6 Deploying, Testing, and Securing UIM Web Services

This chapter provides information about deploying, testing, and securing Oracle Communications Unified Inventory Management (UIM) Web Services and any custom web services you may have created.

Deploying Web Services

Note:

In UIM cloud native deployments, you must build customized images for deploying web services. For more information, see "Customizing Images" in UIM Cloud Native Deployment Guide.

Each web service is packaged in a WAR file, which is packaged in an EAR file. When you deploy the EAR file, you also deploy any web services that are packaged within the EAR file.

For example, the Service Fulfillment Web Service is packaged in the inventory.ear file, within the InventoryWS.war file. So, when you deploy the inventory.ear file, you also deploy the Service Fulfillment Web Service.

For instructions on how to deploy the inventory.ear file, see "Unified Inventory Management System Administration Overview" in UIM System Administrator's Guide.

For custom web services, you have the option of placing the custom WAR file within the custom.ear file, within any custom EAR file, or within the inventory.ear file. So, when you deploy the custom.ear file, or the specified custom EAR file, or the inventory.ear file, you also deploy the custom web service. See Developing Custom SOAP Web Services for more information.

Note:

If custom web services are packaged as part of an EAR file, the EAR must have a deployment plan defined with the following:

1. The plan directory is UIM_Home/app/plan. This is to ensure that the EclipseLink cache coordination configuration is available in the classpath for the custom EAR file.

2. For the deployment plan (the XML configuration file) ensure the following conditions are met:

• If the EAR file has a deployment plan, it must be created under the plan directory UIM_Home/app/plan.

• If the EAR file does not have any deployment plan, associate the existing plan (located under the plan directory UIM_Home/app/plan as plan.xml), to the custom EAR deployment. For a clustered environment, the plan file name is ClusterPlan.xml.

Verifying Deployments

You can verify that any UIM web service is deployed by viewing it in the WebLogic Server Administration Console.

To verify that a UIM web service is deployed:

1. Log in to the WebLogic Remote Console.

2. Click Monitoring Tree.

3. In the left panel, under Domain Structure, navigate to Environment, Servers, AdminServer, Deployments, and then Application Runtimers.

   The Summary of Application Runtimers page appears.

4. Expand oracle.communications.inventory.

5. Under oracle.communications.inventory, expand Component Runtimers.

6. Click the link that represents the name of the web service.

   The Settings page for the selected web service appears.

7. Click the Testing tab.

8. Expand the name of the web service.

9. Under the expanded web service, edit the Context Root URL to the required WSDL URL of the web service endpoint.

   The WSDL file appears. Here, you can view the web service operations that are deployed.

Testing Web Services

After you successfully deploy the web service, you can test the web service.

Web services can be tested by using any software designed to test web services, such as:

• LISA for testing SOAP XML through HTTP or JMS

• SoapUI for testing SOAP XML through HTTP

  Note:

  If you want to test the UIM cloud native instance, you should update proxy settings in SoapUI Preferences to exclude the domain name. The default domain name in the UIM cloud native toolkit is uim.org.

• HermesJMS for testing SOAP XML through JMS

Test Input XML

The UIM installation provides the GSM 3GPP cartridge pack and the Cable TV cartridge pack, and both cartridge packs use the Service Fulfillment Web Service. The cartridge packs provide test input XML that you can use to test the Service Fulfillment Web Service operations. For additional information about these cartridge packs, see UIM GSM 3GPP Cartridge Pack Guide and UIM Cable TV Cartridge Pack Guide.

You can also generate your own test input XML by using any software that generates XML based on schema, such as XML Spy, LISA, SoapUI, and so forth.

Pre-configuration for Testing

Before running the Service Fulfillment Web Service operations, you must have the UIM base cartridges deployed into your UIM environment. The base cartridges are located in the UIM_SDK_Home/cartridges/base directory. For additional information about the base cartridges, see "Overview" in UIM Cartridge Guide.

Be aware of any pre-configurations that must be in place before testing any custom web services.

