Performance difference with SSL/HTTPS

Similar Messages

• Crystal Reports export and print fails with SSL / https but works with http

  Windows 2008 Server, 32-bit (IIS7)
  ASP.NET 2.0
  Ajax 1.0
  Crystal Reports version 10.5.3700.0
  http:  printing works, export works
  https:  printing not working, only export to MS Excel and MS Word work.
  I am able to generate reports using both http and https, and the toolbar icons are all showing.  However, I am unable to print or export properly with SSL.
  Printing prompts me with a select printer window, and then a window 'Retrieving Page 1' follow by two messages from Crystal Print Control both stating:
  A communication error occured.  Printing will be stopped.
  Exporting generates various errors depending on which export method is being selected (however Excel and Word work over https).
  I've found the same problem on this site and other forums, but never a resolution to get exporting and printing to work with SSL.  Will someone please provide me assistance or possibly relay what settings they're using if they have Crystal Reports export or printing working over SSL in IIS7?  Everything works fine when I change the address from https to http.
  Please let me know if I can help by providing further information.  We've gone through a great deal of possible solutions with code and I'm currently looking in to IIS settings again.
  Thank you.

  Thanks Ludek. I got it by searching KB number.
  Unfortunately, it didn’t fix my problem even my IE (IE8 and IE 9) has correct setting.  I double check my version. PrintControl.CAB is version 10.2.0.1146. we use VS 2005 Crystal report and VB .NET. It works fine on HTTP. But when we use HTTPS (SSL Certificate from go daddy).
  1: Crystal report export
              Export to MS Excel, Word: pop us “File download”, then click “Save”. It says “Internet Explorer cannot download ReportView.aspx from my site. Internet Explorer was not able to open this internet site. the requested site is either unavailable or cannot be found. Please try it again later”
              Export to RPt, Rich text format: It says “Internet Explorer cannot download ReportView.aspx from my site. Internet Explorer was not able to open this internet site. the requested site is either unavailable or cannot be found. Please try it again later”
              Export to PDF : nothing happened.
  2: Print:
              Pop up dialog to select printer, click “Print” “. Shows windows “Crystal Report Viewer” and pop us error message box. Title is “Crystal Print Control”. Message is “An communication error occurred. Printing will be stopped”. Click “OK” and pop up error message box again.
  Please advise.
  Thank you very much!

• Error in scenario "FILE to HTTP(with SSL)" - HTTP client code 110 reason.

  Hi friends,
  Our scenario is as follows:
  We are trying to send XML file from our SAP-XI to external tool "COMMunix XC" (a multi-protocol EDI platform tool).
  We have configured " FILE TO HTTP(with SSL)" scenario (trying to connect HTTPS/port)
  1. We have created RFC destination of type G and refered the same RFC in Communication channel (Adapter type: HTTP)
  2. We have send the SSL Server certificate to other party and ensure that they have imported at thier end.
  3. We have included the certificates from other party in our SAP XI STRUST under SSL Client (Standard) node.
  4. We have tried " CONNECTION TEST " in the RFC destination created in type G (in STEP 1) and it shows the GREEN TICK at bottom, no other message nor any error message
  When we trigger the communication we recieve the error: HTTP client code 110 reason in SXMB_MONI.
  Please let us know if we have missed out some step.
  What does error message indicate,
  Regards,
  Rehan

  Hi Rehan,
  I see that the PROCTIMEOUT was already at a very high value.
  Does this occur for messages of a particularly large size?  If yes, you could increase the parameter
     icm/HTTP/max_request_size_KB = 2097152
  This would need to be done in the sender/receiver system as well as XI.
  Otherwise you could try reproducing the issue and checking the dev_icm log in the work directory, or go to SMICM -> Goto -> Display trace file
  check for errors like NIECONN_REFUSED or "no service for protocol HTTPS" which can often be related to this type of issue.
  Kind regards,
  Sarah

• Securing Portal with SSL/https

  Has anyone successfully setup oracle portal 9.0.2 on solaris running all over secure sockets for both login/server and portal ?
  I've followed the otn documentation but i'm still having problems with gettin portal to work with https.
  It's driving me insane!! please help with any suggestions.
  Kind Regards
  Neil

  Hi,
  We did the following steps and it working :)
  Assuming that HTTPS is correctly working and without security aspects.
  Assuming that the HTTPS is 443
  1) configure Webcache to work on port 443 and link it to the 4444 port of Apache
  1) configure SSO
  I directly change in WWSEC_ENABLER_CONFIG_INFO$ LS_LOGIN_URL to the https URL
  the LSNR_TOKEN has to be like 'myhost' and not 'myhost:port'
  2) Login to SSO and update the HOME, SUCCESS and CANCEL URL of SSO
  to https
  3) register mod_osso against the new SSO Server
  4) register the portal using ptlasst
  (if possible remove the already installed portal)
  beware You might have big trouble with groups you have created.
  5) Add in ORACLE_HOME\j2ee\OC4J_Portal\applications\portal\WEB-INF\web.xml
  <init-param>
  <param-name>httpsports<param-name>
  <param-value>443:4444</param-value>
  </init-param>
  That is it !!!!
  You have also to protect some URL with SSL and
  to redefine some virtual path
  The best test is to stop WebCache to liste http port
  Have fun
  Philippe Camelio
  SysAdmin

• Performance difference with my MBP 15" 2010 and the new 2011 one(gaming?)

  Hey guys,
  I have a 2.67 i7 2010 15" MPB(the higher end model)that I got last year. I use it for work and for college but I also like to play games on it.
  I recently got an Apple newsletter as I noticed the huge performance boost of the newer models. I went to a review site and my specific model nearly doubled in benchmark scores with the newer model. That doesn't seem like something that would normally happen. It seems like a rarity thats just too good to ignore. And this summer with the semesters being over I probably will go back to full on gaming(probably Portal 2 and WoW for the summer).
  My question to you is, since I can't go by the opinion of one site, what is the performance difference between the 2010 model I have and the newer 2011 one? Basically I am wondering if its worth it to sell it for several hundred dollars less than I payed for it and get the newer model now, or wait until 2012 to get the newest model then(if its going to be an even bigger difference in performance)?
  Excuse my poor judgement if I'm wrong, I probably seem like a maniac for using this comp for a year and already wanting to get the newer model. Its just that a lot of sites are making it seem like my model is fodder compared to the newer ones, and if so I might not let this offer pass by.

  bump for good measures!

• SOAP Sender with HTTP(with SSL)=HTTPS with Client Authentication config

  Hi All,
  I have a Web-service-XI-Proxy scenario where we use SOAP Sender Adapter with HTTPs.  Double authentication (client- server) sertificate shall be used.
  Testing simple HTTP and XI user name/password works fine.
  Now I installed requred sertificates in TrustedCA and ssl-provider in VIsualadmin.
  But i can't see how i can configure certificates in SOAP sender Adapter. I've just did SOAP receiver for another scenario and there I could give keystore entry.
  I also doesn't know how to disable asking for name/password.  I am using XI 7.0.
  Please advise.
  Thanks,
  Nataliya

  Hi Nataliya,
  Go to SOAP Adapter> Inbound Security Checks-> HTTP Security Level--> Here you can specify  option "HTTP with Client Authentication. 
  One more thing HTTP Security level option is always available in Sender Adapter.
  For more clarity about HTTPS find below link.
  http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm
  To enable the TrustedCA in SOAP Sender adapter. Go SOAP Sender> Security Parameter> Security Profile--> Web Service
  security. Then go to sender agreement there you need to give key store entry.

• Calling web service with SSL (HTTPS) hangs client stub

  If anyone can help it would make my day! I've spent way too much time on this!!!
  I'm running:
  - Web service is running on Linux RedHat with Oracle9iAS 9.0.3
  - Client is running from Windows XP under Jdeveloper
  I've successfully installed and run the web security demo "ws_security" at http://otn.oracle.com/sample_code/tech/java/web_services/wssecurity/ws_security.jar.
  This demo goes through installing the web service, certificates, etc... and the demo runs fine. I'm also able to connect to the web service from a browser using https://server1:4443/CreditCardValidator/CreditCardValidator. I can download the proxy, look at the WSDL, etc...
  Now I've written my own very simple stateless java class web service, deployed it to 9iAS , and then downloaded the proxy stub jar. Using the proxy stub I can call my web service and everything works fine.
  Then I configure the web service to use HTTPS by making the following changes to the proxy stub (per the ws_security demo).
  1) Copy the following 5 lines to the proxy stub
  System.setProperty("ssl.SocketFactory.provider","oracle.security.ssl.OracleSSLSocketFactoryImpl");
  System.setProperty("ssl.ServerSocketFactory.provider","oracle.security.ssl.OracleSSLServerSocketFactoryImpl");
  System.setProperty("java.protocol.handler.pkgs","HTTPClient");
  System.setProperty("oracle.wallet.location","C:\\Data\\Oracle\\WALLETS\\ws_security\\wallet.txt");
  System.setProperty("oracle.wallet.password","thewalletpassword");
  2) modify the "m_soapURL" by changing "http" to "https" and the port number to 4443
  3) add the following 3 jar files to my projects library class list:
  C:\Program Files\jdev9031\jlib\jssl-1_2.jar
  C:\Program Files\jdev9031\jdk\jre\lib\ext\jcert.jar
  C:\Program Files\jdev9031\lib\jsse.jar;C:\Program Files\jdev9031\jlib\javax-ssl-1_2.jar
  When I run the proxy stub it just hangs. I've traced the hang to the "Response response = call.invoke(new URL(m_soapURL), soapActionURI);" statement in the "makeSOAPCallRPC" method in the proxy stub.
  Again, this works fine if I simply change the "m_soapURL" to use "http" instead of "https". It looks like it's hanging on the client side and the call is never making it to the server.
  Any help is GREATLY appreciated!!!!!

  Could you explain it a little more, please.
  Since my first message, I used the wallet manager to add the certificate the server where the web service is at, uses.
  What else do I need to make it work??
  Thanks in advance again.

• What's the difference with SSL Certificates?

  Hi,
  I need to get an SSL Certificate for my client's online
  store. There are so
  many choices out there ranging from stupidly expensive, down
  to suspiciously
  cheap.
  Can anyone help me sort through the mob and recommend
  something that is
  trustworthy, secure and cheap.
  I'm happy to buy globally, but I'd prefer either a true
  multi-national, or
  an Australian company.
  Thanks,
  B

  Which certificate you choose depends on your intended use for
  the cert. The cheap ones (US $20/year and up) simply assure that
  you control the domain in question. The certificate agency sends an
  email to the administrative contact specified in the domain's Whois
  listing. If they get the appropriate response, the certificate is
  issued. If all you are out to do is establish SSL connections to a
  web site to prevent eavesdropping, this type of certificate is
  fine. There is no difference in the level of security between these
  certificates and fancier offerings as long as both the cert and
  your web server support 256 bit encryption. You can also get a
  certificate that is valid for up to 10 years, so you won't have to
  worry about SSL for a long time. The cheap certificates are not
  recommended for online commerce, as there is no assurance you are
  an actual company. If you go this route, getting a certificate from
  an outfit that supports single root verification greatly eases
  installation on your server. (Translation from geek: A single root
  certificate is inherently trusted by all major browsers. Companies
  such as RapidSSL (cheap), Geotrust and Thawte (not so cheap), and
  Verisign (expensive) all own their root certificates. Many other
  certificate agencies require installing a chain of certificates on
  your server that point back to the trusted root certificate. Use
  Firefox to test your SSL site, as it has the most comprehensive
  certificate validation routines.)
  The next step up are the high assurance certificates. These
  require you to prove that you own or represent the company whose
  domain you are getting a certificate for. The price for these
  certificates ranges from US$100/year to ~$400. The certificate
  company will perform a search on your business or organization, and
  you may be required to submit supporting documentation to prove you
  are who you claim to be. The more expensive flavors of these certs
  usually offer larger guarantees against credit card fraud resulting
  from certificate misuse. These certificates are valid for up to 3
  years.
  Finally, there are the new extended validation certificates.
  These require an in-depth evaluation of your business, including an
  investigation into the overall legitimacy of your corporation.
  Government agencies also qualify. Sole proprietorships and and
  general partnerships are not eligible, although the CA/B says they
  may be in the future. Get one of these and IE users can see the
  navigation bar turn a trustworthy green color. There is also a
  large amount of green involved in purchasing one of these
  certificates, ranging from US$500/year from the cheapie outfits to
  $900/year from Thawte to $1500 per year from Verisign.
  No matter which option you pursue, there are a couple of
  points to be aware of. First, choose a vendor that offers free
  certificate replacement. This protects you in case a change in
  hosting provider or web server invalidates your existing
  certificate. Also, a normal certificate is very specific in terms
  of which domain it supports. For example, a certificate for
  www.domain.com does not work for mail.domain.com, ftp.domain.com,
  or even domain.com. If this is important to you, you can either
  purchase multiple certificates or a wildcard certificate that
  supports any number of subdomains. Wildcard cert prices are
  typically 4-5x higher than for a single cert. Finally, many cert
  companies offer verification seals that you can add to your SSL web
  pages. These allow your clients to click or hover over the seal to
  get a quick verification that your site certificate comes from a
  recognizable brand. Useful, perhaps, if you want to brag that "I
  care enough to purchase certs from Thawte, Network Solutions,
  Geotrust, et. al." or "I'm a penny-pincher and use GoDaddy!"

• Query performance difference with same script in two servers

  Dear all,
  I have problem with an INSERT Procedure. I have 2 servers, say Server A and Server B, In Server A the query execution will be finished in 4 minutes where in the Server B the same Query its taking more than 2 hours. 
  If I look into the execution plan in both servers, it looks different.
  Both have the Default Parallelism settings.
  Cost Threshold for Parallelism : 5
  Locks : 0
  Max Degree of Parallelism : 0
  Query Wait : -1
  What causing to slow down the process? Is the parallelism slowing down the process? 
  When I look into the SERVER A's active running processes in management studio, I found that there are 8 INSERT Queries running with only 2 RUNNABLE and 6 SUSPENDED. Anything is getting locked out or Waiting? 
  Please help and suggest my a solution for it. Thanks in advance.
  Regards,
  kranthi kumar G.

  Thanks Tony for your reply. Here are my answers.
  Are we talking a large amount of inserts?
  YES
  What is the autogrowth settings for the database files on the two Servers?
  Autogrowth by 10%
  The Server you are having an issue with, are the any triggers on the Tables?
  No.
  Is there a background or other trace running on the slow Server that could be impacting performance?
  Yes, we are running a monitoring tool to check the performance of the load.
  Is there another database on the slow Server causing issues?
  No.
  This could be a hardware issue; have you use perfmon to see if there are any disk queues?
  We will check with our DBA on this.
  What is the Raid Configuration?  Are the files on a single spindle?  If so what is the fragmentation state of any single spindle volume?
  There is no Rain Configuration. Its a Windows Azure A7.
  Are you automatically updating statistics on the slow Database?
  Yes.
  Is the Anti Virus Software on the Slow server scanning the data files?
  Yes, but not on the database level.
  Regards,
  kranthi.

• OHS Proxypass with SSL (https) issue.

  Hi,
  I have OHS setup as webserver which is protected by Webgate.
  After the Federation authentication, I proxypass to a load balancer url having SSL.
  If I proxy to regular http url of the server, it works fine but if I proxy to https load balancer url, it doesn't work.
  I see the following error in OHS error log.
  proxy: No protocol handler was valid for the URL /ofsso. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
  File does not exist: /opt/oim/ohs/Apache/Apache/htdocs/favicon.ico
  Please help on what I doing wrong. I did not create any new certificate, just using the default.
  <IfModule mod_ossl.c>
  AddType application/x-x509-ca-cert .crt
  AddType application/x-pkcs7-crl .crl
  SSLPassPhraseDialog builtin
  SSLSessionCache shmcb:logs\ssl_scache(512000)
  SSLSessionCacheTimeout 300
  SSLMutex sem
  SSLLog logs\ssl_engine_log
  SSLLogLevel warn
  <VirtualHost default:443>
            # General setup for the virtual host
            DocumentRoot "/opt/oim/ohs/Apache/Apache/htdocs"
            ServerName server
            ServerAdmin [email protected]
            ErrorLog logs/error_log
            TransferLog "logs/access_log"
            Port 443
            SSLEngine on
            SSLCipherSuite SSL_RSA_WITH_RC4_128_MD5:SSL_RSA_WITH_RC4_128_SHA:SSL_RSA_WITH_3DES_EDE_CBC_SHA:SSL_RSA_WITH_DES_CBC_SHA:SSL_RSA_EXPORT_WITH_RC4_40_MD5:SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
            SSLWallet file:/opt/oim/ohs/Apache/Apache/conf/ssl.wlt
            #SSLWalletPassword <wallet-password >
            #SSLCARevocationPath conf\ssl.crl
            SSLVerifyClient require
            SSLOptions FakeBasicAuth ExportCertData CompatEnvVars StrictRequire
  <Files ~ "\.(cgi|shtml)$">
       SSLOptions +StdEnvVars
  </Files>
  <Directory cgi-bin>
  SSLOptions +StdEnvVars
  </Directory>
            SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
            CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  </VirtualHost>
  ProxyRequests On
  Listen 443
  </IfModule>
  <IfModule mod_proxy.c>
  ProxyRequests On
  <Directory *>
  Order Allow,Deny
  Allow From all
  </Directory>
  ProxyVia Full
  #ProxyPass / http://portal.domain.com:80/
  #ProxyPassReverse / http://portal.domain.com:80/
  ProxyPass / https://f5.domain.com:443/
  ProxyPassReverse / https://f5.domain.com:443/
  </IfModule>
  Edited by: pkoracle on Jun 1, 2009 10:21 AM

  Hi,
  I have the same problem. Were you able to resolve this.
  Regards,
  Rajesh K Ilango

• Need basic info how to run my servlet with SSL/http (I am using Tomcat 4.0.

  I have a servlet that gets a user id and password
  and query information from an HTML form
  and then writes back the answer to the query as a new web page. We want to
  make the transaction secure because it is customer confidential information.
  What do I need to do in my servlet to get it to run under SSL?
  (I am using Apache Tomcat 4.0 on WinNT and
  can use either JDK 1.2.2 or 1.3.1....)
  I know this is a very basic question, but what I'm reading does not
  make it clear to me what I have to do to my servlet code to use SSL, or
  whether the server and client do all the work "outside" my
  servlet code so that no changes to the servlet would be required(???).
  Can I use Tomcat 4.0 for SSL? Any help getting my head pointed in the right
  direction will be much appreciated. (You may reply to this forum or
  to my email: [email protected]
  Much thanks!

  When one follows this how-to, one got the following result:
  The same page, say xyz.html, can be accessed in two ways: one is from
  http://localhost:8080/xyz.html, and the other is from https://localhost:8443/xyz.html.
  How can one allow people to be only able to access from https://localhost:8443/xyz.html, to be not able to access from http://localhost:8080/xyz.html? There is one sentence mentioned some where that Servlet 2.4 specification can do this. But Servlet 2.4 specification would not provide any help. Any clue?

• SQL query performance difference with Index Hint in Oracle 10g

  Hi,
  I was having a problem in SQL select query which was taking around 20 seconds to get the results. So, by hit and trail method I added Index Oracle Hint into the same query with the list of indexes of the tables and the results are retrieved with in 10 milli seconds. I am not sure to get How this is working with Indexes Hint.
  The query with out Index Hint:
  select /*+rule*/ FdnTab2.fdn, paramTab3.attr_name from fdnmappingtable FdnTab, fdnmappingtable FdnTab2, parametertable paramTab1 ,parametertable paramTab3  where FdnTab.id=52787 and paramTab1.id= FdnTab.id  and paramTab3.id = FdnTab.id  and paramTab3.attr_value = FdnTab2.fdn  and paramTab1.attr_name='harqUsersMax' and paramTab1.attr_value <> 'DEFAULT' and exists ( select ParamTab2.attr_name from parametertable ParamTab2, templaterelationtable TemplateTab2  where TemplateTab2.id=FdnTab.id  and ParamTab2.id=TemplateTab2.template_id  and ParamTab2.id=FdnTab2.id  and ParamTab2.attr_name=paramTab1.attr_name)  ==> EXECUTION TIME: 20 secs
  The same query with Index Hint:
  select /*+INDEX(fdnmappingtable[PRIMARY_KY_FDNMAPPINGTABLE],parametertable[PRIMARY_KY_PARAMETERTABLE])*/ FdnTab2.fdn, paramTab3.attr_name from fdnmappingtable FdnTab, fdnmappingtable FdnTab2, parametertable paramTab1 ,parametertable paramTab3 where FdnTab.id=52787 and paramTab1.id= FdnTab.id and paramTab3.id = FdnTab.id and paramTab3.attr_value = FdnTab2.fdn and paramTab1.attr_name='harqUsersMax' and paramTab1.attr_value <> 'DEFAULT' and exists ( select ParamTab2.attr_name from parametertable ParamTab2, templaterelationtable TemplateTab2 where TemplateTab2.id=FdnTab.id and ParamTab2.id=TemplateTab2.template_id and ParamTab2.id=FdnTab2.id and ParamTab2.attr_name=paramTab1.attr_name) ==> EXECUTION TIME: 10 milli secs
  Can any one suggest what could be the real problem?
  Regards,
  Purushotham

