3 Installing and Configuring the mySOACompany Web and Application Tiers

3.1 The Web and Application Tier Configuration Process

The Application Tier (APPHOST1 and APPHOST2) consists of multiple computers hosting middle tier Oracle Application Server instances. Each Oracle home contains multiple Oracle Containers for J2EE (OC4J) instances on which you deploy applications. In the complete configuration, requests are balanced among the OC4J instances on the application tier computers to ensure a performant and fault tolerant application environment.The Web Tier (WEBHOST1 and WEBHOST2) consists of Oracle HTTP Servers.

The complete installation and configuration process for the Web and Application tiers is detailed in this section.

1. Use the 10g Release 3 (10.1.3.1.0) Oracle Universal Installer to install the Web tier Oracle HTTP Servers, specifying the same OPMN cluster:

   1. Install an Oracle HTTP Server on WEBHOST1

   2. Install an Oracle HTTP Server on WEBHOST2

2. Use the 10g Release 3 (10.1.3.1.0) Oracle Universal Installer to install the Application Server tier (ORA_HOME1):

   1. Install an Oracle Application Server instance on APPHOST1 (ORA_HOME1, naming the default OC4J instance ADMIN)

   2. Install an Oracle Application Server instance on APPHOST2 (ORA_HOME1, naming the default OC4J instance ADMIN)

   3. Disable the ADMIN OC4J instance on APPHOST2 (ORA_HOME1)

3. Use the 10g Release 3 (10.1.3.1.0) Oracle Universal Installer to install the Application Server tier (ORA_HOME2):

   1. Install an Oracle Application Server instance on APPHOST1 (ORA_HOME2, naming the default OC4J instance OC4J_GTWY)

   2. Install an Oracle Application Server instance on APPHOST2 (ORA_HOME2, naming the default OC4J instance OC4J_GTWY)

4. Using Oracle Enterprise Manager 10g Grid Control Console, create these OC4J groups and OC4J instances, ensuring that the instances are part of the same OPMN cluster:

   1. On APPHOST1 in the application server instance in ORA_HOME1:

      • SOA_GROUP (for the OC4J_SOA instances)

      • ESBDT_GROUP (for the OC4J_ESBDT instances)

      • WSM_GROUP (for the OC4J_WSM instances)

      • OC4J_SOA

      • OC4J_ESBDT

      • OC4J_WSM

   2. On APPHOST2 in the application server instance in ORA_HOME1:

      • OC4J_SOA

      • OC4J_ESBDT

      • OC4J_WSM

   3. Leave the default ADMIN OC4J instance in the application server instance of ORA_HOME1 in the default group

   4. Leave the default OC4J_GTWY OC4J instance in the application server instance of ORA_HOME2 in the default group

5. Cluster the Oracle HTTP Server and Oracle Application Server instances

   1. If multicast is a problem, configure static discovery of the cluster

   2. Create a gateway for instance discovery, if the instances are not on the same subnet.

   3. Validate and discover the cluster status with the opmnctl status @cluster command

6. Configure the Web server for the load balancer

   1. Add these virtual hosts to the Oracle HTTP Servers on WEBHOST1 and WEBHOST2: soa.mycompany.com and soainternal.mycompany.com:7777

7. Configure the load balancer for soa.mycompany.com and soainternal.mycompany.com:7777

   1. Filter out external access for soa.mycompany.com/em/*

   2. Filter out external access for soa.mycompnay.com/esb/*

   3. NAT internal traffic for soainternal.mycompany.com:7777

8. Use the standalone installer, available on the Companion CD, to install Oracle BPEL Process Manager

   1. On APPHOST1 in the application server instance in ORA_HOME1, install Oracle BPEL Process Manager in the OC4J_SOA instance

   2. On APPHOST2 in the application server instance in ORA_HOME1, install Oracle BPEL Process Manager in the OC4J_SOA instance

   3. Perform post-installation configuration steps

9. Use the standalone installer, available on the Companion CD, to install Oracle Enterprise Service Bus run time instance

   1. On APPHOST1 in the application server instance in ORA_HOME1, install an Oracle Enterprise Service Bus run time instance in the OC4J_SOA instance

   2. On APPHOST2 in the application server instance in ORA_HOME1, install an Oracle Enterprise Service Bus run time instance in the OC4J_SOA instance

   3. Perform post-installation configuration steps

10. Use the standalone installer, available on the Companion CD, to install Oracle Web Services Manager.

    1. On APPHOST1 in the application server instance in ORA_HOME1, install Oracle WSM in the OC4J_WSM instance

    2. On APPHOST2 in the application server instance in ORA_HOME1, install Oracle WSM in the OC4J_WSM instance

    3. Perform post-installation configuration steps, including undeploying applications as appropriate.

    4. On APPHOST1 in the application server instance in ORA_HOME2, install Oracle WSM in the OC4J_GTWY instance

    5. On APPHOST2 in the application server instance in ORA_HOME2, install OWSM to OC4J_GTWY instance

    6. Perform post-installation configuration steps, including undeploying applications as appropriate

11. Install the 10.1.3.3 patch set into all of the Oracle Homes.

12. Oracle Enterprise Service Bus repository instance deployment:

    1. Using the procedure for 10.1.3.3, deploy the Oracle Enterprise Service Bus design time to the repository instance on APPHOST1.

    2. Using the procedure for 10.1.3.3, deploy the Oracle Enterprise Service Bus design time to the repository instance on APPHOST2.

    3. Perform post-installation configuration steps.

13. Install and configure adapters as necessary.

14. Perform the remaining configuration for the Identity Management tier.

3.2 Installing the Oracle HTTP Servers on WEBHOST1 and WEBHOST2

Use the Advanced option of the Oracle Universal Installer to install the Oracle HTTP Server instances.

1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

2. Copy the staticports.ini file from the Disk1/stage/Response directory to a local directory, such as TMP. You will provide the path to this file during installation.

3. Edit the staticport.ini file to assign the following custom port:

   Oracle HTTP Server port = 7777
   

   Note:

   Ensure that this port is not already in use by any other service on the computer. Using the Static Ports feature to install the Application Server Tier ensures that the port assignments will be consistent, if the ports are correctly specified in the file and the port is not already in use. If a port is incorrectly specified, the Oracle Universal Installer will assign the default port. If a port is already in use, the Oracle Universal Installer will select the next available port.

4. Start the Oracle Universal Installer as follows:

   On UNIX, issue this command: runInstaller

   On Windows, double-click setup.exe

   The Oracle Application Server 10.1.3.1.0 Installation screen appears.

5. Specify an installation directory for the instance.

6. Select Advanced Installation Mode.

7. Click Install.

   The Select Installation Type screen appears.

8. Select Web Server and click Next.

   The Specify Port Configuration Options screen appears.

9. Select Manual, specify the location of the staticports.ini file, and click Next.

   The Specify Instance Name screen appears.

10. Specify the instance name and click Next.

    The Cluster Topology Configuration screen appears.

11. Check the box to configure the instance to be part of an Oracle Application Server cluster.

    Specify the multicast address and port.

    Note:

    An example of a multicast address is 225.0.0.20, with port 8001. The address and port should be the same for each computer in a farm. This multicast address used should not be in use by any application or Oracle AS Instance on the network that is not a part of the farm.

12. Click Next.

    The Summary Screen appears.

13. Click Install.

    The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

14. Click Exit, and then confirm your choice to exit.

15. Verify that the installation was successful by viewing the Oracle HTTP Server instances. Start a browser and access:

    http://WEBHOST1.mycompany.com:7777 and

    http://WEBHOST2.mycompany.com:7777

    Note:

    The ORACLE_HOME/install/readme.txt file contains the URLs for the installation and a command to verify the status of processes.

3.3 Installing the Application Server Instances on APPHOST1 and APPHOST2 (ORA_HOME1)

Install an Oracle Application Server instance consisting only of one OC4J instance, using the Advanced installation option of the Oracle Universal Installer. Follow these steps to install application servers to create ORA_HOME1 on APPHOST1 and APPHOST2.

1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

2. Start the Oracle Universal Installer using one of these commands:

   On UNIX, issue this command: runInstaller

   On Windows, double-click setup.exe

   The Oracle Application Server 10.1.3.1.0 Installation screen appears with the Basic Installation Mode and the Integrated Web Server, J2EE Web Server and Process Management installation type selected.

3. Specify an installation directory for the instance, or leave the default.

4. Select Advanced Install and click Next.

   A confirmation dialog appears.

5. Click Yes.

   A progress dialog appears, then the Select Installation Type screen appears.

6. Select J2EE Server and click Next.

   The Specify Port Configuration Options screen appears.

7. Select Automatic and click Next.

   The Administration Settings screen appears.

