SAP IDoc Data With Japanese Kanji or Chinese Characters Overflows

Recently came across an issue while integrating SAP R3 (4.2) version with SOA 11g (11.1.1.4). When idocs are received by SAP Adapter from the SAP system containing Japanese Kanji/Chinese special characters, it was found that the data overflows on to next segments/xml tags and is distorted. This causes mapping issues as incorrect data is being mapped to. The root cause behind this behaviour is that SAP R/3(4.2) is a non-unicode system while SOA 11.1.1.4 is Unicode.

The issue is covered in below Oracle documentation as well
http://download.oracle.com/docs/cd/E14571_01/relnotes.1111/e10132/adapters_iway.htm#CIHBCICF

Here is the explanations provided by Oracle

"This issue only occurs on non-Unicode SAP MDMP environments, where one character can be two or more bytes. As an example of this issue, when using Japanese, the SAP field length is four characters. The English word "ball" fits correctly into the field because one character equals one byte. The Japanese word for ball in Shift-Jis encoding is three characters, but two bytes per character, so the last character is truncated and the last character appears in the next field. Since IDocs are positional delimited, this can cause errors in processing. This occurs because SAP uses character length, not byte length for all non-Unicode field lengths. There is no work around on this issue other than using Unicode or using shorter text in IDocs in DBCS."

None of the workaround suggested above were feasible options. So tried the below approach to fix this...

From SAP before sending the idoc, convert all Japanese strings to hexadecimal characters. Once SOA suite receives the idoc, the BPEL uses a java embed/custom XSLT function (java code) to convert the hexadecimal back to Japanese characters.There is lot of sample code available for doing these kind of hex to string conversion. Just make sure you are using the correct charset (like shift-jis for japanese kanji) while doing the conversion.
Now you should be able to see the idocs properly and use the converted japanese,chinese special characters correctly in your mappings.

SSO (SAML 1.1) Setup In SOA 11g

This post covers the steps required to configure SSO (SAML 1.1) with SOA 11g. Having Single Sign On(SSO) enabled helps the end users as they don't have to remember different username/password combinations for different applications. When tied with a LDAP provider (Like Microsoft Active Directory or Oracle Internet Directory), SSO helps in providing a robust authentication mechanism along with a seamless user experience.

SOA 11g and weblogic have made the SSO configuration very easy for administrators. Its all done on the Weblogic Admin console and doesnt require running any backend scripts or changing files on windows/linux. So lets take a look at some screenshots which show this easy setup.

Create a new Authentication provider (SAMLIdentity Asserter) and reorder to make sure it looks as below.

 Create a new Asserting party and specify properties as shown below

Create a new trusted certificate (same alias as above screenshot) and import the certifcate(.der) file.

      Finally under Managed Server -> Federation Services configure your SAML 1.1 Destination as shown
      below

That's it. Restart the Admin and Managed servers and you should be able to see the SSO redirection happening correctly. Basically whenever you hit your URL (bpm workspace in above screenshot) you should be redirected to your SSO site which should then pull up your user credentails from LDAP provider (lets says NT login) and authenticate you so that you dont have to login explicitly to your URL.

Incase you want to turn on Debug for SSO/SAML to troubleshoot issues with redirection or other errors, follow the below steps in your Weblogic Admin Console. Select Lock & Edit and click on your managed server and under the Debug tab, expand Weblogic->Security and select SAML and click on Enable and save. That's it. You should be able to see the Debug messages related to SSO/SAML in your Managed Server log file now.

Oracle WebTier (11g) Installation hangs

Oracle WebTier provides components like HTTP Server and WebCache which help in routing http requests from external users to the application server. It provides lot of flexibility to Oracle SOA Suite installations by having security, clustering, load balancing features built into it.

I have been using Oracle Webtier for most of my SOA 11g Cluster installations and the installation/configuration has been pretty straight forward. For a WebTier 11.1.1.4 installation basically install the 11.1.1.2 via Installer and apply the 11.1.1.4 patchset on top of it. This is followed by some post install configurations incase you want to setup cluster i.e adding load balancer (VIP) url in httpd.conf and mod_wls_ohs.conf files.

Tried to capture a few installation screenshots below:

Choose the installation type. Default is to Install and Configure in one shot.

Specify the admin server fully qualified domain host name. Eg. abc.mycompany.com

This is where the issue happened. Usually in all my previous installations the post install config step below was successful. But somehow on this specific server it was always getting stuck at 0% and I couldn't find any errors in the install log files for this weird behaviour.

After couple of attempts I decided to take an alternate route of Installing Webtier only (Choose the option Install Software- Do Not Configure) and configuring it in a later step by running (WT_HOME/bin/config.sh). This approach worked and I was able to continue with my installation after scratching my head for few hours.