Apache Proxy Plugin (2.22) and Weblogic 9.2 - using SSL

Hello,
I need some help configuring Apache 2.22 to proxy to Weblogic 9.2. I'm able to do this without SSL. But when I introduce SSL into the mix, it does not work. Here's what I'm doing:
1. I set the secure port in the httpd.conf file (7002 is my secure port) - this is within a IfModule mod_weblogic.c tag:
WebLogicHost WLServer
WebLogicPort 7002
2. I download the secure certificate for my weblogic site by double-clicking on the secure lock icon in IE6. When the Certificate window opens, I go to the Details tab and click the Copy to File button. In the Certificate Download Wizard, I click Next and select Base-64 encoded X.509 (.CER) option and click Next again. Then I enter a path and filename for the certificate file and click Next and then Finish.
3. I enter the following parameters in the httpd.conf file (this is not in any tag like IfModule - is that wrong?):
SecureProxy ON
TrustedCAFile "C:\Program Files\Apache Software Foundation\Apache2.2\WLServer_TrustedCA.cer"
4. I restarted Weblogic and Apache
5. When I try to go to my web site, I get the following error:
Failure of server APACHE bridge:
No backend server available for connection: timed out after 10 seconds or idempotent set to OFF.
Can someone please help?
Thanks much,
Alex

Thanks Hussain for replying. I was able to set this up using Max Button's post (see my earlier post from today). The parameters I set inside the <Location> tag are:
SecureProxy ON
WLProxySSL ON
RequireSSLHostMatch false
TrustedCAFile C:\PROGRA~1\APACHE~1\Apache2.2\WLServer_TrustedCA.pem
EnforceBasicConstraints false
Thanks for looking into this anyhow!

