Alternative to SSLAdapterFactory &  WLSSLAdapter in weblogic 10.3??

Similar Messages

• Configuring file realm in weblogic server 9.2

  Hi,
  I am trying to upgrade my application from weblogic 6.1 to weblogic 9.2 and I am using compatibility security.
  I have configured a RDBMS realm and then configured the caching realm giving that RDBMS realm as its Base realm.
  Now since caching realm works with file realm. I have to configure this also. Now on click of file realm tab in weblogic 9.2 throws the following error.
  java.lang.RuntimeException: The requested operation is not exposed through JMX in this context: equals
  Caused by: java.lang.NoSuchMethodException: equals(java.lang.Object,) for com.bea:Name=CachingRealm-0,Type=CachingRealm
       at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:369)
       at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
       at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
       at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
       at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:149)
       at weblogic.management.mbeanservers.internal.SecurityMBeanMgmtOpsInterceptor.invoke(SecurityMBeanMgmtOpsInterceptor.java:63)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:149)
       at weblogic.management.mbeanservers.edit.internal.EditLockInterceptor.invoke(EditLockInterceptor.java:141)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:149)
       at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:426)
       at weblogic.management.mbeanservers.internal.AuthenticatedSubjectInterceptor$10.run(AuthenticatedSubjectInterceptor.java:377)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.management.mbeanservers.internal.AuthenticatedSubjectInterceptor.invoke(AuthenticatedSubjectInterceptor.java:375)
       at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:310)
       at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1408)
       at javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
       at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1245)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1348)
       at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:782)
       at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
       at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
       ... 91 more
  Can anyone help me out?
  Thank you
  Njoy
  :-)

  You may still need to define the role in the weblogic.xml file in order for deployment descriptor-based role definition to work (alternatively you could use the WebLogic Server console to define the role and policy).
  You can specify your role "testrole" as "externally-defined" as opposed to mapping it to specific principals.
  See http://e-docs.bea.com/wls/docs92/webapp/weblogic_xml.html#wp1040908
  Jeff

• Configuring Single Sign-On using SAML in WebLogic Server 9.2

  Hi,
  I am trying to configure SSO using SAML as it is mentioned in the following URL -
  http://dev2dev.bea.com/pub/a/2006/12/sso-with-saml.html?page=1
  It works well for appA and appB which are provided by bea as sample applications. However, when i tried to do the same with one of my portal application developed in weblogic portal 9.2 and the other application as appB (sample app provided by bea), it doesn't work.
  When i do request.getRemoteUser() it returns NULL.
  Changes done by me to make it work are as follows -
  1. Changed the weblogic.xml to remove the following -
  <security-role-assignment>
  <role-name>admin</role-name>
  <principal-name>ssouser</principal-name>
  </security-role-assignment>
  Reason: This will need configuring all the users here which should not be the case as we are using REDHAT LDAP for authentication.
  2. Modified the web.xml file. Removed the following -
  <security-role>
  <description>These are the roles who have access.</description>
  <role-name>admin</role-name>
  </security-role>
  3. Configured domains for both the application to use redhatldapauth which is the central repository of all the users for our application.
  4. We have created a new role "testrole". All uisers having this role should be able to access appB.
  Change in web.xml
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>SecurePages</web-resource-name>
  <description>These pages are only accessible by authorized users.</description>
  <url-pattern>/admin/*</url-pattern>
  <http-method>GET</http-method>
  </web-resource-collection>
  <auth-constraint>
  <description>These are the roles who have access.</description>
  <role-name>testrole</role-name>
  </auth-constraint>
  <user-data-constraint>
  <description>This is how the user data must be transmitted.</description>
  <transport-guarantee>NONE</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  Can anyone let me know where am I going wrong or what changes are required to make it work ?
  Note: The sample apps create users explictly in local weblogic LDAP. However we are using Redhat LDAP. Hence, we are not explcitly creating users as mentioned in the above link.
  Thanks in advance,
  Saurabh

