Creating JSON request for REST web services

PeopleSoft provides Document technology to be used to generate JSON request messages but in my experience they are very restrictive especially when working on integrating with 3rd party web services. So following is what I did to generate a JSON request message to post to a 3rd party REST web service. 

The request that I have to generate is in the following form.
[
   {
      "attrib1":"value1",
      "attrib2":"value2",
      "attrib3":{
         "attrib3_1":"values3_1",
         "attrib3_2":"values3_2",
         "attrib3_3":"values3_3",
         "attrib3_4":"values3_4"
      }
   }
]

I am running PT 8.57.x and at this time its not possible to build a document with the root node as an array as shown in the example below. Also I have nested compounds which is also a challenge, the parent compound does not have a label where as the child does. 
So to build something like above I am using the CreateJsonBuilder API provided by PeopleSoft.

Local JsonBuilder &jbldr = CreateJsonBuilder();
Local JsonArray &jArray;

Local string &json;
Local message &request, &response;
Local boolean &bRet;

&jbldr.StartArray(""); /* no label */
 &jbldr.StartObject(""); /* no label */
  &jbldr.AddProperty("attrib1", "value1");
  &jbldr.AddProperty("attrib2", "value2");
   &jbldr.StartObject("attrib3"); /* need a label */
    &jbldr.AddProperty("attrib3_1", "value3_1");
    &jbldr.AddProperty("attrib3_2", "value3_2");
    &jbldr.AddProperty("attrib3_3", "value3_3");
    &jbldr.AddProperty("attrib3_4", "value3_4");
   &jbldr.EndObject("attrib3"); /* closing out the compound or JSONObject */
 &jbldr.EndObject("");
&jbldr.EndArray("");


/* this will return the array just like what I want */
&jArray = &jbldr.GetRootNode().GetJsonObject().GetJsonArray("");
&json = &jArray.ToString();

Created a basic non-rowset based message and assigned that as the request message in my service operation. Use this method to set the content for the message segment for a non-rowset-based message only.

&bRet = &request.SetContentString(&json);
&response = %IntBroker.SyncRequest(&request);

That's it, works like a charm.

Wildcard SSL Certificates (CN/SAN)

We had a need to enable SSL on all our non-production PeopleSoft environments. So decided to implement or create one SSL certificate which would be applicable for all the environments. 

Following are the details of this exercise.
I am running PT 8.56.xx on HCM 9.2 and Weblogic 12c on a Windows 2016 VM but this should work for any release. 

So in my case I have two webservers (web1.mycompany.com and web2.mycompany.com) in my non-production PeopleSoft landscape and I wish to use the same certificate on both the webservers. 

PeopleSoft delivers a wrapper called as pskeymanager.cmd (or .sh) which essentially runs the keytool java command to create a java keystore. 

When you use the wrapper to generate a new store or to generate a new certificate request it prompts for the CN (common name) value which generally is the VM name - so in my case it would be web1.mycompany.com or web2.mycompany.com. So if I generate it as web1.comycompany.com then I won't be able to use this certificate on web2 and vice-versa. So the plan is to provide the value for CN as *.mycompany.com, which is essentially a wildcard value. So any webserver in mycompany.com would be able to use this SSL certificate.

When we do this there is another attribute called as SAN (Subject Alternate Name) that needs to be populated. In my experience I noticed that a browser like Chrome uses this to verify the validity of the certificate but a browser like IE doesn't use it.

The vanilla pskeymanager.cmd doesn't use the san attribute so we have to customize this script as follows.

Search for string :gencsr and then a few lines below this would be the keytool command to generate a CSR (Certificate Signing Request). Towards the end of that command add 

-ext san=dns:web1.mycompany.com,dns:web2.mycompany.com

or

-ext san=dns:*.mycompany.com

Now use the pskeymanager.cmd command to create a new keystore and generate the CSR. Then provide the CSR to your CA (Certificate Authority) for signing and once your receive the response certificate verify that the SAN value is populated.

Load this to weblogic and test. Now you can use the same SSL certificate on all the webservers in the mycompany.com domain.

PeopleSoft web service response namespace issue

Running PT 8.53.x, wrote a simple custom web service "Hello World". Service works fine but saw one issue where the namespace returned by the response message is not defined in the WSDL. So any other 3rd party solution like a .Net program when they consume and execute this service it fails to receive the response due to the unidentified namespace.

