Saturday, June 19, 2021

Oracle EBS integration with Oracle IDCS for SSO

Oracle EBS integration with Oracle IDCS for SSO

Oracle EBS SSO? Why is it so important?

Oracle E-Business Suite is a widely used application by thousands of customers. Oracle EBS SSO is highly recommended for Improved Oracle EBS Security and delivering a transparent, better user experience. SSO is one of the mandatory requirements for IT Security Audits in Oracle E-Business Suite

Oracle EBS SSO Benefits:

  • Users don’t have to remember dozens of passwords for Oracle e-Business Suite – 11i, 12.1, and 12.2.
  • Weak passwords in Applications are no longer allowed. Welcome123 and Oracle123 are the most popular weak passwords in Oracle EBS
  • Access to Oracle EBS is terminated instantly, when an employee/contractor leaves. This is a requirement Audit requirement
  • Passwords alone are not secure enough these days, multi-factor authentication is a must have for Oracle EBS today
  • Enforce user to change SSO password periodically to follow security guidelines.
  • Users don’t have to login multiple times, resulting in a better productivity and better user experience.
  • EBS Password reset calls to Helpdesk would be greatly reduced, and Oracle EBS Support teams are relieved.
  • IT Security Audits such as SoX, HIPAA demand Single Sign On for Oracle EBS 11i, R12, and 12.2.
  • Users don’t have to remember Applications URLs anymore, as URLs change from time to time.

Traditional Approach

Oracle EBS SSO is traditionally enabled with Oracle Access Manager (OAM) and Oracle Internet Directory (OID) which is what Oracle recommends for EBS SSO. The diagram below shows a summary of this approach as described in 1388152.1Oracle Note.


This is a standard, Oracle certified approach which is complex and involves multiple components. For SSO you need to deploy Access Manager, a Directory (OID), a WebGate, an AccessGate, and integrate each one of these with EBS. Both EBS 11i and 12.x require all these components. Traditional SSO Implementation challenges of procuring SSO software and hardware create longer implementation cycles and run-time issues such as production SSO outages. All these additional components also need to go through the maintenance cycle of patching, upgrading, and more. And not to forget this also requires configuration changes and scripts to be run at EBS level as well. For some customers, this additional complexity has led to not implementing SSO, resulting in the user experience suffering.

What is Oracle IDCS

Oracle Identity Cloud Service provides identity management, single sign-on (SSO), and identity governance for applications on-premise, in the cloud, or for mobile devices. Employees and business partners can access applications at any time, from anywhere, and on any device in a secure manner.


Manage Microsoft Active Directory (AD) Bridges. If you use Microsoft Active Directory as an authoritative source, then the bridge provides a link between your on-premises Microsoft Active Directory and Oracle Identity Cloud Service. Oracle Identity Cloud Service can synchronize with Microsoft Active Directory so that any new, updated, or deleted user or group records are transferred into Oracle Identity Cloud Service. The state of each record is synchronized between Microsoft Active Directory and Oracle Identity Cloud Service. 

New Cloud Approach

The good news is, there is now a simpler option available which will still enable that streamlined user experience you require, without the need to deploy and manage all the above components, and without the need to make significant configuration changes within EBS, such as configuring the integration with OID

This can be achieved using the Oracle Identity Cloud Service which is Oracle’s cloud-based Identity platform. This enables SSO to a standard installation of EBS through its EBS Asserter. The figure below shows this simplified integration.


Since IDCS is Oracle’s cloud-based platform it requires no installation. It takes care of authentication and authorization and supports multi-factor authentication, adaptive authentication, and more. IDCS is natively highly available and hence there is no need for DR instances or manually controlled fail-over strategy. The only component that requires maintenance is the EBS asserter which acts as an interface between IDCS and EBS

EBS Asserter

Oracle Identity Cloud Service provides a lightweight Java application, called Identity Cloud Service Asserter for E-Business Suite (EBS Asserter). With the E-Business Suite Asserter, you can implement SSO for Oracle e-Business Suite and other applications

EBS Asserter main features:

  • Non-intrusive solution that doesn't require configuration changes in your Oracle e-Business Suite environment.
  • Need to be deployed in WebLogic Server 12c using secure communications (SSL/TLS)
  • Multiple access modes for SSO with Oracle e-Business Suite:
  • Access Oracle e-Business Suite using the EBS Asserter’s direct URL link (bookmark)
  • Access Oracle e-Business Suite using Oracle Identity Cloud Service's My Apps page
  • Access Oracle e-Business Suite using the EBS Asserter's login using a redirect parameter
  • Access Oracle e-Business Suite using previously bookmarked Oracle EBS URLs
  • Supports Oracle e-Business Suite, EBS Asserter, and Oracle Identity Cloud Service Single logout.
  • Work with Multiple Oracle E-Business Suite Instances for SSO

What Do You Need?

  • Oracle JRE/JDK version 8 
  • Java Cryptography Extension
  • A separate instance of Oracle WebLogic Server 12c (12.1.3 and 12.2) 
  • Access to an instance of Oracle EBS Release 11i (11.5.10) or Release 12 (12.1.3, 12.2.4, or greater).
  • Access to an instance of Oracle EBS Asserter Release 20.1.3 onwards. 
  • The feature for EBS Asserter must be enabled.
  • Download and extract the EBS Asserter zip file
Implementation - High Level Steps

  • Enable EBS Asserter Flag
  • Download Oracle JRE/JDK version 8 and install
  • Download Java Cryptography Extension and extract 
  • Download EBS Asserter and extract
  • Download Oracle WebLogic Server 12c and install it.
  • Create Managed Server called EBSAsserter_server
  • Register E-Business Suite Asserter with Oracle E-Business Suite
  • Register the E-Business Suite Asserter in Oracle Identity Cloud Service
  • Update the Configuration File
  • Deploy the E-Business Suite Asserter
  • Update Oracle E-Business Suite Profiles
  • Test Single Sign-On with Oracle E-Business Suite

Implementation - Detailed Steps

Enable EBS Asserter Flag

Open an SR with Oracle to enable EBS Asserter Flag from Oracle side for the Tenant.

Infrastructure setup

Download Oracle JRE/JDK version 8.

Downloaded JDK 8u261 from 

https://www.oracle.com/java/technologies/javase/javase-jdk8-downloads.html

[ebsa@lnxxpebsa ~]$ cd /u01/Softwares 
[ebsa@lnxxpebsa Softwares]$ ls -ltr jdk-8u261-linux-x64.tar
-rwxrwxrwx. 1 ebsa ebsa 353228800 Aug 29 10:47 jdk-8u261-linux-x64.tar
[ebsa@lnxxpebsa Softwares] tar -xvf jdk-8u261-linux-x64.tar
[ebsa@lnxxpebsa Softwares]$ ls -ld jdk1.8.0_261
drwxr-xr-x. 8 ebsa ebsa 4096 Jun 18  2020 jdk1.8.0_261
[ebsa@lnxxpebsa Softwares]$ cd jdk1.8.0_261/bin
[ebsa@lnxxpebsa bin]$ ./java -version
java version "1.8.0_261"
Java(TM) SE Runtime Environment (build 1.8.0_261-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.261-b12, mixed mode)
[ebsa@lnxxpebsa bin]$

Download Java Cryptography Extension


[ebsa@lnxxpebsa Softwares]$ ls -ltr jce_policy-8.zip 
-rwxrwxrwx. 1 1000 1001 12417 Aug 29 10:56 jce_policy-8.zip
[ebsa@lnxxpebsa Softwares]$
unzip and place extracted files in /u01/Softwares/jdk1.8.0_261/jre

Download EBS Asserter – Request Client to download and provide.

