Weblogic Security Queries
Hi All,
My requirements are as follows:
1) Have a central repository like the iplanet Directory server to store the information
of users,groups etc
2)Perform identity management to manage roles and permissions This includes the
ability to define users, resources, and abstract concepts such as a user role
or a group
3)The final requirement is access management. This is the enforcement of which
users have access to what information. It includes authentication and authorization
mechanisms to make sure someone is who they claim to be and that they have the
authority to get the information they requested, and access management to enforce
the permissions
I need to achieve these requirements for my Portal application. My queries for
the same are as follows
1)The default Weblogic authetication providers can be used to authenticate users
located on iplanet Directory server.
2)But my doubt is with the authorization provider, Role Mapper providers etc they
seem to be tightly coupled to the embedded LDAP. In order to solve my requirements
on 2 and 3 what are the approaches that are available.
3)I also have tried to create a new Realm that the Iplanet authentication provider
configured to authenticate against iPlanet LDAP and also the other default providers
that come along with
weblogic to do authorization checks. When I try to start my server I get the following
errror and the server does not start.
<Nov 28, 2003 4:58:31 PM GMT+05:30> <Critical> <Security> <BEA-090404> <User weblogic
is not permitted to boot the server; The
server policy may have changed in such a way that the user is no longer able to
boot the server.Reboot the server with the administrative user account or contact
the system administrator to update the server policy definitions.>
The WebLogic Server did not start up properly.
Reason: weblogic.security.SecurityInitializationException: User weblogic is not
permitted to boot the server; The server policy
may have changed in such a way that the user is no longer able to boot the server.Reboot
the server with the administrative us
er account or contact the system administrator to update the server policy definitions.
Can anyone suggest me any ways to solve my queries and if you could provide some
input on how to solve my requirements that will be very useful and we are WLS
shop so the solution should be within the reach of weblogic server security
Hi,
This is w.r.t the same query.
1)Where do you want your role and policy information stored? How is your role
and policy information defined? The WLS framework is limited to WLS resources
(ejbs,
webapps,jdbc connection pools, etc.)
Ans) The Roles and Policies are defined in the External LDAP.
"Anand" <[email protected]> wrote:
>
Hi,
Thanks for your replies. I have a couple of other queries which are as
follows:
1. How do we decouple the Embeded LDAP and connect to External LDAP Server
for
Authentication and Authorization( I prefer iPlanet LDAP Server)
2. Is Portal WLS resource ? If so I want to build a Access Control List.
3. Can you point me to any resource which guides me how to configure
iPlanet server
for authentication and Authorization. I am a novice. This tutorial/sample
should
include all necessary codes.
"Peter" <PeterB> wrote:
"Anand" <[email protected]> wrote in message
news:[email protected]...
Hi All,
My requirements are as follows:
1) Have a central repository like the iplanet Directory server to
store
the information
of users,groups etc
2)Perform identity management to manage roles and permissions Thisincludes the
ability to define users, resources, and abstract concepts such as
a
user
role
or a group
3)The final requirement is access management. This is the enforcementof
which
users have access to what information. It includes authentication
and
authorization
mechanisms to make sure someone is who they claim to be and that theyhave
the
authority to get the information they requested, and access managementto
enforce
the permissions
I need to achieve these requirements for my Portal application. Myqueries
for
the same are as follows
1)The default Weblogic authetication providers can be used to authenticateusers
located on iplanet Directory server.
2)But my doubt is with the authorization provider, Role Mapper providersetc they
seem to be tightly coupled to the embedded LDAP. In order to solvemy
requirements
on 2 and 3 what are the approaches that are available.The role mapper and authorization providers do store roles and policies
in
embedded
ldap server.
Where do you want your role and policy information stored? How is your
role
and policy
information defined? The WLS framework is limited to WLS resources (ejbs,
webapps,
jdbc connection pools, etc.)
3)I also have tried to create a new Realm that the Iplanet authenticationprovider
configured to authenticate against iPlanet LDAP and also the otherdefault providers
that come along with
weblogic to do authorization checks. When I try to start my serverI get
the following
errror and the server does not start.
WLS uses the server resource to determine if you can boot the server.
