fred's integration blog
Matter faced during integration project
Wednesday, March 30, 2011
enable LDAP over SSL (LDAPS) in OC4J
1.
Upload the certificate (mycert.cer) to your server
2.
Connect to your server and go to directory:
PATH_TO_ORACLE_INSTALL/ias/product/asmt_10131/jdk/jre/lib/security
3.
Import the certificate: keytool -import -keystore cacerts -alias myAlias -file /home/j_smith/sgsroot.cer
4.
By default the password for the keystore is changeit
5.
Accept the import and this is it, certificate has been added to the keystore
6.
Then in OC4J you need to set LDAPS instead of LDAP and probably mention the correct port.
At this point do not try to press the "Test LDAP Authorization" button as it will not work.
Thursday, February 17, 2011
Using AD authentication with OC4J within Oracle Enterprise Manager
1. Setup your file WEB-INF/web.xml in your web application with settings similar to above:
2. As I set the group name in web.xml to be the one on the Active Directory, I don't need to edit/add the file META-INF/orion-application.xml. In case you need, you do it with settings similar to above:
3. Deploy your application to your Oracle Enterprise Manager
4. Logon to your Oracle Enterprise Manager, select the applications you want to secure, select administration, select Security Provider, click Change Security Provider and select "Oracle Security Provider for 3rd Party LDAP Server"
Then the setup I used are the following:
you can note that we used LDAPS, that is LDAP over SSL. if you use this option too then you need to add the certificate used to secure your LDAP to your JVM keystore.
Then note that you will not be able to test your connection through the "Test LDAP Authorization" button. It will always respond false.
5.You would then need to restart your application.
Sunday, September 12, 2010
Connecting to Ariba with a Java API
Using the batch script was uneasy for us, as it means we had to schedule 2 jobs: one to get or retrieve the files from Ariba and another job to process the file.
A much easier solution, was to call the Ariba java library straight away from our java code. To do that we had to dig into the batch file and decompile the java code.
Then to call the Ariba Java API, you simply add Ariba libraries to your classapth and you call the following code:
public class CallAriba {
public static void main(String[] args) {
String[] s = buildArg();
ariba.filetransferclient.Main.main(s);
}
private static String[] buildArg() {
String[] arguments = {
"get",
"-url",
"https://s1.ariba.com/Buyer/filedownload?realm=myCompanyRealm",
"-sharedSecret",
"myCompanySharedSecret",
"-downloadDir",
"C:/temp/ariba",
"-timestampFile",
"C:/temp/ariba/time.txt",
"-filePrefix",
"OK2Pay",
"-logFile",
"C:/temp/ariba/logs/log-test.log",
"-proxyHost",
"10.0.225.201",
"-proxyPort",
"8080",
"-unzipDirs",
"false",
"--",
"-event",
"Export Payment Requests"};
return arguments;
}Wednesday, March 3, 2010
Sending SOAP request with JDK library
|
Tuesday, February 16, 2010
BPEL and Oracle Siebel CRM On Demand
An option is to add the session id to the end point of the partner link in the BPEL process.
Another option is to use java embedded code in BPEL and login and loggof to OCOD.
Those 2 options did not really fit with our requirements. Too slow, not scalable, dodgy to maintain, etc...
Our approach has been to use a proxy between our BPEL engine and OCOD.
- sessions
- authentication (so no password in clear text inside our BPEL process)
- the 50 ms wait that must exist between each request to OCOD
svn checkout http://ocod-proxy.googlecode.com/svn/trunk/ ocod-proxy-read-only
Then tell me if you want to modify and enhance it. I would provide an access to the SVN repository.
Wednesday, November 25, 2009
Using OWSM and BPEL PM behind a proxy
Nothing to fancy so far, we had to modify the JVM settings and add the following parameter:
Dhttp.proxySet=true
Dhttp.proxyHost = proxy_server
Dhttp.proxyPort = listen_port
Dhttp.nonproxyHost = *localhost|*domain.com
in our case this was:
Dhttp.proxySet=true
Dhttp.proxyHost = www-proxy.outsourcing.com
Dhttp.proxyPort = 80
Dhttp.nonproxyHost = *outsourcing.com
Do not forget to add your localhost as non proxy.
The JVM settings can be accessed through the OC4 console or by editing the file
ORACLE_HOME
/opmn/conf/opmn.xml
Dhttps.proxySet=true
Dhttps.proxyHost = www-proxy.outsourcing.com
Dhttps.proxyPort = 80
Dhttps.nonproxyHost = *outsourcing.com
The case has to be exactly that and only a restart of the OC4J instance is not enough- You have to restart the JVM.
Also note that this cannot be changed without a restart.
Tuesday, October 20, 2009
Consuming Web Services with Jakarta Commons HttpClient
The example below query a web service that requires HTTP authentication. We could also use that mechanism for NTLM or proxy authentication.
package org.apache.http.examples.client;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicHeader;
import org.apache.http.util.EntityUtils;
/**
* A simple example that uses HttpClient to execute an HTTP request against a
* target site that requires user authentication.
*/
public class ClientAuthentication {
private static final String XML_DATA =
"<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"> "
+ "<soap:Body xmlns:ns1=\"http://xmlns.oracle.com/SensorBPEL\">" + "<ns1:SensorBPELProcessRequest><ns1:input>toto</ns1:input></ns1:SensorBPELProcessRequest>"
+ "</soap:Body></soap:Envelope>";
public static void main(String[] args) throws Exception {
DefaultHttpClient httpclient = new DefaultHttpClient();
httpclient.getCredentialsProvider().setCredentials(new AuthScope("ch0016188", 8888), new UsernamePasswordCredentials("frederic_agneray", "pass"));
HttpPost httpPost = new HttpPost("http://ch0016188:8888/gateway/services/SID0003006");
httpPost.setHeader(new BasicHeader("Content-Type", "text/xml;charset=UTF-8"));
httpPost.setHeader(new BasicHeader("SOAPAction", "process"));
StringEntity s = new StringEntity(XML_DATA, "UTF-8");
httpPost.setEntity(s);
System.out.println("executing request" + httpPost.getRequestLine());
HttpResponse response = httpclient.execute(httpPost);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
System.out.println(EntityUtils.toString(response.getEntity()));
}
if (entity != null) {
entity.consumeContent();
}
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}