In our recent TechNote we discussed the pros and cons of Cloud Adapter versus Custom Web Service Call. In this How To we will guide you through the installation of Cloud Adapter and detail some of the issues you can face during installation and the changes needed to fix them.
Installation steps cookbook:
- To use the Cloud Adapter for Salesforce.com, you need to install the initial 12.1.3.0.0 version of SOA Suite or BPM Suite 12c.
- If you want to use it only within a SOA Suite SCA calling the adapter from a BPEL flow, no additional installation is needed.
- If you want to create a Business Service in OSB and expose the Salesforce Adapter operations via Proxy Service, there are additional steps that you need to follow (see details in the bottom of the post):
a) Apply Bundle patch 12.1.3.0.1 for SOA Suite or 12.1.3.0.4 for BPM Suite [Issue #1].
b) Create a Security System Policy using Enterprise Manager. [Issue #2]
c) Change server configuration to not validate hostname or allow wildcards in the certificate URLs. [Issue #3] - Follow the Cloud Adapter instructions download the Salesforce supported WSDL and do the additional server configuration changes:
a) Download Salesforce Enterprise WSDL from Salesforce.com Setup web page.
b) Export Salesforce Certificate from the browser and import into the server Keystore using java Keytool.
c) Configure EM Credentials, defining CSF Key and using username and password (with security token).
Check all configuration steps here: https://docs.oracle.com/middleware/1213/cloudadapter-salesforce/TKSDP.pdf
Issues and solutions:
Below you have the details for some of the issues you can face during installation and the changes needed to fix them:
# |
Issue |
Solution |
1 |
If you do not apply the Bundle Patch for SOA/BPM suite, once you call
|
There are 2 solutions for this issue:1) manually changing the connection mode parameter in the advanced section for transport on business service in OSB console after deploy: 1. open OSB console 2. create a session 3. click on project and then on business service for salesforce 4. open the Transport detail tab 5. open advanced section and change connection mode to unmanaged 6. activate the session in console 2) patching to 12.1.3.0.1 or up and no manual configuration will be needed
|
2 |
If you do not create the Security Policy, once you call Salesforce in run-time you should see the error message below:javax.resource.ResourceException: Unable to create Cloud Operation: at oracle.tip.adapter.cloud.CloudAdapterInteraction.create at oracle.tip.adapter.cloud.CloudAdapter at oracle.tip.adapter.sa.impl.fw.wsif.jca. at oracle.tip.adapter.sa.impl.fw.wsif.jca.WSIFOperation_ …. Caused by: oracle.cloud.connector.api.CloudInvocationException: Unable to find username in credential store. at oracle.cloud.connector.salesforce. at oracle.cloud.connector.impl. at oracle.tip.adapter.cloud.CloudAdapterInteraction.create |
The steps below describe how to create the Security Policy needed:1. Log in to Fusion Middleware Control Enterprise Manager. 2. Expand “Weblogic Domain” in the left panel 3. Right click on the domain you want to modify and select Security > System Policies to display the page System Policies. 4. In the System Policies page, click on “Create…” button. 5. In the Codebase field enter the path to the jar file i.e file:${osb.oracle.home}/soa/modules/oracle. soa.adapter_11.1.1/jca-binding-api.jar 6. In the Permissions section click on “Add” button. 7. In the new window modify the “Type” field to “Principal” and click on the search button. Select the “Administrator” permission and click “Ok” 8. Back in the previous windows you will see now under Permissions “oracle.security.jps.service.credstore.CredentialAccessPermission” 9. Select “oracle.security.jps.service.credstore.Credential AccessPermission” and click on “Edit…” button and modify it as follow: Resource Name: context=SYSTEM,mapName=SOA,keyName=* Permission Action: * 10. Click on “OK” to save the new permission. See more details at Oracle Support “SOA/OSB 12c: Cloud Adapter Patch Reference (Doc ID 1917423.1)” |
3. |
If you do not change the server configuration related to hostname validation, once you call Salesforce in run-time you should see the error message below:javax.net.ssl.SSLKeyException Certificate chain received from [URL – IP] failed hostname verification check. Certificate contained *.[URL] but check expected [URL] |
There are 2 options to solve this:1. Disable hostname verification, as explained by the Cloud Adapter documentation (“Set Hostname Verification to None”) https://docs.oracle.com/middleware/1213/cloudadapter-salesforce/TKSDP.pdf 2. Change Hostname Verifier to allow wildcards: 1. Go to the WebLogic admin console -> Environment -> Servers -> your server -> Configuration -> SSL 2. Click “Lock & Edit” 3. Open the “Advanced” flap 4. Change “Hostname Verification” from “BEA Hostname Verifier” to “Custom Hostname Verifier” 5. Set “Custom Hostname Verifier” to weblogic.security.utils.SSLWLSWildcardHostnameVerifier 6. Click “Save” and then “Activate Changes” 7. Restart your server.
|
4 |
Once you create a new Salesforce Adapter instance selecting SOSL/SOQL, in case you add parameters to the query, you can get the error message below once you complete the wizard and the Business Service is not created.Failed to generate the business service error: Unexpected character encountered (lex state 3): ‘<some character>’
|
The workaround for this issue:is to create the Salesforce Adapter instance without any query parameter and, after completing the wizard, right-click on the adapter and select “Edit JCA”, running the adapter wizard again and replacing the query, including the parameters. This time the wizard will complete as expected and all adapter metadata files will be updated accordingly. |