There
is a policy
that allows users with admin or operator role. The default for thatrole
is
member
of the administrators or operators group. You can change this role
expression with
the console.
Therefore, check to see if your boot user is a member of the administrators
group.
>
Similar Messages
-
Adminserver throws weblogic.security.service.SecurityServiceException
Hi all,
When i installed weblogic 10.3.3 with java1.6 on RHEL 5.5 & created the domain. After the creation , i am not able to star the Admin server,it is throwing the below error. Do anyone have idea ,how to resolve this issue ?
####<Oct 28, 2010 3:38:41 AM PDT> <Error> <Security> <Unknown> <AdminServer> <[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1288262321492> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: java.lang.ExceptionInInitializerError.
weblogic.security.service.SecurityServiceException: java.lang.ExceptionInInitializerError
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:342)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:221)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1783)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:442)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:840)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:869)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused By: java.lang.ExceptionInInitializerError
at com.octetstring.vde.util.guid.GuidGenerator.nextGuidInBytes(GuidGenerator.java:125)
at com.octetstring.vde.util.guid.Guid.<init>(Guid.java:84)
at com.octetstring.vde.backend.standard.BackendStandard.add(BackendStandard.java:379)
at com.octetstring.vde.backend.BackendHandler.add(BackendHandler.java:460)
at com.octetstring.vde.util.LDIF.importLDIF(LDIF.java:279)
at com.octetstring.vde.util.LDIF.importLDIF(LDIF.java:235)
at weblogic.security.utils.ProviderUtils.loadFullLDIFTemplate(ProviderUtils.java:739)
at weblogic.security.utils.ProviderUtils.loadLDIFTemplate(ProviderUtils.java:583)
at weblogic.security.utils.ProviderUtils.loadLDIFTemplate(ProviderUtils.java:489)
at weblogic.security.utils.ProviderUtils.loadLDIFAuthenticatorTemplate(ProviderUtils.java:316)
at weblogic.security.providers.authentication.DefaultAuthenticationProviderImpl.initialize(DefaultAuthenticationProviderImpl.java:128)
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:65)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(WLSIdentityServiceImpl.java:47)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:300)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:221)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1783)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:442)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:840)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:869)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused By: java.lang.NullPointerException
at java.lang.System.arraycopy(Native Method)
at com.octetstring.vde.util.guid.GuidParamGenerator.generateNodeID(GuidParamGenerator.java:47)
at com.octetstring.vde.util.guid.GuidStateManager.initializeGUIDParameters(GuidStateManager.java:59)
at com.octetstring.vde.util.guid.GuidStateManager.<init>(GuidStateManager.java:30)
at com.octetstring.vde.util.guid.GuidStateManager.<clinit>(GuidStateManager.java:23)
at com.octetstring.vde.util.guid.GuidGenerator.nextGuidInBytes(GuidGenerator.java:125)
at com.octetstring.vde.util.guid.Guid.<init>(Guid.java:84)
at com.octetstring.vde.backend.standard.BackendStandard.add(BackendStandard.java:379)
at com.octetstring.vde.backend.BackendHandler.add(BackendHandler.java:460)
at com.octetstring.vde.util.LDIF.importLDIF(LDIF.java:279)
at com.octetstring.vde.util.LDIF.importLDIF(LDIF.java:235)
at weblogic.security.utils.ProviderUtils.loadFullLDIFTemplate(ProviderUtils.java:739)
at weblogic.security.utils.ProviderUtils.loadLDIFTemplate(ProviderUtils.java:583)
at weblogic.security.utils.ProviderUtils.loadLDIFTemplate(ProviderUtils.java:489)
at weblogic.security.utils.ProviderUtils.loadLDIFAuthenticatorTemplate(ProviderUtils.java:316)
at weblogic.security.providers.authentication.DefaultAuthenticationProviderImpl.initialize(DefaultAuthenticationProviderImpl.java:128)
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:65)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(WLSIdentityServiceImpl.java:47)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:300)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:221)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1783)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:442)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:840)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:869)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1028)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
thanks
ArunHi,
It looks like your security services initilization has some problem.Please try to do below step.
