Implementing the KeyStore Service with Fusion MiddleWare 12c

For the passphrases, use the passphrases used earlier.Thinking about TLS (Transport Layer Security, the succesor of Secure Socket Layer, SSL) and WebLogic and Oracle HTTP Server, allways gave me Cold Water Fear. You have to create keystores with keys, wallets, certificate signing requests, import signed and trusted certificate chains. Not to mention the configuration of WebLogic and OHS.

Now, creating keystores with the Java Keytool turns out not that hard. And generating the Certificate (more...)

Provide access to #WebLogic DMS Spy Servlet for readonly users

For security reasons and to prevent the configuration drift it is recommendable to use read only for analyzing problems.

For read only access of configuration and logs WebLogic provides out of the box the group Monitors. Unfortunately you cannot access DMS Spy Servlet with this group, which is useful for analyse runtime values of the server. Only users which belongs to the Administrators group and therefore have full access can access DMS Spy Servlet and (more...)

Possible solution for TLS 1.2 issues between Windows 10 and Oracle EPM Weblogic


We have recently seen some users of both Dodeca and Hyperion products where Windows 10 machines have issues connecting to the Weblogic servers shipped with Oracle EPM due to the absence of the TLS 1.2 protocol.  The underlying issue is that Windows 10 is an evolution of technology whereas Oracle EPM Weblogic, and more specifically the Java version tested and shipped with it, are stuck in the stone age.  Java 1.6 started its (more...)

Weblogic log level mapping

For quite some time now I wondered about the differences in log-levels. For instance, if you configure the log levels in the classes in SB12c or SOA Suite,  You see levels as INCIDENT , ERROR, and TRACE, even with several sub leverls (1, 16, 32). But on the Server Log configuration in Weblogic, you see levels a s ERROR, NOTICE and DEBUG, or TRACE.  And then in Java, JDK logging we even (more...)

OHS URL Rewrite

First half of this year I did two SAML2 implementations on Weblogic. One of those was to implement Single Sign On against ADFS for Apex applications.

In short, we installed an adapted version of ORDS on a Weblogic server and configured SAML2 for Service Provider initiated SSO, as can be read here.

We added an Oracle HTTP Server as reversed proxy to the story. For the other customer I found out how to create a (more...)

Hey JAVA-developer, why don’t you love your database

Why this post?

Partly, this blogpost is a result of a promise to Lukas Eder. Basically my vision adheres quite nicely to the “Thick Database” driven by Bryn Llewellyn and Toon Koppelaars who, understandibly, drive this from an Oracle perspective.
It –more than of course- also nicely fits EnterpriseDB or even vanilla PostgreSQL database landscapes.

There is apparently still so much confusion in the world on the how, why and what of (more...)

HTTP Server redirects for Weblogic 12c and SAML2

Last few months I got busy with SAML2 and Weblogic 12c as Service Provider. One with ADFS and another using SurfConext as an IdP.

In both cases a HTTP server is used as a reversed proxy, in one case it is Oracle HTTP Server 12c, in the other we use Apache. Although OHS is based on Apache, of course, it has the Weblogic proxy plugin enabled by default. With Apache this is not the case.

(more...)

List Weblogic 12c System Components

Besides starting and stopping servers, it turns out handy to be able to list the particular system components of a Weblogic domain. For most domains, you might have an embedded/colocated Oracle HTTP server.
But we're also busy with installing BI publisher domains, and there several BI Components are created. To list which ones are created (and determine where things might went wrong) it might be handy to list all the system components. For that I (more...)

Starting and Stopping Domains Using WLST – The Easy Way

Yes - another post 'how to start/stop a domain using WLST' ... But, with this scripts You only have to provide information about the nodemanager and the AdminServer. All other information used to start the domain is collected dynamically during runtime.

The tool will start or stop the nodemanager (domain- or host-based), the AdminServer and each ManagedServer. Before starting or stopping a component a check is done if the operation in question is possible or not. (more...)

Single Sign On for Apex with ADFS? With Weblogic 12c and ORDS: Yes, you can!