Securing Web Services

Note:

In UIM cloud native deployments, changes such as Adding Policy, Updating Policy, Removing Policy, or Updating Deployment Plan that you perform using Oracle WebLogic Console do not persist once the domain restarts. Therefore, before making the changes, you should package the updates in a customized image. Refer to UIM System Administration Guide for more information on securing web services. Refer to the following sections to understand policies.

The Service Fulfillment Web Service has security enabled upon installation. Specifically, the HTTP and JMS web service ports are associated to the default WebLogic security policy file, Auth.xml. As a result, a user name and password must be sent in clear text over a secure tunnel (HTTPS/t3s).

Note:

The user name and password, and the payload, are not encrypted to avoid significant performance impacts.

When you create a new web service, it is up to you to secure the web service. See "Securing Custom Web Services" for more information.

About Policy Files

A policy file can be associated to a port, or to a specific operation defined for the port. When a policy file is associated to a port, it automatically secures all operations defined for the web service. When a policy file is not associated to a port, a policy file can be associated to one or more operations. If necessary, each operation can specify a different policy file. If no policy file is associated to the port, or to any operations, the web service is unsecured and no security validations are performed.

Upon installation of UIM, the WebLogic default policy file, Auth.xml, is associated to UIMInventoryHTTPPort and UIMInventoryJMSPort. So, all operations are automatically secured, and all operations under each port require a user name and password in the SOAP message header. Example 6-1 shows a SOAP message header with a user name and password specified.

Example 6-1 SOAP Message Header

<soapenv:Envelope xmlns:com="http://xmlns.oracle.com/communications/inventory/webservice/common" xmlns:ser="http://xmlns.oracle.com/communications/inventory/webservice/service" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Header>
        <wsse:Security soapenv:mustUnderstand="1"
        xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
        wss-wssecurity-secext-1.0.xsd">
            <wsse:UsernameToken wsu:Id="UsernameToken-1"
            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
            wss-wssecurity-utility-1.0.xsd">
            <wsse:Username>uimuser1</wsse:Username>
                <wsse:Password
                    Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
                    wss-username-token-profile-1.0#PasswordText">Welcome@123
                </wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body>
        <ser:captureInteractionRequest>
            .
            .
            .
        </ser:captureInteractionRequest>
    </soapenv:Body>
</soapenv:Envelope>

Modifying Web Service Security

You can modify the default security settings through the WebLogic Server Administration Console.

To modify the default web service security settings, see the following:

• Accessing Security

• Associating a Policy File

• Disassociating a Policy File

• Modifying the Deployment Plan

Accessing Security

You can access the security policy currently applied to the web service at:

• WSDL
• Deployment plan
• WEB-INF\weblogic-webservices-policy.xml

For information on accessing the security policies in WSDL, see "Verifying Deployments".

For information on accessing the security policies in deployment plan and WEB-INF\weblogic-webservices-policy.xml, see "Authenticating Web Services in UIM" in UIM System Administrator's Guide.

Associating a Policy File

You can associate a policy file to a port, or to a specific operation defined for the port. Use this capability to configure security for the web service.

For more information on accessing security, see "Accessing Security" and for information on adding authentication to the web services, see "Authenticating Web Services" in UIM System Administrator's Guide.

Disassociating a Policy File

Remove the policy file from the location or path where you initially added it during association.

For more information on accessing security, see "Accessing Security" and for information on associating a policy file, see "Associating a Policy File".

Securing Custom Web Services

When you create a new web service, it is up to you to secure it. How you secure the web service depends upon how you created the web service. For example, if your custom web service is deployed with the custom.ear file, create a separate deployment plan. If your custom web service is deployed with the inventory.ear file, modify the existing deployment plan associated with inventory.ear that is provided with the UIM installation (UIM_Home/app/plan/Plan.xml).

To secure a custom web service, configure security for the web service.

For more information on accessing security, see "Accessing Security" and for information on associating a policy file, see "Associating a Policy File".