Problem with WLS LDAP Authentication Provider

We have configured WLS LDAP Authentication provider on an Oracle Service Bus domain, which is used to authenticate WS-Security Username Token and SAML Tokens against an external LDAP Directory (Sun Directory Server). After configuring this, we see that the "Users & Groups" page on the WLS Admin console is getting populated with all the user ids available in LDAP. The organization corporate directory has thousands of user ids, and WLS is executing a generic query against LDAP to fetch all the users. This query would have a major performance impact on the LDAP Directory? Is there any way to prevent this generic query from happening? Any suggestions would help.
Edited by: Ramakrishnan Venkataraman on Feb 1, 2011 11:46 AM

Yes, you can apply filters on the Providers configuration, also u can select the DN from where to feth the users, you can fetch users with special attributes.
Whole lot of things can be done, review the options under providers.
Let me know if you have any doubts.
HTH,
-Faisal
http://www.weblogic-wonders.com

Similar Messages

  • OBIEE 11.1.1.5.0 ldap authentication provider

    Hi all,
    We are having problem with OBIEE 11.1.1.5.0 .. We create a role and give some permissions to a folder in the catalog with that role. Then we login with a user in that role, the user is not able to see the contents of the folder until we restart the server.. We have LDAP authentication provider.. Could this be related to that ?

    Hi,
    @weblogic Home >Summary of Security Realms >myrealm >Providers >LDAPAuthenticator>Provider Specific>Users
    I tried something like :
    All Users Filter:(&(memberOf=cn=LDAPGroupName,cn=Users,dc=xxxx,dc=yyy,dc=com))
    User From Name Filter: (&(cn=%u)(objectclass=user))
    the original was:
    All Users Filter: (&(uid=*)(objectclass=person))
    User From Name Filter: (&(uid=%u)(objectclass=person))
    and restarted the server but it did not work ...

  • Hi ! I need to send an e.mail reporting a problem with de Authorized Service Provider in Brasil. I contact Apple Brasil, but didn't solve. Someone know an Apple's USA e.mail i can use ? Thanks.

    Hi ! I need to send an e.mail reporting a problem with de Authorized Service Provider in Brasil. I contact Apple Brasil, but didn't solve. Someone know an Apple's USA e.mail i can use ? Thanks.

    There is a link at the bottom of this page. http://www.apple.com/contact/

  • Good morning. I need to send an e.mail reporting a problem with de Authorized Service Provider in Brasil. I contact Apple Brasil, but didn't solve. Someone know an e.mail i can use in Apple USA? Thanks.

    Good morning. I need to send an e.mail reporting a problem with de Authorized Service Provider in Brasil. I contact Apple Brasil, but didn't solve. Someone know an Apple's USA e.mail i can use ? Thanks.

    There is a link at the bottom of this page. http://www.apple.com/contact/

  • General install and deployment problem with WLS clustering on two boxes

    Hi,
    I've come across a general installation problem with WLS with a cluster spanning two different physical machines and two Managed Servers, one Managed Server per physical machine.
    The problem is, starting from scratch, you install WLS on both physical machines. You can then use the config wizard to create the domain, cluster and managed servers, but this is a manual typing in process.
    So we've now got a WLST Script which we run with "java weblogic.WLST domaincreate.py domain.properties". This is good as it creates the domain, cluster, managed servers and JMS modules.
    Now the trouble is, it doesn't do anything to the 2nd physical machine which will be running only the 2nd Managed Server.
    One dirty way to get around this in order to start the 2nd managed server was to copy the domain directory to the 2nd server, but I'm sure this is bad practice and what you can actually do is improve the WLST script to actually, but the same as the config wizard and dump the nessary information to the 2nd physical machine in order so you don't need to copy the domain directory across so that it will startup straight after running the WLST.
    Any help appriecated.
    Surfbum.

    Hi I think I've found the answer. You can build a managed server template using the pack command.
    http://e-docs.bea.com/common/docs90/pack/tasks.html

  • Apache-soap Problem with WLS 5.1sp9

    I have problem with WLS 5.1sp9.
    My environment is the following :
    jaf-1.0.1
    javamail-1.2
    soap-2.2
    xerces-1.4.4
    and I want to call EJB.
    So, I write some EJB and deploy it.
    And rpcrouter work!!
    Success to deploy the Service.
    But I run into problem with calling this ejb.
    This error is the following.
    SOAP-ENV:Server.BadTargetObjectURI
    Unable to resolve target object: BC2_BoardSync
    please, help me.
    here's my example..
    ps.
    sorry for my poor English..T_T
    [ws5.10.zip]
    [vb.zip]

    I have problem with WLS 5.1sp9.
    My environment is the following :
    jaf-1.0.1
    javamail-1.2
    soap-2.2
    xerces-1.4.4
    and I want to call EJB.
    So, I write some EJB and deploy it.
    And rpcrouter work!!
    Success to deploy the Service.
    But I run into problem with calling this ejb.
    This error is the following.
    SOAP-ENV:Server.BadTargetObjectURI
    Unable to resolve target object: BC2_BoardSync
    please, help me.
    here's my example..
    ps.
    sorry for my poor English..T_T
    [ws5.10.zip]
    [vb.zip]

  • Weblogic with Active Directory Authentication provider problem: DN for user ....: null

