When I am playing around with Oracle Entitlements Server, sometimes it is good to send a dummy authorization request from an application and see the response. Also it is a quick and dirty way to test model policy as you build an application.
In this article I will describe how to setup WebLogic SM. A secondary goal is to build a simple app which can run simple authorization requests. We will use this example to understand how Oracle Entitlements Server policies work and eventually the mystic art of policy modeling. Before you start please make sure that you have run Java SM example described here.
WebLogic SM is different from Java, Web Services and RMI SMs because multiple applications can run in the same JVM. My recommendation is to map every Java EE application to an Oracle Entitlements Server application. This will simplify overall design of policies.
Defining WLS SM
As you probably figured out, SM definition (Oracle Entitlements Server Admin UI) is the same irrespective of the SM you want to create. Follow the regular steps to create an SM with name “Sample-WLS-SM” and distribute the policies.
Creating WLS Instance and creating a new WebLogic domain
You can configure a WLS SM for an existing WLS domain. But for this example, to keep things simple we will create a new WLS domain.
1) Cd to “Oracle-Home/Middleware/OES-Client-Home/oessm/SMConfigTool”
2) Copy the original wls config file to a new name “cp smconfig.wls.controlled.prp my-wls.prp”
3) Edit file my-wls-prp and set the following parameters. “clientPort” needs to match SSL port picked during WLS domain creation
4) Cd to ../bin
5) Run the WLS SM Config command (remember it will create a new wls domain) “./config.sh -smConfigId Sample-WLS-SM -prpFileName Oracle-Home/Middleware/OES-Client-Home/oessm/SMConfigTool/my-wls.prp -serverLocation Oracle-Home/Middleware/wlserver_10.3”
6) Select “Create a new domain” and click next
7) Select “Oracle Entitlements Server (OES_client)”, don’t select any other Oracle Entitlements Server options
8 ) Name you new domain “oes_examples”
9) Use “Weblogic” for user name and pick a password (remember this password)
10) Select Sun JDK
11) Select “Administration Server”, you will need to change the listener port numbers to 8001 and 8002 (https). This is because you probably picked default ports 7001 (http) and 7002 (https) while setting up Oracle Entitlements Server Administration Server.
12) Set http port to 8001 and SSL port to 8002
13) Verify information and click “Create”
14) You should see the following completion screen, click “done”
15) Output from SM config tool will be something like
16) Your SM should have been created at “Oracle-Home/Middleware/OES-Client-Home/oes_sm_instances/Sample-WLS-SM”
17) Your Domain should have been created at “Oracle-Home/Middleware/user_projects/domains/oes_examples”
Starting up the new domain
1) Cd to “Oracle-Home/Middleware/user_projects/domains/oes_examples”
2) Run “startWebLogic.sh” and wait until you see “Running”
3) Log into Oracle Entitlements Server Admin UI and check the “Policy Distribution”, you should see “Sample-WLS-SM” which indicates that WLS SM successfully registered with the Admin
Now we are sure that SM is able to talk to Admin. Finally we need to see this in action to know that it works.
Deploy sample app
I have created a simple Oracle Entitlements Server WebLogic project in Eclipse. You can get the EAR file from here. The download includes source files:
1) Welcome.html: main entry page
2) AuthzRequest.html: collects authorization request information
3) AuthzResponse.jsp: has ORACLE ENTITLEMENTS SERVER API calls to do the authorization
4) Web.xml is setup such that container forces authentication for most pages except for welcome.html and login.jsp
5) Weblogic.xml: maps local role to WebLogic Administrator group
To deploy the web application:
1) Log into WebLogic console (e.g. http://localhost:8001/console)
2) Click on “Deployments” on left pane
3) Click on Install
4) Browse to /home/oes/oes-wls-sample
5) Select oes-wls-example
6) Click on Next
7) Select “install this deployment as an application”
8 ) Click on Next
9) Leave the defaults and click on Next
10) Leave the defaults and click on Finish
Running the application:
1) Open examples welcome page (e.g. http://10.0.0.3:8001/oes_examples/welcome.html), you should see:
2) Click on Authorization Query
3) Enter user-name and password
4) Fill-in data about the authorization request and click on get Authorization
5) You will see authorization result
We will use this sample in subsequent blog articles to model policies