Tuesday, 20 November 2012

Target B2BUI

When you already did something with B2B11g, then you probably already know how to connect to the B2B UI, and have found out that it's not available by default.

By default the B2B UI is not targetted to a managed server. It can be done very easy in the weblogic console (http://adminserver-host:port/console). Go to Deployments and look for b2bui, when found click on it.

Then check the boxes of the  b2bui components and click on "Change Targets" (this button will activate after checking the boxes).
Then in the next screen click yes:
 And after a while the changes are applied:
After this the b2b console can be addressed via: http://managedserver-host:port/b2bconsole.

Monday, 12 November 2012

Export Exception in B2B11g

Recently I renamed some docTypes in B2B11g because of a typo. Last week I wanted to export the repository to put it into subversion and to be able to propagate the implementation to the test environment.

But when exporting I ran into the following exception:
MDS-00001: exception in Metadata Services layer MDS-00511: failure to create document /soa/b2b/Custom/DocVersion_V1.2/MyAcknowledgementDocType /MyAcknowledgement /MyAcknowledgement.xsd 
\DocVersion_V1.2\MyAcknowledgementDocType \MyAcknowledgement \MyAcknowledgement_1p2.xsd 
C:\Windows\TEMP\Export817535\soa\b2b\Custom\DocVersion_V1.2\MyAcknowledgementDocType \MyAcknowledgement \MyAcknowledgement_1p2.xsd (The system cannot find the path specified)

What I actually did in the renaming was to create a new doctype with docdefinition, along the incorrect ones, with copy/pasting the oldnames and changing the typo (...Acknowlegdement... into ...Acknowledgement...). But apparently I got an extra trailingspace in my new name.  It appeared in two docTypes.

I removed the deployments of the particular agreements, removed the document registrations at the Trading Partners (both host and remote) and then removed the DocType under the Administration/Documents menu.

After that I could create the documentTypes again (now payed extra attention to possible trailing spaces), recreated the document registration at the partners and the agreements. After that I could export the repository succesfully again.

Bottom line: you apparently can have trailing spaces in the names, but this will lead into export errors...

B2B11g with Apache 2.0 as forward proxy

In the past I wrote an article about high availability architecture for Oracle Integration B2B10g.
Currently I'm working on an AS2 implementation with Oracle B2B11g. B2B11g is now part of SOASuite11g. Although it can be seen as a gateway product, much like OSB, since it is part of SOASuite I would not recommend to place B2B in de DMZ (Demilitarized Zone).

So what you need is a proxy and reverse proxy in the DMZ to forward messages from B2B to your trading partner (forward proxy) and route messages from your trading partner to B2B (reverse proxy).

The idea in our setup was actually to use Microsoft IIS for this. The reverse proxy was succesfull implementated, where it also functions as a SSL-decoder. But the IIS-expert had difficulties to turn the forward-proxy functioning on. Now that should not be to hard, but it need to have proxy, and proxy-connect (for proxying SSL-requests) installed. Apparently those are seperate installs for IIS. You may conclude: me know nothing about IIS. Also, the IIS-expert was not around very much and we needed a proxy in place pretty much immediatly.

So I installed Apache for that. I installed a Apache 2.0.x. Not the latest  release, I know, because I hoped to be able to re-use my settings from my earlier implementation. However, those turned out to be from 1.3 (forgot about that).

Anyway I had to change my settings a little.

First you need to turn some modules (mod_proxy, mod_proxy_http and mod_proxy_connect) on in the http.conf

#2012-10-31, M. van den Akker, Darwin-IT Professionals
# mod_proxy en mod_proxy_http needed for proxy
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_http_module modules/mod_proxy_http.so

The proxy-connect module is needed to be able to proxy for SSL connections.
Since I like to seperate my customsettings from the other ones I created a separate config file for the proxy-settings. This I include at the end of the http.conf:

#2012-10-31, M. van den Akker, Darwin-IT Professionals
#Include proxy config
Include conf/proxy.conf

Then of course the proxysettings in the proxy.conf file:
#2012-10-31, M. van den Akker, Darwin-IT Professionals

Listen 1234
NameVirtualHost proxy-web-b2b:1234
ProxyRequests On
ProxyVia On
AllowCONNECT 443 8443 
<Proxy *>
  #Order deny,allow
  #Deny from all
  Allow from all
<VirtualHost proxy-web-b2b:1234>
  ServerAdmin webmaster@proxy-web-b2b
  ErrorLog logs/error_proxyfwd1234.log
  CustomLog logs/access_proxyfwd1234.log common
The AllowCONNECT setting denotes the ports that are allowed for SSL-Connect forwards.

Since we use this temporarly only for forward proxying, I don't have the Apache 2.0 settings for reverse proxying at hand. Since B2B11g is the initiator of the https-connection it needs to have the SSL certificates of remote tradingpartners, besides the AS2 encryption/signing certificates in the keystore. So as is done in our case it does not make much sense to have the reverse-proxy (IIS in our implementation) do the un-SSL-ing (decoding). Then you'll need to maintain those certificates in two keystores.

For the forward proxy the weblogic server of B2B needs to be started with the following settings:
  • -Dhttp.proxySet=true
  • -Dhttp.proxyHost=proxy-web-b2b
  • -Dhttp.proxyPort=1234
In the B2B configuration on the delivery channels the checkbox "Use Proxy" needs to be checked.

That's about it.