Friday, February 15, 2008
Compliance : What is PCI compliance and Solution
PCI DSS consists of 12 broad requirements such as protecting the network, protecting the data channel using SSL etc., implementing tight access control mechanism, protect the cardholder data etc.
Out of all the requirements protecting the card holder data is one requirement that generally takes most effort to implement, as the solution must be part of the core data and access.
Historically: for the applications that are part of mainframe and client/server applications, the solution is typically maintaining the public key as part of the client application in the form of a DLL or EXE to encrypt/decrypt the data.
Building Composite Applications: using SOA framework has it's own advantages but implementing the PCI compliance is on the disadvantage side. This is due to the reason of maintaining so many components that are loosely coupled, such as services, processes and composite services and J2EE applications that typically reside outside of the database.
The Solution is two fold:
1. Buy the technology that supports PCI compliance. Examples including a combination of technologies such as Oracle Advanced Security (ASO), Oracle Data Vault and/or Oracle Virtual Private Database (VPD).
2. Build a custom solution using encrypt / decrypt functions in the database using public/private key infrastructure.
We have implemented both the above solutions and has advantages based on the customer requirements and IT goals of the organization.
Thursday, February 14, 2008
Integration of Oracle SOA with mainframe technolgies
How to enable debugging in Oracle ESB
This can be resolved by enabling the ESB log level FINE in the Oracle application server control and below are the steps to do that.
1. Login into the Application Server Control at http://Server.Client.com:7777/em
2. Click on the oc4j_soa instance and Administration tab.
3. Click on Logger Configuration.
4. Now expand Root Logger / oracle to display the logger classes and the Log Level settings.
5. In the Log Level list, select the level FINE for the following classes
. oracle.tip.esb.server.common
. oracle.tip.esb.server.service
6. Restart the SOA suite to apply the changes and the logs can be found at
\\SERVER\\j2ee\oc4j_soa\application-deployments\esb-dt\oc4j_soa_default_group_1\application.log
\\SERVER\\j2ee\oc4j_soa\application-deployments\esb-rt\oc4j_soa_default_group_1\application.log
Wednesday, February 13, 2008
How to setup BPEL JNDI connection on the application server
-------------------------START--------------------------------
<jca:address location="eis/DB/App1" UIConnectionName="App1" />
<!-- ManagedConnectionFactory="oracle.tip.adapter.db.DBManagedConnectionFactory"
mcf.DriverClassName="oracle.jdbc.OracleDriver"
mcf.PlatformClassName="oracle.toplink.internal.databaseaccess.Oracle9Platform"
mcf.ConnectionString="jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=rac1)(PORT=1523))(ADDRESS=(PROTOCOL=TCP)(HOST=rac2)(PORT=1523))
(LOAD_BALANCE = yes)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = EENADU)
)
)"
mcf.UserName="app1"
mcf.Password="8234567129863157899ESDOWI3950MSXSOF" -->
-------------------------END------------------------------------------
If you want to wear the system administrator hat for a second, follow the below process to create the connection pool, data source and to configure the jndi location. This procedure is little different than the ESB.
1. Create the Connection Pool (eg. App1)
2. Create Data Source (eg. App1)
3. Goto /SERVER/j2ee/oc4j_soa/application-deployments/default/DbAdapter
4. Edit oc4j-ra.xml and add the folllowing
<connector-factory location="eis/DB/App1" connector-name="Database Adapter">
<config-property name="xADataSourceName" value="jdbc/App1"/>
<config-property name="dataSourceName" value=""/>
<config-property name="platformClassName" value="oracle.toplink.platform.database.Oracle9Platform"/>
<config-property name="usesNativeSequencing" value="true"/>
<config-property name="sequencePreallocationSize" value="50"/>
<config-property name="defaultNChar" value="false"/>
<config-property name="usesBatchWriting" value="true"/>
<connection-pooling use="none">
</connection-pooling>
<security-config use="none">
</security-config>
</connector-factory>
5. Restart the Application Server (or only OC4J_SOA instance)
6. Test the Web service using the following URL
7. http://server.client.com:7777/event/DefaultSystem/Service1 (here Service1 is the project)
8. Now test the service to check the validity of the configuration.
9. If you have any issues, you should be able to find the issue in BPEL domain logs.
How to create a new OC4J server instance in Oracle Application Server 10g
Use the following on the server node to create a new OC4J server instance
./createinstance -instanceName CustomApps
Creating OC4J instance "CustomApps"...
Set OC4J administrator password for "CustomApps" (password text will not be displayed as it is entered):
Enter password:
Confirm password:
Now start the 'CustomApps' instance from /em website.
How to find a string recursively in Unix / Linux
find . -type f -exec grep "string to find" {} \; -print
Saturday, February 9, 2008
Configuring JNDI location for Composite applications
Irrespective of which method you are using for deployment, you must setup the JNDI location as part of the application server. This is required to have a reusable managed connection on the server that is properly configured with various attributes such as caching, timeouts and other advanced attributes like “fastConnectionFailoverEnabled” etc.
Following is the procedure to setup this
Connection Pool Creation
- Login to Enterprise Manager website (ex: Server.Client.com:7777/em).
- Goto specific OC4J Instance / Administration / JDBC Resources.
- Create a new Connection pool named ‘App1’ (This may be typically the application name) by feeding the jdbc URL (remember to list all nodes if is a Oracle RAC database), user name and password.
- Click on the Attributes tab and verify the values as appropriate to your architecture.
- Click Apply.
Managed Data Source Creation
- Create a data source named “App1” by selecting “Managed Data Source” option name, default application name and set the JNDI Location to “jdbc/app1” and select "App1" connection pool. It is important to match this location name with what is defined in the Jdeveloper project.
