Achieve Seamless Cloud Integration with Oracle SOA Suite

Cloud Computing Solutions- Subscription Based IT Model

Deploying a Cloud App or subscribing to a cloud based service is fairly simple isn't it. 

Then what is troubling most of  CTO's minds today ??

• how on Cloud assets fit with most of the enterprise on-premise systems and other cloud applications?
• which business processes are involved to achieve this?
• Is there a need of another enterprise data model, ie independent of cloud data model?

If you notice these questions are not new but the same ones which were relevant for any type of integration project, in the past.

Then where's the real challenge in cloud integration different from traditional on premise integration

Departmental Autonomy

 In today's Cloud based business world, individual departments and lob's sometimes subscribe to cloud and Software as a Service (SaaS) applications, without IT's knowledge and often ignoring best practices

Disparate User Interface

Every SaaS vendor has a unique integration API. Combine packaged integration tools from multiple SaaS vendors and soon, you may find yourself managing disparate user interfaces and writing a lot of custom code using a variety of different programming languages.

Increased Enterprise Complexity

As you expand an on-premise application infrastructure to include SaaS applications in an ad hoc fashion, the complexity grows.

All aspects of Cloud Integration should align with the strategic visions of IT such as audit and compliance, security, standards and governance. Smart Cloud integration such as these helps you reap  the real benefits of greater flexibility and lower costs.

IT has had multiple integration paradigms, from CORBA to Client/Server to Web services, EAI and SOA.

No proper planning, it’s easy to end up with an “Accidental SOA Cloud Architecture” characterized by point-to-point connections from individual departments to the cloud.

 

 

 

 

 

 

 

 

 

 

A SOA Foundation for on Cloud Application

Most cloud applications support Web Services, a Service Oriented Architecture (SOA) is an ideal platform to address cloud integration. Many established SOA concepts, considerations, and design patterns are even more relevant in the world of cloud integration than in an “on-premise-only” scenario. 

With Oracle SOA Suite you can:

• set up and manage universal services and orchestrate them into composite applications and business processes

• shared services, process orchestration, event processing, and business activity monitoring with an Enterprise Service Bus

Try this Cloud Integration Examples using Oracle SOA Suite:

Oracle Fusion Applications Integration using Oracle SOA Suite

Follow these steps to invoke Web services from Oracle Fusion Applications, :
1. Download the WSDL from the Oracle Enterprise Repository for Fusion Applications cloud hosted instance (http://fusionappsoer.oracle.com ) - . Simply replace the hostname and port and download the WSDL. To ensure that the service you have selected can be invoked from external clients, click on the Taxonomy tab of the service definition and ensure that Keyword=External is present.

2. In Oracle JDeveloper, create a SOA project with a BPEL process that needs to integrate with Oracle Fusion Applications. Create a partner link based on the WSDL obtained in step 1.

3.Apply a compatible security policy to this partner link. If your environment has an SSL enabled environment, use the out-of-the-box oracle/wss_username_token_over_ssl_client_policy. You can also choose the equivalent SAML policies (for identity propagation) or WS-Security message protection enabled policies if these have been enabled in your environment.

To get invoked via outbound services from Oracle Fusion Applications, you would follow these steps:
4. Set up a Receive activity in a BPEL process with a SOAP endpoint and implement the process based on the WSDL and XSD documented by Oracle Fusion Apps in the Apps Composer Object Workflow Outbound Message page. 

This composite you created works as intermediary web service that understands the Fusion objects and mediates the requests to other on-premise or cloud applications as needed—for example, to synchronize new customers created with the on-premise Master Data Management system or to create them as Contacts in the Oracle RightNow CX cloud service.

5. Deploy the composite and obtain the endpoint URL.

6. In Oracle Fusion Applications, register the endpoint URL in the Application Composer Object Workflow page in the Outbound Message page activity for the object. You can now receive this outbound message in your SOA composite and process it as per your required business process.

Understanding Oracle Service Bus Thread model - Ensures Scalablity

1. Basic Thread Model

An Http Servlet  or a JMS Message Driven Bean(front end artifact) gets the inbound message, which is routed to Outbound endpoint and the thread is released.














An Asynchronous Callback response is received later at the outbound endpoint, packaged and handed to the Oracle Service Bus pipeline. Later, the pipeline notifies the inbound endpoint that the response is ready to be sent to the client. This processing is scalable because a thread is only tied up as long as it is needed.


Oracle Service Bus Thread Model is a scalable model and comprises of:

Inbound Request Message Thread

• An Inbound message received by a Servlet or Message Driven Bean

• Transport endpoint packages the message in TransportMessageContext object and passes to the pipeline.

