OSB 11g Proxy Server - Missing SSL Port Configuration

Similar Messages

• SOAP Header based user/password authentication in OSB 11g Proxy Service

  Hi,
  I have implemented SOAP Header based authentication in my OSB 11g Proxy Service.
  In the Security settings of my AnySOAP(Soap 1.1) HTTP Proxy service, I have amde the following changes:
  1.
  In Transport Access Control link, i selected the User predicate, and provided an user already existing on weblogic server with following roles(AppTesters, Monitors, Operators).
  The AuthorizationProvider was XACMLAuthorizer
  2.
  Under Custom Authentication, I selected the Custom User Name and Password option, and provided the below mentiioned xpaths
  User Name XPath: ./*/*:Username/text()
  User Password XPath: ./*/*:Password/text()
  3.
  In Message Access Control link, i selected the User predicate with the same user as mentioned in Transport Access Control link.
  Now, when I am testing this service from OSB Test Console, I am providing the following input.
  <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/">
  <soap:Header>
  <AuthHeader>
  <N1:Username>userXYZ</N1:Username>
  <N1:Password>passXYZ</N1:Password>
  </AuthHeader>
  </soap:Header>
  <soap:Body>
  <!-- body payload -->
  </soap:Body>
  </soap:Envelope>
  The response is "The invocation resulted in an error: ."
  The OSB server logs show the below error:
  ####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0
  )>
  ####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException
  com.bea.wli.sb.security.AccessNotAllowedException
       at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
       at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
       at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
       at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
       at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
       at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
       at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
       at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
       at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
       at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
       at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
       at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
       at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
       at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
       at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
       at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
       at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Please suggest where I am going wrong in this. I have cross checked the user/pass credentials with what I am giving in the input, and it is perfectly fine.

  I have added the Username and Password as follows, since the namespace declaration was required due to the namespace prefix 'N1' in the XPath
  declare namespace N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Username/text()
  declare namespace N1="http://abcdp.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Password/text()
  I have removed the Message Access Control conditions, have only kept Transport Access Control conditions.
  If i keep the condition in Transport Access Control as "Allow access to everyone", and test with proper credentials in the Username/Password tags in SOAP Header, then it works fine. However, if I try to give an incorrect password in the SOAP Header, it denies the access. So that means the XPaths given for Username/Password are working fine. The OSB logs show the below message
  +####<Feb 10, 2011 12:59:21 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000ef2> <1297322961536> <BEA-386008> <Message level username/password authentication failed: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied>+
  However if i add the condition with predicate as "User" and user name argument as "weblogic", and try to pass the same in the SOAP Header as well with the correct password, it denies the access with below message in the logs.
  +####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0+
  +)>+
  +####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException+
  com.bea.wli.sb.security.AccessNotAllowedException
  at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
  at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
  at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
  at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
  at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
  at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
  at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
  at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
  at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
  at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
  at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
  at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
  at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
  at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
  at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
  at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

• How to setup a Proxy Server for SSL

  Hello,
  We have a proxy server that uses the same port for http and https. How can I setup a proxy server in OSB (10gR3) for my business services to use with same port for both http and https?
  Thanks,
  Mike.

  Hi Mike,
  The problem is OSB doesn't seem to let me set the same port for both http and https on a proxy.Can you please let us know the exact problem you are facing? I hope you would have referred below links as well -
  http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/eclipsehelp/ui_ref.html#wp1347580
  http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/consolehelp/global_resources.html#systemadminProxyAdding
  You may set the proxy server at JVM level as well (workaround).
  Regards,
  Anuj

