Skip Headers
Oracle® Application Server Enterprise Deployment Guide
10g Release 3 (10.1.3.1.0)

Part Number B28939-03
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

3 Installing and Configuring the mySOACompany Web and Application Tiers

Installing and Configuring the Web and Application Tiers

Configuring Fast Connection Failover for the RAC Database on APPHOST1 and APPHOST2

Managing Oracle Application Server Component Connections

Configuring Network Communication

Configuring Application Authentication and Authorization

3.1 Installing and Configuring the Web and Application Tiers

The Application Tier consists of multiple computers hosting middle tier Oracle Application Server instances. Each Oracle home contains multiple Oracle Containers for J2EE instances on which you deploy applications. In the complete configuration, requests are balanced among the OC4J instances on the application tier computers to create a performant and fault tolerant application environment.

The Web Tier(WEBHOST1 and WEBHOST2) consists of Oracle HTTP Servers. Figure 1-1, Figure 1-2 and Figure 1-3 show the Application and Web tiers.

3.1.1 Installing the Oracle HTTP Servers on WEBHOST1 and WEBHOST2

Use the Advanced option of the Oracle Universal Installer to install the Oracle HTTP Server instances.

  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Copy the staticports.ini file from the Disk1/stage/Response directory to a local directory, such as TMP. You will provide the path to this file during installation.

  3. Edit the staticport.ini file to assign the following custom ports:

    Oracle HTTP Server port = 7777
    

    Note:

    Ensure that these ports are not already in use by any other service on the computer. Using the Static Ports feature to install the the Application Server Tier ensures that the port assignments will be consistent, if the ports are correctly specified in the file and the port is not already in use. If a port is incorrectly specified, the Oracle Universal Installer will assign the default port. If a port is already in use, the Oracle Universal Installer will select the next available port.
  4. Start the Oracle Universal Installer as follows:

    On UNIX, issue this command: runInstaller

    On Windows, double-click setup.exe

    The Oracle Application Server 10.1.3.1.0 Installation screen appears.

  5. Specify an installation directory for the instance.

  6. Select Advanced Installation Mode.

  7. Click Install.

    The Select Installation Type screen appears.

  8. Select Web Server and click Next.

    The Specify Port Configuration Options screen appears.

  9. Select Manual, specify the location of the staticports.ini file, and click Next.

    The Specify Instance Name screen appears.

  10. Specify the instance name and click Next.

    The Cluster Topology Configuration screen appears.

  11. Check the box to configure the instance to be part of an Oracle Application Server cluster.

  12. Specify the multicast address and port.

    Note:

    An example of a multicast address is 225.0.0.20, with port 8001. The address and port should be the same for each computer in a farm.
  13. Click Next.

    The Summary Screen apears.

  14. click install.

  15. The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

  16. Click Exit, and then confirm your choice to exit.

  17. Verify that the installation was successful by viewing the Oracle HTTP Server instance. Start a browser and access:

    http://hostname:7777

    Note:

    The ORACLE_HOME/install/readme.txt file contains the URLs for the installation and a command to verify the status of processes.

3.1.2 Renaming Apache 2.0 Web Server Instances

If you installed the Oracle HTTP Server based on Apache 2.0 from the Companion CD on WEBHOST1 and WEBHOST2, the instance name on both computers will be the default name assigned by the installer. In a cluster, you will want the instance names to be unique when you view the instances with the opmnctl @cluster status command. Follow these steps to rename an instance:

  1. Stop the instance by issuing this command:

    opmnctl stopall

  2. Modify the ORACLE_HOME/opmn/conf/opmn.xml file to change the instance id and name as shown:

    <ias-instance id="IAS-1 
     name="IAS-1">
    

    Replace both occurrences of the existing instance name (IAS-1 in the example) with a unique instance name.

  3. Save and close the file.

  4. Restart the instance by issuing this command:

    opmnctl startall

3.1.3 Configuring the Cluster Gateway

Because there is a firewall between the instances clustered on the Web tier and the1 instances clustered on the Application tier, you must configure a cross-topology gateway to enable communication between the clusters. In the gateway configuration, one server on each side of the firewall is an entry point into the cluster. These instructions designate APPHOST1 and WEBHOST1 as the gateway servers, but any server may be designated the gateway server. The remote port is used for communication with the gateway server; it is designated in the <gateway> subelement in opmn.xml as shown in bold.

Follow these steps to specify gateway servers on the Application Tier and the Web Tier:

  1. Open the APPHOST1_ORACLE_HOME/opmn/conf/opmn.xml file.

  2. Create the <gateway> subelement as shown in the example:

    <notification-server>
      <port local="6101" remote="6201" request="6004"/>
      <ssl enabled="true" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default"/>
       <topology>
       <discover list="*225.0.0.20:8001"/>
        <gateway list="apphost1.mycompany.com:6200&amp;apphost2.mycompany.com:6200&amp;webhost1.mycompany.com:6200&amp;webhost2.mycompany.com:6200/"/>
       </topology>
    </notification-server>
    ...
    

    Note:

    6201 is the OPMN remote port onAPPHOST1, and 6202 is the OPMN remote port on WEBHOST1. You must view the opmn.xml file on each server to determine the port values needed for the configuration.
  3. Issue this command in APPHOST1_ORACLE_HOME/opmn/bin:

    opmnctl reload

  4. Copy the <gateway> subelement to the WEBHOST1_ORACLE_HOME/opmn/conf/opmn.xml file.

  5. Issue this command in WEBHOST1_ORACLE_HOME/opmn/bin:

    opmnctl reload

Note:

For more information, see "Configuring Cross-Topology Gateways" in the Oracle Containers for J2EE Configuration and Administration Guide.

3.1.4 Configuring the Firewall to Prevent Access to Application Server Control Console

Application Server Control Console should be accessible from inside the firewall only. Consult the documentation for your firewall to configure it to prevent such access from outside.

3.1.5 Installing the Application Server Instances on APPHOST1 and APPHOST2

You can install an Oracle Application Server instance consisting only of one OC4J instance, using the Advanced installation option of the Oracle Universal Installer. Follow these steps to install application servers to create ORA-HOME1, ORA-HOME2, ORA-HOME3 and ORA-HOME4 on APPHOST1 and APPHOST2.

  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Start the Oracle Universal Installer using one of these commands:

    • On UNIX, issue this command: runInstaller

    • On Windows, double-click setup.exe

    The Oracle Application Server 10.1.3.1.0 Installation screen appears with the Basic Installation Mode and the Integrated Web Server, J2EE Web Server and Process Management installation type selected.

  3. Specify an installation directory for the instance, or leave the default.

  4. Select Advanced Install and click Next.

    A confirmation dialog appears.

  5. Click Yes.

    A progress dialog appears, then the Select Installation Type screen appears.

  6. Select J2EE Server and click Next.

    The Specify Port Configuration Options screen appears.

  7. Select Automatic and click Next.

    The Administration Settings screen appears.

  8. Specify an instance name for the application server instance.

    Note:

    The instance name you specify will be prepended to the host name. For example, if you specify J2EE as the instance name and the host name is server1.mycompany.com, the instance name will be J2EE.server1.mycompany.com.
  9. Specify and confirm the administrator password for the default OC4J instance.

