Reuse of outgoing http connection in osb

Similar Messages

• Outgoing HTTP connection reuse in OSB

  Hello,
  I was wondering how the OSB manages the outgoing http connections over a remote service. If I'm right the normal behavior is that the established connections are reused if no load is applied and create new connections if needed.
  During some tests I checked that it's not working as expected. Using one thread to send one request each second, a random number of requests uses the same connection and suddently a new connection is created leaving the current not used anymore and after 200 seconds gets closed. If I increase the delay between each request to 5 seconds, it happens more frequently and only one or two requests passes through the same connection. Finally only one request per connection is used when the delay is 10 seconds.
  The keep-alive header is set and the OSB version is 10gR3.
  Is it a bug or it has it's logical explanation?
  Thanks in advance and kind regards.
  Ruben.

  Thank you Anuj for your early reply.
  As I checked in the network traces, neither the client nor the server sends the Connection: close header, connections remains established and unused for 200 seconds before the client (OSB Server) sends the FIN signal and meanwhile new connections are set (this is the keep-alive timeout of the client). And the server-side timeout is greater.
  For example...
  T0. Connection 1 established
  T+1s. Request sent and processed using Conn1
  T+2s. Request sent and processed using Conn1
  T+4s. Connection 2 established
  T+5s. Request sent and processed using Conn2
  T+200s. Connection 1 Closed.
  T+204s. Connection 2 Closed.
  From T+4 to T+199, two connections remains established. If the traffic continues this way for about one minute you can achieve 12 or 13 connections opened.
  Regards,
  Ruben.

• HTTP connection from OSB web service to external system via a Proxy Server

  Dear experts,
  May I know has anyone tried to use HTTP protocol to send a request from OSB web service to external system via a proxy server? Heard that we need to establish some sort of tunnel (socket) to talk to Proxy Server. Can you please any have sample code or configuration steps to share?
  Thank you very much!!

  http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/consolehelp/global_resources.html#wp1137294
  Adding Proxy Servers
  Use the Summary of Proxy Servers page to add and configure Proxy Server resources and make them available in Oracle Service Bus as a system resource. You must be in an active session to configure or reconfigure Proxy Server resources.
  1. If you have not already done so, click Create to create a new session or click Edit to enter an existing session. See Using the Change Center.
  2. Select System Administration > Proxy Servers.
  3. Click Add.
  4. In the Name field, enter a name for the Proxy Server resource. This is a required field.
  5. In the Description field, enter a short description for the Proxy Server resource.
  6. In the Host-Port Parameters section, enter the following information:
  1. In the Server Host field, enter the host name or IP address of the Proxy Server. This is a required field.
  The Server Host name for the Oracle Service Bus proxy server must be identical to the server host name of the actual proxy server.
  2. In the Clear Text Port field, enter the Proxy Server clear-text port number.
  3. In the SSL Port field, enter the Proxy Server SSL port number. You must enter either a clear text or SSL port number.
  4. Click Add.
  You can configure multiple Proxy Servers for each Proxy Server resource. This enables Oracle Service Bus to perform load balancing and offer fault tolerance features for the Proxy Server resource.
  7. If the Proxy Server performs proxy authentication, enter a user name in the User Name field, and the associated password in the Password and Confirm Password fields.
  These fields are optional, and required only if the Proxy Server is secured.
  8. Click Save to create and save the Proxy Server resource in the current session.
  9. To end the session and deploy the configuration to the run time, click Activate under Change Center.

• Upgrade to 10.9.5 killed outgoing http connections

  Hi guys
  I have a very weird problem after upgrading the system to the recent 10.9.5 version.
  I can't open any website using http scheme, f.e. https works fine.
  So, `tcpdump -i en1 dst port 80` doesn't show anything at all
  and `tcpdump -i en1 dst port 443` works fine
  PS: didn't change any network configuration, firewall is disabled, ipfw and pfctl doesn't show any rules that could block requests

