Configuration Tasks for the Adapter Development Kit
This section describes the tasks that should be taken after installing Oracle Utilities Smart Grid Gateway Adapter Development Kit, including:
Note: Oracle Enterprise Manager may be required for some of the security setups and for monitoring SOA. If Oracle Enterprise Manager is required, you need to extend the example SOA WebLogic domain and enable Enterprise Manager using WebLogic's configuration utility.
Deploying the OSB Adapter for the Adapter Development Kit
The OSB adapter can be deployed on the bundled WebLogic example server instance or on a separate WebLogic server. To deploy the OSB adapter, use the following procedures:
To Deploy on the Example WebLogic Instance
1. Create the following directories under <OSB_LOG_DIR>:
dg-csv-error
dg-csv
dg-xml-error
dg-xml-arch
dg-xml
dg-csv-arch
dg-seeder-error
dg-seeder-arch
dg-seeder
 
2. Start the example OSB WebLogic instance.
UNIX
cd $SPLEBASE/osbapp
./startWebLogic.sh
 
Windows
cd %SPLEBASE%\osbapp
startWebLogic.cmd
 
3. Create JMS queues and target them to the OSB admin server:
Create a JMS server “OSB-Timeserver” and target it to admin server.
Create a JMS module “DG-SystemModule”
Under “DG-SystemModule” create a sub-deployment “DG-JMSFAServer” and target it to “OSB-JMSServer”
Create the following JMS queues:
Queue Name: DestinationQueue-DG
JNDI Name: DestinationQueue-DG
Sub-deployment: DG-JMSFAServer
Targets: OSB-JMSServer
 
Queue Name: IMDDestinationQueue-DG
JNDI Name: IMDDestinationQueue-DG
Sub-deployment: DG-JMSFAServer
Targets: OSB-JMSServer
 
Queue Name: NotificationQueue-DG
JNDI Name: NotificationQueue-DG
Sub-deployment: DG-JMSFAServer
Targets: OSB-JMSServer
4. Deploy the OSB adapter on the example WebLogic instance.
For SSL deployment please refer to the section Deploying OSB adapter on SSL.
UNIX
cd $SPLEBASE/osbapp
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-osb_DG.xml -Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
Note: Use the following command if this is an upgrade from a previous version:
cd $SPLEBASE/osbapp
$SPLEBASE/product/apache-ant/bin/ant -buildfile
deploy-osb_DG.xml update_osb -Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
This will not override any OSB custom changes
Windows
cd %SPLEBASE%\osbapp
%SPLEBASE%\product\apache-ant\bin\ant -buildfile deploy-osb_DG.xml
- Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
Note: Use the following command if this is an upgrade from a previous version:
cd %SPLEBASE%/osbapp
%SPLEBASE%/product/apache-ant/bin/ant -buildfile deploy-osb_DG.xml update_osb -Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
This will not override any OSB custom changes.
Create the following JMS configuration in the Oracle Utilities Meter Data Management application Admin Server:
1. Create a JMS module “DG-SystemModule” and target it to the Managed Server where the Oracle Utilities Meter Data Management application is running.
2. Under the JMS module, create a new Foreign Server "OSBForeignServer-DG" and accept the default targets.
3. Under the Foreign Server, navigate to the General tab and configure the following:
a. JNDI Initial Context Factory: weblogic.jndi.WLInitialContextFactory
b. JNDI Connection URL: URL for OSB Sever in the format - t3://<osb hostname>:<osb port number> (Use t3s for SSL)
c. JNDI Properties Credential: Credentials for user with access to OSB server
d. Confirm JNDI Properties Credential: Same as JNDI Properties Credential
e. JNDI Properties: java.naming.security.principal=<User with access to OSB server for which credentials were provided>
4. Under Destinations, create the following foreign destinations:
Name: DestinationQueue-DG
Local JNDI Name: ForegnDestinationQueue-DG
Remote JNDI Name: DestinationQueue-DG
Name: IMDDestinationQueue-DG
Local JNDI Name: ForegnIMDDestinationQueue-DG
Remote JNDI Name: IMDDestinationQueue-DG
Name: NotificationQueue-DG
Local JNDI Name: ForegnNotificationQueue-DG
Remote JNDI Name: NotificationQueue-DG
5. Under Connection Factories, create the following foreign connection factories:
Name: DestinationQueueConnectionFactory-DG
Local JNDI Name: ForegnDestinationQueueConnectionFactory-DG
Remote JNDI Name: weblogic.jms.XAConnectionFactory
Name: IMDDestinationQueueConnectionFactory-DG
Local JNDI Name: ForegnIMDDestinationQueueConnectionFactory-DG
Remote JNDI Name: weblogic.jms.XAConnectionFactory
Name: NotificationQueueConnectionFactory-DG
Local JNDI Name: ForegnNotificationQueueConnectionFactory-DG
Remote JNDI Name: weblogic.jms.XAConnectionFactory
To Deploy on a Separate WebLogic Instance
Refer to Configuring Oracle Fusion Middleware Components on a Separate Server from Oracle Utilities Meter Data Management for more information about deploying OSB components on a separate WebLogic server.
To deploy on a separate WebLogic instance:
1. Create the following directories under <OSB_LOG_DIR>.
dg-csv-error
dg-csv
dg-xml-error
dg-xml-arch
dg-xml
dg-csv-arch
dg-seeder-error
dg-seeder-arch
dg-seeder
 
