Identity Propagation within two weblogic domains in BPM Integration

Similar Messages

• Can i use single node manager with two weblogic domain?

  I am very new to weblogic and node manager.
  i had created two domains in weblogic. (single node manger).
  Can i connect both domains with same nodemanger?
  How to do this?

  The node manager uses a nodemanager.domains file to determine which domains it manages, for example,
  domain_name=/path_to_domain/domain_name
  other_domain_name=/path_to_other_domain/other_domain_name
  This file can be found in the NODEMANAGER_HOME, that you specified when starting the node manager (startNodeManager - NODEMGR_HOME="${WL_HOME}/../oracle_common/common/nodemanager")
  When you are running the domain on multiple machines you have to enroll the node manager into the domain (http://docs.oracle.com/cd/E23943_01/web.1111/e13813/reference.htm#i1065827)
  A scripted example can be found here: Middleware Snippets: Automate WebLogic Installation and Configuration. The Node Manager administration guide can be found here: Oracle® Fusion Middleware Node Manager Administrator's Guide for Oracle WebLogic Server 11g Release 1 (10.3.6) -….

• Atg servers for two weblogic domains

  HI
  I have created two domains one for dev and another for bcc
  if i deploy the two ears in respective domains
  how atg will create atg server instance for these two applications
  and also what is the main role of servers folders in atg home directory and also when it will come into the picture
  when servers folder will be useful and which scenario  it is useful
  and also i have localconfig folder inside atg home directory and also inside C:\ATG\ATG10.1.2\home\servers\dev_publishing folder
  what is the main difference between these two localconfig folders
  please give me clear picture on it

  ATG do not create atg servers. You need to create them manually using makeDynamoServer cmd.
  Once the server is created, you need to assemble the ear using the command:
  runAssember -server dev_publishing C:\test\publishing.ear -m <module list>
  Then these ears is deployed in each domain which are built with specific ATG server option.
  Server folder is configuration layer to override changes to server specific.
  atg home directory will override any changed defined in your module.
  C:\ATG\ATG10.1.2\home\servers\dev_publishing config layer is on top of atg home localconfig.
  Peace
  Shaik

• Run 2 Weblogic domains from the same console

  Hi
  I have a question.
  Currently now i have 2 domains, each domain was installed with Admin server and managed servers.
  I have 1 nodemanager.
  During the installation of the domains i had to provide different ports for the weblogic instances, so i have 2 different consoles to access the WL to manage domains.
  The question:
  Is there any way to handle and admin 2 different domains (which running on the same machine) from same WL console ?
  Thanks

  We do not have a way to administer two weblogic domains from same console.
  But,I think you can install Oracle Enterprise Manager to manage your middleware infrastructure.

• Weblogic Domain overwriting a different Domains config location

  Okay so here is the issue. I have two Weblogic Domains, lets say Domain1 and Domain2. For some reason recently Domain2 has decided that it is going to write to bea/domains/Domain1. This includes the config.xml, /jdbc and /nodemanager. Now I have verified that the startWeblogic.sh is setting the correct Domain2 locations however could this possibly be something with the Node Manager that is over riding these properties? Thanks for the help.
  My current machine is a Sun Solaris 10 box running Weblogic 10g.

  hi,
  the binaries available for download are all packaged with 32bit JVM. Please have a look at the link below
  WebLogic Server 12c (12.1.1), WebLogic Server 11g (10.3.6) and Previous Releases
  It also has binaries for linux available. I am quoting from the site verbatim for your reference:
  The following provides links to WebLogic Server 12.1.1 installers with 32-bit JVMs for Windows and
  Linux, the generic installer that can be used on any supported platform, and the zip distribution. The
  generic installer and the zip distribution do not include a JVM/JDK. For instructions on using the
  generic installer, see this document.
  In case you want to use your own latest version of JDK which can be a 32/64 bit version, you need to use the generic installer.
  The error which you are getting is due to permissions. Make sure you have a dedicated user for installing weblogic and the necessary permissions are granted to the user(linux) to the installation directories. May be the script is trying to install java at a particular location on your machine and failing. Hence the above error is displayed.
  Please have a look at the docs, you will find steps for weblogic installation on linux.
  Thanks,
  Souvik.

• Re: Comparing two weblogic Installations

  I tried accessing the link < http://download.oracle.com/technology/products/oem/events/recordings/acc_wls_viewlet/acc_wls_viewlet.html> but it says "the page you requested was not found.".
  Does OEM has an option to compare two weblogic domains such as their config.xml/setDomainEnv.sh for CLASSPATH/MEMORY SETTINGS/JAVA OPTIONS...?