• Request pipeline performs request pipeline actions configured for the proxy

• In the same (request) thread, Oracle Service Bus runtime calls on the  outbound transport endpoint

  

   

 

 

 

 

 

 

 

 

 

Outbound Response Message Thread

• In a new thread(response thread) the callback esponse message is packaged into a TransportMessageContext object and delivered back to Oracle Service Bus runtime.

• Response pipeline performs response pipeline action (if any).

• Oracle Service Bus runtime calls on the InboundTransportMessageContext object to notify it  to send the response back to the original caller

 Different Work Manager for Biz and Proxy Service

OSB allows you to assign different Work Managers and hence different thread pools to each Proxy Service and Business Service. This architecture ensures while waiting for a response from a business service there are no threads in use.

2. Do Nothing Route Thread Model ( Special Case)

      When there is no route node?  

•  Oracle Service Bus just echoes the Request message as a Response message.
•  It still uses a separate thread for the response, response thread in this case uses Default Work Manger.

 

 

3. Service Callout Threading Model 

• Service Callout to a Business Service from within a pipeline.
• Target Business Service is called using the pipeline thread but the response is also handled by the pipeline thread.
• Calling thread is suspended after sending the request, but unlike the Route Node case the thread is not released, it waits for the response.
• The socket muxer uses the Business Service Work Manager to allocate a thread to process the response, 
• Getting the response and notifying the blocked pipeline thread that the response is available.  
• The original pipeline thread can then continue to process the response.

 Note: Make sure that any Business Services used by a Callout in a pipeline use a different Work Manager than the pipeline itself.

4. Proxy Chaining Thread Model

• Route node is calling a Proxy Service rather than a Business Service.
• The original Work Manager is used for both request pipelines.  
• Similarly the response pipeline uses the Work Manager associated with the ultimate Business Service invoked via a Route Node.  

Oracle SOA Suite - Define Web Service Policy (WS Policy) for message level security with X509 token

WS-Security Policy 1.2 support in OracleServiceBus 11g

 

Web Service Policy (WS Policy) is a standard framework which allows Web Services to express their constraints and requirements as collection of XML statements known as policy assertions.

WS-Security Policy 1.2 specification from OASIS defines a set of security policy assertion for use with the WS Policy Framework. The assertions defined within this specification have been designed to work independently of a specific version of WS-Policy.

Oracle Service Bus supports WS-Security Policy 1.2  specification assertions at both Business and Proxy Service level. 

To implement this specification, the Policy file in OSB must use XML Namespace URI as below :

http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702 

Here is a sample Policy file with X509 Token which could be used in Oracle Service Bus to define a Custom WS  policy  for message level security in Business or Proxy Services.

<wsp:Policy wsu:Id="someName"
            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
            xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
            xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/">
    <wsp:ExactlyOne>
        <wsp:All>
            <sp:AsymmetricBinding>
                <wsp:Policy>
                    <sp:InitiatorToken>
                        <wsp:Policy>
                            <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/20070/IncludeToken/Always">
                                <wsp:Policy>
                                    <sp:RequireThumbprintReference />
                                    <sp:WssX509V3Token10 />
                                </wsp:Policy>
                            </sp:X509Token>
                        </wsp:Policy>
                    </sp:InitiatorToken>
                    <sp:RecipientToken>
                        <wsp:Policy>
                            <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always">
                                <wsp:Policy>
                                    <sp:RequireThumbprintReference />
                                    <sp:WssX509V3Token10 />
                                </wsp:Policy>
                            </sp:X509Token>
                        </wsp:Policy>
                    </sp:RecipientToken>
                    <sp:AlgorithmSuite>
                        <wsp:Policy>
                            <sp:TripleDesRsa15 />
                        </wsp:Policy>
                    </sp:AlgorithmSuite>
                    <sp:Layout>
                        <wsp:Policy>
                            <sp:Strict />
                        </wsp:Policy>
                    </sp:Layout>
                    <sp:IncludeTimestamp />
                    <sp:OnlySignEntireHeadersAndBody />
                </wsp:Policy>
            </sp:AsymmetricBinding>
           
            <sp:Wss10>
                <wsp:Policy>
                    <sp:MustSupportRefKeyIdentifier/>
                    <sp:MustSupportRefIssuerSerial/>
                </wsp:Policy>
            </sp:Wss10>
           
            <sp:SignedParts>
                <sp:Body/>
            </sp:SignedParts>
           
       </wsp:All>
    </wsp:ExactlyOne>
</wsp:Policy>