  1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.
  Don't be put off by the complexity of these instructions. The process is much less complicated than the description. You do harder tasks with the computer all the time.
  2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.
  There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
  3. Below are instructions to run a UNIX shell script, a type of program. As I wrote above, it changes nothing. It doesn't send or receive any data on the network. All it does is to generate a human-readable report on the state of the computer. That report goes nowhere unless you choose to share it. If you prefer, you can act on it yourself without disclosing the contents to me or anyone else.
  You should be wondering whether you can believe me, and whether it's safe to run a program at the behest of a stranger. In general, no, it's not safe and I don't encourage it.
  In this case, however, there are a couple of ways for you to decide whether the program is safe without having to trust me. First, you can read it. Unlike an application that you download and click to run, it's transparent, so anyone with the necessary skill can verify what it does.
  You may not be able to understand the script yourself. But variations of the script have been posted on this website thousands of times over a period of years. The site is hosted by Apple, which does not allow it to be used to distribute harmful software. Any one of the millions of registered users could have read the script and raised the alarm if it was harmful. Then I would not be here now and you would not be reading this message.
  Nevertheless, if you can't satisfy yourself that these instructions are safe, don't follow them. Ask for other options.
  4. Here's a summary of what you need to do, if you choose to proceed:
  ☞ Copy a line of text in this window to the Clipboard.
  ☞ Paste into the window of another application.
  ☞ Wait for the test to run. It usually takes a few minutes.
  ☞ Paste the results, which will have been copied automatically, back into a reply on this page.
  The sequence is: copy, paste, wait, paste again. You don't need to copy a second time. Details follow.
  5. You may have started the computer in "safe" mode. Preferably, these steps should be taken in “normal” mode, under the conditions in which the problem is reproduced. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.
  6. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.
  7. The script is a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, though you may not see all of it in the browser window, and you can then copy it. If you try to select the line by dragging across the part you can see, you won't get all of it.
  Triple-click anywhere in the line of text below on this page to select it:
  PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=(Software Hardware Memory Diagnostics Power FireWire Thunderbolt USB Fonts SerialATA 4 1000 25 5120 KiB/s 1024 85 \\b%% 20480 1 MB/s 25000 ports ' com.clark.\* \*dropbox \*GoogleDr\* \*k.AutoCAD\* \*k.Maya\* vidinst\* ' DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH -86 "` route -n get default|awk '/e:/{print $2}' `" 25 N\\/A down up 102400 25600 recvfrom sendto CFBundleIdentifier 25 25 25 1000 MB com.apple.AirPortBaseStationAgent 464843899 51 5120 files );N5=${#p[@]};p[N5]=` networksetup -listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\) /,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print n;exit;} ' `;f=('\n%s: %s\n' '\n%s\n\n%s\n' '\nRAM details\n%s\n' %s\ %s '%s\n-\t%s\n' );S0() { echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +| +$/,"");if(q>='${p[$1]}') printf("%s (UID %s) is using %s '${p[$2]}'",$0,u,q);} ';};s=(' /^ *$|CSConfigDot/d;s/^ */   /;s/[-0-9A-Fa-f]{22,}/UUID/g;s/(ochat)\.[^.]+(\..+)/\1\2/;/Shared/!s/\/Users\/[^/]+/~/g ' ' s/^ +//;/de: S|[nst]:/p;' ' {sub(/^ +/,"")};/er:/;/y:/&&$2<'${p[10]} ' 1s/://;3,6d;/[my].+:/d;s/^ {4}//;H;${ g;s/\n$//;/s: [^EO]|x([^08]|02[^F]|8[^0])/p;} ' ' 5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[11]}')||($1~/^Cond/&&$2!~/^N/) ' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/ 0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n'' x;s/\n\n//;/Apple[ ,]|Genesy|Intel|SMSC/d;s/\n.*//;/\)$/p;' ' s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{ s/^.+is |\.//g;p;} ' ' $0&&!/ / { n++;print;} END { if(n<200) print "com.apple.";} ' ' $3~/[0-9]:[0-9]{2}$/ { gsub(/:[0-9:a-f]{14}/,"");} { print|"tail -n'${p[12]}'";} ' ' NR==2&&$4<='${p[13]}' { print $4;} ' ' END { $2/=256;if($2>='${p[15]}') print int($2) } ' ' NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37 17`" ' NR!=5||$8!~/[RW]/{next};{ $(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0 19 20`" 's:^:/:p' '/\.kext\/(Contents\/)?Info\.plist$/p' 's/^.{52}(.+) <.+/\1/p' ' /Launch[AD].+\.plist$/ { n++;print;} END { print "'${p[41]}'";if(n<200) print "/System/";} ' '/\.xpc\/(Contents\/)?Info\.plist$/p' ' NR>1&&!/0x|\.[0-9]+$|com\.apple\.launchctl\.(Aqua|Background|System)$|'${p[41]}'/ { print $3;} ' ' /\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:[^:]+//p ' '/^root$/p' ' !/\/Contents\/.+\/Contents|Applic|Autom|Frameworks/&&/Lib.