Please login to the Database and then run the below SQL file to execute different queries mentioned in this file:
Suppose Database User Login is “weblogic” then login to Database with this credential and run the script under $BEA_HOME\wlserver_10.3\server\lib\rdbms_security_store_oracle.sql
Then restart your Server. -
Error:- weblogic.security.SecurityInitializationException: Authentication
Hi,
I am getting below error when ever i am trying to start the Managed server in cluster environment(unix).
I am able to start the server on local machine but in case of remote machine its not gettig started.
I have tried most of the steps as mentioned below:-
1) Changed the weblogic passowrd.
2) Delete boot.properties.
3) deleted $DOMAIN_DIR\servers\<admin-server-name>\data\ldap
4) Followed below post also but nothing worked:-
https://forums.oracle.com/forums/thread.jspa?threadID=956750&start=30&tstart=0
####<Nov 14, 2011 7:41:28 PM IST> <Info> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888310> <BEA-000000> <WebLogic Server "soa_server2" version:
WebLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PDT 2011 1398638 Copyright (c) 1995, 2009, Oracle and/or its affiliates. All rights reserved.>
####<Nov 14, 2011 7:41:28 PM IST> <Notice> <Log Management> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888419> <BEA-170019> <The server log file /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/logs/soa_server2.log is opened. All server side log events will be written to this file.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Log Management> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888426> <BEA-170023> <The Server Logging is initialized with Java Logging API implementation.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Diagnostics> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888494> <BEA-320001> <The ServerDebug service initialized successfully.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "t3" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "t3s" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "http" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "https" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888561> <BEA-002622> <The protocol "iiop" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "iiops" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "ldap" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "ldaps" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888564> <BEA-002622> <The protocol "cluster" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888565> <BEA-002622> <The protocol "clusters" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888568> <BEA-002622> <The protocol "snmp" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888568> <BEA-002622> <The protocol "admin" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888569> <BEA-002624> <The administration protocol is "t3s" and is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <RJVM> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888583> <BEA-000570> <Network Configuration for Channel "soa_server2"
Listen Address 172.17.103.42:8101
Public Address N/A
Http Enabled true
Tunneling Enabled false
Outbound Enabled false
Admin Traffic Enabled true>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889336> <BEA-002609> <Channel Service initialized.>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <Socket> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889410> <BEA-000436> <Allocating 4 reader threads.>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <Socket> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889412> <BEA-000446> <Native IO Enabled.>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <IIOP> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889612> <BEA-002014> <IIOP subsystem enabled.>
####<Nov 14, 2011 7:41:32 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279892649> <BEA-090894> <Successfully loaded the OPSS Policy Provider using oracle.security.jps.internal.policystore.JavaPolicyProvider.>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893102> <BEA-000000> <Starting OpenJPA 1.1.1-SNAPSHOT>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893224> <BEA-000000> <StoreServiceImpl.initJDO - StoreService is initialized with Id = ldap_qMT60FRl3kIPYftFoWhBFbhSxuY=>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893501> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/XACMLAuthorizermyrealmInit.initialized, will load full LDIFT.>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893509> <BEA-090074> <Initializing Authorizer provider using LDIF template file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift.>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893921> <BEA-090075> <The Authorizer provider has had its LDIF information loaded from: /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894240> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/DefaultCredentialMappermyrealmInit.initialized, will load full LDIFT.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894240> <BEA-090827> <LDIF template file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/DefaultCredentialMapperInit.ldift was empty. The WebLogic provider CredentialMapper has been bootstrapped but has not been initialized with any LDIF data.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894250> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/XACMLRoleMappermyrealmInit.initialized, will load full LDIFT.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894251> <BEA-090074> <Initializing RoleMapper provider using LDIF template file /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/security/XACMLRoleMapperInit.ldift.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894265> <BEA-090075> <The RoleMapper provider has had its LDIF information loaded from: /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/security/XACMLRoleMapperInit.ldift>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894442> <BEA-090093> <No pre-WLS 8.1 Keystore providers are configured for server soa_server2 for security realm myrealm.>
####<Nov 14, 2011 7:41:34 PM IST> <Notice> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894442> <BEA-090082> <Security initializing using security realm myrealm.>
####<Nov 14, 2011 7:41:34 PM IST> <Critical> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894594> <BEA-090403> <Authentication for user weblogic denied>
####<Nov 14, 2011 7:41:34 PM IST> <Critical> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894596> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy28.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy46.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:348)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:929)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
####<Nov 14, 2011 7:41:34 PM IST> <Notice> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894605> <BEA-000365> <Server state changed to FAILED>
####<Nov 14, 2011 7:41:34 PM IST> <Error> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894605> <BEA-000383> <A critical service failed. The server will shut itself down>
####<Nov 14, 2011 7:41:34 PM IST> <Notice> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894608> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894618> <BEA-000236> <Stopping execute threads.>
Please help.