Similar Messages

  • Problem with WebLogic 10.3.3, Apache 2.2.3 and WebLogic Apache proxy plugin

    I have a problem with using Apache 2.2.3 as a WebLogic SSL proxy. I have Apache 2.2 running and successfully configured an SSL cert, config in ssl.conf is...
    <VirtualHost secure.daftdonkey.com>
    # Setup SSL for secure.daftdonkey.com
    ServerName secure.daftdonkey.com
    SSLEngine On
    SSLCertificateFile /oracle/secure/secure.daftdonkey.com.crt
    SSLCertificateKeyFile /oracle/secure/secure.daftdonkey.com.key
    SSLCertificateChainFile /oracle/secure/gd_bundle.crt
    </VirtualHost>
    This works fine
    Now I want Apache to proxy requests to my WebLogic Server and secure them over SSL as well
    e.g. a request to https://secure.daftdonkey.com/service goes to https://weblogic.internal.site/service
    I have downloaded and configured the weblogic module and tested it handling traffic for HTTP and that worked, then I switched the WebLogic module to use SSL.
    LoadModule weblogic_module modules/mod_wl.so
    <IfModule mod_weblogic.c>
    WebLogicHost weblogic.internal.site
    WebLogicPort 16101
    Debug ALL
    SecureProxy ON
    WLSSLWallet /oracle/secure/my-wallet
    WLLogFile /tmp/wl-proxy.log
    </IfModule>
    <Location /service>
    SetHandler weblogic-handler
    </Location>
    Starting Apache throws the error. I think this is my main problem, i've searched support.oracle.com and not found anything.
    [Mon Jun 07 23:00:48 2010] [crit] (20014)Internal error: WL SSL Init failed for server: (null) on 0
    but Apache starts... I get this error when I make a request to https://secure.daftdonkey.com/service
    Failure of server APACHE bridge:
    No backend server available for connection: timed out after 10 seconds or idempotent set to OFF.
    Looking into the log /tmp/wl-proxy.log I see....
    Mon Jun 7 22:30:10 2010 <393212759749971> URLfactory Created
    Mon Jun 7 22:30:10 2010 <393312759750102> ================New Request: [GET /service HTTP/1.1] =================
    Mon Jun 7 22:30:10 2010 <393312759750102> INFO: SSL is configured
    Mon Jun 7 22:30:10 2010 <393312759750102> Using Uri /service
    Mon Jun 7 22:30:10 2010 <393312759750102> After trimming path: '/service'
    Mon Jun 7 22:30:10 2010 <393312759750102> The final request string is '/service'
    Mon Jun 7 22:30:10 2010 <393312759750102> parseServerList: Socket Address hostnames 'weblogic.internal.site:16101'
    Mon Jun 7 22:30:10 2010 <393312759750102> Host extracted from serverlist is [weblogic.internal.site]
    Mon Jun 7 22:30:10 2010 <393312759750102> parseServerList: IP from socket Address [192.168.100.15]
    Mon Jun 7 22:30:10 2010 <393312759750102> Initializing lastIndex=0 for a list of length=1
    Mon Jun 7 22:30:10 2010 <393312759750102> getListNode: created a new server node: id='weblogic.internal.site:16101' server_name='secure.daftdonkey.com', port='443'
    Mon Jun 7 22:30:10 2010 <393312759750102> attempt #0 out of a max of 5
    Mon Jun 7 22:30:10 2010 <393312759750102> Trying a pooled connection for '192.168.100.15/16101/16101'
    Mon Jun 7 22:30:10 2010 <393312759750102> getPooledConn: found a host and port/securePort match
    Mon Jun 7 22:30:10 2010 <393312759750102> getPooledConn: No more connections in the pool for Host[192.168.100.15] Port[16101] SecurePort[16101]
    Mon Jun 7 22:30:10 2010 <393312759750102> general list: trying connect to '192.168.100.15'/16101/16101 at line 3188 for '/service'
    Mon Jun 7 22:30:10 2010 <393312759750102> SSL is not configured for this connection
    Mon Jun 7 22:30:10 2010 <393312759750102> Local Port of the socket is 45580
    Mon Jun 7 22:30:10 2010 <393312759750102> Remote Host 192.168.100.15 Remote Port 16101
    Mon Jun 7 22:30:10 2010 <393312759750102> URL::connect SSLConn for reader is not set as it is NULL
    Mon Jun 7 22:30:10 2010 <393312759750102> general list: created a new connection to '192.168.100.15'/16101 for '/service', Local port:0
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[Host]=[secure.daftdonkey.com]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[User-Agent]=[Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9 ( .NET CLR 3.5.30729)]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[Accept]=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[Accept-Language]=[en-us,en;q=0.5]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[Accept-Encoding]=[gzip,deflate]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.7]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[Keep-Alive]=[300]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs from clnt:[Connection]=[keep-alive]
    Mon Jun 7 22:30:10 2010 <393312759750102> parse_header is done
    Mon Jun 7 22:30:10 2010 <393312759750102> Method is GET
    Mon Jun 7 22:30:10 2010 <393312759750102> About to call parseHeaders
    Mon Jun 7 22:30:10 2010 <393312759750102> URL::parseHeaders: Value of parsedHeaders = [0]
    Mon Jun 7 22:30:10 2010 <393312759750102> URL::sendHeaders(): meth='GET' file='/service' protocol='HTTP/1.1'
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Host]=[secure.daftdonkey.com]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [User-Agent]=[Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9 ( .NET CLR 3.5.30729)]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Accept]=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Accept-Language]=[en-us,en;q=0.5]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Accept-Encoding]=[gzip,deflate]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.7]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Keep-Alive]=[300]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Connection]=[Keep-Alive]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [WL-Proxy-SSL]=[true]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [WL-Proxy-Client-IP]=[192.168.100.245]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [Proxy-Client-IP]=[192.168.100.245]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [X-Forwarded-For]=[192.168.100.245]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [X-WebLogic-KeepAliveSecs]=[30]
    Mon Jun 7 22:30:10 2010 <393312759750102> Hdrs to WLS: [X-WebLogic-Force-JVMID]=[unset]
    Mon Jun 7 22:30:10 2010 <393312759750102> Reader::fill(): first=0 last=0 toRead=4096
    Mon Jun 7 22:30:10 2010 <393312759750102> Reader::fill(): sysRecv returned -1
    Mon Jun 7 22:30:10 2010 <393312759750102> *******Exception type [READ_ERROR_FROM_SERVER] (socket read failure) raised at line 251 of ../nsapi/Reader.cpp
    Mon Jun 7 22:30:10 2010 <393312759750102> caught exception in readStatus: READ_ERROR_FROM_SERVER [os error=104, line 251 of ../nsapi/Reader.cpp]: socket read failure at line 963
    Mon Jun 7 22:30:10 2010 <393312759750102> PROTOCOL_ERROR: Backend Server not responding - isRecycled:0
    Mon Jun 7 22:30:10 2010 <393312759750102> Marking 192.168.100.15:16101 as bad
    Mon Jun 7 22:30:10 2010 <393312759750102> got exception in sendRequest phase: Backend Server not responding at line 3702
    Mon Jun 7 22:30:10 2010 <393312759750102> Failing over after sendRequest() exception: PROTOCOL_ERROR as Idempotent is set to ON
    Mon Jun 7 22:30:10 2010 <393312759750102> attempt #1 out of a max of 5
    However connecting directly to https://192.168.100.15:16101/irm_rights is successful.
    Ouput from orapki seems to show a valid wallet.
    [root@content my-wallet]# /oracle/install/bin/orapki wallet display -wallet /oracle/secure/my-wallet/
    Oracle PKI Tool : Version 11.1.1.2.0
    Copyright (c) 2004, 2009, Oracle and/or its affiliates. All rights reserved.
    Requested Certificates:
    User Certificates:
    Trusted Certificates:
    Subject: OU=Class 2 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
    Subject: OU=Secure Server Certification Authority,O=RSA Data Security\, Inc.,C=US
    Subject: OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
    Subject: OU=Class 1 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
    Subject: CN=weblogic.internal.site,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US
    Subject: CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\, Inc.,O=GTE Corporation,C=US
    Also the apache log at /var/log/httpd/ssl_error_log shows.
    [Mon Jun 07 23:59:03 2010] [error] [client 192.168.100.245] ap_proxy: trying GET /service/ at backend host '192.168.100.15/16101; got exception 'Backend Server not responding'
    [Mon Jun 07 23:59:03 2010] [error] [client 192.168.100.245] ap_proxy: trying GET /service/ at backend host '192.168.100.15/16101; got exception 'Backend Server not responding'
    [Mon Jun 07 23:59:03 2010] [error] [client 192.168.100.245] ap_proxy: trying GET /service/ at backend host '192.168.100.15/16101; got exception 'Backend Server not responding'
    [Mon Jun 07 23:59:03 2010] [error] [client 192.168.100.245] ap_proxy: trying GET /service/ at backend host '192.168.100.15/16101; got exception 'Backend Server not responding'
    [Mon Jun 07 23:59:03 2010] [error] [client 192.168.100.245] ap_proxy: trying GET /service/ at backend host '192.168.100.15/16101; got exception 'Backend Server not responding'
    [Mon Jun 07 23:59:03 2010] [error] [client 192.168.100.245] ap_proxy: trying GET /service/ at backend host '192.168.100.15/16101; got exception 'Backend Server not responding'
    Editing the httpd.conf and sending traffic from Apache to WebLogic over regular HTTP works, config is...
    LoadModule weblogic_module modules/mod_wl.so
    <IfModule mod_weblogic.c>
    WebLogicHost weblogic.internal.site
    WebLogicPort 16100
    Debug ALL
    # SecureProxy ON
    # WLSSLWallet /oracle/secure/my-wallet
    WLLogFile /tmp/wl-proxy.log
    </IfModule>
    Resulting detail from /tmp/wl-proxy.log
    Mon Jun 7 23:20:50 2010 <415912759780351> URLfactory Created
    Mon Jun 7 23:20:50 2010 <416012759780502> ================New Request: [GET /service/ HTTP/1.1] =================
    Mon Jun 7 23:20:50 2010 <416012759780502> Using Uri /service/
    Mon Jun 7 23:20:50 2010 <416012759780502> After trimming path: '/service/'
    Mon Jun 7 23:20:50 2010 <416012759780502> The final request string is '/service/'
    Mon Jun 7 23:20:50 2010 <416012759780502> parseServerList: Socket Address hostnames 'weblogic.internal.site:16100'
    Mon Jun 7 23:20:50 2010 <416012759780502> Host extracted from serverlist is [weblogic.internal.site]
    Mon Jun 7 23:20:50 2010 <416012759780502> parseServerList: IP from socket Address [192.168.100.15]
    Mon Jun 7 23:20:50 2010 <416012759780502> Initializing lastIndex=0 for a list of length=1
    Mon Jun 7 23:20:50 2010 <416012759780502> getListNode: created a new server node: id='weblogic.internal.site:16100' server_name='secure.daftdonkey.com', port='443'
    Mon Jun 7 23:20:50 2010 <416012759780502> attempt #0 out of a max of 5
    Mon Jun 7 23:20:50 2010 <416012759780502> Trying a pooled connection for '192.168.100.15/16100/16100'
    Mon Jun 7 23:20:50 2010 <416012759780502> getPooledConn: found a host and port/securePort match
    Mon Jun 7 23:20:50 2010 <416012759780502> getPooledConn: No more connections in the pool for Host[192.168.100.15] Port[16100] SecurePort[16100]
    Mon Jun 7 23:20:50 2010 <416012759780502> general list: trying connect to '192.168.100.15'/16100/16100 at line 3188 for '/service/'
    Mon Jun 7 23:20:50 2010 <416012759780502> SSL is not configured for this connection
    Mon Jun 7 23:20:50 2010 <416012759780502> Local Port of the socket is 56647
    Mon Jun 7 23:20:50 2010 <416012759780502> Remote Host 192.168.100.15 Remote Port 16100
    Mon Jun 7 23:20:50 2010 <416012759780502> URL::connect SSLConn for reader is not set as it is NULL
    Mon Jun 7 23:20:50 2010 <416012759780502> general list: created a new connection to '192.168.100.15'/16100 for '/service/', Local port:0
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Host]=[secure.daftdonkey.com]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[User-Agent]=[Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9 ( .NET CLR 3.5.30729)]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Accept]=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Accept-Language]=[en-us,en;q=0.5]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Accept-Encoding]=[gzip,deflate]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.7]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Keep-Alive]=[300]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Connection]=[keep-alive]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from clnt:[Cookie]=[JSESSIONID=YF4nMNfZ3lJ5ZrVV9HGpKwj3hf12yRvlf4zksQf6pkKx2LhJ2ywY!34167467]
    Mon Jun 7 23:20:50 2010 <416012759780502> parse_header is done
    Mon Jun 7 23:20:50 2010 <416012759780502> Method is GET
    Mon Jun 7 23:20:50 2010 <416012759780502> About to call parseHeaders
    Mon Jun 7 23:20:50 2010 <416012759780502> URL::parseHeaders: Value of parsedHeaders = [0]
    Mon Jun 7 23:20:50 2010 <416012759780502> URL::sendHeaders(): meth='GET' file='/service/' protocol='HTTP/1.1'
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Host]=[secure.daftdonkey.com]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [User-Agent]=[Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9 ( .NET CLR 3.5.30729)]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Accept]=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Accept-Language]=[en-us,en;q=0.5]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Accept-Encoding]=[gzip,deflate]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Accept-Charset]=[ISO-8859-1,utf-8;q=0.7,*;q=0.7]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Keep-Alive]=[300]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Cookie]=[JSESSIONID=YF4nMNfZ3lJ5ZrVV9HGpKwj3hf12yRvlf4zksQf6pkKx2LhJ2ywY!34167467]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Connection]=[Keep-Alive]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [WL-Proxy-SSL]=[true]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [WL-Proxy-Client-IP]=[192.168.100.245]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [Proxy-Client-IP]=[192.168.100.245]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [X-Forwarded-For]=[192.168.100.245]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [X-WebLogic-KeepAliveSecs]=[30]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to WLS: [X-WebLogic-Force-JVMID]=[unset]
    Mon Jun 7 23:20:50 2010 <416012759780502> Reader::fill(): first=0 last=0 toRead=4096
    Mon Jun 7 23:20:50 2010 <416012759780502> Reader::fill(): sysRecv returned 568
    Mon Jun 7 23:20:50 2010 <416012759780502> URL::parseHeaders: CompleteStatusLine set to [HTTP/1.1 302 Moved Temporarily]
    Mon Jun 7 23:20:50 2010 <416012759780502> URL::parseHeaders: StatusLine set to [302 Moved Temporarily]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from WLS:[Date]=[Tue, 08 Jun 2010 06:20:50 GMT]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from WLS:[Transfer-Encoding]=[chunked]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from WLS:[Location]=[https://secure.daftdonkey.com/service/faces/LoginPage.jspx]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from WLS:[X-WebLogic-JVMID]=[34167467]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs from WLS:[X-Powered-By]=[Servlet/2.5 JSP/2.1]
    Mon Jun 7 23:20:50 2010 <416012759780502> parsed all headers OK
    Mon Jun 7 23:20:50 2010 <416012759780502> done with sendRequest
    Mon Jun 7 23:20:50 2010 <416012759780502> sendResponse() : r->status = '302'
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to client (add):[Date]=[Tue, 08 Jun 2010 06:20:50 GMT]
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to client (add):[Location]=[https://secure.daftdonkey.com/service/faces/LoginPage.jspx]
    Mon Jun 7 23:20:50 2010 <416012759780502> for 192.168.100.15/16100/16100, updated JVMID: 34167467
    Mon Jun 7 23:20:50 2010 <416012759780502> Hdrs to client (add):[X-Powered-By]=[Servlet/2.5 JSP/2.1]
    Mon Jun 7 23:20:50 2010 <416012759780502> calling closeConn() with non-null URL* at 3826
    Mon Jun 7 23:20:50 2010 <416012759780502> canRecycle: conn=1 status=302 isKA=1 clen=-1 isCTE=1
    Mon Jun 7 23:20:50 2010 <416012759780502> closeConn: pooling for '192.168.100.15/16100'
    Mon Jun 7 23:20:50 2010 <416012759780502> closeConn: pooling '0'
    Mon Jun 7 23:20:50 2010 <416012759780502> request [irm_rights/] processed successfully..................
    Mon Jun 7 23:20:50 2010 <415912759780351> Cleaning up the list node 'weblogic.internal.site:16100'list Length '1'