  10. Specify a name for the default OC4J instance created by the installer (the default is home), such as Admin, or a similar name that designates it as the instance dedicated to Application Server Control.

    Note:

    You will not deploy applications to this instance; it will not be clustered with the user-created OC4J instances on which applications are deployed.
  11. Check the box to designate the instance installed as an administration OC4J instance (the instance on which the Application Server Control Console will operate).

  12. Click Next.

    The Cluster Topology Configuration screen appears.

  13. Specify the multicast address and port.

    Note:

    An example of a multicast address is 225.0.0.20, with port 8001. The address and port should be the same for each computer in a farm.
  14. Select the checkbox for the option Access this OC4J instance from a separate Oracle HTTP Server.

  15. Click Next.

    The Summary screen appears.

  16. Click Install.

    The Preparing to Install dialog appears, then the Install screen appears.

  17. The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

  18. Click Exit, and then confirm your choice to exit.

    The first Oracle home, labeled ORA-HOME1 in the diagrams in Section 1.3, now exists on APPHOST1, with the Admin OC4J instance created.

  19. Repeat steps 1 through 18 to create the second Oracle home, labeled ORA-HOME2 in the diagrams in Section 1.3, with these exceptions:

    1. In step 3, specify a different installation directory to create the second Oracle home.

    2. Do not designate the default OC4J instance as the administration instance.

    3. Name the default OC4J instance OC4J_ESBDT.

  20. Verify that the installation was successful by viewing the instance in Oracle Enterprise Manager 10g (from inside the firewall only; see Section 3.1.4). Start a browser, log in to the Application Server Control Console, and view the application server instance at:

    http://WEBHOST1.mycompany.com:7777/em

    Note:

    On Windows, you can use the Start menu to select the instance, and then select the Oracle Application Server Control option.
  21. Verify that the installation was successful by viewing the instance in Oracle Enterprise Manager 10g (from inside the firewall only; see Section 3.1.4). Start a browser, log in to the Application Server Control Console, and view the application server instance at:

    http://WEBHOST2.mycompany.com:7777/em

    Note:

    The ORACLE_HOME/install/readme.txt file contains the URLs for the installation and a command to verify the status of processes.

3.1.6 Disabling Application Server Control Console on APPHOST2-4 (Optional)

Application Server Control Console stores certain local state information that does not get replicated to another active Application Server Control Console. This includes things such as JMX Notification Subscriptions and Received Notifications. If you use JMX notifications, you may wish to disable Application Server Control Consoles other than that on APPHOST1 so that Oracle HTTP Server does not route requests to them. This will ensure that notifications subscriptions are not changed or deleted on the instance receiving requests (causing the two instances to be out of synchronization). You can disable routing to Application Server Control Consoles by setting the ohs-routing tag in the default-web-site.xml file for the Application Server Control Console to false as shown:

<web-app application="ascontrol" load-on-startup="true" name="ascontrol"
ohs-routing="false" root="/em"/>

You can set ohs-routing to true if you need to use the secondary Application Server Control Consoles for failover. You will need to use some backup and recovery procedure in order to restore the state of notification subscriptions and received notifications from the primary Application Server Control Consoles to the secondary.If you have multiple Application Server Control Consoles active, be aware of the following:

  • If you change the administrator password on the managed OC4J instances, you will have to make the same change to the stored administrator password on all Application Server Control Console instances. When Oracle HTTP Server directs requests to an Application Server Control Console that does not have the correct password, attempts to connect to the managed instance will fail and Application Server Control Console will prompt for the new administrator password.

    On login, Application Server Control Console displays a warning on the Cluster Topology page that there are multiple instances running.

3.1.7 Listing Occupied Ports

Use the netstat command to identify occupied ports:

netstat -an

The AJP port range is 12501-12600. Note the port numbers in this range that do not appear in the output of the netstat command; these are the ports you can assign to OC4J instances.

3.1.8 Creating OC4J Instances on APPHOST1 and APPHOST2

There are three Oracle homes (application server instances) on APPHOST1 and APPHOST2. You must create the OC4J instances shown in the diagrams in Section 1.3. The single OC4J instance on APPHOST2, OC4J_ESBDT, was created during installation, so you need to create these instances:

  • OC4J_SOA

  • OC4J_GTWY

  • OC4J_WSM

  1. Log in to the Application Server Control Console with the password set during installation.

    The Cluster Topology page appears.

  2. Click the link in the Members list for the application server instance on APPHOST1.

    The Application Server page for the instance appears, listing the Admin OC4J instance in the System Components list.

  3. Click Create OC4J Instance.

    The Create OC4J Instance page appears.

  4. Enter OC4J_SOA in the OC4J Instance Name field. Leave the defaults for the group and check the box to start the instance.

  5. Click Create.

    The Processing: screen appears with a message, then the Application Server page appears with the new instance and a confirmation message that the instance was created and added to the group.

  6. Click the OC4J_SOA instance.

    The OC4J page appears.

  7. Click Administration.

    The Administration Tasks table appears.

  8. Click the Go to Task icon for Server Properties in the Properties list.

    The Server Properties page appears.

  9. Specify an unused AJP port (determined in Section 3.1.7) for the default-web-site and click Apply.

    The Processing screen appears with a status message, then a confirmation message appears.

  10. Repeat steps 1 through 9 for the OC4J_GTWY and OC4J_WM instances, assigning a different unique port from the range to each.

  11. Issue these commands in ORACLE_HOME/opmn/bin:

    opmnctl stopall

    opmnctl startall

  12. Repeat Steps 1 through 11 on APPHOST2.

3.1.9 Configuring the Oracle HTTP Server with the Load Balancing Router

The Load Balancing Router (soa.mycompany.com, shown in Figure 1-1, "mySOACompany with JSSO and Oracle Internet Directory") must be configured to receive client requests and balance them to the two Oracle HTTP Server instances on the Web tier. See the load balancing router documentation for instructions on configuring the load balancer, and follow the instructions in this section configure the Oracle HTTP Server.

Incoming requests must be associated with the Load Balancing Router hostname and port in the mySOACompany configuration. To configure this, perform these steps on WEBHOST1 and WEBHOST2:

  1. Open the Oracle HTTP Server configuration file:

    Apache 1.3:

    ORACLE_HOME/Apache/Apache/conf/httpd.conf

    Apache 2.0:

    ORACLE_HOME/ohs/conf/httpd.conf

  2. Perform the following steps:

    1. Add the LoadModule certheaders_module directive for the appropriate platform.

      UNIX Apache 1.3:

      LoadModule certheaders_module libexec/mod_certheaders.so
      

      UNIX Apache 2.0; use this directive if you plan to use Apache 2.0 on UNIX:

      LoadModule certheaders_module modules/mod_certheaders.so
      

      Windows:

      LoadModule certheaders_module modules/ApacheModuleCertHeaders.dll
      
    2. Add the lines shown for the Apache version you are using to create a NameVirtualHost directive and a VirtualHost container for soa.mycompany.com and port 443.

