Advertisements

Archive Page 2

SSL using KSS

In this post, we will use KSS (Keystore Service) for SSL setup. The screenshots showed in this post are based on SOA 12.2.1 but these steps remain same for 12.1.3 as well.

Creating Application Stripe:

ks1

ks2

stripe

Creating KSS Keystore:

kscreate

kssadmin

Creating Keypair:

kssmng

genkeypair

keypair

Oracle recommends key size to be more than equal to 1024. If we want to get it signed by any CA, we can generate CSR by clicking Generate CSR which is recommended for Production env. But for Development purpose we can use this keystore as it is.

keypair1

Clicking on alias name will bring up the following screen showing the certificate information.

cert

Configuring 1-Way SSL:

Enable SSL port by navigating to Environment –> Severs-> Admin Sever –> General.

sslport

Go to Keystores tab. Click Change to select Custom Identity and Custom  Trust as shown below and click Save to save the changes.

customkss

Modify Custom Identity and Trust stores as shown below. observe the usage of system trust store kss://system/trust. Oracle recommends this approach to simplify the trusted certificates setup.

customkss2

Go to SSL tab and give the Private key alias as shown below. Here give the password as “password” and click Save. See related note at end of this post.

ssl

Go to Advanced settings and set Hostname verification to None and also set Two way Client Cert Behavior to Clients Certs not Required as we are doing setup for 1-way SSL. This setting will enforce WLS server not to request client certificates.

advc

Restart the server and now we should be able to access admin console using HTTPS URL like http://localhost:7002/console.

Similarly, configure OSB managed server using same Keystore or by creating a new one similar to above as shown in the following screenshots.. Restart the server after changes.

osbssl

customkss2

ssl

Enable HTTPS for OSB proxy service as shown below.

proxyhttps

And now we should be able to access the proxy service WSDL using HTTPS URL like https://localhost:7008/entity/CustomerService?wsdl

Refer to this post for 2-way SSL setup and follow below steps to import the certificate into trust store.

trust

trust1

importcert

importcert1

Note that KSS does not support certificate in binary format which is the default encoding used by JKS. We can use –rfc option of keytool command to export the certificate into printable encoding format as shown below.

keytool -export -keystore .\soakeystore.jks -file cert.cer -alias localsoa -rfc

Note:

When no Private Key Passphrase is mentioned in the SSL tab, em console is not accessible and following errors are shown in the log.

em

References:

https://docs.oracle.com/middleware/1212/owsm/OWSMS/configure-owsm-ssl.htm#OWSMS119

https://docs.oracle.com/middleware/1212/idm/JISEC/kssadm.htm#JISEC9596

Advertisements

MAF 2.2 to MAF 2.3 observations

Continuing with previous article, the same MAF application has been migrated to 2.3 and here i want to highlight my observations. As usual, the list is not exhaustive and depends on the features that we used. For  more information on 2.3 release, refer to documentation here.

  • Now the default Alta Skin version is 1.5, however we need to manually modify to this version in maf-config.xml.
  • Since Windows 10 support is added, now migrated application will have windows related resources and deployment profile.
  • The plugin-ids for core plugins Contacts are changed to cordova-plugin-contacts.
  • Now maf-application.xml shows cordova engine versions supported by MAF for each platform (Android, iOS, Windows).
  • Login connection configuration does not have Mobile-Social as one of the mechanisms and users are advised to use oAuth2.
  • oracle/wss_http_token_over_ssl_client_policy is not listed in OWSM policies in Security section of maf-application.xml.
  • All allowed URL Schemes that are allowed to be accessed have to be listed in maf-application.xml -> security for iOS.
  • Whitelisting is removed from maf-application.xml and also the API AdfmfJavaUtilities.addWhiteListEntry(Entries) are deprecated.  Refer to this post for implementing this functionality manually.
  • Now the RestServiceAdapter to be initialized in the following manner and old class has been deprecated. Observe the imports below.

                             import oracle.maf.api.dc.ws.rest.RestServiceAdapter;
                             import oracle.maf.api.dc.ws.rest.RestServiceAdapterFactory;                       

                             RestServiceAdapter restAdapter = RestServiceAdapterFactory.newFactory().createRestServiceAdapter();

  • setRequestType() method in RestServcieAdapter is modified to setRequestMethod().

I observed the following issues are resolved in MAF 2.2:

  • Fcaed some issues with plugman during the installation of cordova plugins (e.g.: Barcode scanner) in linux envs when used symbolics based Source control system. Basically, its an issue with symbolic links.