2. Copy the following jars to the lib folder under the WebLogic's domain directory:
spl-d1-osb-25.4.jar
 
These jars are present under the following location:
UNIX
$SPLEBASE/etc/lib
 
Windows
%SPLEBASE%\etc\lib
 
3. Start the separate WebLogic instance.
4. Create JMS queues and target them to the OSB admin server.
Create a JMS server “OSB-JMSServer” and target it to admin server.
Create a JMS module “DG-SystemModule”
Under “DG-SystemModule” create a sub-deployment “DG-JMSFAServer” and target it to “OSB-JMSServer”
Create the following JMS queues:
Queue Name: DestinationQueue-DG
JNDI Name: DestinationQueue-DG
Sub-deployment:: DG-JMSFAServer
Targets: OSB-JMSServer
 
Queue Name: IMDDestinationQueue-DG
JNDI Name: IMDDestinationQueue-DG
Sub-deployment: DG-JMSFAServer
Targets: OSB-JMSServer
 
Queue Name: NotificationQueue-DG
JNDI Name: NotificationQueue-DG
Sub-deployment: DG-JMSFAServer
Targets: OSB-JMSServer
5. Deploy the OSB adapter on the separate WebLogic instance.
For SSL deployment please refer to the section Deploying OSB adapter on SSL.
Note:- Modify the OSB Host Server,OSB Port Number according to Standalone domain using “OSB Configuration Menu item 8”.
UNIX
cd $SPLEBASE/osbapp
 
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-osb_DG.xml
-Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
Note: Use the following command if this is an upgrade from a previous version:
cd $SPLEBASE/osbapp
 
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-osb_DG.xml update_osb -Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
This will not override any OSB custom changes
Windows
cd %SPLEBASE%\osbapp
 
%SPLEBASE%\product\apache-ant\bin\ant -buildfile deploy-osb_DG.xml
-Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
%SPLEBASE%/product/apache-ant/bin/ant -buildfile deploy-osb_DG.xml update_osb -Dadmin.user=<ADMIN_USER> -Dadmin.password=<OSB_ADMIN_PASSWORD> -Douaf.user=<JMS_USER> -Douaf.password=<JMS_PASSWORD> -Dprocessing.archive=true -Dosb.user=<OSB_USER> -Dosb.password=<OSB_PASSWORD> -Douaf.filter.user=<JMS_USER> -Douaf.filter.password=<JMS_PASSWORD>
 