      Apache 1.3:

      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName soa.mycompany.com
        Port 7777
        ServerAdmin you@your.address 
        RewriteEngine On 
        RewriteOptions inherit
      </VirtualHost> 
      
      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName soa.mycompany.com:443
        Port 443
        ServerAdmin you@your.address
        RewriteEngine On 
        RewriteOptions inherit
        SimulateHttps On
      </VirtualHost>
      

      Apache 2.0 (UNIX):

      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName soa.mycompany.com:7777
        ServerAdmin you@your.address 
        RewriteEngine On 
        RewriteOptions inherit
      </VirtualHost> 
      
      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName soa.mycompany.com:443
        ServerAdmin you@your.address
        RewriteEngine On 
        RewriteOptions inherit
        SimulateHttps On
      </VirtualHost>
      

      Notes:

      The LoadModule directives (in particular, the LoadModule rewrite_module directive) must appear in the httpd.conf file at a location preceding the VirtualHost directives. The server must load all modules before it can execute the directives in the VirtualHost container.

      It is a good idea to create the VirtualHost directives at the end of the httpd.conf file.

      The LoadModule rewrite_module directive must appear before the LoadModule certheaders_module directive.

  3. Save the httpd.conf file.

  4. Restart the components using these commands in ORACLE_HOME/opmn/bin:

    opmnctl stopall

    opmnctl startall

  5. Verify that you can access these URLs:

    http://soa.mycompany.com:7777/j2ee

    https://soa.mycompany.com/j2ee

3.1.10 Configuring the esbd.myco.com URL for Internal Use

The Load Balancing Router must be configured to provide internal access to the ESBD instances on the Web tier. See the load balancing router documentation for instructions on configuring the load balancer, and follow the instructions in this section configure the Oracle HTTP Server for this URL.

Incoming requests must be associated with the Load Balancing Router hostname and port in the mySOACompany configuration. To configure this, perform these steps on WEBHOST1 and WEBHOST2:

  1. Open the Oracle HTTP Server configuration file:

    Apache 1.3:

    ORACLE_HOME/Apache/Apache/conf/httpd.conf

    Apache 2.0:

    ORACLE_HOME/ohs/conf/httpd.conf

  2. Perform the following steps:

    1. Add the LoadModule certheaders_module directive for the appropriate platform.

      UNIX Apache 1.3:

      LoadModule certheaders_module libexec/mod_certheaders.so
      

      UNIX Apache 2.0; use this directive if you plan to use Apache 2.0 on UNIX:

      LoadModule certheaders_module modules/mod_certheaders.so
      

      Windows:

      LoadModule certheaders_module modules/ApacheModuleCertHeaders.dll
      
    2. Add the lines shown for the Apache version you are using to create a NameVirtualHost directive and a VirtualHost container for esb.mycompany.com.

      Apache 1.3:

      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName esbd.myco.com
        Port 7777
        ServerAdmin you@your.address 
        RewriteEngine On 
        RewriteOptions inherit
      </VirtualHost> 
      

      Apache 2.0 (UNIX):

      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName esbd.myco.com:7777
        ServerAdmin you@your.address 
        RewriteEngine On 
        RewriteOptions inherit
      </VirtualHost> 
      

      Notes:

      The LoadModule directives (in particular, the LoadModule rewrite_module directive) must appear in the httpd.conf file at a location preceding the VirtualHost directives. The server must load all modules before it can execute the directives in the VirtualHost container.

      It is a good idea to create the VirtualHost directives at the end of the httpd.conf file.

      The LoadModule rewrite_module directive must appear before the LoadModule certheaders_module directive.

  3. Save the httpd.conf file.

  4. Restart the components using these commands in ORACLE_HOME/opmn/bin:

    opmnctl stopall

    opmnctl startall

  5. Verify that you can access these URLs:

    http://esbd.myco.com:7777/j2ee

    https://esbd.myco.com/j2ee

3.1.11 Installing the Oracle BPEL Process Manager Instances on APPHOST1 and APPHOST2 from the Oracle BPEL Process Manager (10.1.3.1.0) CD

The Oracle BPEL Process Manager instances must be installed in the OC4J_SOA instances on APPHOST1 and APPHOST2.

Note:

You use the component CD-ROMs (for example, the Oracle BPEL Process Manager CD-ROM or the Oracle Enterprise Service Bus CD-ROM) to install individual components, and you install the individual components into the same Oracle home as the J2EE Server installation (performed in Section 3.1.5, "Installing the Application Server Instances on APPHOST1 and APPHOST2").
  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Insert the Oracle BPEL Process Manager (10.1.3.1.0) CD.

  3. Start the Oracle Universal Installer using one of these commands:

    • On UNIX, issue this command: runInstaller

    • On Windows, double-click setup.exe

      The Welcome screen appears.

  4. Click Next.

    The Specify File Locations screen appears.

    Specify the installation directory into which you installed the J2EE Server Oracle Application Server instance.

  5. Click Next.

    The Select Installation Type screen appears.

  6. Select the BPEL Process Manager for OracleAS Middle Tier option and click Next.

    The Specify Outgoing HTTP Proxy Information screen appears.

  7. Specify the host, port and bypass proxy and click Next.

    The Specify Database screen appears.

  8. Specify database information:

    Database Type: Oracle Database

    Hostname and Port: INFRADBHOST1.mycompany.com:1521^INFRADBHOST2.mycompany.com:1521

    Service Name: orcldb.mycompany.com

    ORABPEL Schema Password: BPEL Process Manager Schema password

  9. Click Next.

    The Administration Settings screen appears.

  10. Specify administration settings:

    AS Administrator Password: The Oracle Application Server administrator password set during installation

    OC4J Instance Name: OC4J_SOA

    HTTP Host:Port: soa.mycompany.com:7777

  11. Click Next.

    The Summary screen appears.

  12. Click Install.

    The installation proceeds, and then completes.

  13. Click Exit, and confirm your choice to exit.

  14. Verify that the installation was performed correctly by accessing these URLs:

    http://soa.mycompany.com:7777/BPELConsole

    https://soa.mycompany.com/BPELConsole

3.1.12 Configuring the Cluster of BPEL Instances

This section briefly explains how to configure the cluster for the enterprise deployment. For more information, see the Oracle BPEL Process Manager Installation Guide, section titled "Creating an Oracle BPEL Process Manager Cluster".

  1. Configure these server side properties on both J2EE instances (where host computers are in the same subnet):

    Set enableCluster to true and assign the same name to the ClusterName property in:

    ORACLE_HOME/bpel/system/config/collaxa-config.xml

    Set mcast-addr and mcast-port to the same address in:

    ORACLE_HOME/bpel/system/config/jgroup-protocol.xml (these values must be the same on all of the computers in the cluster)

  2. Configure these properties on the client side of all computers in the cluster:

    In the ORACLE_HOME/bpel/utilities/ant-orabpel.properties file:

    Set cluster to true.Set oc4jinstancename to the name of the OC4J group (for example, "default_group").