• OSB 11g proxy service test console fail with Broken pipe

  Hi everyone.
  I have a strange problem with OSB test console (and sometime with java client). The proxy I built cannot response after several request. In other word, I tried to test console for dozens time, sometime I cannot have response from OSB. I wait for the response for 5 minutes and get some strange exception, that is broken pipe, but error code is not unique.
  I cannot understand why my proxy service stuck in that exception. Can you help me to solve it ?
  Any suggestion is appreciated.
  P/S: that is log record on server:
  <BEA-423405> <An exception [Broken pipe] was thrown while rendering the content at [/jsp/test/ServiceResult.jsp].
  java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92) at java.net.SocketOutputStream.write(SocketOutputStream.java:136) at weblogic.servlet.internal.ChunkOutput.writeChunkTransfer(ChunkOutput.java:568) at weblogic.servlet.internal.ChunkOutput.writeChunks(ChunkOutput.java:539) at weblogic.servlet.internal.ChunkOutput.flush(ChunkOutput.java:427) at weblogic.servlet.internal.CharsetChunkOutput.flush(CharsetChunkOutput.java:298) at weblogic.servlet.internal.ChunkOutput$2.checkForFlush(ChunkOutput.java:648) at weblogic.servlet.internal.CharsetChunkOutput.write(CharsetChunkOutput.java:200) at weblogic.servlet.internal.ChunkOutputWrapper.write(ChunkOutputWrapper.java:148) at weblogic.servlet.internal.ServletOutputStreamImpl.write(ServletOutputStreamImpl.java:148) at weblogic.servlet.internal.WLOutputStreamWriter.writeBytes(WLOutputStreamWriter.java:168) at weblogic.servlet.internal.WLOutputStreamWriter.flushBuffer(WLOutputStreamWriter.java:212) at weblogic.servlet.internal.WLOutputStreamWriter.write(WLOutputStreamWriter.java:132) at weblogic.servlet.internal.WLOutputStreamWriter.write(WLOutputStreamWriter.java:113) at weblogic.servlet.internal.DelegateChunkWriter.print(DelegateChunkWriter.java:118) at weblogic.servlet.internal.ChunkOutputWrapper.print(ChunkOutputWrapper.java:171) at weblogic.servlet.jsp.JspWriterImpl.print(JspWriterImpl.java:177) at com.bea.alsb.console.taglibs.test.TestExpandableDataSection.doStartTag(TestExpandableDataSection.java:202) at jsp_servlet._jsp._test.__serviceresult._jspService(__serviceresult.java:341) at weblogic.servlet.jsp.JspBase.service(JspBase.java:34) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at org.apache.beehive.netui.pageflow.PageFlowPageFilter.continueChainNoWrapper(PageFlowPageFilter.java:455) at org.apache.beehive.netui.pageflow.PageFlowPageFilter.runPage(PageFlowPageFilter.java:432) at org.apache.beehive.netui.pageflow.PageFlowPageFilter.doFilter(PageFlowPageFilter.java:284) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:524) at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444) at org.apache.beehive.netui.pageflow.scoping.internal.ScopedRequestDispatcher.include(ScopedRequestDispatcher.java:119) at com.bea.netuix.servlets.controls.content.JspContent.beginRender(JspContent.java:552) at com.bea.netuix.servlets.controls.content.NetuiContent.beginRender(NetuiContent.java:365) at com.bea.netuix.nf.ControlLifecycle$7.visit(ControlLifecycle.java:485) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:518) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:220) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:352) at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:326) at com.bea.netuix.nf.UIControl.render(UIControl.java:582) at com.bea.netuix.servlets.controls.PresentationContext.render(PresentationContext.java:486) at com.bea.netuix.servlets.util.RenderToolkit.renderChild(RenderToolkit.java:146) at com.bea.netuix.servlets.jsp.taglib.RenderChild.doStartTag(RenderChild.java:62) at jsp_servlet._framework._skeletons._wliconsole.__flowlayout._jspService(__flowlayout.java:271) at weblogic.servlet.jsp.JspBase.service(JspBase.java:34) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183) at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526) at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444) at com.bea.netuix.servlets.controls.application.laf.JspTools.renderJsp(JspTools.java:130) at com.bea.netuix.servlets.controls.application.laf.JspControlRenderer.beginRender(JspControlRenderer.java:72) at com.bea.netuix.servlets.controls.application.laf.PresentationControlRenderer.beginRender(PresentationControlRenderer.java:65) at com.bea.netuix.nf.ControlLifecycle$7.visit(ControlLifecycle.java:481) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:518) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:220) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:352) at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:326) at com.bea.netuix.nf.UIControl.render(UIControl.java:582) at com.bea.netuix.servlets.controls.PresentationContext.render(PresentationContext.java:486) at com.bea.netuix.servlets.util.RenderToolkit.renderChild(RenderToolkit.java:146) at com.bea.netuix.servlets.jsp.taglib.RenderChild.doStartTag(RenderChild.java:62) at jsp_servlet._framework._skeletons._wliconsole._popupwindow.__gridlayout._jspService(__gridlayout.java:312) at weblogic.servlet.jsp.JspBase.service(JspBase.java:34) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183) at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526) at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444) at com.bea.netuix.servlets.controls.application.laf.JspTools.renderJsp(JspTools.java:130) at com.bea.netuix.servlets.controls.application.laf.JspControlRenderer.beginRender(JspControlRenderer.java:72) at com.bea.netuix.servlets.controls.application.laf.PresentationControlRenderer.beginRender(PresentationControlRenderer.java:65) at com.bea.netuix.nf.ControlLifecycle$7.visit(ControlLifecycle.java:481) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:518) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:220) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:352) at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:326) at com.bea.netuix.nf.UIControl.render(UIControl.java:582) at com.bea.netuix.servlets.controls.PresentationContext.render(PresentationContext.java:486) at com.bea.netuix.servlets.util.RenderToolkit.renderChild(RenderToolkit.java:146) at com.bea.netuix.servlets.jsp.taglib.RenderChild.doStartTag(RenderChild.java:62) at jsp_servlet._framework._skeletons._wliconsole.__flowlayout._jspService(__flowlayout.java:271) at weblogic.servlet.jsp.JspBase.service(JspBase.java:34) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183) at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526) at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444) at com.bea.netuix.servlets.controls.application.laf.JspTools.renderJsp(JspTools.java:130) at com.bea.netuix.servlets.controls.application.laf.JspControlRenderer.beginRender(JspControlRenderer.java:72) at com.bea.netuix.servlets.controls.application.laf.PresentationControlRenderer.beginRender(PresentationControlRenderer.java:65) at com.bea.netuix.nf.ControlLifecycle$7.visit(ControlLifecycle.java:481) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:518) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:220) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:352) at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:326) at com.bea.netuix.nf.UIControl.render(UIControl.java:582) at com.bea.netuix.servlets.controls.PresentationContext.render(PresentationContext.java:486) at com.bea.netuix.servlets.util.RenderToolkit.renderChild(RenderToolkit.java:146) at com.bea.netuix.servlets.jsp.taglib.RenderChild.doStartTag(RenderChild.java:62) at jsp_servlet._framework._skeletons._wliconsole._popupwindow.__gridlayout._jspService(__gridlayout.java:312) at weblogic.servlet.jsp.JspBase.service(JspBase.java:34) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183) at weblogic.servlet.internal.RequestDispatcherImpl.invokeServlet(RequestDispatcherImpl.java:526) at weblogic.servlet.internal.RequestDispatcherImpl.include(RequestDispatcherImpl.java:444) at com.bea.netuix.servlets.controls.application.laf.JspTools.renderJsp(JspTools.java:130) at com.bea.netuix.servlets.controls.application.laf.JspControlRenderer.beginRender(JspControlRenderer.java:72) at com.bea.netuix.servlets.controls.application.laf.PresentationControlRenderer.beginRender(PresentationControlRenderer.java:65) at com.bea.netuix.nf.ControlLifecycle$7.visit(ControlLifecycle.java:481) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:518) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walkRecursiveRender(ControlTreeWalker.java:529) at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:220) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395) at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361) at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:208) at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:162) at com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:388) at com.bea.netuix.servlets.manager.UIServlet.doPost(UIServlet.java:258) at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:199) at com.bea.netuix.servlets.manager.SingleFileServlet.service(SingleFileServlet.java:251) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at weblogic.servlet.AsyncInitServlet.service(AsyncInitServlet.java:130) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111) at java.security.AccessController.doPrivileged(Native Method) at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313) at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413) at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94) at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161) at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209) at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)Regards
  Cuong Pham