thanks in advanceI've tried every trick in the book but no luck and finally I found a solution for this problem. Maybe it is not the best practice but it works:
1-Uninstall JDeveloper.
2-Delete Oracle Middleware file located in C:\Oracle
3-Delete the JDeveloper file located in C:\Users\MyUser\AppData\Roaming (Because the integrated Weblogic server is actually there)
4-Reinstall JDeveloper
That solved the issue.
Thanks -
Weblogic.security.internal.SerializedSystemIniException
While starting weblogic server, I am getting the following error,
Exception raised:
weblogic.security.internal.SerializedSystemIniException: Version mismatch. have
0, expected 1
at weblogic.security.internal.SerializedSystemIni.<init>(SerializedSystemIni.java:119)
at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:208)
at weblogic.management.internal.EncryptedData.getEncryptionService(EncryptedData.java:82)
Can anybody give a clue in this to resolve urgently?It seems like your SerializedSystemIni.dat is currupted.
Do you have SerializedSystemIni.dat and fileRealm.property from any other
working domain?
Please try to replace both of them and see if this fixes the problem.
-utpal
"Ramanan " <[email protected]> wrote in message
news:[email protected]..
>
While starting weblogic server, I am getting the following error,
Exception raised:
weblogic.security.internal.SerializedSystemIniException: Version mismatch.have
0, expected 1
atweblogic.security.internal.SerializedSystemIni.<init>(SerializedSystemIni.ja
va:119)
atweblogic.security.internal.SerializedSystemIni.getEncryptionService(Serializ
edSystemIni.java:208)
atweblogic.management.internal.EncryptedData.getEncryptionService(EncryptedDat
a.java:82)
>
Can anybody give a clue in this to resolve urgently? -
Hi -
I have installed OIM 11g r2 ps2, I an tring to start my Admin and SOA server :
1. Though my admin server is coming up fine, but I am getting the following error when I am trying to start Admin server.
####<Apr 22, 2015 12:22:27 AM PDT> <Error> <Deployer> <devoimx003> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS
Kernel>> <> <> <1429687347654> <BEA-149205> <Failed to initialize the application 'opss-DBDS' due to error weblogic.security.internal.encryption.EncryptionServiceException.
weblogic.security.internal.encryption.EncryptionServiceException
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: weblogic.security.internal.encryption.EncryptionServiceException
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
2. My SOA server is coming up but in admin mode and giving OPSS connections errors.
Any help is really appreciated!
Thanks,
SKHi Faisal -
is your domain in development mode or production mode?
- While configuring my domian , I had selected Prod Mode, but pon start up when I see in admin server console, it is starting in developement mode already ?
Any idea how, why ?
if its production mode you can switch to development mode, change all the credentials in the config.xml and configurations under sub folders to cleartext and start the server..
- Let me still try these and get back to you.
Thanks,
SK -
The weblogic.security.Security.runAs() and JAAS Subject
Let say that I have Java client with some JAAS code that authenticates
the user. The LoginContext generates a Subject containing the Principal
name of the authenticated user, but also some private credentials that
makes the Subject secure.
Now I want to call an EJB on WLS.
Having JNDI (EJB) code inside a PriviledgesAction and using the
weblogic.security.Security.runAs() method, I assume that the Subject is
sent over the wire with the EJB call. If not, please correct me.
Question is: How does WLS authenticate this call? What modules are
called? IdentityAsserter? LoginModule? Is the Subject simply assumed
"valid"? Any documentation describing how this is done?
/BoHi,
Problem is solved, we also got security exception when we tried to call MBeans.For this to work we have to set
-Dweblogic.disableMBeanAuthorization=true in weblogic startup script so that our application can access MBeans.
