Oracle API Gateway (OAG) : Concept & marriage with SOA & Mobile

Oracle API Gateway is a standards-based, policy-driven, standalone software security solution that provides first line of defense in Service-Oriented Architecture (SOA) environments.

It enables organizations to securely and rapidly adopt Cloud, Mobile and SOA Services by bridging the gaps and managing the interactions between all relevant systems.

Oracle Web Services Manager(OWSM) is generally used for application security of a particular service,most customers have any use cases around DMZ or Perimeter Security for Web Services. This product serves as a part of the enterprise security solution.

This would be typically for customers needing access to web services from the internet, similar to how we access a web application. OAG can do a  lot of validations
and route the requests only once those checks have passed. This may also be a typical use case for Mobile Applications which use REST Web Services at the backend.

I have seen a strong value in this security product for all SOA and Mobile projects.

Here’s a high-level request flow :

There are many advantages that OAG can provide :

–   Authentication, Authorization (Leverages existing LDAP like AD ; existing IDM platforms for this – RSA AM, CA Site Minder, Oracle Access Mgr)

–   XML Acceleration, Throttling, Caching, Protocol translation (REST to SOAP and vice versa), Dynamic routing, SLA enforcement

–   Identity Propagation and Credential Mapping , Filter threatening content (XML Bombs, DOS Attacks, Virus)

Oracle OEMs (or Original Equipment Manufacturing) the OAG product from AxWay – AxWay’s gateway product is rebranded for Oracle as OAG, and is almost identical.

Quick Demo : https://www.youtube.com/watch?v=MWunxvZnB1A

Oracle  Datasheet

Automated Security deployment : Oracle IAM Deployment Wizard

With the release of Identity & Access Management suite 11g R2 PS2 (11.1.2.2.0), Oracle has released a new deployment tool to automate the installation and configuration of products related to the IAM suite.

This tool is named Oracle Identity and Access Management Deployment Wizard.

Key insights –

1. Installs & Configures - OIM , OAM , OUD , OHS , Webgates etc.Also creates basic Users & groups in OUD , configures OUD as Identity store for OAM.
2. You will need to download a completely separate set of software for this. The normal Identity & Access Management suite download packages won’t work.If you go to Oracle Download page for 11.1.2.2.0, here, you will see at the bottom a section for the Deployment Repository
3. This 12GB package contains everything you will need: The IAM Suite, RCU, WebLogic, JDK, WebTier, WebGate (11g), SOA, OUD, and of course, the Deployment Wizard.
4.  If everything goes well, it will take approximately 6 hours to do everything. If this seems long, keep in mind that it’s installing OAM,OIM,OUD , configuring them, integrating OIM and OAM, setting up LDAPSync, SSL enabling some components, configuring OHS with Webgate, configures WebLogic Authentication Providers, performs some light performance tuning, does OUD reconciliation
5.  Supports both Single Node & HA configurations.

Checkout this blog for more details, limitations etc. !

Oracle Fusion Middleware : 11.1.1.x / 11gR1 Support

Your 11gR1(11.1.1.x) customer does not wish to upgrade to 11gR2 (11.1.2.x) or to 12c (12.1.x) as he probably is not too keen on the new features or is not excited about the cloud yet.

Well, what about support on 11gR1 ? This can be a major factor for upgrade apart from new features!

11.1.1.x Premier support ends June 2015
As per http://www.oracle.com/us/support/library/lifetime-support-middleware-069163.pdf page 36

Note there are three kinds of support - Premier Support, Extended Support and Lifetime Support.

The extended support may not support integrations with new third party vendors and the sustaining support does not include new fixes!

Typically premier support is for 5 years since the launch of the product, extended support for 2 more years and sustaining support thereafter.

Oracle SOA : SFDC Adapter Issue - Total Requests Exceeded

We faced an issue wherein total API calls to SFDC to check for updated accounts exceeded the limit (due to Quartz Scheduler Polling at regular intervals )

Analysis : 

Once limit is reached , this cannot be undone till 24 hours !

http://bconeadapters.blogspot.com/2014/02/what-are-limitexceeded-errors-i.html

https://help.salesforce.com/apex/HTViewHelpDoc?id=integrate_api_rate_limiting.htm&language=en

Quick Fix : Use a different sandbox if using developer edition of SFDC

Correct way should be to (Work In Progress) -

1)Optimizing API calls to Salesforce.com

Although the Oracle Cloud Adapter for Salesforce.com incorporates several measures to reduce API calls to Salesforce.com (for instance, session management for limiting login calls and cache for limiting metadata fetch calls), you can further reduce calls to Salesforce.com while designing your composites through the offline configuration feature of Oracle Cloud Adapter for Salesforce.com.

2)Use polling interval of Quartz scheduler in couple of minutes than seconds.

Getting Started with BPM 11g

Following links should help you get jump started pretty quick since quite a few of them are video tutorials-

1)http://www.oracle.com/technetwork/middleware/bpm/learnmore/bpmwebinarseries-361340.html (Collated BPM Webinar)

2)http://andrejusb.blogspot.in/2010/10/initializing-oracle-bpm-11g-process.html (Initializing Oracle BPM 11g Process Payload from Oracle ADF 11g)

How ADF BC and BPM Payload  Interact

3)Building a sample BPM Process http://www.oracle.com/webfolder/technetwork/tutorials/obe/fmw/obpm/11g/r1/firstProcess/firstprocess_obpm11g.htm