+\/Info.plist$/ { n++;print;} END { if(n<1100) print "/System/";} ' '/^\/usr\/lib\/.+dylib$/p' ' /Temp|emac/{next};/(etc|Preferences|Launch[AD].+)\// { sub(".(/private)?","");n++;print;} END { print "'${p[41]}'.plist\t'${p[42]}'";if(n<500) print "Launch";} ' ' /\/(Contents\/.+\/Contents|Frameworks)\/|\.wdgt\/.+\.([bw]|plu)/d;p;' 's/\/(Contents\/)?Info.plist$//;p' ' { gsub("^| |\n","\\|\\|kMDItem'${p[35]}'=");sub("^...."," ") };1 ' p '{print $3"\t"$1}' 's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p' '$2>'${p[43]}'{$2=$2-1;print}' ' BEGIN { i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';} !/^A/{next};/%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";} /disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) { d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)" out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net: "c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\] /&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;} ' ' !/^T/ { printf "(static)";exit;} ' '/apsd|BKAg|OpenD/!s/:.+//p' ' (/k:/&&$3!~/(255\.){3}0/ )||(/v6:/&&$2!~/A/ ) ' ' $1~"lR"&&$2<='${p[25]}';$1~"li"&&$3!~"wpa2";' ' BEGIN { FS=":";p="uniq -c|sed -E '"'s/ +\\([0-9]+\\)\\(.+\\)/\\\2 x\\\1/;s/x1$//'"'";} { n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]$1|p;b=b$1;} END { close(p);if(b) print("\n\t* Code injection");} ' ' NR!=4{next} {$NF/=10240} '"`S0 27 14`" ' END { if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';} !/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n   "$0;} END { F=FILENAME;if(!F) exit;if(!f) f="\n   [N/A]";"file -b "F|getline T;if(T!~/^(AS.+ (En.+ )?text$|(Bo|PO).+ sh.+ text ex)/) F=F" ("T")";printf("\nContents of %s\n%s\n",F,f);if(l>L) printf("\n   ...and %s more line(s)\n",l-L);} ' ' s/^ ?n...://p;s/^ ?p...:/-'$'\t''/p;' 's/0/Off/p' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' ' / / { print "'"${p[28]}"'";exit;};1;' '/ en/!s/\.//p' ' NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" ' $10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1": "$9;} ' '/^ +r/s/.+"(.+)".+/\1/p' 's/(.+\.wdgt)\/(Contents\/)?Info\.plist$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p' ' /l: /{ /DVD/d;s/.+: //;b0'$'\n'' };/s: /{ /V/d;s/^ */- /;H;};$b0'$'\n'' d;:0'$'\n'' x;/APPLE [^:]+$/d;p;' ' /^find: /d;p;' "`S0 44 45`" ' BEGIN{FS="= "} /Path/{print $2} ' );c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat sar ps sudo\ crontab sudo\ iotop top pkgutil 'PlistBuddy 2>&1 -c "Print' whoami cksum kextstat launchctl sudo\ launchctl crontab 'sudo defaults read' stat lsbom mdfind ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;' defaults\ read scutil sudo\ dtrace sudo\ profiles sed\ -En awk /S*/*/P*/*/*/C*/*/airport networksetup mdutil sudo\ lsof test osascript\ -e );c2=(com.apple.loginwindow\ LoginHook '" /L*/P*/loginw*' "'tell app \"System Events\" to get properties of login items'|tr , \\\n" 'L*/Ca*/com.ap*.Saf*/E*/* -d 1 -name In*t -exec '"${c1[14]}"' :CFBundleDisplayName" {} \;|sort|uniq' '~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' '.??* -path .Trash -prune -o -type d -name *.app -print -prune' :${p[35]}\" :Label\" '{/,}L*/{Con,Pref}* -type f ! -size 0 -name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm sysload boot-args status " -F '\$Time \$Message' -k Sender kernel -k Message Req 'bad |Beac|caug|dead[^bl]|FAIL|fail|GPU |hfs: Ru|inval|jnl:|last value [1-9]|n Cause: -|NVDA\(|pagin|proc: t|Roamed|rror|ssert|Thrott|tim(ed? ?|ing )o|WARN' -k Message Rne 'Goog|ksadm|SMC:| VALI|xpma' -o -k Sender fseventsd -k Message Req 'SL' " '-du -n DEV -n EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc /var/db/r*/com.apple.*.{BS,Bas,Es,J,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag* -type f -regex .\*[cgh] ! -name *ag \( -exec grep -lq "^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N -t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '-L {/{S*/,},}L*/Lau* -type f' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' '-L /S*/L*/{C*/Sec*A,E}* {/,}L*/{A*d,Ca*/*/Ex,Co{mpon,reM},Ex,Inter,iTu*/*P,Keyb,Mail/B,Pr*P,Qu*T,Scripti,Sec,Servi,Spo,Widg}* -path \\*s/Resources -prune -o -type f -name Info.plist' '/usr/lib -type f -name *.dylib' `awk "${s[31]}"<<<${p[23]}` "/e*/{auto,{cron,fs}tab,hosts,{[lp],sy}*.conf,pam.d/*,ssh{,d}_config,*.local} {,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}*t /S*/L*/Lau*/*t .launchd.conf" list getenv /Library/Preferences/com.apple.alf\ globalstate --proxy '-n get default' -I --dns -getdnsservers\ "${p[N5]}" -getinfo\ "${p[N5]}" -P -m\ / '' -n1 '-R -l1 -n1 -o prt -stats command,uid,prt' '--regexp --only-files --files com.apple.pkg.