Beruflich Dokumente
Kultur Dokumente
Using Oracle Application Server 10g with Oracle E-Business Suite Release 11i
April, 2006
"This presentation is for informational purposes only and may not be incorporated into a contract or agreement"
Steven Chan
Director, Applications Technology Integration Oracle Corporation
"This presentation is for informational purposes only and may not be incorporated into a contract or agreement"
Topics
Supported Architectures
Features and Benefits Technical Integration Overview Integration with Third Party Access Managers & LDAP Directories
Desupport Notices
(Or, Why You Should Plan for OracleAS 10g Now) Discoverer 4i Login Server 3.0.9 Portal 3.0.9 Oracle Internet Directory 3.0.1
October 2006
July 2007
BUT: Sun may desupport JDK 1.3 -- the required prerequisite for 3.0.9 -- in ~ Fall 2006! For more details, see http://blogs.oracle.com/schan
Intranet Firewall
External Users
Internal Users
Internet
Router
Distributed Architecture
Internal Users
Internet
Firewall
Firewall
Firewall
May be scaled & managed by separate organization responsible for enterprise applications such as Oracle E-Business Suite Release 11i
User
E-Business Suite is a Single Sign-On partner application Log on to Oracle Single Sign-On to get access to all registered partner applications, including 11i Log off any one partner application to log off all of them
DIP Platform
Synchronise user credentials bidirectionally between Oracle Internet Directory and Release 11i (FND_USER) Set master source of truth as OID, Release 11i, or both
Manage user provisioning via powerful OID Directory Integration & Provisioning Platform templates Link an OID userid with one or more 11i userids on-the-fly
Access one or more E-Business Suite 11i instances from a single Oracle Portal instance Add 11i portlets to custom Portal pages Display data in 11i portlets based on 11i responsibilities
Applications Favorites
Bookmark specific Applications links for quick access
Applications Worklist
Summary of current workflow notifications
Over 250 adapters for Enterprise Application Integration with third-party applications J2EE and open standards-based integration, including:
E-Business Suite, third-party applications, database sources XML, JMS, JCA Web Services: SOAP, WSDL, UDDI B2B Protocols: RosettaNet, HIPAA, EDI
Discoverer 10g
Access APPS_MODE End-User Layer via Business Intelligence System Discoverer workbooks secured by Applications responsibilities Provide powerful end-user reporting via ad hoc queries Drill-down into data via tabular & graphical analytical tools Run Discoverer on separate cluster for enhanced scalability, wide deployment
User
WebCache 10g
Cache and compress frequently used items Reduce network consumption and accelerate response time Can act as a reverse-proxy server Can act as a load-balancer
Build Releases
E-Business Suite Interoperability Patch for OracleAS 10g integration released in Builds Build 1: Build 2.0: Build 2.2: Build 3.0: Build 3.1: Build 3.2: Jan 2004 Mar 2004 Jul 2004 Jan 2005 Feb 2005 Jul 2005 Aug 2005 Sep 2005 Feb 2006 Mar 2006
Released & Generally Available
C. Discoverer
Optional. SSO also optional for Discoverer standalone implementations.
Portal
Discoverer
Logical Architecture
OracleAS 10g
Enterprise Portal
Portal 10g
Metadata Repository
Portal Repository
OID 10g
Profile
Apps Web Provider & Portlets Portal 3.0.9 (Reqd for JPDK 3.0.9)
9iAS 1.0.2.2.2
Application Tier
Database Tier
Chain of Trust
Delegates SSO to
Release 11i delegates user authentication to Single Sign-On Single Sign-On authenticates users against Oracle Internet Directory Authenticated users are redirected to Release 11i Release 11i validates the users authorization (I.e. 11i Responsibilities) against FND_USER
DIP Platform
Oracle Internet Directory and FND_USER must be kept synchronised Supported synchronisation directions:
From OID to FND_USER (Asynchronous via the Directory Integration & Provisioning Platform) From FND_USER to OID (Synchronous via ldap calls) Bidirectionally
Synchronisation events are raised via the Workflow-based Business Event System whenever users are added or modified
Link Account
Global Unique Identifier (GUID)
Userid = jsmith
Useful for situations where existing accounts in Oracle Internet Directory 10g or a third-party LDAP directory differ from existing accounts in Release 11i.