    I have a java application (SSO via SAML2) that uses Weblogic as a Identity Service Provider. All works well using users created directly in Weblogic. However, I need to add support for Active Directory. So, as per documentation:
    - I defined an Active Directory Authentication provider
    - changed it's order in the Authentication Providers list so that it comes first
    - set the control flag to SUFFICIENT and configured the Provider Specific; here's the concerned part in config.xml:
    <sec:authentication-provider xsi:type="wls:active-directory-authenticatorType">
            <sec:name>MyOwnADAuthenticator</sec:name>
            <sec:control-flag>SUFFICIENT</sec:control-flag>
            <wls:propagate-cause-for-login-exception>true</wls:propagate-cause-for-login-exception>
            <wls:host>10.20.150.4</wls:host>
            <wls:port>5000</wls:port>
            <wls:ssl-enabled>false</wls:ssl-enabled>
            <wls:principal>CN=tadmin,CN=wl,DC=at,DC=com</wls:principal>
            <wls:user-base-dn>CN=wl,DC=at,DC=com</wls:user-base-dn>
            <wls:credential-encrypted>{AES}deleted</wls:credential-encrypted>
            <wls:cache-enabled>false</wls:cache-enabled>
            <wls:group-base-dn>CN=wl,DC=at,DC=com</wls:group-base-dn>
    </sec:authentication-provider>
    I configured a AD LDS instance(Active Directory Lightweight Directory Services) on a Windows Server 2008 R2. I created users and one admin user "tadmin" which was added to Administrators members. I also made sure to set msDS-UserAccountDisabled property to FALSE.
    After restarting Weblogic I can see that the AD LDS's users and groups are correctly fetched in Weblogic. But, when I try to connect with my application, using Username:tadmin and Password:<...> it does not work.
    Here's what I see in the log file:
    <BEA-000000> <LDAP Atn Login username: tadmin>
    <BEA-000000> <authenticate user:tadmin>
    <BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
    <BEA-000000> <DN for user tadmin: null>
    <BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
    <BEA-000000> <DN for user tadmin: null>
    <BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
    <BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User tadmin denied
      at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:229)
      at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
    So, I tried to look why do I have: <DN for user tadmin: null>. Using Apache Directory Studio I reproduced the ldap search request used in Weblogic and, sure enough, I get no results. But, changing the filter to only "(&(cn=tadmin)(objectclass=user))" (NOTICE, no userAccountControl), it works; here's the result from Apache Directory Studio:
    #!SEARCH REQUEST (145) OK
    #!CONNECTION ldap://10.20.150.4:5000
    #!DATE 2014-01-23T14:52:09.324
    # LDAP URL     : ldap://10.20.150.4:5000/CN=wl,DC=at,DC=com?objectClass?sub?(&(cn=tadmin)(objectclass=user))
    # command line : ldapsearch -H ldap://10.20.150.4:5000 -x -D "[email protected]" -W -b "CN=wl,DC=at,DC=com" -s sub -a always -z 1000 "(&(cn=tadmin)(objectclass=user))" "objectClass"
    # baseObject   : CN=wl,DC=at,DC=com
    # scope        : wholeSubtree (2)
    # derefAliases : derefAlways (3)
    # sizeLimit    : 1000
    # timeLimit    : 0
    # typesOnly    : False
    # filter       : (&(cn=tadmin)(objectclass=user))
    # attributes   : objectClass
    #!SEARCH RESULT DONE (145) OK
    #!CONNECTION ldap://10.20.150.4:5000
    #!DATE 2014-01-23T14:52:09.356
    # numEntries : 1
    (the "[email protected]" is defined as userPrincipalName in the tadmin user on AD LDS)
    As you can see, "# numEntries : 1" (and I can see as result the entry "CN=tadmin,CN=wl,DC=at,DC=com"  in Apache Directory Studio's interface); if I add the userAccountControl filter I get 0.
    I've read that the AD LDS does not use userAccountControl but "uses several individual attributes to hold the information that is contained in the flags of the userAccountControl attribute"; among those attributes is msDS-UserAccountDisabled which, as I said, I already set to FALSE.
    So, my question is, how do I make it work? Why do I have "<DN for user tadmin: null>" ? Is it the userAccountControl ? If it is, do I need to do some other configuration on my AD LDS ? Or, how can I get rid of the userAccountControl filter in Weblogic?
    I didn't seem to find it in config files or in the interface: I only have "User From Name Filter: (&(cn=%u)(objectclass=user))", there's no userAccountControl.
    Another difference I noticed is that, even though in Weblogic I have set ssl-enabled flag to false, in the logs I see ldaps and not ldap ( I'm not looking to setup something production-ready and I don't want SSL for the moment ).
    Here are some other things I tried but did not change anything:
    - the other "msDS-" attributes were not set so I tried initializing them to some value
    - I tried other users defined in AD LDS, not tadmin
    - in Weblogic I added users that were imported from AD LDS in Roles and Policies> Realm Roles > Global Roles > Roles > Admin
    - I removed all userAccountControl occurrences that I found in xml files in Weblogic (schema.ms.xml, schema.msad2003.xml)
    Any thoughts?
    Thanks.

    I managed to narrow it down: the AD LDS does not support the userAccountControl.
    Anyone knows how I can configure my Active Directory Authentication Provider in Weblogic so that it does not implicitly use userAccountControl as filter?
    <BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)> 

  • SecurityException (Invalid Subject) with custom database authentication provider WLS 7.0

    Hello
    I have implemented a custom authentication provider using a
    database. The login module works fine. It check the username and
    password, add the user as a WLSUser-principal and add the groups
    relatated to the user as WLSGroup-principals to the subject. I
    am able to start the WLS only using my authentication provider,
    but if i want to login into the console i get following
    SecurityException:
    java.lang.SecurityException: Invalid Subject: principals=
    [system, Administrators]
    at weblogic.security.service.SecurityServiceManager.seal
    (SecurityServiceManager.java:893)
    at weblogic.security.service.RoleManager.getRoles
    (RoleManager.java:269)
    at
    weblogic.security.service.AuthorizationManager.isAccessAllowed
    (AuthorizationManager.java:608)
    at
    weblogic.servlet.security.internal.WebAppSecurity.hasPermission
    (WebAppSecurity.java:370)
    at
    weblogic.servlet.security.internal.SecurityModule.checkPerm
    (SecurityModule.java:125)
    at
    weblogic.servlet.security.internal.FormSecurityModule.checkUserPe
    rm(FormSecurityModule.java:328)
    at
    weblogic.servlet.security.internal.SecurityModule.beginCheck
    (SecurityModule.java:179)
    at
    weblogic.servlet.security.internal.FormSecurityModule.checkA
    (FormSecurityModule.java:167)
    at
    weblogic.servlet.security.internal.ServletSecurityManager.checkAc
    cess(ServletSecurityManager.java:185)
    at
    weblogic.servlet.internal.WebAppServletContext.invokeServlet
    (WebAppServletContext.java:2960)
    at weblogic.servlet.internal.ServletRequestImpl.execute
    (ServletRequestImpl.java:2466)
    at weblogic.kernel.ExecuteThread.execute
    (ExecuteThread.java:152)
    at weblogic.kernel.ExecuteThread.run
    (ExecuteThread.java:133)
    Seems to me, that the default role manager does not map the
    group Administrators to the role Admin, which is allowed to
    access the resource console. So, what i do wrong? Must i set
    additional credentials to the subject? Or must i use a special
    Principal class? Who can help me?
    Thanks in advance & greetings
    Dirk Fellenstein

