ADF on Docker – Java Memory Limit Tuning for JVM

It might look like a challenge to run Java in Docker environment, by default Java is not aware of Docker memory limits. Check this article for example - Java inside docker: What you must know to not FAIL.  I was able to run WebLogic and ADF (Essential WebLogic Tuning to Run on Docker and Avoid OOM) on Docker previously without Java memory issues, using JAVA_OPTIONS=-XX:+UnlockCommercialFeatures -XX:+ResourceManagement -XX:+UseG1GC. However after Docker upgrade (more...)

Set the minimum password length on your default authenticator in Weblogic

End of last year I wrote how to create a demo community of users in your Weblogic using wlst.
Using these scripts I wanted to do the same at my current customer: creating test users in the DefaultAuthenticator. However, I faced that the minimum password length was 8, while one of the user failed creation, because the password was the same as the user, and only 5 characters long.

So I need to change the (more...)

Weblogic 12c + SAML2: publish your metadata over an URL

This week I got to do a SAML2 implementation again for APEX against ADFS. Actually the same setup as last year. One pitfall I fell into with open eyes, was the Redirect URI on the 'Web SSO Partner Provider'. I entered /ords/f*, but it had to be with out the wild-card: /ords/f. But that aside.

At one step in the setup of a SAML2 configuration is that you have to publish the metadata, by (more...)

Modify your nodemanager.properties in wlst

In 2016 I did several posts on automatic installs of Fusion MiddleWare, including domain creation using wlst.

With weblogic 12c you automatically get a pre-configured per-domain nodemanager. But you might find the configuration not completely suiting your whishes.

It would be nice to update the nodemanager.properties file to with your properties in the same script.

Today I started with upgrading our Weblogic Tuning and Troubleshooting training to 12c, and one of the steps is (more...)

#DOAG2017 wrap up

doag_wegweiser

Another DOAG is over and here are my summary.

Day 1

As my presentation is planned for noon I arrived this year on the evening before, so I could attend the early sessions on 8:30.

Sten Vesterli: APEX, ADF, or ABCS? A real-life application built in 3 tools

He compares the development of a real application in APEX, ADF and ABCS. He don’t believe that ABCS is usable from end users and shows interesting (more...)

Enable WebService test client on SOA/BPM production mode environments

At my current assignment I need to trouble shoot the identity service because of a BPM->OID coupling. I use the support document 1327140.1 for it, that suggest to test http://<soa-server>:<port>/integration/services/IdentityService/identity

Doing so in a production mode soa or bpm environment, you'll soon find out that it uses the WebService test client via uri /ws_utc, and that this does not work. Resulting in http-404 Not found errors.

First I found a blog of Maarten of Amis (more...)

Implementing the KeyStore Service with Fusion MiddleWare 12c

For the passphrases, use the passphrases used earlier.Thinking about TLS (Transport Layer Security, the succesor of Secure Socket Layer, SSL) and WebLogic and Oracle HTTP Server, allways gave me Cold Water Fear. You have to create keystores with keys, wallets, certificate signing requests, import signed and trusted certificate chains. Not to mention the configuration of WebLogic and OHS.

Now, creating keystores with the Java Keytool turns out not that hard. And generating the Certificate (more...)

Provide access to #WebLogic DMS Spy Servlet for readonly users

For security reasons and to prevent the configuration drift it is recommendable to use read only for analyzing problems.

For read only access of configuration and logs WebLogic provides out of the box the group Monitors. Unfortunately you cannot access DMS Spy Servlet with this group, which is useful for analyse runtime values of the server. Only users which belongs to the Administrators group and therefore have full access can access DMS Spy Servlet and (more...)

Possible solution for TLS 1.2 issues between Windows 10 and Oracle EPM Weblogic


We have recently seen some users of both Dodeca and Hyperion products where Windows 10 machines have issues connecting to the Weblogic servers shipped with Oracle EPM due to the absence of the TLS 1.2 protocol.  The underlying issue is that Windows 10 is an evolution of technology whereas Oracle EPM Weblogic, and more specifically the Java version tested and shipped with it, are stuck in the stone age.  Java 1.6 started its (more...)

