Section - 1 : OIDG Extension Deployment
Copy the following files from the OIDG release package to /<user home base>/Chef/OIDG/
/SrvVirt/ OSBExtensionsCustomizationFile.xml
/SrvVirt/ SVIntegrations_SrvVirt.sbar
/DataSrv/ OIDX_DSL_MQ_EXTN.ear
Copy IBM WebSphere MQ Libraries:
The IBM libraries used by the MQ Transport are not included in the Data service MQ Extension Application deployment and must be provided and configured using the following steps.
- In a WebSphere MQ installation, locate the following JAR files at
- com.ibm.ws.sib.client.thin.jms_8.5.0.jar
- com.ibm.ws.orb_8.5.0.jar
- com.ibm.ws.ejb.thinclient_8.5.0.jar
- com.ibm.mq.allclient.jar
- Copy the JAR files to the %DOMAIN_HOME%/lib directory of Application machine.
%WEBSPHERE_HOME% /AppServer/installedConnectors directory, where %WEBSPHERE_HOME% is something like “C:\IBM\WebSphere”:
Configuration files setup:
- Copy ‘OIDXMQ.properties’ file from build’s ‘Documentation’ folder and modify the properties values appropriately and place the properties file in application Config folder. Properties values will be provided by WebSphere MQ installer.
- If SSL is enable in WMQ Server this property is needed, OIDXMQ properties file has a oidx.wmq.ssl.truststore.file.name property value is name of the trust store file generate in below section ‘Generate Keys using java Keytool’ (example : OIDXMQTrust.jks)
Generating Keys using java keytool:
- If SSL is enable in WMQ Server then this below configuration is need.
- WebSphere MQ installer admin guy provide SSL certificates, by using that SSL certificates need to generate the security trust key by following steps.
- Copy MQ Server SSL certificates to weblogic server machine any location path.
- Find the JDK Home location path in weblogic server machine <JDK_HOME>
- Go to certificate location path and import the certificate to trust key by using below commands, both root and queue manager certificates need to import.
- Copy the generated trust key to OIDX_CONFIG_DIR folder.
Root certificate
<JDK_HOME>/bin/keytool -import -alias <alias root name> -file <root certificate XXXX.cer> -keystore < Trust key name OIDXMQTrust.jks> -storepass <Trust key password>
Queue manager certificate
<JDK_HOME>/bin/keytool -import -alias <alias queue manager name> -file <queue manger certificate XXXX.cer> -keystore < Same name has given above ‘Trust key name OIDXMQTrust.jks’> -storepass <Same password has given above ‘Trust key password’>
Viewing imported certificates in trust key
<JDK_HOME>/bin/keytool -list -v -keystore < Trust key name OIDXMQTrust.jks> -storepass <Trust key password>
Note: Please follow the below screens for references
OIDG Extension installation using Chef scripts:
Navigate to ‘/scratch/Chef/scripts/OIDG_Automation/<InstallationType> _12.2.1.3/OIDG-ExtensionInstallation/chef’
Note: Mention Installation type based on the installation type.
Example: SingleNode or VerticalCluster or HorizontalCluster
run: sh oidg_config_extn.sh with root user
Linux User/Group Section
- Linux Username
- Example: oracle (the user you installed Fusion Middleware with)
- FMW Products Installed Group
- Example: oinstall or oracle (the user group you installed Fusion Middleware with)
Middleware Section
OIDG Fusion Middleware HOME Path:
Enter the middleware home path including Oracle_Home
OIPA Server Input Section
Provide the OIPA server inputs
Credentials Input Section
WebLogic Credentials
- Set the WebLogic User Password
- You have to use this password for WebLogic login after domain creation.
OIPA Credentials
- Enter the OIPA user Password
- Enter TLM user password
- This user is for authentication with the TLMIntegrationService proxy.
- Set the OIDG user Password
- Set the oipsuser password
Confirmation
Please verify and resolve any errors that have occurred before running sh install_oidg_Extn.sh
After the processing will get the below response for the manual steps
Defining JNDI Providers
JNDI Provider resources are required by OSB components to locate and communicate with Enterprise Java Beans (EJB) components.
- Log on to the Service Bus console (http://hostname:port/sbconsole), where “hostname:port” are the host name and port of your administration server.
- In the project explorer, navigate to All Projects → System → JNDI Providers.
- In the upper left corner of the page, click Create to begin a new update session.
- Right-click the JNDI Providers folder to display the context menu, then click Create → Create JNDI Provider.
- In the Create JNDI dialog, enter “TLMIntegration_JNDIProvider” for Resource Name. Click Create.
- On the JNDI Definition page, fill in the following fields:
- Provider URL – the host name or IP and port of the managed server to which OIDX_POC_DSL is targeted (Example: “t3://hostname:port”) i.e. ‘AML Server’.
- Initial Context Factory – select “weblogic.jndi.WLInitialContextFactory”
- User Name, New Password, and Confirm Password – the login credentials for the server. Usually credentials are the same as administration server login credentials.
- Click Save located on the upper-right corner of the page.
- Click Activate button to reflect the changes in SB Console.
Verify that TLMIntegration_JNDIProvider is defined.
If it is defined, skip steps 3-7. If not, continue with the rest of the steps.
Creating Security Policies
- Log in to the WebLogic Enterprise Manager (<hostname>:< Admin Server Port Number>/em) with WebLogic credentials.
- WebLogic Domain → Security → System Policies.
- Under Search section, select Name as Includes.
- Search for the existing OIDX grant.
- Select the OIDX_POC_DSL grant in the search results and click Create Like.
- In the edit dialog, update the Codebase field with the MQ Extension EAR name.
- 7. Select the CredentialAccessPermission and Click Edit.
- Examine the Resource Name value. This is what identifies the CSF resource, it will already refer to mapName=oracle.wsm.security. We need to using another map, then update existing ‘mapName=oracle.wsm.security ‘to'mapName=scb.extension.security' value and then Click OK.
- Click OK again.
Ex:
‘file:${oracle.deployed.app.dir}/OIDX_DSL_MQ_EXTN${oracle.deployed.app.ext}’
{b}Figure: Codebase MQ EXTN EAR Name
{b}Figure: Credential Access Permission Edit
{b}Figure: Edit Permission
OIDG Extension Post Script Installation
- After completing the steps in 'OIDG Installation Manual Steps' topic run the following command from root to complete the installation.
Command:
sh install_oidg_Extn_post.sh (from root)
- Please check the status of Chef Script: Finished (or) Failed
Note: End of Extension Part.