Weblogic.security.X509 alternative in WLS 9.1
Hi All
We have setup IIS 5.0 with 2 way SSL for client connection. We have also configured IIS weblogic proxy for Weblogic 9.1 using iisproxy.dll. The connection between IIS and WebLogic 9.1 is HTTP based. We are trying to get the client certificate in Weblogic 9.1 using the following code
java.security.cert.X509Certificate certs [];
certs = (java.security.cert.X509Certificate [])
request.getAttribute("javax.servlet.request.X509Certificate");
However the returned certificates are NULL.
We have also enabled Client Cert Proxy and Weblogic Plug-in in Weblogic 9.1 configuration.
We are trying to migrate from weblogic 8 to 9.1 and our previous code was as follows
weblogic.security.X509 [] certs = (weblogic.security.X509[])req.getAttribute("javax.net.ssl.peer_certificates");
This code work fine with the same IIS setup. Since weblogic.security.X509 is removed in WLS 9.1 we are forced to change our code.
Please help!
Message was edited by:
rmkandan
hi
Currently I am using
req.getHeader("WL-Proxy-Client-Cert")
to get the client certificate and then i do the following to get the X509 cert format
if (pemCert != null && pemCert.length() > 0 ){
pemCertBuff.append("-----BEGIN CERTIFICATE-----");
pemCertBuff.append(pemCert);
pemCertBuff.append("-----END CERTIFICATE-----");
System.out.println("CertificateUtil:getFingerPrint: pemCertBuff --"+pemCertBuff.toString());
X509Certificate certs = null;
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream bis = new ByteArrayInputStream(pemCertBuff.toString().getBytes());
weblogic.security.PEMInputStream pemIs = new weblogic.security.PEMInputStream(bis);
BufferedInputStream bufis = new BufferedInputStream(pemIs);
certs = (X509Certificate)cf.generateCertificate(bufis);
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
And I am able to get the certificate, but I need to know is there any other elegant way to get the certificate as we did using weblogic.security.X509 class?
Please help!!
Message was edited by:
rmkandan
Similar Messages
-
Weblogic.security.X509 API
Hello All,
Is the API documentation for the weblogic.security.X509 class, or for
that matter the entire package, documented somewhere?
Thanks,
Dan
[dan.vcf]Hello All,
I would like a client java program to communicate with a WLS over a t3s
connection with two-way SSL.
We have generated certificates for browsers that work fine for the two-way SSL.
I have access to the base 64 encoded certificate that the java client program
can use. I am assuming I need a private key also for use in the
setSSLClientCertificate(InputStream[] chain) method for decryption of data
coming to to the client. For a WLS server, this is no problem.
Question(s): Am I correct in this private key assumption? If I do need the
private key, how could I get it.
Thanks
[dan.vcf] -
Weblogic.security.KeyManagementException: java.io.EOFException
I am getting the following error when I am use the certificate
obtained from baltimore instead of the default provided by weblogic. I
used der2pem also to convert ".der" key file to ".pem" format - it
didn't work
I am running one-way SSL.
the configuration I have specified is:
Server Key File Name: config/mydomain/privatekey.pem
Server Certificate File Name: config/mydomain/DownloadCert.pem
Server Certificate Chain File
Name: config/mydomain/DownloadCert_root.pem
<05-Mar-02 17:22:01 GMT> <Info> <Logging> <Only log messages of
severity "Error"
or worse will be displayed in this window. This can be changed at
Admin Console
mydomain> Servers> myserver> Logging> General> Stdout severity threshold>java.io.EOFException
at weblogic.security.Utils.inputByteArray(Utils.java:143)
at weblogic.security.ASN1.ASN1Utils.inputASN1Integer(ASN1Utils.java:120)
at weblogic.security.X509.input(X509.java:120)
at weblogic.security.X509.initialize(X509.java:81)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:09 GMT> <Alert> <WebLogicServer> <Inconsistent
security configu
ration, weblogic.security.KeyManagementException:
java.io.EOFException>
weblogic.security.KeyManagementException: java.io.EOFException
at weblogic.security.X509.initialize(X509.java:86)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <WebLogic Server
started>
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <ListenThread
listening on po
rt 7001>
Any help will be appriciated.
