In my earlier blog I’ve mentioned the option for a Oracle Service Bus custom reporting provider and used a simple MDB to show the content of the report java objects. To make sure I have an example at my disposal at all time, and to help out in general: during deployment you might run into the next error/warning:
<Warning> <EJB> <BEA-010061> <The Message-Driven EJB: QueueMessageDrivenEJBBean is unable to connect to the JMS destination: wli/reporting/jmsprovider/queue. The Error was: javax.naming.NoPermissionException: User <anonymous> does not have permission on wli.reporting to perform lookup operation.
The reason for this is the fact that your EJB wants to connect to the queue wli/reporting/jmsprovider/queue where unauthorised access is prohibited. If we check the queues security policy (select queue -> security -> policies) we can see that only 2 roles have authorisation:
So we can change the policy on the queue (not to be advised) or make sure our EJB uses proper authentication. The most basic version could be:
basic weblogic-ejb-jar.xml
<?xml version="1.0" encoding="UTF-8"?> <!--weblogic-version:10.3.5--> <wls:weblogic-ejb-jar xmlns:wls="http://xmlns.oracle.com/weblogic/weblogic-ejb-jar" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd http://xmlns.oracle.com/weblogic/weblogic-ejb-jar http://xmlns.oracle.com/weblogic/weblogic-ejb-jar/1.2/weblogic-ejb-jar.xsd"> <!-- this 1st segment is not necessary, if no run-as-principal-name is specified in run-as-role-assignment or in bean specific run-as-principal-name tag, then EJB container chooses first principal-name in the security-role-assignment below and uses that principal-name as run-as-principal-name --> <wls:weblogic-enterprise-bean> <wls:ejb-name>CustomOsbReportProvider</wls:ejb-name> <wls:run-as-principal-name>weblogic</wls:run-as-principal-name> </wls:weblogic-enterprise-bean> <wls:security-role-assignment> <wls:role-name>adminsEJB</wls:role-name> <wls:principal-name>weblogic</wls:principal-name> </wls:security-role-assignment> </wls:weblogic-ejb-jar>
basic ejb-jar.xml
<?xml version="1.0" encoding="UTF-8"?> <ejb-jar xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:ejb="http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd" version="3.0"> <display-name>CustomOsbReportProvider </display-name> <enterprise-beans> <message-driven> <ejb-name>CustomOsbReportProvider</ejb-name> <ejb-class>nl.rubix.CustomOsbReportHandler</ejb-class> <transaction-type>Container</transaction-type> <security-identity> <run-as> <description>EJB role used</description> <role-name>adminsEJB</role-name> </run-as> </security-identity> </message-driven> </enterprise-beans> <ejb-client-jar>CustomOsbReportProviderClient.jar</ejb-client-jar> </ejb-jar>
However with the help of the original JMSReportingProvider.jar it’s fairly easy to create a more elegant version:
deluxe weblogic-ejb-jar.xml
</pre> <wls:weblogic-ejb-jar xmlns:wls="http://xmlns.oracle.com/weblogic/weblogic-ejb-jar" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd http://xmlns.oracle.com/weblogic/weblogic-ejb-jar http://xmlns.oracle.com/weblogic/weblogic-ejb-jar/1.2/weblogic-ejb-jar.xsd"> <!--weblogic-version:10.3.5--> <wls:weblogic-enterprise-bean> <wls:ejb-name>CustomOsbReportProvider</wls:ejb-name> <wls:message-driven-descriptor> <wls:pool> <wls:max-beans-in-free-pool>100</wls:max-beans-in-free-pool> <wls:initial-beans-in-free-pool>3</wls:initial-beans-in-free-pool> </wls:pool> <wls:destination-jndi-name>wli.reporting.jmsprovider.queue</wls:destination-jndi-name> <wls:max-messages-in-transaction>5</wls:max-messages-in-transaction> </wls:message-driven-descriptor> <wls:transaction-descriptor> <wls:trans-timeout-seconds>600</wls:trans-timeout-seconds> </wls:transaction-descriptor> <wls:run-as-principal-name>alsb-system-user</wls:run-as-principal-name> </wls:weblogic-enterprise-bean> <wls:transaction-isolation> <wls:isolation-level>TransactionReadCommitted</wls:isolation-level> <wls:method> <wls:description>Ensure the container starts a ReadCommitted transaction</wls:description> <wls:ejb-name>CustomOsbReportProvider</wls:ejb-name> <wls:method-name>*</wls:method-name> </wls:method> </wls:transaction-isolation> <wls:disable-warning>BEA-010001</wls:disable-warning> </wls:weblogic-ejb-jar> <pre>
deluxe ejb-jar.xml
</pre> <?xml version="1.0" encoding="UTF-8"?> <ejb-jar xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:ejb="http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd" version="3.0"> <display-name>CustomOsbReportProvider </display-name> <enterprise-beans> <message-driven> <description>Custom Reporting Provider for OSB</description> <ejb-name>CustomOsbReportProvider</ejb-name> <ejb-class>nl.rubix.CustomOsbReportHandler</ejb-class> <transaction-type>Container</transaction-type> <message-destination-type>javax.jms.Queue</message-destination-type> <activation-config> <activation-config-property> <activation-config-property-name>acknowledgeMode</activation-config-property-name> <activation-config-property-value>Auto-acknowledge</activation-config-property-value> </activation-config-property> </activation-config> <security-identity> <run-as> <description>EJB role used</description> <role-name>ALSBSystem</role-name> </run-as> </security-identity> </message-driven> </enterprise-beans> <assembly-descriptor> <container-transaction> <method> <ejb-name>CustomOsbReportProvider</ejb-name> <method-name>*</method-name> </method> <trans-attribute>Required</trans-attribute> </container-transaction> </assembly-descriptor> <ejb-client-jar>CustomOsbReportProviderClient.jar</ejb-client-jar> </ejb-jar> <pre>
References:
