4Configuring Oracle Policy Automation
Overview of Oracle Policy Automation Configuration
This topic provides an overview of how Oracle Policy Automation is used within Public Sector Compliance and Regulation and how it is configured.
If your site already has an installation of Oracle Policy Automation, you can integrate its functionality with the permits service. The policy models created in Oracle Policy Automation can act as the logic models running behind questionnaires that citizens fill out to determine which permits they need to apply for depending on the nature of the project they are planning.
The topics in this chapter describe the setup pages that an administrator would view and use to configure the mapping of metadata between the permits service and the Oracle Policy Automation application.
Setting Up Entity Models
This topic describes the settings used to configure entity models used when implementing Oracle Policy Automation for use with the permits application.
Adding an Entity Model
Select
.Click Add.
On the Entity Model Details page, enter these values:
Page Elements
Description
Name
Enter a name to identify the model within the application.
Description
Provide additional information regarding the purpose of the model.
Enabled
Use to enable or disable a model by turning the control on or off.
Click Add in the Entities grid.
On the Entity Details page, enter these values:
Page Elements
Description
Name
Name of the entity.
Description
Additional information to identify the entity and describe its purpose.
Hidden from Policy Modeling
If set to true, then this entry will not be present in the Get MetaData response to Oracle Policy Automation.
Top-Level Entity
Indicates if the object is the highest level entity object.
Policy Modeling Name
The functional name for an entity or attribute as it appears within Oracle Policy Automation.
Use as Mapped in Entity
Defines if the entity object can be selected as an input entity.
Use as Mapped Out Entity
Determines if the entity object can be selected as an output entity.
Parent Entity Name
The name of the parent entity object of a child object.
Cardinality with Parent Entity
Indicates the cardinality relationship with the parent entity object, such as one-to-one, one-to-many, many-to-one, or many-to-many.
Policy Modeling Relationship Name
The name of the relationship between two entities as it appears in Oracle Policy Automation.
Supports Attachment
Determines if attachments can be collected for rows of the entity object.
Click Add in the Entity Attributes grid to add attributes for the entity.
On the Entity Attribute Details page, enter these values:
Page Elements
Description
Name
The system name of the entity attribute.
Data Type
The data type of the attribute as it is defined in Oracle Policy Automation. For example:
java.lang.String
java.lang.Long
Primary Key
The primary key of the underlying view object.
Policy Modeling Name
The functional display name for an entity or attribute as it appears in Oracle Policy Automation.
Hidden from Policy Modeling
If set to true, then this entry will not be present in the Get MetaData response to Oracle Policy Automation.
Mandatory
Determines if the field must be mapped from an attribute in a policy model.
Policy Modeling Data Type
Describes the data type of the field defined in Oracle Policy Automation. It must be specified if no enumeration-type attribute is provided, and it cannot be specified if an enumeration-type attribute is provided.
Options are:
String
Boolean
Decimal
Date
Date-time
Time-of-day
Use as Mapped In Attribute
Determines if the field can mapped from an attribute for the purpose of submitting data.
Use as Mapped Out Attribute
Determines if the field can mapped from an attribute for the purpose of submitting data.
Default Value
Enter a default value for this attribute. If added, the application includes the value in the load response to Oracle Policy Automation.
Enumeration Name
Specifies the ID of the enumeration that defines a field's data type.
Click Save.
Click Save on the Entity Details page.
Click Save on the Entity Model Details page.
Setting Up Metadata Models
This topic describes how to set up Oracle Policy Automation metadata models and define entity relationships.
To set up Oracle Policy Automation metadata models:
Select
.Click Add for the Metadata Models grid.
On the Metadata Models Details page, add enter these values:
Note: You can update the following fields for a metadata model definition: Supports Policy Modeling Checkpoints, Anonymous Users Can Save Data, and Active Model. By default these fields are turned-off. You can turn them on according to your business requirements.Page Element
Description
Name
Enter the functional display name of the metadata model.
Description
Provide additional description to identify the purpose of the metadata model.
Supports Policy Modeling Checkpoints
Turn on to indicate that the metadata model is designed to support checkpoints.
Anonymous Users Can Save Data
Turn on to enable the anonymous (non-signed-in user) to save data.
Active Model
Turn on to activate or deactivate the model.
Click Add for the Metadata Entity Relationships grid, and enter these values:
Page Element
Description
Name
Enter the entity relationship name.
Mark as Global Entity
Turn on if the entity is global.