Request 

<soapenv:Envelope xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2003/03/addressing/" xmlns:xsd="http://www.w3.org/2001/XMLSchema/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance/">
  <soapenv:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  </soapenv:Header>
  <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <HelloWorld xmlns="http://xmlns.oracle.com/Enterprise/Tools/schemas/HELLOWORLD.V1"></HelloWorld>
  </soapenv:Body>
</soapenv:Envelope>

Response via PeopleSoft SOAP message template

<soapenv:Envelope xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2003/03/addressing/" xmlns:xsd="http://www.w3.org/2001/XMLSchema/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance/">
  <soapenv:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  </soapenv:Header>
  <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <HelloWorldResponse xmlns="http://xmlns.oracle.com/Enterprise/Tools/schemas/HELLOWORLDRESPONSE.V1">
      <HelloWorldResult>XYZ</HelloWorldResult>
    </HelloWorldResponse>
  </soapenv:Body>
</soapenv:Envelope>

Actual response via SOAPUI or Postman

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soapenv:Body>
      <HelloWorldResponse xmlns="http://peoplesoft.com/HelloWorldResponseResponse">
         <HelloWorldResult>Success</HelloWorldResult>
      </HelloWorldResponse>
   </soapenv:Body>
</soapenv:Envelope>


As you see the the problem is the namespace value returned for the root tag "HelloWorldResponse".

<HelloWorldResponse xmlns="http://peoplesoft.com/HelloWorldResponseResponse">


PeopleSoft puts the default value (not sure where this is stored)
http://peoplesoft.com/HelloWorldResponseResponse
instead of what is defined in the WSDL which is 
http://xmlns.oracle.com/Enterprise/Tools/schemas/HELLOWORLDRESPONSE.V1

I have a very basic synchronous service operation, with a request and response message and the handler OnRequest peoplecode is doing all the work.

Following was my application package peoplecode initially.

&response = CreateMessage(Operation.HELLOWORLD_SVCOP, %IntBroker_Response);
&xmldata = "<?xml version='1.0'?><HelloWorldResponse/>";
&xmlresponsedoc = CreateXmlDoc(&xmldata);

&HWResponseNode = &xmlNode.AddElement("HelloWorldResult");
&HWResponseNode.NodeValue = "Success";
&response.SetXmlDoc(&xmlresponsedoc);
Return &response;


So when creating the XmlDoc I was not specifying any namespace and I was hoping PeopleSoft will add it based on the schema definition. 

Instead following is what I had to do to correct the issue. (only displaying the change, no change to rest of the code)

&xmlresponsedoc = CreateXmlDoc("");

&docTypeNode = &xmlresponsedoc.CreateDocumentType("", "", "");
&rootNode = &xmlresponsedoc.CreateDocumentElement("HelloWorldResponse", "http://xmlns.oracle.com/Enterprise/Tools/schemas/HELLOWORLDRESSPONSE.V1", &docTypeNode);

&xmlNode = &xmlresponsedoc.DocumentElement;

So I have to use the CreateDocumentElement method of CreateXmlDoc in order to define the namespace. In order to use this method I had to first initialize the &docTypeNode variable by using the CreateDocumentType method.

After making the above change the response comes back correctly.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soapenv:Body>
      <HelloWorldResponse xmlns="http://xmlns.oracle.com/Enterprise/Tools/schemas/HELLOWORLDRESSPONSE.V1">
         <HelloWorldResult>Success</HelloWorldResult>
      </HelloWorldResponse>
   </soapenv:Body>
</soapenv:Envelope>

Sending and Receiving MTOM-encoded binary data

PeopleSoft supports the MTOM protocol for sending and receiving binary data using service operations. While you can send and receive binary data using SOAP, doing so requires that you Base64-encode the data, which can increase message size by 33 percent or more. The MTOM protocol enables you to send and receive binary data in its original binary form, without any increase in size due to encoding.

For sending or receiving MTOM-encoded binary data, we have to use message segments to store the data. The SegmentContentType property of the message object is used to set or read the content type of each message segment.

Following is a test that I did to send a XML file as an attachment in a SOAP message and then read the attachment that is sent by the 3rd party system that I am interacting with. I am running PT 8.53.22.

Sending:

Request message is as shown below. For this test I am storing this in a html object called as MY_MESSAGE but this can be generated dynamically as needed using SOAPDoc or XMLDoc classes. The request message defined on the service operation is nonrowset based. 

