HTTP Digest Authentication in Weblogic Server ?

Similar Messages

• How to disable authentication for weblogic server

  Hi expert,
  I have a web application deployed on weblogic server 12c. And I have a client which connects to the web application.  The client will authenticate with server with digest authentication (challenge\response). We use the default authentication in weblogic server and the authentication is done by weblogic server. And it works fine.
  However, I want to run a performance testing to replay all client requests including the requests for authentication. Since it's challenge/response authentication mechanism, the original requests can not pass authentication and weblogic server replies 401. I want to know is there any way to disable weblogic authentication so that the authentication passes when I replay my original request?
  Thanks very much!
  Regards,
  Yan

  You can disable the security of the application in the web.xml. Here there is a security-constraint configured that tells WebLogic what to do, for example,
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>All</web-resource-name>
  <url-pattern>/faces/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>MANAGER</role-name>
  <role-name>EMPLOYEE</role-name>
  </auth-constraint>
  <user-data-constraint>
  <transport-guarantee>NONE</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  If you put the security-constraint in comments, you can access the application, without authentication (note that the application itself probably uses the authentication in order to set certain things, so I do not if this is going to work).

• HTTP digest Authentication, using HttpURLConnection

  Hi,
  My requirement is simple, my stanalone applicaiton creates a XML request sends that to a web Application. Now to do this the Web application needs a HttpDigest Authentication. To do this wat we are doing is create a http url connection and get 401 response and then use that ot create the digest. to accomplish this the same urlConnection need to be used, else the new URL connection will send a new request. But in HttpUrlConnection there is a limitation that it can be used for only single request-response cycle.... can anybody suggest on this, wats the best practice to do HTTP digest authentication while communicating from a Stand alone application to a web application........................

  I would open a support case to get clarification on whether DIGEST is supported. According to the WLS 8.1 book I found on google, it looks like it may have been supported in 8.1:
  http://books.google.com/books?id=TiAKHpPHpHIC&pg=PA836&lpg=PA836&dq=WebLogic+Digest+Authentication&source=web&ots=ciJMQOXm2q&sig=oJGOs-J5snfFGt_hWSPi-FXyERQ&hl=en&sa=X&oi=book_result&resnum=10&ct=result
  If that is the case, it is unlikely that they removed it, it just may not be documented well as it is very uncommon.

• OSB: HTTP digest authentication for WebServices

  Hi,
  How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
  Best regards
  Dimo

  Did you figure out how to do it.?

• HTTP Digest Authentication

  Hi,
  To authenticate users I have to use digest authentication (RFC2617). However, it seems there is no support for this authentication in BEA webserver 8.1.
  How can I best implement this? Any tips on where to find classes which I can reuse, I hope I do not have to develop this from scratch.
  Thanks,
  Steve

  Steve, did this ever get solved? I have the same issue trying to use Mappoint.
  Thanks.

• Digest authentication in WL7.0

  Hi,
  Does anybody know if Weblogic Server 7.0 supports HTTP
  digest authentication method ?
  I created my own authenticator, but I want Weblogic to check
  the authentication method (but not the username/password). When
  I try to set a security constraint in my application's web.xml,
  the server says:
  weblogic.xml.dom.DOMProcessingException: DIGEST authentication method is not supported.
  Regards, Geza

  "Geza Szocs" <[email protected]> wrote in message
  news:[email protected]..
  >
  Hi,
  Does anybody know if Weblogic Server 7.0 supports HTTP
  digest authentication method ?
  Digest authentication is not supported in 7.0

• Http Digest authenticatio

  Is http digest authentication supported by osb or soa suite.?
  Thanks

  I would open a support case to get clarification on whether DIGEST is supported. According to the WLS 8.1 book I found on google, it looks like it may have been supported in 8.1:
  http://books.google.com/books?id=TiAKHpPHpHIC&pg=PA836&lpg=PA836&dq=WebLogic+Digest+Authentication&source=web&ots=ciJMQOXm2q&sig=oJGOs-J5snfFGt_hWSPi-FXyERQ&hl=en&sa=X&oi=book_result&resnum=10&ct=result
  If that is the case, it is unlikely that they removed it, it just may not be documented well as it is very uncommon.

• Domino ldap and weblogic server 6.1

  Hi,
  I am trying to use domino ldap for authentication in weblogic server 6.1
  I configured a custom ldap realm.
  But the users were not listed from domino ldap and authentication also failed.
  Can anybody help me?
  Thanx in advance.
  - prabha.

  at the moment it is possible for me to work, though. i worked around the
  problem and i set web.xml as a read only file. i still can't use wizards to
  create servlets and i can't edit web.xml with jbuilder.