  •  Access the Identity Cloud Service console, expand the Navigation Drawer  , click Settings, and then click Downloads. On the Downloads page, click Download to download the Identity Cloud Service E-Business Suite Asserter, and then save the zip file to any folder on your desktop.
  • Extract the content of the EBS Asserter zip file on your desktop, and then find the location of the ebs.war and idcs-wallet-<version>.jar files.
  • Copy the ebs.war and idcs-wallet-<version>.jar files to a working folder into the EBS Asserter's WebLogic Server machine. For example, /opt/ebssdk (create this folder if it does not exist).
Downloaded EBSAsserter version 20.1.3
[ebsa@lnxxpebsa Softwares]$ ls -ltr ebsassert-20.1.3-0.2009162026.zip
-rw-r--r--. 1 root root 11262438 Oct 21 08:15 ebsassert-20.1.3-0.2009162026.zip
[ebsa@lnxxpebsa Softwares]$ unzip ebsassert-20.1.3-0.2009162026.zip
[ebsa@lnxxpebsa Softwares]$ ls -ld build Readme FileInfo.json
drwxr-xr-x. 3 ebsa ebsa 4096 Sep 17 05:45 build
-rw-r--r--. 1 ebsa ebsa  392 Sep 17 05:44 FileInfo.json
-rw-r--r--. 1 ebsa ebsa  470 Sep 17 04:06 Readme
[ebsa@lnxxpebsa Softwares]$

Download Oracle WebLogic Server 12c
 
Downloaded Oracle WebLogic Server 12.2.1.4 from

[ebsa@lnxxpebsa ~]$ cd /u01/Softwares 
[ebsa@lnxxpebsa Softwares]$ ls -ltr fmw_12.2.1.4.0_wls_lite_Disk1_1of1.zip
-rwxrwxrwx. 1 1000 1001 607157854 Aug 29 10:47 fmw_12.2.1.4.0_wls_lite_Disk1_1of1.zip
[ebsa@lnxxpebsa Softwares]$ unzip fmw_12.2.1.4.0_wls_lite_Disk1_1of1.zip
[ebsa@lnxxpebsa Softwares]$ ls -ltr fmw_12.2.1.4.0_wls_lite_generic.jar
-rw-r--r--. 1 ebsa ebsa 607441954 Jul 21 19:09 fmw_12.2.1.4.0_wls_lite_generic.jar
[ebsa@lnxxpebsa Softwares]$

Install separate Oracle WebLogic Server 12c


Provide the location of Inventory and press OK


Click Next

    
                                        Select Skip Auto Updates and click next


Provide Weblogic Home and click next


Select Installation Type as “WebLogic Server” and click Next


Click next to continue


Click Install and that will complete Installation

Installation is complete


WebLogic Server SSL Configuration

Start the WebLogic Server
cd /u01/Oracle/Middleware/Oracle_Home/user_projects/domains/base_domain/bin
./startWebLogic.sh
Change the protocol from http to https and bounce the Server.
Environment -> Servers -> Admin Sever -> Enable Check box on SSL Listen Port Enabled 
Port: 7002



Create Managed Server EBSAsserter_server

Login to WLS console https://lnxxpebsa.linux.com:7002/console

Environment -> Servers -> New -> Create a New Server 
Name: EBSAsserter_server
Enable Check box SSL Listen Port Enabled
Port: 7003
Click Save


1. Create Users and Update the Administrator's Email in Oracle E-Business Suite
  •  We are not creating new user in E-Business Suite, we are using existing user ASADMIN.
  •  Make sure User has Roles UMX|APPS_SCHEMA_CONNECT.
  •  User is active and reset password.
  •  Test the user by logging into EBS
2. Register E-Business Suite Asserter with Oracle E-Business Suite

Login to EBS application tier

cd /home/apps
mkdir ebssdk
cd ebssdk
-bash-4.2$ java oracle.apps.fnd.security.AdminDesktop apps/apps CREATE NODE_NAME=lnxpebsa.linux.com DBC=/test1/inst/apps/TEST1_testlinux/appl/fnd/12.0.0/secure/TEST1.dbc
Application node exists, using server ID of node.
Committing changes
CREATE executed successfully - TEST1_LNXPEBSA.dbc
-bash-4.2$ ls -ltr
total 12313
-rw-r--r-- 1 applmgr dba      470 Sep 17 04:06 Readme
-rw-r--r-- 1 applmgr dba      392 Sep 17 05:44 FileInfo.json
drwxr-xr-x 3 applmgr dba        1 Sep 17 05:45 build
-rw-r--r-- 1 applmgr dba 11262438 Oct 24 19:32 ebsassert-20.1.3-0.2009162026.zip
-rw-r--r-- 1 applmgr dba      420 Oct 24 19:36 TEST1_LNXPEBSA.dbc

3.Register the E-Business Suite Asserter in Oracle Identity Cloud Service

This step is done by Client or who has access to Oracle IDCS Services access. 