regards
sachinI am getting the following error when I am use the certificate
obtained from baltimore instead of the default provided by weblogic. I
used der2pem also to convert ".der" key file to ".pem" format - it
didn't work
I am running one-way SSL.
the configuration I have specified is:
Server Key File Name: config/mydomain/privatekey.pem
Server Certificate File Name: config/mydomain/DownloadCert.pem
Server Certificate Chain File
Name: config/mydomain/DownloadCert_root.pem
<05-Mar-02 17:22:01 GMT> <Info> <Logging> <Only log messages of
severity "Error"
or worse will be displayed in this window. This can be changed at
Admin Console
mydomain> Servers> myserver> Logging> General> Stdout severity threshold>java.io.EOFException
at weblogic.security.Utils.inputByteArray(Utils.java:143)
at weblogic.security.ASN1.ASN1Utils.inputASN1Integer(ASN1Utils.java:120)
at weblogic.security.X509.input(X509.java:120)
at weblogic.security.X509.initialize(X509.java:81)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:09 GMT> <Alert> <WebLogicServer> <Inconsistent
security configu
ration, weblogic.security.KeyManagementException:
java.io.EOFException>
weblogic.security.KeyManagementException: java.io.EOFException
at weblogic.security.X509.initialize(X509.java:86)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <WebLogic Server
started>
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <ListenThread
listening on po
rt 7001>
Any help will be appriciated.
regards
sachin -
Weblogic.security.KeyManagementException: java.io.EOFExceptio
I am getting the following error when I am use the certificate obtained from baltimore
instead of the default provided by weblogic.
private key that was generated by the Certificate Servlet.
<05-Mar-02 17:22:01 GMT> <Info> <Logging> <Only log messages of severity "Error"
or worse will be displayed in this window. This can be changed at Admin Console
mydomain> Servers> myserver> Logging> General> Stdout severity threshold>java.io.EOFException
at weblogic.security.Utils.inputByteArray(Utils.java:143)
at weblogic.security.ASN1.ASN1Utils.inputASN1Integer(ASN1Utils.java:120)
at weblogic.security.X509.input(X509.java:120)
at weblogic.security.X509.initialize(X509.java:81)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:09 GMT> <Alert> <WebLogicServer> <Inconsistent security configu
ration, weblogic.security.KeyManagementException: java.io.EOFException>
weblogic.security.KeyManagementException: java.io.EOFException
at weblogic.security.X509.initialize(X509.java:86)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <WebLogic Server started>
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <ListenThread listening on
po
rt 7001>I am getting the following error when I am use the certificate obtained from baltimore
instead of the default provided by weblogic.
private key that was generated by the Certificate Servlet.
<05-Mar-02 17:22:01 GMT> <Info> <Logging> <Only log messages of severity "Error"
or worse will be displayed in this window. This can be changed at Admin Console
mydomain> Servers> myserver> Logging> General> Stdout severity threshold>java.io.EOFException
at weblogic.security.Utils.inputByteArray(Utils.java:143)
at weblogic.security.ASN1.ASN1Utils.inputASN1Integer(ASN1Utils.java:120)
at weblogic.security.X509.input(X509.java:120)
at weblogic.security.X509.initialize(X509.java:81)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:09 GMT> <Alert> <WebLogicServer> <Inconsistent security configu
ration, weblogic.security.KeyManagementException: java.io.EOFException>
weblogic.security.KeyManagementException: java.io.EOFException
at weblogic.security.X509.initialize(X509.java:86)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <WebLogic Server started>
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <ListenThread listening on
po
rt 7001> -
Weblogic.security.CipherException: Incorrect block length 256 (modulus
Hi,
I have a stand alone java client which runs in the weblogic 8.1 server and when I tried to connect to the external site using the weblogic's HttpsURLConnection ,its throws the below exception.
