This document summarizes the steps of deploying ActiveVOS on oracle Weblogic Platform.

logic Overview This document summarizes the steps of deploying ActiveVOS on oracle Weblogic Platform. Legal Notice The information in this document is preliminary and is subject to change without notice and should not be construed as a commitment by Active Endpoints. Active Endpoints is providing the planned functionality information contained herein for informational purposes only. Future product releases may differ materially from these plans in functionality and/or timing. Active Endpoints makes no representations or commitments that certain functionality will in fact be released and Active Endpoints assumes no duty to update this information. Copyright (c) 2011 Active Endpoints Incorporated. Document Revision History Revision Date Author Changes 1.0 22 March 2011 AEI First Release

Table of Contents Oracle Weblogic Terminology... 3 Installation Guidelines... 4 Quick Start Guide... 4 Download and Install... 4 Bring up and Configure Weblogic... 4 Database Configuration for Oracle Weblogic... 4 Configuring MySQL JDBC Database Source... 4 Configuring Oracle JDBC Database Source... 5 Installing or Updating ActiveVOS Enterprise... 8 Installing Weblogic in a Cluster... 8 Installing or Updating ActiveVOS Enterprise in a Cluster... 8 Identity management for ActiveVOS in Weblogic... 9 File Based Configuration... 10 Adding user and groups to default Realm... 10 LDAP Based Configuration... 13 Adding LDAP provider... 13 Appendix A Sample Installation Screenshots... 16 Appendix B Sample weblogic_ user.xml... 25 2/27

Oracle Weblogic Terminology During the Weblogic installation, you may encounter a mix of standard and non- standard technical terms from the Application Server technology space. The following is a list of some of the terms you may encounter as well as well as an explanation of each: Domain The logical collection of Weblogic managed server instances that are controlled by an individual Administration Server and a Node Manager. Machine It is a logical representation of a physical machine within the administrated domain. A machine must be defined for each server instance within a domain and would require additional configuration for ActiveVOS such as (JDJ TODO) configuration of Work Managers. Node Manager A utility application running on each physical machine that enables remote administrative control of managed servers. Managed Server The running J2EE container instance hosting applications and resources deployed. ActiveVOS Enterprise would reside in a single instance, or in the case of a cluster, several. Administration Server Another type of server, typically used for control of various managed servers. Configuration of the servers is usually here, as well as setup of domain settings. The web administration interface is available usually on the default location, when setup locally, at http://localhost:7001/console/ Logging For server logging, refer to ~ \domains\<your_domain>\servers\<your_server>\logs For Domain logging, refer to Node Manager Logs, usually ~\<wls_install>\common\nodemanager\nodemanager.log 3/27

Installation Guidelines Please refer to the latest installation instructions at http://infocenter.activevos.com/infocenter/activevos/v80/topic/com.activee.rtbpeladmin.ente rprise.help.install_config_deploy_guide/weblogic/html/overview.html Also, for screenshots of a typical installation, please refer to the appendix A at the end of this technote. Quick Start Guide This section provides a quick series of steps as an outline for the installation of Weblogic and ActiveVOS. It can also be used as a section for experienced users of these applications as an abbreviated installation guide Download and Install Download Weblogic installer, ActiveVOS server installer and JDBC libraries needed for ActiveVOS installer. The ActiveVOS installer can be run without configuration details. The Weblogic installer would require, on the local system a server location and domain location. Bring up and Configure Weblogic Both Weblogic and a Node manager need to be running for an ActiveVOS installation. A machine, data source and server need to be designated in a clean Weblogic installation. Machine setup would require only JVM identification; record the name for server designation. Server setup would require identifying machine for use. Settings that impact ActiveVOS are the Port location (defaulted to 8080 in ActiveVOS) and security realm (based on JDBC, LDAP, or local identity list). Data Source setup requires identifying your JDBC resource ActiveVOS to use. This has to be identical to the resource information passed to ActiveVOS configuration and installation utility. You will specify settings of the data source to be available to specific servers, required by the server hosting ActiveVOS. Database Configuration for Oracle Weblogic Before installing ActiveVOS on weblogic, a JDBC data source needs to be configured. To help with the data source setup, sample configurations for MySQL and Oracle databases are described below. Configuring MySQL JDBC Database Source 1)-Create a database and a database user in MySQL. 2)-In weblogic admin console > JDBC > Datasources > create a new data source. 4/27