  Hi, everyone.
  This is my proxy service that was tested above. Can you show me some instructions for tuning it? On these day, I get many bad performance responses from that service.
  <?xml version="1.0" encoding="UTF-8"?>
  <xml-fragment xmlns:ser="http://www.bea.com/wli/sb/services" xmlns:tran="http://www.bea.com/wli/sb/transports" xmlns:env="http://www.bea.com/wli/config/env" xmlns:http="http://www.bea.com/wli/sb/transports/http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:con="http://www.bea.com/wli/sb/pipeline/config" xmlns:con1="http://www.bea.com/wli/sb/stages/transform/config" xmlns:con2="http://www.bea.com/wli/sb/stages/config" xmlns:con3="http://www.bea.com/wli/sb/stages/routing/config" xmlns:con4="http://www.bea.com/wli/sb/stages/logging/config">
    <ser:coreEntry isProxy="true" isEnabled="true" isTracingEnabled="false">
      <ser:binding type="SOAP" isSoap12="false" xsi:type="con5:SoapBindingType" xmlns:con5="http://www.bea.com/wli/sb/services/bindings/config">
        <con5:wsdl ref="DnICT_OSB_Project/resources/wsdl/PortalSide"/>
        <con5:port>
          <con5:name>PortalSideSOAP</con5:name>
          <con5:namespace>http://www.example.org/PortalSide/</con5:namespace>
        </con5:port>
        <con5:selector type="SOAP body"/>
        <con5:WSI-compliant>false</con5:WSI-compliant>
      </ser:binding>
      <ser:monitoring isEnabled="false">
        <ser:aggregationInterval>10</ser:aggregationInterval>
        <ser:pipelineMonitoringLevel>Pipeline</ser:pipelineMonitoringLevel>
      </ser:monitoring>
      <ser:reporting>true</ser:reporting>
      <ser:logging isEnabled="true">
        <ser:logLevel>debug</ser:logLevel>
      </ser:logging>
      <ser:sla-alerting isEnabled="true">
        <ser:alertLevel>normal</ser:alertLevel>
      </ser:sla-alerting>
      <ser:pipeline-alerting isEnabled="true">
        <ser:alertLevel>normal</ser:alertLevel>
      </ser:pipeline-alerting>
      <ser:ws-policy>
        <ser:binding-mode>wsdl-policy-attachments</ser:binding-mode>
      </ser:ws-policy>
    </ser:coreEntry>
    <ser:endpointConfig>
      <tran:provider-id>http</tran:provider-id>
      <tran:inbound>true</tran:inbound>
      <tran:URI>
        <env:value>/DnICT_OSB_Project/proxy-services/DnICT_WSDL_PS</env:value>
      </tran:URI>
      <tran:inbound-properties/>
      <tran:all-headers>false</tran:all-headers>
      <tran:provider-specific>
        <http:inbound-properties/>
      </tran:provider-specific>
    </ser:endpointConfig>
    <ser:router>
      <con:pipeline type="request" name="GetRequestInfo_pipeline_pair_request">
        <con:stage name="InputProcess_stage">
          <con:context>
            <con2:varNsDecl namespace="http://www.example.org/PortalSide/" prefix="por"/>
            <con2:varNsDecl namespace="http://www.example.org/PortalSide_Test/" prefix="por1"/>
            <con2:varNsDecl namespace="http://www.example.org/OutputSchema" prefix="out"/>
          </con:context>
          <con:actions>
            <con1:assign varName="docId">
              <con2:id>_ActionId-2456490176600649155--723117a.130d7d91065.-7b86</con2:id>
              <con1:expr>
                <con2:xqueryText>$body/por:checkStatus/documentId/text()</con2:xqueryText>
              </con1:expr>
            </con1:assign>
            <con1:assign varName="depId">
              <con2:id>_ActionId-2456490176600649155--723117a.130d7d91065.-7b69</con2:id>
              <con1:expr>
                <con2:xqueryText>$body/por:checkStatus/departmentId/text()</con2:xqueryText>
              </con1:expr>
            </con1:assign>
            <con1:assign varName="srvId">
              <con2:id>_ActionId-4566721321360037228--34ba1746.13170e34dc9.-7d41</con2:id>
              <con1:expr>
                <con2:xqueryText>$body/por:checkStatus/serviceId/text()</con2:xqueryText>
              </con1:expr>
            </con1:assign>
          </con:actions>
        </con:stage>
      </con:pipeline>
      <con:pipeline type="response" name="GetRequestInfo_pipeline_pair_response"/>
      <con:pipeline type="error" name="_onErrorHandler-4305915913837985194--28b0abb9.13175ecaaa7.-7d31">
        <con:stage name="stage1">
          <con:context>
            <con2:userNsDecl namespace="http://www.example.org/OutputSchema" prefix="ns2"/>
          </con:context>
          <con:actions>
            <con1:replace varName="body">
              <con2:id>_ActionId-6209548530523967653-4b474d03.13177132d5d.-7f08</con2:id>
              <con1:location>
                <con2:xpathText>.</con2:xpathText>
              </con1:location>
              <con1:expr>
                <con2:xqueryText><![CDATA[<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
       <soapenv:Fault>
            <faultcode>soapenv:Server</faultcode>
            <faultstring>{concat($fault/ctx:errorCode,': ',$fault/ctx:reason)}</faultstring>
            <detail>
                 <ns2:faultResponse>
                      <errorCode>{$fault/ctx:errorCode/text()}</errorCode>
                      <reason>{$fault/ctx:reason}</reason>
                      <location>
                           <node>{$fault/ctx:location/ctx:node/text()}</node>
                           <path>{$fault/ctx:location/ctx:path/text()}</path>
                      </location>
                      <operation>{$inbound/ctx:service/ctx:operation/text()}</operation>
                      <uri>{$inbound/ctx:transport/ctx:uri/text()}</uri>
                      <host>{$inbound/ctx:transport/ctx:request/tp:headers/http:Host/text()}</host>