weblogic.security.CipherException: Incorrect block length 256 (modulus length 128)
<Info> <Security> <BEA-090511> <The following exception has occurred:
weblogic.security.CipherException: Incorrect encrypted block
at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:205)
at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
at weblogic.security.X509.verifySignature(X509.java:246)
at weblogic.security.X509.verify(X509.java:176)
at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:133)
at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
at weblogic.security.SSL.Handshake.input(Handshake.java:121)
at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
at weblogic.net.http.HttpClient.New(HttpClient.java:228)
at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:217)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:319)
at HttpsConnect.main(HttpsConnect.java:13)
<Info> <SSL> <000000> <weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate>
java.io.IOException: weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate
at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:172)
at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
at weblogic.security.SSL.Handshake.input(Handshake.java:121)
at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
at weblogic.net.http.HttpClient.New(HttpClient.java:228)
at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:359)
at HttpsConnect.main(HttpsConnect.java:13)
I verified the certifiate chain by using the weblogic's ValidateCertChain utility, and the output seems to be confusing for the intermediate site and the entity site.
java utils.ValidateCertChain -pem inter.cerCert[0]: CN=VeriSign Class 3 International Server CA - G3,OU=Terms of use at https://www.verisign.com/r
pa (c)10,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US
Certificate chain is incomplete, can't confirm the entire chain is valid
Certificate chain appears valid
Any pointers will be appreciated.This might be because Verisign has included anadditional intermediate certificate in its chain
You can find it here
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657&actp=search&viewlocale=en_US
Contact Verisign Support, u can chat with them even...
Let me know if you have any doubt.
Cheers!
Faisal
http://www.weblogic-wonders.com -
Weblogic.security.cache.debug property for wls 6.1
Hi,
how can I set the weblogic.security.cache.debug property that worked with wls
5.1. with the new 6.1 version ?
Thanks a milion!With database concurrency, there is one instance per primary key per
transaction.
So if tx-1 calls pk 'Rob' and tx-2 calls pk 'Rob', they'll each have their own
instance.
-- Rob
levi wrote:
From weblogic ejb spec, it is said that for WLS 6.1 the default locking
services is Database locking now. The container will defer locking services
to the underlying database.
My question is in WLS6.1, for a single row of data record stored in the
underlying database, how many entity beans for this specific record in a
single WebLogic container can have? I know that in WLS5.1, there's only 1
entity bean instance for a specific record.
If in WLS6.1 there's still only 1 entity bean instance for a data record,
how does the container deal with the case in which multiple clients try to
update this entity bean concurrently (and at this time the container use
database locking service)?
Thanks,
Levi -
Error:- weblogic.security.SecurityInitializationException: Authentication
Hi,
I am getting below error when ever i am trying to start the Managed server in cluster environment(unix).
I am able to start the server on local machine but in case of remote machine its not gettig started.
I have tried most of the steps as mentioned below:-
1) Changed the weblogic passowrd.
2) Delete boot.properties.
3) deleted $DOMAIN_DIR\servers\<admin-server-name>\data\ldap
4) Followed below post also but nothing worked:-
https://forums.oracle.com/forums/thread.jspa?threadID=956750&start=30&tstart=0
####<Nov 14, 2011 7:41:28 PM IST> <Info> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888310> <BEA-000000> <WebLogic Server "soa_server2" version:
WebLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PDT 2011 1398638 Copyright (c) 1995, 2009, Oracle and/or its affiliates. All rights reserved.>
####<Nov 14, 2011 7:41:28 PM IST> <Notice> <Log Management> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888419> <BEA-170019> <The server log file /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/logs/soa_server2.log is opened. All server side log events will be written to this file.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Log Management> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888426> <BEA-170023> <The Server Logging is initialized with Java Logging API implementation.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Diagnostics> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888494> <BEA-320001> <The ServerDebug service initialized successfully.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "t3" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "t3s" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "http" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "https" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888561> <BEA-002622> <The protocol "iiop" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "iiops" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "ldap" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "ldaps" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888564> <BEA-002622> <The protocol "cluster" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888565> <BEA-002622> <The protocol "clusters" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888568> <BEA-002622> <The protocol "snmp" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888568> <BEA-002622> <The protocol "admin" is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888569> <BEA-002624> <The administration protocol is "t3s" and is now configured.>
