SSO Integration with J2EE application deployed on 11g WebLogic Server(Part 2)

In the previous post, we went through the structure of the integration and the procedure of installing oracle web tier. Now we are going to review the configuration of SSO Integration with J2EE application.

PREQUISITES:

       I assume you have deployed your J2EE applicaiton onto webLogic server and it could be reached by the link:

       (Suppose your J2EE application is deployed on to Admin Server, by default the port number is 7001.)

       http://<host_name&gt;:7001/<Your_J2EEAPP_Name>

       Note: Port number would be vary if you deploy J2EE application on to managed server. For more information about this, you should check the following posts:

        Deploy application to Managed Server on 11g WebLogic Server (Part 1)

        Deploy application to Managed Server on 11g WebLogic Server (Part 2)

SOLUTION:

     The following solution is basically a summary from oracle document: (If you would like a more detailed explanation of what and why)

     http://docs.oracle.com/cd/E25054_01/core.1111/e10043/osso_d_10g.htm

     For how to install oracle web tier, check previous post:

     SSO Integration with J2EE application deployed on 11g WebLogic Server(Part 1)

     STEPS:

        J2EE Application Code Change

          The idea is to enable the fuctionality of enabling OID users login into your J2EE application directly.

        Set up mod_osso

          Find the mod_wl_ohs.conf. This file should reside under the following directory:

          <Fusion_Middleware_Home>/Oracle_WT1/instances/instance1/config/OHS/ohs1

          The following code snippet comes from mod_wl_ohs.conf file.

     

          Modify the line marked in red. Uncomment the line starting with “MatchExpression…” to below 

 
       

Restart ohs1 after editing:

cd /Oracle_WT1/opmn/bin

opmnctl stopall

opmnctl startall

       Registering Oracle HTTP Server mod_osso with OSSO Server 10.1.4      

The mod_osso module is an Oracle HTTP Server module that provides authentication to OracleAS applications. This module resides on the Oracle HTTP Server that enables applications protected by OracleAS Single Sign-On to accept HTTP headers in lieu of a user name and password once the user has logged into the OracleAS Single Sign-On server. The values for these headers are stored in a mod_osso cookie. The mod_osso module enables single sign-on for Oracle HTTP Server by examining incoming requests and determining whether the requested resource is protected. If it is, then it retrieves the Oracle HTTP Server cookie. Under certain circumstances, you must register Oracle HTTP Server mod_osso using the 10.1.4 Oracle Identity Manager single sign-on registration tool .

To register mod_osso:

   Go to the following 10.1.4 Oracle Identity Manager directory path: (This could be your OSSO server)

              <ORACLE_HOME>/sso/bin/ssoreg

  Run ssoreg with the following parameters and values for your environment:

             ./ssoreg.sh -oracle_home_path $ORACLE_HOME -config_mod_osso TRUE -site_name <host_name>:7777 -remote_midtier -config_file $ORACLE_HOME/osso.conf -mod_osso_url http://<host_name>:7777

      (Note: the osso.conf would be generated under specified directory: $ORACLE_HOME/osso.conf)

  Ftp osso.conf file from the directory above to the application server where web tier is installed.

              Put osso.conf under directory: (Note: create directory osso if it does not exist)

       <Fusion_Middleware_Home>/Oracle_WT1/instances/instance1/config/OHS/ohs1/osso

 Copy mod_osso.conf from disabled directory to the moduleconf directory for editing.

              From directory:

       <Fusion_Middleware_Home>/Oracle_WT1/instances/instance1/config/OHS/ohs1/disabled/mod_osso.conf

             To directory:

       <Fusion_Middleware_Home>/Oracle_WT1/instances/instance1/config/OHS/ohs1/moduleconf

      The orignial mod_osso.conf file should look like :

      

      Modify the red line and add the corresponding code into this file. It should look like :

      

Note: Httpd.conf for Oracle http server 11g is not in need for further modification, for it has already included the following:

          

Restart ohs1 after editing:

cd /Oracle_WT1/opmn/bin

opmnctl stopall

opmnctl startall

         To be Continued with:

                SSO Integration with J2EE application deployed on 11g WebLogic Server(Part 3)

SSO Integration with J2EE application deployed on 11g WebLogic Server(Part 1)

Previously, we talked about how to deploy our J2EE web application on to oracle 11g weblogic server. With the upcoming need of SSO integration, our goal becomes to enable SSO functionality on weblogic server and secure our application access by going through portal page and then getting user authentication through LDAP server with the OID repository.