Thanks
girish -
I have an ORACLE database which contains a table of 100s of users and passwords with their group information. I developed a Webapplication (in Tomcat) in which one of the servlets works as authenticator for the user logging in by fetching row from the datbase and validating him.(This is a simple authentication)
Now I have switched to Weblogic platform 8.1 SP2 and am completely new to Weblogic Security. I want to use Weblogic security features for my application and the users & groups should be retrieved from the database for authentication.
How can I do this ? Any clear-cut steps ?
Where can I find them in documentation ?
Please help me...Urgent !!I found it in
Weblogic Administration Console Home -> Summary of Security Realms->myrealm->Providers.
Click on new Authentication provider button-> you will see 'TrustServiceIdentityAsserter' as one of the types. -
Weblogic security authentication; question to interact with the realm
Hi, I have a quick question about weblogic security authentication....
We are using weblogic 81sp3. We have user-group info in an Novell eDirectory LDAP server.
Currently, a Novell Authenticator provider is configured under : Security > Realms > myRealm > Providers > Authentication This tells Weblogic from where to get the user and groups. Weblogic caches this information of the logged on users for certain time ( example : 60 secs ) after which it cleans the cache for all inactive users. We want to interact with the Weblogic cache. Add more user profile information to this cache and use it in our application .
Does somebody know how to programmatically interact with Weblogic user-group cache - read , write , update and delete user-group info in cache and control time to live for the cache ?already checked
TTLCache class which weblogic provides. But they seem to depracetd it
help ? -
Weblogic security: coping URL into other tab
Hi,
We have two Weblogic servers on two phisically different locations.
First of them, WLS A, have perfect security. When you login into any application that is deployed on it, and try:
- copy URL into another tab or browser window, you are getting returned at login page
- when you close browser (without logout), and try to start application from history, you are getting login page, again
So, URL that you have when you enter the application is absolutely useless. Closing the browser, or tab with application have practicaly same meaning as logout.
Second of them, WLS B, have not that security. When you login into any application that is deployed on it, and:
- copy URL into another tab or browser window, you are getting application without need to login! So that URL can be very dangerous, because it is possible to misuse it, if the user don't make logout
- closing browser without logout: it is possible to find out the URL in history and go back into application without login!
It is obvious that the problem is some setting on weblogic server. We tried to compare the settings on WLS A and WLS B but we have not found the setting that we have search for. The programmer that have found and set that property on WLS A working not more in our company.
Can anybody help, we will be very greatful!
Thanks,Hi,
The authenticate method would take the user and the password details from the environment
(env) that is passed and after successful authentication would populate the subject with
the principals (i.e user, group the user belongs to ..)
It should work with any user that is defined in the WLS not just weblogic/weblogic.
Do you have any other users defined and which group do they belong to?
Vimala
Khalid Rizvi wrote:
I am playing (learning) with weblogic.security.auth.login.UsernamePasswordLoginModule
as a LoginModule using JAAS based authentication. Surprisingly, the only userid
and password combination acceptable is uid=weblogic, pw=weblogic combination.
I went through and looked at the example code under
http://e-docs.bea.com/wls/docs70/security/cli_apps.html#1042212. I found that
the UsernamePasswordLoginModule.login calls into
if (url != null) {
Environment env = new Environment();
env.setProviderUrl(url);
env.setSecurityPrincipal(username);
env.setSecurityCredentials(password);
try {
Authenticate.authenticate(env, subject);
Seems like UsernamePasswordLoginModule only is a router, as it instantiates an
instance of Environemt using the userid and password and passes this Environemtn
instance (env) to Authenticate.authenticate along with the empty Subject instance.
I read about that the Subject instance will be filled in with Principals by the
WL Server.
My question is that firstly,
1. As Authenticate.authenticate is not passed in the uid and pw, will it pick
those from the env?
2. Secondly, why does it only accept uid=weblogic & pw=weblogic.
I will appreciate if some one can put me in the right direction.
Khalid R. Rizvi
508-641-1192
[email protected] -
SOAP handlers and the WebLogic Security Provider Framework
I am new to WebLogic... I am trying to understand the Weblogic security framework in terms of how a SOAP message would be processed. Do SOAP handlers get called before the configured security providers? after being processed by the Authentication provider? after being processed by the Authorization provider? or at some other point?