Cardinality with Global Entity
Indicate the cardinality with the global entity (one-to-many, many-to-one, and so on).
Policy Modeling Relationship Name
The name of the relationship between two entities as it defined within in Oracle Policy Automation.
Click Add for the Metadata Entity Links grid, and enter these values:
Page Element
Description
Source Entity Policy Modeling Name
Represents the policy modeling name for the entity in the source entity model.
Target Entity Model Name
Enter the target entity model.
Target Entity Policy Modeling Name
Represents the policy modeling name for the entity in the target entity model for this link.
Description
Provide any additional details to describe the purpose of metadata entity link.
Cardinality with Target Entity
Indicate the cardinality with the target entity (one-to-many, many-to-one, and so on).
Policy Modeling Relationship Name
The name of the relationship between two entities as it appears in Oracle Policy Automation.
Click Save.
Click Save on the Metadata Entity Relationship Details page.
Click Save on the Metadata Model Details page.
Setting Up Enumerations
This topic describes how to configure enumerations for policy modeling. An enumeration is a tool for managing lists of potential values for a non-boolean attribute in your policy model. Enumeration are also referred to as value lists.
To add an enumeration:
Select
.On the Enumerations page, click Add.
On the Enumerations Details page, enter these values:
Page Element
Description
Enumeration Name
The functional display name of the enumeration.
Enumeration Type
The data type of the enumeration, such as:
String
Number
Boolean
Time
Description
Provide additional information to help describe the purpose of the enumeration.
Child Enumeration Name
Specify the name of a linked child enumeration, as needed.
Click Add for the Enumeration Values grid.
On the Enumeration Value Details page, enter these values:
Page Element
Description
Enumeration Value
Enter the function display name of the enumeration value.
Description
Provide additional information to describe the purpose of the enumeration value.
Click Add for the Child Enumeration Values grid for any child enumeration values.
Page Element
Description
Child Enumeration Value
Enter the function display name of the child enumeration value.
Description
Provide additional information to describe the purpose of the child enumeration value.
Click Save.
Click Save on the Enumeration Value Details page.
Click Save on the Enumeration Details page.
Mapping Enumerations to Metadata Models
This topic describes how to map defined enumerations to existing metadata models.
To map an enumeration to a metadata model:
Select
Click Add for the Metadata Models grid.
-
On the Metadata Models Details page, enter the name of the existing metadata model to which you want to map the enumeration.Note: Once added, the remaining attributes, such as Supports Policy Modeling Checkpoints, are read from the metadata model definition.
Click Add for the Metadata Entity Relationships grid.
On the Metadata Entity Relationship Details page, enter these values:
Page Element
Description
Name
Enter a name for the relationship.
Mark as Global Entity
Indicates if this is a global entity for this metadata model.
Cardinality with Global Entity
Specify the cardinality relationship that this entity has with the global entity identified for this metadata model, such as one-to-one, one-to-many, and so on.
Policy Modeling Relationship Name
The name of the relationship between two entities as it appears in Oracle Policy Automation.
Click Add for the Metadata Entity Links grid.
On the Metadata Entity Link Details page, enter these values:
Page Element
Description
Source Entity Policy Modeling Name
Enter the policy modeling name for the entity in the source entity model for this link.
Target Entity Model Name
Enter the target entity model for this link.
Target Entity Policy Modeling Name
Enter the policy modeling name for the entity in the target entity model for this link.
Description
Provide any additional information to describe the purpose of this metadata entity link.
Cardinality with Target Entity
Specify the cardinality relationship that this entity has with the target entity model name identified for this metadata link, such as one-to-one, one-to-many, and so on.
Policy Modeling Relationship Name
The name of the relationship between two entities as it appears in Oracle Policy Automation.
Click Save.
Click Save on the Metadata Entity Relationship Details page.
Click Save on the Metadata Model Details page.
Managing Proxy Users
This topic describes how to manage proxy users for enabling integration between Oracle Policy Automation and your Public Sector Compliance and Regulation service.
Oracle Policy Automation connects to your Public Sector Compliance and Regulation service through a provided web service connector named pscOpaWSConnector.
This connector requires proper WS-Security credentials to handle the transactions between the Public Sector Compliance and Regulation service and the Oracle Policy Automation service.
When configuring the connection within the OPA hub, in the WS-Security section of the New Connection page, a user ID and password is required.