3)-Specify data source parameters (URL, driver class, database user details).it should be noted that the JDBC connection string should be of the following form: jdbc: mysql: //server_name:port/database_name?useunicode=true&characterencoding=utf- 8&characterSetResults=utf8 4) - Start the managed server(s) or the cluster. On the Target tab, select the server or the clusters on which you would like to deploy this JDBC data source. 5)-Test the data source. Make sure it connects successfully. Configuring Oracle JDBC Database Source 1)-Create a database and a database user in oracle. 2)-In weblogic admin console > JDBC > Datasources, create a new datasource. 3)-Specify datasource parameters (URL, driver class, database user details). 4) - Start the managed server(s) or the cluster. On the Target tab, select the server or the clusters on which you would like to deploy this JDBC data source. 5)-Test the data source. Make sure it connects successfully. Sample screenshots for setting up the data source are shown below: 5/27

6/27

7/27

Installing or Updating ActiveVOS Enterprise 1. Using weblogic console > Deployments > Install, you can install/update ActiveVOS ear file (ave_weblogic.ear) on the managed server (make sure the managed server is running). Another way to update/install ActiveVOS server and ActiveVOS central is to run the installer utility config_deploy.bat (please see the appendix at the end of this document for sample installation screenshots). While running the installer utility, you can always refer to the contextual help in each of the screens. ActiveVOS also provides two other modes of installation console mode and silent mode. Please refer to the following link for more information: http://infocenter.activevos.com/infocenter/activevos/v80/topic/com.activee.rtbpeladmin.ente rprise.help.install_config_deploy_guide/weblogic/html/configuration_wizard.html 2. After you have installed ActiveVOS server and central, here are a couple of steps you would need to perform to get ActiveVOS server up and running: A. In weblogic console > Deployments, start ActiveVOS server and ActiveVOS central. B. Navigate to ActiveVOS console using the URL - http://server_name:port/activevos. C. Login using a user credentials who is a member of abadmin role (please see the identity management section of this document to setup users and roles in weblogic). D. Navigate to Admin > License. Add the license. Navigate to Admin > Server Status and start the server. Make sure it starts without any errors. E. Navigate to Admin > Identity Service and configure the identity service and test for a couple of users. You may also want to configure the Email service. F. Navigate to ActiveVOS central using the URL - http://server_name:port/activevoscentral. Login using a user credentials who is a member of abtaskclient. Installing Weblogic in a Cluster A cluster can be defined as two Weblogic managed server instances, these share a domain name and multicast address, are controlled by the same Work Manager and Administrative server. For more information, please refer to weblogic documentation. Installing or Updating ActiveVOS Enterprise in a Cluster 1. Using weblogic console > Deployments > Install, you can install/update ActiveVOS ear file (ave_weblogic.ear) on a cluster. Another way to update/install ActiveVOS server and ActiveVOS central is to run the installer utility config_deploy.bat (please see the appendix at the end of this document for sample installation screenshots). 2. After you have installed ActiveVOS server and central, here are a couple of steps you would need to perform to get ActiveVOS server up and running: A. In weblogic console > Deployments, start ActiveVOS server and ActiveVOS central. 8/27