    I found the answer to this. The documentation is not clear enough, LD_LIBRARY_PATH MUST be set and MUST have a pointer to the directory where the SSL .so modules are. I wrote up a blog article explaining the configuration and detailed this issue.
    http://blogs.oracle.com/irm/2010/06/quick_guide_to_oracle_irm_11g_1.html

  • Apache Proxy Plugin with SSL in Weblogic Cluster

    Hi,
    I have configured a weblogic cluster and configured SSL. Then I configured the apache plugin to work with the cluster machines with non ssl and worked succesfull but when I configured the ssl communication between apache and weblogic I´m having problems.
    The actual configuration is:
    <Location /spmlws>
    SetHandler weblogic-handler
    WLLogFile /var/log/httpd/tmpweblogic1.log
    DebugConfigInfo ON
    Debug ALL
    KeepAliveEnabled ON
    KeepAliveSecs 15
    WebLogicPort 7002
    SecureProxy ON
    TrustedCAFile /opt/freeware/etc/httpd/conf/trustedCA35cert.pem
    TrustedCAFile /opt/freeware/etc/httpd/conf/trustedCA36cert.pem
    WLProxySSL ON
    RequireSSLHostMatch false
    WebLogicCluster machine35:7002,machine36:7002
    EnforceBasicConstraints false
    </Location>
    The problem is that the plugin always takes the last TrustedCAFile. In this way if machine36 is down the plugin tries to send all the request to machine35 but it takes the TrustedCAFile for the machine36 (/opt/freeware/etc/httpd/conf/trustedCA36cert.pem) hence the apache complains
    [Wed Jun 30 11:13:56 2010] [error] [client 10.19.232.249] ap_proxy: trying GET /spmlws/OIMProvisioning at backend host '10.19.232.97/7002; got exception 'WRITE_ERROR_TO_SERVER [os error=0,  line 796 of ../nsapi/URL.cpp]: '
    What can I do to have multiple TrustedCAFile or to have working the communication between apache and weblogic cluster using SSL?
    thanks in advance

    Acording to the documentation this is not possible.
    One way to achieve the load balancing of n-weblogic servers in cluster using ssl is to configure de HttpClusterServlet.

