E Oracle Web Services Manager Introspection Plug-in for Oracle Virtual Assembly Builder
It includes the following topics:
E.1 About the OWSM Introspection Plug-in for Oracle Virtual Assembly Builder
Oracle Virtual Assembly Builder is a tool for virtualizing installed Oracle components, modifying those components, and then deploying them into an Oracle VM environment.
Using Oracle Virtual Assembly Builder, you can capture the configuration of existing software components in artifacts called software appliances. Appliances can then be grouped, and their relationships defined into artifacts called software assemblies, which provide a blueprint describing a complete multi-tier application topology.
The OWSM introspection extension for Oracle Virtual Assembly Builder extends the functionality of the Oracle WebLogic Server Introspector, as described in "Using the Plug-in for Oracle Virtual Assembly Builder" in Administering Server Environments for Oracle WebLogic Server. The plug-in examines the configuration of OWSM-specific artifacts configured as part of a WebLogic domain.
The OWSM introspection plug-in extension works with Oracle WebLogic Server 14c version 14.1.2.0.
E.2 Understanding the OWSM Introspection Plug-in
Learn how to use the OWSM introspection plug-in.
It includes the following topics:
E.2.1 OWSM Introspection Plug-in Parameter
Oracle Virtual Assembly Builder uses the OWSM introspection plug-in parameter to check for updates before introspection.
Table E-1 lists the OWSM introspection plug-in parameter. For more information about the parameters required by WebLogic Server, see "Introspection Plug-in Parameters" in Administering Server Environments for Oracle WebLogic Server.
Table E-1 OWSM Introspection Plug-in Parameter
Parameter | Description |
---|---|
|
Location of the Oracle Common Home directory. This parameter is optional. If specified, Oracle Virtual Assembly Builder checks for updates to the OWSM plug-in before introspection. If not specified, the Oracle Virtual Assembly Builder does not check for updates before introspection. |
E.2.2 OWSM Introspection Plug-in Reference System Prerequisites
There are no additional prerequisites beyond those defined by Oracle WebLogic Server.
For the prerequisites required by Oracle WebLogic Server, see "Reference System Prerequisites" in Administering Server Environments for Oracle WebLogic Server.
E.2.3 OWSM Introspection Plug-in Usage Requirements
There are no additional usage requirements for OWSM beyond those defined by Oracle WebLogic Server.
For the Oracle WebLogic Server requirements, see "Plug-in Usage Requirements" in Administering Server Environments for Oracle WebLogic Server. Table E-2 lists and describes the supported topologies for using the OWSM introspection plug-in.
Note:
Required security artifacts with valid data, including keystores and credential stores, must be present or manually created as a post-rehydration step.
Table E-2 OWSM Introspection Plug-in Supported Topologies
Topology | Description |
---|---|
Single domain topology |
Introspection plug-in captures artifacts stored in document repository (MDS) and domain configuration directory ( |
Multiple domain topology |
Multiple domains can store data in the same policy repository (MDS). The OWSM Policy Manager application is installed on each domain and they share the same MDS. To support the multiple domain topology, MDS data for all domains is moved when any one of the domains is introspected and rehydrated. |
Heterogeneous service security topology |
OWSM Policy Manager application is used across heterogeneous domains. The OWSM Policy Manager application is deployed in the WebLogic Server domain and the other domains connect to it. When the domain where the OWSM Policy Manager application is installed is introspected, the artifacts stored in MDS for all domains and bootstrap configurations are captured. For other heterogeneous domains, you can manually update bootstrap configurations. |
E.2.4 OWSM Introspection Plug-in Resulting Artifact Type
The OWSM plug-in does not create any resulting artifact or assembly.
An assembly is created by the Oracle WebLogic Server plug-in and the OWSM plug-in only adds properties to the root assembly. For more information, see "Resulting Artifact Type" in Administering Server Environments for Oracle WebLogic Server.
E.2.5 OWSM Introspection Plug-in Wiring
No additional wiring is supported beyond that provided by the Oracle WebLogic Server plug-in.
For more information, see "Wiring" in Administering Server Environments for Oracle WebLogic Server.
E.2.6 OWSM Introspection Plug-in Wiring Properties
No additional wiring properties are supported beyond those provided by the Oracle WebLogic Server plug-in.
E.2.7 OWSM Introspection Plug-in Appliance Properties
Know more about the system and user properties for the OWSM appliance.
The following tables describe the properties for the OWSM appliance.
Note:
If a user property is not modified for the introspected domain, it will not be added to the assembly.
Table E-3 describes OWSM system properties.
Note:
System properties are not editable.
Table E-3 OWSM System Properties
Name | Type | Req'd | Default | Description |
---|---|---|---|---|
|
String |
false |
none |
Oracle Common Home location at time of reconfiguration. |
Table E-4 describes OWSM user properties for the sts-trust-config
policy assertions, including:
Table E-4 OWSM Appliance User Properties - STS Trust
Name | Type | Req'd | Default | Display Name in Assembly Builder | Description |
---|---|---|---|---|---|
|
String |
false |
none |
policyname.port-uri |
Service port URL. |
|
String |
false |
none |
policyname.wsdl-uri |
Service WSDL URL. |
Table E-5 describes OWSM user properties for the kerberos-security
, wss11-kerberos-over-ssl-security
, or spnego-http-security
policy assertions, including:
Table E-5 OWSM User Properties - Kerberos and SPNEGO
Name | Type | Req'd | Default | Display Name in Assembly Builder | Description |
---|---|---|---|---|---|
|
String |
false |
none |
policyname.caller.principal.name |
See "caller.principal.name". |
|
String |
false |
none |
policyname.keytab.location |
See "keytab.location". |
|
String |
false |
none |
policyname.service.principal.name |
See "service.principal.name". |
Table E-6 describes OWSM appliance user properties for the wss11-sts-issued-token-with-certificates
policy assertions, including:
Table E-6 OWSM User Properties - wss11-sts-issued-token-with-certificates
Name | Type | Req'd | Default | Display Name in Assembly Builder | Description |
---|---|---|---|---|---|
|
String |
false |
none |
policyname.sts.auth.caller.principal.name |
|
|
String |
false |
none |
policyname.sts.auth.keytab.location |
See "sts.auth.keytab.location". |
|
String |
false |
none |
policyname.sts.auth.service.principal.name |
In OWSM, you can create configuration documents for a domain to override the configuration for that domain. These documents contain properties which might change on the target environment. For more information, see "Managing Oracle Web Services Manager Domain Configuration".
If you specified bootstrap properties during installation of OWSM, an OWSM agent instance uses the bootstrap connection information (in the wsm-config.xml
file in the fmwconfig
directory) to connect to the OWSM Policy Manager. For more information, see "Managing Oracle Web Services Manager Domain Configuration".
Table E-7 describes OWSM user properties for configuration bootstrapping.
Table E-7 OWSM Appliance User Properties - Configuration Bootstrapping
Name | Type | Req'd | Default | Display Name in Assembly Builder | Description |
---|---|---|---|---|---|
|
String |
false |
none |
bootstrap.ssl.keystore |
Configuration Manager keystore location. For more information, see "Managing Oracle Web Services Manager Domain Configuration". |
|
String |
false |
none |
bootstrap.pm.url |
Configuration Manager PM URL, in the form |
|
String |
false |
none |
booostrap.ssl.truststore |
Configuration Manager trust store location. For more information, see "Managing Oracle Web Services Manager Domain Configuration". |