OIG 11G R2 Field Enablement Training - Oracledownload.oracle.com/opndocs/global/OIM-R2-PS2/Labs/3.1_Deploying... · OIG 11G R2 Field Enablement Training Lab 3.1 - Deploying Composites

OIG 11G R2 Training

Oracle Proprietary - Restricted to Personal Use in an Oracle partner training class

1 | P a g e

OIG 11G R2 Field Enablement Training

Lab 3.1 - Deploying Composites and creating Access Policies

Disclaimer: The Virtual Machine Image and other software are provided for

use only during the workshop. Please note that you are responsible for

deleting them from your computers before you leave. If you would like to try

out any of the Oracle products, you may download them from the Oracle

Technology Network (http://www.oracle.com/technology/index.html) or the

Oracle E-Delivery WebSite (http://edelivery.oracle.com)

http://www.oracle.com/technology/index.html

http://edelivery.oracle.com/

OIG 11G R2 Training


2 | P a g e

Table of Contents

OIG 11G R2 Field Enablement Training ................................................................................................... 1

Deploying Composites and creating Access Policies........................................................................... 1

1. Deploy the Composite................................................................................................................. 3

2. Configure Approval Policies ........................................................................................................ 7

OIG 11G R2 Training


3 | P a g e

Introduction

In this lab we will deploy an already prepared SOA composite. This is a generic composite which can

handle various approvals i.e Single Approval, Serial Approval, Parallel Approval.

We will also create approval policies to invoke the composite we are deploying so that the same

composite can be invoked when requesting for Role, Application Instance & Entitlement.

Pre Requisite: [This is already done in the VM, please login to EM and check the Key]

The SOA composite will use CSF to get the credential to connect to OIM Server. We need to create

the entry in CSF so that SOA composite can use it.

Note: You need to have Admin & SOA Servers running

Login to the Fusion Middleware Control

Expand WebLogic Domain

Click the domain name

Click WebLogic Domain under the domain name, in the right pane

Click Security

Click Credentials

Select oracle.wsm.security

Click Create Key from the toolbar

Provide the following information in the Create Key form

Key Requestwskey

User Name xelsysadm

Password Password for the xelsysadm user

Confirm Password Password for the xelsysadm user

Description Optional

Click OK

1. Deploy the Composite Note: you need not do this exercise if you have completed Lab 3.

Follow the steps below to deploy the composite. Also please ensure to start just the below services.

Admin server

OIG 11G R2 Training


4 | P a g e

SOA server.

Ensure that any other services like OIM are down.

1. In the VM navigate to the below folder.

2. Unzip the AddAccessApprovalApplication.zip file.

3. Ensure that Admin and SOA are up.

4. Hit the Enterprise Manager console in a new browser window.

5. Login as weblogic.

6. Expand the SOA soa-infra default folders.

7. Right click on default and choose SOA Deployment Deploy to this Partition.

cd /app/home/oracle/Lab3\ Final\ Composite\ -\ Back\ up/

unzip AddAccessApprovalApplication.zip

OIG 11G R2 Training


5 | P a g e

8. In the Select Archive screen, choose the second option.

a. Archive on the server where Enterprise Manager is running.

9. Provide the path of the jar as follows.

a. /app/home/oracle/Lab3 Final Composite - Back

up/AddAccessApprovalApplication/AddAccessApproval/deploy/

sca_AddAccessApproval_rev7.0.jar

OIG 11G R2 Training


6 | P a g e

10. Click Next at the top.

11. In the confirmation page, just click on Deploy. EM deploys the composite and this activity

might take a while to complete.

12. You will see the new composite now in the default partition.

OIG 11G R2 Training


7 | P a g e

2. Configure Approval Policies

Shutdown the Admin Server.

Start OIM server and check the status of SOA. SOA Server should be up.

1. Login to the System Administration Console as ADMIN.

2. Click on Approval Policies under Policies.

3. Click on the create button to create request-level approval policy to Grant Application

Instance.