####<Nov 14, 2011 7:41:28 PM IST> <Info> <RJVM> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888583> <BEA-000570> <Network Configuration for Channel "soa_server2"
Listen Address 172.17.103.42:8101
Public Address N/A
Http Enabled true
Tunneling Enabled false
Outbound Enabled false
Admin Traffic Enabled true>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889336> <BEA-002609> <Channel Service initialized.>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <Socket> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889410> <BEA-000436> <Allocating 4 reader threads.>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <Socket> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889412> <BEA-000446> <Native IO Enabled.>
####<Nov 14, 2011 7:41:29 PM IST> <Info> <IIOP> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889612> <BEA-002014> <IIOP subsystem enabled.>
####<Nov 14, 2011 7:41:32 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279892649> <BEA-090894> <Successfully loaded the OPSS Policy Provider using oracle.security.jps.internal.policystore.JavaPolicyProvider.>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893102> <BEA-000000> <Starting OpenJPA 1.1.1-SNAPSHOT>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893224> <BEA-000000> <StoreServiceImpl.initJDO - StoreService is initialized with Id = ldap_qMT60FRl3kIPYftFoWhBFbhSxuY=>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893501> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/XACMLAuthorizermyrealmInit.initialized, will load full LDIFT.>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893509> <BEA-090074> <Initializing Authorizer provider using LDIF template file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift.>
####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893921> <BEA-090075> <The Authorizer provider has had its LDIF information loaded from: /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894240> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/DefaultCredentialMappermyrealmInit.initialized, will load full LDIFT.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894240> <BEA-090827> <LDIF template file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/DefaultCredentialMapperInit.ldift was empty. The WebLogic provider CredentialMapper has been bootstrapped but has not been initialized with any LDIF data.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894250> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/XACMLRoleMappermyrealmInit.initialized, will load full LDIFT.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894251> <BEA-090074> <Initializing RoleMapper provider using LDIF template file /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/security/XACMLRoleMapperInit.ldift.>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894265> <BEA-090075> <The RoleMapper provider has had its LDIF information loaded from: /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/security/XACMLRoleMapperInit.ldift>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894442> <BEA-090093> <No pre-WLS 8.1 Keystore providers are configured for server soa_server2 for security realm myrealm.>
####<Nov 14, 2011 7:41:34 PM IST> <Notice> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894442> <BEA-090082> <Security initializing using security realm myrealm.>
####<Nov 14, 2011 7:41:34 PM IST> <Critical> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894594> <BEA-090403> <Authentication for user weblogic denied>
####<Nov 14, 2011 7:41:34 PM IST> <Critical> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894596> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy28.login(Unknown Source)
at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
at $Proxy46.authenticate(Unknown Source)
at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:348)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:929)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
####<Nov 14, 2011 7:41:34 PM IST> <Notice> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894605> <BEA-000365> <Server state changed to FAILED>
####<Nov 14, 2011 7:41:34 PM IST> <Error> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894605> <BEA-000383> <A critical service failed. The server will shut itself down>
####<Nov 14, 2011 7:41:34 PM IST> <Notice> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894608> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
####<Nov 14, 2011 7:41:34 PM IST> <Info> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894618> <BEA-000236> <Stopping execute threads.>
Please help.
thanks in advanceI've tried every trick in the book but no luck and finally I found a solution for this problem. Maybe it is not the best practice but it works:
1-Uninstall JDeveloper.
2-Delete Oracle Middleware file located in C:\Oracle
3-Delete the JDeveloper file located in C:\Users\MyUser\AppData\Roaming (Because the integrated Weblogic server is actually there)
4-Reinstall JDeveloper
That solved the issue.
Thanks -
Hi -
I have installed OIM 11g r2 ps2, I an tring to start my Admin and SOA server :
1. Though my admin server is coming up fine, but I am getting the following error when I am trying to start Admin server.
####<Apr 22, 2015 12:22:27 AM PDT> <Error> <Deployer> <devoimx003> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS
Kernel>> <> <> <1429687347654> <BEA-149205> <Failed to initialize the application 'opss-DBDS' due to error weblogic.security.internal.encryption.EncryptionServiceException.
weblogic.security.internal.encryption.EncryptionServiceException
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: weblogic.security.internal.encryption.EncryptionServiceException
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
2. My SOA server is coming up but in admin mode and giving OPSS connections errors.
Any help is really appreciated!
