1. Application Installation Guide
  2. Configure JMS Queue
  3. Create Credentials and System Policies

8.5 Create Credentials and System Policies

In order Configure MDB flow, you need to create credentials and system policies. The credentials are accessed through CSF framework which is managed by Oracle Weblogic Server. The keys are managed by Maps and Maps need to be given with Permissions.

Parent topic: Configure JMS Queue

8.5.1 Create Credentials and System Policies

Follow the below steps to create credentials and system policies.
  1. Login to Oracle Enterprise Manager (http://hostname:port/em).
  2. On the left panel, right click on OFSLLREL_domain and select Security > System Policies > Credentials.
    The following window is displayed.

    Figure 8-88 Credentials page


    Description of Figure 8-88 follows
    Description of "Figure 8-88 Credentials page"

  3. Click Create Map.
    The following window is displayed.

    Figure 8-89 Create Map


    Description of Figure 8-89 follows
    Description of "Figure 8-89 Create Map"

  4. Enter Map Name as ofsll.int.bureau and click OK.
  5. Click Create Key.
    The following window is displayed.

    Figure 8-90 Create Key


    Description of Figure 8-90 follows
    Description of "Figure 8-90 Create Key"

  6. Specify the following details:
    • Select Map as ofsll.int.bureau from the drop down list.
    • Specify Key as jdbc_ds_key
    • Select Type as Generic from the drop down list.
    • Specify the Credential as jdbc/QueueAppDS
  7. Click OK.
  8. Similarly you need to create the following Maps and corresponding keys as indicated in following table.

    Table 8-1 Maps and corresponding keys

    Maps Keys Description
    ofsll.int.bureau   This map is used to setup keys for all credit bureau interfaces
      ProxyServer Name of the proxyServer to be configured
      ProxyPort Port to which ProxyServer is running.
      ExpEcalsURL The Experian Connection URL to be configured.
      ExpDirectExperianEnabled If you set value as true, then you would be setting ecals response URL. Else, the Ecals request URL
      ExpCertPath The location of .jks file which contains the valid certificate for Experian Credit Bureau.
      ExpBusUserNamePassword Login Credentials to be configured for Experian Business reports.
      ExpConUserNamePassword Login Credentials to be configured for Experian Consumer reports.
      EfxURL The Equifax Connection URL to be configured.
      EfxCertPath The location of .jks file which contains the valid certificate for Equifax Credit Bureau.
      EfxUserNamePassword Login credentials to be configured for accessing Equifax Reports.
      TucCertPath The location of .jks file which contains valid certificate for Transunion Bureau .
      TucCertPassword The password that requires to read the valid .jkscertificate for the Transunion Bureau.
      TucUserNamePassword Login credentials to be configured for accessing Transunion reports
      TucConnectionURL The Transunion URL to be configured.
      jdbc_ds_key Datasource configured to retrieve data for bureau.
      source Configured as EXTERNAL for actual call.
    ofsll.int.outbound   This map is used to setup keys for the RouteOne and Dealer track call back from OFSLL.
      roUserNamePassword Login Credentials used at the time of call back from OFSLL to RouteOne Interface.
      dtUsernamePassword Login Credentials used at the time of Call back from OFSLL to Dealer Track Interface.
      jdbc_ds_key Datasource configured to retrieve data for outbound Resources.
      roPostDealerUsernamePasswd Credentials required to upload the dealer details to Route One Portal
      roPostDealerWbsURL Route One Post Dealer Web Service url
      roDealerUploadURL Route One URL to upload the Dealer details
      dtPostDealerUsernamePasswd Credentials required to upload the dealer details to Dealer Track Portal
      dtPostDealerWbsURL Dealer Track Post Dealer Web Service url
      dtDealerUploadURL Dealer Track URL to upload the Dealer details
      VertexUserNamePd Credentials required to connect to VERTEX web service
      VertexTrustedId ID required to connect to VERTEX web service
      TorqueItsUserNamePassword Credentials required to connect to TorqueIts web service
      TorqueItsURL TorqueIts Decision service URL
      ProxyHost Name of the proxyServer to be configured.
      ProxyPort Port to which ProxyServer is running.
    ofsll.int.bip   This Map is used to setup all the Keys required to setup interface with BIP to generate reports.
      local_top_dir Define the path of the local BIP server where you would like place the generated BIP reports.
      email_from_addr Define the From Email address to be used while sending email for the generated BIP reports.
      emailBodyContentPath

    The path for file.propertiesfile that contains the content of the subject and body required while sending letter, report or correspondence as mail to the applicant or producer.