  • Apache proxy server in front of Weblogic

    Need helps.
    Apache 1.2, Weblogic 6.1
    Apache serves as proxy server, redirct to login.jsp in weblogic server. However
    when First request from browser is passed to apache seems, the apache server
    does pass JsessionID to weblogic, which leads to error no page found. Unless we
    refresh the browser page first which just get to second request, then everything
    works. It seems like Apache problem, but I hope I could
    get some help from WebLogic group.
    Thanks
    Jining

    I think that depends on which server is free and apache webserver will check it then choose the best one to go

  • Apache 2.0.5.5 and WebLogic 9.1 on Solaris 10

    Good day.
    We were setting up an Apache 2.0.55 server as the web server for a WebLogic 9.1 server.
    They are on different machines. We were able to setup successfully both servers and tried them on their own server.
    The problem begin when we connect the two together. We were able to see the login page of the WebLogic server, but, without the "WebLogic Picture/Image" just above the username/password textboxes. Also, upon logging in, it displays a "j_security page not found" error.
    This could only mean that Apache server can not see the location of these pages/images.
    I just followed simply the instructions on the documentation that comes with WebSense 9.1. Such as this one:
    LoadModule weblogic_module modules/mod_wl_20.so
    and these two:
    <Location /weblogic>
    SetHandler weblogic-handler
    PathTrim /weblogic
    </Location>
    <IfModule mod_weblogic.c>
    WebLogicHost myweblogic.server.com
    WebLogicPort 7001
    MatchExpression *.jsp
    </IfModule>
    I wonder what went wrong.
    When I typed http://<WebServer IP>:<port>/weblogic, it displays a Page Not Found error... but when I placed "/console" after the "/weblogic" part, it displays the login page but can not log on.
    Hope you guys could help me out. Thanks so much.
    midnytblu

    Hi,
    Try with following steps.
    Step-1
    Apache 2.0.x, install the plug-in by copying the mod_wl_20.so file to the APACHE_HOME\modules directory and adding the following line to your APACHE_HOME/conf/httpd.conf file manually:
    LoadModule weblogic_module modules/mod_wl_20.so
    Step-2
    Apache 2.0.x, manually add the following line to the httpd.conf file:
    LoadModule weblogic_module modules\mod_wl_20.so
    Step-3
    For a non-clustered WebLogic Server:
    <IfModule mod_weblogic.c>
    WebLogicHost myweblogic.server.com
    WebLogicPort 7001
    </IfModule>
    If you want more detail please refer the following link. http://e-docs.bea.com/wls/docs90/plugins/apache.html
    I know this is late response for you. But it will helpful for others.
    Regards,
    Balaji,
    System Admin
    Arman Infotech Systems
    India

  • Apache and webLogic Communication

    Hi
    we are deploying new application and client want to have Apache on one server and weblogic on another server.
    Can you pls point to any notes/docs which tells how to configure Apache to have as fronend for applications in weblogic.
    Thanks
    Sree

    Hi
    Thanks for the info.
    Since we are hosting team we amy not be able to allow/to code. We have existing setup where Oracle HTTP server in DMZ communicates with other report server oc4j using ajp protocol. We are also NOT allowed to use proxy pass.
    For a new project we will be using Apache web server in DMZ and weblogic application server inside.
    Can you Pls let me know how we can trasfer requestes thru Apache using other protocols like ajp other than proxy.
    Thanks

  • Iplanet proxy plugin issue; simple but iam confused; Please Help !!

    Hi All,
    Iam using Iplanet proxy plug-in with BEA weblogic6.1. In simple terms. the iplanet webserver proxies any dynamic requests to the application tier(wls6.1)
    And we have configured the proxy plug-in to show the debugging information on to __WebLogicBridgeConfig page.
    Now, could somebody explain more about the "requests:" and "successful requests:" that is been shown on the iplanet proxy plugin's __WebLogicBridgeConfig ???
    I mean i understand that "requests:" are the Total # of request that proxy plugin received. And "successful requests:" are the # of requests that went pass through to the wls server. But what happen to the requests which are UN successful requests .....i have seen the fugures like this:
    "requests:2000" "successful requests:1900"
    then what happened to these 2000-1900=100 requests.....why is there difference and why does this happen???
    how can calculate these UNsuccessful requests in my iplanet proxy logs ???
    please advise. I would really really appreciate your help on this.
    -san

    In more simple terms and to eloborate more on what iam asking, how can an HTTP request become unsuccessful ?
    Again, more specifically, is __WebLogicBridgeConfig shows information of unsuccessful for the application tier OR any unsuccessful requests for the web tier ?
    -sangita

  • Confused about the 11g R2 Forms Server and using SSL

    All,
    I just installed the 11g R2 Forms Server software without configuring it.
    I then ran the config.sh script to configure it which creates a weblogic server domain.
    I'm a bit confused now. If I run opmnctl status command I get the following:
    Processes in Instance: frmrep_inst_1
    --------------------------------------------------------------+---------
    ias-component | process-type | pid | status
    --------------------------------------------------------------+---------
    emagent_frmrep_inst_1 | EMAGENT | 28279 | Alive
    RptSvr_eiaorapptest_frmrep_ins | ReportsServerComp~ | 28124 | Alive
    ohs1 | OHS | 27831 | Alive
    This looks to me like there is an Oracle Http Server installed.
    Is the Oracle Http Server answering web calls when I run forms or is the Weg Logic Server answering the call?
    Also, the Oracle Forms Installation Documentation talks about securing your environment with Oracle Identity Manager but we are not using Oracle Identity Manager. I want to use SSL but I'm not sure how to secure the environment with SSL. Do I need to configure the WebLogic server to use SSL or the OHS?
    Any help would be greatly appreciated.
    Cheers