The user ID entered must have the following role within their role hierarchy:
PSC Oracle Policy Automation Proxy User (ORA_PSC_OPA_PROXY_USER_DUTY)
This duty role contains the following privilege:
Access Oracle Policy Automation Web Service Connector Privilege (PSC_OPA_WSC_PRIV)
This privilege allows the proxy user to integrate Oracle Policy Automation with your Public Sector Compliance and Regulation service.
By default, the delivered SYSTEM_ADMIN has the PSC System Administrator job role, which inherits the PSC Oracle Policy Automation Proxy User duty role. Any custom (cloned) role or created user must have PSC Oracle Policy Automation Proxy User duty role if you intend to use that user ID as the proxy user for the Oracle Policy Automation WS-Security credentials.
Managing OPA Hub
Administrators set up the Oracle Policy Automation required to integrate with Public Sector Compliance and Regulation services.
OPA Setup for Integrating with Public Sector Compliance and Regulation
This is a two-step process:
Authorizing Embedded Interviews
Creating Connections
Authorizing Embedded Interviews
Log in to the Policy Automation Hub web interface with the user credentials of Deploy Admin.
Click the Deployment tile to open the Deployment page. The page lists all the projects currently deployed. Click Actions and select the Authorize Embedded Interviews button to open the Authorize Hosts page.
On the Authorize Hosts page, click the Add a Host Address button and enter the Public Sector Compliance and Regulation application host address in the Host address field.
Click Apply.
Creating Connections
Log in to the Policy Automation Hub web interface with the user credentials of Deploy Admin.
Click the Connections button on the banner to open the Connections page.
On the Connections page, click the Actions drop-down menu and select Create a new Connection option to open the New Connection page and enter values for the various fields:
Page Element
Description
Name
Enter a name for the connection.
Type
Select Web service.
Collection Access
Select the collection that you have created, to gain access to the connection. Click Allow.
The default value for this field is Default Collection. You can include any additional collections that you want to allow access to.
URL
Enter the URL of the connector, which is deployed with other services – the FSCM base URI from the topology manager. Append the below string to the URL of the connector as shown here:
<FSCM base URI>/fscmPojoService/pscOpaWSConnector?MDMN=OPAResult
Use Custom Certificate (optional)
Select to use a custom certificate defined in Policy Automation Hub. These custom certificates will be recognized by outbound https calls made by a Policy Automation site. If not selected, the connection will only trust the built-in root certificates.
Version
Select the following web service version:
http://xmlns.oracle.com/policyautomation/hub/12.2.5/metadata/types
SOAP ActionPattern (optional)
Specify the soap:operation soapAction name expected by the web service.
OAUTH for Data Operations:
Page Element
Description
Provide OAUTH bearer token in HTTP header on Load and Save actions
Select to allow you to enter a URL parameter and enter the value jwt in the URL Parameter field.
The token's value is passed by specifying the parameter in the query string of the interview's startsession URL. This value is then passed to the Web Service connector as an OAuth 2.0 HTTP Authorization header whenever a Load or Save request is sent.
WS-Security:
Page Element
Description
Provide WS-Security Username token in SOAP actions.
Select the option to allow you to enter values for the fields in the section.
Applies to
Select applies to All.
Username
Enter a username for the purpose of connecting securely to the web service. Note that this is not related to the username of the logged-in Policy Automation Hub user.
If you have installed OPA, then as part of the Fusion Onboarding process you must have created a user having the following OPA proxy user Duty role: ORA_PSC_OPA_PROXY_USER_DUTY. Use the same user name in this field.
New Password
Enter a password.
Include timestamp with a 5 minute expiration (optional).
Select to include a timestamp with a validity of 5 minutes. Note: The web service connector time must be synchronized to OPA server.
Click Save and Close to complete the process of creating a new connection.
Managing OPA Policies for Agency
This topic describes how to set up OPA Policies for your Agency.
Navigate to the Agency Information page.
Search and select your agency row to open the Agency Information – Details page. Click the Features tab.
You will see that your offering is enabled; click the Options link on the row to open the Permit Options page.
On the Permit Options page, under the Oracle Policy Automation Definition section enter a value for:
Page Element
Description
Oracle Policy Automation ID
Enter the deployment name listed in the Deployment page. The Deployment page is where the deployment and activation of policy models is managed.
Note: To access the Deployment page, log in to the Policy Automation Hub web interface with a user role of Policy Author or Deploy Admin. On the Dashboard page, click the deployments tile to open the Deployments page. From the list of all projects currently deployed, select the desired deployment name.Click Save.