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">

<soapenv:Header/>

<soapenv:Body>

<submitLargeDocument>        

    <Document>  

         <PsftXopInclude SegmentNumber='1'/> 

    </Document>      

</submitLargeDocument>

</soapenv:Body>

</soapenv:Envelope>

document.xml is my payload which I have created in a different routine and I am just using it here. Its just like creating any other XML file in PeopleSoft. Payload can be a binary file like a pdf or a image file.

Sender node is my default local node and receiving node is the delivered WSDL_NODE. You can always create a custom receiving node if needed. Routing is using local gateway and HTTPTARGET connector. Under routing, connector properties content-type is set to text/xml as my payload is a xml file, HTTPPROPERTY MTOM is set to Y, METHOD is POST, SOAPUpContent is set to N as I have already built the SOAP wrapper in my html object above. If you need IB to create the wrapper then set this property to Y. Provided PRIMARYURL to destination 3rd party application. Took all other defaults.

PeopleCode:

&str = GetHTMLText(HTML.MY_MESSAGE);

&requestXMLDoc = CreateXmlDoc();

&ret = &requestXMLDoc.ParseXmlString(&str);

&request = CreateMessage(Operation.SEND_OPERATION);

&request.SetXmlDoc(&requestXMLDoc);

&MTOMFile = GetFile("C:\temp\document.xml", "R", %FilePath_Absolute);

If &MTOMFile.IsOpen Then   

   &theBase64encodedString = &MTOMFile.GetBase64StringFromBinary();   

   &MTOMFile.Close();

End-If;

&request.CreateNextSegment();

If (&request.SetContentString(&theBase64encodedString)) Then   

    &request.SegmentContentType = "application/xml";  

    &request.SegmentContentTransfer = %ContentTransfer_Binary;

End-If;

&response = %IntBroker.SyncRequest(&request);

Receiving:

Response message defined on the service operation is a non-rowset based message. Sender node is the default local node and receiving node is WSDL_NODE. Using local gateway and HTTPTARGET connector. Setting HEADER properties Content-Type to text/xml as the response attachment that I am receiving is a xml file, sendUncompressed is Y, HTTPPROPERTY Method is POST and SOAPUpContent is Y and finally the PRIMARYURL to the 3rd party service.

On the weblogic webserver, in the integrationGateway.properties file enable the MTOM Listening Connectors. 

ig.MTOM.enablePeopleSoftServiceListeningConnector=true

ig.MTOM.enableHttpListeningConnector=true

Bounce the webserver after making this change.

PeopleCode:

This is pretty straightforward. Once the request is made, read the response and parse out the document.

&response = %IntBroker.SyncRequest(&request);

&responseXMLDoc = &response.GetXMLDoc();

If (&response.ResponseStatus = 0) Then

     &dataNode = &responseXMLDoc.DocumentElement.GetElementByTagName("data");

     &theData = &dataNode [1].GetCDataValues();

     &responsestr = &theData.Shift();

End-If;

The &responsestr string variable will have the response SOAP envelope as well as the attachment separated by message segments as shown below. Parsed it out using string functions.

<?xml version="1.0"?>

<data psnonxml="Yes">

  <![CDATA[

------=_Part_624_1792156364.1458048147094

Content-Type: application/xop+xml; charset=UTF-8; type="text/xml"

Content-Transfer-Encoding: 8bit

Content-ID: <soap.xml@xfire.codehaus.org>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">

<soap:Body>

.......

.......

.......

</soap:Body>

</soap:Envelope>

------=_Part_624_1792156364.1458048147094--

------=_Part_724_1792156364.1458048147094

Content-Type: application/xop+xml; charset=UTF-8; type="text/xml"

Content-Transfer-Encoding: 8bit

Content-ID: <soap.xml@xfire.codehaus.org>

<Document>

........

........

........

</Document>

------=_Part_724_1792156364.1458048147094--

]]>

</data>

Configuring Microsoft IIS 7.0 as a RPS

This post describes how to proxy content to a single server configuration of PIA. In a production environment, a multi server configuration would be used to perform these steps to proxy content to your managed server instance of PIA, PIA1, PIA2, and so on.

Microsoft Internet Information Server (IIS) can be configured as a reverse proxy server (RPS) for one or more WebLogic Server instances. Multiple instances can either be independent instances, or grouped into a cluster. When using a reverse proxy, all URLs that are used to access your PeopleSoft application (even URLs that are stored in the database), need to point to the reverse proxy, and not to the WebLogic server.