    Fusion Middleware 11.1.x does include HTTP Server (OHS) and also requires WLS. Both HTTP Server and WLS are http listeners, amongst other things. So whether WLS handles a request or HTTP Server does it will be entirely up to you and/or the end-user.
    OHS has a listener which by default (in FMw) listens for requests on port 8888. On the other hand WLS_FORMS is preconfigured to listen on port 9001.
    This means that if your URL looks like the following, WLS_FORMS will directly answer the client:
    <blockquote>http://server:9001/forms/frmservlet?form=abc</blockquote>
    If the URL looks like the following, the HTTP Server will reply:
    <blockquote>http://server:8888/forms/frmservlet?form=abc</blockquote>
    The request path when using OHS as the listener to call Oracle Forms would look like this:
    <blockquote>CLIENT --- OHS --- WLS_FORMS --- FORMS SERVLET --- FORMS RUNTIME (frmweb.exe) --- DATABASE</blockquote>
    The request path when using WLS_FORMS as the listener to call Oracle Forms would look like this:
    <blockquote>CLIENT --- WLS_FORMS --- FORMS SERVLET --- FORMS RUNTIME (frmweb.exe) --- DATABASE</blockquote>
    Although removing OHS from the path would seem to be better because it is one less server to administer and less system resources consumed, generally it would be argued that the advantages of having it will outweigh the disadvantages.
    There are numerous advantages to use OHS in front of WLS, but the most obvious should be that OHS can be set up so that you have one and only one entry point into your FMw environment. In other words, even though for example Forms WLS listens on 9001 and Reports on 9002 and some other app on 9999, all requests can be routed through a single OHS port (e.g. 8888). This gives added security since only one port would need to be open assuming a firewall was in place. This configuration is also helpful when calling one application from another. For example when calling Reports from Forms. If you use OHS, references to other WLS managed servers can be called with a relative reference rather than a fully qualified one.
    Regarding whether or not SSL needs to be enabled at any particular point in the path is entirely up to you. You can enable SSL from the client all the way back to the db or any where in between. It is fairly common to see SSL between the client and OHS then no SSL to WLS. But if security is a great concern then you may want to consider SSL from front to back. However, keep in mind that SSL comes at a price. Performance will degrade slightly when SSL is enabled.
    Also, OAM (Oracle Access Manager) has nothing to do with SSL. SSL refers to traffic encryption. OAM is for authentication - single sign on.
    Consider reviewing the Forms Deployment Guide as well as the other Fusion Middleware documents referenced within it.
    <blockquote>http://docs.oracle.com/cd/E24269_01/index.htm</blockquote>
    Finally, and most important, this topic really has nothing to do with Oracle Forms. This is more about how a web server or its environment works.