I have successfully implemented the solution on SSO integration within Oracle 10g Applicaiton Server(OAS). The idea is quite simliar since we are still using 10g portal page. However, oracle 11g enterprise edition has replaced the OAS with weblogic server which introduces quite a few changes for the SSO integration on weblogic server. I would break into a few posts on elaborating this idea. If you are not familar with SSO(Single Sign On) with oracle 10g OAS, please refer to the following link to get a basic understanding of what and why: (The following link shows a basic work-though of 10g SSO. Our new approach would inherit a lot of similar ideas from the old approach.It would be easier to understand this current post if you have the history knowledge)

http://www.slideshare.net/kurtvm/extending-oracle-sso-presentation

Now I assume if you have already knew a few concepts of mod_osso, OID registration,httpd.conf file. Then let us firstly start with reviewing application architecture with the SSO integration. 

The architure of the whole process looks like below.

WEB TIER INSTALLATION

Now our application is deployed on weblogic server. So right now besides the installation of Business Intelligence SUITE, we also need to install Oracle Web Tier.

PREREQUISITES:

  •       Oracle Buisiness intelligence 11g is installed
  •       OR Oracle Web Logic Server is installed

Note: If you have only installed oracle web logic server, be sure to enable JRF manually as below. Oracle Web Tier installation requires Oracle WSM Policy Manager and JRF(Java Required Files) and they do not display by default in the Oracle Fusion  Middleware Configuration Wizard. You must enable the display of these products. To accomplish this, pass the following JVM property to the config.sh script:

-DTemplateCatalog.enable.selectable.all=true

To pass this property to the script, set the CONFIG_JVM_ARGS environment variable to -DTemplateCatalog.enable.selectable.all=true. The script takes this property when you start the Oracle Fusion Middleware Configuration Wizard using./config.sh .

cd /wlserver_10.3/common/bin

 ./config.sh -DTemplateCatalog.enable.selectable.all=true

INSTALLATION PROCEDURE:

Download oracle web tier package and unzip the file. You should find Disk1 within the unziped file folder. Go under Disk1 and run ./runInstaller

Click and Next and then skip the software updates and then continue to check the prerequisite(Keep the default options)

Oracle web tier would be installed under fushion middleware home. So you should make sure you enter the correct FM home.

Uncheck the box to proceed.

It is not neccessary to install web cache if you don’t need to do performance tuning. That is optional.

Enter your domain settings as below:

It will dynamically load the instance home and you just proceed.

Skip the below step if you didn’t install web cache.

Choose Auto Port Configuration.

Check if everything looks right and then install the software.

Wait until it gets successfully finished.

Once web tier has been installed. You could check the status on em to see if it keeps up and running.

 To be continued to :

SSO Integration with J2EE application deployed on 11g WebLogic Server(Part 2)

Change Context Root for xmlpserver on 11g BI Publisher

I have been researching on how to change the context root for xmlpserver on 11g BI Publisher. Since our application could not use xmlpserver as the context root extension, I would love to come up an approach with the deployment of the same application but with a new context root. This topic is an open question. I have worked out one solution explained in the current article. But I still have not figured out the best approach for the question. Let me know if anyone has any idea for the questions I asked in the article.

As far as I have touched this topic, I tried changing the context root on the fly by modifying the xmlpserver deployment configuration as below:

Login to Application console, and click on the Deployments. You should be able see a list of deployments on the weblogic server. Find the one with name bipublisher, expand the deployment, there is a web application named xmlpserver. Click on that, it will navigate to the settings page of xmlpserver showed in the picture below: (Click on Configuration Tab and navigate to the bottom)

 

This Context Root is editable and was previously set to be xmlpserver. So I changed it to newContextRoot and save the configuration. However the settings didn’t get picked up during the server restart and it was not working.

I would expect to access http://domain-name:9704/newContextRoot  instead of http://domain-name:9704/xmlpserver

  Anyone knows why this straightforward approach is not functioning as expected?