Thanks. But I have some questions about the seed:
- where is it stored?
- how is it encrypted?
- is the seed regenerated periodically? or under certain circumstances?
Regards,
Janice Pang
"Tom Hegadorn" <[email protected]> wrote:
>
>
Hi Janice,
If you choose to use the PrincipalValidatorImpl class in the
weblogic.security.provider package, the sign() implementation
will be the internal weblogic implementation. This implementation
generates a random seed and computes a digest based on the
random seed. I hope that helps you.
Regards,
Tom Hegadorn
Sr. Developer Relations Engineer
BEA Support
"Janice Pang" <[email protected]> wrote:
From the online documentations, it is said that this weblogic.security.provider.PrincipalValidatorImpl
"signs" the authenticated principals to make sure they are not altered
while they
are transported on the network.
The document also mentioned, as a suggested way to develop a customprincipal
validation provider, to use this class and extend the capabilities of
user and
group classes. What kind of private information from the server isused
for the
signature and where is that information stored? -
How to create default groups in Weblogic- Security Realms -- Groups
Hi Team,
Unfortunately I have deleted some default groups from Weblogic->Security Realms --> Groups. How to add the groups.
Regards,
Ravi.Hi Ravi,
These are the defaults groups present inside Security Realms ,you can manually create them by
Going inside Security Realms-->Users and Groups-->Groups-->New
Administrators----Administrators can view and modify all resource attributes and start and stop servers-----------------------DefaultAuthenticator
Deployers---------Deployers can view all resource attributes and deploy applications.---------------------------------------------DefaultAuthenticator
Monitors-----------Monitors can view and modify all resource attributes and perform operations not restricted by roles.------DefaultAuthenticator
Operators---------Operators can view and modify all resource attributes and perform server lifecycle operations.-------------DefaultAuthenticator
Restart the Admin Server
Regards
FAbian -
OWSM security for a OSB service- authenticate from weblogic security realms
Hello,
I have a requirement to add security to a OSB service.
The user details are configured in weblogic security realms. lets say there are ten different users.
I need to protect my osb service using OWSM policy & the policy should be configured to authenticate the user from realms.
I am new to OWSM & wondering if this is possible?
Can the experts please direct me to any docs or steps?
Thanks
GaneshHi,
Thanks for the links.
I followed the blog and configured it using oracle/wss_username_token_service_policy.
Now my requirement is to send the username,password from proxy to business and to the BPEL. (the bpel needs this username /password & and in header)
The issue I am facing is the proxy service is not sending the soap header details to business service.
I dont want to make the proxy as passthrough. (ie set Process WS-Security Header to NO)
I have to authorize on proxy level and then send the same credential details to business service?
So the question is, how can I retrieve the header after osb process it?
Can anyone please help me here?
Thanks
Ganesh -
Oracle Application Express (APEX) and WebLogic Security
Hi,
Has anyone tried integrating Oracle APEX (custom authentication) with WebLogic Security as the user store?
Thanks
JoelHi
Depending on your architecture - APEX in EBS database - or APEX in it's own database instance you're going to have to change a couple of things.
Most importantly - EBS R12 has removed MOd-PLSQL from the Apps menus and from the HTTP listener.
You will need another HTTP listener - Apache with mod-plsql or Database R11 with Embedded Plsql Gateway - EPG.
Second the way that APEX is called from EBS using the Web PLSQL functions in EBS menus is no longer supported in R12.
Check out https://sites.google.com/a/popay.be/apex-on-apps/apps - follow the contacts there - they have also developed a Java utility to call APEX from EBS R12.
In short - depsite Oracle's 'statement of direction' to move away from mod-plsql and removing this from EBS R12 (just what motivates this wierd thinking???)- APEX is still the most flexible and cost-effective means to extend EBS functionality - especially in reporting - and it works just fine in R12.
Good luck
Mike -
Weblogic.security.SecurityInitializationException: Authentication for user
Folks,
I've newly installed Weblogic server on my home laptop.
I can't startup the weblogic server.
