The Ultimate Guide to Separating BPM from ADF

Overview Currently we are deploying all SOA and ADF components to soa_server1. The purpose of this guide is to explain how to configure a second managed server which will be used solely for ADF components deployment.   Create new managed server   Go to https://<host>:7001/console/ . Navigate to Home -> Environment > Servers. Create a […]

by Valery Borisov

July 23, 2014

5 min read

BPM WorkSpace Componenets - The Ultimate Guide to Separating BPM from ADF


Currently we are deploying all SOA and ADF components to soa_server1.

The purpose of this guide is to explain how to configure a second managed server which will be used solely for ADF components deployment.


Create new managed server


Go to https://<host>:7001/console/ .

Navigate to Home -> Environment > Servers.

Create a new Managed server. In this case we will call it adf_server1, port 7201.

Create new managed server


Associate it with “LocalMachine”


You can do that when you are creating the server, but if you have forgotten you will get an error that your server is not associated with any machine.

To do this, go to Environment -> Machines -> LocalMachine -> Configuration-> Servers -> Add.

Choose “Select an existing server, and associate it with this machine” and  adf_server1.



Install required libraries required for deploying an ADF application


Try to deploy an ADF application to your newly create server.

You can’t.  Deployment console will show different missing libraries.

Some of them are coming from weblogic-application file which is part of the UI project you are deploying.

The list of error you will receive is this:


[J2EE:160149]Error while processing library references. Unresolved application library references, defined in weblogic-application.xml:

[Extension-Name: oracle.soa.workflow, exact-match: false],

[Extension-Name: oracle.soa.bpel, exact-match: false],

[Extension-Name: oracle.rules, exact-match: false],

[Extension-Name: oracle.bpm.runtime, exact-match: false],

[Extension-Name: oracle.bpm.client, exact-match: false],

[Extension-Name: oracle.bpm.projectlib, exact-match: false],

[Extension-Name: oracle.bpm.workspace, exact-match: false],

[Extension-Name: oracle.bpm.webapp.common, exact-match: false].

[Extension-Name: oracle.soa.rules_dict_dc.webapp, exact-match: false].


All those libraries are already included in soa_server1 so you do not need to install them.

They are targeted to soa_server1, so what you need to do is to select teach for those libraries and target it also to adf_srver1.


One example

Navigate to Home -> Environment > Deployments.

If you do not see libraries click “Customize this table”

Un-check “exclude libraries when displaying deployments”

exclude libraries


Select library ”jsf(1.2,”, click “Targets”. Check adf_server1.

Select library


You will have to restart adf_server1 after targeting so, do it for several libraries first and then restart. It will save you some time.


Make soa_server1 accessible from adf_server1


You need to “expose” a part of the soa_server1 JNDI tree to adf_server1 so you can access it. This is done via ForeignJNDIProvider.

Go to Services -> Foreign JNDI Providers


Initial Context Factory:weblogic.jndi.WLInitialContextFactory

Provider URL: t3://<host>:8001/soa-infra

User: weblogic

Password: <password>

 Make soa_server1 accessible from adf_server1

Target is to adf_server1.


Add link to JNDI provider


You will also need to provide links to all elements of the soa_server1’s JNDI tree.

Foreign JNDI Providers -> ForeignJNDIProvider-SOA -> Links

The list is:


Name: ejb/bpel/services/workflow/TaskMetadataServiceBean

Local JNDI Name: ejb/bpel/services/workflow/TaskMetadataServiceBean

Remote JNDI Name: ejb/bpel/services/workflow/TaskMetadataServiceBean


Name: ejb/bpel/services/workflow/TaskServiceBean

Local JNDI Name: ejb/bpel/services/workflow/TaskServiceBean

Remote JNDI Name: ejb/bpel/services/workflow/TaskServiceBean


Name: ejb/bpel/services/workflow/TaskServiceGlobal/TransactionBean

Local JNDI Name: ejb/bpel/services/workflow/TaskServiceGlobal/TransactionBean

Remote JNDI Name: ejb/bpel/services/workflow/TaskServiceGlobal/TransactionBean


Name: ejb/bpm/services/BPMUserAuthenticationServiceBean

Local JNDI Name: ejb/bpm/services/BPMUserAuthenticationServiceBean

Remote JNDI Name: ejb/bpm/services/BPMUserAuthenticationServiceBean


Name: ejb/bpm/services/InstanceManagementServiceBean

Local JNDI Name: ejb/bpm/services/InstanceManagementServiceBean

Remote JNDI Name: ejb/bpm/services/InstanceManagementServiceBean


Name: ejb/bpm/services/InstanceQueryServiceBean

Local JNDI Name: ejb/bpm/services/InstanceQueryServiceBean

Remote JNDI Name: ejb/bpm/services/InstanceQueryServiceBean


Name: ejb/bpm/services/ProcessDashboardServiceBean

Local JNDI Name: ejb/bpm/services/ProcessDashboardServiceBean

Remote JNDI Name: ejb/bpm/services/ProcessDashboardServiceBean


Name: ejb/bpm/services/ProcessMetadataServiceBean

Local JNDI Name: ejb/bpm/services/ProcessMetadataServiceBean

Remote JNDI Name: ejb/bpm/services/ProcessMetadataServiceBean


Name: ejb/bpm/services/ProcessModelServiceBean

Local JNDI Name: ejb/bpm/services/ProcessModelServiceBean

Remote JNDI Name: ejb/bpm/services/ProcessModelServiceBean


Name: RuntimeConfigService

Local JNDI Name: RuntimeConfigService

Remote JNDI Name: RuntimeConfigService


Name: TaskEvidenceServiceBean

Local JNDI Name: TaskEvidenceServiceBean

Remote JNDI Name: TaskEvidenceServiceBean


Name: TaskQueryService

Local JNDI Name: TaskQueryService

Remote JNDI Name: TaskQueryService


Name: TaskReportServiceBean

Local JNDI Name: TaskReportServiceBean

Remote JNDI Name: TaskReportServiceBean


Name: UserMetadataService

Local JNDI Name: UserMetadataService

Remote JNDI Name: UserMetadataService


Name: ejb/bpm/services/BPMOrganizationServiceBean

Local JNDI Name: ejb/bpm/services/BPMOrganizationServiceBean

Remote JNDI Name: ejb/bpm/services/BPMOrganizationServiceBean


And your JNDI tree will look like this:

Summary of Servers > adf_server1 -> View JNDI tree

Add link to JNDI provider


The documentation on this topic is here: Defining the Foreign JNDI Provider on a non-SOA Oracle WebLogic Server Defining the Foreign JNDI Provider Links on a non-SOA Oracle WebLogic Server.


A couple of very helpful posts on this topic:


Add wf_client_config.xml to UI project


Several articles suggests that we need the wf_client_config.xml file added to our UI project to make security propagation work properly.


<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?>

<workflowServicesClientConfiguration  clientType=”REMOTE”>

<server default=”true” name=”default”>











<identityPropagation mode=”dynamic” type=”saml”>


<policy-reference enabled=”true” category=”security”








Apply JRF template to fix Error 403


All the libs were targeted properly and deployment went smoothly but I was still getting error while I was trying to open the UI project in BPM workspace.

To solve it you need to go to  https://<host>:7001/em/

Go to your domain, select adf_server1 and click the “Apply JRF template” on the top.

Possibly that installs some of the libraries that you already have.

There is a good article on this topic here:


Configure our UI project to be shown in workspace



Configure our UI project to be shown in workspace


Notice that the port is 7201, it is adf_server1.


User credentials are not being passed properly


Everything is configured properly. You can see your UI in BPM workspace.

You try to Update/Complete tasks and it works.

It works, until you try to retrieve the current user from the security context.

It appears that user credentials are not passed properly. The UI project can’t identify the current user logged in BPM Workspace.


There are 2 solutions for this one:


1. Deploy the OracleBPMWorkspaceon adf_server1 also.

1. Deploy the OracleBPMWorkspaceon adf_server1


As you can see:

The UI project (<projectHumanTask>_UI) is deployed on adf_server1.

OracleBPMWorkspace is also deployed on adf_serrver1 also.

OracleBPMcomposerRolesApp and OracleBPMProcessrolesApp are left as they are.


2. Implement SAML authentication.

This one is being researched.


JavaEE and Oracle Developer at Dreamix