B. Navigate to ActiveVOS console using the URL - http://server_name:port/activevos. C. Login using a user credentials who is a member of abadmin role (please see the identity management section of this document to setup users and roles in weblogic). D. Navigate to Admin > License. Add the license. Navigate to Admin > Server Status and start the server. Make sure it starts without any errors. E. Navigate to Admin > Cluster. Make sure all the nodes are up and running. In case, a particular node is stopped, click on the node and click 'Start Engine'. F. Navigate to Admin > Identity Service and configure the identity service and test for a couple of users. You may also want to configure the Email service. G. Navigate to ActiveVOS central using the URL - http://server_name:port/activevoscentral. Login using a user credentials who is a member of abtaskclient. Identity management for ActiveVOS in Weblogic While running the installer utility, you can secure your admin console so that only the authenticated users have access to the ActiveVOS Server and the deployed processes. Also, the ActiveVOS central is by default secured. To provide permission to required groups of users to access ActiveVOS, you would need to set identity service in ActiveVOS console. The links below provide more information on ActiveVOS security setup: http://infocenter.activevos.com/infocenter/activevos/v80/topic/com.activee.rt.bpeladmin.ent erprise.help.serverguide/html/svrug3-3.html http://infocenter.activevos.com/infocenter/activevos/v80/topic/com.activee.rt.bpeladmin.ent erprise.help.serverguide/html/svrug3-2.html Different types of providers can be used with the identity service. These include File based Authentication, LDAP, JDBC and LDIF as shown below: 9/27

To provide general guidelines in setting up the identity service, the file based configuration and LDAP based configuration are described below: File Based Configuration For setting up file based configuration, you define your required users and roles in an XML file, put this file in an accessible location on your server and add the users and roles to weblogic security realm. This can be done in the following way: Adding user and groups to default Realm To specify ActiveVOS security roles such as abadmin, abtaskclient in weblogic server: 1. Login to weblogic console. 2. Click on Security Realms in the left panel. 3. Click on 'my Realm' that appears in Summary of Security Realms. 4. In the Settings for my realm, click on 'Roles and Policies' tab. 5. In the Roles table that appears below, expand 'Global Roles' and click on Roles. 10/27

6. To add a new role, click on New, and then specify the role ( abtaskclient, for example). Please note that this role case sensitive and it needs to be as it is mentioned here. Also please ensure that it is the same in the XML file (weblogic_users.xml).you could leave the Provider name as: XACMLRoleMapper. 7. Click on Ok and ensure that the role has got added to the Global roles table. This way, you can add ActiveVOS roles in weblogic. Now, you need to add users for these roles: 8. Repeat steps 2 and 3. 9. In the Settings for my realm, click on 'Users and Groups' tab. 10. Click on New in the Users. Fill in the details for new user. This user name should match with the XML file you are using with Identity Service. Now, you need to map the users to the Roles. 11. Repeat steps 2, 3, 4 12. In the Roles table that appears below, expand 'Global Roles' and expand the Roles. 13. You will find the role that you have added recently. Select the radio button, present before the new role and click on Edit Role. (For weblogic 10, click on the role such as abtaskclient and click Add Conditions. Select User from Predicate List. Enter username in the user argument name box. Click Add. Click Finish. Click Save. ) 14. Click on Add and then Next. In the Predicate list dropdown, select 'User' and then click on Next. 15. In the 'User Argument Name', type the recently added User and then click on Add. 16. Click on Finish and then click on Save. When all the users have been added to the roles, please stop and start the deployments and the managed server, login to ActiveVOS console, set up the identity service and test it as shown below: 11/27

12/27

Also, using the user credentials defined in weblogic admin console and the sample XML, you should be able to login to ActiveVOS central also. You can refer to Appendix B of this technote for a sample weblogic_users.xml. LDAP Based Configuration LDAP provides for user authentication within any managed server, and is shared with the ActiveVOS identity service. Both need to be correctly configured to use ActiveVOS Central and WS-HT services. Refer to ActiveVOS Identity Service for information regarding configuration at the following link: http://infocenter.activevos.com/infocenter/activevos/v80/topic/com.activee.rt.bpeladmin.ent erprise.help/html/svrug6-7-2.html Adding LDAP provider WLS security realm would use an LDAP provider as a source for Authentication. Once this provider is created, or any change to LDAP provider settings, the servers, and most likely the Administration server, would require a restart. To add an Active Directory Based Provider Under Domain Structure Navigation Tree, select Security Realms, then my Realm (the default realm created) 13/27

