Various JMS Queues Used By OIM

OIM versions prior to 9.1 were using a single JMS queue named xlQueue for all the asynchronous operation like user requests (self registration and approval), reconciliation, attestation and auditing. Because all the process were using a single JMS queue, every aforementioned operations used to depend on each other. For example when reconciliation was running the queue xlQueue is filled with messages for reconciliation and request processing needs to wait till all the reconciliation was done. This was creating inter dependency between the modules of the application.

 

From OIM version 9.1 onwards, separate JMS queues for each asynchronous functionality were introduced.

 

Below are the details of the JMS queues used by OIM:

 

xlQueue

This queue is used to handle request (self registration and approval) related operations.

 

xlReconQueue

This queue is used to handle Reconciliation.

 

xlAuditQueue

This queue is used to handle Auditing.

 

xlAttestationQueue

This queue is used to handle Attestation.

 

xlProcessQueue

This queue is for future usage.

 

xlErrorQueue

This is the queue where the messages will end up after being tried 5 times.
For example, if the recon messages picked up by ReconMDBs fail during processing, they are tried for 5 times to process. If they still fail then the messages will be sent to this error queue.

Encryption Standard for OIM Database Key

OIM uses the AES -128 encryption standard in its Database key and to encrypt Answers for Challenge Response Security Questions for user account.

Note: It not possible to change Encryption method.

Exporting all of the MDS data for OIM 11g

If you want to export/backup all the MDS configuration files for OIM, then use the below WLST command:

 

Step1: Create a directory where you want all the configuration to be exported, for example MDSExport.

 

Step2: From the shell/command prompt, navigate to $MW_HOME/oracle_common/common/bin

 

Step3: Execute the wlst.sh/wlst.cmd and issue the connect() command.

 

Step4: Provide the weblogic username, password and URL to Admin Server.

 

Step5: Execute the exportMetadata command providing at least the following arguments: application, server and toLocation.

 

For example, exportMetadata(‘OIMMedata’,’oim_server1’,’<<Full Path to MDSExport’)

 

Step6: You should see a list of the files exported, at that point you can issue the disconnect() command followed by the exit() command.

 

you can also save the above commands in a .py file, let’s say MDSExport.py and it can be executed directly without entering the credentails and URL everytime.

 

MDSExport.py

 

connect('weblogic',<<PASSWORD>>,'t3://<<server:7001>>)
exportMetadata(application='OIMMetadata', server='oim_server1', toLocation=<<Full Path to MDSExport’)
disconnect()
exit()

 

Now, you can simply run the below command:

./wlst.sh MDSExport.py

 

Note: You cannot export all the configuration files using Deployment Manager (DM) and also, DM doesn’t have version control.