Tuesday Sep 09, 2014

Oracle SOA Suite 12c New Features: Creating SOA Project Templates for Reusing SOA Composite Designs

By Joe Greenwald, Principal Oracle University Instructor


In SOA Suite 12c, we create application integrations and business processes designed as services composed of processing logic, data transformation and routing, dynamic business rules and human tasks in the form of XML-based metadata. The graphical representations of these services are created in JDeveloper using its graphical editors. Since these services are composed of individual, separately configurable components, we call this a composite service. Once deployed to and hosted by Oracle SOA Suite, this service looks and acts like any other web service to its clients.

It would be highly productive and desirable to be able to easily create templates for service designs that could be reused across teams and projects. Using quality designs and tested patterns as the starting point for new services speeds up development while also supporting widespread adoption of quality and standards in service design.

SOA Suite 12c automates creation and management of templates of service composites, as well as individual service components. The service project templates we create will be stored and managed in the file-based MDS, so they can easily be shared with other developers.

We have an existing service composite that we would like to clone or use as the basis of new service composite. Once we create the new service based on the template, we’ll be able to make modifications to it as needed.

Here is the current Service:

pic1

The service exposes a web service entry point, OrderStatus whose interface is implemented by convertWS mediator. ConvertWS transforms the incoming message as needed and routes the message to be processed by GetStatus, a Business Process Execution Logic (BPEL)-based component. The BPEL process accesses the database through the database adapter, OrderDB, to check order status and then writes the status to a flat file via the file adapter, writeQA.

We’d like to start with this service and then create a new, separate project and service that will have the same starting structure. Then we can make modifications to suit our particular needs.

We begin by creating the service composite template from the existing project.

  1. Create or find a SOA Suite 12c Service Composite to use as the basis for the template and open it in JDeveloper 12c.

  2. pic2

  3. Right-click the project or composite name and select Create SOA Template.

  4. pic3

  5. Click the Save In icon to select the location for storing the template: in the file system or file-based MDS for reuse. We are using the file-based MDS to enable easier sharing and reuse and use a single repository for storing assets.

  6. pic4

  7. Select which parts of the service project to include in the template. You can choose to not add certain components or assets to the template.

  8. pic5

  9. Save the template.

    Now that the template is created, we can reuse it here in our application, or share it as a jar file or since we checked it into the file-based MDS, then we can share it with other developers who have access to the MDS.

To create a new service composite based on the template:

  1. Create a new SOA Project.

  2. pic6

  3. Select a name for the project.


  4. Select the SOA Template radio button and then select the template form the list.

  5. pic7

  6. The new project is created based on the template.

  7. pic8

You can now edit the new project as you see fit.

The ability to create reusable templates is included with components: you can create a mediator or BPEL process and save that as a template for reuse. The process is similar to creating a template for a service composite.

  1. Right-click on the component to use as the basis for the template.

  2. pic9

  3. Select Create Component template, and choose where to save it.


  4. pic10

  5. Choose which files to bundle with the template and Finish.
  6. pic11

    Once the component template is created, you can view it in the Component Window.

    pic12

    To use the component template:

  1. Drag and drop the template onto your service component editor.

  2. pic13

  3. Choose the name for the component and which files to include from the template.

  4. pic14

  5. If there are conflicts with existing files, use the wizard to resolve them as needed and Finish.
  6. pic15

    When finished, you have a new component with the same configuration as the template added to your service composite. You can now edit the new component as needed.

    pic16

In this blog we saw the benefits of using templates to create new SOA service composites and components that can save you development time and increase quality in your Oracle SOA Suite 12c service designs. The templates created can be stored in a local file system or the file-based MDS for reuse.


Get Started with the new Oracle SOA Suite 12c: Essential Concepts training course. View all Oracle SOA Suite training from Oracle University.


About the Author:

joegreenwald

Joe Greenwald is a Principal Instructor for Oracle University. Joe has been teaching and consulting for Oracle for over 10 years and teaches many of the Fusion Middleware courses including Oracle SOA Suite 11g, Oracle WebCenter Content 11g and Oracle Fusion Middleware 11g. Joe’s passion is looking at how best to apply methodologies and tools to the benefit of the development organization.