JDeveloper
- Now, de-select the “Bundle Default data-sources.xml During Deployment” option from your Jdeveloper. This option can be found in Tools menu / Preferences option / Deployment section. This action will prevent it from copying your jdeveloper connections to the application server, if you are using JDeveloper for your deployment.
- Delete connection pool and data source related to the old Jdeveloper’s JNDI Location ‘jdbc/jdev-app1’, if any already created/exist.
- Test the application. If the app is working, continue to next step.
Connection Failure Configuration for Oracle RAC
- If you are using Oracle RAC environment, it is important to configure this Connection Pool for RAC to detect the connection failures and balance the conection to the appropriate RAC node. Now set the Connection Factory Properties named “connectionCachingEnabled”, “fastConnectionFailoverEnabled” with a value of “true” in the ‘App1’ connection pool definition. It is also important to have these properties created in the order mentioned by clicking the button "Add Another Row".
Now your application is ready to use the connection pool's user and password rather the user/password that you have embeded as part of the ear file from JDeveloper.
Oracle ESB Deployment Methods
Oracle ESB Deployment can be done from one environment to another using either of the following four methods.
Method-1: Jdeveloper – Only One service can be deployed at one time to the Integration Server Connection.
Method-2: ANT Script – Multiple services can be deployed at one time to the server by configuring the build.xml
Method-3: Using export and Import Utility – This requires to have the service deployed either of the above methods for the first time. Once deployed to an environment, one can use export and import utility to move the code to other environments.
Method-4: Zip file copy method – By droping the Service Zip file at the appropriate location AS will take care of the deployment. This is the simplest of all methods.
Method-1: Using Jdeveloper
Use the following procedure to deploy on to the server.
- Create the integration server connection
- Create the ESB Project
- Right click on the project to click on the integration server connection
- This will deploy the project(service) into the server.5. Once you get the confirmation, test the service using below6. http://server.client.com:7777/event/DefaultSystem/Service1 (here Service1 is the project)
Method-2: Using ANT Script
Use the following procedure to deploy on the server.
- Copy the ESBDeployment.zip file from Shared folder to local machine. Download this file in to local machine from ESBDeployment location.
- Extract this file into C:\ in local machine. ESBDeployment.zip file contains several jar files grouped into different folders like JAXB_CLIENT, HTTPCLIENT_LIB, SOA_LIB etc. It also has build.properties, build.xml file and buildesb.bat file to execute deployment script.
- After extracting the file first open build.properties file and change following properties in build.propertiesworkspace – Change it to root of application workspace where all the Web Service are developedOther properities like oc4j parameters are environment specific and need to be changed depending upon the target location.
- Open ESBMetadataMigrationTaskdefs.xml file and verify the value of following properties in the file - commons.httpclient.home - jaxb.v2.0.2.home- soa.suite.home
- Open the build.xml and modify the followigng tags under deployESBProjects tag by actual ESB project name to be deployed
Open buildesb.bat and set J2EE_HOME and ANT_HOME path as per local machine. - Execute the buildesb.bat and ESB service will be deployed.
- At the end of execution message should appear stating that Build is Successful.
- Test the code after few minutes.
- Make sure if testing is performed through browser then copy the test link and perform test in new browser.
- All the JAR files contained in zip are mandatory for deployment.
Method-3: Using export/import utility
Use the following procedure to deploy on the server.
- Use the utilities in the server to do this process
- Test the Service using http://server.client.com:7777/event/DefaultSystem/Service1 (here Service1 is the project)
Method-4: .ear file copy
Copy the .zip file (.ear file in .zip format) to the esb deploy folder.
Example :- /SERVER/integration/esb/oraesb/deploy
Example zip file:- Project_Service1.zip
This method will automatically deploys to all the instances in a cluster, if the architecture is HAA or MAA.
Caching : How to improve application performance using Oracle ADF Caching?
Application tier in the enterprise architecture is specialized to carry an important perhaps complex role in overall response preparation. For ADF applications or Composite SOA applications, it is important and wise decision to use multi-level caching solutions.
- Use the Web-tier caching for all static content such as images and html and ESI includes (if is needed and cost is not a criteria)
- Use ADF caching in the application layer
- Use Data caching at the database layer
Today, I will cover the ADF Caching solution by using the ADF Cache tag
Step-1: Add the ADF Faces Cache Library (afc.jar) to your project
Step-2: Add xmlns:afc="http://xmlns.oracle.com/adf/faces/webcache" to the
Step-3: Now add the
index.jspx
<f:view>
<afc:cache duration="”3600”"><!--1 Hour-->
<!-- resource intensive cacheable content/fragment -->
</afc:cache>
</f:view>
Step-4: Now Run the Jspx in the Jdev environment to see the logging to know whether the fragment is cached or not. You may see a cache miss for the first time and is normal as the first request builds the cache and is available from there after.
Depends on the complexity of the page view the second request is 1-10 times faster when using the adf cache tag.
Now, it's your turn to try it.
Sunday, February 3, 2008
What is a Composite Application?
Let’s re-look at what the new definition …
Definition:-
“Applications that built using existing reusable services and components that can either source data or do specific task/process. Composite applications are like mashups.”
Unlike a traditional application where the source data is typically stored in a common place such as a database, composite application uses XML messages as the way to communicate between a service/component layers to the application layer.
With more and more vendors support composite application development in their middleware offerings, the support to integrate these services is easier than ever. Even easier to support and maintain as big vendors like Oracle, IBM and BEA supporting industry standards.
Saturday, February 2, 2008
Enterprise SOA
Today I decided to have some refinement mainly concentrating in this area in the form of this blog. Hope this will be useful.