This will not override any OSB custom changes.
Create the following JMS configuration in the Oracle Utilities Meter Data Management application Admin Server:
1. Create a JMS module “DG-SystemModule” and target it to the Managed Server where the Oracle Utilities Meter Data Management application is running.
2. Under the JMS module, create a new Foreign Server "OSBForeignServer-DG" and accept the default targets.
3. Under the Foreign Server, navigate to the General tab and configure the following:
a. JNDI Initial Context Factory: weblogic.jndi.WLInitialContextFactory
b. JNDI Connection URL: URL for OSB Sever in the format - t3://<osb hostname>:<osb port number> (Use t3s for SSL)
c. JNDI Properties Credential: Credentials for user with access to OSB server
d. Confirm JNDI Properties Credential: Same as JNDI Properties Credential
e. JNDI Properties: java.naming.security.principal=<User with access to OSB server for which credentials were provided>
4. Under Destinations, create the following foreign destinations:
Name: DestinationQueue-DG
Local JNDI Name: ForegnDestinationQueue-DG
Remote JNDI Name: DestinationQueue-DG
Name: IMDDestinationQueue-DG
Local JNDI Name: ForegnIMDDestinationQueue-DG
Remote JNDI Name: IMDDestinationQueue-DG
Name: NotificationQueue-DG
Local JNDI Name: ForegnNotificationQueue-DG
Remote JNDI Name: NotificationQueue-DG
5. Under Connection Factories, create the following foreign connection factories:
Name: DestinationQueueConnectionFactory-DG
Local JNDI Name: ForegnDestinationQueueConnectionFactory-DG
Remote JNDI Name: weblogic.jms.XAConnectionFactory
Name: IMDDestinationQueueConnectionFactory-DG
Local JNDI Name: ForegnIMDDestinationQueueConnectionFactory-DG
Remote JNDI Name: weblogic.jms.XAConnectionFactory
Name: NotificationQueueConnectionFactory-DG
Local JNDI Name: ForegnNotificationQueueConnectionFactory-DG
Remote JNDI Name: weblogic.jms.XAConnectionFactory
Deploying the SOA Adapter for the Adapter Development Kit
The SOA adapter can be deployed on the bundled WebLogic example server instance or on a separate WebLogic server instance.
Note: Oracle Enterprise Manager may be required for some of the security setups and for monitoring SOA. If Oracle Enterprise Manager is required, you need to extend the example SOA WebLogic domain and enable Enterprise Manager using WebLogic's configuration utility.
To deploy the SOA adapter, use the following procedures:
To Deploy on the Example WebLogic Instance
1. Edit the startWeblogic script located at the locations below for JAVA_OPTIONS:
UNIX
cd $SPLEBASE/soaapp
./startWebLogic.sh
 
Windows
cd %SPLEBASE%\soaapp
startWebLogic.cmd
2. Add “-Djava.security.auth.login.config=${DOMAIN_HOME}/config/SGGLogin.config -Djavax.net.ssl.trustStore=<<JAVA_TRUST_STORE_LOCATION>>” to the JAVA_OPTIONS.
3. Start the example SOA WebLogic instance:
UNIX
cd $SPLEBASE/soaapp
 
./startWebLogic.sh
 
Windows
cd %SPLEBASE%\soaapp startWebLogic.cmd
 
4. Deploy the SOA adapter on the example WebLogic instance.
For the SSL deployment procedure, refer to the section Deploying Service Oriented Architecture Composites on SSL.
UNIX
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-soa_MDF.xml
-Dserver.user=<SOA_USER> -Dserver.password=<SOA_PASSWORD> -
DsysPropFile=soa.properties
 
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-soa_DG.xml
-Dserver.user=<SOA_USER> -Dserver.password=<SOA_PASSWORD> -
DsysPropFile=soa.properties
 
Windows
%SPLEBASE%\product\apache-ant\bin\ant -buildfile deploy
-soa_MDF.xml
-Dserver.user=<SOA_USER> -Dserver.password=<SOA_PASSWORD> -
DsysPropFile=soa.properties
 
%SPLEBASE%\product\apache-ant\bin\ant -buildfile deploy-soa_DG.xml
-Dserver.user=<SOA_USER> -Dserver.password=<SOA_PASSWORD> -
DsysPropFile=soa.properties
 
5. Deploy the TestHarness SOA composites on example WebLogic instance.
For the SSL deployment procedure, refer to the section Deploying Service Oriented Architecture Composites on SSL.
UNIX
cd $SPLEBASE/soaapp
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-soa_DG.xml deployTestHarness -Dserver.password=<SOA_USER>
-Dserver.password=<SOA_PASSWORD> -DsysPropFile=soa.properties
 
Windows
Note: Open the command prompt as Administrative mode and then select the environment to deploy SOA.
cd %SPLEBASE%/soaapp
 