Create a confidential application in Oracle Identity Cloud Service to represent the E-Business Suite Asserter.

  1. Sign into Oracle Identity Cloud Service console.
  2. In the Oracle Identity Cloud Service console, expand the Navigation Drawer  , and then click Applications.
  3. In the Applications page, click Add.
  4. In the Add Application dialog box, click Confidential Application.
  5. Enter the following information in the Details pane, and then click Next.

    •    Name: EBS Asserter
    •    Description: EBS Asserter Application
    •    Application URL: https://testlinux.linux.com:7003/ebs
    •     Display in My Apps: Select this check box.

     6. In the Client pane, select Configure this application as a client now, and then enter the following information:

    • Allowed Grant Types: Select Client Credentials and Authorization Code.
    • Redirect URL: https://lnxpebspa.linux.com:7003/ebs/response
    • Logout URL: https://lnxpebspa.linux.com:7003/ebs/logout
    • Post Logout Redirect URL: https://lnxpebspa.linux.com:7003/ebs

  1. In the Client pane, scroll down, click the Add button below Grant the client access to Identity Cloud Service Admin APIs.
  2. In the Add App Role dialog window, select Authenticator Client and Me in the list, and then click Add.
  3. Click Next in the Client pane and in the following panes until you reach the last pane. Then click Finish.
  4. In the Application Added dialog box, make note of the Client ID and Client Secret values, 

    • ClientID value:  
    • ClientSecret value: 

Click Activate to activate the application. 

In the Activate Application? dialog box, click Activate Application.
The success message The EBS Asserter application has been activated. appears.

4.Create a WebLogic Wallet

cd /u01/Softwares/build/libs
cp idcs-wallet-20.1.3-0.2009162026.jar /u01/ebssdk/
/u01/Softwares/jdk1.8.0_261/bin/java -jar idcs-wallet-20.1.3-0.2009162026.jar
[apebsa@lnxpebspa libs]$ /u01/Softwares/jdk1.8.0_261/bin/java -jar idcs-wallet-20.1.3-0.2009162026.jar
Enter Wallet Path: 
/u01/Oracle/wallet
Enter Client ID: 
***************
Enter Client Secret: 
***************
Enter IDCS base URL: 
https://idcs-5434044210df33a557f2fd11d583.identity.oraclecloud.com
values saved successfully in wallet.
[apebsa@flnxpebspa libs]$

5.Update the Configuration File

cd /u01/Softwares/build/libs

unzip ebs.war
cd /u01/Softwares/build/libs/WEB-INF
cp bridge.properties /u01/ebssdk/
cat bridge.properties
=
= Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
= SSO Bridge for E-Business Suite
====================================================
= Properties File
app.url=https://lnxpebspa.linux.com:7003/ebs
app.serverid=7992200BD0E0530F01580A34873255057544824080340280480238
ebs.url.homepage=https://testlinux.linux.com:4444/OA_HTML/OA.jsp?OAFunc=OANEWHOMEPAGE
ebs.ds.name=testDS
ebs.user.identifier=sysadmin
idcs.iss.url=https://identity.oraclecloud.com/
idcs.aud.url=https://idcs-5434044210df33a557f2fd11d583.identity.oraclecloud.com/
wallet.path=/u01/Oracle/wallet
whitelist.urls=https://testlinux.linux.com:4444/OA_HTML/RF.jsp,https://testlinux.linux.com:4444/OA_HTML/OA.jsp,https://testlinux.linux.com:4444/OA_HTML/BneApplicationService,https://testlinux.linux.com:4444/OA_HTML/jsp/fnd/close.jsp
ebs.renew.session=true
post.logout.url=https://testlinux.linux.com:4444/OA_HTML/OA.jsp?OAFunc=OANEWHOMEPAGE
proxy.mode=false
proxy.home.url=https://testlinux.linux.com:4444/OA_HTML/RF.jsp?function_id=1031198&resp_id=-1&resp_appl_id=0&security_group_id=0&lang_code=US

