Practices for Lesson 10 Practices Overview
Practice 10-1: Configure the Embedded LDAP Server Overview
You configure the LDAP administrator user credentials for, and import user and group information into, the Embedded LDAP server. Changing the LDAP administrator user
credentials is done in Oracle WebLogic Administrator Console and requires that you restart the Oracle WebLogic Server and its Managed Servers, such as the SOA and BAM server
instances.
After restarting Oracle WebLogic Server, the JXplorer LDAP browser can successfully connect to the Embedded LDAP Server for you to import the user and group information from supplied LDIF files.
Assumptions
JXplorer is installed and the LDIF files are located in the D:\labs\ldap folder. The “Start Admin Server for Weblogic Server Domain” and “Stop Admin Server” desktop icons have been created (see Practice 3-5 on the page titled “Practice for Lesson 3”, if required.)
Tasks
Change Admin User Credentials for the Embedded LDAP Server
1. To change the credentials (password) for the Embedded LDAP server administrator account, perform the following steps:
a. In a Web browser window, enter the URL http://localhost:7001/console to access the Oracle WebLogic Server Administration Console page.
b. On the Oracle WebLogic Server Administration Console Welcome page, enter the username weblogic and password welcome1 and click Login.
c. In the Domain Structure frame on the Oracle WebLogic Server Administration Console page, click soa_domain. For example:
Oracle University and (Oracle Corporation) use only.
f. On the Embedded LDAP tab page, enter the value welcome1 for the Credential and Confirm Credential fields and click Save.
g. On the top of the Settings for soa_domain frame, observer the Messages response to the save action. For example:
Note: The message indicates that two items must be restarted. In your cases, if you have the BAM managed server running, you may have to restart 3 items. In the example shown here, the items that must be restart are the WebLogic Server and the SOA managed server instances.
You can verify which instances must be restarted by clicking the “View changes and restarts” link in the Change Center frame on the top left corner of the Oracle WebLogic Server Administration Console page. On the Changes and Restarts page, you can click the Restart Checklist tab to view the servers listed. Because the node manager has not been configured, you have to restart these servers by using the command-line
methods.
h. On the Oracle WebLogic Server Administration console page, click the Log Out link, and close the Web browser window.
Oracle University and (Oracle Corporation) use only.
2. To restart Oracle WebLogic Server and the Oracle SOA Suite managed server, perform the following steps:
a. If required, open a new Command Prompt window by double-clicking the Command Prompt desktop icon.
Shutdown the Managed Server Instances
b. To shutdown the SOA managed server instance, in the Command Prompt Window enter the following commands:
D:\> cd D:\Oracle\fmw\11.1.1.3\user_projects\domains\soa_doma in\bin
D:\> stopManagedWebLogic.cmd soa_server1
Note: The change directory command has been split over two lines for visual clarity.
The change directory command is not shown in the following example:
Note: It may take five to ten minutes to stop the SOA managed server gracefully. If you prefer to terminate the process quicker press Ctrl+C in the Command Prompt window where the SOA managed server is running. After shutting down the SOA managed server, close its command window if it did not close after the shutdown operation completes.
c. If you have the BAM managed server running, you may also have to shut that down.
To shutdown the BAM managed server, in the same Command Prompt window enter the following command:
D:\> stopManagedWebLogic.cmd bam_server1
Note: After shutting down the BAM managed server, close its command window if it did not close after the shutdown operation completes. Alternatively, press Ctrl+C in the BAM managed server command window to terminate the instance.
d. Do not close the Command Prompt window in which you entered the
stopManagedWebLogic.cmd commands, because you use it to restart the managed servers after you restart the WebLogic Admin Server.
Oracle University and (Oracle Corporation) use only.
Note: Double-clicking the Stop Admin Server icon opens a command window the shuts down the Admin Server instance and closes the Admin Server instance command window. However, the Stop Admin Server command window is not closed.
f. Close the command window used to stop the Admin Server.
g. To restart the Admin Server, double-click the “Start Admin Server for Weblogic Server Domain” desktop icon.
