Protecting Sensitive Data in Oracle SOA Suite 12c by Jennie DeRosa

June 1, 2015 Leave a comment

clip_image001

Given the recent security breaches, data security should always be a concern when designing and creating IT solutions. In particular, what are some considerations that should be made when implementing a solution within the Oracle SOA Suite? Is it sufficient to protect the data using WS-Security/SSL or is additional security needed? If you have sensitive data traversing through the SOA Suite then additional security must be considered.

As noted within the National Institute Standards and Technology (NIST) publication, ‘to appropriately protect the confidentiality of personally identifiable information (PII), organizations should use a risk-based approach’. To understand what is considered PII, or sensitive data, along with recommendations to protect PII read Guide to Protecting the Confidentiality of Personally Identifiable Information.

WS-Security and SSL only will protect data outside a SOA composite or Service Bus. Once the data hits either one of these, it is viewable in clear text within audit trails, console or logs. This means sensitive data is viewable within the console and log, causing this data to be unencrypted at rest. An example of this is shown below. Anyone with access to EM (Enterprise Manager) could view the sensitive data just by opening the audit trail of a process: Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under SOA Tagged with , , , , , , ,

SOA & BPM Community Webcasts June 30th 2015

June 1, 2015 Leave a comment

Missed our May edition of the SOA & BPM Partner Community Webcast – watch the recording here. In this webcast your get an update by Vikas Anand about our Cloud Platform for Digital Business. Including the Integration Success Workshops we offer and the Integration Cloud Service and Process Cloud Service pricing and reselling. Watch the Webcast on-demand here.

SOA & BPM Partner Community Webcast – June 30th 2015

clip_image002Attend our June edition of the SOA & BPM Partner Community WebCast live on June 30th 2015 16:00 CET.

MONTHLY WEBCAST SOA & BPM PARTNER COMMUNITY
TUESDAY JUNE 30 2015 16:00 CET (UTC/GMT +1 Hour)

WATCH AND LISTEN You can join the Conference by clicking on the link:
Join Webcast (Employees and Partners) (audio will play over your computer speakers or headset

AND / OR DIAL IN Call ID: 5566478 Call Passcode: 333111

Austria: +43 (0) 192 865 12
Belgium: +32 (0) 240 105 28
Denmark: +45 327 292 22
Finland: +358 (0) 923 193 923
France: +33 (0) 15760 2222
Germany: +49 (0) 692 222 161 06
Ireland: +353 (0) 124 756 50
Italy: +39 (0) 236 008 198 		Netherlands: +31 (0) 207 143 543
Spain: +34 914 143 755
Sweden: +46 (0) 856 619 465
Switzerland: +41 (0) 445 804 003
UK: +44 (0) 208 118 1001
United States: 140 877 440 73
More Local Numbers

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Technorati Tags: Webcast,Vikas Anand,SOA Community,Oracle SOA,Oracle BPM,OPN,Jürgen Kress

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Technorati Tags: Webcast,Vikas Anand,SOA Community,Oracle SOA,Oracle BPM,OPN,Jürgen Kress

Filed under Community Tagged with , , , , , ,

Purging data from Oracle SOA Suite 11g – Part 1 by C2B2

May 31, 2015 2 Comments

clip_image002The following questions will be answered:

    • How does Oracle SOA Suite 11g (PS6 11.1.1.7) store data?
    • What data does Oracle SOA Suite 11g (PS6 11.1.1.7) store?
    • Why do you need to purge Oracle SOA Suite 11g (PS6 11.1.1.7) data?
    • What are the purging options available for Oracle SOA Suite 11g (PS6 11.1.1.7)?
    • Which data will be purged by the Oracle SOA Suite 11g (PS6 11.1.1.7) purge script?
    • List of composite instance states that will be considered for purging by the purge script
    • How to install the Oracle SOA Suite 11g (PS6 11.1.1.7) purge script?
    • How to execute the Oracle SOA Suite 11g (PS6 11.1.1.7) purge script?
    • What is Looped purging (Oracle SOA Suite 11g (PS6 11.1.1.7) purge script)?
    • What is Parallel purging (Oracle SOA Suite 11g (PS6 11.1.1.7) purge script)?
    • Description of parameters used by the Oracle SOA Suite 11g (PS6 11.1.1.7) purge script
    • Example 1: Executing the Oracle SOA Suite 11g (PS6 11.1.1.7) purge script for all composites
    • Example 2: Executing the Oracle SOA Suite 11g (PS6 11.1.1.7) purge script for a specific composite

How does Oracle SOA Suite 11g (PS6 11.1.1.7) store data?

