Wednesday, February 22, 2012

Experiences of Oracle Entitlement Server 11g Java SM

Since 2 months I have had the opportunity to work on Oracle Entitlement Server 11g on various requirements and would like to put my experiences here.

Java SM: The Java SM instance creation is very simple using a command line script with few input parameters. All this SM requires is the jps-config.xml present in $JAVA_SM/config location. The contents of this XML would be identity store, policy store, credentials store and so on. I am not going into details of the backend stores specified in this XML. You can use Java SM to execute java code on a stand-alone mode. There is an application Server JBOSS which is supported (atleast the steps are known to the world - detailed in fusionsecurity.blogspot.com). However if you want to use Java SM in the famous Tomcat container, then it is not supported in this current release which I think is very big lag. In general there are two types of calls you can make out to OES 11g - Authorization Calls, Policy Management calls.

In our case, we have developed an enterprise application and deployed in Tomcat container. We have to make authorization calls from the application in a dynamic manner for protecting the fine grained elements. We have tried N no. of ways to achieve this but could not make it work. However we are able to make policy management calls to OES Server just using jps-config.xml file. Policy Management calls include creating applications, resources, policies etc.,


2 comments:

  1. Hi Mahendra,

    Thanks for this information.

    Could you please elaborate on the issues you had encountered during setting up Java SM on Tomcat? It would be really helpful.

    ReplyDelete
    Replies
    1. Hi Moin,

      First of all, Java SM is not supported in Tomcat container. So there are steps documented anywhere to run Java application deployed in Tomcat server.

      However if you run sample java application in Tomcat server which is bound to Java SM, then you will receive cache related exceptions but those are not specified in jps-config.xml.

      So all you can do is to experiment updating the jps-config.xml and java code to set jps-config.xml in system property

      Delete