  You may still need to define the role in the weblogic.xml file in order for deployment descriptor-based role definition to work (alternatively you could use the WebLogic Server console to define the role and policy).
  You can specify your role "testrole" as "externally-defined" as opposed to mapping it to specific principals.
  See http://e-docs.bea.com/wls/docs92/webapp/weblogic_xml.html#wp1040908
  Jeff

• Weblogic 8.1 SP2 does not support 'Order by' clause in EJB-QL

  It seems that Weblogic 8.1 SP2 does not support 'Order by' clause in EJB-QL. EJB 2.1 spec supports 'Order by' clause in EJB-QL. Am I right when I say that it indicates : "Weblogic 8.1 SP2 does not support EJB 2.1" ? In that case, what can be the alternative since I am using Weblogic 8.1 and I require 'Order by' clause in Ejb-QL as well.

  In WL 8.1 SP4 I can use the ORDERBY just fine.
  Try ORDERBY instead of Order by

• Setting ServletReloadCheckSecs programatically

  Hello,
            In config.xml, under Domain->Application->WebAppComponent, there is an
            attribute called ServletReloadCheckSecs that is used by weblogic to
            decide whether to check a war file for update and how frequent should
            the check be. The default is 1 sec.
            The only way to change this number, short of editing config.xml after
            deployment, is to use the console. Does anyone know how to set this
            programatically? Like as an argument to weblogic.Deployer or as an
            attribute in web.xml?
            Thanks,
            Chishun Kwong
            

            "Chishun Kwong" <[email protected]> wrote in message
            news:[email protected]..
            > Hello,
            >
            > In config.xml, under Domain->Application->WebAppComponent, there is an
            > attribute called ServletReloadCheckSecs that is used by weblogic to
            > decide whether to check a war file for update and how frequent should
            > the check be. The default is 1 sec.
            >
            > The only way to change this number, short of editing config.xml after
            > deployment, is to use the console. Does anyone know how to set this
            > programatically? Like as an argument to weblogic.Deployer or as an
            > attribute in web.xml?
            >
            > Thanks,
            > Chishun Kwong
            In web.xml adding the following should work for you
            <context-param>
            <param-name>weblogic.servlet.reloadCheckSecs</param-name>
            <param-value>-1</param-value>
            </context-param>
            If you are using weblogic 7.x or 8.1 you can alternatively set this
            parameter in weblogic.xml
            http://e-docs.bea.com/wls/docs81/webapp/weblogic_xml.html#1038823
            <container-descriptor>
            <servlet-reload-check-secs>-1 </servlet-reload-check-secs>
            </container-descriptor>
            hope that helps
            Nagesh
            

• CachingRealm: Migrating from 5.1 - 6.1

  Appreciate any feedback ...here is the problem...
  Weblogic 5.1 and Caching Realm has been used to authenticate user.
  We specify an alternative realm by setting the
  "weblogic.security.realmClass"
  property to the class name of the realm we want to use.
  It's working fine in Weblogic 5.1 . This has been done as per the
  document
  http://www.weblogic.com/docs51/admindocs/cachingrealm.html#about
  Now that, we want to migrate to Weblogic 6.1,
  the "Convert" via Admin console didn't convert the
  weblogic.properties for property
  weblogic.security.realmClass
  The document below
  http://e-docs.bea.com/wls/docs61/notes/migrate.html#1070207
  does not have any mention of weblogic.security.realmClass
  What happened to this property? Or any suggestions as to how
  to fix this?
  Thanks
  -Sanjeev