*|sort|uniq' -kl -l -s\ / '-R -l1 -n1 -o mem -stats command,uid,mem' '+c0 -i4TCP:0-1023' com.apple.dashboard\ layer-gadgets '-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled' "+c0 -l|awk '{print(\$1,\$3)}'|sort|uniq -c|sort -n|tail -1|awk '{print(\$2,\$3,\$1)}'" );N1=${#c2[@]};for j in {0..9};do c2[N1+j]=SP${p[j]}DataType;done;N2=${#c2[@]};for j in 0 1;do c2[N2+j]="-n ' syscall::'${p[33+j]}':return { @out[execname,uid]=sum(arg0) } tick-10sec { trunc(@out,1);exit(0);} '";done;l=(Restricted\ files Hidden\ apps 'Elapsed time (s)' POST Battery Safari\ extensions Bad\ plists 'High file counts' User Heat System\ load boot\ args FileVault Diagnostic\ reports Log 'Free space (MiB)' 'Swap (MiB)' Activity 'CPU per process' Login\ hook 'I/O per process' Mach\ ports kexts Daemons Agents launchd Startup\ items Admin\ access Root\ access Bundles dylibs Apps Font\ issues Inserted\ dylibs Firewall Proxies DNS TCP/IP Wi-Fi Profiles Root\ crontab User\ crontab 'Global login items' 'User login items' Spotlight Memory Listeners Widgets Parental\ Controls Prefetching SATA Descriptors );N3=${#l[@]};for i in 0 1 2;do l[N3+i]=${p[5+i]};done;N4=${#l[@]};for j in 0 1;do l[N4+j]="Current ${p[29+j]}stream data";done;A0() { id -G|grep -qw 80;v[1]=$?;((v[1]==0))&&sudo true;v[2]=$?;v[3]=`date +%s`;clear >&-;date '+Start time: %T %D%n';};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=` while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}" \"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v" ]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}" "$i";done<<<"${v[$2]}" `;[[ "$v" ]];};';done;A7(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0 1;do eval ' B'$i'() { v=;((v['$((i+1))']==0))||{ v=No;false;};};B'$((3+i))'() { v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){ v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf "${v[$1]}") <(printf "${v[$2]}")|awk -F: ' {printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Fv "${v[$1]}"<<<"$v"`;};C0(){ [[ "$v" ]]&&echo "$v";};C1() { [[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v";};C2() { v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E "$s"<<<"$v"`&&C1 1 $1;};for i in 1 2;do for j in 0 2 3;do eval D$i$j'(){ A'$i' $1 $2 $3; C'$j' $4;};';done;done;{ A0;D20 0 $((N1+1)) 2;D10 0 $N1 1;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 8;A1 0 $((N1+2)) 3;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;D13 0 $((N1+9)) 59 50;for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 1 10 7 9;D13 1 11 8 10;D22 2 12 9 11;D12 3 13 10 12;D23 4 19 44 13;D23 5 14 12 14;D22 6 36 13 15;D22 7 37 14 16;D23 8 15 38 17;D22 9 16 16 18;B1&&{ D22 35 49 61 51;D22 11 17 17 20;for i in 0 1;do D22 28 $((N2+i)) 45 $((N4+i));done;};D22 12 44 54 45;D22 12 39 15 21;A1 13 40 18;B2 4;B3 4 0 19;A3 14 6 32 0;B4 0 5 11;A1 17 41 20;B7 5;C3 22;B4 4 6 21;A3 14 7 32 6;B4 0 7 11;B3 4 0 22;A3 14 6 32 0;B4 0 8 11;B5 7 8;B1&&{ A2 19 26 23;B7 7;C3 23;};A2 18 26 23;B7 7;C3 24;A2 4 20 21;B7 6;B2 9;A4 14 7 52 9;B2 10;B6 9 10 4;C3 25;D13 4 21 24 26;B4 4 12 26;B3 4 13 27;A1 4 22 29;B7 12;B2 14;A4 14 6 52 14;B2 15;B6 14 15 4;B3 0 0 30;C3 29;A1 4 23 27;B7 13;C3 30;D13 24 24 32 31;D13 25 37 32 33;A2 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;B1&&{ D13 21 0 32 19;D13 10 42 32 40;D22 29 35 46 39;};D23 14 1 62 42;D12 34 43 53 44;D22 0 $((N1+8)) 51 32;D13 4 8 41 6;D12 26 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2 19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 33 34 42 37;B1&&D23 35 45 55 46;D23 32 31 43 38;D12 36 47 32 48;D13 20 42 32 41;D13 37 2 48 43;D13 4 5 32 1;D13 4 3 60 5;D12 26 48 49 49;B3 4 22 57;A1 26 46 56;B7 22;B3 0 0 58;C3 47;D22 4 4 50 0;D23 22 9 37 7;A7;C2 2;} 2>/dev/null|pbcopy;exit 2>&-
  Copy the selected text to the Clipboard by pressing the key combination command-C.
  8. Launch the built-in Terminal application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
  Click anywhere in the Terminal window and paste by pressing command-V. The text you pasted should vanish immediately. If it doesn't, press the return key.
  9. If you see an error message in the Terminal window such as "Syntax error" or "Event not found," enter
  exec bash
  and press return. Then paste the script again.
  10. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. In most cases, the difference is not important. If you don't know the password, or if you prefer not to enter it, press the key combination control-C or just press return  three times at the password prompt. Again, the script will still run.
  If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.
  11. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, there will be nothing in the Terminal window and no indication of progress. Wait for the line
  [Process completed]
  to appear. If you don't see it within half an hour or so, the test probably won't complete in a reasonable time. In that case, close the Terminal window and report what happened. No harm will be done.
  12. When the test is complete, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.
  At the top of the results, there will be a line that begins with the words "Start time." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.
  If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.
  13. When you post the results, you might see an error message on the web page: "You have included content in your post that is not permitted," or "You are not authorized to post." That's a bug in the forum software. Please post the test results on Pastebin, then post a link here to the page you created.
  14. This is a public forum, and others may give you advice based on the results of the test. They speak only for themselves, and I don't necessarily agree with them.
  Copyright © 2014 by Linc Davis. As the sole author of this work, I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed.