8. Specify an instance name for the application server instance.

   Note:

   The instance name you specify will be prepended to the host name. For example, if you specify J2EE as the instance name and the host name is server1.mycompany.com, the instance name will be J2EE.server1.mycompany.com.

9. Specify and confirm the administrator password for the default OC4J instance.

10. Specify a name for the default OC4J instance created by the installer (the default is home), such as Admin, or a similar name that designates it as the instance dedicated to Application Server Control.

    Note:

    You will not deploy applications to the Admin OC4J instance; it will not be clustered with the user-created OC4J instances on which applications are deployed.

11. Check the box to designate the instance installed as an administration OC4J instance (the instance on which the Application Server Control Console will operate).

12. Click Next.

    The Cluster Topology Configuration screen appears.

13. Specify the multicast address and port.

    This step configures the multiple instances in the same Oracle Notification Service (ONS) topology. Availability notifications are shared among the participants in the topology, enabling dynamic routing from Oracle HTTP Server to OC4J and dynamic discovery of instances, as well as creation of OC4J groups. This multicast address has purposes different from the multicast address provided in Section 3.12, "Configuring the Cluster of BPEL Instances on APPHOST1 and APPHOST2."

    Note:

    An example of a multicast address is 225.0.0.20, with port 8001. The address and port should be the same for each computer in a farm. The multicast address specified must not be in use by any application or Oracle Application Server instance on the network that is not a part of the farm.

14. Select the checkbox for the option Access this OC4J instance from a separate Oracle HTTP Server.

15. Click Next.

    The Summary screen appears.

16. Click Install.

    The Preparing to Install dialog appears, then the Install screen appears.

17. The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

18. Click Exit, and then confirm your choice to exit.

    The first Oracle home, labeled ORA-HOME1 in the diagrams in Chapter 1, now exists on APPHOST1 and APPHOST2, with the Admin OC4J instance created.

19. Verify that the installation was successful by viewing the instance in Oracle Enterprise Manager 10g. Start a browser, log in to the Application Server Control Console, and view the application server instances at:

    http://WEBHOST1.mycompany.com:7777/em and

    http://WEBHOST2.mycompany.com:7777/em

    Notes:

    On Windows, you can use the Start menu to select the instance, and then select the Oracle Application Server Control option.

    The ORACLE_HOME/install/readme.txt file contains the URLs for the installation and a command to verify the status of processes.

    By default, all components in the application tier are started in one JVM. You can increase the number of JVMs for the OC4J_SOA instance (Oracle BPEL Process Manager and Oracle Enterprise Service Bus). See the chapter titled "Reconfiguring Application Server Instances" in the Oracle Application Server Administrator's Guide in the 10g Release 3 (10.1.3.1) documentation library.

3.4 Disabling Application Server Control Console on APPHOST2 (Optional)

Application Server Control Console stores certain local state information that does not get replicated to another active Application Server Control Console. This includes things such as JMX Notification Subscriptions and Received Notifications. If you use JMX notifications, you may wish to disable Application Server Control Consoles other than that on APPHOST1, so that Oracle HTTP Server does not route requests to them. This will ensure that notifications subscriptions are not changed or deleted on the instance receiving requests (causing the two instances to be out of synchronization). You can disable routing to Application Server Control Consoles by setting the ohs-routing tag in the default-web-site.xml file for the Application Server Control Console to false as shown:

<web-app application="ascontrol" load-on-startup="true"
name="ascontrol"
ohs-routing="false" root="/em"/>

You can set ohs-routing to true if you need to use the secondary Application Server Control Consoles for failover. You will need to use some backup and recovery procedure in order to restore the state of notification subscriptions and received notifications from the primary Application Server Control Consoles to the secondary.

If you have multiple Application Server Control Consoles active, be aware of the following:

• If you change the administrator password on the managed OC4J instances, you will have to make the same change to the stored administrator password on all Application Server Control Console instances. When Oracle HTTP Server directs requests to an Application Server Control Console that does not have the correct password, attempts to connect to the managed instance will fail and Application Server Control Console will prompt for the new administrator password.

• On login, Application Server Control Console displays a warning on the Cluster Topology page that there are multiple instances running.

3.5 Listing Occupied Ports

Use the netstat command to identify occupied ports:

netstat -an

The port numbers within the AJP port range (12501-12600) that do not appear in the output of the netstat command are the port numbers that you can assign to OC4J instances.

3.6 Installing the Application Server Instances on APPHOST1 and APPHOST2 (ORA_HOME2)

Install an Oracle Application Server instance consisting only of one OC4J instance, using the Advanced installation option of the Oracle Universal Installer. Follow these steps to install application servers to create ORA-HOME2 on APPHOST1 and APPHOST2.

1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

2. Start the Oracle Universal Installer using one of these commands:

   On UNIX, issue this command: runInstaller

   On Windows, double-click setup.exe

   The Oracle Application Server 10.1.3.1.0 Installation screen appears with the Basic Installation Mode and the Integrated Web Server, J2EE Web Server and Process Management installation type selected.

3. Specify an installation directory for the instance, or leave the default.

4. Select Advanced Install and click Next.

   A confirmation dialog appears.

5. Click Yes.

   A progress dialog appears, then the Select Installation Type screen appears.

6. Select J2EE Server and click Next.

   The Specify Port Configuration Options screen appears.

7. Select Automatic and click Next.

   The Administration Settings screen appears.

8. Specify an instance name for the application server instance.

   Note:

   The instance name you specify will be prepended to the host name. For example, if you specify J2EE as the instance name and the host name is server1.mycompany.com, the instance name will be J2EE.server1.mycompany.com.

9. Specify and confirm the administrator password for the default OC4J instance.

10. Specify a name for the default OC4J instance created by the installer (the default is home), such as OC4J_GTWY, or a similar name that designates it as the instance dedicated to the gateway.

11. Do not check the box to designate the instance installed as an administration OC4J instance (the instance on which the Application Server Control Console will operate).

12. Click Next.

    The Cluster Topology Configuration screen appears.

13. Specify the multicast address and port.

    Note:

    An example of a multicast address is 225.0.0.20, with port 8001. The address and port should be the same for each computer in a farm. The multicast address specified must not be in use by any application or Oracle Application Server instance on the network that is not a part of the farm.

14. Select the checkbox for the option Access this OC4J instance from a separate Oracle HTTP Server.

15. Click Next.

    The Summary screen appears.

16. Click Install.

    The Preparing to Install dialog appears, then the Install screen appears.

17. The Configuration Assistants screen appears. When the configuration process completes, the End of Installation screen appears.

18. Click Exit, and then confirm your choice to exit.

    The second Oracle home, labeled ORA-HOME2 in the diagrams in Chapter 1, now exists on APPHOST1 and APPHOST2, with the OC4J_GTWY instance created.

19. Verify that the installation was successful by viewing the instance in Oracle Enterprise Manager 10g. Start a browser, log in to the Application Server Control Console, and view the application server instance at:

    http://WEBHOST1.mycompany.com:7777/em

    Notes:

    On Windows, you can use the Start menu to select the instance, and then select the Oracle Application Server Control option.

    The ORACLE_HOME/install/readme.txt file contains the URLs for the installation and a command to verify the status of processes.

3.7 Creating OC4J Instances and OC4J Groups on APPHOST1 and APPHOST2

You must create the OC4J instances and groups shown in the diagrams in Chapter 1. OC4J groups synchronize configuration of the OC4J instances in the group. For example, the SOA_GROUP created in this procedure ensures that configuration related to data sources, JMS, etc. will be synchronized across the multiple OC4J containers that are part of the group. Deployment of Oracle BPEL Process Manager is done on a per instance basis, as described in Section 3.11. BPEL processes, in turn, are deployed to the dehydration store. Since Oracle BPEL Process Manager instances in a BPEL cluster share the same dehydration store, a BPEL process need only be deployed once.

Instances:

• OC4J_SOA

• OC4J_ESBDT

• OC4J_WSM

Groups:

• SOA_GROUP

• ESBDT_GROUP

• WSM_GROUP

1. Log in to the Application Server Control Console with the password set during installation.

   The Cluster Topology page appears.

2. Click the link for the application server instance (APPHOST1 or APPHOST2 in the Members list). You will create the instances in ORA-HOME1 only.

   The Application Server page for the instance appears, with the Admin OC4J instance in the System Components list.

3. Click Create OC4J Instance.

   The Create OC4J Instance page appears.

4. Enter OC4J_SOA in the OC4J Instance Name field.

5. Select Add to a new group with name, enter SOA_GROUP in the New Group Name field, and check the box to start the instance.

6. Click Create.

   The Processing: screen appears with a message, then the Application Server page appears with the new instance and a confirmation message that the instance was created and added to the group.

7. Click the OC4J_SOA instance.

   The OC4J page appears.

8. Click Administration.

   The Administration Tasks table appears.