• Digest Authentication with OC4J standalone

  Hi,
  I am using oc4j 9.0.3 standalone web container . I used axis application as soap engine for deploying a web service in the oc4j . I want to implement HTTP digest authentication for my webservice.
  I am forced to use the same verison of OC4J due to some reasons. Could anyone help me in knowing the procedure for the HTTP digest authentication implementation using oc4j903 asap.
  Advance thanks for help

  could anyone please reply to this thread asap

• NT domain authentication impelmented in weblogic server

  hello Sir,
  I would like to find out if there is any package with weblogic server that will allow me to authenticate the users of weblogic using an NT domain authentication.
  Any user of weblogic should be an authenticated user of an NT domain and i am in need of a package that will do this for me. I heard that BEA has some package that implements this functionality.
  Your help is very much appreciated.
  Thank You
  Raji Arumugam

  Hi Raji,
  I think that what you want is "NTRealm" for WebLogic.
  Look at http://e-docs.bea.com/wls/docs61/////ConsoleHelp/ntrealm.html which should help you.
  Cheers,
  Joe Jerry
  Raji Arumugam wrote:
  hello Sir,
  I would like to find out if there is any package with weblogic server that will allow me to authenticate the users of weblogic using an NT domain authentication.
  Any user of weblogic should be an authenticated user of an NT domain and i am in need of a package that will do this for me. I heard that BEA has some package that implements this functionality.
  Your help is very much appreciated.
  Thank You
  Raji Arumugam

• Accssing web applcation in weblogic server using only https

  There was a demo certificate that comes with the weblogic. I installed that certificate,
  but I still can accesse the application using http. is it possible to access
  the application using only https..?
  Mohamed

  Instead of using defaultauthenticator, you need to create RDBMS Authentication Providers inside myrelam of weblogic server.
  http://docs.oracle.com/cd/E13222_01/wls/docs92/secmanage/atn.html#wp1204622
  Regards,
  Sunil P

• How to remove custom authentication provider in weblogic server 11g

  Hi ,
  I am trying to remove the custom authentication provider in weblogic server 11g, It disappears when i delete it from list of authentication providers. But upon server restart it appears again.
  Documentation for 10g says delete it from service administration but i couldn't find one in 11g. Please help me in removing the custom authentication provider
  Thanks
  Sandeep

  You can try editing the config.xml file and removing it there. (Re: After provider reorder I cannot login admin server console
  If you are referring to a jar file - custom authenticators are usually placed in the <middleware-home>wlserver_10.3/server/lib/mbeantypes/ directory.

