The Ultimate Guide to Separating BPM from ADF

Overview Currently we are deploying all SOA and ADF components to soa_server1. The purpose of this guide is to explain how to configure a second managed server which will be used solely for ADF components deployment.   Create new managed server   Go to https://<host>:7001/console/ . Navigate to Home -> Environment > Servers. Create a […]

by Valery Borisov

July 23, 2014

5 min read

BPM WorkSpace Componenets - The Ultimate Guide to Separating BPM from ADF

Overview

Currently we are deploying all SOA and ADF components to soa_server1.

The purpose of this guide is to explain how to configure a second managed server which will be used solely for ADF components deployment.

 

Create new managed server

 

Go to https://<host>:7001/console/ .

Navigate to Home -> Environment > Servers.

Create a new Managed server. In this case we will call it adf_server1, port 7201.

Create new managed server

 

Associate it with “LocalMachine”

 

You can do that when you are creating the server, but if you have forgotten you will get an error that your server is not associated with any machine.

To do this, go to Environment -> Machines -> LocalMachine -> Configuration-> Servers -> Add.

Choose “Select an existing server, and associate it with this machine” and  adf_server1.

 

 

Install required libraries required for deploying an ADF application

 

Try to deploy an ADF application to your newly create server.

You can’t.  Deployment console will show different missing libraries.

Some of them are coming from weblogic-application file which is part of the UI project you are deploying.

The list of error you will receive is this:

 

[J2EE:160149]Error while processing library references. Unresolved application library references, defined in weblogic-application.xml:

[Extension-Name: oracle.soa.workflow, exact-match: false],

[Extension-Name: oracle.soa.bpel, exact-match: false],

[Extension-Name: oracle.rules, exact-match: false],

[Extension-Name: oracle.bpm.runtime, exact-match: false],

[Extension-Name: oracle.bpm.client, exact-match: false],

[Extension-Name: oracle.bpm.projectlib, exact-match: false],

[Extension-Name: oracle.bpm.workspace, exact-match: false],

[Extension-Name: oracle.bpm.webapp.common, exact-match: false].

[Extension-Name: oracle.soa.rules_dict_dc.webapp, exact-match: false].

 

All those libraries are already included in soa_server1 so you do not need to install them.

They are targeted to soa_server1, so what you need to do is to select teach for those libraries and target it also to adf_srver1.

 

One example

Navigate to Home -> Environment > Deployments.

If you do not see libraries click “Customize this table”

Un-check “exclude libraries when displaying deployments”

exclude libraries

 

Select library ”jsf(1.2, 1.2.8.0)”, click “Targets”. Check adf_server1.

Select library

 

You will have to restart adf_server1 after targeting so, do it for several libraries first and then restart. It will save you some time.

 

Make soa_server1 accessible from adf_server1

 

You need to “expose” a part of the soa_server1 JNDI tree to adf_server1 so you can access it. This is done via ForeignJNDIProvider.

Go to Services -> Foreign JNDI Providers

 

Initial Context Factory:weblogic.jndi.WLInitialContextFactory

Provider URL: t3://<host>:8001/soa-infra

User: weblogic

Password: <password>

 Make soa_server1 accessible from adf_server1

Target is to adf_server1.

 

Add link to JNDI provider

 

You will also need to provide links to all elements of the soa_server1’s JNDI tree.

Foreign JNDI Providers -> ForeignJNDIProvider-SOA -> Links

The list is:

 

Name: ejb/bpel/services/workflow/TaskMetadataServiceBean

Local JNDI Name: ejb/bpel/services/workflow/TaskMetadataServiceBean

Remote JNDI Name: ejb/bpel/services/workflow/TaskMetadataServiceBean

 

Name: ejb/bpel/services/workflow/TaskServiceBean

Local JNDI Name: ejb/bpel/services/workflow/TaskServiceBean

Remote JNDI Name: ejb/bpel/services/workflow/TaskServiceBean

 

Name: ejb/bpel/services/workflow/TaskServiceGlobal/TransactionBean

Local JNDI Name: ejb/bpel/services/workflow/TaskServiceGlobal/TransactionBean

Remote JNDI Name: ejb/bpel/services/workflow/TaskServiceGlobal/TransactionBean

 

Name: ejb/bpm/services/BPMUserAuthenticationServiceBean

Local JNDI Name: ejb/bpm/services/BPMUserAuthenticationServiceBean

Remote JNDI Name: ejb/bpm/services/BPMUserAuthenticationServiceBean

 

Name: ejb/bpm/services/InstanceManagementServiceBean

Local JNDI Name: ejb/bpm/services/InstanceManagementServiceBean

Remote JNDI Name: ejb/bpm/services/InstanceManagementServiceBean

 

Name: ejb/bpm/services/InstanceQueryServiceBean

Local JNDI Name: ejb/bpm/services/InstanceQueryServiceBean

Remote JNDI Name: ejb/bpm/services/InstanceQueryServiceBean

 