    I have solved it. The Problem was that the two Principal implementations, one that
    implements WLSGroup and one that implements WLSUser, need a common principal base
    class. The principal validator class, method getPrincipalBaseClass() must then return
    the common principal base class.
    "Dirk Fellenstein" <[email protected]> wrote:
    >
    Hello
    I have implemented a custom authentication provider using a
    database. The login module works fine. It check the username and
    password, add the user as a WLSUser-principal and add the groups
    relatated to the user as WLSGroup-principals to the subject. I
    am able to start the WLS only using my authentication provider,
    but if i want to login into the console i get following
    SecurityException:
    java.lang.SecurityException: Invalid Subject: principals=
    [system, Administrators]
    at weblogic.security.service.SecurityServiceManager.seal
    (SecurityServiceManager.java:893)
    at weblogic.security.service.RoleManager.getRoles
    (RoleManager.java:269)
    at
    weblogic.security.service.AuthorizationManager.isAccessAllowed
    (AuthorizationManager.java:608)
    at
    weblogic.servlet.security.internal.WebAppSecurity.hasPermission
    (WebAppSecurity.java:370)
    at
    weblogic.servlet.security.internal.SecurityModule.checkPerm
    (SecurityModule.java:125)
    at
    weblogic.servlet.security.internal.FormSecurityModule.checkUserPe
    rm(FormSecurityModule.java:328)
    at
    weblogic.servlet.security.internal.SecurityModule.beginCheck
    (SecurityModule.java:179)
    at
    weblogic.servlet.security.internal.FormSecurityModule.checkA
    (FormSecurityModule.java:167)
    at
    weblogic.servlet.security.internal.ServletSecurityManager.checkAc
    cess(ServletSecurityManager.java:185)
    at
    weblogic.servlet.internal.WebAppServletContext.invokeServlet
    (WebAppServletContext.java:2960)
    at weblogic.servlet.internal.ServletRequestImpl.execute
    (ServletRequestImpl.java:2466)
    at weblogic.kernel.ExecuteThread.execute
    (ExecuteThread.java:152)
    at weblogic.kernel.ExecuteThread.run
    (ExecuteThread.java:133)
    Seems to me, that the default role manager does not map the
    group Administrators to the role Admin, which is allowed to
    access the resource console. So, what i do wrong? Must i set
    additional credentials to the subject? Or must i use a special
    Principal class? Who can help me?
    Thanks in advance & greetings
    Dirk Fellenstein

  • WLI-8.1 Problem using external LDAP authenticaion provider

    I added a second authentication provider that uses iPlanet DS to authenticate. My external LDAP users show up in the WebLogic Server Admin Console, but they do not show up in the Integration Console's User Management section. I also can't authenticate through the Worklist app as one of the external users. Can anyone help?

    There is a patch available for this. pls. check with bea support.
    Kelly Graves <[email protected]> wrote:
    I added a second authentication provider that uses iPlanet DS to authenticate.
    My external LDAP users show up in the WebLogic Server Admin Console,
    but they do not show up in the Integration Console's User Management
    section. I also can't authenticate through the Worklist app as one
    of the external users. Can anyone help?

  • Problem with Iphone and telephone provider

    In October last year I bought Iphone 4 in T com Croatia. In the beggining of October 2012 Iphone 4 had a problem with charging. It says charging, but nothing happened. I gave Iphone to telephone provider in order to send it on service because of warranty. After three weeks no information about it. I went there, in T com Pozega, and after I asked about my Iphone, they said, nothing yet. OK, I will wait more, I said. After almoust 4 weaks I went again to t com office in Pozega. Now, again nothing, but person told me that they will contac service Mobis electronic in Zagreb to check. They called me by phone next day and told me that Iphone is out of order because something was spilled on it. Now. I have a big problem. On the Iphone nothing was spilled for sure from my side. I asked them who can garanty that something was not spilled during the time in the T com office or in service. They said, service has a picture to support their report. In other hand, they offer to me to pay 200 euros more, and they will give me new Iphone 4. Just to know, I paid already for Iphone 4 almoust 500 euros. I said no, I want Iphone back, and now I decide to go with another way. I will go to judge and try to get situation to my satisfaction. A lots of information, very bad, I got from other people, and they said, the picture what I received they are sending to everyone the same. And for them it is very easy to ask more money and no repairing with warranty. The picture which I received is nothing, no picture of Iphone, no IMEI, nothing. I hope, you can advice me what to do. I like Iphone so much, and as many people told me, contact Apple, they will help, I am doing that. So, please, help me. Just for your information, they asked 200 euros additional for new, but after that cheaf of T com section in Pozega told me, that normally they are giving new Iphone and no repairing. Why then my Iphone they sent to service. Probably in order to keep money for themselves. I cant do much against service because their words are last, even they are lying to people.
    your Sincerelly
    Damir Kalic
    D. Cesarica 8
    34000 Pozega
    email: [email protected]
    phone: +385993939933, +385992760033

    Getting into a legal battle will cost more than the 200 euros, so that may not provide a solution.  Go to the offices of T-Com and request their "official" first notification of a Customer caused failure of the iPhone.  Tell them you need it to pursue legal action against them for such an accusation and such a long-time to provide such an excuse for trying to extract additional money for your iPhone.  Try to talk with the Manager in charge of the location.  See if he/she is willing to negotiate to an agreeable settlement.  An iPhone 4 replacement should be available to them for far less than 200 euros at this point. 