  Oracle enterprise Manager (OEM)weblogic management pack has a configuration management module which can compare configurations across different environments ( test, stage , prod)
  A demo is available here: http://download.oracle.com/technology/products/oem/events/recordings/acc_wls_viewlet/acc_wls_viewlet.html

• WebLogic domain spread across two machines

  Hi All,
  I have a weblogic domain that spreads across two machines. First machine hosts the Admin server, (BAM , SOA) managed servers and the second machine hosts the (APPs and FIN) managed servers. As you can see the managed servers hosts different applications and not related with clustering. I want to know in such a setup do we need to have separate weblogic installation on both first and second machines or just have WebLogic installation on the first machine and have the second machine reference the first's WL installation.
  What's the best practice.
  Regards

  I mean for a domain spread over two machines, I need to have weblogic installation on both machines and not just the one running admin server. I read somewhere WebLogic installations have 1 to N relation with domains. Seems like for a domain spread across two machines, two WL installations and two licences. Am I right?

• Trying to install Aqualogic BPM Enterprise Server in a Weblogic domain.

  Hi,
  I'm trying to configure a AquaLogic BPM Enterprise Server on a currently working WebLogic domain. I have had a lot of problems due to that I needed to copy some AquaLogic/Fuego libraries to the domain lib folder (didn't find any doc about it) and so I could keep on going on with the installation. However, right now I'm completely stopped with an error ... I cannot find anything about it in the Bea forum and not even Google... Here you have it, I hope some of you guys can help me out!!
  <16-abr-2008 10H00' CEST> <Info> <Deployer> <BEA-149060> <Module /albpmServices/albpmengine of application 01-eng-albpmengine successfully transitioned from STATE_PREPARED to STATE_ADMIN on server AdminServer.>
  <16-abr-2008 10H00' CEST> <Info> <EJB> <BEA-010060> <The Message-Driven EJB: item-execution-albpmengine has connected/reconnected to the JMS destination: queue/ToDoQueue.>
  searching for directory.xml in the /META-INF directory
  Creating connector [__internal__:J2EE]
  Creating connector [fuego:SQL]
  Protocol [REMOTE_JDBC] not supported.
  Detail:Check that the appropriate pluggin is present in your system or that the provider name is not misspelled.
  fuego.directory.exception.ProtocolNotSupportedException: Protocol [REMOTE_JDBC] not supported.
  Detail:Check that the appropriate pluggin is present in your system or that the provider name is not misspelled.
       at fuego.directory.exception.ProtocolNotSupportedException.create(ProtocolNotSupportedException.java:34)
       at fuego.directory.provider.Factory.getFactoryFor(Factory.java:173)
       at fuego.directory.provider.Factory.getDirectoryFactory(Factory.java:214)
       at fuego.directory.Directory.fillPassport(Directory.java:122)
       at fuego.ejbengine.Engine.initDirectorySession(Engine.java:297)
       at fuego.ejbengine.Engine.start(Engine.java:123)
  ...

  Hi,
  I'm trying to configure a AquaLogic BPM Enterprise Server on a currently working WebLogic domain. I have had a lot of problems due to that I needed to copy some AquaLogic/Fuego libraries to the domain lib folder (didn't find any doc about it) and so I could keep on going on with the installation. However, right now I'm completely stopped with an error ... I cannot find anything about it in the Bea forum and not even Google... Here you have it, I hope some of you guys can help me out!!
  <16-abr-2008 10H00' CEST> <Info> <Deployer> <BEA-149060> <Module /albpmServices/albpmengine of application 01-eng-albpmengine successfully transitioned from STATE_PREPARED to STATE_ADMIN on server AdminServer.>
  <16-abr-2008 10H00' CEST> <Info> <EJB> <BEA-010060> <The Message-Driven EJB: item-execution-albpmengine has connected/reconnected to the JMS destination: queue/ToDoQueue.>
  searching for directory.xml in the /META-INF directory
  Creating connector [__internal__:J2EE]
  Creating connector [fuego:SQL]
  Protocol [REMOTE_JDBC] not supported.
  Detail:Check that the appropriate pluggin is present in your system or that the provider name is not misspelled.
  fuego.directory.exception.ProtocolNotSupportedException: Protocol [REMOTE_JDBC] not supported.
  Detail:Check that the appropriate pluggin is present in your system or that the provider name is not misspelled.
       at fuego.directory.exception.ProtocolNotSupportedException.create(ProtocolNotSupportedException.java:34)
       at fuego.directory.provider.Factory.getFactoryFor(Factory.java:173)
       at fuego.directory.provider.Factory.getDirectoryFactory(Factory.java:214)
       at fuego.directory.Directory.fillPassport(Directory.java:122)
       at fuego.ejbengine.Engine.initDirectorySession(Engine.java:297)
       at fuego.ejbengine.Engine.start(Engine.java:123)
  ...