Using ADFBC REST Services in MAF

This article is presented in tutorial format and can be downloaded from here and sample application from here.

MAF 2.3.2 Released!!

Oracle Mobile Application Framework (MAF) version history is available here.

MAF 2.3.2

A few of the prominent features include IPV6 support in iOS (mandated by Apple since 1 June 2016), built-in federated authentication support and support for generating quick start page layouts for common mobile patterns.

Refer to this link for list of all new features in this release.

MAF 2.3.1

Refer to this link for list of all new features in this release.

MAF 2.3.0.1

This is a small release having fixes for some of the iOS deployment issues.

Refer to this link for list of fixes included in this release.

MAF 2.3

The prominent features included in this release are support for Windows and Enterprise Mobile Management (EMM). This version of MAF includes the support for Cordova 4.1.1 for Android platform and 4.0.1 for iOS platform . Starting from May 2-16, Google Play store blocks applications using Cordova version <4.1.1 so users should upgrade their applications to this release if it has to be uploaded to play store.

Refer to this link for list of all new features in this release.

MAF 2.2.2

There are no.of features deprecated in this release and refer to release notes below.

MAF 2.2.1

MAF introduced XCode 7 support but did not mention Android 6.0 (Marshmellow) in certification information. I was waiting for this update as i faced a few issues in 2.2 release as i mentioned here.

MAF 2.2

Oracle had released Mobile Application Framework (MAF) 2.2 last week and one of the awaiting releases. You can find the links below:

You can observe some of the features are deprecated in this release including Webservice Data Control for SOAP Services and recommends customers to use REST services with JSON.

MAF 2.1

You can find a nice tutorial on MAF here though not specific to this release.

Installing Cloud Adapters

When JDeveloper 12.1.3 is installed, the Sales force adapter is shown and available by default but the other cloud adapters like Sales Cloud, Right Now, HCM Cloud etc.. will not be available. In this post, I will show how to install these adapters through patches provided by Oracle.

These integration adapters can be downloaded from here and available on top of 12.1.3.0.1 (BP1). Do download Oracle Cloud Adapters 12.1.3.0.1.

Installation:

  • Install Oracle SOA 12.1.3 using quick installer.
  • Apply p19707784 using OPatch  to bring it to BP1. Refer to this post for additional help on OPatch utility.
  • Unzip the above download and observe the following patches available.

patch

  • Apply p20680367* and p20780464* in same middleware home.
  • Create JDeveloper shortcut from below location and open to observe the cloud adapters Eloqua Adapter, Oracle HCM Cloud, Oracle RightNow and Oracle Sales Cloud available in Cloud section. You will get to see this section when you create new SOA or Service Bus Application.
       MW_HOME/jdeveloper/jdeveloper.exe

cloud

  • If you are not seeing these adapters, add –clean** option as shown below in your desktop shortcut and re-open JDeveloper.  

MW_HOME\jdeveloper\jdeveloper.exe -clean

* Always read the patch README files and follow the available instructions.

** I thank my colleague who helped me by providing this workaround.

ADF BC REST Services Articles

Sample application can be found here.

ADF BC REST Services–III – Using Row Finder

In this post, we will see how to use Row Finder in ADF BC REST services.

Open REST resource VO and create a View Criteria as shown below having 2 bind variables for Department name and Location ID.

vc

vc1

Go to Row Finders section and create new one with searhByDeptName.

rf0

Here we can observe that above VC is selected by default. In Variables section as shown below, we can also set whether bind variable is allowed to be passed in REST resource URL along with Required settings.

rf

Deploy the application and use any REST client to test GET method using the following urls. Observe the usage of row finder and bind variables.

Passing single bind variable:

http://localhost:7001/departmentApi/rest/r1/departments?finder=searchByDeptName;bindDeptName=A

Passing both bind variables:

http://localhost:7001/departmentApi/rest/r1/departments?finder=searchByDeptName;bindDeptName=A,bindLocId=1800

Now mark bindLocId variable as required and try to test without using it in the URL and you will observe the error as shown below.

error

Using Translate activity for XML to JSON

In this post, we will discuss about using Translate activity for converting XML to JSON. This is one of the functionalities I wanted to try since release of 12c as nxsd has been enhanced to handle JSON as well. So I tried this using BPEL in both 12.1.3 and 12.2.1 but found to be not working as expected. Hence I will just mention about approach to use Translate activity. And will show you how its working with File Adapter.