9. Click the Go to Task icon for Server Properties in the Properties list.

   The Server Properties page appears.

10. Specify an unused AJP port (see Section 3.5, "Listing Occupied Ports") for the default-web-site and click Apply.

    The Processing screen appears with a status message, then a confirmation message appears.

11. Repeat steps 1 through 9 for the OC4J_ESBDT and OC4J_WSM instances, using ESBDT_GROUP and WSM_GROUP as the respective group names. Assign a different unique port within the AJP port range to each instance.

12. Issue these commands in ORACLE_HOME/opmn/bin:

    opmnctl stopall

    opmnctl startall

3.8 Configuring the Cluster Gateways on WEBHOST1,2 and APPHOST1,2 (Optional)

Firewalls separate the various tiers as shown in the architecture diagrams in Chapter 1. To enable communications between clusters on the tiers separated by a firewall, a cross-topology gateway needs to be configured. In a cross-topology gateway, one or more nodes on each side of the firewall are designated as entry points into the cluster.

For the Enterprise Deployment described in this guide, WEBHOST1 and WEBHOST2 are clustered on the web server tier (DMZ1) while APPHOST1 and APPHOST2 are clustered on the application server tier (DMZ2). To enable maximum redundancy, configure more than one node on each tier as the gateway (for example, configure WEBHOST1, WEBHOST2 in DMZ1 and APPHOST1, APPHOST2 on DMZ2 as gateway servers). The Oracle Notification Service (ONS) remote port on each instance is used for communication between the gateway servers.

To implement the gateway configuration:

1. Open the ORACLE_HOME/opmn/conf/opmn.xml file on APPHOST1.

2. Create the <gateway> subelement as shown in the example:

   <notification-server>
   

   <port local="6101" remote="6200" request="60041"/>
   

   <ssl enabled="true" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default"/>
   

   <topology>
   

   <discover list="*225.0.0.20:8001"/>
      <gateway list="apphost1.mycompany.com:6200&amp;apphost2.mycompany.com:6200&amp;apphost1.mycompany.com:6300&amp;apphost2.mycompany.com:6300/webhost1.mycompany.com:6200&amp;webhost2.mycompany.com:6200"/>
      <gateway  list="webhost1.mycompany.com:6200&amp;webhost2.mycompany.com:6200/apphost1.mycompany.com:6200&amp;apphost2.mycompany.com:6200&amp;apphost1.mycompany.com:6300&amp;apphost2.mycompany.com:6300"/>
      </topology>
   </notification-server>
   ...
   

   Note:

   6200 is the OPMN remote port for ORA_HOME1 APPHOST1, APPHOST2, WEBHOST1 and WEBHOST2. 6300 is the OPMN remote port for ORA_HOME2 on APPHOST1 and APPHOST2. You must view the opmn.xml file on each server to determine the port values needed for the configuration.

3. Issue this command in ORACLE_HOME/opmn/bin on APPHOST1:

   opmnctl reload

4. Copy the <gateway> subelement to the opmn.xml file on APPHOST2.

5. Issue this command in ORACLE_HOME/opmn/bin on APPHOST2:

   opmnctl reload

6. Copy the <gateway> subelement to the ORACLE_ HOME/opmn/conf/opmn.xml file on WEBHOST1 and change the host names to the WEBHOST host names.

7. Issue this command in ORACLE_HOME/opmn/bin on WEBHOST1:

   opmnctl reload

8. Copy the <gateway> subelement to the opmn.xml file on WEBHOST2.

9. Issue this command in ORACLE_HOME/opmn/bin on WEBHOST2:

   opmnctl reload

10. Note:

    For more information, see "Configuring Cross-Topology Gateways" in the Oracle Containers for J2EE Configuration and Administration Guide.

3.9 Configuring the Oracle HTTP Servers on WEBHOST1 and WEBHOST2 with the Load Balancing Router

The Load Balancing Router receives client requests and balances them to the two Oracle HTTP Server instances on the Web tier. This is accomplished using two virtual hosts: soa.mycompany.com for external access, and soainternal.mycompany for internal access. Only the external access URL is SSL-enabled.

To configure the Oracle HTTP Server instances to listen on the virtual hosts:

1. Open the Oracle HTTP Server configuration file:

   Apache 1.3:

   ORACLE_HOME/Apache/Apache/conf/httpd.conf

   Apache 2.0:

   ORACLE_HOME/ohs/conf/httpd.conf

2. Perform the following steps:

   1. Add the LoadModule certheaders_module directive for the appropriate platform.

      UNIX Apache 1.3:

      LoadModule certheaders_module libexec/mod_certheaders.so

      UNIX Apache 2.0 (use this directive if you plan to use Apache 2.0 on UNIX):

      LoadModule certheaders_module modules/mod_certheaders.so

      Windows:

      LoadModule certheaders_module modules/ApacheModuleCertHeaders.dll

   2. Add the lines shown for the Apache version you are using to create a NameVirtualHost directive and a VirtualHost container for soa.mycompany.com and port 443.

      Apache 1.3:

      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName soa.mycompany.com
        Port 443
        ServerAdmin you@your.address
        RewriteEngine On
        RewriteOptions inherit
        SimulateHttps On
      </VirtualHost>
      
      <VirtualHost *:7777>
        ServerName soainternal.mycompany.com
        Port 7777
        ServerAdmin you@your.address
        RewriteEngine On
        RewriteOptions inherit
      </VirtualHost>
      

      Apache 2.0 (UNIX):

      NameVirtualHost *:7777
      <VirtualHost *:7777>
        ServerName soa.mycompany.com:443
        ServerAdmin you@your.address
        RewriteEngine On
        RewriteOptions inherit
        SimulateHttps On
      </VirtualHost>
      
      <VirtualHost *:7777>
        ServerName soainternal.mycompany.com:7777
        ServerAdmin you@your.address
        RewriteEngine On
        RewriteOptions inherit
      </VirtualHost>
      

      Notes:

      The LoadModule directives (in particular, the LoadModule rewrite_module directive) must appear in the httpd.conf file at a location preceding the VirtualHost directives. The server must load all modules before it can execute the directives in the VirtualHost container.

      It is a good idea to create the VirtualHost directives at the end of the httpd.conf file.

      The LoadModule rewrite_module directive must appear before the LoadModule certheaders_module directive.

3. Save the httpd.conf file.

4. Restart the components by issuing these commands in ORACLE_HOME/opmn/bin:

   opmnctl stopall

   opmnctl startall

5. Verify that you can access these URLs:

   http://soainternal.mycompany.com:7777/j2ee

   https://soa.mycompany.com/j2ee

3.10 Configuring the Load Balancing Router

1. Configure the load balancer to balance requests between WEBHOST1 and WEBHOST2 for virtual hosts https://soa.mycompany.com and http://soainternal.mycompany.com:7777

2. Enable monitoring for the Oracle HTTP Server instances on WEBHOST1 and WEBHOST2.

3. Enable filtering to filter out external access to:

   https://soa.mycompany.com/em/*

   https://soa.mycompany.com/esbdt/*

   https://soa.mycompany.com/BPELConsole/*

   https://soa.mycompany.com/ccore/*

4. Include a Network Address Translation (NAT) statement to specify that soainternal.mycompany.com is invisible externally.

5. Ensure that persistence is not set for soa.mycompany.com and soainternal.mycompany.com.

3.11 Installing the Oracle BPEL Process Manager Instances on APPHOST1 and APPHOST2 from the Oracle BPEL Process Manager (10.1.3.1.0) CD

The Oracle BPEL Process Manager instances must be installed in the OC4J_SOA instances on APPHOST1 and APPHOST2.

1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

2. Insert the Oracle BPEL Process Manager (10.1.3.1.0) CD.

3. Start the Oracle Universal Installer:

   On UNIX, issue this command: runInstaller

   On Windows, double-click setup.exe

   The Welcome screen appears.

4. Click Next.

   The Specify File Locations screen appears.

5. Specify ORA_HOME1 as the installation directory (the same Oracle home as the Admin OC4J instance).

6. Click Next.

   The Select Installation Type screen appears.

7. Select the BPEL Process Manager for OracleAS Middle Tier option and click Next.

   The Specify Outgoing HTTP Proxy Information screen appears.

8. Specify the host, port and bypass proxy and click Next.

   The Specify Database screen appears.

9. Specify database information:

   Database Type: Oracle Database

   Hostname and Port: INFRADBHOST1-V.mycompany.com:1521^INFRADBHOST2-V.mycompany.com:1521

   Service Name: ORCLSVC.mycompany.com

   ORABPEL Schema Password: (BPEL Process Manager Schema password)

10. Click Next.

    The Administration Settings screen appears.