  3. Set the soapServerURL and the soapCallbackUrl to the same value as the load balancer URL:

    1. Open the ORACLE_HOME/bpel/system/config/collaxa-config.xml file.

    2. Set the soapServerUrl and soapCallbackUrl to the HTTPS URL, so that the entries resemble the following:

      ...
          <property id="soapServerUrl">
              <name>BPEL soap server URL</name>
                 <value>https://soa.mycompany.com</value>
      ...
          </property>
      ...
          <property id="soapCallbackUrl">
              <name>BPEL soap callback URL</name>
                 <value>https://soa.mycompany.com</value>
      ...
          </property>
      
  4. Restart the OC4J_SOA instances on both computers.

3.1.12.1 Necessary Steps for Cluster-based BPEL Deployments

When deploying applications in a BPEL cluster, ensure that you:

  • Always deploy the BPEL process and all other artifacts to each computer in the cluster. This is necessary because custom jars may be needed on each computer (for example, a local EJB).

  • Execute obant.sh on each computer in the cluster.

  • Start the computers one at a time, and wait until one computer is completely started before starting the next one.

  • Copy the client interfaces for EJB bindings to each computer's system/classes directory and then restart the BPEL Process Manager so that the classes are loaded.

  • In applications that you build and deploy, define wsdlLocation in the bpel.xml file to point to the wsdl file on the local file system and wsdlRuntimeLocation points to the wsdl file at run time. An example is provided in ORACLE_HOME/bpel/samples/demos/LoanFlow/LoanDemo/bpel/bpel.xml.

  • Confirm that the BPEL process works after deployment using the sample application, LoanFlow, located in the ORACLE_HOME/bpel/samples/demos/LoanDemo directory.

3.1.13 Installing the ESB Runtime Instances on APPHOST1 and APPHOST2 from the Oracle Enterprise Bus (10.1.3.1.0) CD

The ESB Runtime instances must be installed in the OC4J_SOA instances on APPHOST1 and APPHOST2.

Note:

You use the component CD-ROMs (for example, the Oracle BPEL Process Manager CD-ROM or the Oracle Enterprise Service Bus CD-ROM) to install individual components, and you install the individual components into the same Oracle home as the J2EE Server installation (performed in Section 3.1.5, "Installing the Application Server Instances on APPHOST1 and APPHOST2").
  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Insert the Oracle Enterprise Bus (10.1.3.1.0) CD.

  3. Start the Oracle Universal Installer using one of these commands:

    • On UNIX, issue this command: runInstaller

    • On Windows, double-click setup.exe

    The Welcome screen appears.

  4. Click Next.

    The Specify File Locations screen appears.

    Specify the installation directory into which you installed the first J2EE Server Oracle Application Server instance (the instance in which the Admin instance resides).

  5. Click Next.

    The Select Installation Type screen appears.

  6. Select the Enterprise Service Bus for OracleAS Middle Tier option and click Next.

    The Specify Outgoing HTTP Proxy Information screen appears.

  7. Specify the host, port and bypass proxy and click Next.

    The Specify Database screen appears.

  8. Specify database information:

    Database Type: Oracle Database

    Hostname and Port: INFRADBHOST1.mycompany.com:1521^INFRADBHOST2.mycompany.com:1521

    Service Name: orcldb.mycompany.com

    ORAESB Schema Password: ESB Schema password

  9. Click Next.

    The Administration Settings screen appears.

  10. Provide the administrator password set at installation time, select the OC4J_SOA instance, provide the HTTP host and port values (soa.mycompany.com:7777) and click Next.

    The Select ESB Type screen appears.

  11. Select Runtime and click Next.

    The Summary screen appears.

  12. Click Install.

    When the installation process completes, the End of Installation screen appears.

  13. Click Exit, and then confirm your choice to exit.

3.1.14 Resolving Out-of-Memory Errors in the BPEL Runtime Console

When you work with tasks in the BPEL Console, this error may occur:

500 Internal Server Error

java.lang.OutOfMemoryError: PermGen space

To resolve the error, you increase the memory allocated to the PermGen space (used for loading static classes) with the MaxPermSize parameter. Follow these instructions to set the MaxPermSize parameter in the Oracle Application Server instances on APPHOST1 and APPHOST2:

  1. Open the ORACLE_HOME/opmn/conf/opmn.xml file and locate the MaxPermSize parameter (shown in bold in Example 3-1.

    Example 3-1 MaxPermSize Parameter

    ...
    <category id="start-parameters">
                        <data id="java-options" value="-Xrs -server
    -XX:MaxPermSize=128M -ms512M -mx1024M -XX:AppendRatio=3
     -Djava.security.policy=$ORACLE_HOME/j2ee/Admin/config/java2.policy
     -Djava.awt.headless=true -Dhttp.webdir.enable=false"/>
                      </category>
                      <category id="stop-parameters">
                         <data id="java-options"
     value="-Djava.security.policy=$ORACLE_HOME/j2ee/Admin/config/java2.policy
     -Djava.awt.headless=true -Dhttp.webdir.enable=false"/>
    ...
    
  2. Increase the value, for example:

    -XX:MaxPermSize=256M

  3. Save and close the file, and restart the OPMN instance.

3.1.15 Installing the ESB Repository Instance on APPHOST1 and APPHOST2

  1. Perform the steps in Section 3.1.13, "Installing the ESB Runtime Instances on APPHOST1 and APPHOST2 from the Oracle Enterprise Bus (10.1.3.1.0) CD", with these exceptions:

    1. Select the applicable Oracle home (ORA-HOME2) in the Specify File Locations screen.

    2. Select the OC4J_ESBDT instance in the Administration Settings screen.

    3. Select Repository in the ESB Type screen.

3.1.16 Configuring Service Failover for the OC4J_ESBDT Instances

The failover scheme for the OC4J_ESBDT instances dictates that only one instance is up at any given time. If the single active instance fails, OPMN will start the other instance. Follow these steps on both OC4J_ESBDT instances to configure the failover:

  1. Open the ORACLE_HOME\opmn\conf\opmn.xml file.

  2. Modify the OC4J_ESBDT process as shown:

    <process-type id="OC4J_ESBDT" module-id="OC4J" service-failover="1" status="enabled">
    
  3. Remove the numprocs entry:

    <process-set id="default_group" numprocs="1"/>
    
  4. Restart the instance by issuing these commands in ORACLE_HOME\opmn\bin:

    opmnctl reload

    opmnctl restartproc process-type=OC4J_ESBDT

3.1.17 Configuring ESB for Singleton Adapters

In order to support a system with a singleton adapter such as an inbound file adapter or FTP adapter, you need an additional ESB runtime instance (one that is not a member of the cluster of ESB instances) to host the file adapter. Follow the instructions in Section 3.1.13, "Installing the ESB Runtime Instances on APPHOST1 and APPHOST2 from the Oracle Enterprise Bus (10.1.3.1.0) CD" to install the additional ESB runtime instance.

An inbound file adapter is only supported on a single ESB runtime server. If you are using an inbound FileAdapter, the name for the cluster of ESB instances (the cluster_name property in the ORACLE_HOME/integration/esb/config/esb_config.ini file) must be set to the ESB file adapter system on only one ESB runtime server.

3.1.18 Configuring the Cluster of ESB Runtime Instances on APPHOST1 and APPHOST2

Note:

The cluster of ESB Instances must include instances of the Runtime Server type only. The cluster must not include instances of the Repository Server type.
  1. In the ESB Runtime instance installation, open the ORACLE_HOME/integration/esb/config/esb_config.ini file.