                      <request_body>{$copyBody}</request_body>
                 </ns2:faultResponse>
            </detail>
       </soapenv:Fault>
  </soapenv:Body>]]></con2:xqueryText>
              </con1:expr>
            </con1:replace>
            <con2:reply isError="true">
              <con2:id>_ActionId-4305915913837985194--28b0abb9.13175ecaaa7.-7cc3</con2:id>
            </con2:reply>
            <con4:log>
              <con2:id>_ActionId-556838872042008716--23ff25e2.131bcfb490d.-7fae</con2:id>
              <con4:logLevel>error</con4:logLevel>
              <con4:expr>
                <con2:xqueryText>concat('Error while trying to query DnICT web service: ',$fault/ctx:errorCode,' : ',$fault/ctx:reason)</con2:xqueryText>
              </con4:expr>
            </con4:log>
          </con:actions>
        </con:stage>
      </con:pipeline>
      <con:flow>
        <con:pipeline-node name="GetRequestInfo_pipeline_pair">
          <con:comment>Lay cac thong tin trong form search</con:comment>
          <con:request>GetRequestInfo_pipeline_pair_request</con:request>
          <con:response>GetRequestInfo_pipeline_pair_response</con:response>
        </con:pipeline-node>
        <con:branch-node type="condition" name="branching_public_services">
          <con:context>
            <con2:varNsDecl namespace="http://www.example.org/PortalSide/" prefix="por"/>
          </con:context>
          <con:branch-table variable="depId">
            <con:branch name="SoTTTT">
              <con:operator>equals</con:operator>
              <con:value>1</con:value>
              <con:flow>
                <con:branch-node type="condition" name="DnICT_dept_services">
                  <con:context/>
                  <con:branch-table variable="srvId">
                    <con:branch name="DichVu_1">
                      <con:operator>equals</con:operator>
                      <con:value>64</con:value>
                      <con:flow>
                        <con:route-node name="RouteToDnICT_BS" error-handler="_onErrorHandler-4305915913837985194--28b0abb9.13175ecaaa7.-7d31">
                          <con:context>
                            <con2:varNsDecl namespace="http://www.example.org/PortalSide/" prefix="por"/>
                            <con2:varNsDecl namespace="http://www.example.org/PortalSide_Test/" prefix="por1"/>
                            <con2:varNsDecl namespace="http://www.example.org/OutputSchema" prefix="out"/>
                          </con:context>
                          <con:actions>
                            <con3:route>
                              <con2:id>_ActionId-4566721321360037228--34ba1746.13170e34dc9.-7b4c</con2:id>
                              <con3:service ref="DnICT_OSB_Project/busines-services/DnictServiceBS" xsi:type="ref:BusinessServiceRef" xmlns:ref="http://www.bea.com/wli/sb/reference"/>
                              <con3:operation>selecttrangthai</con3:operation>
                              <con3:outboundTransform>
                                <con1:assign varName="username">
                                  <con2:id>_ActionId-4566721321360037228--34ba1746.13170e34dc9.-7b4b</con2:id>
                                  <con1:expr>
                                    <con2:xqueryText>fn:string('stttt')</con2:xqueryText>
                                  </con1:expr>
                                </con1:assign>
                                <con1:assign varName="password">
                                  <con2:id>_ActionId-4566721321360037228--34ba1746.13170e34dc9.-7b4a</con2:id>
                                  <con1:expr>
                                    <con2:xqueryText>fn:string('123456')</con2:xqueryText>
                                  </con1:expr>
                                </con1:assign>
                                <con1:replace contents-only="true" varName="body">
                                  <con2:id>_ActionId-4566721321360037228--34ba1746.13170e34dc9.-7b49</con2:id>
                                  <con1:expr>
                                    <con2:xqueryText><![CDATA[<soap:selecttrangthai       xmlns:soap="http://soapinterop.org/">
       <username       xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">{$username}</username>
       <password       xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">{$password}</password>
       <masohoso       xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">{$docId}</masohoso>
  </soap:selecttrangthai>]]></con2:xqueryText>
                                  </con1:expr>
                                </con1:replace>
                              </con3:outboundTransform>
                              <con3:responseTransform/>
                            </con3:route>
                          </con:actions>
                        </con:route-node>
                      </con:flow>
                    </con:branch>
                    <con:default-branch>
                      <con:flow/>
                    </con:default-branch>
                  </con:branch-table>
                </con:branch-node>
              </con:flow>
            </con:branch>
            <con:branch name="SoGTVT">
              <con:operator>equals</con:operator>
              <con:value>2</con:value>
              <con:flow/>
            </con:branch>
            <con:default-branch>
              <con:flow/>
            </con:default-branch>
          </con:branch-table>
        </con:branch-node>
      </con:flow>
    </ser:router>
  </xml-fragment>