Thanks,
SKHi Faisal -
is your domain in development mode or production mode?
- While configuring my domian , I had selected Prod Mode, but pon start up when I see in admin server console, it is starting in developement mode already ?
Any idea how, why ?
if its production mode you can switch to development mode, change all the credentials in the config.xml and configurations under sub folders to cleartext and start the server..
- Let me still try these and get back to you.
Thanks,
SK -
The weblogic.security.Security.runAs() and JAAS Subject
Let say that I have Java client with some JAAS code that authenticates
the user. The LoginContext generates a Subject containing the Principal
name of the authenticated user, but also some private credentials that
makes the Subject secure.
Now I want to call an EJB on WLS.
Having JNDI (EJB) code inside a PriviledgesAction and using the
weblogic.security.Security.runAs() method, I assume that the Subject is
sent over the wire with the EJB call. If not, please correct me.
Question is: How does WLS authenticate this call? What modules are
called? IdentityAsserter? LoginModule? Is the Subject simply assumed
"valid"? Any documentation describing how this is done?
/BoHi,
Problem is solved, we also got security exception when we tried to call MBeans.For this to work we have to set
-Dweblogic.disableMBeanAuthorization=true in weblogic startup script so that our application can access MBeans.
Thanks
girish -
What is the best way to deploy/update custom security realm classes to WLS 6.0?
From the WLS 6.0 console, I see that I can specify the Java class that
implements my custom security realm but I am wondering what is the best way
to deploy/update this code. I don't see a way to do this from the console.
Does this mean that I have to manually copy the class files over that
implement my custom security realm?Thanks Danut,
A jar file seems to be a good way to package it up but it sounds like it
still needs to be manually copied to each Weblogic server install directory
post-installation and whenever it is updated. I thought it would be nice to
be able to deploy/update the custom security realm by uploading it through
the Console just as you can with web applications and EJBs.
Brian
"Danut Prisacaru" <[email protected]> wrote in message
news:3aba2db0$[email protected]..
You have to have your Custom Realm class in the class path. I usually havea
jar file with all the Custom Realm classes and that jar I copy it in thelib
folder. Then I modify "startWebLogic.cmd" and I add to the classpath
".\lib\CustomRealm.jar"
set
CLASSPATH=.;.\lib\weblogic_sp.jar;.\lib\weblogic.jar;.\lib\CustomRealm.jar;
>
Be aware that in order to have you custom realm besides creating thecustom
realm using the console you also have to create a custom caching andchoose
that one as your default caching realm.
Here is how the security settings are looking in my "config.xml"
<CustomRealm Name="CustomRealm"
RealmClassName="Custom.appserver.weblogic.security.CustomRealm"/>
<CachingRealm BasicRealm="CustomRealm" CacheCaseSensitive="true"
Name="CustomCachingRealm"/>
<Realm CachingRealm="CustomCachingRealm" FileRealm="wl_default_file_realm"
Name="wl_default_realm"/>
<FileRealm Name="wl_default_file_realm"/>
<Security GuestDisabled="false"
Name="mydomain" PasswordPolicy="wl_default_password_policy"
Realm="wl_default_realm"/>
Danut -
Weblogic security: coping URL into other tab
Hi,
We have two Weblogic servers on two phisically different locations.
First of them, WLS A, have perfect security. When you login into any application that is deployed on it, and try:
- copy URL into another tab or browser window, you are getting returned at login page
- when you close browser (without logout), and try to start application from history, you are getting login page, again
So, URL that you have when you enter the application is absolutely useless. Closing the browser, or tab with application have practicaly same meaning as logout.
Second of them, WLS B, have not that security. When you login into any application that is deployed on it, and:
- copy URL into another tab or browser window, you are getting application without need to login! So that URL can be very dangerous, because it is possible to misuse it, if the user don't make logout
- closing browser without logout: it is possible to find out the URL in history and go back into application without login!
It is obvious that the problem is some setting on weblogic server. We tried to compare the settings on WLS A and WLS B but we have not found the setting that we have search for. The programmer that have found and set that property on WLS A working not more in our company.