Oracle only supports IIS 7.0 as an RPS on Windows Server 2008 x64 Standard Edition, or Enterprise Edition environments. These instructions are based on a physical separation of WebLogic Server and Microsoft IIS 7.0, where both web servers are installed on different VMs.

First verify/enable CGI or ISAPI Extensions on IIS.

WINDOWS SERVER 2008 OR WINDOWS SERVER 2008 R2

1. On the taskbar, click Start, point to Administrative Tools, and then click Server Manager.

2. In the Server Manager hierarchy pane, expand Roles, and then click Web Server (IIS).

3. In the Web Server (IIS) pane, scroll to the Role Services section, and then click Add Role Services.

4. On the Select Role Services page of the Add Role Services Wizard, select CGI or ISAPI Extensions.

5. If the Add role services dialog appears, click Add Required Role Services. (This page appears only if you have not already installed any prerequisite role services on your server.)

6. On the Select Role Services page, click Next.

7. On the Confirm Installation Selections page, click Install.

8. On the Results page, click Close.

Create RPS site in IIS

1. Create a web application in IIS Manager:
    a. Right click Web Sites and select Add Web Site.
    b. Enter the web site name of your web application.
    c. Select the path of your web application port that can be any valid port number not currently in use.
   d. Click OK button to create the web application.
If you can see the name of your application under Web Sites it means that your application has been created and started running.

From the WebLogic server, copy WL_HOME\server\plugin\win\x64\iisproxy.dll to c:\inetpub\psrps

From the WebLogic server, copy WL_HOME\server\plugin\win\x64\iisforward.dll to c:\inetpub\psrps

2. Click the web application node under Web Sites to see all the settings related to the application.

3. Click Handler Mappings link to set the mappings to the handler for a particular MIME type.

4. Click StaticFile link and change the Request path field from * to *.*. Click OK.

5. In Features View, on the server, site, or applicationHome page, double-click Handler Mappings. On the Handler Mappings page, in the Actions pane, click Add Script Map… under the Actions panel on right-hand side.

6. The Edit Script Map dialog box appears. Enter * for the Request path.

7. Browse to the iisproxy.dll file in Executable field. Name it proxy.

8. Click Request Restrictions… button and deselect the Invoke handler only if the request is mapped to check box.

9. Click OK to add this Handler mapping. Click Yes on the Add Script Map dialog box.

10. Close IIS Manger and restart it. Click Root node of the IIS Manager tree and click ISAPI and CGI Restrictions. Select Allow unspecified ISAPI modules check box.

11. Create a file called iisproxy.ini with the following contents and place it in the directory with the plug-in:

WebLogicCluster=server1:80,server2:80

DynamicServerList=ON

ConnectRetrySecs=5

ConnectTimeoutSecs=25

Debug=ALL

DebugConfigInfo=ON

KeepAliveEnabled=true

WlForwardPath=/psp,/psc

WLCookieName=SERVER-80-PORTAL-PSJSESSIONID

WLLogFile=C:/inetpub/psrps/logs/psprs.log

SecureProxy=OFF

Add user IUSR to the psrps folder and also to the psrps\logs folder too.

PeopleSoft Setup

cookie-name tag in the weblogic.xml file of PIA1, PIA2 etc should have the same value. e.g. SERVER-80-PORTAL-PSJSESSIONID

<?xml version="1.0" encoding="ISO-8859-1" standalone="no"?>

<weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app">

<description>PeopleSoft Internet Architecture</description>

<!-- Coherence*Web Library - Resolution 863761

  <library-ref>

      <library-name>coherence-web-spi</library-name>

  </library-ref>

-->

  <session-descriptor>

  <id-length>32</id-length>

  <cookie-name>SERVER-80-PORTAL-PSJSESSIONID</cookie-name>

  <cookie-domain>.company.com</cookie-domain>

  <monitoring-attribute-name>USERID</monitoring-attribute-name>

  <persistent-store-table>wl_servlet_sessions</persistent-store-table>

  <http-proxy-caching-of-cookies>true</http-proxy-caching-of-cookies>

  </session-descriptor>

    <container-descriptor>

      <servlet-reload-check-secs>-1</servlet-reload-check-secs>

      <session-monitoring-enabled>true</session-monitoring-enabled>

  </container-descriptor>

  <context-root>/</context-root>

</weblogic-web-app>

In web profile - update the General and Virtual Addressing tab as shown below.