• Weblogic Server 10.3.0 and LDAP authentication Issue

  Hi - I have configured my WebLogic Server 10.3.0 for LDAP authentication (OID = 10.1.4.3.0) and so far the authentication works fine but I am having issue in terms of authorization.
  I am not able to access the default web logic administrator console app using any of the LDAP user, getting Forbiden message.
  It appears to me that the Weblogic Server is not pulling out the proper groups from the LDAP where user belongs too.
  Can anyone please point me towards the right direction to get this resolved.
  Thanks,
  STEPS
  Here are my steps I have followed:
  - Created a group called Administrators in OID.
  - Created a test user call uid=myadmin in the OID and assigned the above group to this user.
  - Added a new Authentication Provider to the Weblogic and configured it what is required to communicate with OID (the config.xml file snipet is below)
  <sec:authentication-provider xsi:type="wls:ldap-authenticatorType">
  <sec:name>OIDAuthentication</sec:name>
  <sec:control-flag>SUFFICIENT</sec:control-flag>
  <wls:propagate-cause-for-login-exception>false</wls:propagate-cause-for-login-exception>
  <wls:host>pmpdeva-idm.ncr.pwgsc.gc.ca</wls:host>
  <wls:port>1389</wls:port>
  <wls:principal>cn=orcladmin</wls:principal>
  <wls:user-base-dn>ou=AppAdmins, o=gc, c=ca</wls:user-base-dn>
  <wls:credential-encrypted>removed from here</wls:credential-encrypted>
  <wls:group-base-dn>ou=IDM, ou=ServiceAccounts, o=gc, c=ca</wls:group-base-dn>
  </sec:authentication-provider>
  - Marked the default authentication provider as sufficient as well.
  - Re-ordered the authentication provide such that the OIDauthentication is first in the list and default one is the last.
  - Looking at the log file I see there are no groups returned for this user and that is the problem in my opinion.
  <LDAP Atn Login username: myadmin>
  <getConnection return conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <authenticate user:myadmin>
  <getDNForUser search("ou=AppAdmins, o=gc, c=ca", "(&(uid=myadmin)(objectclass=person))", base DN & below)>
  <DN for user myadmin: uid=myadmin,ou=AppAdmins,o=gc,c=ca>
  <authenticate user:myadmin with DN:uid=myadmin,ou=AppAdmins,o=gc,c=ca>
  <authentication succeeded>
  <returnConnection conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <LDAP Atn Authenticated User myadmin>
  <List groups that member: myadmin belongs to>
  <getConnection return conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <getDNForUser search("ou=AppAdmins, o=gc, c=ca", "(&(uid=myadmin)(objectclass=person))", base DN & below)>
  <DN for user myadmin: uid=myadmin,ou=AppAdmins,o=gc,c=ca>
  *<search("ou=IDM, ou=ServiceAccounts, o=gc, c=ca", "(&(uniquemember=uid=myadmin,ou=AppAdmins,o=gc,c=ca)(objectclass=groupofuniquenames))", base DN & below)>*
  *<Result has more elements: false>*
  <returnConnection conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <login succeeded for username myadmin>
  - I see the XACML RoleMapper getRoles() only returning the Anonymous role as oppose to Admin (because the OID user is a part of Administrators group in OID then it should be returning Admin as fars I can tell. Here is the log entry that shows that:
  <XACML RoleMapper getRoles(): returning roles Anonymous>
  - I did a ldap search and I found no issues in getting the results back:
  C:\>ldapsearch -h localhost -p 1389 -b"ou=IDM, ou=ServiceAccounts, o=gc, c=ca" -D cn=orcladmin -w "removed from here" (uniquemember=uid=myadmin,ou=AppAdmins,o=gc,c=ca)(objectclass=groupOfUniqueNames)
  cn=Administrators,ou=IDM,ou=ServiceAccounts,o=gc,c=ca
  objectclass=groupOfUniqueNames
  objectclass=orclGroup
  objectclass=top
  END
  Here are the log entries:
  <1291668685624> <BEA-000000> <LDAP ATN LoginModule initialized>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.initialize delegated>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.login>
  <1291668685624> <BEA-000000> <LDAP Atn Login>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle callbcacks[0] will be delegated>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle callbcacks[0] will use NameCallback to retrieve name>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle callbcacks[1] will be delegated>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle will delegate all callbacks>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle delegated callbacks>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle got username from callbacks[0], UserName=myadmin>
  <1291668685624> <BEA-000000> <LDAP Atn Login username: myadmin>
  <1291668685624> <BEA-000000> <getConnection return conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  <1291668685624> <BEA-000000> <authenticate user:myadmin>
  <1291668685624> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=MBR_Domain", "(&(uid=myadmin)(objectclass=person))", base DN & below)>
  <1291668685624> <BEA-000000> <getDNForUser search("ou=people,ou=myrealm,dc=MBR_Domain", "(&(uid=myadmin)(objectclass=person))", base DN & below)>
  <1291668685624> <BEA-000000> <returnConnection conn:LDAPConnection { ldapVersion:2 bindDN:""}>
  <1291668685624> <BEA-000000> <[Security:090302]Authentication Failed: User myadmin denied>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.initialize LoginModuleClassName=weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.initialize ClassLoader=java.net.URLClassLoader@facf0b>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.initialize created delegate login module>
  <1291668685624> <BEA-000000> <LDAP ATN LoginModule initialized>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.initialize delegated>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.login>
  <1291668685624> <BEA-000000> <LDAP Atn Login>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle callbcacks[0] will be delegated>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle callbcacks[1] will be delegated>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle will delegate all callbacks>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle delegated callbacks>
  <1291668685624> <BEA-000000> <com.bea.common.security.internal.service.CallbackHandlerWrapper.handle did not get username from a callback>
  <1291668685624> <BEA-000000> <LDAP Atn Login username: myadmin>
  <1291668685624> <BEA-000000> <getConnection return conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <1291668685624> <BEA-000000> <authenticate user:myadmin>
  <1291668685624> <BEA-000000> <getDNForUser search("ou=AppAdmins, o=gc, c=ca", "(&(uid=myadmin)(objectclass=person))", base DN & below)>
  <1291668685671> <BEA-000000> <DN for user myadmin: uid=myadmin,ou=AppAdmins,o=gc,c=ca>
  <1291668685671> <BEA-000000> <authenticate user:myadmin with DN:uid=myadmin,ou=AppAdmins,o=gc,c=ca>
  <1291668685671> <BEA-000000> <authentication succeeded>
  <1291668685686> <BEA-000000> <returnConnection conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <1291668685686> <BEA-000000> <LDAP Atn Authenticated User myadmin>
  <1291668685686> <BEA-000000> <List groups that member: myadmin belongs to>
  <1291668685686> <BEA-000000> <getConnection return conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <1291668685686> <BEA-000000> <getDNForUser search("ou=AppAdmins, o=gc, c=ca", "(&(uid=myadmin)(objectclass=person))", base DN & below)>
  <1291668685686> <BEA-000000> <DN for user myadmin: uid=myadmin,ou=AppAdmins,o=gc,c=ca>
  <1291668685686> <BEA-000000> <search("ou=IDM, ou=ServiceAccounts, o=gc, c=ca", "(&(uniquemember=uid=myadmin,ou=AppAdmins,o=gc,c=ca)(objectclass=groupofuniquenames))", base DN & below)>
  <1291668685686> <BEA-000000> <Result has more elements: false>
  <1291668685686> <BEA-000000> <returnConnection conn:LDAPConnection {ldaps://pmpdeva-idm.ncr.pwgsc.gc.ca:1389 ldapVersion:3 bindDN:"cn=orcladmin"}>
  <1291668685686> <BEA-000000> <login succeeded for username myadmin>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.login delegated, returning true>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit>
  <1291668685686> <BEA-000000> <LDAP Atn Commit>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit delegated, returning false>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit>
  <1291668685686> <BEA-000000> <LDAP Atn Commit>
  <1291668685686> <BEA-000000> <LDAP Atn Principals Added>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.LoginModuleWrapper.commit delegated, returning true>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.JAASLoginServiceImpl.login logged in>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.JAASLoginServiceImpl.login subject=Subject:
       Principal: myadmin
  >
  <1291668685686> <BEA-000000> <weblogic.security.service.internal.WLSIdentityServiceImpl.getIdentityFromSubject Subject: 1
       Principal = class weblogic.security.principal.WLSUserImpl("myadmin")
  >
