SOA Governance Implementation Planning

As part of SOA Governance Solution using the Oracle Governance Suite of products, this is about planning the implementation of Oracle Enterprise Repository.

The Oracle Enterprise Repository is the key component of the Oracle's SOA Governance Suite. Implementing the Repository is the first step in the SOA Governance Solution.

• Define the SOA Governance model and Infrastructure, and review SOA Governance products as part of SOA Governance Solution including Oracle Enterprise Repository, Oracle Service Registry, and SOA Management Pack for Oracle Enterprise Manager, and Oracle Web Services Manager.

• Define Oracle Enterprise Repository (Implementation steps covering assets definition, adopting solution packs, defining stake holders, users and their roles, defining asset lifecycle including asset bootstrapping and asset harvesting.

• Conduct Repository usage sessions as part of user training focusing Users, Registrar and Administrator specific activities.
  • From Users view, look at how to submit an asset, search for an asset, and download and use an asset. View Projects to which the users are associated, asset subscriptions, and how users can submit asset reviews.
  • From Registrar view, look at how to review an asset, and how to approve or reject submitted asset.
  • From Administers view, how to create Roles and Users, how to assign Users to Roles, how to create Projects and customize the Repository for enterprise specific needs.
• Outline integrating Repository with Reporting Server (OBI Publisher), with Active Directory for User Authentication, with JDeveloper for design time integration, and with Service Registry for run time integration.

• Define Reporting requirements and its usage including developing Custom Reports.


OAuth Setting for Twitter OFM SOA Application

This is related to my previous article about sending tweets to from Oracle Fusion SOA Web Service application. Refer

The SOA Web Service application prototype I had built was using the basic authentication using user name and password while connecting to the user account.

Effective August 2010, Twitter has disabled the applications posting tweets using basic authentication. Basic authentication was the simple approach for applications to connect to the Twitter User Accounts using just the user name and password. But may not be the smartest way to connect given the security and account maintenance challenges.

OAuth based authentication is the recommended approach. All of the applications using the basic authentication need to switch to OAuth authentication.

This write up is the record of the steps I followed to switch my Fusion SOA Web Service tweet application that was using basic authentication to OAuth based authentication.

Summary steps:
Step 1: Register the application that tweets using an API. This is to register the application as a authorized source of tweets related to the Twitter User Account.

Step 2: Obtain OAuth Access Token.

Step 3: Update the client application API to use the Access Token instead of the basic user name and password.

Following sections details about each of these steps.

Register the application for OAuth access and obtain the Consumer Key and Consumer Secret Key

Open the link in a browser:
Enter the application details to obtain OAuth specific access.

Twitter generates Consumer Key and Consumer Secret Key for the associated Twitter user account. The keys will be used to obtain Access Token in the next steps.
Obtain the Access Token for OAuth
It is a three level process.

1. Generate Authorization URL
2. Obtain PIN
3. Generate Access Token

The code to perform this one time setup is:

The code output:
C:\>java OAuthSetup

Open the following URL and grant access to your account:

Open the URL in the browser

Enter the twitter account user name and password and select ‘Allow’

Note the generated PIN

Enter the PIN at the prompt in the program, and generate the Access Token.
Note down the Access Token and Access Security Token and save it safe. This will be used in the twitter client to authenticate.
Here is a sample twitter client usage in Java which uses OAuth with Consumer Key, Consumer Secret Key, Access Token and Access Security Token to authenticate with
TwitterFactory factory = new TwitterFactory();
AccessToken accessToken = new AccessToken("Access Token", "Access Security Token");
Twitter twitter = factory.getOAuthAuthorizedInstance("Consumer Key", "Consumer Secret Key", accessToken);