  Hi Sanjeev,
  Don't try to convert the weblogic.properties. The best way that I found out was
  to configure the custom realm from console in WLS6.1. You can see the following
  url or the edocs for more info.
  http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1069864
  Praveen
  Sanjeev Gupta <[email protected]> wrote:
  Appreciate any feedback ...here is the problem...
  Weblogic 5.1 and Caching Realm has been used to authenticate user.
  We specify an alternative realm by setting the
  "weblogic.security.realmClass"
  property to the class name of the realm we want to use.
  It's working fine in Weblogic 5.1 . This has been done as per the
  document
  http://www.weblogic.com/docs51/admindocs/cachingrealm.html#about
  Now that, we want to migrate to Weblogic 6.1,
  the "Convert" via Admin console didn't convert the
  weblogic.properties for property
  weblogic.security.realmClass
  The document below
  http://e-docs.bea.com/wls/docs61/notes/migrate.html#1070207
  does not have any mention of weblogic.security.realmClass
  What happened to this property? Or any suggestions as to how
  to fix this?
  Thanks
  -Sanjeev

• JCo in Tomcat

  Sorry, if this is slightly off-topic - I haven't found a better forum.
  Are there any problems in embedding JCo in a web application that is deployed on Tomcat (on Solaris)? We do not need any outbound calls SAP -> Java.
  There is no SAP App Server installed, so that's not an option.
  An alternative would be using BEA Weblogic with an JCA adapter, but I would rather use a much more lightweight Tomcat.
  Any comments highly welcome.

  If you have access to sap.service.com then follow the link:
  https://websmp104.sap-ag.de/~form/handler?_APP=00200682500000001943&_EVENT=RESULT&BAS=&TITLE=&HIDE=&HIDE_EXPERT_SEARCH=X&SEARCH_STRING=JCO&SEARCH_METHOD=ALL&SEARCH_MAX_RESULT=20&RESULT_PER_PAGE=10&SEARCH_TA=&SEARCH_V=&SEARCH_CD=X&SEARCH_BPAT=X&SEARCH_SPAT=X&SEARCH_P=X&SEARCH_PV=X&SEARCH_C=X&SEARCH_CV=X

• Alternative to WebLogic 8.1 Execute thread Qs in Websphere 6.1

  Hi All,
  We are in the process of migrating from WebLogic 8.1 to WAS 6.1. We have few application in WebLogic that use custom execute threads so that trafic is moved to user defined thread instead of default thread pool. This is done in weblogic using dispatch-policy tag under weblogic.xml.
  I appreciate if someone could help me understand the alternative of doing same thing in WebSphere 6.1.
  I was going thru some site searching and came across Work Manager that does the same thing which is new to me but does similar job.
  Thanks in advance

  Hi All,
  We are in the process of migrating from WebLogic 8.1 to WAS 6.1. We have few application in WebLogic that use custom execute threads so that trafic is moved to user defined thread instead of default thread pool. This is done in weblogic using dispatch-policy tag under weblogic.xml.
  I appreciate if someone could help me understand the alternative of doing same thing in WebSphere 6.1.
  I was going thru some site searching and came across Work Manager that does the same thing which is new to me but does similar job.
  Thanks in advance

• Need help regarding certification alternative to weblogic portal developnme

  Hi All,
  I was planning to give weblogic portal certification (1z0-110).
  But I found that the 1z0-110 certification is retired.
  Can anybody guide me to some other alternative.
  I am a JAVA developer who is interested in doing some server certification. I am not going for admin certification because I think that will not help me as a JAVA developer.
  Thanks in advance

  Question moved to:
  Forum Home » Technology Network Community » Certification

• What versions of Weblogic currently have Subject Alternative Name support?

  I would like to visit a comment I saw in an old forum thread from 2010
  Certificate hostname verification error with 10.3
  that "WebLogic currently does not support the Subject Alternative Name field." Can someone please let me know what versions of Weblogic currently have Subject Alternative Name support? We are currently on 10.3. Is there anything near that version that has support, or a patch available for it?
  Regards,
  John

  The KM number is the article number on the support site. Logon to Oracle support and paste the number into the knowledge search and you will get your answer. The article is called "How to Develop Custom Hostname Verifier for Subject Alternative Name (SAN) Certificates" and applies to WLS 10.3.3 and later.