  2. Comment out the primary_oc4j parameter:

    # Central OC4J or not
    # primary_oc4j=true
    
  3. Restart the server using these opmn commands:

    opmnctl stopall

    opmnctl startall

3.1.19 Updating the ESB Metadata

  1. Navigate to the ORACLE_HOME/integration/esb/bin directory and issue this command:

    Windows: esbsetenv.bat

    UNIX: esbsetenv.sh

  2. Create a file called esbparam.properties with the key=value pairs shown in Example 3-2.

    Example 3-2 esbparam.properties file

    DT_OC4J_HTTP_PORT=7777
    DT_OC4J_HOST=soa.mycompany.com
    PROP_NAME_DEFERRED_TOPIC_JNDI=ESBTopics/Topics/ESB_JAVA_DEFERRED
    PROP_NAME_DEFERRED_TCF_JNDI=OracleOJMS/TCF
    PROP_NAME_DEFERRED_XATCF_JNDI=OracleOJMS/XATCF
    PROP_NAME_CONTROL_TOPIC_JNDI=ESBTopics/Topics/ESB_CONTROL
    PROP_NAME_CONTROL_TCF_JNDI=OracleOJMS/XATCF
    PROP_NAME_ERROR_TOPIC_JNDI=ESBTopics/Topics/ESB_ERROR
    PROP_NAME_ERROR_TCF_JNDI=OracleOJMS/TCF
    PROP_NAME_ERROR_XATCF_JNDI=OracleOJMS/XATCF
    PROP_NAME_ERROR_RETRY_JNDI=ESBTopics/Topics/ESB_ERROR_RETRY
    PROP_NAME_ERROR_RETRY_TCF_JNDI=OracleOJMS/XATCF
    PROP_NAME_MONITOR_TOPIC_JNDI=ESBTopics/Topics/ESB_MONITOR
    PROP_NAME_MONITOR_TCF_JNDI=OracleOJMS/TCF
    PROP_NAME_INITIAL_CONTEXT_FACTORY=com.evermind.server.rmi.RMIInitialContextFactory
    ACT_ID_RANGE=400
    
  3. Issue this command to populate the esb.parameter table:

    ant import-params -Dparamfile=esbparam.properties

    Example 3-3 import command

    ant import-params -Dparamfile=esbparam.properties -DDB_URL=jdbc:oracle:thin:@//localhost:1521/ORCL -DDB_USER=oraesb -DDB_PASSWORD=oraesb
    

    Example 3-4 export command

    ant export-params -DDB_URL=jdbc:oracle:thin:@//localhost:1521/ORCL -DDB_USER=oraesb -DDB_PASSWORD=oraesb
    
  4. On the ESB Console System screen, for each installation, update the topic and topic connection factory for asynchronous topics with these values:

    Topic: ESBTopics/Topics/ESB_JAVA_DEFERRED

    Topic Connection Factory: OracleOJMS/XATCF

3.1.20 Configuring the Slide Repository to use the Database as the Repository

  1. Navigate to the ORACLE_HOME/integration/esb/config directory.

  2. Make a copy of the Domain_DB.xml file, naming the copy Domain.xml.

  3. Restart the server.

3.1.21 Configuring JNDIs for the Topic and Topic Connection Factory

Using Oracle Enterprise Manager 10g, follow these steps to configure JNDIs in the Design Time and both ESB repository instances.

  1. In the Administration tab, click Expand All, Services, Enterprise Messaging Service, then Database Persistence.

    The Database Persistence configuration page appears.

  2. On the Database Persistence configuration page, click Deploy.

  3. In Oracle Enterprise Manager 10g, navigate to the OC4J Admin instance's Administration tab.

  4. Click Expand All.

  5. Navigate to Administration Tasks, Services, Enterprise Messaging Service, Database Persistence.

  6. Click Deploy.

    The Deploy Database Persistence Provider screen appears.

  7. Make the following entries and selections:

    Resource Adapter Module Name: OracleOJMS

    Select Add a new resource provider to be used by this connector

    Resource Provider Name: esbRP

    Datasource JNDI Location: jdbc/esbaqdatasource

  8. Click OK.

    A confirmation page appears.

  9. Click Restart and confirm your choice to restart when prompted. If errors occur, use the opmnctl shutdown and opmnctl startall command to restart the default application.

    A confirmation message appears.

  10. On the Resource Adapter page for the OracleOJMS RA, in the Connection Factories tab, click Create to create a connection factory.

    The Create Connection Factory: Select Interface screen appears.

  11. Select javax.jms.XATopicConnectionFactory from the Connection Factory Interface drop-down list and click Continue.

    The Create Connection Factory screen appears.

  12. In the JNDI Location field, enter OracleOJMS/XATCF. Click Finish.

    A confirmation message appears.

  13. Create another connection factory by repeating steps 10-12, but substitute these values:

    Select javax.jms.TopicConnectionFactory from the Connection Factory Interface drop-down list.

    In the JNDI Location field, enter OracleOJMS/TCF and click Finish.

  14. Click the Administered Objects tab and click Create.

    The Create Administered Object screen appears.

  15. Select oracle.j2ee.ra.jms.generic.AdminObjectTopicImpl from the Object Class drop-down list and click Continue.

  16. In the JNDI Location field, enter ESBTopics. Click Finish. In the JNDI Location field, enter ESBTopics. In the resourceProviderName field, enter esbRP.

  17. Click Finish.

    A confirmation message appears.

3.1.22 Installing the OWSM Instances on APPHOST1 and APPHOST2 from the Oracle Web Services Manager (10.1.3.1.0) CD

The OWSM instances must be installed in these OC4J instances as follows:

APPHOST1, Oracle home 1: OC4J_WSM

APPHOST2, Oracle home 4: OC4J_GTWY

APPHOST2, Oracle home 1: OC4J_WSMAPPHOST2, Oracle home 4: OC4J_GTWY

Note:

You use the component CD-ROMs (for example, the Oracle BPEL Process Manager CD-ROM or the Oracle Enterprise Service Bus CD-ROM) to install individual components, and you install the individual components into the same Oracle home as the J2EE Server installation (performed in Section 3.1.5, "Installing the Application Server Instances on APPHOST1 and APPHOST2").
  1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

  2. Insert the Oracle Web Services Manager (10.1.3.1.0) CD.

  3. Start the Oracle Universal Installer using one of these commands:

    • On UNIX, issue this command: runInstaller

    • On Windows, double-click setup.exe

    The Oracle Web Services Manager 10g (10.1.3.1.0) Installation screen appears.

  4. Specify the installation directory into which you installed J2EE Server Oracle Application Server instance.

  5. Specify the Application Server Details:

    HTTP host:port: soa.mycompany.com:7777

    OC4J Instance: OC4J_WSM or OC4J_GTWY (each in its own Oracle home on APPHOST1 and APPHOST2)

    Administrator Username: oc4jadmin

    Administrator Password: The password set during installation

  6. Specify the Database Details:

    Database Type: Oracle (default)

    Driver Type: Thin (default)

    Name: Service name of the SOA database

    Database Connect String: hostname and port of the SOA database listener, in the format host:port

    User ID: ORAWSM

    Password: Oracle Web Services Manager schema password

  7. Click Next.

    The Summary screen appears.