• Weblogic 10.3: web service client enable HTTP/HTTPS connection reuse?

  hi all,
  i am writing an client app to call a web service, through a client proxy generated by jdeveloper/weblogic.
  My question is:
  for the weblogic web service client proxy, is it possible to enable HTTP/HTTPS connection reuse/pooling?
  i see there is many connection created when calling the web service (by command netstat)?
  thank you.
  lsp

  anybody can help?
  thanks

• OSB call to remote Web Service via https proxy and https CONNECT problem

  Hi
  I have a service that calls a web service on another server as a web service. This call is via https and the certificate validation raises no errors.
  I now want this call to go via a squid httpd proxy on port 3128 on some machine. So I would like to use HTTP CONNECT (RFC 2817) proxying,. But when I set up this as a proxy, I am getting "Certificate chain" error messages. The certifcate chains is no different now from when I called without the http proxy, so what am I doing wrong? Does OSB support HTTP CONNECT?
  -Johan

  The exeption we are getting is BEA-380000
  General runtime error: [Security:090477]Certificate chain received from XXX - 123.123.123.123 --> test.salesforce.com was not trusted causing SSL handshake failure.
  This is of course not relevant if the callout were using CONNECT. In the CONNECT scenario, OSB would not care about XXX's certificate.

• Create outgoing SSL connections in WebLogic 4.5.1 using JSSE

  Hi,
  Does anyone know how to create outgoing SSL connections from a WLS 4.5.1 using
  JSSE.
  I've implemented an application using JSSE for POSTing data to an HTTPS server
  that requires client authentication and it worked fine. But when used inside the
  WebLogic server it doesn't work, because the WLS SSL classes are used instead
  of the JSSE ones. It returns a "java.io.IOException: Alert: fatal handshake_failure".
  If the ssl.enable property is set to false probably it will work, but I need it
  set to true. Does anyone a way to solve this problem?
  Thanks in advance.

  Hi,
  I also need to do the same in weblogic 5.1 (sp8). I know
  it is not possible with JSSE, but how do I achieve with
  weblogic implementation of Https? I am getting "Non
  supported cipher requested" error. How do I remove this message. It will be
  of great help if someone can list
  down the configuration step in weblogic. I am trying
  to find it in weblogic documentation but no success so far.
  Thanks in advance for your help!
  - Rishi
  "Jerry" <[email protected]> wrote in message
  news:[email protected]..
  Hi Nuno,
  I don't think that you can use JSSE to make outgoing SSL connections inWLS 4.5.1 because
  of the many conflicts between JSSE and the WLS SSL classes
  In versions of 5.1 (such as sp9 and up), and also 6.0 and 6.1, BEA gotrid of these
  conflicts to make the use of JSSE possible with WebLogic to do outgoingSSL.
  In 4.5.1, I believe you are out of luck.
  Joe Jerry
  Nuno Carvalho wrote:
  Hi,
  Does anyone know how to create outgoing SSL connections from a WLS 4.5.1
  using
  JSSE.
  I've implemented an application using JSSE for POSTing data to an HTTPSserver
  that requires client authentication and it worked fine. But when usedinside the
  WebLogic server it doesn't work, because the WLS SSL classes are usedinstead
  of the JSSE ones. It returns a "java.io.IOException: Alert: fatalhandshake_failure".
  If the ssl.enable property is set to false probably it will work, but Ineed it
  set to true. Does anyone a way to solve this problem?
  Thanks in advance.