===================================================

Rebuild ebs.war file again.

cd /u01/Softwares/build/libs/WEB-INF
mv bridge.properties bridge.properties.orig
cp /u01/ebssdk/bridge.properties .
cd /u01/Softwares/build/libs
mv ebs.war ebs.war.orig
/u01/Softwares/jdk1.8.0_261/bin/jar -cvf ebs.war META-INF WEB-INF

Configure Hostname Verification in WebLogic Console

You can configure the hostname verification in Oracle WebLogic Server Administration Console.
Start the Oracle WebLogic Server Administration Console by https://lnxpebspa.linux.com:7002/console
Log in to WebLogic console as an administrator.
In the left panel, click Lock & Edit, expand Environment, select Servers.
Click the name of the target server where you want to deploy the EBS Asserter. In this example, EBSAsserterServer.
Click the SSL tab. Scroll down and expand the Advanced section.
Update the Hostname Verification parameter with the value None, and then click Save.
Click Activate Changes.
Restart the servers.

Configure Keystores in WebLogic Console

If you are using Custom Trust Store in WebLogic for asserter deployment, instead of using Custom Identity and Custom Trust Store with WebLogic server, use Custom Identity and Java Trust Store. With this configuration, you do not need to import Oracle Identity Cloud Service certificate.
Start the Oracle WebLogic Server Administration Console by entering https://lnxpebspa.linux.com:7002/console 
Log in to WebLogic console as an administrator.
In the left panel, click Lock & Edit, expand Environment, select Servers.
Click the name of the target server where you want to configure the keystore.
Click Keystores under the Configuration tab.
In the left panel, click Lock & Edit to make the changes.
Select Custom Identity and Java Trust Store.
Click Save and Activate Changes.
Restart the WebLogic server.

6.(Optional) Oracle Identity Cloud Service Certificate Update Notice

7.Deploy the E-Business Suite Asserter

Define the data source.
  • Log in as an administrator to the WebLogic console, in this example https://lnxpebspa.linux.com:7002/console 
  • Expand Services and select Data Sources.
  • Click New and select Generic Data Source
  • Enter the values as appropriated, and then click Next:
      • Name: testDS
      • JNDI Name: testDS
      • Database Type: Oracle
    • The value of the Name parameter must match the ebs.ds.name parameter in the EBS Asserter's configuration file.
  • Select the following database driver, and then click Next:
      • Database Driver: *Oracle's Driver (Thin) for Instance connections; Versions:Any.
    • Note: If you are using an XA data source, select *Oracle's Driver (Thin XA) for Instance connections; Versions:any as Database Driver.
  • For a non-XA data source, uncheck the Supports Global Transactions check box. For an XA data source, leave the check box checked. Click Next.
  • Enter the following EBS database connection parameters, and then click Next:
      • Database Name: TEST1
      • Host Name: testlinux.linux.com
      • Port: 1521
      • Database Username: asadmin
      • Password: ****
  • In the Driver Class Name : oracle.apps.fnd.ext.jdbc.datasource.AppsDataSource
  • In the Properties text box, keep the current value for user, add a new line, and enter the path to the dbc file as per the example below:
  • Properties:
      • dbcFile=/test1/inst/apps/TEST1_testlinux/appl/fnd/12.0.0/secure/TEST1.dbc
      • user=asadmin  
  • Click Test Configuration.
  • If successful, click Next. If an error appears, contact your administrator.
  • Note: Make sure your network does not block communication between the EBS Asserter's WebLogic server machine and the Oracle E-Business Suite Database through port number 1521.
  • Under Select Targets, select the target server. In this example, EBSAsserter_server.
  • Click Finish, and then click Activate Changes

