Académique Documents
Professionnel Documents
Culture Documents
Agenda
Types of Action Navigate to BI Dashboard Conditions Action Links Invoke a Web Page (Run a Google Search) Invoke a Browser Script (Get Google Directions)
Further AF Examples
Action Framework
Action Framework is an exciting new feature of OBIEE 11g that provides the facility to invoke a wide variety of actions or processes directly within the UI This is a major enhancement, since OBIEE 10g is great for analysis but has limited capability for performing actions once your analysis is complete OBIEE 11g Action Framework enables you to:
Navigate to related Oracle BI content Invoke operations, functions, or processes in external systems
Analyses Dashboard pages Agents (iBots in 10g) Balanced Scorecard objectives and initiatives KPIs
3
Creating Actions
If you only want to use an Action once, you can define it directly within an analysis, dashboard page, agent, scorecard objective, scorecard initiative, or KPI. These inline actions are not re-usable
4
Note: When integrated with Siebel CRM it is also possible to Navigate to Siebel CRM (Appears by default with 11.1.1.5)
Examples Conditions
e.g. View Sales Order Details only appears if there are <500 Orders
Vision Nordics has >500 orders so it is only possible to navigate to a summary analysis
Vision UK and Ireland has <500 orders so it is possible to navigate to a detail analysis
Examples Confirmation
You can also configure Action Links to request confirmation before invoking the action:
Examples On Dashboards
Dashboard Pages can consist of Action Links and Action Link Menus
10
An Action Link Menu dashboard object allows you to display a menu of multiple Action Links:
11
Examples On KPIs
The KPI Status can be used to determine which Action Links appear
12
The Objective or KPI Status can be used to determine which Action Links appear
13
You can initiate multiple Actions once a Delivers Agent has completed:
The Actions can be initiated for every row returned by the Agent!
You can map the columns returned by the Agent to each of the Actions parameters
14
Further Examples
15
In this example, we will demonstrate how to initiate an Action to navigate to a web page and run a Google search for a customer!
16
The first thing to do is build a sample URL that achieves what you need For example, the following URL will run a Google search on Oracle Corporation:
http://www.google.co.uk/search?q=Oracle Corporation
17
In this example, we will demonstrate to how to create an Action that will invoke a web service directly from a Dashboard
The Action will be called Adjust Sales Forecast will invoke a web service to modify a Sales Reps forecast target:
18
In order to invoke a web service, you typically need the URL for its Web Service Description Language (WSDL)
The owner of the site hosting the web service should be able to provide you with his
The WSDL returns an XML file providing details on all the web services that are available, such as the operations available and the parameters that need to be passed For example, our web service has the following WSDL:
http://obiee11g:7001/Adjust_Sales_Forecast-Adjust_Sales_Forecast-contextroot/Adjust_Sales_ForecastPort?WSDL
NOTE:
It is possible for the OBIEE administrator to set up a Registry containing a list of available web services, this means you dont need to provide the WSDL URL Setting up of this Registry will be discussed during a later topic
19
In this example, a Get Directions Action will be used to invoke a piece of browser script (Javascript) that will open Google Maps and show you the directions between your chosen location and the customer!
20
The following URL can be generated to get directions using Google Maps:
http://maps.google.co.uk/maps?&saddr={p1}&daddr={p2}
Parameters p1 and p2 can be anything such as a postcode or a set of Lang/Long co-ordinates (in the format Lat,Long)
In our example, we will pass 3 parameters to our javascript function:
The javascript function will concatenate the Lat/Long coordinates together and pass them to Google Maps as a single parameter
21
There is a UserScript.js file provided on the OBIEE server in which you must place your custom Javascript functions
[bi_server1] \bi_server1\tmp\_WL_user\analytics_11.1.1\xxxxx\war\res\b_mozilla\actions
22
For each Action you actually provide two separate Javascript functions!
USERSCRIPT.getdirections = function(params) { var googleURL = "http://maps.google.co.uk/maps?&saddr=" + params.your_loc + "&daddr=" Your refer to input + params.dest_lat parameters in the format: + "," array.parameter + params.dest_long; window.open(googleURL,"GetDirections");
};
23
It has the following format (in this case we are defining 3 input parameters):
The function has the same name as before, but has the postfix .publish
USERSCRIPT.getdirections.publish = { parameters:[ new USERSCRIPT.parameter("your_loc" , "Your Location" ,""), new USERSCRIPT.parameter("dest_lat" , "Latitude Destination" ,""), new USERSCRIPT.parameter("dest_long", "Longitude Destination",""), ] };
24
25
OBIEE 11g comes equipped with a wide range of web services There are two different types:
http://download.oracle.com/docs/cd/E14571_01/bi.1111/e16364/toc.htm
26
There are a variety of OBIEE session based web services are available:
- obtain HTML to render BI dashboards/reports - initiate iBots - Retrieve info on Subject Areas, Tables, Columns - Replication between Presentation Catalogues - Add filter and other conditions to BI requests - Login, Logoff, Impersonate authentication functions - Identify BI EE accounts and privileges - Browsing and Managing the Presentation Catalogue - Retrieve Oracle BI query results in XML format
Each of these web services contain one or more methods They are referred to as session based because you have to establish a session with OBIEE first before you can use them (you need to pass in a valid Session Id) The Web Service Definition Language (WSDL) format for Oracle BI web services can be obtained using the following example URL:
http://localhost:9704/analytics/saw.dll?WSDL
27
It is also possible to specify a parameter to return the meta-data for each column of data returned e.g. name, data format, length etc
28
To satisfy a particular requirement, normally a number of BI EE web services will have to be called in sequence e.g.
