SES Revocation causing M7021

Similar Messages

• Query to find which past ses caused ORA-1652: unable to extend temp segment

  Hi,
  I m trying to get information on the sessions/sql query that have cause ORA-1652: unable to extend temp segment from past 2 days. Basically need to know which all sessions in past 2 days have caused ORA-1652: unable to extend temp segment.
  I have generated the AWR report but not able to figure it out which sessions caused this error.
  Thanks in advance

  913410 wrote:
  Hi,
  I m trying to get information on the sessions/sql query that have cause ORA-1652: unable to extend temp segment from past 2 days. Basically need to know which all sessions in past 2 days have caused ORA-1652: unable to extend temp segment.
  I have generated the AWR report but not able to figure it out which sessions caused this error.
  Thanks in advance
  01652, 00000, "unable to extend temp segment by %s in tablespace %s"
  // *Cause:  Failed to allocate an extent of the required number of blocks for
  //          a temporary segment in the tablespace indicated.
  // *Action: Use ALTER TABLESPACE ADD DATAFILE statement to add one or more
  //          files to the tablespace indicated.

• Java Webstart application problem with TLS certificate revocation checks (Java 1.7.0_76)

  We have a problem with our Java Web Start Application regarding the TLS certificate revocation check:
  The application is running on a server within a wide area network which is separated from the internet.
  The application users have access to the WAN, and also access to the internet over some corporate proxy/firewall.
  The user has to enter, for example "https://my-site.de/myapp/ma.jnlp" within a webbrowser or could also call  "javaws https://my-site.de/myapp/ma.jnlp" to start the application client.
  The webserver has a certificate from a trusted certificate authority. This certificate seems to be ok, the browser is even configured to perform OCSP status check.
  The application files are signed with a certificate from another trusted certificate authority. This certificate seems also to be ok. Regarding this certificate there
  are no problems with certificate revocation checks.
  The problem is, while starting the application client there is a message box which tell us something like "the connection to this website ist not trustworthy",
  "Website: https://my-site.de:80", and something about an invalid certificate, meaning the webserver certificate.
  Obviously the jvm runtime, which is executed on the users workstation, tries to perform a revocation check for the webservers certificate, but this fails because
  it cannot fetch the certificate under https://my-site.de:80.
  The application will execute without further problems after that message but the users are very concerned about the "invalid" certificate, so here are my questions:
  - Why is the application trying to get the webserver certificate over Port 80. Our application developers told me, there is no corresponding statement. Calling this address
    has to fail while "https://my-site.de:443" or "https://my-site.de" would not have a problem.
  - Is there a way to make the application go on without performing a tls revocation check? I mean, by adjusting the application sourcecode and not by configuring the users Java Control Panel.
    While disabling the TLS Certificate Revocation check in the Java Control Panel, the Webstart Application executes without a warning message, but this is not a workable solution for
    our users.
  It would be great if someone can help me with a hint so i can send our developers into the right direction;-)
  Many thanks!
  This is a part from a java console output after calling "javaws -verbose https://my-site.de/myapp/"
  (sorry for this is in german... and also my english above)
  network: Verbindung von http://ocsp.serverpass.telesec.de/ocspr mit Proxy=HTTP @ internet-proxy.***:80 wird hergestellt
  network: Verbindung von http://ocsp.serverpass.telesec.de/ocspr mit Proxy=HTTP @ internet-proxy.***:80 wird hergestellt
  security: OCSP Response: GOOD
  network: Verbindung von http://ocsp.serverpass.telesec.de/ocspr mit Proxy=HTTP @ internet-proxy.***:80 wird hergestellt
  security: UNAUTHORIZED
  security: Failing over to CRLs: java.security.cert.CertPathValidatorException: OCSP response error: UNAUTHORIZED
  network: Cacheeintrag gefunden [URL: http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl, Version: null] prevalidated=false/0
  cache: Adding MemoryCache entry: http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl
  cache: Resource http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl has expired.
  network: Verbindung von http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl mit Proxy=HTTP @ internet-proxy.***:80 wird hergestellt
  network: Verbindung von http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl mit Proxy=HTTP @ internet-proxy.***:80 wird hergestellt
  network: ResponseCode für http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl: 200
  network: Codierung für http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl: null
  network: Verbindung mit http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl trennen
  CacheEntry[http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl]: updateAvailable=true,lastModified=Tue Mar 24 10:50:01 CET 2015,length=53241
  network: Verbindung von http://crl.serverpass.telesec.de/rl/TeleSec_ServerPass_CA_1.crl mit Proxy=HTTP @ internet-proxy.***:80 wird
  network: Verbindung von socket://ldap.serverpass.telesec.de:389 mit Proxy=DIRECT wird hergestellt
  security: Revocation Status Unknown
  com.sun.deploy.security.RevocationChecker$StatusUnknownException: java.security.cert.CertPathValidatorException: OCSP response error: UNAUTHORIZED
      at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)
      at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
      at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
      at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
      at com.sun.deploy.security.RevocationCheckHelper.checkRevocationStatus(Unknown Source)
      at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
      at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
      at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
      at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
      at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
      at sun.security.ssl.Handshaker.processLoop(Unknown Source)
      at sun.security.ssl.Handshaker.process_record(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
      at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
      at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
      at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
      at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
      at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
      at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
      at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
      at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source)
      at com.sun.deploy.cache.ResourceProviderImpl.checkUpdateAvailable(Unknown Source)
      at com.sun.deploy.cache.ResourceProviderImpl.isUpdateAvailable(Unknown Source)
      at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
      at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
      at com.sun.deploy.model.ResourceProvider.getResource(Unknown Source)
      at com.sun.javaws.jnl.LaunchDescFactory._buildDescriptor(Unknown Source)
      at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
      at com.sun.javaws.jnl.LaunchDescFactory.buildDescriptor(Unknown Source)
      at com.sun.javaws.Main.launchApp(Unknown Source)
      at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
      at com.sun.javaws.Main.access$000(Unknown Source)
      at com.sun.javaws.Main$1.run(Unknown Source)
      at java.lang.Thread.run(Unknown Source)
      Suppressed: com.sun.deploy.security.RevocationChecker$StatusUnknownException
          at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)
          ... 35 more
  Caused by: java.security.cert.CertPathValidatorException: OCSP response error: UNAUTHORIZED
      at sun.security.provider.certpath.OCSP.check(Unknown Source)
      at sun.security.provider.certpath.OCSP.check(Unknown Source)
      at sun.security.provider.certpath.OCSP.check(Unknown Source)
      ... 36 more
  security: Ungültiges Zertifikat vom HTTPS-Server
  network: Cacheeintrag nicht gefunden [URL: https://my-site.de:80, Version: null]

