ActionPattern (optional)	Specify the soap:operation soapAction name expected by the web service.

OAUTH for Data Operations:

Page Element	Description
Provide OAUTH bearer token in HTTP header on Load and Save actions	Select to allow you to enter a URL parameter and enter the value jwt in the URL Parameter field. The token's value is passed by specifying the parameter in the query string of the interview's startsession URL. This value is then passed to the Web Service connector as an OAuth 2.0 HTTP Authorization header whenever a Load or Save request is sent.

Page Element

Description

Provide OAUTH bearer token in HTTP header on Load and Save actions

Select to allow you to enter a URL parameter and enter the value jwt in the URL Parameter field.

The token's value is passed by specifying the parameter in the query string of the interview's startsession URL. This value is then passed to the Web Service connector as an OAuth 2.0 HTTP Authorization header whenever a Load or Save request is sent.

WS-Security:

Page Element	Description
Provide WS-Security Username token in SOAP actions.	Select the option to allow you to enter values for the fields in the section.
Applies to	Select applies to All.
Username	Enter a username for the purpose of connecting securely to the web service. Note that this is not related to the username of the logged-in Policy Automation Hub user. If you have installed OPA, then as part of the Fusion Onboarding process you must have created a user having the following OPA proxy user Duty role: ORA_PSC_OPA_PROXY_USER_DUTY. Use the same user name in this field.
New Password	Enter a password.
Include timestamp with a 5 minute expiration (optional).	Select to include a timestamp with a validity of 5 minutes. Note: The web service connector time must be synchronized to OPA server.

Click Save and Close to complete the process of creating a new connection.

Managing OPA Policies for Agency

This topic describes how to set up OPA Policies for your Agency.

Navigate to the Agency Information page.
Search and select your agency row to open the Agency Information – Details page. Click the Features tab.
You will see that your offering is enabled; click the Options link on the row to open the Permit Options page.

On the Permit Options page, under the Oracle Policy Automation Definition section enter a value for:

Page Element	Description
Oracle Policy Automation ID	Enter the deployment name listed in the Deployment page. The Deployment page is where the deployment and activation of policy models is managed. Note: To access the Deployment page, log in to the Policy Automation Hub web interface with a user role of Policy Author or Deploy Admin. On the Dashboard page, click the deployments tile to open the Deployments page. From the list of all projects currently deployed, select the desired deployment name.

Page Element

Description

Oracle Policy Automation ID

Enter the deployment name listed in the Deployment page. The Deployment page is where the deployment and activation of policy models is managed.

Note: To access the Deployment page, log in to the Policy Automation Hub web interface with a user role of Policy Author or Deploy Admin. On the Dashboard page, click the deployments tile to open the Deployments page. From the list of all projects currently deployed, select the desired deployment name.

Click Save.

Note: You must repeat the steps outlined in this topic and in the Setting Up Metadata Models topic when you are moving the content from the Test environment to your Production environment.