11. Specify administration settings:

    AS Administrator Password: (The Oracle Application Server administrator password set during installation)

    OC4J Instance Name: OC4J_SOA

    HTTP Host:Port: soainternal.mycompany.com:7777

12. Click Next.

    The Summary screen appears.

13. Click Install.

    The installation proceeds, and then completes.

14. Click Exit, and confirm your choice to exit.

15. Verify that the installation was performed correctly by accessing these URLs:

    http://soainternal.mycompany.com:7777/BPELConsole

3.12 Configuring the Cluster of BPEL Instances on APPHOST1 and APPHOST2

This section briefly explains how to cluster BPEL instances for the Enterprise Deployment. BPEL instances in a cluster share the same dehydration store. If a BPEL instance fails, the surviving instance(s) in the cluster can resume ownership of a flow. Recovery can be manual, or can be scripted. A BPEL process suitcase is stored in the dehydration store as well, which allows a BPEL process to be deployed once to the store, and then be picked up for local deployment by each individual Oracle BPEL Process Manager instance in a BPEL cluster. This requires that Jgroups be configured. For more information, see the Oracle BPEL Process Manager Installation Guide, section titled "Creating an Oracle BPEL Process Manager Cluster".

1. Configure these server side properties (these instructions assume that APPHOST1 and APPHOST2 are in the same subnet. If they are not, see the instructions in the Oracle BPEL Process Manager Installation Guide 10g Release 3):

   Set enableCluster to true and assign a name to the clusterName property in ORACLE_HOME/bpel/system/config/collaxa-config.xml. The clusterName configures the Oracle BPEL Process Manager instances in a BPEL cluster, and should be the same on APPHOST1 and APPHOST2.

   Set mcast-addr and mcast-port in ORACLE_HOME/bpel/system/config/jgroups-protocol.xml. This configures the Jgroups configuration used by Oracle BPEL Process Manager as well as singleton adapters, such as the FTP adapter and the file adapter.The values for the mcast-addr and mcast-port properties:

   • Must be the same for all Oracle BPEL Process Manager nodes in the cluster

   • Should be the same for all Oracle BPEL Process Manager nodes in the cluster

   • Should not be in use by any application or instance on the network that is not also part of the farm

   Note:

   This step is required to manage the adapter state (active or passive) and for propagation of process deployment notifications in the BPEL cluster. Configuration of Jgroups in BPEL and configuration of the ONS topology in Oracle Application Server have different purposes, and must have different multicast addresses to prevent network conflicts.

2. Set the soapServerURL to the same value as the load balancer internal URL and the soapCallbackUrl to the same value of the load balancer external URL, using the BPELADMIN console on each APPHOST:

   1. Log in to Oracle BPEL Admin Console (http://hostname:port/BPELAdmin) as the oc4jadmin user.

   2. In the Configuration tab, set these values:

      soapServerURL to http://soainternal.mycompany.com:7777

      soapCallbackURL to https://soa.mycompany.com

   3. Refer to the Oracle BPEL Process Manager Administrator's Guide for more information on securing BPEL processes.

3. Configure these properties on the client side of all computers in the cluster:

   In the ORACLE_HOME/bpel/utilities/ant-orabpel.properties file, set cluster to true.

   Set oc4jinstancename to SOA_GROUP (the name of the OC4J group that has the Oracle BPEL Process Manager deployed to it).

4. Restart the OC4J_SOA instances on both computers.

3.13 Installing the Oracle Enterprise Service Bus Runtime Instances on APPHOST1 and APPHOST2 from the Oracle Enterprise Service Bus (10.1.3.1.0) CD

The ESB Runtime instances must be installed in the OC4J_SOA instances on APPHOST1 and APPHOST2.

1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

2. Insert the Oracle Enterprise Service Bus (10.1.3.1.0) CD.

3. Start the Oracle Universal Installer:

   On UNIX, issue this command: runInstaller

   On Windows, double-click setup.exe

   The Welcome screen appears.

4. Click Next.

   The Specify File Locations screen appears.

5. Specify ORA_HOME1 as the installation directory (the same Oracle home as the OC4J_SOA instance).

6. Click Next.

   The Select Installation Type screen appears.

7. Select the Enterprise Service Bus for OracleAS Middle Tier option and click Next.

   The Specify Outgoing HTTP Proxy Information screen appears.

8. Specify the host, port and bypass proxy and click Next.

   The Specify Database screen appears.

9. Specify database information:

   Database Type: Oracle Database

   Hostname and Port: INFRADBHOST1-V.mycompany.com:1521^INFRADBHOST2-V.mycompany.com:1521

   Service Name: ORCLSVC.mycompany.com

   ORAESB Schema Password: (ESB Schema password)

10. Click Next.

    The Administration Settings screen appears.

11. Specify administration settings:

    AS Administrator Password: (The Oracle Application Server administrator password set during installation)

    OC4J Instance Name: OC4J_SOA

    HTTP Host:Port: soainternal.mycompany.com:7777

12. Click Next.

    The Select ESB Type screen appears.

13. Select Runtime and click Next.

    The Summary screen appears.

14. Click Install.

    The installation proceeds, and then completes.

15. Click Exit, and confirm your choice to exit.

3.14 Installing the OWSM Instances on APPHOST1 and APPHOST2 from the Oracle Web Services Manager (10.1.3.1.0) CD

The OWSM instances must be installed in these Oracle homes and OC4J instances as follows:

APPHOST1, Oracle home 1: OC4J_WSM

APPHOST2, Oracle home 2: OC4J_GTWY

APPHOST2, Oracle home 1: OC4J_WSM

APPHOST2, Oracle home 2: OC4J_GTWY

1. Ensure that the system, patch, kernel and other requirements are met as specified in the Oracle Application Server Installation Guide for the platform you are using. You can find this guide in the Oracle Application Server platform documentation library for the platform and version you are using.

2. Insert the Oracle Web Services Manager (10.1.3.1.0) CD.

3. Start the Oracle Universal Installer:

   On UNIX, issue this command: runInstaller

   On Windows, double-click setup.exe

   The Oracle Web Services Manager 10g (10.1.3.1.0) Installation screen appears.

4. Specify the installation directory into which you installed the J2EE Server Oracle Application Server instance.

5. Specify the Application Server Details:

   HTTP Host:Port: soainternal.mycompany.com:7777

   OC4J Instance Name: OC4J_WSM or OC4J_GTWY (each in its Oracle home as described at the beginning of this procedure)

   Administrator User: oc4jadmin

   Administrator Password: (The password set during installation)

6. Specify the Database Details:

   Database Type: Oracle Database

   Driver Type: Thin

   Name: ORCLSVC.mycompany.com

   Database Connect String: (Hostname and port of the SOA database listener, in the format host:port) INFRADBHOST1-V:1521^INFRADBHOST2-V:1521

   User ID: ORAWSM

   Password: (Oracle Web Services Manager schema password)

7. Click Next.

   The Summary screen appears.

8. Click Install.

   The Install, the Oracle WSM Configuration Assistant, and then the End of Installation screens appear.

9. Click Exit, and confirm your choice to exit.

3.15 Configuring the OWSM Cluster

1. Access the OWSM console (the default user name is admin and the default password is oracle—you should change these for security reasons) at:

   http://soainternal.mycompany.com:7777/ccore

2. Click Add New Component.

3. Use these values to register the clustered gateways:

   Component Name: Gateway_Cluster

   Component Type: gateway

   Container Type: Oracle Web Services Manager

   Component URL: http://soainternal.mycompany.com:7777/gateway

   Leave the defaults for all other values.

4. Connect the single logical gateway to the OWSM monitor:

   1. Start the Oracle WSM Control application by accessing http://soainternal.mycompany.com:7777/ccore.

      The Enforcement Points page appears.

   2. Locate the gateway to configure and click its Edit icon.

   3. Set the cfluent.monitor.rmi.host property to the monitor's host name, for example, APPHOST1.mycompany.com (assuming coreman is up on APPHOST1 and down on APPHOST2).

   4. Set the cfluent.monitor.rmi.port property to the monitor's RMI port, for example, 3118. (The port number is the value of dataload.monitor.rmi.port in the ORACLE_ HOME/owsm/bin/coresv.properties file.)

5. Click Save.

6. Connect the Oracle WSM Control to the Oracle WSM Monitor by performing these steps on each OC4J_WSM instance:

   1. Open the ORACLE_ HOME/owsm/config/ccore/ui-config-installer.properties file.

   2. Set the ui.om.server.rmiHost property to the Monitor's host name.

   3. Set the ui.om.server.rmiPort property to the Monitor's RMI port.

   4. Save and close the ui-config-installer.properties file.

   5. Redploy the application using one of these commands:

      (Windows) wsmadmin.bat deploy OC4J administrator password control

      (Linux) wsmadmin.sh deploy OC4J administrator password control

3.16 Applying the Patch to the Oracle Home on WEBHOST1 and WEBHOST2

Using the 10.1.3.3 Oracle Universal Installer, apply the patch to the Oracle home on the WEBHOST computers.