• Message via SM59 "HTTP connection to external partner" not sent to partner

  I have a scenario where I am supposed to send a message to an external partner using https. I have created the HTTP connection in SM59 "HTTP connection to external server" and selected the default certificate. This connection is referenced in the http receiver CC in PI 7.1, but when I send the iDoc message from the backend it is not sent out of PI to the external partner.
  There are no apparent errors in the trace files in SMICM on the PI system, but our firewall guys say, that they cannot see the outgoing call in our firewall and the external partner cannot see the message either.
  There is connection to the external server from the PI server, which has been confirmed by a telnet connection.
  We think that there might be a problem on our web server, but we are not sure.
  We have previously succeeded in calling an other server at the external partner from the PI system using a different client certificate. When we do a connection test in SM59 we get an error 500 but the external partner can see the GET request in their firewall.
  Any suggestions are more than welcome
  MIkael

  The error message appears in the call adapter pipeline step before the supposed mapping is supposed to take place. The error message is:
  <?xml version="1.0" encoding="UTF-8" standalone="yes" ?><!-- Call Adapter --> <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand=""><SAP:Category>XIAdapter</SAP:Category><SAP:Code area="PLAINHTTP_ADAPTER">ATTRIBUTE_CLIENT</SAP:Code><SAP:P1>400</SAP:P1><SAP:P2>ICM_HTTP_CONNECTION_FAILED</SAP:P2><SAP:P3/><SAP:P4/><SAP:AdditionalText/><SAP:Stack>HTTP client code 400 reason ICM_HTTP_CONNECTION_FAILED
  </SAP:Stack><SAP:Retry>A</SAP:Retry></SAP:Error>
  Mikael

• Intercept all outgoing http calls

  Similar to HttpFilter  (javax.Servlet.Filter ) which when added in web.xml can intercept any incoming request to JVM / outgoing (as response) independent of framework ( Spring/CXF/Jersy etc ) without any code changes (excluding the filter itself), I am trying to find an API or approach which could intercept any outgoing HTTP calls from JVM to add/modify headers independent of framework.
  Quite often the word Outgoing HTTP call is misinterpreted in the forums so let me explain with example.
  Let us assume there are two JVMs, jvm1 and jvm2. and there are HTTP calls being made from JVM1 to JVM2. I would like to intercept the HTTP connection being made from JVM1 to modify the headers information before the call happens. I do not want the code to be tied to a specific framework so that I can as bundle the interceptor as a jar and share it with application team. Changes in web.xml is fine.
  Any suggestions? Please HELP!

  > without any code changes...add/modify headers independent of framework.
  I doubt that is possible.
  Only way I can think of this being technically possible it to replace the VM socket factory with a custom factory which is just a wrapper (wrapped sockets) which intercept calls.  The wrapped calls would then identify http and manipulate it.  No idea how that interacts with SSL though.  That would probably some more custom work.
  I suppose an injection process might be able to insert something like a custom socket factory but that functionality would need to be supported by every framework  And I doubt it is.

• Wls6 outgoing ssl connections...

  We're trying to setup an outgoing ssl connection essentially from a servlet
  (jsp).
  We've developed the "client" code using jsse and
  it works fine in standalone mode. When we call
  it from within a weblogic servlet (actually a jsp), the
  SSL handshake takes place, but we get a certificate
  not valid exception. It appears to be saying that the CA cert
  for the server we are trying to connect to is expired.
  The connection is like this...
  WLS6, a jsp --> ssl ---> netscape web server.
  The netscape web server has a valid unexpired
  verisign cert. The CA for that cert is valid till 2010.
  This is all verified by using IE to connect to the
  netscape server.
  It appears that WLS6 is keeping a store of CA certs
  somewhere. We've checked the certs in
  java_home/jre/lib/security/cacerts and there is a
  valid ca cert for the netscape cert. Anyone have
  any idea where WLS6 keeps it ca certs for outgoing
  connections?
  Here is the stack trace...
  (thanks)
  java.io.IOException: Certificate not valid:
  fingerprint = 115632b0c42739458d5cf441895f1c72, not before = Wed Nov 09
  15:54:17 PST 1994, not after = Fri Dec 31 15:54:17 PST 1999, holder = C=US
  O=RSA Data Security, Inc. OU=Secure Server Certification Authority , issuer
  = C=US O=RSA Data Security, Inc. OU=Secure Server Certification Authority ,
  key = modulus length=126 exponent length=3
  at
  weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:143)
  at
  weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:117)
  at weblogic.security.SSL.Handshake.input(Handshake.java:114)
  at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1019)
  at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:383)
  at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:245)
  at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:194)
  at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:45)
  at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:156)
  at weblogic.net.http.HttpClient.<init>(HttpClient.java:85)
  at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:34)
  at weblogic.net.http.HttpClient.New(HttpClient.java:119)
  at
  weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:99)
  at
  test.httptools.MiniHttpClient.setupConnection(MiniHttpClient.java:281)
  at test.httptools.MiniHttpClient.openURL(MiniHttpClient.java:294)
  at com.bridgespan.dhs.DhsStatus.post(DhsStatus.java:203)
  at com.bridgespan.dhs.DhsStatus.updateLoanStatus(DhsStatus.java:151)
  at jsp_servlet._dhsstatus._jspService(_dhsstatus.java:91)
  at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :213)
  at
  weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
  ntext.java:1265)
  at
  weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
  :1631)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)