• Creating two soa-infra managed servers on one Weblogic domain

  I would like one weblogic domain that includes two soa-infra each pointing to its own datastore.
  I would like to know if this is possible? If so, can someone point me to any documentation on how to accomplish this?
  Thank you,
  David

  No, still waiting for some kind of answer.

• Two application deployed on same weblogic domain

  Hi
  Can OSSO (Oracle Single Sign On) and OAM (Oracle Access manager) both be deployed on the same server in the same Weblogic Domain? My hunt is it is possible as long as the port nbumber is different. Any feedback are welcome.
  thanks

  AFAIK OAM cannot be deployed on Weblogic till next gen release which is quite far right now. So there's no point of asking if both can be deployed on the same server since OAM cannot be deployed on weblogic at all.

• Global Trust Between WebLogic Domains ?

  Hi there,
  Need clarification on "Global Trust between weblogic domains "
  My scenario :
  WebLogic Version installed                : 10.3.5.0
  Linux physical machines                     :  2
            x - machine
            y - machine
  Now, I've created new domain with AdminServer , and 2 managed servers on x-machine. And, 2 more managed servers on y-machine.
       x-machine --> AdminServer + 2 managed servers
       y-machine -->  2 managed servers
  Created a cluster for all the 4 managed servers.
  My question : Though we have created 2 domains -
                                                                                       Domain 1- on x-machine where we have Admin + 2 nodes
                                                                                       Domain 2 - on y-machine where we have 2 nodes
  Now , do we require to create/enabe "Global trust between these domains to communicate  ? And, enable cross-domain security also  ? Is this required  ?
  Or in which situations we require to enable trust between domains ?
  Can someone explain me.
  Thanks

  Looking to this Oracle Doc >> http://docs.oracle.com/cd/E24329_01/web.1211/e24375/basics.htm#BRDGE128
  "Typical tasks required to manage a messaging bridge using the Administration Console include
  Creating a trusted security relationship. See "Configuring Domains for Inter-Domain Transactions" in Programming JTA for Oracle WebLogic Server"
  And, clicking the link to Configuring Domains for Inter-Domain Transactions, there's two types of communications:
  Inter-domain—The transaction communication is between servers participating in transactions that are not in the same domain.
  Intra-domain—The transaction communication is between servers participating in transactions within the same domain
  Check the rest of the doc to know how to configure each type, and apply the one that matches your case..
  Hope it helps
  Regards,
  Mohab

• Can I configure two webserver domain in one windows server

  Can I configure two webserver domain in one windows server with default port. ( i.e 80 )
  For Ex:- http://server-name/psp/DOMAIN/?cmd=login and another one
  http://server-name/psp/DOMAIN2/?cmd=login.
  If not please let me know the workaround to do so. B'coz i don't want to put portnumber in my second URL..

  Hi,
  You can even have serveral domains within the same webserver instance.
  During PIA installation (of the second) choose option existing domain and then add an additional site.
  Give the domain a unique name and port to your second application server and you are ready to go.
  I usually do this on sandbox environments to keep the sandbox small , with several databases (Portal, HCM, FIN, CRM) and one PIA with serveral domain.
  But is definitely not what you should do for production systems.
  Each application should have it's one PIA instance.
  Hakan
  I didn't read the port number requirement.
  You can only run one webserver instance on a port number for example port 80.
  But you can still have one webserver PIA with serveral domain on the same port number as described above.
  Edited by: Hakan Biroglu on Mar 14, 2012 2:28 PM

• How to use both ojdbc14.jar and ojdbc6.jar in same weblogic domain(weblogic12C)

  Hi all,
  I 'm having issue of using both ojdbc14.jar and ojdbc6.jar in same weblogic application and same weblogic domain in weblogic 12C environment.
  how can i do that?
  i'm currently having application developed using jdk 1.6 and ojdbc6.jar, application developed using jdk 1.4 and ojdbc14.jar.both are currently installed at same domain.
  i want to use the both ojdbc14.jar and ojdbc6.jar in same domain.
  what i previously did was renaming /usr/weblogic/wls_server10.3.4/lib/ojdbc6.jar to /usr/weblogic/wls_server10.3.4/lib/ojdbc6.jar.bak and put ojdbc14.jar in the same path when i wanna use ojdbc14.jar.
  i haven't use both in same environment before, but to go live i wanna match about requirement.pls help.
  i know the way use this by having two domains, but in the same domain i could not find a solution yet.
  Please help

  Hey
  I have the similar requirement.. Did you managed to get an option of doing it? If yes, please provide some insights
  Thanks in Advance

• Have a transaction propagated to two remote machines!!!(URGENT!!!)

