Configuring Pagelet Producer to consume portlets from WebLogic Portal

The Oracle WebCenter Portal Pagelet Producer (previously called Oracle WebCenter Emsemble) provides a collection of useful tools that facilitate dynamic pagelet development. Using the Pagelet Producer, you can expose WSRP and Oracle JPDK portlets as Pagelets for use in any web page or application.

The Pagelet Producer Console is a browser-based administration tool used to create and manage various objects in your Pagelet Producer. From console, you can register applications as resources, create pagelets, manage proxy, transformations, and more.

You can access the Pagelet Producer Console from:
http://<host>:<port>/pagelets/admin

Prerequisite

An WLP Project with Remote Portlet. Use the tutorial from Oracle to create: http://docs.oracle.com/cd/E35968_01/wlp.1035/e14235/chap_build_simple_remote.htm

Configuring compatibility between WLP and WebCenter

Ps.: The compatibility with WebCenter, was only introduced in WLP 10.3, so the settings explained here will only work on applications that run on this version of WLP.

Because of an incompatibility with the implementation of some WSRP operations (clonePortlet, destroyPortlets, importPortlets e exportPortlets) in WLP and WebCenter, autentication errors can occur. Although, WLP needs an user to execute these operations, the WebCenter not. Follow bellow to avoid these errors:

Access WLP Producer Server and create an user to work as substitute for WSRP operations listed above. The user must be in the “Portal System Administrators” group.

wc-wlp-user User

Go to Merged Projects View and copy WEB-INF/wsrp-producer-config.xml to project (Right-click on file and select “Copy to project”).

Merged Projects View

Open the added file and add a security tag:

<security anonymousCloneDestroyUser="wc-wlp-user"/>

wsrp-producer-config.xml

Save all and republish the project.

Configuring WebCenter (Consumer)

ps.: You can use JDeveloper’s default domain or WebCenter domain.

Generate key

Using the terminal, navigate to <WEBCENTER_HOME>/wlserver_10.3/server/bin and execute:

Linux: ./setWLSEnv.sh
Windows: setWLSEnv.cmd

To generate a new key, execute:

keytool -genkeypair -alias webcenter -keypass welcome1 -keyalg rsa -keysize 1024 -keystore webcenter.jks -storepass welcome1 -dname "CN=BR, OU=WEBCENTER"

Exporting the public key certification

Using the terminal, navigate to <WEBCENTER_HOME>/wlserver_10.3/server/bin and execute:

Linux: ./setWLSEnv.sh
Windows: setWLSEnv.cmd

To export the public key certification, execute:

keytool -exportcert -alias webcenter -keypass welcome1 -keystore webcenter.jks -storepass welcome1 -file webcenter.cer

Configuring WLP (Producer)

Importing the public key certification

Copy the certification to <WLP_HOME>/user_projects/domains/<WLP_DOMAIN>.

Using the terminal, navigate to <WLP_HOME>/wlserver_10.3/server/bin and execute:

Linux: ./setWLSEnv.sh
Windows: setWLSEnv.cmd

To import the public key certification, navigate to <WLP_HOME>/user_projects/domains/<WLP_DOMAIN> and execute:

keytool -importcert -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase -file wckey.cer -alias wckey -keypass wckeypass

For question “Trust this certificate? [no]:”, answer yes and press Enter.

Reboot the server.

Modifying WSDL templates

Go to Merged Projects View and copy wsrp-wsdl-template.wsdl and wsrp-wsdl-template-v2.wsdl to project (Right-click on file and select “Copy to project”).

wsrp-wsdl-template.wsdl

Open the added files and replace the element <wsp:Policy> by:

<wsp:Policy wsu:Id="ProducerDefaultPolicy"/>
<wsp:Policy wsu:Id="WebCenterPolicy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:SignedSupportingTokens>
<wsp:Policy>
<sp:SamlToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssSamlV11Token10/>
</wsp:Policy>
</sp:SamlToken>
</wsp:Policy>
</sp:SignedSupportingTokens>
<sp:Wss10>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
</wsp:Policy>

wrsp-wsdl-template.wsdl replaced

Save all.

