Sunday, January 1, 2017

Getting started with Oracle SOA Cloud Service: Deploying First DB Adapter Service on Cloud

In this post we will deploy the simple database adapter service. This service acts like a get Customer service, which pulls the data from Database.

Since we already configured the Oracle Database Service,

1, I created a CUSTOMER TABLE in Oracle DB cloud.

2. I created a Datasource in weblogic console point to the DB cloud service.

3. I created the JCA connection in DBAdapter Lib under deployment and upgraded the lib.

4. I Created a simple BPEL process to get the Cust ID and Fetch the Customer Data from Table.






5. Deploy the composite through EM console, same like a on-premise SOA server.

6. Once deployed, test the composite, and you will get the WSDL URL. This URL is over the public domain, so i just added the URL in SOAP UI and tested.

http://oc-****.compute.oraclecloud.com:8080/soa-infra/services/MyPartition/GetCustomer/fetchcustbpel_client?wsdl

Though it was a simple service I though it will take a bit longer to provide the response, but I see that the response is pretty quick, avg response time was around 180ms.

Apart from some restriction or changes, using Oracle SOA Cloud Service is almost similar to using On-Premise SOA server, but it take away all the admin/maintenance activities.

Saturday, December 31, 2016

Getting started with Oracle SOA Cloud Service Final Part 3: Configure Oracle SOA Cloud Service Instance

In the Final post of this series, we will explore how to Configure Oracle SOA Cloud Service Instance.

We will be using the configuration details of Oracle Storage Container and Oracle Database Service Instance, created in part1 and part2.


Follow the below steps to Configure Oracle SOA Cloud Service Instance:

1. Login to My Service Cloud Account.
2. Click on the Menu -> Oracle SOA Cloud Service
3. Click on Create Instance button







4. Oracle SOA cloud provide multiple options to create the SOA instance i.e. whether we just need Service Bus Instance/SOA instance/Service Bus + SOA Instances etc.

For this demo, I selected Service Bus + SOA Instance, click Next











5. Select the version i.e 12.1.3 or 12.2.1
As I am working on 12.1.3, I selected 12.1.3 version. and click Next.










6. Next, we need to enter Instance Details
Instance Configuration:
Enter the Instance Name,
Cluster Size
Compute Size i.e. 1 or more manage servers
Weblogic Administrator:
Enter weblogic user/password
Database Configuration:
Name: Select the Database Cloud Service that we created in part 2
Enter the SYS user
Password
Load Balancer:
Provision Load Balancer: YES (If you want to select have a load balancer Instance)
Load Balancer Policy: Least Connection Count
Compute Size:
Storage Container Configuration:
Storage Container Name:
Storage User Name:
Password:













7. Review All the details and click on Create button.


8. It takes around 30 mins to create the SOA instance.






9. Once created you can click on action button to access weblogic console/em console/Soa Composer/worklist/service bus etc










Thus, we covered the steps to Provision the Oracle SOA Cloud Service Instance.

As you can see from the post, it is quite easy to create the SOA instance as compare to the traditional on-premise instances.
We no longer need the activities like Licensing, setting up VM, network configurations, database maintenance, and server maintenance.

Oracle Cloud also provide the mechanism to configure the client VPN, by which the services deployed on SOA Cloud can access in-house services.

In further posts, we will cover how to use Cloud SOA instances implementing interfaces.

Getting started with Oracle SOA Cloud Service Part 2: Configure Oracle Database Cloud Service Instance

In this Post we cover the steps to setup the Oracle Database cloud service instance.

The Oracle Database Cloud Service instance is like any normal Oracle Database instance that is accessible and managed over a cloud.

Note: For Oracle SOA cloud service we need to create an Oracle Database Cloud Service with both Cloud Storage and Local Storage backup configuration

Follow the below steps to Configure Oracle Database Cloud Service Instance:

1. Log in to your Trial My Services Account
2. From Menu on Left Side, click on Oracle Database Cloud Service
3. Click on Create Service Button








4. It will ask to either upload the SSH key or generate the new Key. Make sure you save the SSH key as it is needed to connect later.









5. Next, enter the service name, select the Software Release Version and click Next










6. Next, Select the Compute Shape i.e. how many CPU's and RAM is needed.
Since this is a trial I selected 2 CPU with 15GB RAM, which I feel is more than enough.

Make you select "Both Cloud Storage and Local Storage" Option.

Here in the container details, we need to provide the container service URL, user/password, which we covered in PART 1.

If the container does not exist, you can check Create Cloud Storage Container Check Box










7. Review the configuration details, if everything is OK, click on Create Button.











8. It take about 15- 20 mins to create the Database Instance. Till then you will see the status as In progress.






Once the Service is created, you will see the status as completed. Also the action button is enable for the instance.







Next, we will see how to connect to this Oracle Database Cloud Instance over a public network:

In Order to access the Database Instance over a public network we need to enable the Access Rule.