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principals)>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principal) Principal=myadmin>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principal) PrincipalClassName=weblogic.security.principal.WLSUserImpl>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principal) trying PrincipalValidator for interface weblogic.security.principal.WLSPrincipal>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principal) PrincipalValidator handles this PrincipalClass>
  <1291668685686> <BEA-000000> <Signed WLS principal myadmin>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principal) PrincipalValidator signed the principal>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principal) All required PrincipalValidators signed this PrincipalClass, returning true>
  <1291668685686> <BEA-000000> <com.bea.common.security.internal.service.JAASLoginServiceImpl.login identity=Subject: 1
       Principal = class weblogic.security.principal.WLSUserImpl("myadmin")
  >
  <1291668685686> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate succeeded for user myadmin, Identity=Subject: 1
       Principal = class weblogic.security.principal.WLSUserImpl("myadmin")
  >
  <1291668685686> <BEA-000000> <weblogic.security.service.internal.UserLockoutServiceImpl$ServiceImpl.isLocked(myadmin)>
  <1291668685686> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate login succeeded and myadmin was not previously locked out>
  <1291668685702> <BEA-000000> <Using Common RoleMappingService>
  <1291668685702> <BEA-000000> <PrincipalAuthenticator.validateIdentity>
  <1291668685702> <BEA-000000> <PrincipalAuthenticator.validateIdentity will use common security service>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principals)>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principal) Principal=myadmin>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principal) PrincipalClassName=weblogic.security.principal.WLSUserImpl>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principal) trying PrincipalValidator for interface weblogic.security.principal.WLSPrincipal>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principal) PrincipalValidator handles this PrincipalClass>
  <1291668685702> <BEA-000000> <Validate WLS principal myadmin returns true>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principal) PrincipalValidator said the principal is valid>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principal) One or more PrincipalValidators handled this PrincipalClass, returning true>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.PrincipalValidationServiceImpl.validate(Principals) validated all principals>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.RoleMappingServiceImpl.getRoles Identity=Subject: 1
       Principal = class weblogic.security.principal.WLSUserImpl("myadmin")
  >
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.RoleMappingServiceImpl.getRoles Resource=type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp, httpMethod=GET>
  <1291668685702> <BEA-000000> <XACML RoleMapper getRoles(): input arguments:>
  <1291668685702> <BEA-000000> <     Subject: 1
       Principal = weblogic.security.principal.WLSUserImpl("myadmin")
  >
  <1291668685702> <BEA-000000> <     Resource: type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp, httpMethod=GET>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp/*, httpMethod=GET>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp/*>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=/*, httpMethod=GET>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=/*>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=*.jsp, httpMethod=GET>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=*.jsp>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=/, httpMethod=GET>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console, uri=/>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp, contextPath=/console>
  <1291668685702> <BEA-000000> <     Parent: type=<url>, application=consoleapp>
  <1291668685702> <BEA-000000> <     Parent: type=<app>, application=consoleapp>
  <1291668685702> <BEA-000000> <     Parent: type=<url>>
  <1291668685702> <BEA-000000> <     Parent: null>
  <1291668685702> <BEA-000000> <     Context Handler: >
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(AdminChannelUsers,[everyone,users]) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:AdminChannelUser:, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role AdminChannelUser: DENIED>
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(AppTesters,[everyone,users]) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:AppTester:, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role AppTester: DENIED>
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(everyone,[everyone,users]) -> true>
  <1291668685702> <BEA-000000> <primary-rule evaluates to Permit>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:Anonymous:, 1.0 evaluates to Permit>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role Anonymous: GRANTED>
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(Monitors,[everyone,users]) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:Monitor:, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role Monitor: DENIED>
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(Operators,[everyone,users]) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:Operator:, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role Operator: DENIED>
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(CrossDomainConnectors,[everyone,users]) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:CrossDomainConnector:, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role CrossDomainConnector: DENIED>
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(Deployers,[everyone,users]) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:Deployer:, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role Deployer: DENIED>
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:group, SC=null, Value=[everyone,users]>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-is-in(Administrators,[everyone,users]) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:role:Admin:, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML RoleMapper: accessing role Admin: DENIED>
  <1291668685702> <BEA-000000> <XACML RoleMapper getRoles(): returning roles Anonymous>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.RoleMappingServiceImpl.getRoles returning [ "Anonymous" ]>
  <1291668685702> <BEA-000000> <AuthorizationManager will use common security for ATZ>
  <1291668685702> <BEA-000000> <weblogic.security.service.WLSAuthorizationServiceWrapper.isAccessAllowed>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AccessDecisionServiceImpl.isAccessAllowed Identity=Subject: 1
       Principal = class weblogic.security.principal.WLSUserImpl("myadmin")
  >
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AccessDecisionServiceImpl.isAccessAllowed Roles=[ "Anonymous" ]>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AccessDecisionServiceImpl.isAccessAllowed Resource=type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp, httpMethod=GET>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AccessDecisionServiceImpl.isAccessAllowed Direction=ONCE>
  <1291668685702> <BEA-000000> <XACML Authorization isAccessAllowed(): input arguments:>
  <1291668685702> <BEA-000000> <     Subject: 1
       Principal = weblogic.security.principal.WLSUserImpl("myadmin")
  >
  <1291668685702> <BEA-000000> <     Roles:Anonymous>
  <1291668685702> <BEA-000000> <     Resource: type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp, httpMethod=GET>
  <1291668685702> <BEA-000000> <     Direction: ONCE>
  <1291668685702> <BEA-000000> <     Context Handler: >
  <1291668685702> <BEA-000000> <Accessed Subject: Id=urn:oasis:names:tc:xacml:2.0:subject:role, SC=null, Value=Anonymous>
  <1291668685702> <BEA-000000> <Evaluate urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of([Admin,Operator,Deployer,Monitor],Anonymous) -> false>
  <1291668685702> <BEA-000000> <primary-rule evaluates to NotApplicable because of Condition>
  <1291668685702> <BEA-000000> <urn:bea:xacml:2.0:entitlement:resource:type@E@Furl@G@M@Oapplication@Econsoleapp@M@OcontextPath@E@Uconsole@M@Ouri@E@U, 1.0 evaluates to Deny>
  <1291668685702> <BEA-000000> <XACML Authorization isAccessAllowed(): returning DENY>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AccessDecisionServiceImpl.isAccessAllowed AccessDecision returned DENY>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AdjudicationServiceImpl.adjudicate Results=[ DENY ]>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AdjudicationServiceImpl.adjudicate Resource=type=<url>, application=consoleapp, contextPath=/console, uri=/index.jsp, httpMethod=GET>
  <1291668685702> <BEA-000000> <DefaultAdjudicatorImpl.adjudicate results: DENY >
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AdjudicationServiceImpl.adjudicate Adjudictor returned false, returning that value>
  <1291668685702> <BEA-000000> <com.bea.common.security.internal.service.AuthorizationServiceImpl.isAccessAllowed returning adjudicated: false>