3.17 Applying the Patch to ORA-HOME1 and ORA-HOME2 on APPHOST1 and APPHOST2

1. Stop all components on APPHOST1 and APPHOST2.

2. Increase the MaxPermSize parameter as described in Section 3.12.2, "Resolving Out-of-Memory Errors in the BPEL Runtime Console".

3. Using the 10.1.3.3 Oracle Universal Installer, apply the patch to ORA-HOME1 and ORA-HOME2 on APPHOST1 and APPHOST2.

3.18 Undeploying Oracle Web Services Manager Applications on APPHOST1 and APPHOST2

Use the Application Server Control Console to undeploy the listed applications on APPHOST1 and APPHOST2:

1. Log in to the Application Server Control Console with the password set during installation.

   The Cluster Topology page appears.

2. Click the link in the Members list for the application server instance (APPHOST1 or APPHOST2).

   The Application Server page for the instance appears, listing the OC4J instances under the System Components list (for example, OC4J_WSM).

3. Click the link for OC4J instance.

   The OC4J Instance page appears.

4. Click the Applications tab.

   The applications page for the OC4J instance appears. Click Expand All to list the applications deployed in that container.

5. Select the applications and click Undeploy.

   The Undeploy Application page appears, listing the applications selected for undeployment.

6. Selet Yes.

3.19 Deploying the Oracle Enterprise Service Bus Repository Instance on APPHOST1 and APPHOST2

1. Update the ORACLE_HOME/integration/esb/install/ant-tasks/esb_oc4j_install_props.xml file with the values for your configuration (these values are those entered during the Oracle Enterprise Service Bus standalone installation). Example 3-2 shows the contents of the file.

2. Set the environment by executing the esbsetenv.sh script, located in the ORACLE_HOME/integration/esb/bin directory.

3. Deploy the Oracle Enterprise Service Bus repository or runtime instance by executing:

   ant -f $ORACLE_HOME/integration/esb/install/ant-tasks/esboc4j.xml

   Note:

   The ant script does not perform the RAC configuration in the data-sources.xml file. After the Ant script finishes executing, you must modify the ORACLE_HOME/j2ee/oc4j_esbdt/config/data-sources.xml file to configure the RAC. (In the path given, substitute oc4j_esbdt with the name of the OC4J container on your system, the directory in which the ESB repository was deployed using Ant scripts.)

   Modify the connection pools ESBPool and ESBAQJMSPool to include the following:

   <connection-factory factory-class="oracle.jdbc.pool.OracleDataSource" 
   url="jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=tcp)(HOST=host1-vip.us.oracle.com) PORT=1521))(ADDRESS=(PROTOCOL=tcp)(HOST=host2-vip)(PORT=1521))) (CONNECT_DATA=(SERVICE_NAME=ORCL.us.oracle.com)))"
   
   user="oraesb" password="->pwdforOraesb">
   

4. Verify that the Oracle Enterprise Service Bus repository instance deployment was successful by accessing the Repository Instance Console at:

   http://soainternal.mycompany.com:7777/esb

?xml version="1.0"?>
<!--  $Header: esb_oc4j_install_props.xml 28-apr-2007.02:07:30 apatel Exp $ --><!-- Copyright (c) 2007, Oracle.  All rights reserved.
   NAME     esb_oc4j_install_props.xml - Values to be used for deploying ESB on OC4J container   DESCRIPTION     esb_oc4j_install_props.xml is imported in esboc4j.xml build file to deploy
     ESB (either repository or runtime) on OC4J container. Change the values of
     the properties in this file per your environment and then run ant -f ORACLE
     _HOME/integration/esb/install/ant-tasks/esboc4j.xml.
     The values of the properties you enter here are the ones you enter
     on Oracle Universal Installer (OUI) while installing Enterprise 
     Service Bus (ESB) on OracleAS midtier using Advanced option.
   NOTES     <other useful comments, qualifications, etc.>
   MODIFIED   (MM/DD/YY)
   apatel     03/05/07 - Creation
-->
<project name="ESB Installation Properties" default="">
<!--
        OC4J container in which you want to deploy ESB
-->
<property name="home_container_v" value="OC4J_ESBDT"/>
<!--
        ESB component (runtime or repository) that you want to deploy on OC4J.
        Possible values: 'design' (for repository)
                         'runtime' (for runtime)
-->
<property name="esb_type_v" value="design"/>
<!--
        OC4J host hosting the repository
-->
<property name="ohs.host" value="soa.acme.com"/>
<!--
        Port of OC4J host hosting the repository
-->
<property name="ohs.port" value="7777"/>
<!--
        Username for connecting to oraesb schema
-->
<property name="db.user" value="oraesb"/>
<!--
        Password for connecting to oraesb schema
-->
<property name="db.password" value="oraesb"/>
<!--
        Database host where oraesb schema is installed
-->
<property name="db_host_v" value="stajo05-vip.us.oracle.com"/>
<!--
        Port of database host where oraesb schema is installed
-->
<property name="db_port_v" value="1521"/>
<!--
        Service name for database where oraesb schema is installed
-->
<property name="db_sid_v" value="ORCLSVC.mycompany.com"/>
<!--
        Value of AS Instance Name to which the OC4J instance
        belongs.  The OC4J instance is the one specified in
        property 'home_container_v' in this file.
--><property name="ias_name_v" value="prodsoa1.stbee19.us.oracle.com"/>
<!--
        Value for 'AS Administrator Password'
-->
<property name="admin.server.password" value="welcome1"/>
<!--
        Database url for connecting to oraesb schema
        Sample value: jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=tcp)(HOST=mypc.acme.com)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=orcl)))
-->
<property name="db.url" value="jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(LOAD_BALANCE=on)(ADDRESS=(PROTOCOL=tcp)(HOST=stajo05-vip.us.oracle.com)(PORT=1521))(ADDRESS=(PROTOCOL=tcp)(HOST=stajo06-vip.us.oracle.com)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=ORCLSVC.mycompany.com)))"/>
<!--
        If your computer is located behind a firewall
        you may need to route outgoing HTTP connections
        through a proxy server.
        Sample value: www-proxy.acme.com
-->
<property name="http.proxy.host" value="proxy.acme.com"/>
<!--
        HTTP proxy port
-->
<property name="http.proxy.port" value="80"/>
<!--
        Addresses for which proxy should be bypassed
        Sample value: "*acmecorp.com|localhost|mypc.us.oracle.com|*acme.com"
-->
<property name="http.non.proxy.hosts" value="*acmecorp.com|localhost|mypc.acme.com|*acme.com"/>
<!--
        Value of AS Instance Name.
        You can also get this value from $ORACLE_HOME/config/ias.properties property 'IASname'
        Sample value: soahome.mypc.acme.com
-->
<property name="ias.name" value="prodsoa1.stbee19.us.oracle.com"/>
<!--
        Value for OPMN request port.
        You can get this value from the following snippet in 
        $ORACLE_HOME/opmn/conf/opmn.xml
        <notification-server>
        <port local="6101" remote="6201" request="6004"/>
        <ssl enabled="true" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default"/>
        </notification-server>
-->
<property name="opmn.requestport" value="6003"/>
<!--
        Sample value: mypc.acme.com
-->
<property name="ias.virtual_host" value="stbee19.us.oracle.com"/>
</project>

3.20 Configuring Service Failover for the OC4J_ESBDT Instances

The failover scheme for the OC4J_ESBDT instances dictates that only one instance is up at any given time. If the single active instance fails, OPMN will start the other instance. Follow these steps on both OC4J_ESBDT instances to configure the failover:

1. Open the ORACLE_HOME\opmn\conf\opmn.xml file.

2. Modify the OC4J_ESBDT process as shown in bold:

   <process-type id="OC4J_ESBDT" module-id="OC4J" service-failover="1" status="enabled">
   

3. Remove the numprocs entry:

   <process-set id="default_group" numprocs="1"/>
   

4. Restart the instance by issuing these commands in ORACLE_HOME\opmn\bin:

   opmnctl reload

   opmnctl restartproc process-type=OC4J_ESBDT

3.21 Configuring Oracle Enterprise Service Bus for Singleton Adapters

If Oracle Enterprise Service Bus is deployed across a cluster, and an ESB flow is triggered by a singleton adapter (such as a file adapter), one, and only one instance of the clustered ESB should pick up the file and start one process. The ESB inbound endpoint property clusterGroupId enforces singleton behavior by adapters in a clustered environment. This feature is designed for endpoints, such as a file system, that do not natively support a solid locking mechanism, as does a SQL database.