• OSB 10gR3 Aggregation server in a Cluster configuration

  Hello everybody,
  I am trying to deploy an osb 10gr3 cluster with the following configuration
  *unix_machine_1
  ** AdminServer
  ** osb_server_1
  *unix_machine_2
  ** osb_server_2
  osb_server_1 & osb_server_2 beloing to an osb_cluster
  although all servers startup and are OK
  I constantly get
  on osb_server_2 log : "Aggregation Server Not Available"
  and
  on osb_server_1 log : "Aggregator did not receive statistics from [osb_server_2] for the aggregation performed for tick xxxxx"
  (of course in the sbconsole i can see reports only for osb_server_1 )
  do you have any idea what am I doing wrong?
  regards
  ./ydes
  PS I am trying to follow the draft guide from http://blogs.oracle.com/fmw/2009/11/13/OSB_WP_HA_Final_Draft.pdf

  along with the listen address, my problem was that the installation was in production mode, and the hosts had more than one IP address assigned.
  wls instances where bound (listening) to the wrong IP address
  eduardo, thanx for your reply
  regards
  ./ydes

• Catching and rethrowing a SOAP Fault from an OSB 11g Proxy service

  Hello,
  We have a chain of proxy services (that last one of which calls a business service) in our 11.1.1.6 OSB project.  At one of the lower levels, we successfully throw a fault like this:
  <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Fault xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
      <soap:faultcode>SOAP-ENV:Client</soap:faultcode>
      <soap:faultstring>Non-Existent User</soap:faultstring>
      <soap:faultActor>Client who consumed this Web Service operation</soap:faultActor>
      <soap:detail>
        <sc:UserNonExistentFault xmlns:sc="http://xmlns.sc.com/Services/V1">
          <sc:CustomerNumber>12345</sc:CustomerNumber>
        </sc:UserNonExistentFault>
      </soap:detail>
    </soap:Fault>
  </soapenv:Body>
  In the proxy service which calls this proxy service, I tried to catch this fault in an Error Handler so that I could confirm that it's available for me to re-throw back up the chain.  Curiously, the proxy service which calls that proxy service cannot see that fault.  But rather it sees what appears to be an OSB-overridden fault:
  <con:fault xmlns:con="http://www.bea.com/wli/sb/context">
    <con:errorCode>BEA-380000</con:errorCode>
    <con:reason>com.bea.wli.sb.pipeline.PipelineException</con:reason>
    <con:details>
      <err:ErrorResponseDetail xmlns:err="http://www.bea.com/wli/sb/errors">
        <err:response-metadata xsi:type="sb:SBResponseMetaDataXML" xmlns:sb="http://www.bea.com/wli/sb/transports/sb" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <tran:headers xsi:type="sb:SBResponseHeadersXML" xmlns:tran="http://www.bea.com/wli/sb/transports"/>
          <tran:response-code xmlns:tran="http://www.bea.com/wli/sb/transports">1</tran:response-code>
          <tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">utf-8</tran:encoding>
        </err:response-metadata>
      </err:ErrorResponseDetail>
    </con:details>
    <con:location>
      <con:node>PipelinePairNode</con:node>
      <con:pipeline>PipelinePairNode_request</con:pipeline>
      <con:stage>GetCustomerByNumber</con:stage>
      <con:path>request-pipeline</con:path>
    </con:location>
  </con:fault>
  I have tried printing out the values of $body, $fault, $outbound and $inbound from the calling proxy service's Error Handler just to see if our <sc:UserNonExistentFault> is nested anywhere therein.  Unfortunately, it is nowhere to be found.
  How can we force OSB to NOT override our faults with OSB-framework faults and, instead, just throw our custom fault all the way up the chain and back to the consumer?
  Thank you,
  Michael

  I think I figured this out.
  In proxyService-2, build the <soap:Fault> and assign it to the body, then Reply with Failure (as you mentioned above).
  When proxyService-1 receives this, it will still be in the $body variable.  But the $fault variable is now populated with a BEA-38000 error.  It seems that as long as the $fault variable has data in it, then the OSB system will throw that instead of my fault (ignoring the <soap:Fault> I put into the body).
  So what I did was to Delete the $fault variable in the error handler of proxyService-1, then Reply with Failure (again).
  It would seem as if the inner workings of OSB has some logic like:
  if $fault is not null, throw the BEA-####### fault.  Otherwise, return the contents of the $body.
  By removing the fault, I effectively got to that "else/otherwise" condition.
  Of course, the Reply with Failure is still needed to ensure that an HTTP 500 error is passed with the fault (per the SOAP specification).
  Cheers!
  Michael

• HTTP connection from OSB web service to external system via a Proxy Server

  Dear experts,
  May I know has anyone tried to use HTTP protocol to send a request from OSB web service to external system via a proxy server? Heard that we need to establish some sort of tunnel (socket) to talk to Proxy Server. Can you please any have sample code or configuration steps to share?
  Thank you very much!!

  http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/consolehelp/global_resources.html#wp1137294
  Adding Proxy Servers
  Use the Summary of Proxy Servers page to add and configure Proxy Server resources and make them available in Oracle Service Bus as a system resource. You must be in an active session to configure or reconfigure Proxy Server resources.
  1. If you have not already done so, click Create to create a new session or click Edit to enter an existing session. See Using the Change Center.
  2. Select System Administration > Proxy Servers.
  3. Click Add.
  4. In the Name field, enter a name for the Proxy Server resource. This is a required field.
  5. In the Description field, enter a short description for the Proxy Server resource.
  6. In the Host-Port Parameters section, enter the following information:
  1. In the Server Host field, enter the host name or IP address of the Proxy Server. This is a required field.
  The Server Host name for the Oracle Service Bus proxy server must be identical to the server host name of the actual proxy server.
  2. In the Clear Text Port field, enter the Proxy Server clear-text port number.
  3. In the SSL Port field, enter the Proxy Server SSL port number. You must enter either a clear text or SSL port number.
  4. Click Add.
  You can configure multiple Proxy Servers for each Proxy Server resource. This enables Oracle Service Bus to perform load balancing and offer fault tolerance features for the Proxy Server resource.
  7. If the Proxy Server performs proxy authentication, enter a user name in the User Name field, and the associated password in the Password and Confirm Password fields.
  These fields are optional, and required only if the Proxy Server is secured.
  8. Click Save to create and save the Proxy Server resource in the current session.
  9. To end the session and deploy the configuration to the run time, click Activate under Change Center.

• How to properly terminate SSL at Sun Proxy Server?