  Okay Finally the issue is resolved. Here is the findings to help others in case they ran into the same issue.
  The OID version that we are using is not returning the groups the way Weblogic is building the ldapsearch command. We captured the ldap traffic to go deeper and noticed the filters and attributes list that wls was asking. For example, the filter was like:
  "(&(uniquemember=uid=myadmin,ou=AppAdmins,o=gc,c=ca)(objectclass=groupofuniquenames))" cn
  its was the "cn" attribute that was causing the result set to be empty.
  from a command line we tried
  "(&(uniquemember=uid=myadmin,ou=AppAdmins,o=gc,c=ca)(objectclass=groupofuniquenames))" uniquemember
  and got the results back.
  Then we start looking into OID configuration and one of my coworker pointed me towards the orclinmemfiltprocess attributes in cn=dsaconfig entry and told me that they had lot of issues in the past in relation to this attribute.
  So as a test we removed the groupofuniquenames objectclass from the orclinmemfiltprocess attribute list and bingo it worked!
  Since we needed the groupofuniquenames in this list for performance/other reasons and decided to use a different objectclass for our groups instead i.e. orclGroup.
  Thanks everyone for showing interest on the problem and providing suggestions.

• WebLogic Server 9.2 Windows - javax.servlet.ServletException: [HTTP:101250]

  Hi,
  I am using BEA WebLogic Server 9.2
  When I deployed my [ear] apllication (Struts 1, Java 1.4, EJB2) I get this error:
  Message icon - Error     javax.servlet.ServletException: [HTTP:101250][weblogic.servlet.internal.WebAppServletContext@11c2137 -
  appName: 'test-ear', name: 'TEST', context-path: '/TEST']: Servlet class de.general.TestActionServlet for servlet action could not be loaded because a class on which
  it depends was not found in the classpath . java.lang.NoClassDefFoundError:
  org/apache/struts/action/ActionServlet.     
  Please help me in this ClassLoader problem,
  Regards