Can anybody help, we will be very greatful!
Thanks,Hi,
The authenticate method would take the user and the password details from the environment
(env) that is passed and after successful authentication would populate the subject with
the principals (i.e user, group the user belongs to ..)
It should work with any user that is defined in the WLS not just weblogic/weblogic.
Do you have any other users defined and which group do they belong to?
Vimala
Khalid Rizvi wrote:
I am playing (learning) with weblogic.security.auth.login.UsernamePasswordLoginModule
as a LoginModule using JAAS based authentication. Surprisingly, the only userid
and password combination acceptable is uid=weblogic, pw=weblogic combination.
I went through and looked at the example code under
http://e-docs.bea.com/wls/docs70/security/cli_apps.html#1042212. I found that
the UsernamePasswordLoginModule.login calls into
if (url != null) {
Environment env = new Environment();
env.setProviderUrl(url);
env.setSecurityPrincipal(username);
env.setSecurityCredentials(password);
try {
Authenticate.authenticate(env, subject);
Seems like UsernamePasswordLoginModule only is a router, as it instantiates an
instance of Environemt using the userid and password and passes this Environemtn
instance (env) to Authenticate.authenticate along with the empty Subject instance.
I read about that the Subject instance will be filled in with Principals by the
WL Server.
My question is that firstly,
1. As Authenticate.authenticate is not passed in the uid and pw, will it pick
those from the env?
2. Secondly, why does it only accept uid=weblogic & pw=weblogic.
I will appreciate if some one can put me in the right direction.
Khalid R. Rizvi
508-641-1192
[email protected] -
Hi,
when I want to start managed server :
<Sep 5, 2014 4:56:12 PM GST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user denied
weblogic.security.SecurityInitializationException: Authentication for user denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Truncated. see log file for complete stacktrace
>
<Sep 5, 2014 4:56:12 PM GST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Sep 5, 2014 4:56:12 PM GST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Sep 5, 2014 4:56:12 PM GST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
ThanksNever mind, the correct command is:
wls:/nm/IDMDomain> pr=makePropertiesObject("username=weblogic;password=weblogic0");
wls:/nm/IDMDomain> nmStart('AdminServer',props=pr);
It would be interesting however to have a list of all names of environmental variables that we can possibly set.
Cheers. -
Hi All,
My requirements are as follows:
1) Have a central repository like the iplanet Directory server to store the information
of users,groups etc
2)Perform identity management to manage roles and permissions This includes the
ability to define users, resources, and abstract concepts such as a user role
or a group
3)The final requirement is access management. This is the enforcement of which
users have access to what information. It includes authentication and authorization
mechanisms to make sure someone is who they claim to be and that they have the
authority to get the information they requested, and access management to enforce
the permissions
I need to achieve these requirements for my Portal application. My queries for
the same are as follows
1)The default Weblogic authetication providers can be used to authenticate users
located on iplanet Directory server.
2)But my doubt is with the authorization provider, Role Mapper providers etc they
seem to be tightly coupled to the embedded LDAP. In order to solve my requirements
on 2 and 3 what are the approaches that are available.
3)I also have tried to create a new Realm that the Iplanet authentication provider
configured to authenticate against iPlanet LDAP and also the other default providers
that come along with
weblogic to do authorization checks. When I try to start my server I get the following
errror and the server does not start.
<Nov 28, 2003 4:58:31 PM GMT+05:30> <Critical> <Security> <BEA-090404> <User weblogic
is not permitted to boot the server; The
server policy may have changed in such a way that the user is no longer able to
boot the server.Reboot the server with the administrative user account or contact
the system administrator to update the server policy definitions.>
The WebLogic Server did not start up properly.
Reason: weblogic.security.SecurityInitializationException: User weblogic is not
permitted to boot the server; The server policy
may have changed in such a way that the user is no longer able to boot the server.Reboot
the server with the administrative us
er account or contact the system administrator to update the server policy definitions.
Can anyone suggest me any ways to solve my queries and if you could provide some
input on how to solve my requirements that will be very useful and we are WLS
shop so the solution should be within the reach of weblogic server securityHi,
This is w.r.t the same query.