Select the Provider tab, the Authentication sub-tab and click New to add a provider. The next screen will allow entry of a name and a type of provider to use, in this case ActiveDirectoryAuthenticatior. Once created, your local LDAP settings need to be added. Select the provider, click the Provider Specific tab, and update your LDAP settings here. Additionally, setting the Control Flag under the Common tab would be needed for native WLS credentials to work. Restart the server. Login to ActiveVOS console > Admin > Identity Service, set up the LDAP based identity service and test it as shown below: 14/27

15/27

Appendix A Sample Installation Screenshots After you have configured your weblogic environment (i.e. setting up managed servers, the data source and security), you can run the installer utility config_deploy.bat (usually located in..server\server-enterprise\weblogic_config\bin) to install ActiveVOS Server and ActiveVOS Central. Here are the screenshots of a typical installation (assuming a weblogic cluster with Oracle database): 16/27

17/27

18/27

19/27

[Note: Please select the Administrative functions checkbox if you need to secure ActiveVOS console.] 20/27

21/27

22/27

23/27

24/27

Appendix B Sample weblogic_ user.xml <? xml version='1.0' encoding='utf-8'?> 25/27

<weblogic-users> <! -- Task inbox roles --> <role name="abadmin"/> <role name="abtaskclient"/> <role name="abdeployer"/> <! -- ActiveVOS demo roles--> <role name="chiefestimatorgroup"/> <role name="powertrainspecialistgroup"/> <role name="exteriorspecialistgroup"/> <role name="interiorspecialistgroup"/> <role name="accountmanagergroup"/> <! -- ActiveVOS samples roles --> <role name="loanreps"/> <role name="loanmgrs"/> <role name="loancsrs"/> <! -- ActiveVOS demo users--> <user name="manager" password="manager" roles="abtaskclient, AccountManagerGroup, loanmgrs, loanreps, loancsrs"/> <user name="chief" password="chief" roles="abtaskclient, ChiefEstimatorGroup"/> <user name="power" password="power" roles="abtaskclient, PowerTrainSpecialistGroup"/> <user name="exterior" password="exterior" roles="abtaskclient, ExteriorSpecialistGroup"/> <user name="interior" password="interior" roles="abtaskclient, InteriorSpecialistGroup"/> <! -- ActiveVOS samples users --> <user name="loanrep1" password="loanrep1" roles="abtaskclient, loanreps"/> <user name="loanrep2" password="loanrep2" roles="abtaskclient, loanreps"/> <user name="loanrep3" password="loanrep3" roles="abtaskclient, loanreps"/> 26/27

<user name="loanmgr1" password="loanmgr1" roles="loanmgrs, abadmin, abtaskclient"/> <user name="loanmgr2" password="loanmgr2" roles="abtaskclient, loanmgrs, loanreps"/> <user name="loancsr1" password="loancsr1" roles="abtaskclient, loancsrs"/> <user name="reviewer1" password="reviewer1" roles="abtaskclient, Reviewers" email="mohammad.khan@activevos.com"/> <user name="reviewer2" password="reviewer2" roles="abtaskclient, Reviewers" email="mohammad.khan@activevos.com"/> <user name="businessadmin1" password="businessadmin1" roles="abtaskclient, Reviewers, BusinessAdmin" email="mohammad.khan@activevos.com"/> <user name="businessadmin2" password="businessadmin2" roles="abtaskclient, Reviewers, BusinessAdmin" email="mohammad.khan@activevos.com"/> </weblogic-users> 27/27