This singleton control of adapters requires that the ESB and BPEL instances belong to the same Jgroup configuration, obtained from the mcast-addr and mcast-port values in the ORACLE_HOME/bpel/system/config/jgroup-protocol.xml file, as described in Section 3.12, "Configuring the Cluster of BPEL Instances on APPHOST1 and APPHOST2."

To configure this behavior, you assign a combination of J2EE Connector Architecture (JCA) endpoint activations to a specific cluster group (typically, activations toward the same non-transactional endpoint, such as the same directory). Only one activation can be active at any given time. For example:

Cluster 1, instance 1:

<service name="InboundServiceX" ...>
   ... 
   <endpointProperties> 
      <property name="clusterGroupId" value="cluster1"/>
   </endpointProperties> 
</service>

Cluster1, instance 2:

<service name="InboundServiceX" ...>
   ... 
   <endpointProperties>
      <property name="clusterGroupId" value="cluster1"/>
   </endpointProperties>
</service> 

Cluster1, instance 3:

<service name="InboundServiceX" ...>
   ...
   <endpointProperties>
      <property name="clusterGroupId" value="cluster1"/>
   </endpointProperties>
</service>

[...] 

In this configuration, all JCA adapter endpoint activations belonging to the same cluster group (in this case, cluster 1) will at any given time have only one activation active (the primary activation), and will be actively polling the endpoint (the file system). The others will be "hot standby", or secondary activations. For example, if instance 2 is the primary activation and it stops, instance 1 and instance 3 will immediately detect this, and then instance 1 or instance 3 will resume the activation responsibility (that is, become the primary activation). If instance 2 is restored to operation, it may re-assume the primary activation responsibility if instance 1 or instance 3 stops, and so on.

For more information, see "How to Add Endpoint Properties" in the Oracle SOA Suite Developer's Guide.

3.22 Configuring the Cluster of Oracle Enterprise Service Bus Runtime Instances on APPHOST1 and APPHOST2

In the Oracle Enterprise Service Bus runtime installation:

1. If the file exists, modify the clustering properties in ORACLE_HOME/j2ee/OC4J_SOA/applications/esb-rt/META-INF/orion-application.xml to uncomment the cluster_name property (for example, cluster_name=esbcluster) and the property_name property (for example, <property name="primary_oc4j" value="false" />).

2. Copy the clustering properties you uncommented from ORACLE_HOME/j2ee/OC4J_SOA/applications/esb-rt/META-INF/orion-application.xml to ORACLE_HOME/j2ee/OC4J_SOA/application-deployments/esb-rt/orion-application.xml. (If the ORACLE_HOME/j2ee/OC4J_SOA/applications/esb-rt/META-INF/orion-application.xml file does not exist, uncomment the properties described in step 1 in the application-deployments/esb-rt/orion-application.xml file).

3. Ensure that topics have been created by performing these steps in sqlplus:

   1. connect oraesb user / oraesb password;

   2. select object_name from user_objects where object_name like 'AQ%';

      If if no rows are returned, the queues and/or topics are missing, and you must perform Step c.

   3. Execute ORACLE_HOME/integration/esb/sql/oracle/create_esb_topics.sql.

4. Restart the server by issuing these commands:

   opmnctl stopall

   opmnctl startall

3.23 Configuring JNDIs for the Topic and Topic Connection Factory

Using Oracle Enterprise Manager 10g, follow these steps to configure JNDIs in the run time and both ESB repository instances. The JNDI Names created in this section are used to update the metadata in Section 3.24, "Updating the Oracle Enterprise Service Bus Metadata".

1. In the Administration tab, click Expand All, Services, Enterprise Messaging Service, then Database Persistence.

   The Database Persistence configuration page appears.

2. Click Deploy.

3. Navigate to the OC4J Admin instance's Administration tab.

4. Click Expand All.

5. Navigate to Administration Tasks, Services, Enterprise Messaging Service, then Database Persistence.

6. Click Deploy.

   The Deploy Database Persistence Provider screen appears.

7. Make the following entries and selections:

   Resource Adapter Module Name: OracleOJMS

   Select Add a new resource provider to be used by this connector

   Resource Provider Name: esbRP

   Datasource JNDI Location: jdbc/esbaqdatasource

8. Click OK.

   A confirmation page appears.

9. Click Restart and confirm your choice to restart when prompted. If errors occur, use the opmnctl shutdown and opmnctl startall commands to restart the default application.

10. On the Resource Adapter page for the OracleOJMS RA, in the Connection Factories tab, click Create.

    The Create Connection Factory: Select Interface screen appears.

11. Select javax.jms.XATopicConnectionFactory from the Connection Factory Interface drop-down list and click Continue.

12. The Create Connection Factory screen appears.

13. In the JNDI Location field, enter OracleOJMS/XATCF.

14. Click Finish.

    A confirmation message appears.

15. Create another connection factory by repeating steps 10-12, but substitute these values:

    Select javax.jms.TopicConnectionFactory from the Connection Factory Interface drop-down list.

    In the JNDI Location field, enter OracleOJMS/TCF and click Finish.

16. Click the Administered Objects tab and click Create.

    The Create Administered Object screen appears.

17. Select oracle.j2ee.ra.jms.generic.AdminObjectTopicImpl from the Object Class drop-down list and click Continue.

18. In the JNDI Location field, enter ESBTopics. Click Finish. In the resourceProviderName field, enter esbRP.

19. Click Finish.

    A confirmation message appears.

3.24 Updating the Oracle Enterprise Service Bus Metadata

1. Navigate to the ORACLE_HOME/integration/esb/bin directory and issue this command:

   Windows: esbsetenv.bat

   UNIX: esbsetenv.sh

2. Create a file in the ORACLE_HOME directory called esbparam.properties with the key=value pairs in the example below, and the JNDI Names used in Section 3.23, "Configuring JNDIs for the Topic and Topic Connection Factory".

   Example 3-3 esbparam.properties file

   DT_OC4J_HTTP_PORT=7777
   DT_OC4J_HOST=soainternal.mycompany.com
   PROP_NAME_DEFERRED_TOPIC_JNDI=ESBTopics/Topics/ESB_JAVA_DEFERRED
   PROP_NAME_DEFERRED_TCF_JNDI=OracleOJMS/TCF
   PROP_NAME_DEFERRED_XATCF_JNDI=OracleOJMS/XATCF
   PROP_NAME_CONTROL_TOPIC_JNDI=ESBTopics/Topics/ESB_CONTROL
   PROP_NAME_CONTROL_TCF_JNDI=OracleOJMS/XATCF
   PROP_NAME_ERROR_TOPIC_JNDI=ESBTopics/Topics/ESB_ERROR
   PROP_NAME_ERROR_TCF_JNDI=OracleOJMS/TCF
   PROP_NAME_ERROR_XATCF_JNDI=OracleOJMS/XATCF
   PROP_NAME_ERROR_RETRY_JNDI=ESBTopics/Topics/ESB_ERROR_RETRY
   PROP_NAME_ERROR_RETRY_TCF_JNDI=OracleOJMS/XATCF
   PROP_NAME_MONITOR_TOPIC_JNDI=ESBTopics/Topics/ESB_MONITOR
   PROP_NAME_MONITOR_TCF_JNDI=OracleOJMS/TCF
   PROP_NAME_INITIAL_CONTEXT_FACTORY=com.evermind.server.rmi.RMIInitialContextFactory
   ACT_ID_RANGE=400
   

3. Issue this command to populate the esb.parameter table:

   ant import-params -Dparamfile=esbparam.properties

   Example 3-4 import command

   ant import-params -Dparamfile=$ORACLE_HOME/esbparam.properties -DDB_ URL=jdbc:oracle:thin:@//localhost:1521/ORCL -DDB_USER=oraesb -DDB_PASSWORD=oraesb
   

   Example 3-5 export command

   ant export-params -DDB_URL=jdbc:oracle:thin:@//localhost:1521/ORCL -DDB_ USER=oraesb -DDB_PASSWORD=oraesb
   

4. On the ESB Console System screen (accessible at http://soainternal.mycompany.com:7777/esb, http://APPHOST1:7777/esb, http://APPHOST2:7777/esb ), for each installation, update the topic and topic connection factory for asynchronous topics with these values:

   Topic: ESBTopics/Topics/ESB_JAVA_DEFERRED

   Topic Connection Factory: OracleOJMS/XATCF

3.25 Configuring the Slide Repository to use the Database as the Repository

Perform the steps in this section in all run time and repository instances.