  Hi
  you can set the classpath struts.jar in setDomainEnv.cmd
  you can get this file in your root domain under the bin directory.
  set classpath=%classpath%;/struts.jar;

• Configuring Apache HTTP Server with Oracle Weblogic Server plugin

  Hello friends,
  I have a scenario of OIM 9.1.0.2 on Oracle Application Server 11g and Weblogic Server Apache HTTP Server.
  Oracle WebLogic Server is configured in cluster (node1 and node2), also use the Oracle Weblogic Server plugin for integration with Apache.
  One of the tests is to lose one of the nodes for the apache plugin redirects the node that has less overhead.
  When the mode is node1 and node2 stop start mode and try to access the management console of Oracle Identity Manager, the plugin sometimes redirects to the other active node, and on another occasion shows the oracle management console identity manager without the colors of the basic look and feel.
  Deputy of the Apache HTTP Server log, do you expect your comments to solve this case?
  *************************************************log****************************************************
  Server Details are:
  OrigHostInfo [192.168.1.200]
  isOrigHostInfoDNS [0]
  Host [192.168.1.200]
  Port [7002]
  SecurePort [7004]
  Mon Jan 30 22:10:43 2012 <2600713279794431> Initializing lastIndex=0 for a list of length=1
  Mon Jan 30 22:10:43 2012 <2600713279794431> initJVMID: Trying to locate Primary or Secondary using SrvrInfo with JVMID [-872106207]
  Mon Jan 30 22:10:43 2012 <2600713279794431> initJVMID: Found Primary 192.168.1.200:7002:7004
  Mon Jan 30 22:10:43 2012 <2600713279794431> INFO: Closing SSL context
  Mon Jan 30 22:10:43 2012 <2600713279794431> .....internal request /bea_wls_internal/WLDummyInitJVMIDs.....processed
  Mon Jan 30 22:10:43 2012 <2600713279794431> getPreferredFromCookie: Found 1 servers
  Mon Jan 30 22:10:43 2012 <2600713279794431> attempt #0 out of a max of 5
  Mon Jan 30 22:10:43 2012 <2600713279794431> trying connect to PRIMARY '192.168.1.200'/7002/7004
  Mon Jan 30 22:10:43 2012 <2600713279794431> getPooledConn: No more connections in the pool for Host[192.168.1.200] Port[7002] SecurePort[7004]
  Mon Jan 30 22:10:43 2012 <2600713279794431> New SSL URL: match = 0 oid = 22
  Mon Jan 30 22:10:43 2012 <2600713279794431> Connect returns -1, and error no set to 150, msg 'Operation now in progress'
  Mon Jan 30 22:10:43 2012 <2600713279794431> EINPROGRESS in connect() - selecting
  Mon Jan 30 22:10:43 2012 <2600713279794431> Setting peerID for new SSL connection
  Mon Jan 30 22:10:43 2012 <2600713279794431> 0ae2 0436 0000 1b5c ...6...\
  Mon Jan 30 22:10:43 2012 <2600713279794431> Local Port of the socket is 39186
  Mon Jan 30 22:10:43 2012 <2600713279794431> Remote Host 192.168.1.200 Remote Port 7004
  Mon Jan 30 22:10:43 2012 <2600713279794431> created a new connection to preferred server '192.168.1.200/7004' for '/xlWebApp/images/spacer.gif', Local port:39186
  Mon Jan 30 22:10:43 2012 <2600713279794431> INFO: CA certificate missing basicConstraints, validation failed
  Mon Jan 30 22:10:43 2012 <2600713279794431> ERROR: SSLWrite failed
  Mon Jan 30 22:10:43 2012 <2600713279794431> SEND failed (ret=-1) at 793 of file ../nsapi/URL.cpp
  Mon Jan 30 22:10:43 2012 <2600713279794431> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 794 of ../nsapi/URL.cpp
  Mon Jan 30 22:10:43 2012 <2600713279794431> Marking 192.168.1.200:7004 as bad
  Mon Jan 30 22:10:43 2012 <2600713279794431> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0,  line 794 of ../nsapi/URL.cpp]: at line 3160
  Mon Jan 30 22:10:43 2012 <2600713279794431> INFO: Closing SSL context
  Mon Jan 30 22:10:43 2012 <2598413279794431>
  ================New Request: [GET /images/cab.gif HTTP/1.1] =================
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: SSL is configured
  Mon Jan 30 22:10:43 2012 <2598413279794431> SSL Main Context not set. Calling InitSSL
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: SSL configured successfully
  Mon Jan 30 22:10:43 2012 <2598413279794431> Using Uri /images/cab.gif
  Mon Jan 30 22:10:43 2012 <2598413279794431> After trimming path: '/images/cab.gif'
  Mon Jan 30 22:10:43 2012 <2598413279794431> adding prepend path: /xlWebApp/
  Mon Jan 30 22:10:43 2012 <2598413279794431> The final request string is '/xlWebApp/images/cab.gif'
  Mon Jan 30 22:10:43 2012 <2598413279794431> Host extracted from serverlist is [192.168.1.100]
  Mon Jan 30 22:10:43 2012 <2598413279794431> Host extracted from serverlist is [192.168.1.200]
  Mon Jan 30 22:10:43 2012 <2598413279794431> Initializing lastIndex=0 for a list of length=2
  Mon Jan 30 22:10:43 2012 <2598413279794431> getListNode: created a new server node: id='192.168.1.100:7004,192.168.1.200:7004' server_name='OIMSERVER', port='443'
  Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferred: availcookie=[JSESSIONID=6RGCPnbTFRG7LBrTRpFnv1QLnQHkxkqr4pjGhhGJyrJWJ1rv86NK!-872106207!NONE]
  Mon Jan 30 22:10:43 2012 <2598413279794431> Found cookie from cookie header: JSESSIONID=6RGCPnbTFRG7LBrTRpFnv1QLnQHkxkqr4pjGhhGJyrJWJ1rv86NK!-872106207!NONE
  Mon Jan 30 22:10:43 2012 <2598413279794431> Parsing cookie JSESSIONID=6RGCPnbTFRG7LBrTRpFnv1QLnQHkxkqr4pjGhhGJyrJWJ1rv86NK!-872106207!NONE
  Mon Jan 30 22:10:43 2012 <2598413279794431> getpreferredServersFromCookie: [-872106207!NONE]
  Mon Jan 30 22:10:43 2012 <2598413279794431> primaryJVMID: [-872106207]
  secondaryJVMID: [NONE]
  Mon Jan 30 22:10:43 2012 <2598413279794431> No of JVMIDs found in cookie: 1
  Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferredFromCookie: Start Position is 0, listLen is 2
  Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferredFromCookie: Either JVMIDs not set or they are stale. Will try to get JVMIDs from WLS
  Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Iterating SrvrList from position 0
  Mon Jan 30 22:10:43 2012 <2598413279794431> ======internal request /bea_wls_internal/WLDummyInitJVMIDs======
  initJVMID: Trying Host[192.168.1.100] Port[7004] SecurePort[7004] useSSL [1] ioTimeout [30] socketTimeout [2]
  Mon Jan 30 22:10:43 2012 <2598413279794431> New SSL URL: match = 0 oid = 0
  Mon Jan 30 22:10:43 2012 <2598413279794431> Connect returns -1, and error no set to 146, msg 'Connection refused'
  Mon Jan 30 22:10:43 2012 <2598413279794431> Error connecting to host 192.168.1.100:7004
  Mon Jan 30 22:10:43 2012 <2598413279794431> *******Exception type [CONNECTION_REFUSED] (Error connecting to host 192.168.1.100:7004 errno = 146) raised at line 1723 of ../nsapi/URL.cpp
  Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Failed to retrieved JVMID for 192.168.1.100:7004:7004
  Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Marked server as BAD
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Closing SSL context
  Mon Jan 30 22:10:43 2012 <2598413279794431> .....internal request /bea_wls_internal/WLDummyInitJVMIDs.....processed
  Mon Jan 30 22:10:43 2012 <2598413279794431> ======internal request /bea_wls_internal/WLDummyInitJVMIDs======
  initJVMID: Trying Host[192.168.1.200] Port[7004] SecurePort[7004] useSSL [1] ioTimeout [30] socketTimeout [2]
  Mon Jan 30 22:10:43 2012 <2598413279794431> New SSL URL: match = 0 oid = 0
  Mon Jan 30 22:10:43 2012 <2598413279794431> Connect returns -1, and error no set to 150, msg 'Operation now in progress'
  Mon Jan 30 22:10:43 2012 <2598413279794431> EINPROGRESS in connect() - selecting
  Mon Jan 30 22:10:43 2012 <2598413279794431> Setting peerID for new SSL connection
  Mon Jan 30 22:10:43 2012 <2598413279794431> 0ae2 0436 0000 1b5c ...6...\
  Mon Jan 30 22:10:43 2012 <2598413279794431> Local Port of the socket is 39188
  Mon Jan 30 22:10:43 2012 <2598413279794431> Remote Host 192.168.1.200 Remote Port 7004
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Certificate validation succeeded
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Negotiated to cipher: 3
  Mon Jan 30 22:10:43 2012 <2598413279794431> SSLWrite sent 171
  Mon Jan 30 22:10:43 2012 <2598413279794431> SSLWrite completed, sent 171
  Mon Jan 30 22:10:43 2012 <2598413279794431> Reader::fill() SSLRead returned: 0 290
  Mon Jan 30 22:10:43 2012 <2598413279794431> URL::parseHeaders: CompleteStatusLine set to [HTTP/1.1 404 Not Found]
  Mon Jan 30 22:10:43 2012 <2598413279794431> URL::parseHeaders: StatusLine set to [404 Not Found]
  Mon Jan 30 22:10:43 2012 <2598413279794431> parsed all headers OK
  Mon Jan 30 22:10:43 2012 <2598413279794431> Parsing cluster list: -872106207!182584374!7002!7004
  Mon Jan 30 22:10:43 2012 <2598413279794431> parseJVMID: Parsing JVMID '-872106207!182584374!7002!7004'
  Mon Jan 30 22:10:43 2012 <2598413279794431> parseJVMID: Actually parsing '-872106207!182584374!7002!7004'
  Mon Jan 30 22:10:43 2012 <2598413279794431> ServerInfo struct for JVMID '-872106207' populated
  Server Details are:
  OrigHostInfo [192.168.1.200]
  isOrigHostInfoDNS [0]
  Host [192.168.1.200]
  Port [7002]
  SecurePort [7004]
  Mon Jan 30 22:10:43 2012 <2598413279794431> Initializing lastIndex=0 for a list of length=1
  Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Trying to locate Primary or Secondary using SrvrInfo with JVMID [-872106207]
  Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Found Primary 192.168.1.200:7002:7004
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Closing SSL context
  Mon Jan 30 22:10:43 2012 <2598413279794431> .....internal request /bea_wls_internal/WLDummyInitJVMIDs.....processed
  Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferredFromCookie: Found 1 servers
  Mon Jan 30 22:10:43 2012 <2598413279794431> attempt #0 out of a max of 5
  Mon Jan 30 22:10:43 2012 <2598413279794431> trying connect to PRIMARY '192.168.1.200'/7002/7004
  Mon Jan 30 22:10:43 2012 <2598413279794431> getPooledConn: No more connections in the pool for Host[192.168.1.200] Port[7002] SecurePort[7004]
  Mon Jan 30 22:10:43 2012 <2598413279794431> New SSL URL: match = 0 oid = 22
  Mon Jan 30 22:10:43 2012 <2598413279794431> Connect returns -1, and error no set to 150, msg 'Operation now in progress'
  Mon Jan 30 22:10:43 2012 <2598413279794431> EINPROGRESS in connect() - selecting
  Mon Jan 30 22:10:43 2012 <2598413279794431> Setting peerID for new SSL connection
  Mon Jan 30 22:10:43 2012 <2598413279794431> 0ae2 0436 0000 1b5c ...6...\
  Mon Jan 30 22:10:43 2012 <2598413279794431> Local Port of the socket is 39189
  Mon Jan 30 22:10:43 2012 <2598413279794431> Remote Host 192.168.1.200 Remote Port 7004
  Mon Jan 30 22:10:43 2012 <2598413279794431> created a new connection to preferred server '192.168.1.200/7004' for '/xlWebApp/images/cab.gif', Local port:39189
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: CA certificate missing basicConstraints, validation failed
  Mon Jan 30 22:10:43 2012 <2598413279794431> ERROR: SSLWrite failed
  Mon Jan 30 22:10:43 2012 <2598413279794431> SEND failed (ret=-1) at 793 of file ../nsapi/URL.cpp
  Mon Jan 30 22:10:43 2012 <2598413279794431> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 794 of ../nsapi/URL.cpp
  Mon Jan 30 22:10:43 2012 <2598413279794431> Marking 192.168.1.200:7004 as bad
  Mon Jan 30 22:10:43 2012 <2598413279794431> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0,  line 794 of ../nsapi/URL.cpp]: at line 3160
  Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Closing SSL context
  Thanks