  • JMX with apache plugin and weblogic

    Hy every body
    I use weblogic 9.1, throw apache plugin
    I try to get mbean with JMX,
    i have this error on the log of the server when I try to acces to a server by passing apache url into jmxConnector:
    java.lang.AssertionError: Assertion violated
         at weblogic.utils.Debug.assertion(Debug.java:57)
         at weblogic.iiop.MuxableSocketIIOP.getMessageLength(MuxableSocketIIOP.java:315)
         at weblogic.socket.AbstractMuxableSocket.isMessageComplete(AbstractMuxableSocket.java:336)
         at weblogic.socket.MuxableSocketDiscriminator.dispatch(MuxableSocketDiscriminator.java:166)
         at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
         at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
         at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:42)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:145)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:117)
    the log:
    ================New Request: [GIOP] =================
    Tue May 31 14:25:36 2011 <35921306844736112> INFO: SSL is not configured
    Tue May 31 14:25:36 2011 <35921306844736112> Using Uri /
    Tue May 31 14:25:36 2011 <35921306844736112> After trimming path: '/'
    Tue May 31 14:25:36 2011 <35921306844736112> The final request string is '/'
    Tue May 31 14:25:36 2011 <35921306844736112> SEARCHING id=[192.168.2.83:7001] from current ID=[192.168.2.83:7001]
    Tue May 31 14:25:36 2011 <35921306844736112> The two ids matched
    Tue May 31 14:25:36 2011 <35921306844736112> @@@FOUND...id=[192.168.2.83:7001], server_name=[AdminServer], server_port=[80]
    Tue May 31 14:25:36 2011 <35921306844736112> attempt #0 out of a max of 5
    Tue May 31 14:25:36 2011 <35921306844736112> Trying a pooled connection for '192.168.2.83/7001/7001'
    Tue May 31 14:25:36 2011 <35921306844736112> getPooledConn: No more connections in the pool for Host[192.168.2.83] Port[7001] SecurePort[7001]
    Tue May 31 14:25:36 2011 <35921306844736112> general list: trying connect to '192.168.2.83'/7001/7001 at line 2724 for '/'
    Tue May 31 14:25:36 2011 <35921306844736112> INFO: New NON-SSL URL
    Tue May 31 14:25:36 2011 <35921306844736112> Connect returns -1, and error no set to 10035, msg 'Unknown error'
    Tue May 31 14:25:36 2011 <35921306844736112> EINPROGRESS in connect() - selecting
    Tue May 31 14:25:36 2011 <35921306844736112> Local Port of the socket is 2039
    Tue May 31 14:25:36 2011 <35921306844736112> Remote Host 192.168.2.83 Remote Port 7001
    Tue May 31 14:25:36 2011 <35921306844736112> general list: created a new connection to '192.168.2.83'/7001 for '/', Local port:2039
    Tue May 31 14:25:36 2011 <35921306844736112> URL::sendHeaders(): meth='GIOP' file='/' protocol='HTTP/0.9'
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Connection]=[Keep-Alive]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-Forwarded-For]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[24]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Local port of the socket 2039, connected to Remote Host/Port 192.168.2.83/7001
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Response contains no data - isRecycled: 0
    Tue May 31 14:25:36 2011 <35921306844736112> *******Exception type [READ_ERROR_FROM_SERVER] (Unexpected EOF reading HTTP status - failover request based on Idempotent flag) raised at line 841 of ../nsapi/URL.cpp
    Tue May 31 14:25:36 2011 <35921306844736112> Marking 192.168.2.83:7001 as bad
    Tue May 31 14:25:36 2011 <35921306844736112> got exception in sendRequest phase: READ_ERROR_FROM_SERVER [os error=0, line 841 of ../nsapi/URL.cpp]: Unexpected EOF reading HTTP status - failover request based on Idempotent flag at line 3160
    Tue May 31 14:25:36 2011 <35921306844736112> Failing over after sendRequest() exception: READ_ERROR_FROM_SERVER as Idempotent is set to ON
    Tue May 31 14:25:36 2011 <35921306844736112> attempt #1 out of a max of 5
    Tue May 31 14:25:36 2011 <35921306844736112> general list: trying connect to '192.168.2.83'/7001/7001 at line 2724 for '/'
    Tue May 31 14:25:36 2011 <35921306844736112> INFO: New NON-SSL URL
    Tue May 31 14:25:36 2011 <35921306844736112> Connect returns -1, and error no set to 10035, msg 'Unknown error'
    Tue May 31 14:25:36 2011 <35921306844736112> EINPROGRESS in connect() - selecting
    Tue May 31 14:25:36 2011 <35921306844736112> Local Port of the socket is 2040
    Tue May 31 14:25:36 2011 <35921306844736112> Remote Host 192.168.2.83 Remote Port 7001
    Tue May 31 14:25:36 2011 <35921306844736112> general list: created a new connection to '192.168.2.83'/7001 for '/', Local port:2040
    Tue May 31 14:25:36 2011 <35921306844736112> URL::sendHeaders(): meth='GIOP' file='/' protocol='HTTP/0.9'
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Connection]=[Keep-Alive]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-Forwarded-For]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[24]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Local port of the socket 2040, connected to Remote Host/Port 192.168.2.83/7001
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Response contains no data - isRecycled: 0
    Tue May 31 14:25:36 2011 <35921306844736112> *******Exception type [READ_ERROR_FROM_SERVER] (Unexpected EOF reading HTTP status - failover request based on Idempotent flag) raised at line 841 of ../nsapi/URL.cpp
    Tue May 31 14:25:36 2011 <35921306844736112> Marking 192.168.2.83:7001 as bad
    Tue May 31 14:25:36 2011 <35921306844736112> got exception in sendRequest phase: READ_ERROR_FROM_SERVER [os error=0, line 841 of ../nsapi/URL.cpp]: Unexpected EOF reading HTTP status - failover request based on Idempotent flag at line 3160
    Tue May 31 14:25:36 2011 <35921306844736112> Failing over after sendRequest() exception: READ_ERROR_FROM_SERVER as Idempotent is set to ON
    Tue May 31 14:25:36 2011 <35921306844736112> attempt #2 out of a max of 5
    Tue May 31 14:25:36 2011 <35921306844736112> general list: trying connect to '192.168.2.83'/7001/7001 at line 2724 for '/'
    Tue May 31 14:25:36 2011 <35921306844736112> INFO: New NON-SSL URL
    Tue May 31 14:25:36 2011 <35921306844736112> Connect returns -1, and error no set to 10035, msg 'Unknown error'
    Tue May 31 14:25:36 2011 <35921306844736112> EINPROGRESS in connect() - selecting
    Tue May 31 14:25:36 2011 <35921306844736112> Local Port of the socket is 2041
    Tue May 31 14:25:36 2011 <35921306844736112> Remote Host 192.168.2.83 Remote Port 7001
    Tue May 31 14:25:36 2011 <35921306844736112> general list: created a new connection to '192.168.2.83'/7001 for '/', Local port:2041
    Tue May 31 14:25:36 2011 <35921306844736112> URL::sendHeaders(): meth='GIOP' file='/' protocol='HTTP/0.9'
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Connection]=[Keep-Alive]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-Forwarded-For]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[24]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Local port of the socket 2041, connected to Remote Host/Port 192.168.2.83/7001
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Response contains no data - isRecycled: 0
    Tue May 31 14:25:36 2011 <35921306844736112> *******Exception type [READ_ERROR_FROM_SERVER] (Unexpected EOF reading HTTP status - failover request based on Idempotent flag) raised at line 841 of ../nsapi/URL.cpp
    Tue May 31 14:25:36 2011 <35921306844736112> Marking 192.168.2.83:7001 as bad
    Tue May 31 14:25:36 2011 <35921306844736112> got exception in sendRequest phase: READ_ERROR_FROM_SERVER [os error=0, line 841 of ../nsapi/URL.cpp]: Unexpected EOF reading HTTP status - failover request based on Idempotent flag at line 3160
    Tue May 31 14:25:36 2011 <35921306844736112> Failing over after sendRequest() exception: READ_ERROR_FROM_SERVER as Idempotent is set to ON
    Tue May 31 14:25:36 2011 <35921306844736112> attempt #3 out of a max of 5
    Tue May 31 14:25:36 2011 <35921306844736112> general list: trying connect to '192.168.2.83'/7001/7001 at line 2724 for '/'
    Tue May 31 14:25:36 2011 <35921306844736112> INFO: New NON-SSL URL
    Tue May 31 14:25:36 2011 <35921306844736112> Connect returns -1, and error no set to 10035, msg 'Unknown error'
    Tue May 31 14:25:36 2011 <35921306844736112> EINPROGRESS in connect() - selecting
    Tue May 31 14:25:36 2011 <35921306844736112> Local Port of the socket is 2042
    Tue May 31 14:25:36 2011 <35921306844736112> Remote Host 192.168.2.83 Remote Port 7001
    Tue May 31 14:25:36 2011 <35921306844736112> general list: created a new connection to '192.168.2.83'/7001 for '/', Local port:2042
    Tue May 31 14:25:36 2011 <35921306844736112> URL::sendHeaders(): meth='GIOP' file='/' protocol='HTTP/0.9'
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Connection]=[Keep-Alive]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-Forwarded-For]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[24]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Local port of the socket 2042, connected to Remote Host/Port 192.168.2.83/7001
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Response contains no data - isRecycled: 0
    Tue May 31 14:25:36 2011 <35921306844736112> *******Exception type [READ_ERROR_FROM_SERVER] (Unexpected EOF reading HTTP status - failover request based on Idempotent flag) raised at line 841 of ../nsapi/URL.cpp
    Tue May 31 14:25:36 2011 <35921306844736112> Marking 192.168.2.83:7001 as bad
    Tue May 31 14:25:36 2011 <35921306844736112> got exception in sendRequest phase: READ_ERROR_FROM_SERVER [os error=0, line 841 of ../nsapi/URL.cpp]: Unexpected EOF reading HTTP status - failover request based on Idempotent flag at line 3160
    Tue May 31 14:25:36 2011 <35921306844736112> Failing over after sendRequest() exception: READ_ERROR_FROM_SERVER as Idempotent is set to ON
    Tue May 31 14:25:36 2011 <35921306844736112> attempt #4 out of a max of 5
    Tue May 31 14:25:36 2011 <35921306844736112> general list: trying connect to '192.168.2.83'/7001/7001 at line 2724 for '/'
    Tue May 31 14:25:36 2011 <35921306844736112> INFO: New NON-SSL URL
    Tue May 31 14:25:36 2011 <35921306844736112> Connect returns -1, and error no set to 10035, msg 'Unknown error'
    Tue May 31 14:25:36 2011 <35921306844736112> EINPROGRESS in connect() - selecting
    Tue May 31 14:25:36 2011 <35921306844736112> Local Port of the socket is 2043
    Tue May 31 14:25:36 2011 <35921306844736112> Remote Host 192.168.2.83 Remote Port 7001
    Tue May 31 14:25:36 2011 <35921306844736112> general list: created a new connection to '192.168.2.83'/7001 for '/', Local port:2043
    Tue May 31 14:25:36 2011 <35921306844736112> URL::sendHeaders(): meth='GIOP' file='/' protocol='HTTP/0.9'
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Connection]=[Keep-Alive]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-Forwarded-For]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[24]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Local port of the socket 2043, connected to Remote Host/Port 192.168.2.83/7001
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Response contains no data - isRecycled: 0
    Tue May 31 14:25:36 2011 <35921306844736112> *******Exception type [READ_ERROR_FROM_SERVER] (Unexpected EOF reading HTTP status - failover request based on Idempotent flag) raised at line 841 of ../nsapi/URL.cpp
    Tue May 31 14:25:36 2011 <35921306844736112> Marking 192.168.2.83:7001 as bad
    Tue May 31 14:25:36 2011 <35921306844736112> got exception in sendRequest phase: READ_ERROR_FROM_SERVER [os error=0, line 841 of ../nsapi/URL.cpp]: Unexpected EOF reading HTTP status - failover request based on Idempotent flag at line 3160
    Tue May 31 14:25:36 2011 <35921306844736112> Failing over after sendRequest() exception: READ_ERROR_FROM_SERVER as Idempotent is set to ON
    Tue May 31 14:25:36 2011 <35921306844736112> attempt #5 out of a max of 5
    Tue May 31 14:25:36 2011 <35921306844736112> general list: trying connect to '192.168.2.83'/7001/7001 at line 2724 for '/'
    Tue May 31 14:25:36 2011 <35921306844736112> INFO: New NON-SSL URL
    Tue May 31 14:25:36 2011 <35921306844736112> Connect returns -1, and error no set to 10035, msg 'Unknown error'
    Tue May 31 14:25:36 2011 <35921306844736112> EINPROGRESS in connect() - selecting
    Tue May 31 14:25:36 2011 <35921306844736112> Local Port of the socket is 2044
    Tue May 31 14:25:36 2011 <35921306844736112> Remote Host 192.168.2.83 Remote Port 7001
    Tue May 31 14:25:36 2011 <35921306844736112> general list: created a new connection to '192.168.2.83'/7001 for '/', Local port:2044
    Tue May 31 14:25:36 2011 <35921306844736112> URL::sendHeaders(): meth='GIOP' file='/' protocol='HTTP/0.9'
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Connection]=[Keep-Alive]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-SSL]=[false]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[WL-Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[Proxy-Client-IP]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-Forwarded-For]=[192.168.0.143]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-KeepAliveSecs]=[24]
    Tue May 31 14:25:36 2011 <35921306844736112> Hdrs to WLS:[X-WebLogic-Force-JVMID]=[unset]
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Local port of the socket 2044, connected to Remote Host/Port 192.168.2.83/7001
    Tue May 31 14:25:36 2011 <35921306844736112> readStatus: Response contains no data - isRecycled: 0
    Tue May 31 14:25:36 2011 <35921306844736112> *******Exception type [READ_ERROR_FROM_SERVER] (Unexpected EOF reading HTTP status - failover request based on Idempotent flag) raised at line 841 of ../nsapi/URL.cpp
    Tue May 31 14:25:36 2011 <35921306844736112> Marking 192.168.2.83:7001 as bad
    Tue May 31 14:25:36 2011 <35921306844736112> got exception in sendRequest phase: READ_ERROR_FROM_SERVER [os error=0, line 841 of ../nsapi/URL.cpp]: Unexpected EOF reading HTTP status - failover request based on Idempotent flag at line 3160
    Tue May 31 14:25:36 2011 <35921306844736112> Failing over after sendRequest() exception: READ_ERROR_FROM_SERVER as Idempotent is set to ON
    Tue May 31 14:25:36 2011 <35921306844736112> request [] did NOT process successfully..................
    the httpd.conf:
    <IfModule mod_weblogic.c>
    WebLogicHost 192.168.2.83
    WebLogicPort 7001
    #WebLogicCluster t3://192.168.2.83:7003, t3://192.168.2.83: 7005, t3://192.168.2.83:7013
    Idempotent on
    Debug HFC,HTW,HFW
    WLLogFile c:/wlproxy.log
    WLTempDir c:/TEMP
    DebugConfigInfo On
    KeepAliveEnabled ON
    KeepAliveSecs 14
    MatchExpression *
    </IfModule>
    <Location /HTTPClnt>
    SetHandler weblogic-handler
    </Location>
    I don't use ssl.
    I can access to the jsp of the server with the url of apach , but i cannot use jmx throught apache. I can use jmx with the server if I don't use apache, but i need apache for the next step of the project.
    please, help me !