1. Navigate to the ORACLE_HOME/integration/esb/config directory.

2. Make a copy of the Domain_DB.xml file, naming the copy Domain.xml.

3. Restart the server using these commands:

   opmnctl stopall

   opmnctl startall

3.26 Configuring the Firewall for the Application Tier

After you have installed all of the components on the Application Tier, you will be able to identify the port numbers that need to be opened on the firewall. This depends on the number of application server instances and types of components installed. In general, the process of configuring the firewall involves these steps:

1. For each installed instance, examine the opmn.xml file to determine the component types and their designated port ranges. See Example 3-6 for examples of port assignments and ranges.

2. Determine the ports in use with the netstat command:

   netstat -an

3. Configure the firewall to open only the ports in use.

<?xml version = '1.0' encoding = 'UTF-8'?>
<opmn xmlns="http://www.mycompany.com/ias-instance">
   <log path="$ORACLE_HOME/opmn/logs/opmn.log" comp="internal;ons;pm" rotation-size="1500000"/>
   <debug path="$ORACLE_HOME/opmn/logs/opmn.dbg" comp="" rotation-size="1500000"/>
   <notification-server interface="ipv4">
      <port local="6104" remote="6204" request="6007"/>
      <ssl enabled="true" wallet-file="$ORACLE_HOME/opmn/conf/ssl.wlt/default"/>
   </notification-server>
   <process-manager>
      <process-modules>
...
      </process-modules>
      <ias-instance id="ohcoreidoid.stana17.mycompany.com"
 name="ohcoreidoid.stana17.mycompany.com">
...            <process-type id="IASPT" module-id="IASPT"  working-dir="/scratch/aime6/coreidoid/oh/iaspt/bin">
               <port id="ajp" range="7501-7600"/>
               <process-set id="IASPT" numprocs="1"/>
            </process-type>         </ias-component>         <ias-component id="ASG" status="enabled" id-matching="true">
...
               </module-data>
               <start timeout="600" retry="2"/>
               <stop timeout="120"/>
               <restart timeout="720" retry="2"/>
               <port id="default-web-site" range="8895" protocol="ajp"/>
               <port id="rmi" range="12401-12500"/>
               <port id="rmis" range="12701-12800"/>
               <port id="jms" range="12601-12700"/>
               <process-set id="default_group" numprocs="1"/>
            </process-type>
            <process-type id="admin" module-id="OC4J" status="enabled">
               <module-data>
...
               <port id="default-web-site" range="12501-12600" protocol="ajp"/>
               <port id="rmi" range="12401-12500"/>
               <port id="rmis" range="12701-12800"/>
               <port id="jms" range="12601-12700"/>
               <process-set id="default_group" numprocs="1"/>
            </process-type>
         </ias-component>
         <ias-component id="soa_group" status="enabled">
            <process-type id="oc4j_soa" module-id="OC4J" status="enabled">
...
               <start timeout="600" retry="2"/>
               <stop timeout="120"/>
               <restart timeout="720" retry="2"/>
               <port id="default-web-site" range="12501-12600" protocol="ajp"/>
               <port id="rmi" range="12401-12500"/>
               <port id="rmis" range="12701-12800"/>
               <port id="jms" range="12601-12700"/>
               <process-set id="default_group" numprocs="1"/>
            </process-type>
         </ias-component>
      </ias-instance>
   </process-manager>
  
</opmn>

Note that the AJP ports used by applications fall within the range 12501-12600. Ensure that all of the AJP ports used by OC4J applications are open on the firewall between the Web server and the application. If a port is not open, the following error occurs when access to the application from the Web tier is attempted (that is, when the URL web host:port/application is requested):

mod_oc4j: request to OC4J apphost1.mycompany.com:12501 failed: Connect failed (errno=110)

This error creates an entry in a log file in the ohs/logs directory.

3.27 Deploying J2EE Applications

Follow the steps in this section to deploy applications. You can perform this step before or after configuring clusters.

Deploying Applications with the Oracle Enterprise Manager 10g Application Server Control Console

1. Access the Application Server Control Console at:

   http://soainternal.mycompany.com/em

   The Login page appears.

2. Provide the password that was set during installation and click Login.

   The OC4J:home page appears.

3. Click the Cluster Topology link.

   The Cluster Topology page appears.

4. Identify in the Members list the OC4J instance in which you will deploy applications. Ensure that a green upward arrow appears in its Status column, indicating that it is running.

   Note:

   You can deploy an application into multiple instances that belong to the same group. Instances in a group have the same name and password. For instructions on creating a group, see the Oracle Application Server Administrator's Guide, section titled "Using Application Server Control to Create and Manage Groups". If a group exists, you can scroll down to the Groups section to see the list of instances in the group. To deploy to the group, click the Group name and continue with Step 8.

5. If necessary, start the OC4J instance by clicking the Select checkbox at the beginning of the row and then clicking the Start button preceding the Members list.

   The Processing: Starting screen appears with this message:

   The selected topology members are being started.

   The Cluster Topology screen appears with a message that the topology member was started.

6. Click the link for the OC4J instance for application deployment.

   The OC4J screen for the instance appears.

7. Click the Applications link.

   The Applications page for the instance appears.

8. Click Deploy.

   The Deploy: Select Archive screen appears.

9. Provide the location of the archive and click Next.

   The Deploy: Application Attributes screen appears.

10. Provide the application name and click Next.

    The Deploy: Deployment Settings screen appears.

11. (Optional) Perform deployment tasks or deployment plan editing, or save the current settings as a deployment plan.

12. Click Deploy.

    The Processing: Deploy screen appears with progress messages.

Deploying Applications on the Command Line

1. Issue this command in APPHOST1_ORACLE_HOME\jdk\bin\java (the parameters are shown on separate lines for readability only):

   java -jar admin_client.jar uri admin ID admin password

   -deploy -file full path -deploymentName app name

   [-bindAllWebApps [Web site name]]

   [-targetPath full path] [-parent app name] [-deploymentDirectory full path]

   [-iiopClientJar full path]

   Note:

   Ideally, you should include the -bindAllWebApps subswitch to bind all Web modules within the EAR to the Web site through which they will be accessed. If no Web site is specified, modules will be bound to the default Web site.

   The EAR file is deployed to the ORACLE_HOME/j2ee/instance name/applications directory by default. The deployed EAR file is also copied to this directory. In each successive deployment, this EAR file is overwritten.

3.28 Configuring Static Discovery to Eliminate Multicast Traffic (Optional)

If multicast traffic is a problem, you can configure the Web and Application Tier cluster for static discovery by modifying the ORACLE_HOME\opmn\conf\opmn.xml file after installation.

1. Locate the multicast entry:

   <topology>
     <discover list="*225.0.0.1:8001"/>
   ...
   </topology>
   

2. Replace the entry with a nodes list to specify static discovery instead:

   <topology>
     <nodes list="apphost1:6200,apphost1:6200,apphost2:6200,apphost2:6200,webhost1:6200,web host1:6200"/>
   </topology>
   

3. Issue this command in ORACLE_HOME\opmn\bin:

   opmnctl reload

4. Verify that all nodes are present in the cluster by issuing this command in ORACLE_HOME\opmn\bin:

   opmnctl @cluster status

   Note:

   When APPHOST1 and APPHOST2 and WEBHOST1 and WEBHOST2 are in different subnets, you also need a gateway entry. See Section 3.8, "Configuring the Cluster Gateways on WEBHOST1,2 and APPHOST1,2 (Optional)" for more information.

3.29 Configuring Fast Connection Failover for the Real Application Clusters Database on APPHOST1 and APPHOST2

Fast Connection Failover provides failover for a JDBC connection to a 10g R1 or 10g R2 RAC database. Upon failure of a RAC node, Oracle Notification Service (ONS) detects the failure and an SQL exception is thrown to application code. To enable Fast Connection Failover on APPHOST1 and APPHOST2:

1. Open the ORACLE_HOME/opmn/conf/opmn.xml file.

2. Add the RAC database hostname and remote port identifiers:

   <notification-server>
     <port local="6100" remote="6200" request="6003"/>
     <ssl enabled="false" wallet-file="$ORACLE_HOME\opmn\conf\ssl.wlt\default"/>
      <topology>
       <nodeslist="infradbhost1-vip.us.oracle.com:6200,infradbhost2-vip.us.oracle.com:6200"/>
       <discover list="*225.0.5.9:9999"/>
      </topology>
   </notification-server>
   

3. Save and close the file.

4. Open the ORACLE_HOME/j2ee/OC4J_SOA/config/data-sources.xml file.

5. Add the RAC node information and enable Fast Connection Failover.

   Ensure that the connection-factory class used by used by various connection pools in OC4J_SOA and OC4J_ESBDT is oracle.jdbc.pool.OracleDataSource. Also ensure that the loginTimeout, connectionCachingEnabled, and fastConnectionFailoverEnabled properties (shown in bold) are added for each connection pool.