            Can we have a transaction propagated to two ejb's in different machines if we have database interaction in both?
            I tested it out with Account beans (examples)
            deployed on two different(remote) servers both servers having the same connection pool name and the mapping to the
            same oracle database (Using the oracle thin driver as well as the Weblogic Driver). One of the beans is in a local server and one in a remote server and both are accessed in the
            same transaction context. What happens is that the 2nd bean accessed throws a Null pointer Exception
            when it tries to getConnection().
            This is the server side stack trace -----
            SQLException: java.sql.SQLException: java.lang.NullPointerException:
            Start server side stack trace:
            java.lang.NullPointerException
            at weblogic.jdbc.common.internal.ConnectionMOWrapper.<init>(ConnectionMO
            Wrapper.java:42)
            at weblogic.jdbc.common.internal.ConnectionEnv.setConnection(ConnectionE
            nv.java:142)
            at weblogic.jdbc.common.internal.DriverProxy.execute(DriverProxy.java:17
            3)
            at weblogic.t3.srvr.ClientRequest.execute(ClientContext.java:1030)
            at weblogic.kernel.ExecuteThread.run(ExecuteThread.java, Compiled Code)
            End server side stack trace
            It appears that when the database call on the 2nd WL server is routed to the first WL server(the server that established the first connection for the transaction) for the database connection it is not able to find the connection( and hence the bombing). I'm going nuts over this for two days. Please help. We need to use Weblogic for our project and i need to confirm that this functionality works!!!!
            I'm attaching the stateless bean code which accesses both these beans.
            [TraderBean.java]
            

            Hi,
            Are you using cluster?
            Definitely you can be in one transaction if you just access one data source. that's two phase transaction.
            "kartik" <[email protected]> wrote:
            >
            >
            >
            >Can we have a transaction propagated to two ejb's in different machines if we have database interaction in both?
            >
            >I tested it out with Account beans (examples)
            > deployed on two different(remote) servers both servers having the same connection pool name and the mapping to the
            > same oracle database (Using the oracle thin driver as well as the Weblogic Driver). One of the beans is in a local server and one in a remote server and both are accessed in the
            > same transaction context. What happens is that the 2nd bean accessed throws a Null pointer Exception
            > when it tries to getConnection().
            >
            >This is the server side stack trace -----
            >SQLException: java.sql.SQLException: java.lang.NullPointerException:
            >Start server side stack trace:
            >java.lang.NullPointerException
            > at weblogic.jdbc.common.internal.ConnectionMOWrapper.<init>(ConnectionMO
            >Wrapper.java:42)
            > at weblogic.jdbc.common.internal.ConnectionEnv.setConnection(ConnectionE
            >nv.java:142)
            > at weblogic.jdbc.common.internal.DriverProxy.execute(DriverProxy.java:17
            >3)
            > at weblogic.t3.srvr.ClientRequest.execute(ClientContext.java:1030)
            > at weblogic.kernel.ExecuteThread.run(ExecuteThread.java, Compiled Code)
            >End server side stack trace
            >-----------------
            >
            >It appears that when the database call on the 2nd WL server is routed to the first WL server(the server that established the first connection for the transaction) for the database connection it is not able to find the connection( and hence the bombing). I'm going nuts over this for two days. Please help. We need to use Weblogic for our project and i need to confirm that this functionality works!!!!
            >
            >I'm attaching the stateless bean code which accesses both these beans.
            >
            

