Scoped Propagation Notes

Scott S NelsonLeave a comment

This is from a document I recently wrote intended to provide examples and guidance for running certain scoped propagation scenarios for a client. The examples were done using an application I had handy at the time, and actual results of scoped-based propagation are application-specific, so your mileage may vary.

Scoped propagation should be tested in lower environments prior to running propagation with a Production destination. The scope properties file used for scoped propagation must be revised each time scoping is used to ensure all desired nodes are propagated.

With careful testing and experience, scoped propagation can be very useful. Without testing, scoped propagation can lead to unrecoverable state for the portal functionality. Debugging propagation scope seems at first difficult, though once an intuitive understanding of Important Scope Notes is achieved and experience obtained reading the propagation logs, configuring the scope.properties file becomes much simpler.

Important Scope Notes

The following concepts around scoping must always be considered when using scoped propagation to minimized risk.

Any scope listed will automatically include all children of that scope

If the Application:SecurityService:SecurityProviderService node is listed in the scope.properties files, all children of Application:SecurityService:SecurityProviderService will be propagated, regardless if they are specified or not.

Dependency Checking

One example of a dependency check: If a portlet (or any asset that can be entitled) is in scope and the definition of the role is out of scope and the role does not exist in either environment, the entire propagation task will fail.

The variety of dependency checks that will occur for default nodes are far too numerous to be listed, and the possibilities increase exponentially with each application-specific node. There are two purposes to pointing out dependency checking in relation to propagation. First, that the use of scoped propagation where all dependencies are not explicitly known in advance can have undesirable functional side effects. The second is that due to the complexity of potential dependency relationships, relying on the propagation servlet to detect all dependencies is a very risky assumption and not recommended or supported.

Examples and Assumptions

my_propagation_ant.xml is the propagation Ant build file used for the tests and based on the examples in the standard WLP documentation and the one that comes installed with WLP (<WLPORTAL_HOME>/propagation/bin/propagation_ant.xml).

The examples below assume all files are contained in the root of the working directory and that the commands are run from that same location. The examples also assume that default policy properties are used.

Common Scoping Steps

These steps will be referred to or repeated throughout this document with minimal change:

  1. ant -f my_propagation_ant.xml downloadSrc
  2. ant -f my_propagation_ant.xml listScopes
  3. Starting at the parent node, remove all nodes of the undesired scopes from the resulting listScopes_scopes.properties file and save as scope.properties
  4. ant -f my_propagation_ant.xml downloadScopedSrc
  5. ant -f my_propagation_ant.xml downloadScopedDest
  6. ant -f my_propagation_ant.xml combineWithScope
  7. ant -f my_propagation_ant.xml uploadCombined
  8. ant -f my_propagation_ant.xml commit

Scoped Propagation: No Content

This is a basic scenario, and one that is listed under Best Practices for propagation. These steps have a high likelihood of success used as-is in most environments.

Steps to perform scoped propagation where all managed content is left out of scope:

  1. ant -f my_propagation_ant.xml downloadSrc
  2. ant -f my_propagation_ant.xml listScopes
  3. Remove all nodes that begin with scope_[#]=Application:ContentServices from the resulting listScopes_scopes.properties file and save as scope.properties
  4. ant -f my_propagation_ant.xml downloadScopedSrc
  5. ant -f my_propagation_ant.xml downloadScopedDest
  6. ant -f my_propagation_ant.xml combineWithScope
  7. ant -f my_propagation_ant.xml uploadCombined
  8. ant -f my_propagation_ant.xml commit

Scoped Propagation: No Security

In propagation scope, Security specifically refers to the definition of Security Services under the Application:SecurityService node. These values can be scoped to a very fine level, keeping in mind the limitations listed under Important Scope Notes. With this in mind, follow the Common Scoping Steps with the undesired Security Services scopes removed.

Scoped Propagation: Desktop

Propagating admin-only changes scoped to a desktop level is very straight-forward. At step 3 of Common Scoping Steps, all nodes that do not start with the individual desktop node should be removed from the listScopes_scopes.properties and saved as scope.properties. The general format of the node is:

scope_[#]=Application:portalservices:[APP_NAME].WebApp:[PORTAL_NAME].Portal:[DESKTOP_NAME].Desktop:[DESKTOP_NAME].DefaultDesktop

Again, keep in mind the Important Scope Notes.

Scoped Propagation: Roles and Entitlements

Entitlements are entirely dependent on roles. If an asset is entitled, it cannot be propagated if a role entitled to it is not present or propagated[1]. In order to de-scope a role from propagation is also necessary to de-scope all assets entitled to that role.

[1] As noted in Examples and Assumptions, these tests were done with default policies. It may be possible to propagate entitled assets without the roles entitled, though this would result in the asset not being entitled in the destination environment, which is generally an undesired result. Custom policies also add another layer of complexity to scoped propagation.

If you found this interesting, please share.

© Scott S. Nelson

Perpetuating Propagation Perplexity

Scott S NelsonLeave a comment

The WLP 10.3.2 documentation: Propagation Inventory Compatibility states

WebLogic Portal inventories saved with WebLogic Portal 8.1 or 9.2 cannot be used with WebLogic Portal 10.3.2 propagation tools.

While this implies that a 10.2 inventory can be used, it does not specifically say so.  This came up for someone I know who then asked support if one could propagate from a 10.2 environment to a 10.3.2 environment since they wanted to build out a new, clean infrastructure for their upgraded WLP application rather than running an upgrade in the old production environment. The response was quick and short: “No”.

So, being the way I am, I tried it anyway. Works fine. Granted, there are probably many legitimate reasons for not doing this, and I would never suggest it for on-going operations, but as a one-shot move from an existing environment to a new environment it is definitely worth a test run before changing your upgrade strategy.

If you found this interesting, please share.

© Scott S. Nelson

Resurrecting the WLP Data Sync Web Application in 10.3.2

Scott S NelsonLeave a comment

In WLP 10.3.2, the datasync web application has been deprecated. This makes sense if you consider the recommended approach is to test all of your Datasync Project work in DEV mode and then propagate up once you have everything the way you want. However, if you are upgrading or have a development process where this is not the easiest policy to implement, you may wish to bring back the datasync.war. If that is you, fear not! Blogging to the rescue!

While in previous versions of WLP it was automatically added to a portal EAR project, in 10.3.2 you must manually add the dataync.war.

The documented  approach (How To Import and Add the Deprecated ‘Datasync.war’ to the WebLogic Portal Application (Doc ID 1268447.1)) to add it is to use OEPE, right-click on the EAR project, select Import War, and import [WLP_HOME]p13ndeprecatedlibdatasync.war. Doing so creates a datasync project in your workspace.

The documentation goes on to describe an edit to the MANIFEST.MF to include the classes from ImportedClasses on the classpath. When I tried it, I could get to the data sync application index page, but would get a 500 error past that.

Digging through the logs, I found class not found exceptions. I eventually fixed this by moving the jsp folder under/datasync/ImportedClasses/WEB-INF/classes/com/bea/p13n/management/data to /datasync/ImportedClasses/com/bea/p13n/management/data, re-building and re-deploying.

If you found this interesting, please share.

© Scott S. Nelson