• Weblogic.management.WebLoigObjectName was dupricated, what is the alternative

  Hi
  I am using the following code
  WebLogicObjectName target = new WebLogicObjectName(this.domainName +
                      ":Name=" + this.serverName+ ",Type=Server");
       TargetMBean targetMBean = (TargetMBean)home.getMBean(target);
  to find a target,
  WebLogicObjectName is depricated in 6.1, anybody knows how to do the above without
  using WebLogicObjectName
  thanks
  Kasem

  zbcong wrote:
  hello
  when i write the rmi remote interface,i always extends the "weblogic.rmi.Remote"
  interface,but i found that the "weblogic.rmi.Remote" has deprecated since the
  wls7,but the api doc don't tell me which one is the alternative,who can tell me?
  thank you.You don't have to use weblogic.rmi.Remote. You can use java.rmi.Remote.
  Cheers,
  -- Prasad

• Weblogic.security.X509 alternative in WLS 9.1

  Hi All
  We have setup IIS 5.0 with 2 way SSL for client connection. We have also configured IIS weblogic proxy for Weblogic 9.1 using iisproxy.dll. The connection between IIS and WebLogic 9.1 is HTTP based. We are trying to get the client certificate in Weblogic 9.1 using the following code
  java.security.cert.X509Certificate certs [];
  certs = (java.security.cert.X509Certificate [])
  request.getAttribute("javax.servlet.request.X509Certificate");
  However the returned certificates are NULL.
  We have also enabled Client Cert Proxy and Weblogic Plug-in in Weblogic 9.1 configuration.
  We are trying to migrate from weblogic 8 to 9.1 and our previous code was as follows
  weblogic.security.X509 [] certs = (weblogic.security.X509[])req.getAttribute("javax.net.ssl.peer_certificates");
  This code work fine with the same IIS setup. Since weblogic.security.X509 is removed in WLS 9.1 we are forced to change our code.
  Please help!
  Message was edited by:
  rmkandan

  hi
  Currently I am using
  req.getHeader("WL-Proxy-Client-Cert")
  to get the client certificate and then i do the following to get the X509 cert format
       if (pemCert != null && pemCert.length() > 0 ){
            pemCertBuff.append("-----BEGIN CERTIFICATE-----");
            pemCertBuff.append(pemCert);
            pemCertBuff.append("-----END CERTIFICATE-----");
       System.out.println("CertificateUtil:getFingerPrint: pemCertBuff --"+pemCertBuff.toString());
       X509Certificate certs = null;
       try {
            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            ByteArrayInputStream bis = new ByteArrayInputStream(pemCertBuff.toString().getBytes());
            weblogic.security.PEMInputStream pemIs = new weblogic.security.PEMInputStream(bis);
            BufferedInputStream bufis = new BufferedInputStream(pemIs);
            certs = (X509Certificate)cf.generateCertificate(bufis);
       } catch (CertificateException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
       } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
  And I am able to get the certificate, but I need to know is there any other elegant way to get the certificate as we did using weblogic.security.X509 class?
  Please help!!
  Message was edited by:
  rmkandan

• How to make weblogic proxy to work on Sun Java system web server 7?