General Section


Connection Pool section


Targets Section

Deploy EBS Asserter on WebLogic Server


  • Deploy EBS Asserter on WebLogic Server
  • Copy the EBS Asserter war file (ebs.war) to the working folder in the WebLogic Server /opt/ebssdk.
      • cd /01/Softwares/build/libs
      • cp ebs.war /u01/ebssdk
  • Log in as an administrator to the WebLogic console, https://lnxpebspa.linux.com:7002/console 
  • In the left panel, click Lock & Edit.
  • Click Deployments and then click Install.
  • Enter the path for the EBS Asserter war file as /opt/ebssdk
  • Select the ebs.war file and click Next to continue.
  • Select Install this deployment as an application, and then click Next.
  • Select the target server. In this example, EBSAsserter_server. Then click Next.
  • Accept the default values and click Finish.
  • Click Activate Changes.

8.Update Oracle E-Business Suite Profiles

 Functional Administrator -> Core Services -> Profiles > Code

APPS_AUTH_AGENT (Application Authenticate Agent) -https://lnxpebspa.linux.com:7003/ebs
APPS_SSO (Applications SSO Type) - SSWA w/SSO
Note: If the update button is disabled, Click on Profile option name -> Set User Access Level -> Updatable check box and click on Update

9.Test Single Sign-On with Oracle E-Business Suite

https://lnxpebspa.linux.com:7003/ebs
You should get IDCS login page.
https://testlinux.linux.com:4444/OA_HTML/AppsLogin
You should get IDCS login page. Make sure SSO re-direction works.
https://lnxpebspa.linux.com:7003/ebs/validate
You should get Success message.
https://lnxpebspa.linux.com:7003/ebs/ebs/about
You should get EBSAsserter Information.




Friday, November 06, 2020

Cloud Certifications for DBAs

Oracle Cloud Certifications


            Exam Code: 1Z0-1072-20

            Exam Code: 1Z0-997-20

            Exam Code: 1Z0-931-20

            Exam Code: 1Z0-998-20


AWS Cloud Certifications


            Exam Code: SAA-C02

            Exam Code: SAP-C01
 

Microsoft Azure Certifications


            Exam Code: AZ-104

            Exam Code: AZ-303

            Exam Code: AZ-304

Saturday, November 16, 2019

Integrate Oracle ADF with Oracle E-Business Sutie 12.2 ASCP Instance

Integrate Oracle ADF with Oracle E-Business Suite 12.2 ASCP Instance for SPWA - Supply Planning Work Area


What is Oracle ADF?


Oracle Application Development Framework (Oracle ADF) is an end-to-end application framework that builds on Java EE standards and open-source technologies to simplify and accelerate implementing enterprise applications. Oracle ADF is suitable for enterprise developers who want to create applications that search, display, create, modify, and validate data using web, mobile, and desktop interfaces.
You can use the whole Oracle ADF framework to create an application, or you can use parts of the framework in combination with other technologies. Throughout this guide, applications that contain any ADF technologies are generally referred to as ADF applications. Web applications that incorporate ADF technologies throughout the business service, model, controller, and view layers are referred to as Fusion web applications.

What is SPWA - Supply Planning Work Area?

12.2.5 VCP introduces a new form for users that is an alternative to the planner workbench.
The standard Planner Workbench is still available and will not be removed from the applications.

This form uses the same ADF (Application Development Framework) tech stack that powers Rapid Planning and Fusion applications - part of the FMW tech stack - (Fusion Middle Ware)
This does not use standard Oracle Forms tech stack that has been the standard for the last 15+ years.

It depends on your Weblogic tech stack and ADF rendering of the forms.