    For example; /tmp/file.properties

    *Refer to note below for details on file.propertiesfile creation for email configuration.

      fax_server Configure the name of Fax server to be used to fax the generated BIP reports.
      jdbc_ds_key Datasource configured to retrieve data for BIP.
    ofsll.int.filetransfer   This map is used to setup keys for all credit bureau interfaces
      sftp_key Credentials to login to SFTP server(Username/Password)
      sftp_top_dir Top root directory for SFFTP server
      sftp_servers SFTP server names
    ofsll.int.security bip_key This is BIP login credentials
    ofsll.int.gri GriURL GRI web service URL to be configured.
      GriAPIKey GRI API key to be configured
      ProxySet

    System Level Proxy Enabled/Disabled. Value can be either true or false.

    True= proxy required

    False = proxy not required
      ProxyHost

    Name of the proxyServer to be configured.

    Set only if ProxySet =true.
      ProxyPort

    Port on which ProxyServer is running.

    Set only if ProxySet =true.
      jdbc_ds_key Datasource configured to retrieve the request XML for GRI.
      GriCertPath

    The location of .jks file which contains the valid certificate for GRI.

    Configure only when a valid certificate is available.
    ofsll.int.common   This map is used to setup keys for common JMS Queue
      OfsllJMSQueueJNDI The JMS queue JNDI name to be configured
      OfsllJMSQueueCF The JMS queue connection factory to be configured
      OfsllJMSServerURL

    The JMS server url to be configured.

    Ex: t3://<JMS server host>:<JMS server port>
      outbound_jms_queue_con_factory

    The JMS connection factory to be configured.

    jms/OfsllOutboundCF
      outbound_jms_queue

    The JMS queue to be configured.

    jms/OfsllOutboundQueue
      weblogic_cluster_ind This is to be configured based on the environment i.e. for weblogic cluster environment set it as Y. Else, set it to N.
      outbound_jms_queue_provider_url

    The JMS server url to be configured.

    Ex: For non clustered environment - t3://<JMS server host>:<JMS server port>

    Ex: For clustered environment - t3://<JMS server host>:<JMS server port>,<JMS server host>:<JMS server port>
    ofsll.int.webhook jdbc_ds_key Datasource configured to retrieve data for Webhook.

    * A new file(file.properties) needs to be created and copied to the application server in the same path as mentioned in the value corresponding to the key emailBodyContentPath under the map ofsll.int.bip. The file should have the following contents:

    • letter_subject='Text that is configurable and would be the subject of the mail'
    • letter_body='Text that is configurable and would be the body of the mail'
    • correspondence_subject='Text that is configurable and would be the subject of the mail'
    • correspondence_body='Text that is configurable and would be the body of the mail'
    • report_subject='Text that is configurable and would be the subject of the mail'
    • report_body='Text that is configurable and would be the body of the mail'
  9. On the left panel, right click on OFSLLREL_domain and select Security > System Policies.
    The following window is displayed.

    Figure 8-91 System Policies


    Description of Figure 8-91 follows
    Description of "Figure 8-91 System Policies"

  10. Click Create.
    The following window is displayed.

    Figure 8-92 Create System Grant


    Description of Figure 8-92 follows
    Description of "Figure 8-92 Create System Grant"

  11. Enter the codebase as file:${domain.home}/lib/OfsllCommonCSF.jar.
  12. Click Add.
    The following window is displayed.

    Figure 8-93 Add permission


    Description of Figure 8-93 follows
    Description of "Figure 8-93 Add permission"

  13. Select the check box Select here to enter details for a new permission.
  14. Specify the following details as the first permission class.

    Table 8-2 Permission Class

    Permission Class Resource Name Permission Actions
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.int.bureau,keyName=* read
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.int.filetransfer,keyName=* read
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.int.outbound,keyName=* read
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.int.bip,keyName=* read
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.int.gri,keyName=* read
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.int.common,keyName=* read
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.http.listener.jndi,keyName=* read
    oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=ofsll.int.webhook,keyName=* read, write, update
    oracle.security.jps.service.keystore.KeyStoreAccessPermission stripeName=OFSLL_STRIPE,keystoreName=OFSLL_KSS,alias=* read
  15. Click OK.

Parent topic: Create Credentials and System Policies