  Hi Every one,
  I am working on upgrade our Sun one 6.1 webserver to Sun Java system web server 7. Our website uses weblogic server to process jsp, web server only send static pages. I did all configurations as on Sun one. But somehow, the webserver does not forward "get jsp page" request to weblogic. The log record is:
  for host 10.78.124.118 trying to GET /home.jsp, send-file reports: HTTP4142: can't find /www/a/WebServer7/docs/bmd9i/home.jsp (File not found)
  home.jsp is at weblogic server.
  And redirect "NameTrans fn="redirect" from="/" url="/home.jsp"" seems does not work. when I type on IE http://32.69.253.131/ (32.69.253.131 is http listener IP), it always shows index.html page under the document root.
  Could some on can help? I am the first time to configurate web server. Thanks in advance.
  The configuration files are like:
  1. magnus.conf
  # Copyright 2006 Sun Microsystems, Inc. All rights reserved.
  # Use is subject to license terms.
  Init fn="load-modules" funcs="wl_proxy,wl_init" shlib="/www/a/WebServer7/weblogic6.1sp6/libproxy.so"
  Init fn="wl_init"
  2. obj.conf
  # Copyright 2010 Sun Microsystems, Inc. All rights reserved.
  # Use is subject to license terms.
  # You can edit this file, but comments and formatting changes
  # might be lost when you use the administration GUI or CLI.
  #<Object name="weblogic">
  #Service fn="wl_proxy" WebLogicCluster="32.69.253.86:7210" ConnectTimeoutSecs="240" ConnectRetrySecs="60"
  #</Object>
  <Object name="default">
  <Client method="TRACE">
  AuthTrans fn="set-variable" remove-headers="transfer-encoding" set-headers="content-length: -1" error="501"
  </Client>
  #AuthTrans fn="match-browser" browser="*MSIE*" ssl-unclean-shutdown="true"
  NameTrans fn="strip-params"
  NameTrans fn="redirect" from="/" url="/home.jsp"
  NameTrans fn="redirect" from="/index.jsp" url="/home.jsp"
  NameTrans fn="redirect" from="/index.html" url="/home.jsp"
  NameTrans fn="document-root" root="$docroot"
  NameTrans fn="pfx2dir" from="/mc-icons" dir="/www/a/WebServer7/lib/icons" name="es-internal"
  NameTrans fn="home-page" path="index.html"
  <If $uri =~ "/*.jsp">
  Service method="(GET|HEAD|POST|PUT)" fn="wl_proxy" WebLogicCluster="32.69.253.86:7210" ConnectTimeoutSecs="240" ConnectRetrySecs="60"
  #Service method="(GET|HEAD|POST|PUT)" type="text/jsp" fn="wl_proxy" WebLogicCluster="32.69.253.86:7210" ConnectTimeoutSecs="240" ConnectRetrySecs="60"
  </If>
  PathCheck fn="unix-uri-clean"
  PathCheck fn="check-acl" acl="default"
  PathCheck fn="find-pathinfo"
  PathCheck fn="find-compressed" check-age="off" vary="on"
  ObjectType fn="type-by-extension"
  ObjectType fn="force-type" type="text/plain" charset="iso_8859-1"
  ObjectType fn="set-default-type" charset="iso_8859-1"
  Service method="(GET|HEAD)" type="magnus-internal/directory" fn="send-error"
  Service method="(GET|HEAD)" type="*~magnus-internal/*" fn="send-file"
  AddLog fn="flex-log" name="access"
  </Object>
  <Object name="es-internal">
  PathCheck fn="check-acl" acl="es-internal"
  </Object>
  <Object name="send-precompressed">
  PathCheck fn="find-compressed"
  </Object>
  <Object name="compress-on-demand">
  Output fn="insert-filter" filter="http-compression"
  </Object>
  3.mime.types
  I add one line: type=text/jsp exts=jsp

  Quick obvious question - Are you positive you're editing the correct obj.conf? Check the config directory and see if there is a second one called something like <instance>.obj.conf (where <instance> is the name of your configured instance).
  Alternatively you can grep for object-file in the server.xml to see which obj.conf the server is using:
  # grep object-file server.xml
      <object-file>bare-php.obj.conf</object-file>Assuming that you are editing the correct obj.conf file, are you making certain to restart Web Server after making your changes?