There are some important functional differences between the Planner Workbench and the Supply Planning Work Area
There are also setup considerations for your Sysadmin to consider during setup.
And there are different debugging steps required for issues that you may encounter in the Work Area
How do you Integrate Oracle ADF with Oracle E-Business Suite 12.2 ASCP Instance for SPWA - Supply Planning Work Area

From EBS 12.2.5 On wards Supply Planning Work Area is introduced which replaced ASCP Planner Workbench in earlier EBS releases
Meaning How do you launch Oracle ADF page from Oracle E-Business Suite 12.2
High Level  Steps
1. Download and Install New/Separate Weblogic Server Version 10.3.6
2. Download and Install ADF Runtime 11.1.1.9.0
3. Configure Weblogic Server Domain
4. Create new Managed Server in Weblogic for this ADF
5. Create JDBC Data Source
6. Setting up MDS Reporsitory
7. Start Admin and Managed Server
8. Deploy the Planning UI Application
9. Set the MSC Profile in EBS
10. Test the ADF page from EBS Responsibility

In detail..

1. Download and Install New/Separate Weblogic Server Version 10.3.6

Download Software from below URL

https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html


- Stage this in file system
- Make sure you have JDK 1.6 above
- Set the JDK Home (export JDK_HOME=/u01/utilities/jdk160_29)
- If the installation file type in jar then run the below command

$(JAVA_HOME)/bin/java –jar wls1036_generic.jar
-If the instillation file type is bin then run the below command

./wls1036_linux32.bin

The Welcome screen will be displayed. Click on Next to continue




In the Next screen, Select the Middleware Home Directory and click on Next to continue .





In the Register for Security Updates page, give your email address if you want to get security updates. Otherwise  do not select the check box and Click on continue .




If you have not selected the check box , in the next page click Yes to continue,




In the next screen, Select the check box to continue .




In the Installation Type page, select Typical and click on Next to continue




In the next page, select the JDK installed on the server.



In the Next screen , select the directories for Product installation.  Click on Next to continue




In the Installation Summary page , click on Next to continue




The Weblogic 10.3.6 Installation will start and you can see the progress in the next screen . Click on next once 100% is completed .



The Weblogic 10.3.6 installation is completed .

2. Download and Install ADF Runtime 11.1.1.9.0

Download Software from below URL

https://www.oracle.com/tools/downloads/application-development-framework-downloads.html



- Stage this software in the file system in the unix server
- cd /stage/adf_11.1.1.9.0
./runInstaller -jreLoc /u01/utilities/jdk160_29

The Welcome screen will be displayed. Click on Next to continue



Select Skip Software Updates. Click on Next to continue



Click on Next to continue



Input Middleware Home path where you installed Weblogic Software in the First step



Click on Next to continue



Click on Install to continue




Click on Next to Finish the Installation


ADF Runtime 11.1.1.9.0 installation is complete

3. Configure Weblogic Server Domain

- Goto Newly instllaed Weblogic Home/common/bin
cd /u01/app/oracle/product/fmw_oam2/wlserver_10.3/common/bin
./config.sh

The Welcome Wizard screen will be displayed. 
Select Create a new Weblogic domain



The Select Domain screen will be displayed. 
Select first option Generate domain 
Select both Oracle Enterprise Manager and Oracle JRF


The Specify Domain screen will be displayed. 
Give Domain Name as ascp_domain



The Configure Administrator screen will be displayed. 
Give Weblogic password - welcome123



The Configure Server Start Mode screen will be displayed. 
Select Production Mode



The Optional Configuration screen will be displayed.
Select Administration Server



The Configure the Administration server screen will be displayed.
Change the Listener port to other port if this WLS is installed on Same EBS Apps Tier
Change to 7051 and uncheck SSL if not SSL Enabled



The Configuration Summary screen will be displayed.
Click on Create button



The Creating Domain screen will be displayed.
Click on Done completes Domain Screen



Domain creation is  complete

4. Create New Managed Server in Weblogic for this ADF

We are creating Managed Server 

- Open Weblogic Console with port 7051 given while Configuring Admin server
-  http://webtest.linux.local:7051/console
- Login with weblogic username and password

The Administration Console screen will be displayed.
Click on Servers -> Create New



Open Weblogic EM Console with port 7051 given while Configuring Admin server
-  http://webtest.linux.local:7051/em
- Login with weblogic username and password

The EM Fusion Middleware Console Control screen will be displayed.
Click on Weblogic Domain -> ASCPManagedServer
Click  on Apply JRF Template