SOA Suite uses a database schema called SOAINFRA (collection of database objects such as tables, views, procedures, functions etc.) to store data required for the running of SOA Suite applications. The SOAINFRA (SOA Infrastructure) schema is also referred to as the ‘dehydration store’ acting as the persistence layer for capturing SOA Suite data.

What data does Oracle SOA Suite 11g (PS6 11.1.1.7) store? Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under SOA Tagged with , , , , , , ,

Message Aggregation in Oracle SOA Suite 12c by Jennie DeRosa

May 30, 2015 Leave a comment

 

clip_image002Within the Oracle SOA Suite, message aggregation is a concept that allows for multiple messages to be routed to the same BPEL process, based on a value(s) defined within the incoming payload. This is implemented within BPEL through the use of correlation sets.

To implement this, a correlation set is defined and will contain one or more properties. These properties have aliases to values within the input payload message (i.e. PurchaseOrderNumber), which are used for the correlation of messages.

Oracle SOA Suite 12c has provided a wizard that allows for easy definition of the correlation set, properties and property aliases which are all necessary for correlation to occur. Below are the steps required to configure your BPEL process to perform message aggregation via correlation set.

Configuration Steps

The first step is to create the Correlation Set. Right click on the initial receive of the process and select ‘Setup Correlation…’ Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under SOA Tagged with , , , , , ,

Building a Scalable, Highly Available Oracle API Gateway 11g Infrastructure in a Cloud Environment by Marcelo Parisi

May 29, 2015 Leave a comment

clip_image002Introduction

One of the major challenges that companies face in adopting a cloud computing platform is the secure provisioning of services in the cloud. Oracle API Gateway (OAG) 11g can be a very powerful tool in this sense, since it focuses on service protection, with authentication mechanisms, message encryption, and security/policy functionalities.

In this article, we will see how to create a cloud-based OAG infrastructure, with high-availability and scalability support. Both high-availability and scalability operations will be covered here. We’ll be using virtual machines (VMs) and storage concepts, along with OAG and Oracle Traffic Director (OTD). While a physical load balancer will also be necessary, its configuration is beyond the scope of this article.

The service infrastructure—Oracle SOA Suite, Oracle Service Bus or any other kind of service provider environment that needs to be exposed in a secure manner through the environment we’ll be building—will also not be covered in this article.

This article assumes a Network File System (NFS) v4 and Network Information Service/Lightweight Directory Service Protocol (NIS/LDAP) compliant environment. If you don’t support it, the article will indicate the changes so that you can run on a NFSv3 environment without NIS/LDAP.

There is no capacity planning or sizing work done on this article. The number of CPUs, memory and filesystem size are all just for demonstration purposes and should be revisited in a production environment.

OAG and OTD documentation should always be consulted. This document is not intended to replace any of the product’s official documentation.

Finally, please note that OTD is supported only in Exalogic environments.

Infrastructure Architecture

In this article, we’re going to build a brand new infrastructure from scratch to support this environment. We’ll consider two VMs for OTD and, initially, three VMs for OAG, one of them for administration purposes only. The environment infrastructure architecture will resemble the architecture in Figure 1, below:

As you can see, we have high availability on both the OTD layer and the OAG layer. Both layers are scalable either horizontally or vertically. This article discusses scalability only on the OAG layer.

We’re going to create five VMs—three for OAG, with Oracle Linux 5.6; two with Oracle Linux 6.6 for OTD. I suggest using VM Templates or cloning to make this task easier. The VMs’ configuration should resemble the table in Figure 2, below: Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under Uncategorized Tagged with , , , , , , ,

SOA Suite 12c: Multithreaded instance purging with the Java API by Maarten Smeets

May 29, 2015 Leave a comment

 

clip_image002Let’s tackle a single topic at a time in this blog post SOA Suite 12c provides a Java API to perform operations on the SOA infrastructure and things running there such as composites and instances. There are several blog posts available on how to do this in SOA Suite 10g and 11g. However since 12c is relatively new, I decided to try if I could easily access the Java API in 12c and if the API was still similar to 11g or had undergone major changes. As a usecase I decided I wanted to purge instances. This is usually done by database scripts on the SOA infra database. If however you do not have direct access to the database, this can be used as an alternative. I could of course have done the same by using WLST. I found that purging instances by using the Java API was slow so I decided I would like to try this using multiple threads working in parallel. The resulting code is provided in this post.