Weblogic log level mapping

For quite some time now I wondered about the differences in log-levels. For instance, if you configure the log levels in the classes in SB12c or SOA Suite,  You see levels as INCIDENT , ERROR, and TRACE, even with several sub leverls (1, 16, 32). But on the Server Log configuration in Weblogic, you see levels a s ERROR, NOTICE and DEBUG, or TRACE.  And then in Java, JDK logging we even (more...)

OHS URL Rewrite

First half of this year I did two SAML2 implementations on Weblogic. One of those was to implement Single Sign On against ADFS for Apex applications.

In short, we installed an adapted version of ORDS on a Weblogic server and configured SAML2 for Service Provider initiated SSO, as can be read here.

We added an Oracle HTTP Server as reversed proxy to the story. For the other customer I found out how to create a (more...)

HTTP Server redirects for Weblogic 12c and SAML2

Last few months I got busy with SAML2 and Weblogic 12c as Service Provider. One with ADFS and another using SurfConext as an IdP.

In both cases a HTTP server is used as a reversed proxy, in one case it is Oracle HTTP Server 12c, in the other we use Apache. Although OHS is based on Apache, of course, it has the Weblogic proxy plugin enabled by default. With Apache this is not the case.

(more...)

Starting and Stopping Domains Using WLST – The Easy Way

Yes - another post 'how to start/stop a domain using WLST' ... But, with this scripts You only have to provide information about the nodemanager and the AdminServer. All other information used to start the domain is collected dynamically during runtime.

The tool will start or stop the nodemanager (domain- or host-based), the AdminServer and each ManagedServer. Before starting or stopping a component a check is done if the operation in question is possible or not. (more...)

Fix “BEA-000394: Deadlock detected” for Weblogic with ADF Applications 12.2.1.2

If you try the newest version 12.2.1.2 (or maybe earlier versions too) you see, that your managed server does not restart, when

  • you have deployed your ADF application(s)
  • you try to restart the managed server with ADF
  • you use intentionally or not shared libraries in your weblogic-application.xml (see example below)
<?xml version = '1.0' encoding = 'UTF-8'?>
<weblogic-application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                      xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-application http://www.bea.com/ns/weblogic/weblogic-application/1.0/weblogic-application. (more...)

Découverte : Java Cloud Service Workshop


Test your WebLogic 12.1.3 enviroment with Robot

Robot Framework is a generic test automation framework which has an easy-to-use tabular test data syntax and it utilizes the keyword-driven testing approach. This means we can write our tests in readable and understandable text. If we combine this with the REST Management interface of WebLogic 12.1.3 we are able to test every detail of a WebLogic domain configuration and when we combine this

Create with WLST a SOA Suite, Service Bus 12.1.3 Domain

When you want to create a 12.1.3 SOA Suite, Service Bus Domain, you have to use the WebLogic config.sh utility.  The 12.1.3 config utility is a big improvement when you compare this to WebLogic 11g. With this I can create some complex cluster configuration without any after configuration. But if you want to automate the domain creation and use it in your own (provisioning) tool/script then you

Oracle SOA Suite 12c tips – Tuning the SOA infrastructure thread pool

One of the new capabilities of Oracle SOA Suite 12c is the ability to control the SOA infrastructure thread pools, except the resource pools for EDN and the adapters, with Oracle WebLogic Server work managers. Each partition will has its own work managers defined. This allows you to separate services in partitions and, to some extent, tune them separately based on for example specific SLA requirements.

Well, this blog posting is not about explaining the (more...)

The WebLogic Server and Trust Stores


I will describe how you configure trust stores for the WebLogic Server.

Overview

Chain of trust

When a SSL server certificate is issued by a CA it is signed by a another certificate. Normally this will be an intermediate certificated, that is again signed by the CAs root certificate. So there is a chain of trust between the (more...)

Recap of the Oracle Partner Community Forum XIV

This year the 14th edition of the Oracle Partner Community Forum was held on the island of Malta from 17th till 21st of Februari at the Hilton Hotel. I went there together with three other colleagues and this is my recap of the week.

 

This event took 4 days and was split in two parts. The first two days were spent on the conference itself and the last two days were spent on bootcamps.

(more...)