Errors are
Now, I know the location of the boot.properties file the server accesses, because if I delete and restart the server it asks for userid/password.
If that file does not exists it gives the following error
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
So, I thought the best way is to RECOVER the password and tried following the steps
1. At the command line, change directory to the domain and run the setEnv script to set the PATH and CLASSPATH.
2. cd <domain_home>/security
3. mv DefaultAuthenticatorInit.ldift DefaultAuthenticatorInit.ldift_BKP
4. run java weblogic.security.utils.AdminAccount <tempadmin> <temppassword> ./
-above command will Create a new DefaultAuthenticatorInit.ldift
4. cd <domain_home>/servers/<AdminServer>/data/ldap
5. mv DefaultAuthenticatormyrealmInit.initialized DefaultAuthenticatormyrealmInit.initialized_BKP
6. Restart the Admin Server.
7. Login with new username/password
The question is how do I run Step 4) above? Like what is the Java home, or jar file that has the weblogic.security.utils.AdminsAccount class?
Thanks
RaviThe class "weblogic.security.utils.AdminAccount" is part of weblogic.jar
And JAVA_HOME would be the java installation directory, for example "D:\Middleware\wls1036\jdk160_29\bin"
So, for example, the same command can be read as
D:\Middleware\wls1036\jdk160_29\bin\java -cp D:\Middleware\wls1036\wlserver_10.3\server\lib\weblogic.jar weblogic.security.utils.AdminAccount <tempadmin> <temppassword> .
OR
Another option for you is to just run setDomainEnv to set the JAVA_HOME and CLASSPATH variables for us.
For windows open a command prompt and run,
<domain_home>/bin/setDomainEnv.cmd
For linux run,
. <domain_home>/bin/setDomainEnv.sh {Remember the dot and space, ". ", at the beginning are very important for a open shell with the environment variables set}
After running the above command, then cd <domain_home>/security (step 2)
Now, after doing the above, you can directly run the command in step 4
java weblogic.security.utils.AdminAccount <tempadmin> <temppassword> ./
Arun -
Weblogic.security.SecurityInitializationException: Authentication for user system denied
Reason: weblogic.security.SecurityInitializationException: Authentication for user system denied
I tried my user name.But server didn't start.PLz help me and tell me what i have to do.
ThanksHi,
The admin server is also able to start the managed server. The easiest way is
to use a script. The command of starting a managed server is not much different
from the one for the admin server. Just make sure that you reference the admin
server URL (eg. http://localhost:7001). The more production environment way of
managing managed server is to use the notemanger. See the admin guide for more
infos.
Which version are you using?
Kai
"hari" <[email protected]> wrote:
>
Hi!Kai..
I tried with system/weblogic....but same error.Actually i created domain
and managed
server in existing domain throgh config.sh
But the admin server is running properly.But the manager is not starting,user
authentication problem is coming.When i was created domain..i created
a user.I
started admin server with that user...but manged server is not starting.Plz
help
me.
Maybe you are looking for
-
How to define special character in html text file used in loadvars
Hi I'm witing some maths software and need to use the division sign in a text file which is loaded using LoadVars(). The variable loaded is then assigned to a text area. Here's the variable example. &hint1=<title><b>Challenge 1: Instant recall of any
-
Need solution for Requirements
Hi All, I am very new to Adobe and need to know if Adobe LiveCycle can solve my problem. I need to create a PDF based electronic form for entering data in a pre-defined format. Once data is filled, the utility should generate a report in a pre-define
-
HT1386 Why do we have to use I Cloud to sync. calendars and contacts?
The new IPhones don't allow you to sync your calendars, contacts, and other information without going through a cloud service. I don't want to use the cloud with this particular phone. This is taking away customer choice.
-
.. If the app is – in or out of background - (if in background NOT the first app) and the device locked – when you get a push message and DO NOT response straight away. let it fade off then, Later unlock, click the app icon (which will have a badge
-
2.16GHz Intel Core 2 Duo or 2.0??? Tell me which to go with and why please!
Hey im trying to decide on which macbook to get. I am getting the white version but don't know on which processor. Both MBs will be equipped with 2GB 667 DDR2 SDRAM - 2x1GB memory and 160 gb HD. But i wanted to know if the 2.16 processor is worth the