My working approach:

Here is what I do for the rest of the steps. I will firstly undeploy the current bipublisher application in enterprise manager and then duplicate a copy of existing xmlpserver.ear with the new name btmreport.ear. Later I modified a few files in btmreport.ear and deploy btmreport.ear with the same name bipublisher under the same target. (This involves a few tricks I found out during the trials and errors. I would explain them in the corresponding steps)

 Step 1. Undeploy the current bipublisher application.

 Access enterprise manger as below. By default you could access the link: http://Domain-Name:7001/em

Now on the navigation panel find bipublisher and click on Undeploy as below.

Continue the undeployment.

If you run into the same error with me as below, it means the configuration of bifoundation has been locked and you need to go to applicaiton console to release the configuration.

How to release the configuration? Simple! Go to application console. By default you access the link: http://Domain-Name:7001/console

Once login, you should be able to see that there are changes that need to be taken actions in order to unlock the configure on bifoundation domain. I have been trying out other deployments on console. So I just wanted to undo the changes to release the configuration.

After this change,  I could proceed on undeploying the application back to enterprise manager.

Now we would need to duplicate a copy from xmlpserver.ear with the name btmreport.ear. And modify two files within the ear file.

xmlpserver.ear location: <BI_middleware_home>/Oracle_BI1/bifoundation/jee/xmlpserver.ear

Now duplicate another ear under the same location: <BI_middleware_home>/Oracle_BI1/bifoundation/jee/btmreport.ear

There are two files to be modified in btmreport.ear:

   (MODIFY 1)btmreport.ear\META-INF\application.xml

 Change From Change To
<display-name>xmlpserver</display-name>  <display-name>btmreport</display-name> 
<context-root>xmlpserver</context-root> <context-root>btmreport</context-root>

  (MODIFY 2)btmreport.ear\xmlpserver.war\WEB-INF\weblogic.xml

 Change From Change To
<cookie-path>/xmlpserver</cookie-path> <cookie-path>/btmreport</cookie-path>
<context-root>xmlpserver</context-root> <context-root>btmreport</context-root>

The reason for changes of these two files could be related to the oracle document : Read More on Web Applications from Oracle Doc

Step 2 Deploy the application under the same name bipublisher. Go to enterprise manager and deploy the application as below:

Input the location of the btmreport.ear. (This could be found in the previous step)

Deploy the application under the same target bi_cluster -> bi_server1

 Now we come to the deployment page.

The trick here is to put the name as bipublisher. That is why we have to undeploy bipublisher application firstly. Since it will not allow the same application name being created twice. And the consequence of not using bipulisher as the application deployment name is that you would not be able to have a complete xmlpserver login page(It showed as a blank blue page). I would assume in the BIP software, it is hardcoded somewhere to use bipulisher as the name.

Wait until the deployment finishes successfully, and then validate the new context root(In our case, it should be btmreport)

In order to validate the link, we could go back to application console and take a look at the new deployment details:

Go under the configuration of the deployment btmreport and go to testing to view all the links:

(By default the xmlpserver port should be 9704. In my envrionment, I set it to 9500)

Anyone knows how to keep xmlpserver undeployed but deploy a new btmreport application under bipublisher?

[OBIEE Solution]Deployment of OBIEE 11G BI Publisher reports

Before we start discussing about the method on deploying OBIEE 11G BIP reports. Let us firstly look back to the 10g deployment of BIP reports. For example, we have two servers A and B. And we are trying to deploy the “BIPreports” under the xmlpserver repository on Server A to Server B.

Usually on 10g BIP, the default location of xmlpserver respository looks like below:

 <OracleBI_Home>/xmlp/Reports

So basically for a full deployment of the example we mentioned above. We could simply copy the BIPreports folder from the above location on Server A to Server B and then restart the BIP service. After that you could be able to see the BIPreports is deployed on to the new server and you could start view/edit the reports by login to xmlpserver.

However on OBIEE 11g, BI Publisher reports are integrated into the BI answers catalog, which means if you want to see the actual catalog you have to go through BI Answers. It still maintain an xmlpserver repository with the location:

 <middleware_home>/user_projects/domains/bifoundation_domain/config/bipublisher/repository/Reports

We might think of using the same methodology to deploy the OBIEE 11g BI Publisher reports by just copying the reports to the above location. And upgrade the BIP catalog to BI Answers catalog.This would work if you upgrade the 10g reports to 11g reports and then deploy them to the folder above.