Friday Jun 06, 2014

Oracle GoldenGate 12c New Features: Trail Encryption and Credentials with Oracle Wallet

Untitled Document

By Randy Richeson, Senior Principal Instructor for Oracle University

Students often ask if GoldenGate supports trail encryption with the Oracle Wallet. Yes, it does now! GoldenGate supported encryption with keygen and the ENCKEYS file for years. GoldenGate 12c now also supports encryption using the Oracle Wallet. This improves security and simplifies its administration.


Two types of wallets can be configured in GoldenGate 12c:

  • The wallet that holds the master key, used with trail or TCP/IP encryption and decryption, stored in the new 12c dirwlt/cwallet.sso file.
  • The wallet that holds the User Id and Password, used for authentication, stored in the new 12c dircrd/cwallet.sso - credential store - file.

 

A wallet can be created using a ‘create wallet’ command. Once created, adding a master key to an existing wallet is easy using ‘open wallet’ and ‘add masterkey’ commands.

 

GGSCI (EDLVC3R27P0) 42> open wallet

Opened wallet at location 'dirwlt'.

GGSCI (EDLVC3R27P0) 43> add masterkey

Master key 'OGG_DEFAULT_MASTERKEY' added to wallet at location 'dirwlt'.

 

Existing GUI Wallet utilities such as the Oracle Database “Oracle Wallet Manager” do not work on this version of the wallet. The default Oracle Wallet location can be changed.

 

GGSCI (EDLVC3R27P0) 44> sh ls -ltr ./dirwlt/*

-rw-r----- 1 oracle oinstall 685 May 30 05:24 ./dirwlt/cwallet.sso

GGSCI (EDLVC3R27P0) 45> info masterkey

Masterkey Name:                 OGG_DEFAULT_MASTERKEY

Creation Date:                  Fri May 30 05:24:04 2014

Version:        Creation Date:                  Status:

1               Fri May 30 05:24:04 2014        Current

 

The second wallet file stores the credential used to connect to a database, without exposing the UserId or Password in a parameter file or macro. Once configured, this file can be copied so that credentials are available to connect to the source or target database.

 

GGSCI (EDLVC3R27P0) 48> sh cp ./dircrd/cwallet.sso $GG_EURO_HOME/dircrd

GGSCI (EDLVC3R27P0) 49> sh ls -ltr ./dircrd/*

-rw-r----- 1 oracle oinstall 709 May 28 05:39 ./dircrd/cwallet.sso

 

The encryption wallet file can also be copied to the target machine so the replicat has access to the master key when decrypting any encrypted records the trail. Similar to the ENCKEYS file, the master key wallet created on the source host must either be stored in a centrally available disk or copied to all GoldenGate target hosts. The wallet is in a platform-independent format, although it is not certified for the iSeries, z/OS, or NonStop platforms.

 

GGSCI (EDLVC3R27P0) 50> sh cp ./dirwlt/cwallet.sso $GG_EURO_HOME/dirwlt

 

The new 12c UserIdAlias parameter is used to locate the credential in the wallet.

 

GGSCI (EDLVC3R27P0) 52> view param extwest

Extract extwest

Exttrail ./dirdat/ew

Useridalias gguamer

Table west.*;


The EncryptTrail parameter is used to encrypt the trail using the FIPS approved Advanced Encryption Standard and the encryption key in the wallet. EncryptTrail can be used with a primary extract or pump extract.


GGSCI (EDLVC3R27P0) 54> view param pwest

Extract pwest

Encrypttrail AES256

Rmthost easthost, mgrport 15001

Rmttrail ./dirdat/pe

Passthru

Table west.*;

Once the extracts are running, records can be encrypted using the wallet.

 

GGSCI (EDLVC3R27P0) 60> info extract *west

EXTRACT    EXTWEST   Last Started 2014-05-30 05:26   Status RUNNING

Checkpoint Lag       00:00:17 (updated 00:00:01 ago)

Process ID           24982

Log Read Checkpoint  Oracle Integrated Redo Logs

                     2014-05-30 05:25:53

                     SCN 0.0 (0)

EXTRACT    PWEST     Last Started 2014-05-30 05:26   Status RUNNING

Checkpoint Lag       24:02:32 (updated 00:00:05 ago)

Process ID           24983

Log Read Checkpoint  File ./dirdat/ew000004

                     2014-05-29 05:23:34.748949  RBA 1483

 

The ‘info masterkey’ command is used to confirm the wallet contains the key. The key is needed to decrypt the data read from the trail before the replicat applies changes to the target table.