Implementation

In order to separate the different topics which will be discussed in this blog post I split the implementation in three parts. JDeveloper 12c, Purging composites and Multithreading.

JDeveloper 12c. Using the SOA Suite Java API

In JDeveloper 11g I would have to add the required libraries in the project properties and I could create a Java class which could access the Java API. In JDeveloper 11g I would have to add the following library references: WebLogic 10.3 Remote-Client, SOA Runtime, JRF API. I decided to try the same in JDeveloper 12c. When adding the SOA Runtime however, JDeveloper 12c decided I would want to develop a composite and ‘refactored’ my project to allow development of composites. This wasn’t what I wanted however. In order to avoid this issue/feature I decided to add a single JAR to my 12c project containing required classes instead of using the SOA Runtime library reference. I added oracle.soa.wlstman.jar from my ORACLE_HOME/soa/soa/oracle.soa.fabric.11.1.1 folder (yes, the 11.1.1 folder is still there in 12.1.3). I of course also needed to add Weblogic 12.1 Remote-Client and JRF API to get it working. I have not tried manually editing the pom.xml to include the SOA Runtime dependency, so I can not say if this will avoid the project refactoring done by JDeveloper. Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under SOA Tagged with , , , ,

SOA Suite 12c: In-depth look into Managed File Transfer (1/3) by Robert van Molken

May 28, 2015 Leave a comment

clip_image002

With the release of SOA Suite 12c a new product was revealed. The first sighting was at Oracle OpenWorld 2013. On the Fusion Middleware Demo Grounds there was a demo shown where B2B was integrated with a product called Managed File Transfer (shortened as MFT). At that same conference I gave a presentation about this product together with the product manager of MFT, Dave Berry. This blog gives an in-depth look into Managed File Transfer.

There is a growing problem with FTP in the enterprise where there is a lack of control, visibility, security and reliability. The lack of control is due to the uncontrolled proliferation of FTP servers & clients. Departments are creating stand-alone FTP servers and configuring users where needed. There is no central FTP server. Because of this there is no global visibility of the exchange of crucial data files – including customer data. It is highly possible that these FTP servers are not integrated with enterprise security standards where as FTP servers are rarely integrated with directories. Because these FTP servers run stand-alone they are a single point of failure and rarely offer HA capabilities, which effects the reliability. This can be tackled using Managed File Transfer.

Lack of control, visibility, security & reliability

What is Managed File Transfer?

MFT is a simple and secure End-to-End Managed File Gateway. At the base MFT uses an “Embedded” (S)FTP / SSH server which support HA clustering. MFT has a scalable architecture, which mean it can easily be expanded by adding another Weblogic node to the cluster.  It also includes an extensible framwork for pre/post processing of files. MFT integrates with Standards Based Middleware like (S)FTP, SOA, B2B, Service Bus and Web Services. Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under SOA Tagged with , , , , , , ,

Integration Cloud Service (ICS) is available

May 27, 2015 Leave a comment

clip_image002Oracle Integration Cloud Service (ICS) is available.

ICS Partner quotes

  • “Easy integration of enterprise systems!” Jacco Cijsouw, Amis
  • “Take integration to a new level!” Rob de Haan, RedBlue
  • “Fantastic encapsulation of complex integration problems within a Business friendly tool” Daniel Alves, eProseed
  • “A game changer for enterprise cloud integration” André Evensen, Acando
  • “IPaaS will become more important. With ICS now Oracle enter this market and provide the possibility to integrate applications on a stable infrastructure basis in the Cloud” Marcel Mertin, ec4u
  • “Going to discover what is in the cloud – use Oracle ICS” Andreas Chatziantoniou, Foxglove IT
  • “Pay what you use and be able to scale” Gerald Reif, IPT
  • “You know Oracle’s on to something, when building the integration in the cloud is just as user friendly and fast as using the cloud applications we’re tying together.” Jan Van Hoef, Contribute
  • “Make your cloud come to life.” Mario Sosic, The Future Group
  • “With ICS and rest of cloud services, Oracle is now fully committed to penetrate the iPaaS market that has been until date dominated by Dell Boomi’s, Mulesoft’s and the like. However Oracle we are positive that with all the cloud services Oracle will have the most comprehensive suite of cloud services in the market” Luis Weir HCL & Arturo Viveros S&P Solutions
  • “Cloud will be the THING this year and Oracle is taking the right direction with creating the Integration, Process, Mobile, Java and Developer Cloud Services. It has a slick UI design and it works responsive.” Robert van Mölken, Amis