  • Oracle XA driver problem with WLS 7.0.1.0, Oracle 9.0.1

    We are using simplified chinese, after swith to bea jdriver, it messed up
    all the encoding. So we cannot display Chinese character correctly.
    We are using WLS 7.0.1.0, Oracle 9.0.1 on both Windows and Solaris 8
    environment, BEA supplied JDK 1.3.1_03.
    We have many diffrent problems with oracle drivers:
    1. We want to use XA driver to support distributed transaction, However:
    * bea jdriver xa messes up with encoding
    * when using oracle 901 driver, everything works fince except webservices.
    Workshop application access the ejb, then the workshp application sets
    isolation level, but oracle driver does not support it and gives error. Is
    there a way to turn off isolation level in workshop? I tried manually edit
    weblogic-ejb-jar.xml, however,workshop cannot redeploy it after that.
    2. When not using XA, oracle thin driver works fine. But we lost XA
    capability.
    Any work around?

    I did try to change the value in this config file as well, but did not help.
    In fact, the installation default setting is with
    '<transaction-isolation-level>' commented out.
    And when I use bea oracle jdriver, it somehow messed up with database
    character set encoding, so our Chinese characters could not be retrieved
    correctly. And I try to set the encoding of jdriver to 'GBK', it did not
    work.
    "Anurag Pareek" <[email protected]> дÈëÏûÏ¢ÐÂÎÅ
    :[email protected]..
    Hello Ma,
    The transaction isolation level value for EJBs backing the JWS files is
    specified in the <transaction-isolation-level> tag in the
    WEB-INF/weblogic-jws-config.xml file of a Workshop project. You can
    manipulate this value to serve your purpose.
    Please do let me know how it goes.
    Regards,
    Anurag
    Workshop Support
    "Ma Jie" <[email protected]> wrote in message
    news:[email protected]..
    We are using simplified chinese, after swith to bea jdriver, it messed
    up
    all the encoding. So we cannot display Chinese character correctly.
    We are using WLS 7.0.1.0, Oracle 9.0.1 on both Windows and Solaris 8
    environment, BEA supplied JDK 1.3.1_03.
    We have many diffrent problems with oracle drivers:
    1. We want to use XA driver to support distributed transaction, However:
    * bea jdriver xa messes up with encoding
    * when using oracle 901 driver, everything works fince exceptwebservices.
    Workshop application access the ejb, then the workshp application sets
    isolation level, but oracle driver does not support it and gives error.Is
    there a way to turn off isolation level in workshop? I tried manuallyedit
    weblogic-ejb-jar.xml, however,workshop cannot redeploy it after that.
    2. When not using XA, oracle thin driver works fine. But we lost XA
    capability.
    Any work around?

  • Problems with WLS 4.5.1 and F5 Big IP HA+ Switch

    Hello. We're having problems with our F5 Big IP HA+ switch and pool of WLS
              4.5.1 servers (two in the pool currently). At seemly random intervals the
              Big IP believes the one or both of the servers are not responding, so they
              are removed from the pool. We have a growing body of anecdotal evidence to
              suggest that the servers are actually on-line and available during the
              event. Either the switch is confused or the WLS servers aren't always
              responding correctly to the HTTP requests sent by the switch for polling.
              We're having problems catching the problem with the right diagnostics.
              Has anyone out there observed similar behavior with these components?
              Thanks.
              - Sean McRae
              

    Sort of,
              I use iplanet between the 2, so I havent had this problem, but I have had
              several problems with clustering, here is what I recomend doing:
              write a simple java program (or whatever your prefered language) to do a HTTP
              ping on your distinct weblogic servers every X seconds/minutes where X is less
              than Big IPs death tolerance. Time how long/or if ever each of your pings take.
              turn on verbose gc.
              My guess is its one of 3 things:
              1.) your have a big gc going on and your server isnt responding quick enough
              and big ip is marking it dead
              2.) you have thread contention that is causing your server not to respond quick
              enough
              3.) your network has some issues and the packets arent making it there, or not
              quick enough.
              the ping program will prove/disprove #2 and lead you to or away from 3. Verbose
              gc will prove/disprove #1.
              hope this helps
              -Joel
              Sean wrote:
              > Hello. We're having problems with our F5 Big IP HA+ switch and pool of WLS
              > 4.5.1 servers (two in the pool currently). At seemly random intervals the
              > Big IP believes the one or both of the servers are not responding, so they
              > are removed from the pool. We have a growing body of anecdotal evidence to
              > suggest that the servers are actually on-line and available during the
              > event. Either the switch is confused or the WLS servers aren't always
              > responding correctly to the HTTP requests sent by the switch for polling.
              > We're having problems catching the problem with the right diagnostics.
              >
              > Has anyone out there observed similar behavior with these components?
              >
              > Thanks.
              >
              > - Sean McRae
              

  • ConnectionPool problems with WLS 7.0 and Oracle 9.2

    Hi,
    We are using WLS 7.0 SP4, and Oracle 9 and the Oracle thin driver type 4. In our
    application on the productive system (and only there) we constantly encounter
    a whole set of SQLExceptions which have all in common that the Connection from
    the pool is not valid any more when the application tries to use it.
    Typical, recurring error messages are:
    - Exhausted ResultSet
    - Connection has already been closed
    - Closed Statement
    - Transaction is no longer active - status committing
    - NullPointerException at
    weblogic.jdbc.pool.Connection.prepareStatement()
    There are no special Statements which create these errors. They are spread at
    random across practically every query the application creates, and the same queries
    sometimes succeed and sometimes fail.
    I double and triple checked that all Connections, Statements and ResultSets are
    closed immediately after use. As an example, I attached a code snippet and a resulting
    StackTrace which.
    The problem also seems to occur only with an (unknown) minimum of concurrent usern,
    since in the approval tests on an almost identical test system these errors never
    occurred.
    I also followed the advice from Oracle and installed the latest Oracle JDBC driver
    (Oracle 10g) - to no avail.
    What else can I do?
    Another question: Is it correct that my Oracle JDBC driver is in the application
    classpath (via a reference in the Manifest file of the application jar), not in
    the system classpath? There has never been a problem with that, but in a Newsgroup
    answer from Nov 10, 2003 (subject: "ResultSet closes prematurely"), Joe Weinstein
    suggested to "get it listed at the
    front of the -classpath argument that the startWebLogic script creates for the
    java line that starts the server".
    I hesitate to do so, since the driver is in a standard WebApp- directory, WEB-INF/lib.
    Is it possible and safe to add a jar located there to the system classpath? If
    it is possible, why is it necessary?
    Best regards,
    Andreas Zehrt
    [CodeSnippetsAndStackTraceForConnectionPoolProblem.txt]