Lately we implemented a Single Sign On solution for Apex, based on Weblogic 12cR2, ORDS 3.0.9, and ADFS as a federated Identity Provider. This combination turns out to be a marriage of 3 different worlds. So we ran in to a several issues that were not described in one simple how-to document. So in this document I try to assemble the information needed to do the end 2 end configuration (apart from the (more...)

‘No such file or directory’ on starting your domain

Today I was triggered by this question. Earlier I had a similar problem, where I searched, and searched and searched and found the last section on this blogpost. Yes indeed, that is how it works when you blog: you might find your self finding your own blogposts again.

What is it about? Last year I wrote a nice set of scripts on installing Fusion Middleware and creating Fusion Middleware Weblogic domains.

I created the domain-creation-script (more...)

New and improved (re-)start and stop scripts for Fusion MiddleWare.

Last year I created a set of start and stop scripts for Weblogic/Fusion MiddleWare. Although I was quite happy with them at the time, I found that there was quite a lot of duplicate code. And I think I could improve them by combining at least the wlst scripts into one, making it a lot better maintainable, but also opening up for restart functionality. And doing so make the scripts more generic. I took my (more...)

BPM BAC Subversion Server refusing connections

These days I work on setting up several development lifecycle environments for BPM, SOA and OSB. What means that we setup servers for Development and test, culminating eventually in supporting the setup of the acceptance and production servers.

Since we want to have development resemble production as much as possible, we installed a dual-node clustered BPM environment, including BAM. However, since it is development, we have the two Managed Servers per cluster on the same (more...)

Back from PaaSForum

So, and now we're back in business after a splendid week in Split, Croatia, to meet with about 200 great, enthusiastic con-colleagues from the fields of SOA and Weblogic. It was the yearly OPN Partner Community Forum, ran by the great Jürgen Kress. He did a formidable job to collect many informatic sessions on the latest news and products from Oracle. We could meet with product managers, eat  and drink with them. To my surprise (more...)

Start, Restart and stop OHS Components

In Fusion Middleware 12c the Oracle HTTP Server is now configured as SystemComponents within a Weblogic Domain. This can be embedded in a FMW Domain, like SOA, OSB, or WebCenter.  Or it can be in a stand alone domain.

When configured, there are scripts to start and stop the system components in the bin folder of the domain: startComponent.sh and stopComponent.sh.

These scripts first do a readDomain() to read the domain before actually (more...)

Install and configure Oracle HTTP Server Standalone

Last week I had an assignment to install and configure Oracle HTTP Server as a reversed proxy in a DMZ. Many years ago I worked with Apache a little, so I had not have the details at hand.

Although installing and configuring the HTTP Server is not hard, I found that I had to do quite some searching around to get to all the essentials. To help you out, and to have it logged for (more...)

Fix “BEA-000394: Deadlock detected” for Weblogic with ADF Applications 12.2.1.2

If you try the newest version 12.2.1.2 (or maybe earlier versions too) you see, that your managed server does not restart, when

  • you have deployed your ADF application(s)
  • you try to restart the managed server with ADF
  • you use intentionally or not shared libraries in your weblogic-application.xml (see example below)
<?xml version = '1.0' encoding = 'UTF-8'?>
<weblogic-application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                      xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-application http://www.bea.com/ns/weblogic/weblogic-application/1.0/weblogic-application. (more...)

Weblogic 11g to 12c: strictness in listen address

Let's say you have a virtual machine with two network adapters, both set on 'HostOnly'.
I used to do that and set the first one of those to a fixed IP address, say 10.0.0.1. To this one I coupled the hostname, for instance darlin-vce-db, using the /etc/hosts file. That way I had a fixed, always existing network address for the database.

Together with the database, you install WebLogic, for instance to serve (more...)

Set all WebLogic log levels to “Inherit” via WLST

Logging is a very useful feature of WebLogic.

Unfortunately the log levels, which are set after a clean install of WebLogic or some of the Fusion Middleware product creates a lot of noise and therefore it costs I/O performance.

Additional after analyzing an issue with logging often resetting the log level is forgotten.

Here you get a script to reset the log levels at regular intervals or after a trace session.

#!/usr/bin/python
execfile('get_environment.py')
 (more...)

Découverte : Java Cloud Service Workshop