1. Identify the Public IP address for our Oracle Database Cloud Instance. To do this, just click on the instance and IP will be visible in Details Section

2. Click on Action Button, and Click on Access Rules









3. Enable the ora_p2_dblistener access rule










4. As the access rule is now enabled, lets connect to the Cloud Database from Local JDeveloper.
    Open the JDeveloper, Click on Add Connections under database window

Provide the required details i.e. User/Password that was enter while creating the Database Instance.
Public IP as a Hostname
SID/Port

















5. If everything is proper, you will see the success message.

Now you can query the database like any other private database in the network.





















The Action button provide options to access EM console/DBaas monitor etc, which can be used by the DBA to maintain and manage the DB instances.













Overall, I am pretty impressed with the Oracle Cloud Offering, if you see in this post, I as non-DBA, was able to set up the Database Instance in less than 1 hour with just clicks.

Next in Part 3, We will explore the steps to Configure Oracle SOA Cloud Service Instance using this DB Instance.

Ref:
http://docs.oracle.com/en/database/

Getting started with Oracle SOA Cloud Service Part 1: Oracle Storage Cloud Service

In this Post series, we will cover the steps to configure Oracle SOA Cloud Service.

Firstly, I signed up for the Oracle Cloud Free Trial Account. The trail account give us 1 month free usage for Oracle Cloud Services.

To Sign Up, follow the below basic steps:

https://cloud.oracle.com

Click on Try It










Fill in the required details and submit the trail request.

If the validation goes through, you should get the welcome email which will have the My account details and My Services Details.

Below are the high steps required to configure Oracle SOA Cloud Service
Step 1: Configure the container in Oracle Storage Cloud Service
Step 2: Configure Oracle Database Cloud Service Instance
Step 3: Configure Oracle SOA Cloud Service Instance


Step 1: Configure the container in Oracle Storage Cloud Service

Pre-requisite for Oracle SOA Cloud service is to have the Container Details at the time of creating the SOA cloud Instance.

Follow the below Steps to create the container in Oracle Storage Cloud Service.

1. Get the REST URL for Oracle Storage Cloud Service.
 
  • Login to My Services URL received in Email.
  • Click on Storage Link in the Dashboard













  • Under Additional Information you will find the Rest End Point. Copy the URL.








2. Step is to Login to Storage Cloud Service.

For login, refer the below Documentation and click on the respective cloud service URL

http://docs.oracle.com/cloud/latest/storagecs_common/CSSTO/GUID-5778ADBB-A0E8-4451-B886-362A3B7237DB.htm#CSSTO-GUID-B431E096-06B5-4FB5-B429-8CE95585BB25

The Login Requires the REST endpoint URL and Cloud User/Password.

Once Login, Click on Create Container to create the storage container for SOA Instance.








Make the Note of the Storage Identity Domain.

At the time of Creating SOA Cloud Instance, you need to form the container URL and provide the login details.

The container URL is REST URL/Container Name

For Example:
https://uskpitnewlopes.storage.oraclecloud.com/v1/Storage-uskpitnewlopes/soacontainer

Additional Ref:
http://docs.oracle.com/cloud/latest/storagecs_common/index.html

Continue Post in Part 2...

Tuesday, December 27, 2016

Encrypt Sensitive Data in Oracle SOA 12c

In this post we will explore the option to handle the sensitive data in SOA composite.

For example, Consider a scenario for creating the employee record which has SSN as one of the element. If we do not apply the encryption for this sensitive data, then we might risk compliance issues as this data might be available in Custom Logs/SOA audit logs and visible to anybody.

Unlike Oracle SOA 11g, Oracle SOA 12c provide a easy feature to encrypt this sensitive data.

To demo, we will create a dummy XSD with two elements i.e. Emp Name and SSN.

The composite simply take the Name/SSN as a input and save the data in table.

For saving the data in table I just created a DB adaptor. In most of scenario, you might end up calling another system.

If we run this simple composite by passing some data, and if we look for the soa instance in EM console, the SSN will be clearly visible.









Below are the steps to apply the message encryption from JDEV:

1. Open the composite in JDEV.
2. Right on the Inbound Partner Link -> Encrypt Sensitive Data






3. Click on "oracle/pii_security_policy" and click Edit
4. Set the XPATH for input/output elements which need  to be encrypted










5. You might consider cloning the policy if it need to be used in Multiple composites with different parameters.

Note: The clone policy cannot be configured from JDEV, we need to configure it from EM console.
If you need to override clone properties at runtime, we can do via WLST scripts. Please refer below documentation.
Ref: (Configuring Secure Conversation Using WLST)
https://docs.oracle.com/middleware/1213/owsm/security/configure-secureconv.htm#OWSMS5360

6. To configure the CSF key on your environment. By default the CSF key is "pii-csf-key".
    You can add the CSF key either from EM console or from Jdev.





If the key is not present on your server then you will get below error.

InvalidSecurity : error in processing the WS-Security security header

Once you deploy this composite, and if we retest, we should see that the SSN element is encrypted.


Note: As the current policy, the Encrypted elements need to be Decrypted before leaving the current composite i.e. another composite will not be able to decrypted it.