    I think the plug-in is intended for serves static pages, and another part of the document like MIME types.
    I assume you are using the http protocol in your client to establish a jmx connection. Try enabling HTTP tunneling in weblogic server.
    Can you post the code used to establish connetion?

  • Proxy between Apache and Weblogic

    Hi ,
    I need to configure a proxy server in between Apache and Weblogic which means not all the requests should go through proxy, only one particular request should go from apache to proxy server and proxy server to Weblogic. Can any one help me how to configure this and how it is going to work.
    Regards,
    Vamsee

    Not exactly sure.However can we use proxying by MIME type here
    http://download.oracle.com/docs/cd/E13222_01/wls/docs100/plugins/apache.html#wp132216
    Regards

  • Apache and weblogic plugins

    Hi All,
    I have installed apache well and as per the documents i could read that the apache related plugins are present under weblogic_home/server/bin
    but its clear in the apache guide that the plugins are not available for weblogic 10.3 release.which we have to download externally and put it in the apache server.
    can some one let me know where can i find these zip files which contain mod_jk plugins
    Thanks in Advance....

    I find this very confusing, finding the Apache plugins for 10.3.x. After searching around, looking into the download categories that I would think are relevant, I found nothing. I don't really need support information, support site requires its own logins and everything, and I just want that little piece of software. I ended up finding the direct link on http://vikashazrati.wordpress.com/2009/10/10/apache-weblogic-ubuntu/. This is very much not encouraging...

  • BEA Proxy Plugin and Apache Virtual Hosts

    I have a setup of different Apache (2.0.63) Instances with BEA-Proxy Plugin (10.0 MP1):
    <VirtualHost *>
    ServerName server1.tld
    <IfModule mod_weblogic.c>
    MatchExpression */app1/* WebLogicHost=app1.com|WebLogicPort=1234
    </IfModule>
    </VirtualHost>
    <VirtualHost *>
    ServerName server2.tld
    <IfModule mod_weblogic.c>
    MatchExpression */app2/* WebLogicHost=app2.com|WebLogicPort=1234
    </IfModule>
    </VirtualHost>
    Now I can access to this applications through apache by:
    http://server1.tld/app1/... and
    http://server2.tld/app2/
    this is ok, but it's also possible to access:
    http://server1.tld/app2/... and
    http://server2.tld/app1/
    Is this still a know bug? I have found this issue also in the old BEA forum, but there was also no solution.
    Does anybody know a workaround?
    Thanks,
    Chris

    Hi,
    I have a similar problem, I'm running apache 2.2 on windows and oc4j 10.1.3.4.0.
    I'd like to map http://app1.example.com/home.html in apache to http://10.1.1.3:8888/app1/home.html and http://app2.example.com/home.html to http://10.1.1.3:8888/app2/home.html
    I have the ProxyPass settings in my httpd.conf file
    ProxyPass / http://10.1.1.3:8888/app1
    ProxyPassReverse / http://10.1.1.3:8888/app1
    This works fine for the first URL and the browser shows the correct page at http://app1.example.com/home.html however as soon as I click a link in the page the browser tries to go to http://app1.example.com/app1/page2.html
    And since I have my ProxyPass mapping in apache, I think its trying to get to the following page in oc4j http://10.1.1.3:8888/app1/app1/page2.html which doesn't exist.
    Is there any way to map a subdomain/virtual host to an oc4j context but hide from the browser the oc4j context in each of the URLs.
    To make matters more tiricky (or maybe not), I'm using Struts 1.3.10 as my application framework, so I don't normally construct the <a> links myself but have Struts do that for me with <html:link> tags.
    Thanks in advance for any pointers,
    Andy.