• Weblogic app server wsdl web service call with SSL Validation error = 16

  Weblogic app server wsdl web service call with SSL Validation error = 16
  I need to make wsdl web service call in my weblogic app server. The web service is provided by a 3rd party vendor. I keep getting error
  Cannot complete the certificate chain: No trusted cert found
  Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure
  Validation error = 16
  From the SSL debug log, I can see 3 verisign hierarchy certs are correctly loaded (see 3 lines in the log message starting with “adding as trusted cert”). But somehow after first handshake, I got error “Cannot complete the certificate chain: No trusted cert found”.
  Here is how I load trustStore and keyStore in my java program:
       System.setProperty("javax.net.ssl.trustStore",”cacerts”);
       System.setProperty("javax.net.ssl.trustStorePassword", trustKeyPasswd);
       System.setProperty("javax.net.ssl.trustStoreType","JKS");
  System.setProperty("javax.net.ssl.keyStoreType","JKS");
  System.setProperty("javax.net.ssl.keyStore", keyStoreName);
       System.setProperty("javax.net.ssl.keyStorePassword",clientCertPwd);      System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump","true");
  Here is how I create cacerts using verisign hierarchy certs (in this order)
  1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignClass3G5PCA3Root.txt -alias "Verisign Class3 G5P CA3 Root"
  1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediatePrimary.txt -alias "Verisign C3 G5 Intermediate Primary"
  1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediateSecondary.txt -alias "Verisign C3 G5 Intermediate Secondary"
  Because my program is a weblogic app server, when I start the program, I have java command line options set as:
  -Dweblogic.security.SSL.trustedCAKeyStore=SSLTrust.jks
  -Dweblogic.security.SSL.ignoreHostnameVerification=true
  -Dweblogic.security.SSL.enforceConstraints=strong
  That SSLTrust.jks is the trust certificate from our web server which sits on a different box. In our config.xml file, we also refer to the SSLTrust.jks file when we bring up the weblogic app server.
  In addition, we have working logic to use some other wsdl web services from the same vendor on the same SOAP server. In the working web service call flows, we use clientgen to create client stub, and use SSLContext and WLSSLAdapter to load trustStore and keyStore, and then bind the SSLContext and WLSSLAdapter objects to the webSerive client object and make the webservie call. For the new wsdl file, I am told to use wsimport to create client stub. In the client code created, I don’t see any way that I can bind SSLContext and WLSSLAdapter objects to the client object, so I have to load certs by settting system pramaters. Here I attached the the wsdl file.
  I have read many articles. It seems as long as I can install the verisign certs correctly to web logic server, I should have fixed the problem. Now the questions are:
  1.     Do I create “cacerts” the correct order with right keeltool options?
  2.     Since command line option “-Dweblogic.security.SSL.trustedCAKeyStore” is used for web server jks certificate, will that cause any problem for me?
  3.     Is it possible to use wsimport to generate client stub that I can bind SSLContext and WLSSLAdapter objects to it?
  4.     Do I need to put the “cacerts” to some specific weblogic directory?
  ---------------------------------wsdl file
  <wsdl:definitions name="TokenServices" targetNamespace="http://tempuri.org/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://tempuri.org/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
       <wsp:Policy wsu:Id="TokenServices_policy">
            <wsp:ExactlyOne>
                 <wsp:All>
                      <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                           <wsp:Policy>
                                <sp:TransportToken>
                                     <wsp:Policy>
                                          <sp:HttpsToken RequireClientCertificate="true"/>
                                     </wsp:Policy>
                                </sp:TransportToken>
                                <sp:AlgorithmSuite>
                                     <wsp:Policy>
                                          <sp:Basic256/>
                                     </wsp:Policy>
                                </sp:AlgorithmSuite>
                                <sp:Layout>
                                     <wsp:Policy>
                                          <sp:Strict/>
                                     </wsp:Policy>
                                </sp:Layout>
                           </wsp:Policy>
                      </sp:TransportBinding>
                      <wsaw:UsingAddressing/>
                 </wsp:All>
            </wsp:ExactlyOne>
       </wsp:Policy>
       <wsdl:types>
            <xsd:schema targetNamespace="http://tempuri.org/Imports">
                 <xsd:import schemaLocation="xsd0.xsd" namespace="http://tempuri.org/"/>
                 <xsd:import schemaLocation="xsd1.xsd" namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
            </xsd:schema>
       </wsdl:types>
       <wsdl:message name="ITokenServices_GetUserToken_InputMessage">
            <wsdl:part name="parameters" element="tns:GetUserToken"/>
       </wsdl:message>
       <wsdl:message name="ITokenServices_GetUserToken_OutputMessage">
            <wsdl:part name="parameters" element="tns:GetUserTokenResponse"/>
       </wsdl:message>
       <wsdl:message name="ITokenServices_GetSSOUserToken_InputMessage">
            <wsdl:part name="parameters" element="tns:GetSSOUserToken"/>
       </wsdl:message>
       <wsdl:message name="ITokenServices_GetSSOUserToken_OutputMessage">
            <wsdl:part name="parameters" element="tns:GetSSOUserTokenResponse"/>
       </wsdl:message>
       <wsdl:portType name="ITokenServices">
            <wsdl:operation name="GetUserToken">
                 <wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetUserToken" message="tns:ITokenServices_GetUserToken_InputMessage"/>
                 <wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetUserTokenResponse" message="tns:ITokenServices_GetUserToken_OutputMessage"/>
            </wsdl:operation>
            <wsdl:operation name="GetSSOUserToken">
                 <wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserToken" message="tns:ITokenServices_GetSSOUserToken_InputMessage"/>
                 <wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserTokenResponse" message="tns:ITokenServices_GetSSOUserToken_OutputMessage"/>
            </wsdl:operation>
       </wsdl:portType>
       <wsdl:binding name="TokenServices" type="tns:ITokenServices">
            <wsp:PolicyReference URI="#TokenServices_policy"/>
            <soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/>
            <wsdl:operation name="GetUserToken">
                 <soap12:operation soapAction="http://tempuri.org/ITokenServices/GetUserToken" style="document"/>
                 <wsdl:input>
                      <soap12:body use="literal"/>
                 </wsdl:input>
                 <wsdl:output>
                      <soap12:body use="literal"/>
                 </wsdl:output>
            </wsdl:operation>
            <wsdl:operation name="GetSSOUserToken">
                 <soap12:operation soapAction="http://tempuri.org/ITokenServices/GetSSOUserToken" style="document"/>
                 <wsdl:input>
                      <soap12:body use="literal"/>