  Hi,
  I also need to do the same in weblogic 5.1 (sp8). I know
  it is not possible with JSSE, but how do I achieve with
  weblogic implementation of Https? I am getting "Non
  supported cipher requested" error. How do I remove this message. It will be
  of great help if someone can list
  down the configuration step in weblogic. I am trying
  to find it in weblogic documentation but no success so far.
  Thanks in advance for your help!
  - Rishi
  "Jerry" <[email protected]> wrote in message
  news:[email protected]..
  Hi Nuno,
  I don't think that you can use JSSE to make outgoing SSL connections inWLS 4.5.1 because
  of the many conflicts between JSSE and the WLS SSL classes
  In versions of 5.1 (such as sp9 and up), and also 6.0 and 6.1, BEA gotrid of these
  conflicts to make the use of JSSE possible with WebLogic to do outgoingSSL.
  In 4.5.1, I believe you are out of luck.
  Joe Jerry
  Nuno Carvalho wrote:
  Hi,
  Does anyone know how to create outgoing SSL connections from a WLS 4.5.1
  using
  JSSE.
  I've implemented an application using JSSE for POSTing data to an HTTPSserver
  that requires client authentication and it worked fine. But when usedinside the
  WebLogic server it doesn't work, because the WLS SSL classes are usedinstead
  of the JSSE ones. It returns a "java.io.IOException: Alert: fatalhandshake_failure".
  If the ssl.enable property is set to false probably it will work, but Ineed it
  set to true. Does anyone a way to solve this problem?
  Thanks in advance.

• Outgoing ftp connections dying

  Hello,
  Our router is WRV200 and we have the following problem: after hours of working normally suddenly outgoing ftp connections stop working from any computer on the internal network. Clients say the host can't be connected at all, although its IP address is correctly resolved.
  The problem is resolved by restarting the router or even by saving settings to the router (with no changes to the settings). After the short network outage caused by restarting, ftp connections are working again... until the next time.
  During the time ftp can't be access all other network services work normally, we can browse http, use ICQ, Skype etc. without problem. I can even administer the router remotely when I'm not at the office when the problem arises. No other service except ftp seems to be affected.
  I already flashed the last firmware version and reset the box using the reset button, unfortunately with no success.
  Any ideas?

  Try adjusting the MTU size on tthe router to 1452 ..

• Making https: connection from java code loaded into Oracle 8i database

  A bit of a blast from the past, really, as 8i provides a JVM at 1.2.2.
  I need to provide an PL/SQL function which accesses a RESTful web service requiring https connection. Got the call working under 1.2 locally without much trouble using:
  static {
          System.setProperty("java.protocol.handler.pkgs",
                  "com.sun.net.ssl.internal.www.protocol");
          Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
      }The trick is to get the Oracle database to run the code internally. What libraries do I need where? I get an extremely unhelpful NoClassDefFoundError, without mention of the offending class.
  By doing loadjava with jcert.jar,. jnet.jar and jsse.jar (the libraries I'm using with the test program) I can get loadjava to accept and allegedly resolve the class.

  endasil wrote:
  malcolmmc wrote:
  Well, sadly look at the colour scheme.Yeah, sarcastic was I. The NoClassDef error seriously doesn't give a class name? I find it astonishing that any implementation would be that stupid.Seriously. The strange thing is that before I got to the NoClassDefFound I had a Initialization error (until I added a security rule for setting the Provider) and for that I got a full stack trace (in an obscure trace file, granted).

• Https Connection from servlets using JSSE.

  Hi all,
  Although my question is the same as the QOW for this week, there is an error "unsupported keyword EMAIL" returned when i try to establish a https connection using servlet. The error log is as follow:
  =====================================
  java.io.IOException: unsupported keyword EMAIL
  at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V1.2-120198])
  at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
  at URLReader.doGet(URLReader.java:78)
  ===================================
  Does anyone know the meaning of this error?
  I try to write a java application using the similar code and it totally works fine(i can connect to the server and obtain the page). Does JSSE support Java Servlet? Or this is the problem of tomcat server? FYI, I'm using
  Tomcat 3.2.2
  Java SDK 1.3
  Many thanks!
  Ethan
  p.s. Here is the source for my program
  import java.io.*;
  import java.net.*;
  import javax.servlet.*;
  import javax.servlet.http.*;
  import javax.net.*;
  import javax.net.ssl.*;
  import com.sun.net.ssl.*;
  public class URLReader extends HttpServlet{
  private PrintWriter out = null;
  public void doGet(HttpServletRequest req, HttpServletResponse res){
  res.setContentType("text/html");
  res.setHeader("Cache-Control", "no-cache");
  res.setHeader("Progma", "no-cache");
  out = res.getWriter();
  java.security.Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  System.setProperty("javax.net.ssl.trustStore", "File_for_keyStore");
  System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
  try {
       URL url = new URL("https://server_name:port/index.htm");
       HttpsURLConnection urlconnection = (HttpsURLConnection)url.openConnection();
       BufferedReader in = new BufferedReader(new InputStreamReader(urlconnection.getInputStream()));
       String outputLine ;
       while ( (outputLine = in.readLine()) != null){
       out.println("There is the result: "+outputLine);
       in.close();
  catch(Exception e){
  public void doPost(HttpServletRequest req, HttpServletResponse res){
  }