    Andreas Zehrt wrote:
    Hi Joe,
    Your hint that there is a threading problem was right:
    On further investigation of the code I found out that the class that passes the
    Connection to the DAO not only stores it as a member at some point (which is not
    a good idea anyway) but is also a singleton - then, of course, it's no surprise
    that the Connection gets invalid in a incalculable way when concurrent threads
    share it.
    The singleton instantiation was not so obvious because the way of instantiation
    is controlled by a configuration parameter that can be overridden at different
    levels.
    I changed it and the productive logfiles indicate that the SQLExceptions related
    to that class have disappeared.I am happy to have helped.
    So, thanks a lot for the advice.
    But I am still wondering why this code has worked for so long a time with WLS
    5.1 and Oracle 8 (the system has been productive for over 2 years). Even in the
    approval tests with WLS 7.0 and Oracle 9, we did not run into problems, although
    it was multi-user environment.Mo idea.
    I still believe that there is a difference between WLS 5.1 and 7.0 in the way
    it treats pooled Oracle JDBC Connections. I wished both Oracle and Bea could be
    a little more explicit about those changes and possible version incompatabilities
    beyond the general advice "use the latest thin driver".Though I can think of no change to our pooling which would have had any material
    effect in this case, I will certainly do what I can to see that our documentation
    is explicit about changes.
    Joe
    Best regards, Andreas
    Joe Weinstein <[email protected]> wrote:
    Hi Andreas.
    Andreas Zehrt wrote:
    Hi,
    We are using WLS 7.0 SP4, and Oracle 9 and the Oracle thin driver type4. In our
    application on the productive system (and only there) we constantlyencounter
    a whole set of SQLExceptions which have all in common that the Connectionfrom
    the pool is not valid any more when the application tries to use it.
    Typical, recurring error messages are:
    - Exhausted ResultSetThat is typically if the statement that created it is either re-executed
    or closed.
    - Connection has already been closedAs described. If you give a stacktrace, we could make a debug patch which
    would show
    where it was originally closed.
    - Closed Statementsame as above.
    - Transaction is no longer active - status committingThat implies your code is obtaining a connection from a transactional
    datasource,
    and then later trying to use it after the transaction which it was associated
    with,
    is finished.
    - NullPointerException at
    weblogic.jdbc.pool.Connection.prepareStatement()Maybe any of the above.
    There are no special Statements which create these errors. They arespread at
    random across practically every query the application creates, andthe same queries
    sometimes succeed and sometimes fail.
    I double and triple checked that all Connections, Statements and ResultSetsare
    closed immediately after use. As an example, I attached a code snippetand a resulting
    StackTrace which.
    The problem also seems to occur only with an (unknown) minimum of concurrentusern,
    since in the approval tests on an almost identical test system theseerrors never
    occurred.
    I also followed the advice from Oracle and installed the latest OracleJDBC driver
    (Oracle 10g) - to no avail.
    What else can I do?
    Another question: Is it correct that my Oracle JDBC driver is in theapplication
    classpath (via a reference in the Manifest file of the applicationjar), not in
    the system classpath? There has never been a problem with that, butin a Newsgroup
    answer from Nov 10, 2003 (subject: "ResultSet closes prematurely"),Joe Weinstein
    suggested to "get it listed at the
    front of the -classpath argument that the startWebLogic script createsfor the
    java line that starts the server".
    I hesitate to do so, since the driver is in a standard WebApp- directory,WEB-INF/lib.
    Is it possible and safe to add a jar located there to the system classpath?If
    it is possible, why is it necessary?I was only concerned to ensure we know which driver we are working with.
    We also ship
    an oracle thin driver, which becomes obsolete soon...
    I am concerned that your code creates pool connections to be used later.
    The problems
    can arise if more than one thread ever gets the same connection, or if
    the connection
    is used in the same thread, spanning transactions. It does also seem
    that there may
    be a threading issue, because if two threads each call the code to create
    a connection,
    and two connections are made, but one over-writes the other, the two
    threads can
    end up using the same connection, and closing it. The over-written one
    never gets closed,
    resulting in that leak message you got...
    Joe
    The Connection parameter is opened by a business component class, ComaServiceProviderClassicImpl.It is propagated through
    several classes in the business layer, but not used, until the DAOtakes it to make the query.
    So, the Connection is closed where it was opened, not in the DAO class.
    public class ConcernDAOImpl extends BaseDAO {
         public Collection getConcernsForIncidents(Connection conn, Collectionincidents)
    throws DataAccessException, ConstraintException, ComaParseException{>
    sqlMessage.append(")");
    String sqlStmt = sqlMessage.toString();
    PreparedStatement pstmt = null;
    ResultSet rs = null;
    try {
    pstmt = conn.prepareStatement(sqlStmt);
    rs = pstmt.executeQuery();
    while (rs != null && rs.next()) {
    final Concern concern =
    new Concern(DAOUtil.getComaOID(rs, ComaDBNames.KDANR));
    concern.setIncidentOID(DAOUtil.getComaOID(rs, ComaDBNames.KDAVGENR));
    return concerns;
    } catch (SQLException sqle) {
    // Wrapps real SQL exception
    String[] message = new String[]{sqle.getMessage(), sqlStmt};
    throw new DataAccessException(ExpCode.S_ORACLE_SQL, message,
    sqle);
    } finally {
    closeAll(rs, pstmt);
    _logger.exitDebug(method);
    Here, the Connection is acquired and finally closed
    public class ComaServiceProviderClassicImpl {
         public void updateComplaint(
    final Request updateRequest,
    final ResponseSingleElement response,
    final Principal principal)
    throws SystemException {
    try {
    logger.info("updateComplaint", "store incident");
    // store the incident in the database
    incidentManager.storeIncident(getConnection(), updateIncident);
    // reload the incident from Cache and / or the databaseto get the ContactReferences.
    Incident returnIncident = incidentManager.loadIncident(//IncidentManager passes the Connection to the DAO
    getConnection(), updateIncident.getOID());
    } catch (RemoteException rex) {
    // remote exceptions
    rollbackIfNecessary();
    CoreUtils.unwrapRemoteException(rex, logger);
    } catch (SystemException e) {
    // all other exceptions --> rollback if necessary and rethrow
    rollbackIfNecessary();
    throw e;
    } finally {
    removeConnection();
    logger.exitDebug("updateComplaint");
    This is the resulting StackTrace:
    sql exception: [Closed Statement: next] - sql statement: [select *