  Add the JSF Jars to the WEB-INF/lib directory of the application. If still getting error add to the CLASSPATH variable in the startWebLogic script in the domain/bin directory.

• Errors with SharePoint Security Token Service: "The revocation function was unable to check revocation for the certificate"

  I'm getting these errors in the eventlog and ULS, "An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root
  Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: <STS CERTIFICATE THUMBPRINT>\n\nErrors:\n\n RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate."
  The errors point to the SharePoint Security Token Service as the issue ("The revocation function was unable to check revocation for the certificate") reported back by the Topology service.  This is apparent when executing a search, accessing
  the managed metadata service, issuing SPSite commands in Powershell, or anything that needs to run through the "SharePoint Web Services" site.  I've looked at the certificate assigned to that site and everything appears to be in order. 
  It would seem to me to be either an incorrect endpoint configuration (internally cached perhaps?) or related to security access for the configuration database (in order to validate the certificate root).
  What I’ve tried so far:
  I’ve been all over the certificate settings, both in the server store, and within SharePoint Token Service config.  Both appear to be configured correctly such that the root CAs can be validated.
  Re-entered the passwords for the application pool domain accounts to eliminate these as a potential cause.  I’ve also verified the service accounts reporting the error, do have access to the configuration database.
  Re-provisioned the STS service to see if that might clear out any cached issues and validated everything else according to this
  MS Tech note.
  So far nothing has worked.  Is there anything else I could be looking at that I've missed? (Full eventlog detail below)
  Log Name:      Application
  Source:        Microsoft-SharePoint Products-SharePoint Foundation
  Date:          2/20/2015 11:19:41 AM
  Event ID:      8311
  Task Category: Topology
  Level:         Error
  Keywords:      
  User:          <SP SERVICE ACCOUNT>
  Computer:      <SHAREPOINTSERVER>
  Description:
  An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: <STS
  CERT THUMBPRINT>\n\nErrors:\n\n RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-SharePoint Products-SharePoint Foundation" Guid="{6FB7E0CD-52E7-47DD-997A-241563931FC2}" />
      <EventID>8311</EventID>
      <Version>14</Version>
      <Level>2</Level>
      <Task>13</Task>
      <Opcode>0</Opcode>
      <Keywords>0x4000000000000000</Keywords>
      <TimeCreated SystemTime="2015-02-20T17:19:41.213852500Z" />
      <EventRecordID>1611121</EventRecordID>
      <Correlation />
      <Execution ProcessID="10212" ThreadID="10328" />
      <Channel>Application</Channel>
      <Computer><SHAREPOINTSERVER></Computer>
      <Security UserID="<SP SERVICE ACCOUNT>" />
    </System>
    <EventData>
      <Data Name="string0">CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US</Data>
      <Data Name="string1">CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US</Data>
      <Data Name="string2"><STS CERT THUMBPRINT></Data>
      <Data Name="string3">RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.
  </Data>
    </EventData>
  </Event>