  I was just having this issue, after months of error-free ssl behavior, on a new machine i was installing (Note: that I was running the IBM jdk1.3) It turns out that when I was editing the java.security file to know about JCE/JSSE providers i had the providers in the wrong order. The Error causing sequence was:
  security.provider.1=com.sun.net.ssl.internal.ssl.Provider
  security.provider.2=com.ibm.crypto.provider.IBMJCA
  # Extra provider added ibm@33894
  security.provider.3=com.ibm.crypto.provider.IBMJCE
  # extra provider i added
  security.provider.4=sun.security.provider.Sun
  The issue disappeared when i changed the order to:
  security.provider.1=sun.security.provider.Sun
  security.provider.2=com.sun.net.ssl.internal.ssl.Provider
  security.provider.3=com.ibm.crypto.provider.IBMJCA
  # Extra provider added ibm@33894
  security.provider.4=com.ibm.crypto.provider.IBMJCE
  hope that helps!
  --john molnar
  Trellis Network Security

• HTTPS connection from servlet to another webserver

  Hi,
  We want to make a https connection from a servlet in weblogic server to another
  web server (not necessarily weblogic). We also need dual authentication. But whenever
  we use URL.openConnection(), it always returns us weblogic's internal https and
  SSL implementation. Since weblogic has no documentation about how to use these
  internal classes, such as how to set trusted server certificate, and how to set
  client certificate (servlet is a client of another web server). We want to use
  jsse, after setting JSSE required system properties, I still get a weblogic's
  httpsURLConnection. Can any of you tell me how to resolve this issue?
  Thanks.
  Xinshi

  Yeah, I'm using JSSE now. Here is what I did:
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provide());
  Provider prov = new SimpleSecureProvider();
  prov.setProperty("SecureRandom.efficient", "test.EfficientSecureRandom");
  Security.insertProviderAt(prov, 1);
  You don't really need the provider stuff to get the example working. I use it
  to get around a quick in JSSE where the random number generator takes 15-30 seconds
  to generate a random sequence at start up.
  SimpleSecureProvider looks like this:
  public class SimpleSecureProvider extends Provider
  public SimpleSecureProvider()
  super("SimpleSecureProvider-", 1.0, "Hack to enable more efficient random
  seed generator");
  test.EfficientSecureRandom is bascially an exact copy of Sun's SecureRandom.java
  with the only difference that I used my own random number generator.
  Anyway, rest of the code you need looks like this:
  URL url= new URL("htps://someplace.com");
  URLConnection sconnection = url.openConnection();
  Do whatever.
  I also stored jcert.jar, jnet.jar, jsse.jar in /usr/java/jdk1.3/lib/ext
  I think that is everything.
  I just noticed that service pack 9 has a security example that does not require
  all these jsse hacks. I'm trying to get it to work, but not having much luck.
  Anybody got this working right?
  "Jayesh Patel" <[email protected]> wrote:
  See if this works,
  1. Add the 'j2ee.jar' to CALSSPATH in weblogic startup script.
  2. Set the property SSLHandlerEnabled flase in config.xml
  3. Add the following property permission to the
  weblogic.policy' file under a 'grant' directive
  for all codebases (bottom): 'permission java.security.AllPermission'
  4. Use the following bit of source code to create an https connection:
  import com.sun.net.ssl.*; ....
  com.sun.net.ssl.HttpsURLConnection connection;
  System.setProperty ("java.protocol.handler.pkgs",
  "com.sun.net.ssl.internal.www.protocol");
  java.security.Security.addProvider(new
  com.sun.net.ssl.internal.ssl.Provider() );
  URL url = new URL( "https", hostname, query );
  -Jayesh
  connection = (com.sun.net.ssl.HttpsURLConnection )url.openConnection(
  "Xinshi Sha" <[email protected]> wrote in message
  news:[email protected]...
  Hi,
  We want to make a https connection from a servlet in weblogic serverto
  another
  web server (not necessarily weblogic). We also need dual authentication.But whenever
  we use URL.openConnection(), it always returns us weblogic's internalhttps and
  SSL implementation. Since weblogic has no documentation about how
  to
  use
  these
  internal classes, such as how to set trusted server certificate, andhow
  to set
  client certificate (servlet is a client of another web server). Wewant to
  use
  jsse, after setting JSSE required system properties, I still get aweblogic's
  httpsURLConnection. Can any of you tell me how to resolve this issue?
  Thanks.
  Xinshi

• HTTPS connection from database

  Hi all,
  I have to implement https connection from a database with a Web server which requests a client certificate. I have the certificate in the wallet, but UTL_HTTP does not send it to the Web server.
  So, is there any way to connect to a Web server which requires a client certificate?

  Could you explain how transport protocol influences certificate exchange during SSL session?