%SPLEBASE%\product\apache-ant\bin\ant -buildfile
deploy-soa_DG.xml deployTestHarness -Dserver.password=<SOA_USER>
-Dserver.password=<SOA_PASSWORD> -DsysPropFile=soa.properties
6. Import the Policy Templates and Policies.
a. First, import the policy template jar using Enterprise Manager.
Linux
cd $SPLEBASE/soaapp
$SPLEBASE/product/apache-ant/bin/ant -buildfile package-soa-policy.xml –Dproduct=d1
Windows
cd %SPLEBASE%/soaapp
$SPLEBASE/product/apache-ant/bin/ant -buildfile package-soa-policy.xml –Dproduct=d1
 
a. In Oracle Enterprise Manager, navigate to WebLogic Domain and select the required SOA domain.
b. Right-click the domain and navigate to Web Services, WSM Policies.
c. Click Web Services Assertion Templates at the top of the page.
d. Click Import and import the sgg-d1-policy.jar file.
This file is located in the following directory:
UNIX: $SPLEBASE/soaapp/policies/jars
Windows: %SPLEBASE%\soaapp\policies\jars
b. For SOA 14.1.2.x version, perform the following steps to import policies:
a. Import the “sgg_dg_cfs_multispeak_header_client_policy” policy file ($SPLEBASE/soaapp) using Enterprise Manager.
b. In Oracle Enterprise Manager, navigate to WebLogic Domain and select the required SOA domain.
c. Create a "META-INF\policies\oracle" folder structure and copy the policy under oracle folder and zip the entire folder as “sgg_dg_cfs_multispeak_header_client_policy.zip”.
d. Right-click the domain and navigate to Web Services, WSM Policies.
e. Click Import and import sgg_dg_cfs_multispeak_header_client_policy.zip.
This file is located in the following directory:
UNIX: $SPLEBASE/soaapp
Windows: %SPLEBASE%\soaapp
To Deploy on a Separate WebLogic Instance
Refer to Configuring Oracle Fusion Middleware Components on a Separate Server from Oracle Utilities Meter Data Management for more information about deploying SOA components on a separate WebLogic server.
1. Create WebLogic SOA Domain and select Enterprise Manager option.
2. Copy the following jar file to the lib folder under the WebLogic domain directory, spl-d1-soa- security.jar
This jar is present under the following location:
UNIX: $SPLEBASE/etc/lib
Windows: %SOA_HOME%\etc\lib
3. Add system permissions for Smart Grid Gateway security policies:
a. Login to Oracle Enterprise Manager as an administrative user.
b. Select WebLogic Domain, then Security, then System Policies.
The System Policies page opens.
c. Search for an existing permission for the Smart Grid Gateway security jar as follows:
a. Select “Codebase” from the Type drop-down list (you should not have to change this).
b. Select “Includes” from the Name drop-down list.
c. Enter “spl-d1-soa-security.jar” into the search field.
d. Click the arrow button.
e. No policies should be found:
d. Click Create.
The Create System Grant page opens.
e. Select "Codebase" from the Grant To drop-down list.
f. Enter the complete path to the security jar in the Codebase field.
"file:${domain.home}/lib/spl-d1-soa-security.jar"
 
g. Click Add (under Permissions).
The Add Permission window opens.
h. Select the "Select here to enter details for a new permission checkbox.
The following fields appear:
Permission Class
Resource Name
Permission Actions
i. Enter the following details into the three fields:
Field
Value
Permission Class
oracle.security.jps.service.credstore.CredentialAccessPermission
Resource Name
context=SYSTEM,mapName=*,keyName=*
Permission Actions
*
j. Click OK to close the Add Permission window.
k. Click OK (on the Create System Grant page) to save the system grant.
l. Repeat the search from step 2 to confirm the new system policy exists:
This search should return the system policy you just added.
4. Copy the SGGLogin.config file from below location to the config directory of Weblogic SOA domain and edit the startWeblogic script located of Weblogic SOA domain-> bin for JAVA_OPTIONS:
a. This SGGLogin.config is present under the following location:
UNIX: $SPLEBASE/soaapp/config
Windows: %SOA_HOME%\soaapp\config
b. Copy the file.
UNIX: <Weblogic_SOA_domain>/config
Windows: <Weblogic_SOA_domain>\config
c. Add “-Djava.security.auth.login.config=${DOMAIN_HOME}/config/SGGLogin.config -Djavax.net.ssl.trustStore=<<JAVA_TRUST_STORE_LOCATION>>” to the JAVA_OPTIONS to
UNIX: <Weblogic_SOA_domain>/bin/startWeblogic.sh
Windows: <Weblogic_SOA_domain>\bin\startWeblogic.cmd
5. Start the separate WebLogic instance.
6. Before SOA composites deployment, import the Policy Templates and Policies.
a. Import the policy template jar using Enterprise Manager.
Linux
cd $SPLEBASE/soaapp
$SPLEBASE/product/apache-ant/bin/ant -buildfile package-soa-policy.xml –Dproduct=d1
 