Link Account
Portal Integration
Portal 10g
11i Portlet
JPDK 3.0.9
OracleAS 10g
9iAS 1.0.2.2.2
Single Sign-On is a prerequisite for Portal Oracle Applications Framework Web Provider is registered in Portal 10g 11i portlets are added to custom Portal pages 11i Portlets communicate with 11i 9iAS 1.0.2.2.2 server:
Oracle Applications Framework Web Provider JPDK 3.0.9
11i portlet users must have a valid 11i responsibility, validated via ICX_SESSION
Discoverer Integration
User
Discoverer 10g
Discoverer 10g End-User Layer resides in 11i database APPS_MODE option enforces Applications security for all Discoverer users Easy migration from Discoverer 4i
Installation upgrades a copy of 4i End-User Layer to 10g Run 4i and 10g side-by-side for User Acceptance Tests TIP: Run Discoverer 4i and 10g on different physical servers to avoid Visibroker conflicts
Frequently used items (e.g. images, static text) are cached, compressed, and served by WebCache Secured data (I.e. requiring authorization) is not cached Partial page refresh supported for Portal Can act as a reverse-proxy server Can act as a load-balancer
Portal 10g
OID 10g
Delegates SSO to
Profile
"This presentation is for informational purposes only and may not be incorporated into a contract or agreement"
Deployed in Production
Amdocs (Israel) Alcoa (Europe) Applied Materials (Israel) Atento (Norway) Bunnings (Australia) CapGemini / Councils Online (Australia) Central Bank of Nigeria Cisco Systems Cox Communications (USA)
Fiera Milano (Italy) General Dynamics Land Sys General Electric (USA)
International Enterprises (Singapore) International Institute for Applied Systems Analysis (Austria) Ireland Dept of Defence Kansas State University Mitac (Taiwan) Phoenix Technologies Putrajaya (Malaysia) Rafael Armament Development Authority (Israel) Telecom Italia Mobile (Italy) Universal Weather & Aviation (USA) Wind River Systems (USA)
85 83 52 21 8
60
80
100
SSO
191
Portal
148
Third-party LDAP
129
Discoverer
120
Third-party SSO
76 100
Customers
150
200
250
89%
115 29
22%
6 6 3 3 20 40
80
100
120
140
Third-Party SSO
X% : Percentage of cts using third-party SSO
39
Total exceeds 100% due to multiple SSO solutions in use at customer sites
20 25 30 35 40 45
Customers
Customer Lessons
Organisational & Staffing Tips
Proactively manage organisational politics: Corporate Security vs. E-Business administrators Plan for complexity. Pad project plans with appropriate contingency Experience helps. Trainee sysadmins may struggle.
Test in production-like environment as early as possible with firewalls, load-balancers, SSL accelerators, etc. Load-balancers and firewalls = largest source of problems when moving from TEST to PRODUCTION
Provide detailed, reproducible testcase. Bad testcase: OID integration doesnt work. File enhancement requests
The more precisely the position is determined, the less precisely the momentum is known in this instant, and vice versa.
~ Heisenberg, 1927
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision. The development, release, and timing of any features or functionality described for Oracles products remains at the sole discretion of Oracle.
Whats Coming
Build 4.0 New systems administration features Second-generation diagnostic tools Automated RAC, SSL, DMZ Support
"This presentation is for informational purposes only and may not be incorporated into a contract or agreement"
Applications Landscape
AS 10g Portal
AS 10g Integration
Database
Web Listener
JSP
SQL*Net
User Interface
Application logic
Database logic
RDBMS Components
APPL TOP
COMMON TOP
Oracle JDeveloper 10.1.3 JDBC 10.2 JDK 5.0 for web & concurrent processing
Cut through the noise -- get the news directly from Development