Create a BPEL process and drag Translate activity.

translate

trbpel

Click gear icon to define NXSD schema as per required JSON data.

native

Finish the wizard as shown below to create NXSD.

step1

step2

step3

step4

finish

Create BPEL variable varJson of NXSD complex type as shown below.

varjson

Create XSLT transformation to transform the input variable to varJson. For simplicity, we considered the NXSD structure almost similar to inputVariable.

xform

xform1

Now modify Translate activity by giving required values for all other fields.

translate2

Click OK. Now our BPEL process should look like below.

bpel

Deploy the composite and test to observe the following error.

input

error

This seems to be a bug as I observed same error in which ever way I tried. So if any readers tried this and able to get it right please do let me know.

However, the same XML to JSON translation is working as expected with File Adapter. Create file adapter using below screenshots using Write operation.

filestep1

filestep2

filestep3

filestep4

filestep5

filestep6

Now in BPEL process, create invoke activity to invoke the file adapter.

invokefilewrite

composite

Now create XSLT to transform inputVariable to inputFileWrite.

xformtofile

xform

Now deploy composite again and test using same input as above. Now  we will observe an output file in directory D as shown below.

ddir

json

You can find a sample project here having both of the cases discussed above.

ADF BC REST Services–II – Change Indicator

In ADF, often we see error saying ‘JBO-25014: Another user has changed the row with primary key oracle.jbo.Key’. The framework throws this error to make sure that none of the user changes are accidentally overwritten by another user and generally occurs when a user trying to modify record that has been just modified and committed by another user. In this post, we will see how to take care of this scenario using ADF BC REST services in context of HTTP PATCH.

ADF BC REST Services make use of attribute called changeIndicator  which can be observed in response of GET.

Follow the steps mentioned below to enable this in a resource:

  • EO should have an attribute marked as Change Indicator and set Track Change History as shown below.

ovn

  • Add this attribute in VO i.e to be exposed as REST resource.

ovnvo

Deploy your changes and issue GET to observe changeIndicator as below.

get

cin

for e.g. changeIndicator for department 10 (resource instance):

ACED0005737200136A6176612E7574696C2E41727261794C6973747881D21D99C7619D0300014900047
3697A65787000000001770400000001737200116A6176612E6C616E672E496E746567657212E2A0A4F7
81873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08
B02000078700000000178

Now update department 10 using following sql query to simulate the actual update.

update departments set department_name = ‘Administration-modified’, object_version_number = object_version_number+1
where department_id = 10

Issue GET again on same resource and observe the changeIndicator.

ACED0005737200136A6176612E7574696C2E41727261794C6973747881D21D99C7619D0300014900047
3697A65787000000001770400000001737200116A6176612E6C616E672E496E746567657212E2A0A4F7
81873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08
B02000078700000000378

 

cin1

As observed above, the value of changeIndicator changes with each update and is calculated by RESTServlet registered in web.xml of RESTWebService project.

restsvlt

Here is an interesting observation and do issue issuing GET for department 10.

http://localhost:7001/departmentApi/rest/r1/departments/10

If we observe HTTP response headers, the value of ETag is same as that of changeIndicator. Hence changeIndicator works in similar lines of ETag defined in HTTP specification.

etag

Now let us observe the behavior of REST resource when  ETag is used for If-Match/If-None-Match HTTP headers during GET and PATCH. Basically these HTTP headers tells server to do requested operation when sent Etag value matches or did not match respectively.

Make sure you enclose ETag value with “ (double quotes) as shown below.

If-None-Match:

Using GET:

  • When resource is not modified, returns status code as 304.

getnonematch

  • When resource is modified, returns response with new changeIndicator value.

getnonematch1

Using PATCH:

  • When resource is not modified, returns response status code as 412.

patchnonematch

  • When the resource is not modified, then returns response with new changeIndicator value after update.

patchnonematch1

If-None-Match

Modified

Not Modified

GET

Status:200
(Query Successful)
Status: 304

PATCH

Status: 200
(Update Successful)
Status: 412

If-Match:

Using GET:

  • When resource is not modified, resource is returned.

getmatch1

  • When resource is modified, expected response status code is 304 but shows 200 with junk response.

getmatch3

Using PATCH:

  • When resource is not modified, returns response with new change Indicator value after update.

getmatch2

  • When resource is modified, expected response status code is 412 but shows 200 with junk response. However you will observe that the actual update is not happening though it returns 200.

patchmatch1

If-Match

Modified

Not Modified

GET

Status:304 Status:200
(Query Successful)

PATCH

Status:412 Status: 200
(Update Successful)

Note: As you observed above, ETag combination with If-Match header is not working as expected which is a bug in this release.