Modifying the Web Services Policies

Go to Merged Projects View and copy WEB-INF/weblogic-webservices-policy.xml to project (Right-click on file and select “Copy to project”).

weblogic-webservices-policy.xml

Replace the entire content of the file by:

<?xml version='1.0' encoding='UTF-8'?>
<webservice-policy-ref xmlns="http://www.bea.com/ns/weblogic/90" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- Use WebLogic Server Admin Console to add new policies -->
<ref-name>WebCenter Policies for the WSRP Producer</ref-name>
<port-policy>
<port-name>WSRP_v2_Markup_Service</port-name>
<ws-policy>
<uri>#WebCenterPolicy</uri>
<direction>inbound</direction>
</ws-policy>
</port-policy>
<port-policy>
<port-name>WSRPBaseService</port-name>
<ws-policy>
<uri>#WebCenterPolicy</uri>
<direction>inbound</direction>
</ws-policy>
</port-policy>
<port-policy>
<port-name>WLP_WSRP_Ext_Service</port-name>
<ws-policy>
<uri>#WebCenterPolicy</uri>
<direction>inbound</direction>
</ws-policy>
</port-policy>
</webservice-policy-ref>

weblogic-webservices-policy.xml replaced

3. Save all and republish the project.

Adding a new SAML Identity Asserter

Inside the WebLogic Server Console, navigate to Security Realms | myrealm | Providers | Authentication | SAMLIdentityAsserter | Management | Asserting Parties, and click on New.

Select WSS/Sender Vouches, fill in the description field with “WebCenter SAML token”, and click on OK.

Select the added row, and edit.

SAML Identity Asserter

Registering the WLP (Producer) in Pagelet Producer

Inside the Pagelet Producer, select Producers, and click on Register.

Fill in the form, and click on OK.

Registering the WebLogic Portal Producer in Pagelet Producer

Configuring the consume of Pagelet Producer inside the application

Inside JDeveloper, go to Connections.
Right-click and select Pagelet Producer.
Fill in the form, and click on OK.

Pagelet Producer Connection

Configuring the authentication of Pagelet Producer

If you use JDeveloper’s default domain, you must configure the login Pagelet Producer.
If you use the WebCenter domain, you can configure identity propagation of Pagelet Producer.

Configuring the login of Pagelet Producer

Ps.: The JDeveloper’s default domain is not a complete domain, thereby identity propagation does not work.

Inside the Pagelet Producer, select Resource and then Copy Resource. You have to create a copy, because the original resource can’t be changed.

Select the new resource, and then select Policy.

Configurando politica no Pagelet Producer

Configuring identity propagation of Pagelet Producer

Ps.: The WebCenter Server must be the same for the application and Pagelet Producer.

Navigate to <WEBCENTER_HOME>/Oracle_WC1/webcenter/scripts, and edit the configureTrustServiceIdentityAsserter.properties.

admin.user weblogic
admin.password welcome1
admin.url t3://<WEBCENTER_HOST>:<WEBCENTER_PORT>
trust.alias webcenter
trust.issuer www.oracle.com
keystore.exported.cert <WEBCENTER_DOMAIN>/config/fmwconfig/webcenter.cer

configureTrustServiceIdentityAsserter.properties

Using the terminal, navigate to <WEBCENTER_HOME>/Oracle_WC1/common/bin and execute:

Linux: ./wlst.sh ../../webcenter/scripts/configureTrustServiceIdentityAsserter.py ../../webcenter/scripts/configureTrustServiceIdentityAsserter.properties

Windows: wlst.cmd ../../webcenter/scripts/configureTrustServiceIdentityAsserter.py ../../webcenter/scripts/configureTrustServiceIdentityAsserter.properties

Reboot the server.

Executing the WebCenter Portal Application

Create a JSF Page.
Expand the connections tree, drag and drop the Portlet on page.

myPage.jspx

Save all and run the application.

myPage.jspx

myPage.jspx

Waslley Souza

Author: Waslley Souza

Consultor Oracle com foco em tecnologias Oracle Fusion Middleware e SOA. Certificado Oracle WebCenter Portal, Oracle ADF e Java.

Leave a Reply

Your email address will not be published. Required fields are marked *