Note: You must wait until the Admin Server is in a running state before you restart the SOA and BAM managed servers. You can be sure that the Admin Server is in a running state when you observe a line similar to the following example appear in the command window:
<Jul 28, 2010 9:42:34 PM GMT> <Notice> <WebLogicServer>
<BEA-000360> <Server started in RUNNING mode>
Restart the Managed Server Instances.
h. Return to the Command Prompt window, in which you stopped the managed server instances, ensure the current directory is still the
D:\Oracle\fmw\11.1.1.3\users_projects\domains\soa_domain\bin folder, and enter the following command to start the SOA managed server instance:
D:\> start startManagedWebLogic.cmd soa_server1
Note: By using the start command prefix a new Command Prompt window opened, you can start the BAM managed server from the original Command Prompt window.
i. Optionally, you can start the BAM managed server by entering the following command:
D:\> start startManagedWebLogic.cmd bam_server1
Note: We do not need to start the BAM server until we need it in a subsequent practice.
j. Minimize the Command Prompt window you used to restart the SOA and BAM managed servers, because you can reuse the Command Prompt to restart the SOA managed server after changing Human Workflow Notification Server properties.
Import Users and Groups into the Embedded LDAP Server
In this section you start JXplorer LDAP browser, connect to the Embedded LDAP server as admin user to seed the user and group information required for the Human Task Composite application.
3. To start the JXplorer application and connect to the Embedded LDAP server, perform the following steps:
a. On the Windows taskbar, click Start > Programs > JXplorer > JXplorer.
b. In the JXplorer window, select File > Connect.
c. In the Open LDAP/DSML Connection dialog box, enter the fields and click Save:
Field Value Host localhost
Port 7001
Protocol LDAP v3 In the Security section use Level User + Password
Oracle University and (Oracle Corporation) use only.
User DN cn=Admin Password welcome1 For example:
d. In the Replace/Create Template dialog box, enter the value ldap_server, and click OK.
e. In the Open LDAP/DSML Connection dialog box, with the ldap_server template selected, click OK.
Oracle University and (Oracle Corporation) use only.
Note: If you enter the correct connection information, the JXplorer application creates a successful connection with the Embedded LDAP server. The Explorer tab in the left frame is populated with details read from the LDAP server. You can expand groups and people nodes in the soa_domain > myrealm tree to view existing data. For example:
Oracle University and (Oracle Corporation) use only.
4. To set the email address for the weblogic user, perform the following steps:
a. In the JXplorer window, if needed, expand soa_domain > myrealm > people, click the weblogic entry.
Note: This populates the attributes for the weblogic entry in the HTML View tab of the frame on the right side of the window.
b. In the HTML View frame (on the right-side of the window), enter
[email protected] in the Email Address field and click Submit.
5. To import the users and groups by using the supplied LDIF files, perform the following steps:
a. In the JXplorer window, click the LDIF > Import File menu.
Oracle University and (Oracle Corporation) use only.
Note: In the left navigation frame, you can verify that a set of new users appear in the people sub-tree. For example:
c. To import the groups, on the JXplorer window, click LDIF > Import File from the menu.
d. In the Open dialog box, select the Groups.ldif file and click OK.
Note: Use the left navigation frame to verify the new groups have been added.
Oracle University and (Oracle Corporation) use only.
e. Terminate the JXplorer application window by selecting select File > Exit.
Note: Instead of using JXplorer or other command line tools, you can use Oracle WebLogic Administration Console to create and manage user and group information in the Embedded LDAP server. However, in the web-based approach you cannot create multiple users quickly.
When you have time, consider logging into Oracle WebLogic Administration Console and click the Security Realms link in the Domain Structure frame to explore the users and groups information you imported with JXplorer. For example:
On the “Summary of Security Realms” page, click the myrealm link.
Oracle University and (Oracle Corporation) use only.
On the “Settings for myrealm”, click the Users and Groups tab.
On the “Settings for myrealm” > “Users and Groups” tab page, you can access the Users and the Groups tab pages, in which you can drill down to specific user and group details respectively.
6. To verify if you can login to the BPM Worklist application with one of the seeded users, perform the following steps:
a. In a Web browser window (or tab page), enter the URL http://localhost:8001/integration/worklistapp.
Note: Consider creating a Bookmark (or Favorites) for the BPM Worklist login page.
b. On the BPM Worklist application login page, enter the username jcooper with the password welcome1, and click Login.
Oracle University and (Oracle Corporation) use only.
Note: If the Embedded LDAP server user information has been correctly seeded by the import actions performed earlier in this practices, the BPM Worklist login should be successful.
c. On BPM Worklist application page, click the Logout link.