1)Where do you want your role and policy information stored? How is your role
and policy information defined? The WLS framework is limited to WLS resources
(ejbs,
webapps,jdbc connection pools, etc.)
Ans) The Roles and Policies are defined in the External LDAP.
"Anand" <[email protected]> wrote:
>
Hi,
Thanks for your replies. I have a couple of other queries which are as
follows:
1. How do we decouple the Embeded LDAP and connect to External LDAP Server
for
Authentication and Authorization( I prefer iPlanet LDAP Server)
2. Is Portal WLS resource ? If so I want to build a Access Control List.
3. Can you point me to any resource which guides me how to configure
iPlanet server
for authentication and Authorization. I am a novice. This tutorial/sample
should
include all necessary codes.
"Peter" <PeterB> wrote:
"Anand" <[email protected]> wrote in message
news:[email protected]...
Hi All,
My requirements are as follows:
1) Have a central repository like the iplanet Directory server to
store
the information
of users,groups etc
2)Perform identity management to manage roles and permissions Thisincludes the
ability to define users, resources, and abstract concepts such as
a
user
role
or a group
3)The final requirement is access management. This is the enforcementof
which
users have access to what information. It includes authentication
and
authorization
mechanisms to make sure someone is who they claim to be and that theyhave
the
authority to get the information they requested, and access managementto
enforce
the permissions
I need to achieve these requirements for my Portal application. Myqueries
for
the same are as follows
1)The default Weblogic authetication providers can be used to authenticateusers
located on iplanet Directory server.
2)But my doubt is with the authorization provider, Role Mapper providersetc they
seem to be tightly coupled to the embedded LDAP. In order to solvemy
requirements
on 2 and 3 what are the approaches that are available.The role mapper and authorization providers do store roles and policies
in
embedded
ldap server.
Where do you want your role and policy information stored? How is your
role
and policy
information defined? The WLS framework is limited to WLS resources (ejbs,
webapps,
jdbc connection pools, etc.)
3)I also have tried to create a new Realm that the Iplanet authenticationprovider
configured to authenticate against iPlanet LDAP and also the otherdefault providers
that come along with
weblogic to do authorization checks. When I try to start my serverI get
the following
errror and the server does not start.
WLS uses the server resource to determine if you can boot the server.
There
is a policy
that allows users with admin or operator role. The default for thatrole
is
member
of the administrators or operators group. You can change this role
expression with
the console.
Therefore, check to see if your boot user is a member of the administrators
group.
> -
Hi,
I am trying to propagate Custom principal from thick client to WLS server 8.1 sp3. I use Authenticate.authenticate() at client side login module (jar at client side is weblogi.jar; i have my own Authentication provider at the server domain) and everything works fine. But once the user does a logout and re-login (application does not exit) the old security attribute inside the subject get propagated again not the new one.
I don't have access to main thread which means Security.runAs is not vaiable for me.
options i tired :
1) subject.getPrincipals().clear; subject = null;
2) weblogic.security.authenticatePushSubject system property, in which case, first call after login propagated the correct Subject amd from the next call onwards it went back to the old Subject.
3) Authenticate.logout() in the logout of my LoginModule
nothing works.
is there any other way to ensure that old Subject is removed and new subject is pushed to the stack.
Any known solution to this?
thanks in advance
Rajsolved it.
used SwingUtils.invokelater() at client side to make sure that login happens in event queue +
weblogic.security.authenticatePushSubject to true +
clearing all contexts and principals at logout
made sure that new subject is available for further calls.
only worry is , when bea is going to deprecate the weblogic.security.authenticatePushSubject property....