What you need to do next is to go to login to analytics.On the upper right corner, click Administration link:

Then on the next page, click Manage BI Publisher on the panel.

    Click Server Configuration on the Administration Page.

   

    On the next page click the button Upload to BI Presentation Catalog. And then click Apply.

  

   In this case you would be able to see the new folder and the reports underneath it once you login to analytics. Refer to previous blog on how to migrate 10g BIP reports to 11g   

   But this method didn’t solve the original question that if we want to get the reports from an 11g server and deploy them to another 11g server.We need to know after we upload the xmlpserver repository to BI Presentation Catalog. What happened?

    Well, it reformats the BIP repository to an BI Presentation Catalog folder entry. Say the folder BIPreports would be reformatted to folder BIPreports/ and BIPreports.atr. The reports under the original folder are also reformatted. The most obvious detection is by adding a atr file for each report and folder and sometime renaming some of the reports.The location of the BI Answers catalog is :

  <middleware_home>/instances/instance1/bifoundation/OracleBIPresentationServicesComponent/coreapplication_obips1/catalog/SampleAppLite/root/shared

   The problem is that you cound not simply copy the uploaded BIP reports folder to the same location on to another server. The presenation service would not recognize the folder as what 10g xmlpserver would do. And also once you have modified the uploaded reports from presentation service, the changes go directly to the catalog not the xmlpserver repository. And there is no way to reverse the BI Answers publisher reports back to the xmlpserver publisher reports having the changes we just made.

   In order to solve the problem, there are two ways available both with the help of presentation service. On OBIEE 11G, oracle tends to put more heavy usage on the frontend operation instead of backend manipulation.Good or bad? You tell me.

   Method 1.

   If you want to deploy a whole folder of BIP reports from OBIEE 11g Server A to B, simply login to analytics on Server A.

   Click Catalog:

  

   On the left panel, expand shared folders and choose the perticular report folder that you want to deploy to Server B. For example, I would do Sample2. Click on the folder and then click Archive

  

   Now depends on if you want to remain the permissions and timestamps. Check the boxes and click ok.

 

  Click Save. Then this archived file contains all the reports under Sample2 and is ready to be deployed to Server B.

 

  Login to analytics of Server B. And go to catalog as the step above.Choose the folder where you would like to deploy the reports. In this case, I would choose shared folder. And then click unarchive.

  At the pop-up window. Choose the Sample2.catalog and then input the neccessary parameters.Click OK

 Now Sample2 is showed under the shared folder and all reports are under it.

  Method 2.

  The second methodology for deployment of BIP reports is that you could simply download and upload a single report. This is useful when you are not deploying too many reports.

  Instead of login to analyitcs, this time you need to login to xmlpserver on Server A at:

  http://domain_name_onServerA:9704/xmlpserver

  Step 1.Click Catalog on the right corner to traverse down to the reports.

  

Step 2. Navigate to the report you want to move to another server. Click on More->Download

You have to download the data model correspondingly as well like below:

Now the files that we have just downloaded are looking like this:

    Balance Letter.xdoz

    Balance Letter Datamodel.xdmz

Step 3. Go to the Server B and upload the files. Login to the following link:  

http://domain_name_onServerB:9704/xmlpserver 

Go to catalog and navigate to the folder you would like to upload to.

At the left corner, click upload

Upload the two files we just downloaded to Server B and remember to associate the template with the data model.

[OBIEE Issue] Template upgrade for 10g BIP reports to 11g

The sample xml file generated by 10g data model is a little bit different from what 11g has offered. Let us look at the difference below:

So in the templates of 10g if you have used tables. It might have something similar like this, if you look at the table properties through BI Publisher plugin.

The trick is that you have to change the ROW to G_1 in order that the 10g template would correctly show the data format for 11g dataset.

[OBIEE Issue]11g BIP Error Code:InvocationTargetException

After I upgraded my 10g BIP reports to 11g, I was thinking of linking to the reports from the 11g BIF like what I did with old 10g OBIEE BIP. Let us review what we did in 10g firstly.

So basically when we we login to 10g xmlpserver and access the report, on the uppper right corner there shows up a link: Lind to the report

Four options are exposed for your referrence purposes. Suppose you click on No header option. You would get a link to this report like below:

http://domain_name:port/xmlpserver/report_folder/sample_report.xdo?_xpf=&_xpt=0&_xdo=%2Freport_folder%2Fsample_report.xdo&parameter1=sth&parameter2=sth&_xt=sample_reportTemplate&_xf=html&_xmode=2

Here note that _xmode=2 means you are using the no header option. So you could assume that if _xmode=3 would mean that you are chosing No Parameters option and so on.(See the table below) .