                 </wsdl:input>
                 <wsdl:output>
                      <soap12:body use="literal"/>
                 </wsdl:output>
            </wsdl:operation>
       </wsdl:binding>
       <wsdl:service name="TokenServices">
            <wsdl:port name="TokenServices" binding="tns:TokenServices">
                 <soap12:address location="https://ws-eq.demo.i-deal.com/PhxEquity/TokenServices.svc"/>
                 <wsa10:EndpointReference>
                      <wsa10:Address>https://ws-eq.demo.xxx.com/PhxEquity/TokenServices.svc</wsa10:Address>
                 </wsa10:EndpointReference>
            </wsdl:port>
       </wsdl:service>
  </wsdl:definitions>
  ----------------------------------application log
  adding as trusted cert:
  Subject: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x641be820ce020813f32d4d2d95d67e67
  Valid from Sun Feb 07 19:00:00 EST 2010 until Fri Feb 07 18:59:59 EST 2020
  adding as trusted cert:
  Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be
  Valid from Sun Jan 28 19:00:00 EST 1996 until Wed Aug 02 19:59:59 EDT 2028
  adding as trusted cert:
  Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x250ce8e030612e9f2b89f7054d7cf8fd
  Valid from Tue Nov 07 19:00:00 EST 2006 until Sun Nov 07 18:59:59 EST 2021
  <Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Cipher: SunPKCS11-Solaris version 1.6 for algorithm DESede/CBC/NoPadding>
  <Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Cipher for algorithm DESede>
  <Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 28395435>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 SSL3/TLS MAC>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 received HANDSHAKE>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
  Not Valid Before:Tue Dec 18 19:00:00 EST 2012
  Not Valid After:Wed Jan 07 18:59:59 EST 2015
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
  Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Not Valid Before:Sun Feb 07 19:00:00 EST 2010
  Not Valid After:Fri Feb 07 18:59:59 EST 2020
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
  Not Valid Before:Tue Dec 18 19:00:00 EST 2012
  Not Valid After:Wed Jan 07 18:59:59 EST 2015
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
  Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Not Valid Before:Sun Feb 07 19:00:00 EST 2010
  Not Valid After:Fri Feb 07 18:59:59 EST 2020
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
  <Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure.>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
       at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
       at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
       at com.certicom.tls.record.WriteHandler.write(Unknown Source)
       at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
       at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
       at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
       at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
       at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
       at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
       at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
       at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
       at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
       at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
       at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
       at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
       at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
       at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
       at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
       at javax.xml.ws.Service.<init>(Service.java:56)
       at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
       at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
       at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
       at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(Unknown Source)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
       at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
       at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 22803607>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 14640403>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 SSL3/TLS MAC>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 received HANDSHAKE>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
  Not Valid Before:Tue Dec 18 19:00:00 EST 2012
  Not Valid After:Wed Jan 07 18:59:59 EST 2015
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
  Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Not Valid Before:Sun Feb 07 19:00:00 EST 2010
  Not Valid After:Fri Feb 07 18:59:59 EST 2020
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
  Not Valid Before:Tue Dec 18 19:00:00 EST 2012
  Not Valid After:Wed Jan 07 18:59:59 EST 2015
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
  Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
  Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
  Not Valid Before:Sun Feb 07 19:00:00 EST 2010
  Not Valid After:Fri Feb 07 18:59:59 EST 2020
  Signature Algorithm:SHA1withRSA
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
  <Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - 12.29.210.156 was not trusted causing SSL handshake failure.>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
  java.lang.Exception: New alert stack
       at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
       at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
       at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
       at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
       at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
       at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
       at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
       at com.certicom.tls.record.WriteHandler.write(Unknown Source)
       at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
       at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
       at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
       at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
       at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
       at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
       at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
       at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
       at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
       at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
       at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
       at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
       at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
       at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
       at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
       at javax.xml.ws.Service.<init>(Service.java:56)
       at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
       at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
       at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
       at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(Unknown Source)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
       at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
       at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  >
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
  <Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 16189141>