  8. Click Install.

    The Install, the Oracle WSM Configuration Assistant, and then the End of Installation screens appear.

  9. Click Exit, and then confirm your choice to exit.

3.1.23 Disabling Applications on APPHOST1 and APPHOST2

  1. Navigate to the ORACLE_HOME/j2ee/OC4J_GTWY/config directory.

  2. Open the default-web-site.xml file.

  3. Remove the load-on-startup parameter.

  4. Navigate to the ORACLE_HOME/j2ee/OC4J_WSM/config directory.

  5. Open the default-web-site.xml file.

  6. Remove the load-on-startup parameter.

  7. Issue these commands in ORACLE_HOME_1/opmn/bin:

    opmnctl stopall

    opmnctl startall

  8. Issue these commands in ORACLE_HOME_4/opmn/bin:

    opmnctl stopall

    opmnctl startall

Table 3-1 OC4J Applications disabled

Disable this application... on these OC4J instances

ccore

Both OC4J_GTWY instances

coreman

Both OC4J_GTWY instances and one of the OC4J_WSM instances

policymanager

Both OC4J_GTWY instances

gateway

Both OC4J_WSM instances


3.1.24 Configuring the OWSM Cluster

  1. Connect each gateway host to the OWSM policy manager:

    1. Edit the ORACLE_HOME/owsm/config/gateway/gateway-config-installer.properties file to set the gateway.policymanagerURL property to the Policy Manager's URL, for example: http://soa.mycompany.com/policymanager

    2. Redploy the application by issuing this command in ORACLE_HOME/owsm/bin:

      Windows: wsmadmin.bat deploy password gateway

      Linux: wsmadmin.sh deploy password gateway

      In the preceding command, password is the OC4J_GTWY administrator password set when you created the OC4J_GTWY instance.

  2. Access the OWSM console (user name admin, password oracle) at:

    http://soa.mycompany.com/ccore

    Note:

    The passwordgiven in the step is the default password. You should change this password to ensure security.
  3. Click Add New Component to add a new gateway.

  4. Use these values to register the clustered gateways:

    Component Name: Gateway_Cluster

    Component Type: gateway

    Container Type: Oracle Web Services Manager

    Component URL: http://soa.mycompany.com/gateway

    Leave the defaults for all other values.

  5. Connect the single logical gateway to the OWSM monitor:

    1. Start the Oracle WSM Control application by accessing http://soa.mycompany.com/ccore

      The Enforcement Points page appears.

    2. Locate the Gateway to configure and click its Edit icon.

    3. Set the cfluent.monitor.rmi.host property to the Monitor's host name, for example, APPHOST1.mycompany.com. (Assume coreman is up on apphost1, down on apphost2.)

    4. Set the cfluent.monitor.rmi.port property to the Monitor's RMI port, for example, 3118. (The port number is the value of dataload.monitor.rmi.port in the ORACLE_HOME/owsm/bin/coresv.properties file.)

  6. Click Save.

  7. Connect the Oracle WSM Control to the Oracle WSM Monitor by performing these steps on each OC4J_WSM instance:

    1. Open the ORACLE_HOME/owsm/config/ccore/ui-config-installer.properties file.

    2. Set the ui.om.server.rmiHost property to the Monitor's host name.

    3. Set the ui.om.server.rmiPort property to the Monitor's RMI port.

    4. Save and close the ui-config-installer.properties file.

    5. Redploy the application using one of these commands:

      (Windows) wsmadmin.bat deploy password control

      (Linux) wsmadmin.sh deploy password control

      In the preceding commands, password is the OC4J administrator password.

3.1.25 Configuring the Firewall for the Application Tier

After you have installed all of the components on the Application Tier, you will be able to identify the port numbers that need to be opened on the firewall. This depends on the number of application server instances and types of components installed. In general, the process of configuring the firewall involves these steps:

  1. For each installed instance, determine the component types and their designated port ranges (for example, the OC4J home instance and any instances you create) by examining the opmn.xml file. Example 3-5 shows components and default ports in the opmn.xml file. In the example, the OC4J Admin instance is listening on port 8888. Another instance, Apps, occupies port 12501.

  2. Determine the ports in use with the netstat command:

    netstat -an

  3. Configure the firewall to open only the ports in use.

Example 3-5 Oracle Application Server components and port ranges in opmn.xml

<?xml version = '1.0' encoding = 'UTF-8'?>
<opmn xmlns="http://www.mycompany.com/ias-instance">
   <log path="$ORACLE_HOME/opmn/logs/opmn.log" comp="internal;ons;pm" rotation-size="1500000"/>
   <debug path="$ORACLE_HOME/opmn/logs/opmn.dbg" comp="" rotation-size="1500000"/>
   <notification-server interface="ipv4">
      <port local="6104" remote="6204" request="6007"/>
      <ssl enabled="true" wallet-file="$ORACLE_HOME/opmn/conf/ssl.wlt/default"/>
   </notification-server>
   <process-manager>
      <process-modules>
...
      </process-modules>
      <ias-instance id="ohcoreidoid.stana17.mycompany.com"
 name="ohcoreidoid.stana17.mycompany.com">
...
            <process-type id="IASPT" module-id="IASPT"
 working-dir="/scratch/aime6/coreidoid/oh/iaspt/bin">
               <port id="ajp" range="7501-7600"/>
               <process-set id="IASPT" numprocs="1"/>
            </process-type>
         </ias-component>
         <ias-component id="ASG" status="enabled" id-matching="true">
...
               </module-data>
               <start timeout="600" retry="2"/>
               <stop timeout="120"/>
               <restart timeout="720" retry="2"/>
               <port id="default-web-site" range="8895" protocol="ajp"/>
               <port id="rmi" range="12401-12500"/>
               <port id="rmis" range="12701-12800"/>
               <port id="jms" range="12601-12700"/>
               <process-set id="default_group" numprocs="1"/>
            </process-type>
            <process-type id="admin" module-id="OC4J" status="enabled">
               <module-data>
...
               <port id="default-web-site" range="12501-12600" protocol="ajp"/>
               <port id="rmi" range="12401-12500"/>
               <port id="rmis" range="12701-12800"/>
               <port id="jms" range="12601-12700"/>
               <process-set id="default_group" numprocs="1"/>
            </process-type>
         </ias-component>
         <ias-component id="soa_group" status="enabled">
            <process-type id="oc4j_soa" module-id="OC4J" status="enabled">
...
               <start timeout="600" retry="2"/>
               <stop timeout="120"/>
               <restart timeout="720" retry="2"/>
               <port id="default-web-site" range="12501-12600" protocol="ajp"/>
               <port id="rmi" range="12401-12500"/>
               <port id="rmis" range="12701-12800"/>
               <port id="jms" range="12601-12700"/>
               <process-set id="default_group" numprocs="1"/>
            </process-type>
         </ias-component>
      </ias-instance>
   </process-manager>
</opmn>

Note that the AJP ports used by applications fall within the range 12501-12600. Ensure that all of the AJP ports used by OC4J applications are open on the firewall between the Web server and the application. If a port is not open, the following error occurs when access to the application from the Web tier is attempted (that is, when the URL web host:port/application is requested):

mod_oc4j: request to OC4J apphost1.mycompany.com:12501 failed: Connect failed (errno=110)

This error creates an entry in a log file in the ohs/logs directory.