  Hi:
  Client is using Sun Proxy Server (4.0.x) as a reverse proxy to a host with Sun Application Server Enterprise Edition with Access Manager / Portal / Identity Manager deployed as J2EE apps.
  For access through proxy with http, it is properly seen by AM as an http URL. But for access through proxy with https, it is seen by AM as an https URL.
  My suspicion is that the Proxy Server is not properly configured to terminate SSL at the proxy. However, I do not have enough experience with Sun Proxy Server to confirm. Below is the configuration file.
  Any ideas? My novice theory is that the multiple mapping rules are causing some sort of conflict. Perhaps the connect rule for port 443? All of the examples I have been able to find for mapping rules are from http to http or a local file, NOT https to http and vice-versa. Are these rules correct?
  Any help is greatly appreciated!
  Thanks,
  Gerald
  --- (start: obj.conf) --
  # You can edit this file, but comments and formatting changes
  # might be lost when the admin server makes changes.
  Init fn="flex-init" access="$accesslog" format.access="%Ses->client.ip% - %Req->vars.auth-user% [%SYSDATE%] \"%Req->reqpb.clf-request%\" %Req->srvhdrs.clf-status% %Req->vars.p2c-cl% %Req->vars.remote-status% %Req->vars.r2p-cl% %Req->headers.content-length% %Req->vars.p2r-cl% %Req->vars.c2p-hl% %Req->vars.p2c-hl% %Req->vars.p2r-hl% %Req->vars.r2p-hl% %Req->vars.xfer-time%"
  Init fn="init-proxy" timeout="300" timeout-2="15"
  <Object name="default">
  AuthTrans fn="match-browser" browser=".*MSIE.*" ssl-unclean-shutdown="true"
  NameTrans fn="reverse-map" from="http://pcmdv2.client.net:5111/idm" to="https://offlinebusiness.client.net:25002/idm" rewrite-location="true" rewrite-content-location="true"
  NameTrans fn="reverse-map" from="http://localhost:35007/deas" to="https://offlinebusiness.client.net:25002/deas" rewrite-location="true" rewrite-content-location="true"
  NameTrans fn="reverse-map" from="http://pcmdv2.client.net:5111" to="https://offlinebusiness.client.net:25002" rewrite-location="true" rewrite-content-location="true"
  NameTrans fn="map" from="https://offlinebusiness.client.net:25002" to="http://pcmdv2.client.net:5111" rewrite-host="true"
  NameTrans fn="map" from="https://offlinebusiness.client.net:25002/deas" to="http://localhost:35007/deas" rewrite-host="true"
  NameTrans fn="map" from="https://offlinebusiness.client.net:25002/idm" to="http://pcmdv2.client.net:5111/idm" rewrite-host="true"
  NameTrans fn="map" from="/deas" to="http://localhost:35007/deas" rewrite-host="true"
  NameTrans fn="map" from="/idm" to="http://pcmdv2.client.net:5111/idm" rewrite-host="true"
  NameTrans fn="map" from="/" to="http://pcmdv2.client.net:5111" rewrite-host="true"
  PathCheck fn="url-check"
  ObjectType fn="forward-ip" hdr="Proxy-ip"
  Service fn="deny-service"
  AddLog fn="flex-log" name="access"
  </Object>
  <Object name="file">
  PathCheck fn="unix-uri-clean"
  PathCheck fn="find-index" index-names="index.html"
  ObjectType fn="type-by-extension"
  ObjectType fn="force-type" type="text/plain"
  Service fn="send-file"
  </Object>
  <Object ppath="ftp://.*">
  ObjectType fn="cache-enable" query-maxlen="10" log-report="off"
  ObjectType fn="cache-setting" lm-factor="0.10" max-uncheck="7200"
  Service fn="proxy-retrieve"
  </Object>
  <Object ppath="http://.*">
  ObjectType fn="cache-enable" query-maxlen="10" log-report="off"
  ObjectType fn="cache-setting" lm-factor="0.10" max-uncheck="7200"
  Service fn="proxy-retrieve" method="*"
  </Object>
  <Object ppath="https://.*">
  Service fn="proxy-retrieve"
  </Object>
  <Object ppath="gopher://.*">
  ObjectType fn="cache-enable" query-maxlen="10" log-report="off"
  ObjectType fn="cache-setting" lm-factor="0.10" max-uncheck="7200"
  Service fn="proxy-retrieve"
  </Object>
  <Object ppath="connect://.*:443">
  Service fn="connect" method="CONNECT"
  </Object>
  <Object ppath="connect://.*:563">
  Service fn="connect" method="CONNECT"
  </Object>
  --- (end: obj.conf) --

  Isn't there two overlapping rules? Perhaps that confuses the SWPS?
  NameTrans fn="map" from="https://offlinebusiness.client.net:25002" to="http://pcmdv2.client.net:5111" rewrite-host="true"
  NameTrans fn="reverse-map" from="http://pcmdv2.client.net:5111" to="https://offlinebusiness.client.net:25002" rewrite-location="true" rewrite-content-location="true"
  and
  NameTrans fn="map" from="https://offlinebusiness.client.net:25002/idm" to="http://pcmdv2.client.net:5111/idm" rewrite-host="true"
  NameTrans fn="reverse-map" from="http://pcmdv2.client.net:5111/idm" to="https://offlinebusiness.client.net:25002/idm" rewrite-location="true" rewrite-content-location="true"
  covers the same URLs

• How to configure Node manager on Linux on ssl port

  Hi,
  I have installed SOA BPM 11.1.1.3 on linux with ssl enabled. I am trying to configure Node Manager but it's not working.
  Here are the steps I did to configure.
  1. Created a machine
  2. Added managed servers to the machine i.e. soa,bam
  3. Enroll domain using nmEnroll using
  cd $BEA_HOME/user_projects/domains/<domain_name>/bin/
  . setDomainEnv.sh
  java weblogic.WLST
  wls> connect(’weblogic’,'weblogic1’, ‘t3://mymachine.mydomain:7001’)
  wls> nmEnroll(’$BEA_HOME/user_projects/domains/<domain_name>’, ‘$BEA_HOME/wlserver_<version>/common/nodemanager’)
  here 7001 is the admin server non-ssl port but when I try 7002 ssl port it doesn't connect. But I need to enroll it on ssl port as I have ssl enabled.
  4. reset the node manager user/password same as weblogic console
  5. started the node manager using $WL_HOME\server\bin\startNodeManager.sh
  But when I log back into console and try to start my manage server it gives the following error
  SEVERE: java.io.FileNotFoundException: /usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/./config/jps-config.xml (No such file or directory)
  <Aug 6, 2010 5:30:16 PM EDT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.I did not add my Admin server to be part of the machine.
  Any help if I am missing anything or doing anything wrong.
  Thanks