  I received a workaround by an internal message.
  The how to guide is :
  -Download the wsdl file (with bindings, not the one from ESR)
  -Correct it in order that the schema corresponds to the answer (remove minOccurs or other things like this)
  -Deploy the wsdl file on you a server (java web project for exemple). you can deploy on your local
  -Create a new logicial destination that point to the wsdl file modified
  -Change the metadata destination in your web dynpro project for the corresponding model and keep the execution desitnation as before.
  Then the received data is check by the metadata logical destination but the data is retrieved from the correct server.

• Weblogic upgrade from 8.1 to 10.3.6 - WLW_IDE.jar issue

  Hi
  We are in the process of upgrading our applications from Weblogic 8.1 to 10.3.6. Since WorkShop IDE has been decommissioned since Weblogic 10.3.2 we don't have the WLW_IDE.jar any more in the fusion middleware installation. The build is dependent on this JAR. Would like to know if there is an alternative to WLW_IDE.jar which can be used to make the build or how we can remove the dependency on WLW_IDE.jar - we don't want to rewrite the code.
  <taskdef name="wlwBuild" classname="workshop.core.WlwBuildTask" classpath="${weblogic.home}/workshop/wlw-ide.jar"/>
    <target name="build">
      <wlwBuild work="${app.dir}/${work.file}" serverclasspath="${server.classpath}">
         <build outputdir="${output.dir}" outputfilename="${output.file}"/>
      </wlwBuild>
    </target>
  Rgds
  Srini

  Hi Srini,
  it supports but you need to upgrade correctly.
  follow this link
  Beehive Applications
  after upgrade if you found some error like classnotfound error.
  If those are the errors you were also experiencing, then please follow one of these options to resolve this issue:OPTION
  1:Identify all the JARs that contain the beehive classes and explicitly add the jar files to the classpathOPTION
  2:When you created the domain (if you used the Config Wizard), do you make it a "Workshop" domain? If not, try that.That should deploy the Workshop framework (Beehive controls, NETUI, etc) libraries as shared libraries. Then these libraries should be referenced in your applications weblogic.xml and weblogic-application.xml.
  regards,
  Kal