3.1.26 Deploying J2EE Applications

Follow the steps in this section to deploy applications. You can perform this step before or after configuring clusters.

Deploying Applications with the Oracle Enterprise Manager 10g Application Server Control Console

You can use Application Server Control Console to deploy applications. Follow these steps:

  1. Access the Application Server Control Console at:

    http://soa.mycompany.com:7777/em

    The Login page appears.

  2. Provide the password that was set during installation and click Login.

    The OC4J:home page appears.

  3. Click the Cluster Topology link.

    The Cluster Topology page appears.

  4. Identify in the Members list the OC4J instance in which you will deploy applications. Ensure that a green upward arrow appears in its Status column, indicating that it is running.

    Note:

    You can deploy an application into multiple instances that belong to the same group. Instances in a group have the same name and password. For instructions on creating a group, see the Oracle Application Server Administrator's Guide, section titled "Using Application Server Control to Create and Manage Groups".

    If a group exists, you can scroll down to the Groups section to see the list of instances in the group. To deploy to the group, click the Group name and continue with Step 8.

  5. If necessary, start the OC4J instance by clicking the Select checkbox at the beginning of the row and then clicking the Start button preceding the Members list.

    The Processing: Starting screen appears with this message:

    The selected topology members are being started.

    The Cluster Topology screen appears with a message that the topology member was started.

  6. Click the link for the OC4J instance for application deployment.

    The OC4J screen for the instance appears.

  7. Click the Applications link.

    The Applications page for the instance appears.

  8. Click Deploy.

    The Deploy: Select Archive screen appears.

  9. Provide the location of the archive and click Next.

    The Deploy: Application Attributes screen appears.

    Provide the application name and click Next.

    The Deploy: Deployment Settings screen appears.

  10. (Optional) Perform deployment tasks or deployment plan editing, or save the current settings as a deployment plan.

  11. Click Deploy.

    The Processing: Deploy screen appears with progress messages.

Deploying Applications on the Command Line

To deploy applications into OC4J instances using the command line, follow these steps:

  1. Issue this command in APPHOST1_ORACLE_HOME\jdk\bin\java (the parameters are shown on separate lines for readability only):

    java -jar admin_client.jar uri admin ID admin password

    -deploy -file full path -deploymentName app name

    [-bindAllWebApps [Web site name]]

    [-targetPath full path] [-parent app name] [-deploymentDirectory full path]

    [-iiopClientJar full path]

    Note:

    Ideally, you should include the -bindAllWebApps subswitch to bind all Web modules within the EAR to the Web site through which they will be accessed. If no Web site is specified, modules will be bound to the default Web site.

The EAR file is deployed to the ORACLE_HOME/j2ee/instance name/applications/ directory by default. The deployed EAR file is also copied to this directory. Each successive deployment causes this EAR file to be overwritten.

3.1.27 Configuring Static Discovery to Eliminate Multicast Traffic

If multicast traffic is a problem, you can configure the Web and Application Tier cluster for static discovery by modifying the ORACLE_HOME\opmn\conf\opmn.xml file after installation.

  1. Locate the multicast entry:

    <topology>
      <discover list="*225.0.0.1:8001"/>
    </topology>
    
  2. Replace the entry with a nodes list to specify static discovery instead:

    <topology>
      <nodes list="apphost1:6200,apphost1:6200,apphost2:6200,apphost2:6200,webhost1:6200,webhost1:6200"/>
    </topology>
    
  3. Issue this command in ORACLE_HOME\opmn\bin:

    opmnctl reload

  4. Verify that all nodes are present in the cluster by issuing this command in ORACLE_HOME\opmn\bin:

    opmnctl @cluster status

Note:

When APPHOST1 and APPHOST2 and WEBHOST1 and WEBHOST2 are in different subnets, you also need a gateway entry (shown in bold in the example). The gateway list can consist of only one host and port from each subnet. However, for failover, you need to include multiple hosts from each subnet.
<notification-server>
  ...
   <gateway list="apphost1.mycompany.com:6200&amp;apphost2.mycompany.com:6200&amp;webhost1.mycompany.com:6200&amp;webhost2.mycompany.com:6200/"/>
   </topology>
</notification-server>

Note:

Oracle Notification Service (ONS) and BPEL must use different multicast addresses, if multicast is used for instance discovery.

3.2 Configuring Fast Connection Failover for the RAC Database on APPHOST1 and APPHOST2

Fast Connection Failover provides failover for a JDBC connection to a 10g R1 or 10g R2 RAC database. Upon failure of a RAC node, Oracle Notification Service (ONS) detects the failure and an SQL exception is thrown to application code. To enable Fast Connection Failover on APPHOST1 and APPHOST2:

  1. Open the ORACLE_HOME/opmn/conf/opmn.xml file.

  2. Add the RAC database hostname and remote port identifiers:

    <notification-server>
      <port local="6100" remote="6200" request="6003"/>
      <ssl enabled="false" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default"/>
      <topology>
      <nodeslist="apphost1:6200,apphost2:6200,webhost1:6200,webhost2:6200,infradbhost1:6200,infradbhost2:6200"/>
      </topology>
    </notification-server>
    
  3. Save and close the file.

  4. Open the ORACLE_HOME/j2ee/OC4J_SOA/config/data-sources.xml file.

  5. Add the RAC node information and enable Fast Connection Failover:

    <managed-data-source
     jndi-name="jdbc/TestDemoDS"
     description="Managed DataSource for TestDemoDS"
     connection-pool-name="TestDemoDS Connection Pool"
     name="TestDemoDS"/><connection-pool
     name="TestDemoDS Connection Pool"
     min-connections="10"
     max-connections="30"
     inactivity-timeout="30">
     <connection-factory
       factory-class="oracle.jdbc.pool.OracleDataSource"
       user="system"
       password="welcome1"
       url="jdbc:oracle:oci:@(DESCRIPTION=(LOAD_BALANCE=off)
         (ADDRESS=(PROTOCOL=TCP)(HOST=infradbhost1.mycompany.com)(PORT=1521))
         (ADDRESS=(PROTOCOL=TCP)(HOST=infradbhost2.mycompany.com)(PORT=1521))
         (CONNECT_DATA=(SERVICE_NAME=loon)))"/>
       <property name="loginTimeout" value="30"/>
       <property name="connectionCachingEnabled" value="true"/>
       <property name="fastConnectionFailoverEnabled" value="true"/>
     </connection-factory>
    </connection-pool>
    
  6. Save and close the file.

  7. Issue this command in ORACLE_HOME/opmn/bin:

    opmnctl reload

3.3 Managing Oracle Application Server Component Connections

In order to ensure consistent availability of all services, ensure that the connection time out values for all Oracle Application Server components are set to a lower time out value than that on the firewall and Load Balancing Router. If the firewall or Load Balancing Router drops a connection without sending a TCP close notification message, then Oracle Application Server components will continue to try to use the connection when it is no longer available.