         at de.deutschepost.ubbrief.coma.persistence.dao.ConcernDAOImpl.getConcernsForIncidents(ConcernDAOImpl.java:363)
         at de.deutschepost.ubbrief.coma.persistence.dao.CachingConcernDAOImpl.getConcernsForIncidents(CachingConcernDAOImpl.java:129)
         at de.deutschepost.ubbrief.coma.persistence.incidentmanager.IncidentManagerImpl.loadConcernStructuresIntoIncidents(IncidentManagerImpl.java:1067)
         at de.deutschepost.ubbrief.coma.persistence.incidentmanager.IncidentManagerImpl.loadStructureForIncident(IncidentManagerImpl.java:320)
         at de.deutschepost.ubbrief.coma.persistence.incidentmanager.IncidentManagerImpl.loadIncidents(IncidentManagerImpl.java:264)
         at de.deutschepost.ubbrief.coma.persistence.taskmanager.TaskManagerImpl.selectTasksForUser(TaskManagerImpl.java:299)
         at de.deutschepost.ubbrief.coma.service.z2.ComaServiceProviderZ2Impl.getTaskList(ComaServiceProviderZ2Impl.java:113)
         at de.deutschepost.ubbrief.coma.service.z2.ComaServiceProviderZ2Bean_1dhrj7_EOImpl.getTaskList(ComaServiceProviderZ2Bean_1dhrj7_EOImpl.java:154)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList.runServiceMethod(CMPGetTaskList.java:64)
         at de.deutschepost.ubbrief.coma.sbbx.sp.BasicMethodProvider.execute(BasicMethodProvider.java:145)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList_9b9mv5_EOImpl.execute(CMPGetTaskList_9b9mv5_EOImpl.java:46)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList_9b9mv5_EOImpl_WLSkel.invoke(UnknownSource)
         at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:159)
         at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:263)
         at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:230)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList_9b9mv5_EOImpl_WLStub.execute(UnknownSource)
         at de.deutschepost.ubbrief.backbone.jazz.impl.core.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:115)
         at de.deutschepost.ubbrief.backbone.common.impl.core.rpc.server.ServerKernelImpl.handleTransportMessage(ServerKernelImpl.java:270)
         at de.deutschepost.ubbrief.backbone.common.impl.core.messaging.MessageTransport.handleMessage(MessageTransport.java:454)
         at de.deutschepost.ubbrief.backbone.common.impl.core.KernelFacade.handleMessage(KernelFacade.java:209)
         at de.deutschepost.ubbrief.backbone.jazz.impl.backbone.BackboneBean.messageArrived(BackboneBean.java:637)
         at de.deutschepost.ubbrief.backbone.jazz.impl.backbone.BackboneBean_ina9d7_ELOImpl.messageArrived(BackboneBean_ina9d7_ELOImpl.java:105)
         at de.deutschepost.ubbrief.backbone.jazz.impl.transport.receive.LocalQueueReceiveBean.deliverMessage(LocalQueueReceiveBean.java:43)
         at de.deutschepost.ubbrief.backbone.jazz.impl.transport.receive.AbstractMessageReceiveBean.onMessage(AbstractMessageReceiveBean.java:127)
         at weblogic.ejb20.internal.MDListener.execute(MDListener.java:377)
         at weblogic.ejb20.internal.MDListener.transactionalOnMessage(MDListener.java:311)
         at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:286)
         at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:2351)
         at weblogic.jms.client.JMSSession.execute(JMSSession.java:2267)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:234)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:210)
    ####<May 26, 2004 12:18:43 PM CEST> <Warning> <JDBC> <S0048016> <REMA20Z><Finalizer> <kernel identity> <> <001074> <A JDBC pool connection leak
    was detected. A Connection leak occurs when a connection obtained from
    the pool was not closed explicitly by calling close() and then was disposed
    by the garbage collector and returned to the connection pool. The following
    stack trace at create shows where the leaked connection was created.
    Stack trace at connection create:
         at weblogic.jdbc.pool.Connection.<init>(Connection.java:66)
         at weblogic.jdbc.pool.Driver.allocateConnection(Driver.java:294)
         at weblogic.jdbc.pool.Driver.connect(Driver.java:210)
         at weblogic.jdbc.jts.Driver.getNonTxConnection(Driver.java:373)
         at weblogic.jdbc.jts.Driver.connect(Driver.java:129)
         at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:287)
         at de.deutschepost.ubbrief.coma.core.ComaComponentImpl.getConnectionFromPool(ComaComponentImpl.java:163)
         at de.deutschepost.ubbrief.coma.core.ComaComponentImpl.getConnectionInternal(ComaComponentImpl.java:135)
         at de.deutschepost.ubbrief.coma.core.ComaComponentImpl.getConnection(ComaComponentImpl.java:99)
         at de.deutschepost.ubbrief.coma.persistence.customermanager.CurryCustomerManagerImpl.findCustomers(CurryCustomerManagerImpl.java:73)
         at de.deutschepost.ubbrief.coma.service.z2.ComaServiceProviderZ2BaseImpl.resolveCustomerInstances(ComaServiceProviderZ2BaseImpl.java:808)
         at de.deutschepost.ubbrief.coma.service.z2.ComaServiceProviderZ2Impl.getTaskList(ComaServiceProviderZ2Impl.java:213)
         at de.deutschepost.ubbrief.coma.service.z2.ComaServiceProviderZ2Bean_1dhrj7_EOImpl.getTaskList(ComaServiceProviderZ2Bean_1dhrj7_EOImpl.java:154)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList.runServiceMethod(CMPGetTaskList.java:64)
         at de.deutschepost.ubbrief.coma.sbbx.sp.BasicMethodProvider.execute(BasicMethodProvider.java:145)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList_9b9mv5_EOImpl.execute(CMPGetTaskList_9b9mv5_EOImpl.java:46)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList_9b9mv5_EOImpl_WLSkel.invoke(UnknownSource)
         at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:159)
         at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:263)
         at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:230)
         at de.deutschepost.ubbrief.coma.sbba.z2.CMPGetTaskList_9b9mv5_EOImpl_WLStub.execute(UnknownSource)
         at de.deutschepost.ubbrief.backbone.jazz.impl.core.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:115)
         at de.deutschepost.ubbrief.backbone.common.impl.core.rpc.server.ServerKernelImpl.handleTransportMessage(ServerKernelImpl.java:270)
         at de.deutschepost.ubbrief.backbone.common.impl.core.messaging.MessageTransport.handleMessage(MessageTransport.java:454)
         at de.deutschepost.ubbrief.backbone.common.impl.core.KernelFacade.handleMessage(KernelFacade.java:209)
         at de.deutschepost.ubbrief.backbone.jazz.impl.backbone.BackboneBean.messageArrived(BackboneBean.java:637)
         at de.deutschepost.ubbrief.backbone.jazz.impl.backbone.BackboneBean_ina9d7_ELOImpl.messageArrived(BackboneBean_ina9d7_ELOImpl.java:105)
         at de.deutschepost.ubbrief.backbone.jazz.impl.transport.receive.LocalQueueReceiveBean.deliverMessage(LocalQueueReceiveBean.java:43)
         at de.deutschepost.ubbrief.backbone.jazz.impl.transport.receive.AbstractMessageReceiveBean.onMessage(AbstractMessageReceiveBean.java:127)
         at weblogic.ejb20.internal.MDListener.execute(MDListener.java:377)
         at weblogic.ejb20.internal.MDListener.transactionalOnMessage(MDListener.java:311)
         at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:286)
         at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:2351)
         at weblogic.jms.client.JMSSession.execute(JMSSession.java:2267)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:234)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:210)