• Identity propagation with EJB

  How to propagation identity to Remote EJB if client application is not deployed on WLS, but just standalone application.
  I found some document on the web in regards to identity propagation with remote EJB ( EJB security mechanisms)
  I follow it and have the following code:
  package oracle.bpel.services.workflow.samples;
  import java.security.Principal;
  import java.security.PrivilegedExceptionAction;
  import java.util.List;
  import javax.security.auth.Subject;
  import javax.security.auth.callback.Callback;
  import javax.security.auth.callback.CallbackHandler;
  import javax.security.auth.callback.NameCallback;
  import javax.security.auth.callback.PasswordCallback;
  import javax.security.auth.callback.UnsupportedCallbackException;
  import javax.security.auth.login.LoginContext;
  import weblogic.security.auth.callback.URLCallback;
  import oracle.bpel.services.workflow.client.WorkflowServiceClientFactory;
  import oracle.security.jps.util.SubjectUtil;
  public class RemoteWFClientWithIdentityPropagationSample {
  public void runRemoteClient() {
  try {
  PrivilegedExceptionAction<List> privilegedExceptionAction = new PrivilegedExceptionAction<List>() {
  public List run() throws Exception {
  for (Principal pr : SubjectUtil.getCurrentSubject().getPrincipals()) {
  System.out.println("Current Principals: " + pr.getName());
  return RemoteWFClientSample.runWithUserPropagation(WorkflowServiceClientFactory.REMOTE_CLIENT); // it calls Remote EJB
  SampleCallbackHandler handler = new SampleCallbackHandler("jcooper", "welcome1", "t3://stapj73.us.oracle.com:7001");
  LoginContext loginContext = new LoginContext("Sample",handler);
  loginContext.login();
  Subject subject = loginContext.getSubject();
  List result = (List) Subject.doAs(subject, privilegedExceptionAction);
  System.out.println("runRemoteClient is " + result);
  } catch (Exception e) {
  System.out.println("Error occur");
  e.printStackTrace();
  class SampleCallbackHandler implements CallbackHandler {
  private String uname = null;
  private String passwd = null;
  private String url = null;
  public SampleCallbackHandler(String uname, String passwd, String url) {
  this.uname = uname;
  this.passwd = passwd;
  this.url = url;
  public void handle(Callback[] callbacks) throws
  java.io.IOException, UnsupportedCallbackException {
  for (int i = 0; i < callbacks.length; i++) {
  if (callbacks[i] instanceof NameCallback) {
  NameCallback nc = (NameCallback) callbacks;
  nc.setName(uname);
  } else if (callbacks[i] instanceof URLCallback) {
  URLCallback uc = (URLCallback) callbacks[i];
  uc.setURL(url);
  } else if (callbacks[i] instanceof PasswordCallback) {
  PasswordCallback pc = (PasswordCallback) callbacks[i];
  pc.setPassword(passwd.toCharArray());
  } // for
  } // handle()
  public static void main(String args[]) {
  RemoteWFClientWithIdentityPropagationSample sample = new RemoteWFClientWithIdentityPropagationSample();
  sample.runRemoteClient();
  I run test with JVM system option : -Djava.security.auth.login.config=C:\Work\JavaTry\login.conf
  where C:\Work\JavaTry\login.conf has the following lines:
  Sample {
  weblogic.security.auth.login.UsernamePasswordLoginModule required
  debug=false;
  Client shows pincipals in the Subject:
  But still, on server side sessionContext.getCallerPrincipal() returns '<anonymous>' instead of 'jcooper'
  What is wrong now?

  OK I have got a little further.
  code snippetString contextServiceURL = "corbaloc:iiop:10.230.180.69:7002/NameService";
  Hashtable table = new Hashtable();
  table.put(InitialContext.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.cosnaming.CNCtxFactory");
  table.put(InitialContext.PROVIDER_URL, contextServiceURL);
  InitialContext context = new InitialContext(table);
  Object ref = context.lookup("ejb.myejbRemoteHome");
  myejbRemoteHome home = (myejbRemoteHome)PortableRemoteObject.narrow(ref, myejbRemoteHome.class);
  myejbRemote obj = home.create();
  obj.testUnsecureMethod();
  obj.testSecureMethod();
  <<<<<<<<
  The unsecure call works fine, the secure call gives me:
  java.rmi.AccessException: CORBA NO_PERMISSION 0 Maybe; nested exception is:
       org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: Maybe
  If i set defaultiiop username and password in WebLogic under Environment -> Server -> protocals -> IIOP to weblogic/password then the secure call works. This makes me think that the Subject is not propagating properly.
  In the request in Tomcat I have a GenericPrincipal with user and group info. In the Session i have a Subject with only WLSUserImpl, but not the WLSGroupImpl's that I expect. They are there when the login happes, I see the weblogic Authenticate method populate the subject with the groups okay.
  Any help much appreicated.
  Edited by lnoton at 04/24/2008 2:56 AM
  Edited by lnoton at 04/24/2008 2:57 AM