3.4 Configuring Network Communication

After the installation and configuration is complete, configure the network communication as described in this section. Table 3-2 lists the ports open on each firewall.Configure the Load Balancing Router to:

Configure the firewall for communication into DMZ1:

Configure the firewall for communication into and out of DMZ2:

Configure the firewall for communication into DMZ3:

Table 3-2 Open ports between firewall zones

Firewall Zones Ports Purpose

DMZ1 to DMZ2

12510-12510

WEBHOST1 and WEBHOST2, to access APPHOST1 and APPHOST2 AJP ports

DMZ1 to DMZ2

6200, 6201

OPMN cluster gateway

DMZ2 to DMZ1

7777

APPHOST1 and APPHOST2 loopback access to mysoacompany.com:7777

DMZ2 to DMZ3

1521

Database access

DMZ2 to DMZ3

389, 636

Oracle Internet Directory server access

DMZ2 to DMZ3

6200

ONS remote port for Fast Connection Failover for RAC database

DMZ3 to DMZ2

6200

ONS remote port for Fast Connection Failover for RAC database


3.5 Configuring Application Authentication and Authorization

The tasks you have to perform depend on the authentication method you will use for mySOACompany. If you want user login sessions to persist after a failover event, you will need to use single sign-on.

mySOACompany with JSSO and Oracle Internet Directory

Perform these tasks:

  1. Section 3.5.1, "Configuring the Cluster of BPEL Instances on APPHOST1 and APPHOST2 to use Oracle Internet Directory"

  2. Section 3.5.2, "Configuring Java SSO"

mySOACompany with Oracle Access Manager

Perform these tasks:

  1. Section 3.5.1, "Configuring the Cluster of BPEL Instances on APPHOST1 and APPHOST2 to use Oracle Internet Directory"

  2. Chapter 4, "Installing and Configuring Oracle Access Manager"

mySOACompany with Oracle Single Sign-On

Perform these tasks:

  1. "Steps to Use the Oracle Identity Management Security Provider" and "Settings for Authentication Method with Oracle Identity Management" in the Oracle Containers for J2EE Security Guide, Chapter 8.

  2. Section 3.5.1, "Configuring the Cluster of BPEL Instances on APPHOST1 and APPHOST2 to use Oracle Internet Directory"

  3. Chapter 5, "Installing and Configuring Oracle Single Sign-On and Oracle Delegated Administration Services"

3.5.1 Configuring the Cluster of BPEL Instances on APPHOST1 and APPHOST2 to use Oracle Internet Directory

You will need to manually replicate certain OracleAS JAAS Provider settings from the Admin OC4J instance (created during installation) in the OC4J instances that use Oracle Internet Directory, created as described in this section.

For more information on pre- and post-installation requirements, see the Oracle BPEL Process Manager Administrator's Guide, Chapter 2, section titled "Configuring Identity Service 10.1.3.1.0 with 10.1.2 Oracle Internet Directory".

  1. To configure Oracle Internet Directory for BPEL:

    1. Navigate to ORACLE_HOME/bpel/system/services/install/ant-tasks:

    2. Issue this command:

      (Windows) configure_oid.bat

      (Linux) configure_oid.sh

      The syntax for Linux is:

      sh ./configure_oid.sh oid_admin_user oid_admin_passwd oid_nonssl_port ssl_enabled oid_realm_name seedRequiredUsers | seedRequiredUsers oc4j_admin_user oc4j_admin_passwd oc4j_container_name
      

      For example:

      sh ./configure_oid.sh orcladmin welcome 389 false us seedRequiredUsers oc4jadminwelcome1 oc4j_soa
      
  2. If you deployed BPEL or ESB in OC4J instances other the default (home) instance, copy the ORACLE_HOME/j2ee/home/config/jazn.xml file to the ORACLE_HOME/j2ee/oc4j instance name/config/jazn.xml file.

    Note:

    The policies for an OC4J instance are specified by the provider in the <jazn> element in the jazn.xml file.

    When you deploy an application that uses a different provider than the instance-level provider for the instance to which the application is deployed (<jazn> config in the orion-application.xml file differs from <jazn> config in the jazn.xml file, in that one is XML and the other is LDAP), the provider specified in the orion-application.xml file is used for identity store and authentication, while the provider specified in the jazn.xml file would be used for policies and authorization. This is not a recommended usage.

    Note:

    The hw_services application should not be JSSO-enabled. If this application has been inadvertently SSO enabled, deploying a process using ant through the command line will say "Successfully deployed the process..." although the deployment did not actually occur.

3.5.2 Configuring Java SSO

You will need to follow these steps on both Oracle Application Server instances (APPHOST1 and APPHOST2), to configure Java SSO for these applications in the OC4J_Admin and OC4J_SOA instances:

  • orabpel (for Oracle BPEL Process Manager)

  • esb-dt (for Oracle Enterprise Service Bus)

  • ccore (for Oracle Web Services Manager)

  • ascontrol (for Application Server Control Console)

Access the Oracle Enterprise Manager 10g Application Server Control Console and perform these steps:

  1. Click the link for the OC4J instance.

    The OC4J: page appears.

  2. Click Applications.

    The applications are listed.

  3. Click Expand All.

  4. Select the javasso application and click Start.

    This warning message appears:

    Java SSO is not properly configured. This is often caused when you are running multiple Java SSO applications in the cluster that use different shared symmetric keys. Please configure all Java SSO applications in the cluster to use the same shared symmetric key. You can do this from Java SSO Configuration page.

  5. Click Configure Java SSO.

    A confirmation message appears that the SSO configuration was completed and will take effect after the instances are restarted.

  6. Click Restart.

    A confirmation message appears.

  7. Click Yes.

    The instance is restarted. (If you are configuring the OC4J _Admin instance, the system terminates your login session and you must log back in to continue the setup.)

  8. Scroll to the Administration section and click Java SSO Configuration.

    The Java SSO Configuration page appears.

  9. Click Participating Applications.

    The applications are listed.

  10. Click the check box for the applications to be Java SSO enabled.

  11. Click Apply.

  12. To configure SSO for OWSM:

    1. Navigate to ORACLE_HOME/owsm/bin.

    2. Edit the ORACLE_HOME/owsm/bin/install.properties file to set the install.sso.support property to true.

      Issue this command:

      (Windows) wsmadmin.bat deploy password console

      (Linux) wsmadmin.sh deploy password console

      In the preceding commands, password is the OC4J administrator password.

  13. Reconfigure the owsm console application with the Oracle Internet Directory security provider as described in "Steps to Use the Oracle Identity Management Security Provider" and "Settings for Authentication Method with Oracle Identity Management" in the Oracle Containers for J2EE Security Guide.

3.5.3 Disabling the Worklist Application

The worklist application is a sample application that does not support Oracle Single Sign-On or Java SSO. If you do not want any applications that do not support single sign-on to be enabled in a production environment, follow these steps to disable the worklist application:

  1. Open the ORACLE_HOME/j2ee/home/config/default-web-site.xml file.

  2. Modify the file to comment out or delete this line:

    <web-app application="hw_services" name="worklistapp" load-on-startup="true" root="/integration/worklistapp" />
    
  3. Restart the server.