  • Weblogic proxy plugin closes keep-alive connections to clients randomly

    In short we have following arhitecture:
    clients ---> wl proxy plugin 1 ----> weblogic 1
    clients ---> wl proxy plugin 2 ----> weblogic 2
    Beacuse of the application/installation specific requirements, we are not using failover, one wl proxy always forwards requests to one weblogic (simple configuration).
    Application is TR-069 protocol based (SOAP over HTTP) so it very much relays on persistence TCP connections (Connection: keep-alive). This TCP persistence has to work correctly in order that TR-069 messages are exchanged in required order, otherwise we have a error on application layer.
    Here and there we've noticed applications errors which suggest that we have some problems in TCP connection between the client and the weblogic server. After sniffing, we've noticed that weblogic proxy plugin (Apache) randomly, or because of some other reason we do not know, decides to close TCP connection to client, even app on weblogic did not request so ???
    As a result, client opens new connection to the server with new TR-069 session and it gets bounced beacuse it allready has one open on weblogic server.
    We've sniffed, traced everything we could, we were searching for patterns in time, etc... but we can not find the reason why proxy plugin decides to close the connection to the client (not to the weblogic server).
    Trace (replaced sensitive information):
    Thu Apr 29 15:05:50 2010 <958012725463463784> URL::parseHeaders: CompleteStatusLine set to [HTTP/1.1 200 OK]
    Thu Apr 29 15:05:50 2010 <958012725463463784> URL::parseHeaders: StatusLine set to [200 OK]
    Thu Apr 29 15:05:50 2010 <958012725463463784> parsed all headers OK
    Thu Apr 29 15:05:50 2010 <958012725463463784> sendResponse() : r->status = '200'
    Thu Apr 29 15:05:50 2010 <958012725463463784> canRecycle: conn=1 status=200 isKA=1 clen=545 isCTE=0
    Thu Apr 29 15:05:50 2010 <958012725463463784> closeConn: pooling for '$IP$/$PORT$'
    Thu Apr 29 15:05:50 2010 <958012725463463784> request [$URL$] processed successfully..................
    !!!! Now it closes the TCP connection and inserts "Connection: close" HTTP header !!!
    WL proxy plugin conf params are:
    WebLogicCluster $IP$:$PORT$
    DynamicServerList OFF
    KeepAliveTimeout 90
    MaxKeepAliveRequests 0
    KeepAliveSecs 55
    Apache worker configuration is:
    <IfModule mpm_worker_module>
    PidFile var/run/httpd-worker.pid
    LockFile var/run/accept-worker.lock
    StartServers 2
    MinSpareThreads 25
    MaxSpareThreads 75
    ThreadLimit 200
    ThreadsPerChild 200
    MaxClients 2000
    MaxRequestsPerChild 0
    AcceptMutex pthread
    </IfModule>
    Why weblogic proxy plugin ignores Keep-alive directive and decides to close connection to the client by itself?
    Any help?

    If a WebLogic Server instance listed in either the WebLogicCluster parameter or a dynamic cluster list returned from WebLogic Server fails, the failed server is marked as "bad" and the plug-in attempts to connect to the next server in the list.
    MaxSkipTime sets the amount of time after which the plug-in will retry the server marked as "bad." The plug-in attempts to connect to a new server in the list each time a unique request is received (that is, a request without a cookie).
    Note: The MaxSkips parameter has been deprecated as the MaxSkipTime parameter.
    See also here: http://download-llnw.oracle.com/docs/cd/E13222_01/wls/docs81/plugins/plugin_params.html
    You said the problem arises under significant load. Maybe, it is wise to tune the number file descriptor's on your operating system. HTTP connections are nothing more than TCP sockets on the operating system. All modern operating systems treat sockets as a specialized form of file access and use data structures called file descriptors to track open sockets and files for an operating system process. To control resource usage for processes on the machine, the operating system restricts the number of open file descriptors per process. You should be aware that all TCP connections that have been gracefully closed by an application will go into what is known as the TIME_WAIT state before being discarded by the operating system.
    On most unix systems you can use netstat -a | grep TIME_WAIT | wc -l to detemine the number of socket in time_wait state. You have to check with your system adminstrator how to tune the tcp_time_wait_interval. On solaris you can use: /usr/sbin/ndd -set /dev/tcp tcp_time_wait_interval 60000

  • Unable to find .so file for Apache proxy in Weblogic 92

    Hi,
    I'm trying to configure Apache as a proxy for Weblogic 9.2 cluster on HP - Itanium. Apache and Weblogic are installed, configured and running. I used the jar file installer to install Weblogic.
    Now i'm unable to find the Apache plugin anywhere in my weblogic directory. Any ideas how I can get one ??
    Thanks in advance,
    Anup.

    Hi,
    Thank you both for your help. Installed the plugins and now the proxy is running very nicely. Configuration was really very simple.
    Would like to ask one nore thing. The system i'm configuring now is supposed to cater a very heavy load in terms of connections. We know the application can take it as right now the Weblogic HTTP proxy is what is failing and that's when we decided on Apache. Any recomendations on the Apache side ??
    Thanks once more,
    Anup.

  • WebLogic proxy plugin: getPooledConn: No more connections in the pool

    Hi,
    We have weblogic proxy plugin installed in Sun One web server. but frequently we are getting following errors in proxy log:
    <1670612410085901> attempt #0 out of a max of 5
    <1670612410085901> Trying a pooled connection for '<IP>/<port>/<port>'
    <1670612410085901> getPooledConn: No more connections in the pool for Host [<IP>] Port[<port>] SecurePort[<port>]
    Can anybody please tell how this proxy plugin manages connection pools? I don't find any minimum / maximum number of conection to mention anywhere or how exactly it works?

    Try increasing the "AcceptBackLog" settings on the weblogic server and then verify for any changed behavior.
    Raise the Accept Backlog value from the default by 25 percent. Continue increasing the value by 25 percent until the messages cease to appear.
    Link :[http://e-docs.bea.com/wls/docs81/perform/WLSTuning.html#1136287]

Maybe you are looking for