Log in / Authenticate Obtain results in XML format Log off
This means you have to programmatically call the web services one after the other
You log in to obtain the Session Id You call the next web service and pass the Session Id in as a parameter You call the next web service
These session based web services are therefore not too compatible with Action Framework on their own
This is where Oracle BPEL and SOA Suite come into play....we will discuss more about this later.
30
OBIEE Web Services for SOA are quite different to the Session Based web services. There are three actions available:
Execute Agent Execute Condition Execute Analysis
Prompted filters and presentation variables included in the business intelligence objects are supported
For example: if your Analysis has 3 Is Prompted filters then you can pass values in for these at run-time
Instead of being provided with a WSDL URL, you are in fact provided with a WSIL (Web Service Inspection Language) URL:
http://localhost:9704/biservices/inspection?wsil
This allows OBIEE to dynamically build up the set of web services available based upon the objects in the BI Presentation Catalogue. If you open up the WSIL URL in a browser, you can see that you are able to browse through the catalogue structure and youll find a web service for each Analysis, Condition and Agent!
32
Consider this example where we have an Agent called Sales History Agent We want to use Action Framework to invoke it
33
OBIEE Web Services for SOA Create Action : Invoke a Web Service
Create a new Action of type Invoke a Web Service You can then browse through the catalog and invoke the web service associated with your Agent!
The path to our Agent is: /shared/Agents/Sales History Agent Here is the web service associated with the Agent
34
There are two parameters to configure, you can leave them Optional:
Session Country Session Language
35
36
There is some configuration required in order to use OBIEE Web Services for SOA
Firstly, you have to configure the FMW credential store with the username/password that will be used to browse the web services available
This account will always be used for browsing the web services, so users can only execute Actions on objects stored in Shared folders
Secondly we will configure the ActionFrameworkConfig.xml file with details such as:
The WSIL URL to use for browsing the web services The authentication policy to determine what credentials etc are required to invoke the web services
37
38
} for example }
39
Create a new file called wss_username_token_policy.xml and paste in the following contents:
<?xml version="1.0" encoding="UTF-8"?> <oracle-webservice-clients> <webservice-client> <port-info> <policy-references> <policy-reference uri="oracle/log_policy" category="management"/> <policy-reference uri="oracle/wss_username_token_client_policy" category="security"/> </policy-references> </port-info> </webservice-client> </oracle-webservice-clients>
[Middleware Home]\user_projects\domains\bifoundation_domain\config\fmwconfig\biinstances\coreapplication
40
Within the same folder, open up the ActionFrameworkConfig.xml file for editing
41
Then configure the <Accounts> and <Policies> tags to contain the following configuration
42
43
Test! You should now be able to create an Action and see that the web services are automatically available for you to choose and execute:
44
Without further configuration, all the Web Services for SOA will be invoked as the same wsil.browsing account
Everyone has the same visibility of the common Shared Folders area Everyone has the same visibility of the users own My Folders area Common data visibility for all users
However, with further configuration it is possible to secure the web services to run as the user who is invoking the web service rather than the common wsil.browsing account We will be dealing with securing web services in a later topic.
45
46
If youre not careful, by default your custom web services will have no security so anyone can invoke them from anywhere!
You can secure web services within OWSM or within WebLogic. You secure a web service by assigning one or more WS Policies
In the example below, the ExecuteAgent web service has a security policy which enforces authentication using a username and password (Token):
47
There are two types of policy that can be attached to web services:
NOTE:
It is recommended that you use OWSM policies over WebLogic policies whenever possible. You cannot mix your use of Oracle WSM and WebLogic Web service policies on the same web service
48
OWSM and WebLogic come with many predefined policies! The one to use largely depends on the customers needs:
As a general rule though you can simply consider the policies mentioned on the next slides
49
By default, all the OBIEE Web Services for SOA are configured with a policy that requires a valid Username / Password credentials to be passed through:
The credentials are checked against whatever Identity Provider(s) is configured in WebLogic (by default, it will be its own embedded LDAP store)
In the case of OBIEE 11g, the credentials passed are stored in the Credential Store administered within Enterprise Manager (WebLogic Domain > Security > Credentials):
50
Although the policy wss_username_token_service_policy secures authentication, it does not cover all security aspects:
Confidentiality:
There is no use of public/private keys so the messages are not encrypted (usernames/passwords are not even encrypted)
Integrity:
The messages are not digitally signed, so you cannot guarantee the authenticity of the messages
51
You can use the Credential Store for this purpose, but it means you are always passing over the same credentials no matter which user is invoking the service
52
Instead of requiring a password, the client passes over a certificate which is then verified by the server (the server has a key store containing all the valid certificates) This security policy is also very secure:
Only clients with a trusted certificate are allowed XML Messages are encrypted using public/private key XML Messages are digitally signed using the private key
The benefit is that the username of the invoking user is propagated, so this policy supports the need for a service to run as different users. The downside is that the server has to trust that the user is valid. This method is commonly used by partners who need to integrate across the web and can trust each other NOTE: The propagated user must have an entry in the recipients LDAP store
53
Instead of requiring a password, an X.509 certificate is passed over to the server to verify that the user has been authenticated and can be trusted (X.509 is commonly used in SSO applications) This security policy is also very secure:
Only clients with a valid X.509 certificate allowed XML Messages are encrypted using public/private key XML Messages are digitally signed using the private key
The username of the invoking user is propagated, so this policy supports the need for a service to run as different users. X.509 is a stronger and more secure form of SSO compared to SAML. Each user has a certificate which is tied to an individual entry in the companys LDAP store
54