  "One of the tests is to lose one of the nodes for the apache plugin redirects the node that has less overhead."
  Note that the plug-in does a round robin load balancing, for example, in the case of three server (1,2,3) it does 1-2-3-1-2-3-1...
  with server 3 going down it does 1-2-1-2-1...
  An example configuration (with SSL off) looks as follows:
  LoadModule weblogic_module   "/home/oracle/weblogic12.1.1/apache/modules/mod_wl.so"
  <IfModule weblogic_module>
       ConnectTimeoutSecs 10
       ConnectRetrySecs 2
       DebugConfigInfo ON
       WLSocketTimeoutSecs 2
       WLIOTimeoutSecs 300
       Idempotent ON
       FileCaching ON
       KeepAliveSecs 20
       KeepAliveEnabled ON
       DynamicServerList ON
       WLProxySSL OFF
  </IfModule>
  <Location /LoadTest6>
       SetHandler weblogic-handler
       WebLogicCluster 172.31.0.175:7002,172.31.0.113:7003
  </Location>Also see the complete example here: http://middlewaremagic.com/weblogic/?p=7795
  "the plugin sometimes redirects to the other active node"
  This is somewhat strange, do you have session binding turned off?
  "and on another occasion shows the oracle management console identity manager without the colors of the basic look and feel."
  This could happen due to mime types (not really sure just a hunch). Here is a general story on this concept: https://developer.mozilla.org/en/Properly_Configuring_Server_MIME_Types
  and the apache module: http://httpd.apache.org/docs/2.2/mod/mod_mime.html