   <managed-data-source
    jndi-name="jdbc/TestDemoDS"
    description="Managed DataSource for TestDemoDS"
    connection-pool-name="connection_pool_name_for_OC4J_SOA_and_OC4J_ESBDT"
    name="TestDemoDS"/>
   <connection-pool
    name="TestDemoDS Connection Pool"
    min-connections="10"
    max-connections="30"
    inactivity-timeout="30"
    initial-limit="0"
    max-connect-attempts="10"
    connection-retry-interval="5">
    <connection-factory
      factory-class="oracle.jdbc.pool.OracleDataSource"
      user="system"
      password="welcome1"
      url="jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=ON)
        (ADDRESS=(PROTOCOL=TCP)(HOST=infradbhost1-V.mycompany.com)(PORT=1521))
        (ADDRESS=(PROTOCOL=TCP)(HOST=infradbhost2-V.mycompany.com)(PORT=1521))
        (CONNECT_DATA=(SERVICE_NAME=loon)))">
      <property name="loginTimeout" value="30"/>
      <property name="connectionCachingEnabled" value="true"/>
      <property name="fastConnectionFailoverEnabled" value="true"/>
    </connection-factory>
   </connection-pool>
   

6. If you are using a RAC database as dehydration store, increase the nonFatalConnectionMaxRetry to 5 (from the default value of 2) in the SOA_Oracle_Home\bpel\system\config\collaxa-config.xml file. This setting ensures that BPEL performs sufficient connection retries in the event of RAC instance failover.

7. Save and close the file.

8. Issue this command in ORACLE_HOME/opmn/bin:

   opmnctl reload

3.30 Managing Oracle Application Server Component Connections

In order to ensure consistent availability of all services, ensure that the connection time out values for all Oracle Application Server components are set to a lower time out value than that on the firewall and Load Balancing Router. If the firewall or Load Balancing Router drops a connection without sending a TCP close notification message, then Oracle Application Server components will continue to try to use the connection when it is no longer available.

3.31 Configuring Network Communication

After the installation and configuration is complete, configure the network communication as described in this section. Table lists the ports open on each firewall.

Configure the Load Balancing Router to:

• Receive requests on https://soa.mycompany.com, port 443

• Balance requests with SSL acceleration to WEBHOST1, WEBHOST2 on port 7777

Configure the firewall for communication into DMZ1:

• http://WEBHOST1.mycompany.com:7777

• http://WEBHOST2.mycompany.com:7777

• ONS remote port 6200 on WEBHOST1 and WEBHOST2

Configure the firewall for communication into and out of DMZ2:

• http://APPHOST1.mycompany.com (J2EE with SOA components) AJP ports 12501-12510

• http://APPHOST2.mycompany.com (J2EE with SOA components) AJP ports 12501-12510

• ONS remote port 6200 for ORA_HOME1 and 6300 for ORA_HOME2 on APPHOST1 and APPHOST2

Configure the firewall for communication into DMZ3:

• INFRADBHOST1-V INFRADBHOST2-V database with listener on port 1521

3.32 Configuring Application Authentication and Authorization

The tasks you have to perform depend on the authentication method you will use for mySOACompany. If you want user login sessions to persist after a failover event, you will need to use single sign-on.

mySOACompany with JSSO and Oracle Internet Directory

Perform these tasks:

1. Section 3.33, "Configuring the Cluster of Oracle BPEL Process Manager Instances on APPHOST1 and APPHOST2 to use Oracle Internet Directory"

2. Section 3.34, "Configuring Java SSO"

mySOACompany with Oracle Single Sign-On

Perform these tasks:

1. "Steps to Use the Oracle Identity Management Security Provider" and "Settings for Authentication Method with Oracle Identity Management" in the Oracle Containers for J2EE Security Guide, Chapter 8.

2. Section 3.33, "Configuring the Cluster of Oracle BPEL Process Manager Instances on APPHOST1 and APPHOST2 to use Oracle Internet Directory"

3. Chapter 4, "Installing and Configuring Oracle Single Sign-On and Oracle Delegated Administration Services"

3.33 Configuring the Cluster of Oracle BPEL Process Manager Instances on APPHOST1 and APPHOST2 to use Oracle Internet Directory

You will need to manually replicate certain OracleAS JAAS Provider settings from the Admin OC4J instance (created during installation) in the OC4J instances that use Oracle Internet Directory, created as described in this section.

For more information on pre- and post-installation requirements, see the Oracle BPEL Process Manager Administrator's Guide, Chapter 2, section titled "Configuring Identity Service 10.1.3.1.0 with 10.1.2 Oracle Internet Directory".

1. To configure Oracle Internet Directory for BPEL:

   1. Navigate to the ORACLE_ HOME/bpel/system/services/install/ant-tasks file.

   2. Issue this command:

      (Windows) configure_oid.bat

      (Linux) configure_oid.sh

      The syntax for Linux is:

      sh ./configure_oid.sh oid_admin_user oid_admin_passwd oid_nonssl_port ssl_enabled oid_realm_name seedRequiredUsers | seedRequiredUsers oc4j_admin_ user oc4j_admin_passwd oc4j_container_name

      For example:

      sh ./configure_oid.sh orcladmin welcome 389 false us seedRequiredUsers oc4jadmin welcome1 oc4j_soa

2. If you deployed BPEL or ESB in OC4J instances other the default (home) instance, copy the ORACLE_HOME/j2ee/home/config/jazn.xml file to the ORACLE_ HOME/j2ee/oc4j instance name/config/jazn.xml file.

3.34 Configuring Java SSO

You will need to follow these steps on APPHOST1 and APPHOST2 to configure Java SSO for these applications in the OC4J_Admin and OC4J_SOA instances:

• orabpel (for Oracle BPEL Process Manager)

• esb-dt (for Oracle Enterprise Service Bus)

• ccore (for Oracle Web Services Manager)

• ascontrol (for Application Server Control Console)

Access the Application Server Control Console and perform these steps:

1. Click the link for the OC4J instance.

   The OC4J: page appears.

2. Click Applications.

   The applications are listed.

3. Click Expand All.

4. Select the javasso application and click Start.

   This warning message appears:

   Java SSO is not properly configured. This is often caused when you are running multiple Java SSO applications in the cluster that use different shared symmetric keys. Please configure all Java SSO applications in the cluster to use the same shared symmetric key. You can do this from Java SSO Configuration page.

5. Click Configure Java SSO.

   A confirmation message appears that the SSO configuration was completed and will take effect after the instances are restarted.

6. Click Restart.

   A confirmation message appears.

7. Click Yes.

   The instance is restarted. (If you are configuring the OC4J _Admin instance, the system terminates your login session and you must log back in to continue the setup.)

8. Scroll to the Administration section and click Java SSO Configuration.

   The Java SSO Configuration page appears.

9. Click Participating Applications.

   The applications are listed.

10. Click the check box for the applications to be Java SSO enabled.

11. Click Apply.

12. Configure SSO for Oracle Web Services Manager:

    1. Navigate to ORACLE_HOME/owsm/bin.

    2. Edit the ORACLE_HOME/owsm/bin/install.properties file to set the install.sso.support property to true.

    3. Issue this command:

       (Windows) wsmadmin.bat deploy password console

       (Linux) wsmadmin.sh deploy password console

       In the preceding commands, password is the OC4J administrator password.

    Note:

    JSSO enablement is lost for applications added with a patch set when moving from 10.1.3.1 to 10.1.3.3 The JSSO enablement is provided by every JSSO partner application in ORACLE_HOME/application-deployments/APPLICATION/orion-application.xml. APPLICATION is the JSSO partner application directory. This declaration is required to signal a JSSO partner application:

    <jazn provider="XML"> 
        <jazn-web-app auth-method="CUSTOM_AUTH"/> 
    </jazn>
    

    When a patchset is applied to ascontrol or another application, the application is redeployed and its orion-application.xml file replaced with a new one containing an entry resembling the following when JSSO is re-enabled:

    <!-- This is commented out unless jazn-based SSO is used.  The installer or setup disables the comments if required.  --> 
    <!-- %BEGINGOVERNSSO% 
         <jazn provider="XML"> 
                <jazn-web-app auth-method="CUSTOM_AUTH"/> 
         </jazn> 
    %ENDGOVERNSSO% -->
    

    which will become:

    <jazn provider="XML"> 
         <jazn-web-app auth-method="CUSTOM_AUTH"/> 
    </jazn>
    
    

3.35 Disabling the Worklist Application

The worklist application is a sample application that does not support Oracle Single Sign-On or Java SSO. If you do not want any applications that do not support single sign-on to be enabled in a production environment, follow these steps to disable the worklist application:

1. Open the ORACLE_HOME/j2ee/home/config/default-web-site.xml file.

2. Modify the file to comment out or delete this line:

   <web-app application="hw_services" name="worklistapp" load-on-startup="true" root="/integration/worklistapp" />

3. Restart the server.