sorry for disturbing busy minds
thanks
Raj -
[Weblogic Security In Action]
摘要
本文将探讨Weblogic Platform中的安全框架以及在该框架下如何实现企业安全(Weblogic Enterprise Security,简称WLES)。
本文分为上中下三篇。
上篇主要阐述WLES的概念,将按照如下的思路,让读者对Weblogic安全框架有一个明晰的理解,并在此基础上明白Weblogic基本安全要素如User,Group,Role,Resource。并探讨在WLES下实现认证和授权的方法。
中篇主要阐述WLES的配置,重点讲述如何在WLS中配置SSL和证书,如何配置LDAP和数据库,如何实现Windows集成安全,如何在开源技术如CAS,SAML,SPNEGO等基础上实现单点登陆(Single Sign on,即SSO)。
下篇主要解释Weblogic Mbean机制,讲述如何实现自己的Custom Security Provider,并解释如何使用Weblogic Security Provider构造一个强大稳健的安全体系。
[上篇]
1, Weblogic Platform安全框架概述
2, Security Realm下的用户、组、角色、资源和安全策略
3, 认证与授权
[中篇]
4, 配置SSL与数字证书
5, Windows集成安全
6, 单点登陆(SSO)
[下篇]
7, 实现自己的Security Provider
8, 在Security Provider上构造灵活的安全体系
目前只写好
Weblogic Security In Action 上篇
http://www.matrix.org.cn/blog/cas/archives/WeblogicSecurityInAction(1).swf
原来写文章是这么累的。
中篇,下篇正在撰写中,请密切关注。
希望各位指出文章的纰漏,然后发邮件给我,因为我实在没时间很仔细去审阅。为了方便Weblogic用户管理JKS证书,我发布了一个Eclipse插件,代号SecureX,该插件将集成Keytool, Axis数字签名,加密,和SSO/SSL向导,目前版本为1.0.0,改自于KeytoolGUI1.6版本。
作了不少的增强,原来的版本已经停止开发并被作者商业化,开源版本以后将由我提供:)
SecureX 的URL: http://www.blogjava.net/openssl/archive/2006/03/17/35781.html
关于SecureX,请参看http://www.blogjava.net/openssl/archive/2006/02/08/29886.aspx
该Project遵循GPL,参见https://sourceforge.net/projects/securex/
源代码将在2.0发布到SF。
代替Keytool的图形化界面,增加了数字签名功能,原来的版本来自于Keytool Gui 1.6(基于SWing),我重写了SWT界面,集成到SecureX并以SecureX为基础,不断扩展Java Security功能,包括加密,签名,SSO向导,SSL向导之类的功能。
下载:
http://www.blogjava.net/Files/openssl/plugins.part1.rar
http://www.blogjava.net/Files/openssl/plugins.part2.rar
http://www.blogjava.net/Files/openssl/plugins.part3.rar
http://www.blogjava.net/Files/openssl/plugins.part4.rar
http://www.blogjava.net/Files/openssl/plugins.part5.rar
http://www.blogjava.net/Files/openssl/plugins.part6.rar
http://www.blogjava.net/Files/openssl/plugins.part7.rar
下载完毕后,解压到plugins目录,然后找到
其子目录SecureX_1.0.0
然后,将其整个Copy到Eclipse目录下的Plugin目录下,重启Eclipse,
然后点击菜单项Securex下KeyTool,就可以运行。
如对SecureX有兴趣,请加入SecuritySite群(14966586)或者email给我:openssl(at)163.com
Maybe you are looking for
-
I have a Macbook and I left it unplugged. It started up slowly when I plugged it in again, but it seemed fine. Once it started charging I shut it down so it would be easier, but now it will not go past the grey screen with the apple. What do I do? I
-
Macbook Pro (mid-2010) Freezes on Sleep & Wake
I have a Macbook Pro (Mid-2010) that I have had for little less then 5 months. I have had no problems untill now; my computer will not sleep properly. I tell it to sleep or power settings go into effect and the screen will go black but all my keys s
-
Calendar app contains multiple entries for birthday calendar and Apple US Holiday's calendar.
After the most recent update, my calendar app began showing duplicate entries for all of my calendars (google, birthday and US Holidays). I deleted all of the google calendars from my phone and then added each calendar back to the phone one at a time
-
Slideshow Captions in Different Positions
Is it possible to have the captions in a slideshow in different places on the slides? I uncheck "Edit Together" but when I move the caption in 1 slide they move in all of them.
-
How to clear previously entered keywords in HUD in one fell swoop?
Hi, Is there an alternative to hunting and pecking (AND MISSING) every previously checked box - and clearing all of them with one click? Thanks a lot, Raphael