  Sorry,
  The right query and the explain plan:
  select /*+rule*/ FdnTab2.fdn, paramTab3.attr_name from fdnmappingtable FdnTab, fdnmappingtable FdnTab2, parametertable paramTab1 ,parametertable paramTab3  where FdnTab.id=52787 and paramTab1.id= FdnTab.id  and paramTab3.id = FdnTab.id  and paramTab3.attr_value = FdnTab2.fdn  and paramTab1.attr_name='harqUsersMax' and paramTab1.attr_value <> 'DEFAULT' and exists ( select ParamTab2.attr_name from parametertable ParamTab2, templaterelationtable TemplateTab2  where TemplateTab2.id=FdnTab.id  and ParamTab2.id=TemplateTab2.template_id  and ParamTab2.id=FdnTab2.id  and ParamTab2.attr_name=paramTab1.attr_name) 
  SQL> @$ORACLE_HOME/rdbms/admin/utlxpls.sql
  PLAN_TABLE_OUTPUT
  Plan hash value: 651267974
  | Id | Operation | Name |
  | 0 | SELECT STATEMENT | |
  |* 1 | FILTER | |
  | 2 | NESTED LOOPS | |
  | 3 | NESTED LOOPS | |
  | 4 | NESTED LOOPS | |
  |* 5 | INDEX UNIQUE SCAN | PRIMARY_KY_FDNMAPPINGTABLE |
  PLAN_TABLE_OUTPUT
  |* 6 | TABLE ACCESS BY INDEX ROWID| PARAMETERTABLE |
  |* 7 | INDEX UNIQUE SCAN | PRIMARY_KY_PARAMETERTABLE |
  | 8 | TABLE ACCESS BY INDEX ROWID | PARAMETERTABLE |
  |* 9 | INDEX RANGE SCAN | PRIMARY_KY_PARAMETERTABLE |
  | 10 | TABLE ACCESS BY INDEX ROWID | FDNMAPPINGTABLE |
  |* 11 | INDEX UNIQUE SCAN | SYS_C005695 |
  | 12 | NESTED LOOPS | |
  |* 13 | INDEX UNIQUE SCAN | PRIMARY_KY_PARAMETERTABLE |
  |* 14 | INDEX UNIQUE SCAN | PRIMARY_KEY_TRTABLE |
  PLAN_TABLE_OUTPUT
  Predicate Information (identified by operation id):
  1 - filter( EXISTS (SELECT 0 FROM "TEMPLATERELATIONTABLE"
  "TEMPLATETAB2","PARAMETERTABLE" "PARAMTAB2" WHERE
  "PARAMTAB2"."ATTR_NAME"=:B1 AND "PARAMTAB2"."ID"=:B2 AND
  "PARAMTAB2"."ID"="TEMPLATETAB2"."TEMPLATE_ID" AND
  "TEMPLATETAB2"."ID"=:B3))
  5 - access("FDNTAB"."ID"=52787)
  6 - filter("PARAMTAB1"."ATTR_VALUE"<>'DEFAULT')
  7 - access("PARAMTAB1"."ID"="FDNTAB"."ID" AND
  PLAN_TABLE_OUTPUT
  "PARAMTAB1"."ATTR_NAME"='harqUsersMax')
  9 - access("PARAMTAB3"."ID"="FDNTAB"."ID")
  11 - access("PARAMTAB3"."ATTR_VALUE"="FDNTAB2"."FDN")
  13 - access("PARAMTAB2"."ID"=:B1 AND "PARAMTAB2"."ATTR_NAME"=:B2)
  14 - access("TEMPLATETAB2"."ID"=:B1 AND
  "PARAMTAB2"."ID"="TEMPLATETAB2"."TEMPLATE_ID")
  Note
  - rule based optimizer used (consider using cbo)
  43 rows selected.
  WITH INDEX HINT:
  select /*+INDEX(fdnmappingtable[PRIMARY_KY_FDNMAPPINGTABLE],parametertable[PRIMARY_KY_PARAMETERTABLE])*/ FdnTab2.fdn, paramTab3.attr_name from fdnmappingtable FdnTab, fdnmappingtable FdnTab2, parametertable paramTab1 ,parametertable paramTab3 where FdnTab.id=52787 and paramTab1.id= FdnTab.id and paramTab3.id = FdnTab.id and paramTab3.attr_value = FdnTab2.fdn and paramTab1.attr_name='harqUsersMax' and paramTab1.attr_value <> 'DEFAULT' and exists ( select ParamTab2.attr_name from parametertable ParamTab2, templaterelationtable TemplateTab2 where TemplateTab2.id=FdnTab.id and ParamTab2.id=TemplateTab2.template_id and ParamTab2.id=FdnTab2.id and ParamTab2.attr_name=paramTab1.attr_name);
  SQL> @$ORACLE_HOME/rdbms/admin/utlxpls.sql
  PLAN_TABLE_OUTPUT
  Plan hash value: 2924316070
  | Id | Operation | Name | Rows | B
  ytes | Cost (%CPU)| Time |
  PLAN_TABLE_OUTPUT
  | 0 | SELECT STATEMENT | | 1 |
  916 | 6 (0)| 00:00:01 |
  |* 1 | FILTER | | |
  | | |
  | 2 | NESTED LOOPS | | 1 |
  916 | 4 (0)| 00:00:01 |
  | 3 | NESTED LOOPS | | 1 |
  401 | 3 (0)| 00:00:01 |
  PLAN_TABLE_OUTPUT
  | 4 | NESTED LOOPS | | 1 |
  207 | 2 (0)| 00:00:01 |
  |* 5 | TABLE ACCESS BY INDEX ROWID| PARAMETERTABLE | 1 |
  194 | 1 (0)| 00:00:01 |
  |* 6 | INDEX UNIQUE SCAN | PRIMARY_KY_PARAMETERTABLE | 1 |
  | 1 (0)| 00:00:01 |
  |* 7 | INDEX UNIQUE SCAN | PRIMARY_KY_FDNMAPPINGTABLE | 1 |
  PLAN_TABLE_OUTPUT
  13 | 1 (0)| 00:00:01 |
  | 8 | TABLE ACCESS BY INDEX ROWID | PARAMETERTABLE | 1 |
  194 | 1 (0)| 00:00:01 |
  |* 9 | INDEX RANGE SCAN | PRIMARY_KY_PARAMETERTABLE | 1 |
  | 1 (0)| 00:00:01 |
  | 10 | TABLE ACCESS BY INDEX ROWID | FDNMAPPINGTABLE | 1 |
  515 | 1 (0)| 00:00:01 |
  PLAN_TABLE_OUTPUT
  |* 11 | INDEX UNIQUE SCAN | SYS_C005695 | 1 |
  | 1 (0)| 00:00:01 |
  | 12 | NESTED LOOPS | | 1 |
  91 | 2 (0)| 00:00:01 |
  |* 13 | INDEX UNIQUE SCAN | PRIMARY_KEY_TRTABLE | 1 |
  26 | 1 (0)| 00:00:01 |
  |* 14 | INDEX UNIQUE SCAN | PRIMARY_KY_PARAMETERTABLE | 1 |
  65 | 1 (0)| 00:00:01 |
  PLAN_TABLE_OUTPUT
  Predicate Information (identified by operation id):
  1 - filter( EXISTS (SELECT /*+ */ 0 FROM "TEMPLATERELATIONTABLE" "TEMPLATETAB
  2","PARAMETERTABLE"
  PLAN_TABLE_OUTPUT
  "PARAMTAB2" WHERE "PARAMTAB2"."ATTR_NAME"=:B1 AND "PARAMTAB2"."ID"
  =:B2 AND
  "TEMPLATETAB2"."TEMPLATE_ID"=:B3 AND "TEMPLATETAB2"."ID"=:B4))
  5 - filter("PARAMTAB1"."ATTR_VALUE"<>'DEFAULT')
  6 - access("PARAMTAB1"."ID"=52787 AND "PARAMTAB1"."ATTR_NAME"='harqUsersMax')
  7 - access("FDNTAB"."ID"=52787)
  9 - access("PARAMTAB3"."ID"=52787)
  11 - access("PARAMTAB3"."ATTR_VALUE"="FDNTAB2"."FDN")
  13 - access("TEMPLATETAB2"."ID"=:B1 AND "TEMPLATETAB2"."TEMPLATE_ID"=:B2)
  14 - access("PARAMTAB2"."ID"=:B1 AND "PARAMTAB2"."ATTR_NAME"=:B2)
  PLAN_TABLE_OUTPUT
  Note
  - dynamic sampling used for this statement
  39 rows selected.