Name: ejb/bpm/services/ProcessDashboardServiceBean

Local JNDI Name: ejb/bpm/services/ProcessDashboardServiceBean

Remote JNDI Name: ejb/bpm/services/ProcessDashboardServiceBean

 

Name: ejb/bpm/services/ProcessMetadataServiceBean

Local JNDI Name: ejb/bpm/services/ProcessMetadataServiceBean

Remote JNDI Name: ejb/bpm/services/ProcessMetadataServiceBean

 

Name: ejb/bpm/services/ProcessModelServiceBean

Local JNDI Name: ejb/bpm/services/ProcessModelServiceBean

Remote JNDI Name: ejb/bpm/services/ProcessModelServiceBean

 

Name: RuntimeConfigService

Local JNDI Name: RuntimeConfigService

Remote JNDI Name: RuntimeConfigService

 

Name: TaskEvidenceServiceBean

Local JNDI Name: TaskEvidenceServiceBean

Remote JNDI Name: TaskEvidenceServiceBean

 

Name: TaskQueryService

Local JNDI Name: TaskQueryService

Remote JNDI Name: TaskQueryService

 

Name: TaskReportServiceBean

Local JNDI Name: TaskReportServiceBean

Remote JNDI Name: TaskReportServiceBean

 

Name: UserMetadataService

Local JNDI Name: UserMetadataService

Remote JNDI Name: UserMetadataService

 

Name: ejb/bpm/services/BPMOrganizationServiceBean

Local JNDI Name: ejb/bpm/services/BPMOrganizationServiceBean

Remote JNDI Name: ejb/bpm/services/BPMOrganizationServiceBean

 

And your JNDI tree will look like this:

Summary of Servers > adf_server1 -> View JNDI tree

Add link to JNDI provider

 

The documentation on this topic is here:

 

https://docs.oracle.com/cd/E23943_01/dev.1111/e10224/bp_designtf.htm#SOASE85258

30.8.4.4 Defining the Foreign JNDI Provider on a non-SOA Oracle WebLogic Server

30.8.4.5 Defining the Foreign JNDI Provider Links on a non-SOA Oracle WebLogic Server.

 

A couple of very helpful posts on this topic:

 

https://andrejusb.blogspot.com/2012/07/running-oracle-bpm-11g-ps5-worklist.html

 

https://onkaroracle.blogspot.com/2013/07/how-to-separate-bpm-11g-adf-task-page.html

 

Add wf_client_config.xml to UI project

 

Several articles suggests that we need the wf_client_config.xml file added to our UI project to make security propagation work properly.

 

<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?>

<workflowServicesClientConfiguration  clientType=”REMOTE”>

<server default=”true” name=”default”>

<localClient>

<participateInClientTransaction>false</participateInClientTransaction>

</localClient>

<remoteClient>

<serverURL>t3://<host>:8001</serverURL>

<initialContextFactory>weblogic.jndi.WLInitialContextFactory</initialContextFactory>

<participateInClientTransaction>false</participateInClientTransaction>

</remoteClient>

<soapClient>

<rootEndPointURL>https://<host>:8001</rootEndPointURL>

<identityPropagation mode=”dynamic” type=”saml”>

<policy-references>

<policy-reference enabled=”true” category=”security”

uri=”oracle/wss10_saml_token_client_policy”/>

</policy-references>

</identityPropagation>

</soapClient>

</server>

</workflowServicesClientConfiguration>

 

Apply JRF template to fix Error 403

 

All the libs were targeted properly and deployment went smoothly but I was still getting error while I was trying to open the UI project in BPM workspace.

To solve it you need to go to  https://<host>:7001/em/

Go to your domain, select adf_server1 and click the “Apply JRF template” on the top.

Possibly that installs some of the libraries that you already have.

There is a good article on this topic here:

 

https://andrejusb.blogspot.com/2009/09/hint-for-oracle-adf-application.html

 

Configure our UI project to be shown in workspace

 

https://<host>:7001/em/

Configure our UI project to be shown in workspace

 

Notice that the port is 7201, it is adf_server1.

 

User credentials are not being passed properly

 

Everything is configured properly. You can see your UI in BPM workspace.

You try to Update/Complete tasks and it works.

It works, until you try to retrieve the current user from the security context.

It appears that user credentials are not passed properly. The UI project can’t identify the current user logged in BPM Workspace.

 

There are 2 solutions for this one:

 

1. Deploy the OracleBPMWorkspaceon adf_server1 also.

1. Deploy the OracleBPMWorkspaceon adf_server1

 

As you can see:

The UI project (<projectHumanTask>_UI) is deployed on adf_server1.

OracleBPMWorkspace is also deployed on adf_serrver1 also.

OracleBPMcomposerRolesApp and OracleBPMProcessrolesApp are left as they are.

 

2. Implement SAML authentication.

This one is being researched.

 

JavaEE and Oracle Developer at Dreamix