Windows
cd %SPLEBASE%/soaapp
$SPLEBASE/product/apache-ant/bin/ant -buildfile package-soa-policy.xml –Dproduct=d1
 
a. In Oracle Enterprise Manager, navigate to WebLogic Domain and select the required SOA domain.
b. Right-click the domain and navigate to Web Services, WSM Policies.
c. Click Web Services Assertion Templates at the top of the page.
d. Click Import and import the sgg-d1-policy.jar zip.
This file is located in the following directory:
UNIX: $SPLEBASE/soaapp/policies/jars
Windows: %SPLEBASE%\soaapp\policies\jars
b. For SOA 14.1.2.x version, perform the following steps to import policies:
a. Import the “sgg_dg_cfs_multispeak_header_client_policy” policy file ($SPLEBASE/soaapp) using Enterprise Manager.
b. In Oracle Enterprise Manager, navigate to WebLogic Domain and select the required SOA domain.
c. Create a "META-INF\policies\oracle" folder structure, copy the policy under oracle folder and zip the entire folder as “sgg_dg_cfs_multispeak_header_client_policy.zip”.
d. Right-click the domain and navigate to Web Services, WSM Policies.
e. Click Import and import the sgg_dg_cfs_multispeak_header_client_policy.zip file.
This file is located in the following directory:
UNIX: $SPLEBASE/soaapp
Windows: %SPLEBASE%\soaapp
7. Deploy the SOA cartridge on the separate WebLogic instance.
Note: Modify the SOA Host Server, SOA Port Number, SOA WebLogic User Name, SOA WebLogic User Password and Endpoint URLs menu items according to separate domain using “SOA Configuration Menu item 9”.
UNIX
cd $SPLEBASE/soaapp
 
For WebLogic 14.1.2.x:
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-soa_MDF.xml
-Dserver.user=<ADMIN_USER> -Dserver.password=<ADMIN_PASSWORD>> -DsysPropFile=soa.properties
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-soa_DG.xml
-Dserver.user=<ADMIN_USER> -Dserver.password=<ADMIN_PASSWORD>> -DsysPropFile=soa.properties
 
Windows
cd %SPLEBASE%\soaapp
 
For WebLogic 14.1.2.x:
%SPLEBASE%\product\apache-ant\bin\ant -buildfile deploy-
soa_MDF.xml -Dserver.user=<ADMIN_USER> -
Dserver.password=<ADMIN_PASSWORD> -DsysPropFile=soa.properties
%SPLEBASE%\product\apache-ant\bin\ant
-buildfile deploy-soa_DG.xml
-Dserver.user=<ADMIN_USER> -Dserver.password=<ADMIN_PASSWORD> -DsysPropFile=soa.properties
 
8. Deploy the TestHarness SOA composites on the separate WebLogic instance.
UNIX
cd $SPLEBASE/soaapp
 
For WebLogic 14.1.2.x:
$SPLEBASE/product/apache-ant/bin/ant -buildfile deploy-soa_DG.xml deployTestHarness -Dserver.user=<ADMIN_USER>
-Dserver.password=<ADMIN_PASSWORD> -DsysPropFile=soa.properties
 
Windows
cd %SPLEBASE%\soaapp
 
For WebLogic 14.1.2.x:
%SPLEBASE%\product\apache-ant\bin\ant -buildfile
deploy-soa_DG.xml deployTestHarness -Dserver.user=<ADMIN_USER>
-Dserver.password=<ADMIN_PASSWORD> -DsysPropFile=soa.properties
Configuring Security for the SOA System
Security is managed through policies attached to the input and output points of each composite. More information on policies and their configuration can be found in Configuring Policies in the Oracle Fusion Middleware Administrator's Guide for Oracle SOA Suite.
This section describes how to configure security credentials for the SOA system, including:
Configuring Security for the SOA System to Communicate with the Application Framework
Configuring security for the SOA system involves using Oracle Enterprise Manager to create the following security credentials:
A Credential Map
A Credential Key for the WebLogic Server.
A Credential Key for the Oracle Utilities Application Framework
Use the following procedure to create the security credentials:
1. In Oracle Enterprise Manager, expand the WebLogic domain, right-click the domain, and choose Security, Credentials.
2. On the Credentials page, click Create Map.
3. In the Create Map dialog, name the map oracle.wsm.security, then click OK.
4. Click Create Key and enter the following values:
Select Map: oracle.wsm.security
Key: sgg.dg.credentials
Type: Password
Username: A valid WebLogic user name
Password: A valid WebLogic password
5. Click OK.
6. Click Create Key again and enter the following values:
Select Map: oracle.wsm.security
Key: sgg.dg.ouaf.credentials
Type: Password
Username: A valid OUAF user name
Password: A valid OUAF password
7. Click OK.
Configuring Security for the SOA System to Communicate with the Head-End System
The ADK Test Harness is a frequently-used substitute for a real head-end System. Some specific settings highlighted below will facilitate connecting to and using the Test Harness.
Creating Security Credentials
Configuring security for the SOA system involves creating the security credentials in Oracle Enterprise Manager.
To create the security credential in the Credential File Store (CFS):
1. In Oracle Enterprise Manager, navigate to WebLogic Domain and select the required SOA domain.
2. In the WebLogic Domain menu, navigate to Security, Credentials.
3. Click Create Map to set up a new credentials store.
4. In the Create Map dialog box, enter a unique value in the Map Name field.
5. Click OK.
6. Select the new map in the Credentials list and click Create Key.
7. In the Create Key dialog box, enter the appropriate values in the fields. In the Type field, select Password.
8. Click OK.
By default, the sgg_dg_cfs_multispeak_header_client_policy policy imported previously uses a Credential Map named “dg.security” and a Credential Key called “dg.credentials.” Use these values unless making changes to the template values.
Test Harness Note: By default, the Test Harness expects a user name of “MultiSpeakUserID” and a password of “MultiSpeakPwd.”
Creating the Web Service Policy for the Security Credentials
To create a web service policy for the security credentials:
1. In Oracle Enterprise Manager, navigate to WebLogic Domain and select the required SOA domain.
2. In the WebLogic Domain menu, navigate to Web Services, Policies.
3. Select the policy oracle/wss_http_token_client_policy.
4. Click Create Like.
Give the policy a unique name and an appropriate description.
Under Assertions, remove the Log Message and the HTTP Security policies.
Click Add.
Enter a name for the new assertion.
In the Assertion Template field, select sgg/d1_csf_access_client_xpath_template.
Click OK.
5. In the Assertion Content field, edit property values in the XML according to the example below. The following table lists the property values that should be edited:
Field
Default Value
Description
csf-map
 
Required. The credential store map to use. This value is specified in the task Creating Security Credentials.
csf-key
 
Required. The key in the credential store map that will resolve to a username-password pair. This value is specified in the task Creating Security Credentials.
namespaceDefinitions
 
Prefix-namespace definitions used in the xpath fields below. Each should be in the form prefix=namespace. Multiple definitions should be separated by spaces. Default namespaces cannot be set.
soapElement
Header
The context node for xpath searches, either the SOAP header or the SOAP body. Legal values are "header" and "body."
userid.xpath
 
The xpath to the location to inject the username in the SOAP element. The statement must resolve to an attribute or element that already exists.
password.xpath
 
The xpath to the location to inject the password in the SOAP element. The statement must resolve to an attribute or element that already exists.
isDebuggingActive
false
Reserved for internal use.
 