  • Problem with Direct LDAP

    Hi Jay,
    I am having a problem with the switch to Direct LDAP. I am finally doing it on my production server. Using ldap 4.16 currently. Once I get this working I am upgrading to 5.2
    We have a server that holds messages until a user releases them. This server is called ewall.mydomain.com.
    They get a message in their inbox that allows them to click on a link to send the ewall server a message to release the held mail.
    the link would look like this:
    [email protected]
    (all on one line)
    This worked just fine in dirsync mode but after switching to Direct Ldap I get an 5.1.1 unknown or illegal alias when the user tries to send the message. If I switch back to dirsync mode it works fine again. Everything else is working fine.
    Any ideas?
    Thanks
    Don

    Well, it means that for some reason, your [email protected]
    user isn't being picked up in the direct ldap.
    It could be that your domain is "mydomain.com", and the user is in "ewall.mydomain.com". dirsync assumes that subdomains are part of an overall domain
    direct ldap doesn't, unless you set
    domain_uplevel=3 in your option.dat, and recompile

  • Having problem with client side Authentication.

    Hi,
    I am haveing a problem enabling client side authentication with SSL on
    weblogic 5.1.
    I have set up the .properties files as explained, however it appears
    my client is not sending a certificate back to the server. The same
    client however works perfectly (using the same keystore file) with a
    sample ClassFileSErver webserver from the jsse distribution. (the
    client is a very slightly modified version of
    SSLSocketClientWithClientAuth sample that comes with Jsse)
    Below I've included a section of the debug dump from the interactions.
    The only other difference I can see is the cipher suites offered by
    the servers.
    Weblogic offers type 0 or 9, and agrees on type 9
    (SSL_RSA_WITH_DES_CBC_SHA), whereas ClassFileServer offer type 0 or 5
    and settles on type 5 (SSL_RSA_WITH_RC4_128_SHA).
    I am using the same keystore for both examples. Both servers request
    an RSA client cert.... I'm out of ideas.
    Any help would be greatfully received.
    Cheers,
    Keith
    Debug dump information
    =====================================
    1/Weblogic server.
    *** CertificateRequest
    Cert Types: RSA,
    Cert Authorities:
    <CN=K H, OU=itsmobile, O=itsmobile, L=Dublin, ST=Dublin, C=ie>
    <[email protected], CN=Demo Certificate Authority,
    OU=Security, O=BEA WebLogic, L=San Francisco, ST=California, C=US>
    <CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification,
    ST=FOR TESTING PURPOSES ONLY, C=ZA>
    [read] MD5 and SHA1 hashes: len = 427
    0000: 0D 00 01 A7 01 01 01 A3 00 67 30 65 31 0B 30 09
    .........g0e1.0.
    0010: 06 03 55 04 06 13 02 69 65 31 0F 30 0D 06 03 55
    ..U....ie1.0...U
    0020: 04 08 13 06 44 75 62 6C 69 6E 31 0F 30 0D 06 03
    ....Dublin1.0...
    0030: 55 04 07 13 06 44 75 62 6C 69 6E 31 12 30 10 06
    U....Dublin1.0..
    0040: 03 55 04 0A 13 09 69 74 73 6D 6F 62 69 6C 65 31
    .U....itsmobile1
    0050: 12 30 10 06 03 55 04 0B 13 09 69 74 73 6D 6F 62
    .0...U....itsmob
    0060: 69 6C 65 31 0C 30 0A 06 03 55 04 03 13 03 4B 20
    ile1.0...U....K
    0070: 48 00 AC 30 81 A9 31 0B 30 09 06 03 55 04 06 13
    H..0..1.0...U...
    0080: 02 55 53 31 13 30 11 06 03 55 04 08 13 0A 43 61
    .US1.0...U....Ca
    0090: 6C 69 66 6F 72 6E 69 61 31 16 30 14 06 03 55 04
    lifornia1.0...U.
    00A0: 07 13 0D 53 61 6E 20 46 72 61 6E 63 69 73 63 6F ...San
    Francisco
    00B0: 31 15 30 13 06 03 55 04 0A 13 0C 42 45 41 20 57
    1.0...U....BEA W
    00C0: 65 62 4C 6F 67 69 63 31 11 30 0F 06 03 55 04 0B
    ebLogic1.0...U..
    00D0: 13 08 53 65 63 75 72 69 74 79 31 23 30 21 06 03
    ..Security1#0!..
    00E0: 55 04 03 13 1A 44 65 6D 6F 20 43 65 72 74 69 66 U....Demo
    Certif
    00F0: 69 63 61 74 65 20 41 75 74 68 6F 72 69 74 79 31 icate
    Authority1
