The IBM® SOA
Policy Pattern provides
a JMS-based dynamic message routing environment using WebSphere® Message Broker and WSRR.
The
IBM SOA
Policy Pattern pattern
requires the following parts:
The pattern configures two sample policies in WSRR and two sample
JNDI destinations. For more information about the samples, see
Samples. The sample scripts can be replaced
with your own policies and JNDI destinations by cloning the pattern
and adapting the sample scripts with your own customized settings.
The parts must be instantiated in the following order:
- DB2 Enterprise 9.7.5.0
- WSRR Standalone server 8.0.0.0
- WebSphere Message
Broker Basic 8.0.0.1
Scripts and advanced options
Scripts are
used to configure the products and each perform a complete configuration
step; for example, to load policies into WSRR. The scripts used for
this pattern cannot be used outside of a part in this pattern.
The
IBM SOA
Policy Pattern pattern
requires the following scripts on the WSRR Standalone server part:
- SOA Policy Pattern: Create Sample Policies - An optional
script. This script creates and approves two sample mediation policies
with a PolicySelector value and scheduling conditions each with a
different JNDI MQ destination. The schedule for the sample policies
is specified in terms of time and days of the week. To use a script
containing customized new policies, clone the pattern and replace
the script.
- SOA Policy Pattern: WSRR Configuration - This script package
is mandatory for this pattern. The script adds a WSRR modifier plugin
that creates the PolicySelector property for a policy when it is created,
and makes the necessary Business Space user interface modification
that displays the PolicySelector property in the user interface. The
script also adds a public key to the authorized_keys file
which enables the password-less SCP/SSH login. The SCP/SSH session
is used to transfer the required configuration files from WSRR to
the Message Broker instance to configure security. To enable Message
Broker to get cache notifications that are sent by WSRR for any policy
updates, a non-secure JMS client connection is enabled using the SSL-supported transport
option under the IIOP/RMI security of the WebSphere Application Server configuration
in this script package. This script is needed for the
SOA Policy
Pattern: Connect Broker to Secure WSRR
script on the WebSphere Message Broker Advanced part
to configure the WSRR and Message Broker security.
The
IBM SOA
Policy Pattern requires
the following scripts on the WebSphere Message
Broker Basic part:
- SOA Policy Pattern: Create Instance - This script creates
the required JNDI definitions and queues required in this pattern.
It creates the required JNDI bindings for REQUEST_IN, REPLY_OUT, and
BLACKOUT. The script also creates the respective MQ queues REQUEST_INQ,
REPLY_OUTQ, and SYSTEM.DEAD.LETTER.QUEUE. Then, it creates the execution
group on the default Message Broker, MB8BROKER, and the default queue
manager, MB8QMGR. The execution group name is set to
default
.
Finally, the message flow BAR file is deployed.
- SOA Policy Pattern: Create Sample JNDI Bindings - An optional
script. This script creates the sample JNDI bindings and two associated
JMS destinations used in this sample. The JNDI definition created
are DESTINATION1_OUT and DESTINATION2_OUT. This script also creates
the MQ queues, DESTINATION1_OUTQ and DESTINATION2_OUTQ, associated
with JNDI objects and then creates the MQ JNDI bindings needed for
the IBM SOA
Policy Pattern.
This script package can be edited in a clone of this pattern, and
new QCF definitions and JNDI definitions for the sample policies can
be added before being deployed.
- SOA Policy Pattern: Connect Broker to Secure WSRR - This
script package is mandatory for this pattern. This script performs
the security configuration for WebSphere Message
Broker and enables a secure connection to WSRR. The DummyClientKeyFile.jks and DummyClientTrustFile.jks files
are copied from the remote WSRR system using password-less SCP. The
password-less SCP/SSH configuration is created by the SOA Policy Pattern:
WSRR Configuration script on WSRR and when the files have been copied
from WSRR, the configuration is deleted from the WSRR instance. The
script uses the default port 9443 to connect to WSRR and the default
password
WebAS
is used for both keystores.The cache notification
of the WSRR policy update is enabled in Message Broker. The cache
notification uses a non-secure JMS client connection over IIOP to
connect to WebSphere Application
Server. To enable the non-secure JMS client connection, the SSL-supported
transport
option is set under the IIOP/RMI security of the WebSphere Application Server configuration
using the script package SOA Policy Pattern: WSRR Configuration
on
the WSRR Standalone server part.
The scripts must be run in the following order:
- SOA Policy Pattern: Create Sample Policies
- SOA Policy Pattern: WSRR Configuration
- SOA Policy Pattern: Create Instance
- SOA Policy Pattern: Create Sample JNDI Bindings
- SOA Policy Pattern: Connect Broker to Secure WSRR
Setting up the pattern
To optionally change
the values that have been defaulted, complete the following steps:
- Load the IBM SOA
Policy Pattern.
- Configure the configurable properties, see WebSphere Message Broker Basic part.
- Deploy the pattern to the cloud.