<orasp:SGGCredentialStoreInsertionXPath xmlns:orawsp="http://schemas.oracle.com/ws/2006/01/policy" orawsp:Silent="true" orawsp:name="CSF_DG" orawsp:description="Properties to add CSF credentials to a SOAP message" orawsp:Enforced="true" orawsp:category="security/authentication" xmlns:orasp="http://schemas.oracle.com/ws/2006/01/securitypolicy">
<orawsp:bindings>
<orawsp:Implementation>com.splwg.d1.sgg.soa.common.security.policy.CredentialStorageFacilityAccessAssertationExecutor</orawsp:Implementation>
<orawsp:Config orawsp:name="CSFKeyInsertionConfig" orawsp:configType="declarative">
<orawsp:PropertySet orawsp:name="CSFKeyProperties">
<orawsp:Property orawsp:type="string" orawsp:contentType="required" orawsp:name="csf-map">
<orawsp:Description>Which CSF map to use</orawsp:Description>
<orawsp:Value>CSF_map_name</orawsp:Value>
</orawsp:Property>
<orawsp:Property orawsp:type="string" orawsp:contentType="required" orawsp:name="csf-key">
<orawsp:Description>Which key in the map to use</orawsp:Description>
<orawsp:Value>CSF_Key</orawsp:Value>
</orawsp:Property>
</orawsp:PropertySet>
<orawsp:PropertySet orawsp:name="XPathProperties">
<orawsp:Property orawsp:type="string" orawsp:contentType="required" orawsp:name="soapElement">
<orawsp:Description>The segment of the soap message to which to write. Legal Values are "header" &amp; "body"</orawsp:Description>
<orawsp:Value>header</orawsp:Value>
</orawsp:Property>
<orawsp:Property orawsp:type="string" orawsp:contentType="optional" orawsp:name="namespaceDefinitions">
<orawsp:Description>A space-separated list of prefix-namespace pairs. For example: ns1=http://myurl.com/ns1 ns2=http://oracle.com xsd=http://www.w3.org/2001/XMLSchema</orawsp:Description>
<orawsp:Value>ns1=http://www.multispeak.org/Version_4.1_Release</orawsp:Value/>
</orawsp:Property>
<orawsp:Property orawsp:type="string" orawsp:contentType="required" orawsp:name="userid.xpath">
<orawsp:Description>The xpath relative to the soapElement property at which to insert the user id.</orawsp:Description>
<orawsp:Value>./ns1:MultiSpeakMsgHeader/@UserID</orawsp:Value>
</orawsp:Property>
<orawsp:Property orawsp:type="string" orawsp:contentType="required" orawsp:name="password.xpath">
<orawsp:Description>The xpath relative to the soapElement property at which to insert the password.</orawsp:Description>
<orawsp:Value>./ns1:MultiSpeakMsgHeader/@Pwd</orawsp:Value>
</orawsp:Property>
</orawsp:PropertySet>
<orawsp:PropertySet orawsp:name="DebugProperties">
<orawsp:Property orawsp:type="boolean" orawsp:contentType="optional" orawsp:name="isDebuggingActive">
<orawsp:Description>controls debugging output</orawsp:Description>
<orawsp:Value>false</orawsp:Value>
<orawsp:DefaultValue>false</orawsp:DefaultValue>
</orawsp:Property>
</orawsp:PropertySet>
</orawsp:Config>
</orawsp:bindings>
</orasp:SGGCredentialStoreInsertionXPath>
 
6. Save the policy.
7. Attach the policy to the MR_Server reference on the Common composite.
a. In Oracle Enterprise Manager, navigate to the DG/Common composite.
b. Navigate to the Policies tab.
c. From the Attach To/Detach From menu, select MR_Server.
d. In the Attached Policies window, select “oracle/wss_http_token_client_policy”.
e. Click Detach to remove the default security policy.
f. In the Available Policies window, select the policy that you just created.
g. Click Attach to attach the policy to the MR_Server reference.
8. Attach the policy to the CD_Server reference on the Common composite.
a. Navigate to the DG/Common composite.
b. Navigate to the Policies tab.
c. In the Attach To/Detach From menu, select CD_Server.
d. In the Attached Policies window, select oracle/wss_http_token_client_policy.
e. Click Detach to remove the default security policy.
f. In the Available Policies window, select the policy that you just created.
g. Click Attach to attach the policy to the CD_Server reference.
9. Attach the policy to the OD_Server reference on the Common composite.
a. Navigate to the DG/Common composite.
b. Navigate to the Policies tab.
c. From the Attach To/Detach From menu, select OD_Server.
d. In the Attached Policies window, select oracle/wss_http_token_client_policy.
e. Click Detach to remove the default security policy.
f. In the Available Policies window, select the policy that you just created.
g. Click Attach to attach the policy to the OD_Server reference.
Starting the Application
The OSB WebLogic server instance should be up and running before starting the main application.
Creating WebLogic Domain
Create the WebLogic native domain and deploy the application. For instructions refer to the Native Installation Oracle Utilities Application Framework (Doc ID: 1544969.1) document on My Oracle Support.
The MDB user configured in Menu 3 during the Oracle Utilities Application Framework installation has to be created in the Oracle Utilities Application Framework application and WebLogic console, and should be part of the “cisusers” group.
Note: The first time you start Oracle Utilities Meter Data Management, you need to log into the WebLogic console and give system access to cisusers role. The WebLogic console application can be accessed through the following URL: http://<hostname>:<portname>/ console.