Previous	Next		Contents		Library	Product

Step 1. Install Oracle Web Application Server 3.0.1 or higher on a server machine.

Step 2. Create at least one web listener for Oracle Workflow and make note of its name and base URL.

The base URL should have the following format, where <server_name> and <portID> represent the server and TCP/IP port number on which your web listener accepts requests:

	http://<server_name>[:<portID>]/

For example:

	http://prod.company.com/

	http://test.company.com:8000/

Step 3. Create an Oracle Web Application Server Database Access Descriptor (DAD) for the Oracle Workflow Schema and register the DAD with a PL/SQL Cartridge.

1. From the Oracle Web Application Server home page, choose Web Application Server Manager to connect to the Oracle Web Application Server Administration Home page.

2. Choose Oracle Web Application Server, then DAD Administration.

3. Choose "Create New DAD" and enter the values appropriate for your schema in the Create New DAD page. Refer to your Oracle Web Application Server documentation for more details on how to create a new DAD.

For example:

		Parameter                     Value

		DAD Name:                     <DAD_name>

		Database User:                <wf_username>

		Identified by:                Password

		Database User Password:       <wf_password>

		Confirm Password:             <wf_password>

		ORACLE_HOME:                  <ORACLE_HOME>

		SQL*Net V2 Service:           <SQLNet_alias>

		...

		NLS Language:                 <NLS_language>

		Store the user name and password in the DAD

Attention: If you are using Oracle Net8, then do not input the Oracle SID.

4. From the Oracle Web Application Server Administration Home page, choose Oracle Web Application Server, and then choose Cartridge Administration.

5. In the Cartridge Administration page, choose PL/SQL Cartridge.

6. Choose "Create New PL/SQL Agent" and enter the values appropriate for your schema in the Create New PL/SQL Agent page. For example:

		Parameter                     Value

		Name of PL/SQL Agent:         <agent_name>

		Name of DAD to be used:       <DAD_name>

		Protect PL/SQL Agent:         True

		Authorized Ports:             <port_ID>

Warning: Ensure that you select the option "Install Web Application Server Developer's Toolkit PL/SQL packages" when you create the DAD for the schema.

7. Navigate back to the Cartridge Administration page and choose Cartridge Summary (Web Request Broker).

8. In the Web Request Broker Administration page, choose Directories in the left-hand frame to display the Applications and Directories section in the right-hand frame.

9. Scroll to the bottom of the Applications and Directories section and add the following line for your PL/SQL agent:

		Virtual Path           App     Physical Path

		/<plsqlagent>/plsql    PLSQL   <ORAWEB_HOME>/bin

Replace <plsqlagent> with name of the PL/SQL agent you created in step 6. Replace <ORAWEB_HOME> with the path of your Oracle Web Application Server home.

This step enables you to access your PL/SQL agent by appending the virtual path specified above to your web listener base URL as follows:

		http://<server_name>[:<portID>]/<plsqlagent>/plsql

For example:

		http://prod.company.com/my_plsqlagent/plsql

To invoke Oracle Workflow's web services, you simply append the appropriate procedure and arguments to this new base URL. For example, to access the Worklist web page, you would connect to the URL:

		http://<server_name>[:<portID>]/<plsqlagent>/plsql/wfa_html.home

Step 4. Protect the Workflow PL/SQL Agent Virtual Path.

1. Connect to the Oracle Web Application Server Administration page.

2. Choose the Oracle Web Application Server link.

3. Choose the Authorization Server link.

4. Select either the Basic, Digest, or Database authentication scheme by choosing the appropriate link.

Basic authentication allows you to assign passwords to users, assign users to groups, and define sets of users and groups, called realms. You can then assign the users, groups, and realms to specific files and directories, requiring requestors to provide a username and password to gain access. Basic authentication sends unencrypted passwords across the network, making this method subject to subversion. Basic authentication is not recommended when security is critical.

Digest authentication is the same as basic authentication except that it sends passwords encrypted across the network in the form of a cryptographic checksum, also called a digest. You should use this scheme whenever authentication is required, although some older web browsers may not support it.

Database authentication allows you to authenticate the username and password pair against a database by using the username and password to log on to an Oracle RDBMS. The realm of database authentication consists of two parts: a Database Access Descriptor (DAD) and optionally a database role. The DAD identifies the database to check against. The username and password, if available in the DAD, is ignored. The database role allows that only a subset of database users (those who have the privilege to assume the role) be authenticated.

5. If you select either Basic or Digest authentication, enter usernames and passwords for your users, assign your users to a group, then assign the group to a realm for your authentication method.

If you select Database authentication, assign groups to a realm, then for each group, specify the DAD to check against, and optionally specify the roles to be authenticated.

6. Choose Modify to save your changes.

7. Navigate back to the Oracle Web Application Server Administration page.

8. Choose Cartridge Administration, then Cartridge Summary (Web Request Broker).

9. Choose the Protection link in the frame on the left side of the page to go to the Protecting Applications section.

10. Enter the following values in these fields to protect your realm:

		Virtual Path         Scheme                            Realm        

		<virtual_path>       <Basic/Digest/Basic_Oracle>       <realm_name>

 

11. Choose Modify WRB Configuration to save your changes.

12. Restart the listener.