    0100: 1E 30 1C 06 09 2A 86 48 86 F7 0D 01 09 01 16 0F
    .0...*.H........
    0110: 73 75 70 70 6F 72 74 40 62 65 61 2E 63 6F 6D 00
    [email protected].
    0120: 8A 30 81 87 31 0B 30 09 06 03 55 04 06 13 02 5A
    .0..1.0...U....Z
    0130: 41 31 22 30 20 06 03 55 04 08 13 19 46 4F 52 20 A1"0
    ..U....FOR
    0140: 54 45 53 54 49 4E 47 20 50 55 52 50 4F 53 45 53 TESTING
    PURPOSES
    0150: 20 4F 4E 4C 59 31 1D 30 1B 06 03 55 04 0A 13 14
    ONLY1.0...U....
    0160: 54 68 61 77 74 65 20 43 65 72 74 69 66 69 63 61 Thawte
    Certifica
    0170: 74 69 6F 6E 31 17 30 15 06 03 55 04 0B 13 0E 54
    tion1.0...U....T
    0180: 45 53 54 20 54 45 53 54 20 54 45 53 54 31 1C 30 EST TEST
    TEST1.0
    0190: 1A 06 03 55 04 03 13 13 54 68 61 77 74 65 20 54
    ...U....Thawte T
    01A0: 65 73 74 20 43 41 20 52 6F 6F 74 est CA Root
    main, READ: SSL v3.0 Handshake, length = 4
    *** ServerHelloDone
    [read] MD5 and SHA1 hashes: len = 4
    0000: 0E 00 00 00 ....
    main, SEND SSL v3.0 ALERT: warning, description = no_certificate
    main, WRITE: SSL v3.0 Alert, length = 2
    And below is a sample when I used the ClassFileServer.
    This time the client (same src) returned a certificate.
    2/ClassFileSErver (from Sun Jsse distribution)
    *** CertificateRequest
    Cert Types: DSS, RSA,
    Cert Authorities:
    <CN=K H, OU=itsmobile, O=itsmobile, L=Dublin, ST=Dublin, C=ie>
    [read] MD5 and SHA1 hashes: len = 114
    0000: 0D 00 00 6E 02 02 01 00 69 00 67 30 65 31 0B 30
    ...n....i.g0e1.0
    0010: 09 06 03 55 04 06 13 02 69 65 31 0F 30 0D 06 03
    ...U....ie1.0...
    0020: 55 04 08 13 06 44 75 62 6C 69 6E 31 0F 30 0D 06
    U....Dublin1.0..
    0030: 03 55 04 07 13 06 44 75 62 6C 69 6E 31 12 30 10
    .U....Dublin1.0.
    0040: 06 03 55 04 0A 13 09 69 74 73 6D 6F 62 69 6C 65
    ..U....itsmobile
    0050: 31 12 30 10 06 03 55 04 0B 13 09 69 74 73 6D 6F
    1.0...U....itsmo
    0060: 62 69 6C 65 31 0C 30 0A 06 03 55 04 03 13 03 4B
    bile1.0...U....K
    0070: 20 48 H
    *** ServerHelloDone
    [read] MD5 and SHA1 hashes: len = 4
    0000: 0E 00 00 00 ....
    matching client alias : rsakey
    *** Certificate chain

    Matt,
    Did you read this article:
    https://wiki.sdn.sap.com/wiki/display/BSP/Using%20Proxies
    This explains how to properly setup the HTTPURLLOC table.
    In your case you should have entries that look something like this:
    40 HTTP   * <internal host name> <https port>
    50 HTTPS * <external host name> <https port>
    In addition you need to run the report to determine if the proxy configuration is setup properly.  The URL should be run with the
    https://<externalhostname>/sap/bc/bsp/sap/system_test/test_proxy.htm
    Take care,
    Stephen

Maybe you are looking for

  • IPhone TO Mobileme TO iPhoto

    The chains of events is this Take pictures with iPhone...... Upload to a mobileme gallery....... then later when at home, open laptop, sync phone, importing all pictures taken that day Launch iphoto...... hoping to see new album appear under mobileme

  • Show values of a structure dinamically

    Hi, I'm trying to show the content of fields of a structure dinamically, that is show the content of the fields without knowing how many fields or the name of them, only the name of the structure. For the time being I'm only able to get the field' na

  • IPhoto pics from scans

    My husband is trying to scan pics and when iPhoto opens it says the pics scanned can not open in iphoto. They are jpeg format not sure what is up

  • Beats P099ND audio fluctuates on Windows 10

    Since ive upgraded my HP Beats laptop to Windows 10 the sound of the beats audio is terribly bad.THe audo fluctuates from soft to loud , is there an option to resolve this?

  • Runtime Compatibility Mode property

    Hello! I have a problem after the migration from Forms6i to Forms9i because there is no Runtime Compatibility Mode property anymore. In the previous version I used 4.5 value for that field because that was the only way to realise a sequance of trigge