ICS demo system: We are in process to make the PaaS Services available via GSE. Please make sure that you request our GSE access here. SOA Specialized Partners and member of the SOA & BPM Partner Community can access ICS demo viewlets here.

ICS presentation, whitepaper, video, datasheet & marketing kit At our SOA Community Workspace (SOA Community membership required) we posted

ICS ppt presentation

ICS click demo

ICS video

ICS white paper-use-cases

ICS data sheet

ICS marketing kit

ICS Partners: Looking for a SOA Specialized Partner which can support you with your ICS implementation? Visit the solutions catalog here, and search for your local SOA Specialized partner have trained & certified consultants and implemented successful SOA customer projects. Across EMEA more than 1000 companies are Specialized in SOA! Find local Specialized partners by product www.oracle.com/specialized & learn more about ICS here

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under Cloud, SOA Tagged with , , , , , , , , ,

Process Cloud Service (PCS) is available

May 27, 2015 Leave a comment

Oracle Process Cloud Service (PCS) is availabile

PCS partner quotes

Our SOA & BPM Partner Community is very eximagecited about Process Cloud Service:

  • “Reduce completely and go faster into a Digital Business with PCS” Jorge Quilcate, Sysco
  • “Modern UI combined with stability delivers on premise performance in the cloud” Andrejus Baranovskis, Red Samurai
  • “Finally your business departments have a tool they will like for process modeling” Hajo Normann, Accenture
  • “Oracle Process cloud, a game changer in process implementations, provides our customers benefits from fast agile process delivery on top of existing on-premise applications.” Leon Smiers, Capgemini
  • “With Oracle PCS, time-to-market can be significantly reduced – we highly recommend it.” José Rodrigues, Link Consulting

PCS demo system: We are in process to make the PaaS Services available via GSE. Please make sure that you first request your GSE access here. BPM Specialized Partners and member of the SOA & BPM Partner Community can access PCS demo accounts with myself.

PCS presentation, eBook, datasheet & marketing kit At our SOA Community Workspace (SOA Community membership required) we posted

PCS Partners: Looking for a BPM Specialized Partner which can support you with your PCS implementation? Visit the solutions catalog here, and search for your local BPM Specialized partner have trained & certified consultants and implemented successful BPM customer projects. Across EMEA more than 390 companies are Specialized in BPM! Find local Specialized partners by product www.oracle.com/specialized & Learn more about PCS here

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under BPM, Cloud Tagged with , , , , , , , , ,

SOA Suite 12c: The Coherence Adapter By Maarten Smeets

May 26, 2015 Leave a comment

 

clip_image001Oracle SOA Suite 12c ships with a new technology adapter, the Oracle CoherenceAdapter. This adapter allows easy integration with a Coherence Data Grid (a distributed cache). The excellent post by Antony Reynolds provides the information required to setup your Coherence cache and get started with the adapter. In this blog post I will describe a pattern which can be used to use Coherence Data Grid as a cache for a database table (or view, or…). Also I did some performance measures on the Oracle quickstart JDeveloper installation with Integrated Weblogic server and an XE database with surprising results!

Important tips from Antony’s post:

  • Use one Coherence cache per object type. This allows clearing the entire cache and specifying specific behavior per object type.
  • Make sure the Coherence configuration file is available to every server in the cluster (shared storage). This is similar to a DbAdapter configuration plan.
  • Set the servicename in the outbound connectionFactory of the CoherenceAdapter to DistributedCache so it works in clusters and WLSExtendProxy to false unless you are using this feature.
  • In 11c you can use Coherence from within a SOA Suite Spring component or by enabling the OSB result cache. Both have disadvantages though. 12c provides the CoherenceAdapter as alternative. Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Filed under SOA Tagged with , , , , , , ,

Older posts

Newer posts