JRF Template Confirmation




5. Create JDBC Data Source

Open Weblogic Console with port 7051 given while Configuring Admin server
-  http://webtest.linux.local:7051/console
- Login with weblogic username and password

The Administration Console screen will be displayed
Click on ascp_domain->Services->Data Sources -> New -> Generic Data Sources



Click Next and select Database Driver type



Click Next and select Default options



Click Next and provide DB Name,Apps Username and password



Click Next and finish




Change the value to 150 in Application DB Configuration tab Maximum Capacity

Services -> Data Sources -> Application DB -> Connection Pool Tab

Maximum Capacity = 150



6. Setting up MDS Repository

Create MDS Directory at OS level in ASCP Managed Server Location 

cd /u01/app/oracle/product/fmw_oam2/user_projects/domains/ascp_domain/servers/ASCPManagedServer

mkdir mds

Creating a Fille Persistence Store in Weblogic Console


Open Weblogic Console with port 7051 
-  http://webtest.linux.local:7051/console
- Login with weblogic username and password

The Administration Console screen will be displayed

Click on ascp_domain->Services->Persistent Stores -> New -> CreateFileStore




Create a New File Store screen will come

Enter mds-ascp-repos in the Name field.

Select ASCPManagedServer from the Target list.



Enter /u01/app/oracle/product/fmw_oam2/user_projects/domains/ascp_domain/servers/ASCPManagedServer/mds in the Directory path field.



Click Ok

In case you don't see directory structure, Bounce ASCPManagedServer Once

7. Start Admin and Managed Server

You can use standard commands to start these servers


8. Deploying the Planning UI Application

1)    Copying and extracting the ZIP files.



mkdir /u01/app/oracle/product/fmw_oam2/user_projects/domains/ascp_domain/applications



cp $MSC_TOP/patch/115/ear/PlanningUIEar.zip /u01/app/oracle/product/fmw_oam2/user_projects/domains/ascp_domain/applications/.





2)    Deploying the Planning Application.
    
cd /u01/app/oracle/product/fmw_oam2/user_projects/domains/ascp_domain/applications/
unzip PlanningUIEar.zip

mkdir /u01/app/oracle/product/fmw_oam2/user_projects/domains/ascp_domain/servers/ASCPManagedServer/stage/PlanningUI

cp applications/PlanningUI.ear /u01/app/oracle/product/fmw_oam2/user_projects/domains/ascp_domain/servers/ASCPManagedServer/stage/PlanningUI/.

3) In order to deploy the Planning Application



 open the WebLogic UI for ASCP Domain according to the procedure mentioned in Starting the Admin Server and Managed Server.



  Select Deployments in the Domain Structure region.



  The Summary of Deployments - Control tab appears.



  Select Install to install the new Planning Application.


  The Install Application Assistant - Locate deployment to install and prepare for deployment page appears

Open Weblogic Console with port 7051 

-  http://webtest.linux.local:7051/console
- Login with weblogic username and password

The Administration Console screen will be displayed

Click on ascp_domain->Deployments -> Install -> Provide Path


Click Next -> Select ASCPManagedServer - Click Finish


When the deployment is complete, the PlanningUI deployemnt is visible

Select Deployments from the Domain Structure region, locate PlanningUI in Deployments table. PlanningUI deployment should be in ""Active"" state."


9. Set the MSC Profile in EBS

This is only needed for ASCP Work Bench which is ADF Page for EBS ASCP Instance

Profile Name: MSC: ASCP Planning URL
Value: http://webtest.linux.local:7151

10. Test the ADF Page from EBS Responsibility

Reference:

12.2.5 - SPWA - Supply Planning Work Area - An Alternative To The ASCP Planner Workbench (Doc ID 2049195.1)


https://support.oracle.com/epmos/main/downloadattachmentprocessor?attachid=964316.1%3AE48790_03&action=inline


Oracle EBS integration with Oracle IDCS for SSO

Oracle EBS integration with Oracle IDCS for SSO Oracle EBS SSO? Why is it so important? Oracle E-Business Suite is a widely used application...