Create Credentials and System Policies

8.5 Create Credentials and System Policies

In order Configure MDB flow, you need to create credentials and system policies. The credentials are accessed through CSF framework which is managed by Oracle Weblogic Server. The keys are managed by Maps and Maps need to be given with Permissions.

Create Credentials and System Policies

Parent topic: Configure JMS Queue

8.5.1 Create Credentials and System Policies

Follow the below steps to create credentials and system policies.

Login to Oracle Enterprise Manager (http://hostname:port/em).
On the left panel, right click on OFSLLREL_domain and select Security > System Policies > Credentials.
The following window is displayed.

Figure 8-69 Credentials page

Description of "Figure 8-69 Credentials page"
Click Create Map.
The following window is displayed.

Figure 8-70 Create Map

Description of "Figure 8-70 Create Map"
Enter Map Name as ofsll.int.bureau and click OK.
Click Create Key.
The following window is displayed.

Figure 8-71 Create Key

Description of "Figure 8-71 Create Key"
Specify the following details:
- Select Map as ofsll.int.bureau from the drop down list.
- Specify Key as jdbc_ds_key
- Select Type as Generic from the drop down list.
- Specify the Credential as jdbc/QueueAppDS
Click OK.

Similarly you need to create the following Maps and corresponding keys as indicated in following table.

Table 8-1 Maps and corresponding keys

Maps	Keys	Description
ofsll.int.bureau	-	This map is used to setup keys for all credit bureau interfaces
ofsll.int.bureau	ProxyServer	Name of the proxyServer to be configured
ofsll.int.bureau	ProxyPort	Port to which ProxyServer is running.
ofsll.int.bureau	ExpEcalsURL	The Experian Connection URL to be configured.
ofsll.int.bureau	ExpDirectExperianEnabled	If you set value as true, then you would be setting ecals response URL. Else, the Ecals request URL
ofsll.int.bureau	ExpCertPath	The location of `.jks` file which contains the valid certificate for Experian Credit Bureau.
ofsll.int.bureau	ExpBusUserNamePassword	Login Credentials to be configured for Experian Business reports.
ofsll.int.bureau	ExpConUserNamePassword	Login Credentials to be configured for Experian Consumer reports.
ofsll.int.bureau	EfxURL	The Equifax Connection URL to be configured.
ofsll.int.bureau	EfxCertPath	The location of `.jks` file which contains the valid certificate for Equifax Credit Bureau.
ofsll.int.bureau	EfxUserNamePassword	Login credentials to be configured for accessing Equifax Reports.
ofsll.int.bureau	TucCertPath	The location of `.jks` file which contains valid certificate for Transunion Bureau .
ofsll.int.bureau	TucCertPassword	The password that requires to read the valid `.jks`certificate for the Transunion Bureau.
ofsll.int.bureau	TucUserNamePassword	Login credentials to be configured for accessing Transunion reports
ofsll.int.bureau	TucConnectionURL	The Transunion URL to be configured.
ofsll.int.bureau	jdbc_ds_key	Datasource configured to retrieve data for bureau.
ofsll.int.bureau	source	Configured as EXTERNAL for actual call.
ofsll.int.outbound	-	This map is used to setup keys for the RouteOne and Dealer track call back from OFSLL.
ofsll.int.outbound	roUserNamePassword	Login Credentials used at the time of call back from OFSLL to RouteOne Interface.
ofsll.int.outbound	dtUsernamePassword	Login Credentials used at the time of Call back from OFSLL to Dealer Track Interface.
ofsll.int.outbound	jdbc_ds_key	Datasource configured to retrieve data for outbound Resources.
ofsll.int.outbound	roPostDealerUsernamePasswd	Credentials required to upload the dealer details to Route One Portal
ofsll.int.outbound	roPostDealerWbsURL	Route One Post Dealer Web Service url
ofsll.int.outbound	roDealerUploadURL	Route One URL to upload the Dealer details
ofsll.int.outbound	dtPostDealerUsernamePasswd	Credentials required to upload the dealer details to Dealer Track Portal
ofsll.int.outbound	dtPostDealerWbsURL	Dealer Track Post Dealer Web Service url
ofsll.int.outbound	dtDealerUploadURL	Dealer Track URL to upload the Dealer details
ofsll.int.outbound	VertexUserNamePd	Credentials required to connect to VERTEX web service
ofsll.int.outbound	VertexTrustedId	ID required to connect to VERTEX web service
ofsll.int.outbound	TorqueItsUserNamePassword	Credentials required to connect to TorqueIts web service
ofsll.int.outbound	TorqueItsURL	TorqueIts Decision service URL
ofsll.int.outbound	ProxyHost	Name of the proxyServer to be configured.
ofsll.int.outbound	ProxyPort	Port to which ProxyServer is running.
ofsll.int.bip	-	This Map is used to setup all the Keys required to setup interface with BIP to generate reports.
ofsll.int.bip	local_top_dir	Define the path of the local BIP server where you would like place the generated BIP reports.
ofsll.int.bip	email_from_addr	Define the From Email address to be used while sending email for the generated BIP reports.
ofsll.int.bip	emailBodyContentPath	The path for `file.properties`file that contains the content of the subject and body required while sending letter, report or correspondence as mail to the applicant or producer. For example; /tmp/file.properties *Refer to note below for details on `file.properties`file creation for email configuration.
ofsll.int.bip	fax_server	Configure the name of Fax server to be used to fax the generated BIP reports.
ofsll.int.bip	jdbc_ds_key	Datasource configured to retrieve data for BIP.
ofsll.int.filetransfer	-	This map is used to setup keys for all credit bureau interfaces
ofsll.int.filetransfer	sftp_key	Credentials to login to SFTP server(Username/Password)
ofsll.int.filetransfer	sftp_top_dir	Top root directory for SFFTP server
ofsll.int.filetransfer	sftp_servers	SFTP server names
ofsll.int.security	bip_key	This is BIP login credentials
ofsll.int.gri	GriURL	GRI web service URL to be configured.
ofsll.int.gri	GriAPIKey	GRI API key to be configured
ofsll.int.gri	ProxySet	System Level Proxy Enabled/Disabled. Value can be either true or false. True= proxy required False = proxy not required
ofsll.int.gri	ProxyHost	Name of the proxyServer to be configured. Set only if ProxySet =true.
ofsll.int.gri	ProxyPort	Port on which ProxyServer is running. Set only if ProxySet =true.
ofsll.int.gri	jdbc_ds_key	Datasource configured to retrieve the request XML for GRI.
ofsll.int.gri	GriCertPath	The location of `.jks` file which contains the valid certificate for GRI. Configure only when a valid certificate is available.
ofsll.int.common	-	This map is used to setup keys for common JMS Queue
ofsll.int.common	OfsllJMSQueueJNDI	The JMS queue JNDI name to be configured
ofsll.int.common	OfsllJMSQueueCF	The JMS queue connection factory to be configured
ofsll.int.common	OfsllJMSServerURL	The JMS server url to be configured. Ex: t3://<JMS server host>:<JMS server port>
ofsll.int.common	outbound_jms_queue_con_factory	The JMS connection factory to be configured. jms/OfsllOutboundCF
ofsll.int.common	outbound_jms_queue	The JMS queue to be configured. jms/OfsllOutboundQueue
ofsll.int.common	weblogic_cluster_ind	This is to be configured based on the environment i.e. for weblogic cluster environment set it as Y. Else, set it to N.
ofsll.int.common	outbound_jms_queue_provider_url	The JMS server url to be configured. Ex: For non clustered environment - t3://<JMS server host>:<JMS server port> Ex: For clustered environment - t3://<JMS server host>:<JMS server port>,<JMS server host>:<JMS server port>
ofsll.int.webhook	jdbc_ds_key	Datasource configured to retrieve data for Webhook.