Parameter Value Refer To
_xmode 0 Current Page
_xmode 2 No header
_xmode 3 No Parameters
_xmode 4

Document Only

And also _xf refers to the format that how you are going to present the report. There are a few options as well in the following table.By default we are using html if we want to refer to the report through a browser. 

Now you get the link and you paste it into your browser, it would redirect you to the original report without header being showed up.

I tried to do the same thing with BIP 11g, and I figured out that it inheritantly had the same feature to get the link to the report like below.

I then generated the link through the second option: No header. It gave me the link like below:

http://domain_name:port/xmlpserver/report_folder/sample_report.xdo?_xpf=&_xpt=0&_xmode=4&_xdo=%2Freport_folder%2Fsample_report.xdo&_xpf=&_xpt=0&_xdo=%2Freport_folder%2Fsample_report.xdo&_paramsparameter1=sth&_paramsparameter2=sth&_xt=sample_reportTemplate&_xf=html&_xautorun=false

The link above is reformed a little bit from the 10g version and now I will paste it into the browser and see what happens.

It shows up the report.  But the header is still there.

Then I started trying other options except mode 2, for example, No Parameters. I got the following error.

Solutions:

This is a bug for the release Oracle Business Intelligence Product Version 11.1.1.5.0 (Build 110427.0752 64-bit)

    Oracle just released a patch for 11g 11.1.1.5.0 BIP to fix a bunch of bugs including the one we found:

        11850902 – SHARE REPORT LINK “NO PARAMETERS” AND “DOCUMENT ONLY” RENDER INCORRECTLY

    

     For details check out this link:

         http://prsync.com/oracle/bi-publisher-january-patch-for–402573/

     Download the patch file from:

         https://updates.oracle.com/Orion/Services/download/p13554951_11g_Generic.zip?aru=14460731&patch_file=p13554951_11g_Generic.zip

        Apply it according to the readme.txt included in the package. The bug would be solved! Good luck!

     

What really interested me is when you try to generate the same report from BI Answers 11g. It gave the link which looked different from the BIP version.

http://domain_name:port/analytics/saw.dll?bipublisherEntry&Action=open&itemType=.xdo&bipPath=%2Freport_folder%2Fsample_report.xdo&bipParams={“_xmode”:”2″,”_xpf”:””,”_xpt”:”0″,”_xdo”:”%2Freport_folder%2Fsample_report.xdo”,”_paramsparameter1″:””,”_paramsparameter2″:””,”_xt”:”sample_reportTemplate”,”_xf”:”html”,”_xautorun”:”true”}

And if you apply this link to the browser, even though you keep changing _xmode from 0 to 4, it didn’t make much difference.Anyone has any idea for this issue?

[OBIEE Issue]Upgrade BI Publisher reports from 10G to 11G

I have to highly recommend the following blog article that talks about the upgrade of 10g BI Publisher reports to 11g.

Blog link: http://bipconsulting.blogspot.com/2011/07/10g-users-lets-upgrade-to-bi-publisher.html

Kan explains the process in detailed steps and I followed his steps to perform the upgrade. The upgrade was successful as he showed in the last picture of publisher reports upgrade section. I have seen my old 10g publisher reports folder showing up. But when I went under my report folders, I tried to open my reports xdo file, it gave me an error below:

ShockedThe report cannot be rended because of an error,please contact the administrator.

It looked like my report xdo file is not associated with the correct data model file.So then I tried to edit my vat_report report and I saw that after automatic upgrade, my vat_report report was set with the default data model : vat_report.xdm which doesn’t exsit on my data model list. In the presentation layer, the actual data model is called vat_report. Match the correct model by clicking  button.

Click View Report to check if you still have the error above and click save to enable the change.

Good luck!

AlienNote: There are file structure changes for BI Publisher upgrade. The original .xdo now is split into two components – .xdm and .xdo as illustrated:(The following picture is borrowed from my other favorite blog:  http://howtobi.wordpress.com/2011/01/14/upgrading-obiee-10g-content-to-11g/)