4. Fill the form with the below details.

Policy Name Application Instance – RL – Beneficiary Manager Approval

Description Application Instance – RL – Beneficiary Manager Approval

Request Type Provision ApplicationInstance

Level Request Level

Auto Approval Checked

5. Click on Next.

6. Click on Add Simple Rule.


Entity Request

Attribute Request Type

Condition Equals

Value Provision ApplicationInstance

Parent Rule Container Approval Rule

8. Click on Save.

9. Under Rule Components expand the Approval Rule. You should see it as shown below.

10. Provide a value for the Rule Name.

a. Request Rule

OIG 11G R2 Training


8 | P a g e

11. Click Next.

12. Click Finish.

13. Click OK on the confirmation dialogue.

14. Click on the search button to see the newly created approval policy.

15. Click on the create button to create request-level approval policy to Grant Role.


Policy Name Assign Roles – RL – Auto Approve

Description Assign Roles – RL – Auto Approve

Request Type Assign Roles

Level Request Level


17. Click on Next.


OIG 11G R2 Training


9 | P a g e


Entity Request


Condition Equals

Value Assign Roles


20. Click on Save.



a. Request Rule

23. Click Next.

24. Click Finish.


26. Click on the create button to create request-level approval policy to Grant Entitlement.


OIG 11G R2 Training


10 | P a g e

Policy Name Provision Entitlement – RL – Auto Approve

Description Provision Entitlement – RL – Auto Approve

Request Type Provision Entitlement

Level Request Level


28. Click on Next.



Entity Request


Condition Equals

Value Provision Entitlement


31. Click on Save.



a. Request Rule

34. Click Next.

OIG 11G R2 Training


11 | P a g e

35. Click Finish.


37. Click on the create button to create request-level approval policy for Heterogeneous

Request.


Policy Name Heterogeneous Request

Description Heterogeneous Request

Request Type Heterogeneous Request

Level Request Level


39. Click on Next.



Entity Request


Condition Equals

Value Heterogeneous Request


42. Click on Save.



a. Request Rule

OIG 11G R2 Training


12 | P a g e

45. Click Next.

46. Click Finish.


48. Create Operational-Level approval policies to Grant Application Instance.


Policy Name Prov App Instance – OL

Description Prov App Instance – OL

Request Type Provision ApplicationInstance

Level Operation Level

Auto Approval UNChecked

Approval Process Default/AddAccessApproval7.0

Scope Type Application Instance

All Scope Checked

50. Click on Next.



Entity Request


Condition Equals

Value Provision ApplicationInstance


53. Click on Save.


OIG 11G R2 Training


13 | P a g e

a. Operational Rule

55. Click Next.

56. Click Finish.


58. Create Operational-Level approval policies to Grant Role.


Policy Name Assign Roles – OL – Custom Composite

Description Assign Roles – OL – Custom Composite

Request Type Assign Roles




Scope Type Role

All Scope Checked

60. Click on Next.



Entity Request


Condition Equals

Value Assign Roles


OIG 11G R2 Training


14 | P a g e

63. Click on Save.


a. Operational Rule

65. Click Next.

66. Click Finish.


68. Create Operational-Level approval policies to Grant Entitlement.


Policy Name Entitlement Approval

Description Entitlement Approval

Request Type Provision Entitlement




Scope Type Application Instance

All Scope Checked

70. Click on Next.



Entity Request

OIG 11G R2 Training


15 | P a g e


Condition Equals

Value Provision Entitlement


73. Click on Save.


a. Operational Rule

75. Click Next.

76. Click Finish.


78. Click on the search button to see all the latest policies created.

Note: You can sort by the Level to get the above result in the order shown. You should have 4

Request Level Polices created (Excluding Self Reg Policy) and 3 Operation level Policies.

OIG 11G R2 Training


16 | P a g e

79. Close the popup window.

80. Logout of sysadmin console and close the browser.

Documents

OIG 11G R2 Field Enablement Training - Oracledownload.oracle.com/opndocs/global/OIM-R2-PS2/Labs/3.1_Deploying... · OIG 11G R2 Field Enablement Training Lab 3.1 - Deploying Composites