I have recently done the BPEL worklist integration with Oracle Single Sign-on. Check this post for integration process.
I did not witness any issues in a development environment. However, when I replicated the same integration process in a product environment, I found the difference.
I have followed this metalink note for 753087.1 BPEL OSSO integration. During the BPEL worklist registration process, the -site_name
is given as myhost.mydomain.com
. This means the BPEL worklist port number is not used here and it was not mentioned whether it is the individual BPEL server hostname or the load balance router URL.
Many attempts used with registering the individual BPEL server name with OSSO were invain using ssoreg.sh.
I was skeptical from the beginning as to register whether with the LBR or individual server. Conceptually, the Load balancer is not intelligent enough to route it to OSSO server, it is the individual BPEL servers which are registered with OSSO who could do it. Well, this is my perception!
When I register with individual BPEL server, I was getting the below error when I access the BPEL worklist using the URL http://soa.domain.com:7777/integration/worklistapp/
There was no helpful errors in OC4J logs and hence found very difficult to troubleshoot.
I have gone through few configuration files of BPEL worklist server to check what URL the server is accepting/using. One of the files is Wf_client_config.xml located under $ORACLE_HOME/bpel/system/services/config.
The URL that it is pointing is the LBR and not the individual BPEL server as shown below.
<identityService>
<soapEndPoint>http://LBR.hostname:7777/integration/services/IdentityService/identity</soapEndPoint>
</identityService>
………………….
………………….
I read this metalink article 739686.1 just to get to know few more things about this integration troubleshooting. I found that -site_name is used as hostname.domain:bpel_port and this is something which is not mentioned in the basic metalink article we were following 753087.1 .
Now I got some clue to register the BPEL as LBR hostname including the bpel port.
So, I used the below script to run using ssoreg.sh.
./ssoreg.sh -oracle_home_path $ORACLE_HOME -config_mod_osso TRUE -site_name LBR.hostname:7777 -remote_midtier -config_file $ORACLE_HOME/Apache/Apache/conf/osso/worklist/osso.conf -mod_osso_url http://LBR.hostname:7777
-sso_partner_version v1.4
When I did so, the SSO worked like a gem!
Note: The BPEL worklist port in our case is 7777, hence change it as per your application.
I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com