  Hi,
  Do I need to add Admin Server also part of the Machine where I added bam,soa servers. I tried again following the steps but gets the below error again. Appreciate if someone can list the steps as the docs are a bit vague:
  <Aug 6, 2010 6:14:01 PM> <INFO> <wcbpm_domain> <bam_server1> <Starting WebLogic server with command line: /usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/bin/startWebLogic.sh >
  Aug 6, 2010 6:14:01 PM weblogic.nodemanager.server.ServerManager log
  INFO: Starting WebLogic server with command line: /usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/bin/startWebLogic.sh
  <Aug 6, 2010 6:14:01 PM> <INFO> <wcbpm_domain> <bam_server1> <Working directory is '/usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain'>
  Aug 6, 2010 6:14:01 PM weblogic.nodemanager.server.ServerManager log
  '/usr3/app/oracle/Middleware/user_projects/domains/wcbpm_domain/servers/bam_server1/logs/bam_server1.out'
  <Aug 6, 2010 6:14:02 PM> <INFO> <wcbpm_domain> <bam_server1> <Server failed during startup so will not be restarted>
  Aug 6, 2010 6:14:02 PM weblogic.nodemanager.server.ServerManager log
  INFO: Server failed during startup so will not be restarted
  <Aug 6, 2010 6:14:02 PM> <WARNING> <Exception while starting server 'bam_server1'>
  java.io.IOException: Server failed to start up. See server output log for more details.
          at weblogic.nodemanager.server.ServerManager.start(ServerManager.java:331)
          at weblogic.nodemanager.server.Handler.handleStart(Handler.java:567)
          at weblogic.nodemanager.server.Handler.handleCommand(Handler.java:118)
          at weblogic.nodemanager.server.Handler.run(Handler.java:70)
          at java.lang.Thread.run(Thread.java:619)
  [WARN ] Use of -Djrockit.optfile is deprecated and discouraged.
  [WARN ] Use of -Djrockit.optfile is deprecated and discouraged.
  Unknown option or illegal argument: -XX:+UseParallelGC.
  Please check for incorrect spelling or review documentation of startup options.
  Could not create the Java virtual machine.
  <Aug 6, 2010 6:14:02 PM> <FINEST> <NodeManager> <Waiting for the process to die: 590>
  <Aug 6, 2010 6:14:02 PM> <INFO> <NodeManager> <Server failed during startup so will not be restarted>
  <Aug 6, 2010 6:14:02 PM> <FINEST> <NodeManager> <runMonitor returned, setting finished=true and notifying waiters>Don't know if I hve missed any steps in node manager configuration.
  Thanks

• Connection to application server failed using  SSL port Why?

  Hi
  i am trying to deploy my application created in Jdev11.1.1 to WLS10.3.
  in creating connection to application server using SSl port 7002 my test connection is failed .the test connection status is
  Testing JSR-88 ... failed.
  [J2EE Deployment SPI:260010]Unable to connect to 't3s://localhost:7002' as user, 'weblogic'. Error received: null
  Testing JSR-88-LOCAL ... failed.
  [J2EE Deployment SPI:260010]Unable to connect to 't3s://localhost:7002' as user, 'weblogic'. Error received: null
  Testing JSR-160 DomainRuntime ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  Testing JSR-160 Runtime ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  Testing JSR-160 Edit ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  Testing HTTP ... failed.
  Unable to open conection: Connection refused: connect
  Testing Server MBeans Model ... failed.
  t3s://localhost:7002: Destination unreachable; nested exception is:
       java.net.ConnectException: Connection refused: connect; No available router to destination
  0 of 7 tests successful.
  what i have to do inorder to get successfull status.
  but when i am using the port 7001,test connection status is successfull .

  If it fails for your account and not for another, with the same settings on your phone, then the problem is with your account. If you or your IT department can't correct it, it may be corrupt. Delete the account from the Exchange server entirely and re-create it.

• AD Password Sync connector 9.1.1 With OIM 11g R2 - ERROR OVER SSL

  I have set up AD password sync with from AD to OIM 11G R2
  The password syncs from AD to OIM 11G R2 on non ssl port 389.
  But if fails on SSL Port 636.
  Errors in OIMMain.Log:_
  Debug [10/11/2012 10:49:34 AM] Inside ConnectToADSI
  Debug [10/11/2012 10:49:34 AM]
  ldap_connect failed with
  Debug [10/11/2012 10:49:34 AM] Server Down
  Debug [10/11/2012 10:49:34 AM]
  Steps Carried Out thus far:_
  AD is up and running.
  Configured AD Password Sync Connector on 636 and selected ssl.
  Created Certificate on OIM host, configured custom identity key store on weblogic. Restarted Weblogic.
  Imported Certificate to AD. After this, restarted the AD
  I can Telnet port 636 from OIM Box and also connect to AD through LDAP Browser on 636 and view OU and CN, so this seems fine.
  Provisioning from OIM through Connector Server to AD works over SSL and this works fine.
  Help would be appreciated.
  Many Thanks

  This question is now been fixed.
  Instead of explicitly stating 636 for SSL,
  Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
  Export Certificates from AD to java security keystore and to weblogic keystore
  Export .pem certificate created on OIM host machine to AD.
  Restart weblogic, oim and AD
  Everything would work fine.
  For all the other information, refer to doc.
  Thanks

• OSB 11g - poll JMS topic on OAS 10.1.2

  Hi everybody,
  We are going to create OSB 11g proxy service that will poll JMS topic located on Oracle Application Server 10.1.2. I think that the first step is to set up foreign JMS server, connection factory and destinations in the Weblogic server, am I right?
  I've never set up that before and l looking for any guides on how to set up OAS 10.1.2 topic as foreign destination in Weblogic 10.3.3.
  Any help will be appreciated
  Best regards,
  Dmitry