* A new file(file.properties) needs to be created and copied to the application server in the same path as mentioned in the value corresponding to the key emailBodyContentPath under the map ofsll.int.bip. The file should have the following contents:

letter_subject='Text that is configurable and would be the subject of the mail'
letter_body='Text that is configurable and would be the body of the mail'
correspondence_subject='Text that is configurable and would be the subject of the mail'
correspondence_body='Text that is configurable and would be the body of the mail'
report_subject='Text that is configurable and would be the subject of the mail'
report_body='Text that is configurable and would be the body of the mail'

On the left panel, right click on OFSLLREL_domain and select Security > System Policies.
The following window is displayed.

Figure 8-72 System Policies

Description of "Figure 8-72 System Policies"
Click Create.
The following window is displayed.

Figure 8-73 Create System Grant

Description of "Figure 8-73 Create System Grant"
Enter the codebase as file:${domain.home}/lib/OfsllCommonCSF.jar.
Click Add.
The following window is displayed.

Figure 8-74 Add permission

Description of "Figure 8-74 Add permission"
Select the check box Select here to enter details for a new permission.

Specify the following details as the first permission class.

Table 8-2 Permission Class

Permission Class	Resource Name	Permission Actions
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.int.bureau,keyName=*	read
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.int.filetransfer,keyName=*	read
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.int.outbound,keyName=*	read
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.int.bip,keyName=*	read
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.int.gri,keyName=*	read
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.int.common,keyName=*	read
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.http.listener.jndi,keyName=*	read
oracle.security.jps.service.credstore.CredentialAccessPermission	context=SYSTEM,mapName=ofsll.int.webhook,keyName=*	read, write, update
oracle.security.jps.service.keystore.KeyStoreAccessPermission	stripeName=OFSLL_STRIPE,keystoreName=OFSLL_KSS,alias=*	read

Click OK.

Parent topic: Create Credentials and System Policies