 

GGSCI (EDLVC3R27P0) 41> open wallet

Opened wallet at location 'dirwlt'.

GGSCI (EDLVC3R27P0) 42> info masterkey

Masterkey Name:                 OGG_DEFAULT_MASTERKEY

Creation Date:                  Fri May 30 05:24:04 2014

Version:        Creation Date:                  Status:

1               Fri May 30 05:24:04 2014        Current

 

Once the replicat is running, records can be decrypted using the wallet.

 

GGSCI (EDLVC3R27P0) 44> info reast

REPLICAT   REAST     Last Started 2014-05-30 05:28   Status RUNNING

INTEGRATED

Checkpoint Lag       00:00:00 (updated 00:00:02 ago)

Process ID           25057

Log Read Checkpoint  File ./dirdat/pe000004

                     2014-05-30 05:28:16.000000  RBA 1546

 

There is no need for the DecryptTrail parameter when using the wallet, unlike when using the ENCKEYS file.

 

GGSCI (EDLVC3R27P0) 45> view params reast

Replicat reast

AssumeTargetDefs

Discardfile ./dirrpt/reast.dsc, purge

UserIdAlias ggueuro

Map west.*, target east.*;

 

Once a record is committed in the source table, the encryption can be verified using logdump and then querying the target table.

 

SOURCE_AMER_SQL>insert into west.branch values (50, 80071);

1 row created.

SOURCE_AMER_SQL>commit;

Commit complete.

 

The following encrypted record can be found using logdump.


Logdump 40 >n

2014/05/30 05:28:30.001.154 Insert               Len    28 RBA 1546

Name: WEST.BRANCH

After  Image:                                             Partition 4   G  s  

 0a3e 1ba3 d924 5c02 eade db3f 61a9 164d 8b53 4331 | .>...$\....?a..M.SC1 

 554f e65a 5185 0257                               | UO.ZQ..W 

Bad compressed block, found length of  7075 (x1ba3), RBA 1546

  GGS tokens:

TokenID x52 'R' ORAROWID         Info x00  Length   20

 4141 4157 7649 4141 4741 4141 4144 7541 4170 0001 | AAAWvIAAGAAAADuAAp.. 

TokenID x4c 'L' LOGCSN           Info x00  Length    7

 3231 3632 3934 33                                 | 2162943 

TokenID x36 '6' TRANID           Info x00  Length   10

 3130 2e31 372e 3135 3031                          | 10.17.1501 


The replicat automatically decrypts this record from the trail using the wallet and then inserts the row to the target table. This select verifies the row was committed in the target table and the data is not encrypted.


TARGET_EURO_SQL>select * from branch where branch_number=50;

BRANCH_NUMBER                  BRANCH_ZIP

-------------                                   ----------

   50                                              80071

 

Book a seat in an upcoming Oracle GoldenGate 12c: Fundamentals for Oracle Ed 1 class to learn much more about using GoldenGate 12c new features with the Oracle wallet, credentials, integrated extracts, integrated replicats, coordinated replicats, the Oracle Universal Installer, a multi-tenant database, and other features.

Explore Oracle University GoldenGate classes here, or send me an email at randy.richeson[at]oracle.com if you have other questions.

About the Author:

randy

Randy Richeson joined Oracle University as a Senior Principal Instructor in March 2005. He is an Oracle Certified Professional (10g-12c) and GoldenGate Certified Implementation Specialist (10-11g). He has taught GoldenGate since 2010 and other technical curriculums including GoldenGate Management Pack, GoldenGate Director, GoldenGate Veridata, Oracle Database, JD Edwards, PeopleSoft, and the Oracle Application Server since 1997.

About

Expert trainers from Oracle University share tips and tricks and answer questions that come up in a classroom.

Search

Archives
« March 2015
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
    
       
Today