Thus in this example, if I do not drcrypt the SSN then in Database it will be stored in encrypted format which will be of no use.

To configure decryption:
7. Right Click on outbound partner link, and you should see Decrypt Sensitive Data option





8. Select the element you want to decrypt, this time it will be the transformed element.








Thus as you can see, it is much easier to implement message level security as compared to 11g.


Sunday, March 13, 2016

Passing/Receiving HTTP header in SOA BPEL

In this example we will explore how to pass or receive the parameters from HTTP header.

We will explore below two scenarios,
To receive the HTTP header from SOAP request.
To pass the HTTP header while calling soap service.
SOA version used: 12.1.3c

To receive the HTTP header from SOAP request:

First we need to add the property “oracle.webservices.http.headers” under binding.ws in Service element in composite.xml. This property contains the comma separated parameters that we are expecting in request.
Example,  ENV,VERSION.

<binding.ws port="http://xmlns.oracle.com/SOA_Learning/HTTPHeader/HTTPHeaderTest#wsdl.endpoint(httpheadertest_client_ep/HTTPHeaderTest_pt)">
         <property name="oracle.webservices.http.headers">ENV,VERSION</property>
</binding.ws>

Now in BPEL source under receive activity, we need add <fromProperties> element which will copy the parameters from HTTP header to BPEL variable.

<receive name="receiveInput" partnerLink="httpheadertest_client" portType="client:HTTPHeaderTest" operation="process" variable="inputVariable" createInstance="yes">
    <bpelx:fromProperties >
         <bpelx:fromProperty name=" ENV" variable="var_ENV"></bpelx:fromProperty>
         <bpelx:fromProperty name=" VERSION" variable="var_VERSION"></bpelx:fromProperty>
    </bpelx:fromProperties>
   </receive>

Create two variables name “var_ENV” and “var_VERSION” of type string.



Now for DEMO purpose we will return the parameters from HTTP header to SOAP response.



Now we can test our service from EM or SOAP UI. EM console also allow use to set the HTTP header in request.


RESPONSE:



If we see EM console, we will find below trace logs:

receiveInput
 Mar 13, 2016 5:18:05 PM Received property "VERSION", value is "1.0".
 Mar 13, 2016 5:18:05 PM Received property "ENV", value is "DEV".
 Mar 13, 2016 5:18:05 PM Received "process" call from partner "httpheadertest_client"


Similarly, for passing the parameters in HTTP Header, we need to add,

         <property name="oracle.webservices.http.headers">ENV,VERSION</property>
To binding.ws under reference tag in composite.xml.

In INVOKE activity we need to use toProperties element.

    <bpelx:toProperties >
             <bpelx:toProperty name="ENV" variable="var_ENV">"lllf"</bpelx:toProperty>
             <bpelx:toProperty name="VERSION" variable="ver_VERSION"></bpelx:toProperty>
        </bpelx:toProperties>
   

Note:
The above properties does not work for REPLY activity as SOA does not support returning the parameter in HTTP header.

Thanks.


Configuring REST service in SOA using HTTP Adapter - GET/POST

In this example, we will explore how to configure REST service in SOA for both GET and POST request.
For this example, we will create a XSD which takes firstname and lastname as input and returns Full Name as output.

First, we will create a new project call, RestNamingService.
Our XSD will look like below:
<?xml version="1.0" encoding="windows-1252" ?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.example.org"
            targetNamespace="http://www.example.org" elementFormDefault="qualified">
  <xsd:element name="request">
    <xsd:annotation>
      <xsd:documentation>A sample element</xsd:documentation>
    </xsd:annotation>
    <xsd:complexType>
      <xsd:sequence>
        <xsd:element name="firstname" type="xsd:string"/>
        <xsd:element name="lastname" type="xsd:string"/>
      </xsd:sequence>
    </xsd:complexType>
  </xsd:element>
  <xsd:element name="response">
    <xsd:complexType>
      <xsd:sequence>
        <xsd:element name="fullname" type="xsd:string"/>
      </xsd:sequence>
    </xsd:complexType>
  </xsd:element>
</xsd:schema>

Now drag HTTP binding to service end of Composite.xml. Name service: httpserviceGET



Since we are expecting the response, we will select request-response pattern. The request type is GET.


Select the request and response element defined in XSD.

Click Finish.
This will generate the service binding name httpserviceGET.

Now Drag the BPEL component in Composite. Name it as processGet.

Wire the httpserviceGet and processGet component.

Add receive and reply activity in processGet bpel service.

Add assign activity to concat the firstname and lastname and set it to response element.


Now deploy the RestNamingService project to SOA server.

Testing:
We can test our service by passing the parameters in request URL.


Response:

<response xmlns="http://www.example.org">
<fullname xmlns="http://www.example.org">John smith</fullname>
</response>


Post Service:

For testing the POST service we will modify existing service by changing the pattern to POST.
Double click the httpserviceGet service endpoint in composite xml and change the pattern to POST.


Now reploy the project on SOA server.

In order to test the POST service we will create a REST project in SOAP UI.


This how we can create REST service in SOA using http binding.