• BingMaps not showing with SSL certificate

  I have recently added SSL certificate to the server for the website I am developing.
  I changed my applications to use  https from http.
  <script type="text/javascript" src="https://ecn.dev.virtualearth.net/mapcontrol/mapcontrol.ashx?v=7.0">
  After changing it from http to https, it is showing a blank page in place of map. The error it says is 
  This page is trying to load scripts from unauthenticated sources
  I had to click on the right top corner shield and allow the browser to run unsafe scripts to get the bingmaps to show up.
  Any ideas on how I can resolve it. I am using ASP.NEt, C#, Javascript and jQuery.
  Thanks in advance.
  Nate

  I had to add &s=1 to run the BingMaps in secure mode
  so, we should use following link to run the bing maps with SSL.
  https://ecn.dev.virtualearth.net/mapcontrol/mapcontrol.ashx?v=7.0&s=1
  Thanks
  Nate

• Mod_osso behavior differences with 10gR3 Oracle HTTP Server 2

  We have an install of standalone 10gR3 Oracle HTTP Server 2 (i.e. the Apache 2 version), and have noticed that the behavior of mod_osso is different than the regular 10gR3 Oracle HTTP Server (i.e. the Apache 1 version).
  We use the following in our mod_osso.conf:
  <Location /somepath>
  AuthType Basic
  require valid-user
  </Location>
  First Difference: With OHS 2, when we go to /somepath, we get the error "missing AuthName" in the Apache logs.
  So, we set an AuthName. Now, our mod_osso.conf looks like this:
  <Location /OnDemand>
  AuthType Basic
  AuthName "Oracle Single Sign On"
  require valid-user
  </Location>
  Second Difference: Now, we we go to /somepath, Apache returns a 401, which causes the browser to prompt for credentials! We can enter anything we want in the dialog, and everything will continue as normal (i.e. redirects to the Oracle SSO Server to prompt for credentials, etc).
  So, our question is: Why these behavior differences in 10gR3 OHS 2? It almost seems as if it's using an old 9i mod_osso!
  Thanks,
  - Bill

  Okay, we figured it out.
  Apparently, the three "LoadModule mod_auth*" lines in OHS 2 httpd.conf need to be commented out.
  Now mod_osso is working exactly as with OHS 1.
  - Bill

• WCF service fronted with SSL enabled NGINX load balancer shows HTTP based WSDL url instead of HTTPS

  Hi,
  I have WCF service hosted using IIS 8.5 on application server. And application servers are fronted with NGINX load balancer with SSL enabled. Backend communication protocol between NGINX to application server is http. 
  When customer visits public domain url (https://xxx.com/service.svc), they can see the WSDL url with http://xxx.com/service.svc?wsdl. 
  What change should I make so that WSDL url will have https instead of http ? 
  This is service side configuration.
  <system.serviceModel>
      <services>
        <service name="Service.IService">
          <endpoint address="" binding="basicHttpBinding" bindingNamespace="http://xyz.com/Service" name="Service_Endpoint" contract="Service.IService" />
        </service>
      </services>
      <bindings>
        <basicHttpBinding />
      </bindings>
      <client />
      <behaviors>
        <serviceBehaviors>
          <behavior>
            <serviceThrottling maxConcurrentCalls="5000" maxConcurrentInstances="2147483647" maxConcurrentSessions="5000" />
            <serviceMetadata httpGetEnabled="true" />
            <serviceDebug includeExceptionDetailInFaults="true" />
          </behavior>
        </serviceBehaviors>
      </behaviors>
      <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    </system.serviceModel>
  Thanks in advance !!

  Hi,
  For this scenario, you could just enable SSL in IIS to get HTTPS endpoints. If your service is exposed at https then you configure the same using “httpsGetEnabled”:
  <behaviors>
  <serviceBehaviors>
  <behavior
  name="MyServiceTypeBehaviors"
  >
  <serviceMetadata
  httpGetEnabled="true"
  />
       </behavior>
  </serviceBehaviors>
  </behaviors>
  For more information, you could refer to:
  http://www.codeproject.com/Articles/327260/What-s-new-in-WCF-Automatic-HTTPS-endpoint-for
  http://blogs.msdn.com/b/brajens/archive/2007/04/26/accessing-description-metadata-wsdl-of-wcf-web-service.aspx
  Regards