  Ok, finally I found this guide http://www.oracle.com/technetwork/middleware/bam/technote-bam-connectingoc4jjms-129297.pdf and set up foreign JMS server, connection factory and topic. These foreign JMS objects are included in weblogic JNDI tree, and I could successfully deploy OSB Proxy Service that is intended to poll foreign JMS topic. The following error appeared in the weblogic server log file after deployment:
  <Aug 24, 2010 1:21:44 PM MSD> <Warning> <EJB> <BEA-010061> <The Message-Driven EJB: RequestEJB-4249293316140669267--703a
  3e3e.12aa2c85115.-7fcd is unable to connect to the JMS destination: jms.oc4jUDC_IDENTITY_TOPIC. The Error was:
  [EJB:011014]The Message-Driven EJB failed while creating a JMS Connection. The error was:
  javax.jms.JMSException: Unable to create a connection to "/0.0.0.0:12,601" as user "null".
  Linked exception: java.net.ConnectException: Connection refused.
  javax.jms.JMSException: Unable to create a connection to "/0.0.0.0:12,601" as user "null".
  at com.evermind.server.jms.JMSUtils.makeJMSException(JMSUtils.java:1898)
  at com.evermind.server.jms.JMSUtils.toJMSException(JMSUtils.java:1914)
  at com.evermind.server.jms.EvermindConnection.<init>(EvermindConnection.java:114)
  at com.evermind.server.jms.EvermindTopicConnection.<init>(EvermindTopicConnection.java:63)
  at com.evermind.server.jms.EvermindTopicConnectionFactory.createTopicConnection(EvermindTopicConnectionFactory.java:91)
  at com.evermind.server.jms.EvermindTopicConnectionFactory.createTopicConnection(EvermindTopicConnectionFactory.java:83)
  at weblogic.ejb.container.internal.JMSConnectionPoller.getConnection(JMSConnectionPoller.java:503)
  at weblogic.ejb.container.internal.JMSConnectionPoller.createJMSConnection(JMSConnectionPoller.java:1969)
  12601 is JMS port of remote OC4J instance, I can connect to this port from weblogic server though telnet.
  I do not know why 0.0.0.0 is printed as IP address, and why user is "null" ..
  Any ideas on that?

• Reverse proxy plugin with SSL

  Hi,
  I'm trying to set up reverse proxy plugin that forwards requests from plain HTTP port on web server to SSL port on origin-server (sun web console)
  I have followed instructions from [http://blogs.sun.com/meena/entry/configuring_reverse_proxy_in_web] to achieve this:
  wadm create-reverse-proxy --user=admin --password-file=/.ws7pass --config=test --vs=test --uri-prefix=/console/ --server=https://webconsole:6789And part of my obj.conf related to reverse-proxy:
  NameTrans fn="map" from="/console/" to="https:/" name="reverse-proxy-/console"
  <Object ppath="https:*">
      Service fn="proxy-retrieve" method="*"
  </Object>
  <Object name="reverse-proxy-/console">
      Route fn="set-origin-server" server="https://webconsole:6789/"
  </Object>When one tries to access http://test/console/ following messages appear in the log file:
  fine    (27868): for host x.x.x.x trying to GET https:/, service-http reports: attempting to contact webconsole:6789
  fine    (27868): for host x.x.x.x trying to GET https:/, attempting to resolve webconsole
  fine    (27868): for host x.x.x.x trying to GET https:/, attempting to connect to 192.168.1.80:6789
  fine    (27868): for host x.x.x.x trying to GET https:/, connected to 192.168.1.80:6789
  failure (27868): for host x.x.x.x trying to GET https:/, service-http reports: HTTP7765: error reading response header (Server closed connection)
  finest  (27868): for host x.x.x.x trying to GET https:/, func_exec reports: executing fn="set-origin-server" server="https://webconsole:6789/" Directive="Route" magnus-internal=""
  fine    (27868): for host x.x.x.x trying to GET https:/, set-origin-server reports: using server https://webconsole:6789
  finest  (27868): for host x.x.x.x trying to GET https:/, func_exec reports: fn="set-origin-server" server="https://webconsole:6789/" Directive="Route" magnus-internal="" returned 0 (REQ_PROCEED)
  finest  (27868): for host x.x.x.x trying to GET https:/, func_exec reports: fn="proxy-retrieve" method="*" Directive="Service" returned -1 (REQ_ABORTED)Any ideas?

  Oh, sorry, when I'm accessing console through reverse proxy, nothing is written to the web console log initially, and these messages appear in the web server log (now loglevel=info):
  [15/May/2008:15:52:41] failure (23204): for host x.x.x.x trying to GET https:/, service-http reports: HTTP7765: error reading response header (Server closed connection)
  [15/May/2008:15:52:41] info    (23204): for host x.x.x.x trying to GET https:/, set-origin-server reports: HTTP7751: server https://webconsole:6789 offline
  [15/May/2008:15:52:41] failure (23204): for host x.x.x.x trying to GET https:/, service-http reports: HTTP7765: error reading response header (Server closed connection)
  [15/May/2008:15:52:41] failure (23204): for host x.x.x.x trying to GET https:/, service-http reports: HTTP7765: error reading response header (Server closed connection)After some time this message is written to webserver log:
  [15/May/2008:15:53:02] info (23204): trying to OPTIONS https://webconsole:6789, check-http-server reports: HTTP7750: server https://webconsole:6789 onlineAnd simultaneously this message is written to webconsole log:
  CoreSessionManagerFilter:doFilter | Request: https-mfwk-zone-6789: /

• PROXY SERVER COMMUNICATION

  I need some clarification on Proxy Server. When you configure internet browser like IE or Firefox to use Proxy server for communication (for all the protocols includng HTTP/FTP/GOPHER etc) does it uses the same port for all the communication? If so is it possible to restrict network access at the proxy server? Lets say I want some users to have only web access and some FTP. Is it possible with this kind of setup?
  Thanks

  FTP goes through as FTP only...no HTTP at all.
  Which type FTP is allowed by default depends on each individual proxy server (ISA,Squid,BlueCoat etc.). If its not allowed by default than special handling needs to be done. For example on Microsoft ISA, you have to make some rules to allow both types of FTP.
  There is no 'general rule' here. You really have to test it out or refer to the documentation of the proxy vendor.
  Regards
  Farrukh

• How to set proxy server name in iasenv.ksh?

  How to set the proxy server host and port in the JAVA_ARGS list in the iasenv.ksh file? IAS 6.5 is the server being used.

  hi,
  Below is what needs to be done.
  1. Edit the variable JAVA_ARGS in iasenv.ksh to include the -Dhttp.proxyHost. For example, the JAVA_ARGS looks like this : JAVA_ARGS="-Xss512k -Xms64m -Xmx64m -Dhttp.proxyHost=proxy.myhost.com -Dhttp.proxyPort=8080"
  2. This JAVA_ARGS is the one under the kjs script settings. You will find this below the comment ## Set all user level JVM flags for KJS here.
  3. Now stop and restart the application server.
  4. Any new URL connections from the servlets/applications within the appserver will now go through the proxy server.
  I have tested this on iAS6.0 SP3. But this should work in 6.5 too. Please let me know if this helps.
  Cheers,
  Vasanth