References:

http://docs.oracle.com/middleware/1221/adf/develop/GUID-589F3905-5A8D-402D-B2D2-3BEEB2D7DDD4.htm#ADFFD54158

ADF BC REST Services-I

In this blog post, We will see how to expose ADF VOs as REST resources. ADF has got native REST support in 12.2.1 release.

We will use Department, Employee VOs and following AM Data Model here.

vos

am

Creating Release Version:

Creating a release version in adf-config.xml is the first step to be done before exposing any of the AM VOs as resource. Use the following steps to create one and you can follow your own conventions for versioning REST resources. Here I  have given the initial version as r1.

relversion

rel1

relactive

Expose VO as REST resources:

Open AM and navigate to Web Service –> REST and Click + icon.

restampage

Creation of REST resources create a new project RESTWebService.jpr in our workspace that can be deployed as WAR through which these REST services get deployed.

restws

Give the resource name as shown below and click OK.

createrest

Observe the new RESTWebService project gets created.

restws1

Also observe other files related to REST resources that get created as shown below.

files

You can use the following tabs to choose the methods to be exposed and the attributes to be exposed to consumers.

attr

When a VO has View Links the Resource Structure will show all these VOs as shown below. Check these VOs as shown below if it has to be exposed as child resource.

restdetail

Deployment:

Modify context root of RESTWebService project as shown below representing the purpose of your REST API.

deptApi

Optionally, we can modify URL pattern in web.xml as shown below.

urlp

Integrated WLS:

Select RESTWebservice project and do Run on right click as shown below.

runintg

Standalone WLS:

Create EAR profile for ADF application and include RESTWebService project as shown below and deploy this EAR to standalone WLS.

ear

Once the deployment is done, you can access the REST resource using url like:

http://<<host>&gt;:<<port>>/<<ContextRoot>>/<<url pattern>>/<<version>>/<<resource name>>

For e.g.: http://localhost:7001/departmentApi/rest/r1/departments

We can also use latest keyword to access the latest version of the resource.

For e.g.: http://localhost:7001/departmentApi/rest/latest/departments

You can use any REST client to try out POST, DELETE, PUT, PATCH depending on the operations you exposed on REST resource.

Describing Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/describe

Describing Resource Instance – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/10/describe

 

Querying Departments – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments

Querying a particular Department – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Creating Department – POST:

URI: http://localhost:7001/departmentApi/rest/r1/departments

Content-Type: application/vnd.oracle.adf.resourceitem+json

Body:

{
“DepartmentId”: 1000,
“DepartmentName”: “Administration”,
“ManagerId”: 200,
“LocationId”: 1700
}

Deleting a Department – DELETE:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Updating a Department – POST:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Content-Type: application/vnd.oracle.adf.resourceitem+json

X-HTTP-Method-Override: PATCH

Body: (contains only fields to be modified)

{
“DepartmentName”: “Administration-Modified”
}

Replacing a Department – PUT:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Content-Type: application/vnd.oracle.adf.resourceitem+json

Body: (Values not sent in body will be set to null)

{
“DepartmentId”:10,

“DepartmentName”: “Administration-Replace”,
“ManagerId”: 100
}

Querying Department for a few fields – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?fields=DepartmentName,ManagerId

Querying a Department using an attribute – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}?q=DepartmentName=Administration

Querying a Department for only Data – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?onlyData=true

Will not fetch any links or  metadata for resource instances in response.

Sorting Departments – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?orderBy=DepartmentName:asc

URI: http://localhost:7001/departmentApi/rest/r1/departments?orderBy=DepartmentName: desc

Limiting the records in Querying Departments – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?limit=2

Fetches only 2 records.

Querying Departments from a particular record– GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?offset=2

Fetches only 2 records.

URI: http://localhost:7001/departmentApi/rest/r1/departments?offset=2&limit=5

Fetches 5 records starting from 2nd record.

Expanding a Child Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?expand=Employee (Child Resource Name)

Querying Child Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}/child/Employee

Querying a particular Child Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}/child/Employee/{Child Resource Id}

Querying a Child Resource using an attribute – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}/child/Employee?q=FirstName=Jennifer

References:

http://docs.oracle.com/middleware/1221/adf/develop/GUID-8F85F6FA-1A13-4111-BBDB-1195445CB630.htm#ADFFD589

http://docs.oracle.com/middleware/1221/adf/develop/GUID-589F3905-5A8D-402D-B2D2-3BEEB2D7DDD4.htm#ADFFD54082


Advertisements

Pages

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 337 other followers

Enter your email address to follow this blog and receive notifications of new posts by email.