  Hi Darren,
  This problem seems to occur when an administrator deletes the local trust relationship of the farm from the Security section of the Central Administration website
  In order to resolve this problem, the local trust relationship has to be created. This can be done by running the following PowerShell commands
  $rootCert = (Get-SPCertificateAuthority).RootCertificate
  New-SPTrustedRootAuthority -Name "localNew" -Certificate $rootCert
  After running the above commands, perform an IISReset on all servers in the farm.
  More information:
  http://support.microsoft.com/kb/2545744
  Best Regards,
  Wendy
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Wendy Li
  TechNet Community Support

• Delete invoice for Service PO's where SES is not created - MR8M gives error

  Members,
  I have a strange situation at my client. They have created a service PO with S-based IV checked on the Invoice tab of PO. There is no Goods Receipt checked in the Delivey tab of the PO. They did not create any Service Entry Sheet (SES) for the service line items in the PO.
  At the time of invoicing using MIRO, the user invoiced against the PO reference as there was no SES reference (because SES was not created). User now wants to reverse this MIRO because he made some mistake.
  I tried reversing the invoice document using MR8M but it's giving error - "Invoice document 5105613514 cannot be processed further / Message no. M8422". In the possible causes, the error message explains that the corresponding service entry sheet may have been deleted. I strongly suspect this is the cause of getting this error - because since the SES was not created in the first place and as this is a service PO with S-based IV checked, SAP is looking for SES.
  Now my dilemma is how to cancel this incorrectly entered invoice using MIRO? What are the options that I have - a credit memo? a subsequent Credit? or some program to be executed? Please share your ideas/ experience in solving this issue.
  Thanks,
  car

  Hi,
  Add one more service line in the Service tab of the PO and order it (restrict it to Print if in Production).
  Now goto MR8M and cancel the old Invoice. (Folow instruction to delete line items under vendor through F-44)
  Come back and deltete the newely added service line from the PO.
  Flag the GR and GRbased IV indicators (as the Sr Based IV is greyed out) and order the PO (restrict it to Print if in Production).
  The next time you will have to first do the Service Entry before doing the Invoice.
  regards,
  MRao

• Security Alert / Revocation info for the sec cert since installing JRE 6u31

  We've been trying to keep up with getting the latest JRE client installed in our environment but since we rolled out update 31, our helpdesk is being flooded with calls with getting a popup box
  "Revocation information for the security certificate for this site is not available. Do you want to proceed?"
  Yes/No/View Certificate
  The cert is issued to javadl-esd-secure.oracle.com
  It affects all of our Windows users and all of which have IE 9, and it affects our standard users with no local admin rights and our SAs who do have local admin rights. Nothing on our network has changed other than going from update 30 to update 31.
  I saw a thread on this forum regarding this the day update 31 from another SA and he was having the exact same issue we were and a couple of people posted follow-ons to it ....now, when I go to that link I get "The specified message [10187748] was not found. "
  We've tried installing Java 7update 4 but that has its own problems.
  If we roll back to update 30, the problem goes away until the automatic updater starts nagging you to update.
  As far as what I've folktale answers I've found online:
  "make sure the time is set correctly" - check, we set time off an NTP hosted in our home state.
  "Silent installer is the problem" - Can't blame this - never used a silent installer - we've only installed via downloading the offline version of update 31, and use the web installer stub and both of those cause problems.
  Is there a way to fix this aside from going into every profile and changing the certificate purposes, or is Oracle going to get around to fixing their cert?

  Hello,
  We have spent some time looking into this and we are not able to reproduce this and suspect that it could be an issue on the machines were the installation is taking place, or due to a networking issue. This is not an attempt to just toss is back and say 'not our problem'. We were certainly concerned with this post and wanted to verify that our certs and the revocation list does not have issues.
  Third Party document on various causes for this error:
  http://www.brighthub.com/internet/security-privacy/articles/82291.aspx
  - Update Root certs
  - Time/date out of sync, lear SSL state
  - re-register the dll files
  Microsoft article about with possible issues, the article is limited to Windows 2000, though it may apply to other versions:
  http://support.microsoft.com/kb/308087
  - Clear the Automatically detect proxy
  - Use a proxy server for this connection, enter address and port number of the proxy server that you use
  Also, we found we were able to access the revocation list through our internet network as well as outside our network. Not being able to access the revocation list could be an issue. Here is that URL:
  http://crl.usertrust.com/USERTrustLegacySecureServerCA.crl
  If you are able to identify an issue with cert or if the above solutions do not resolve the issue, please update this thread. Also update the thread if one of these does indeed solve the issue. It is always good to share what worked with others who could be seeing the same issue.
  -Roger
  updated Mar 15, 2012 w/additional text and links.

• Help with installation ORACLE 11g  SES

  hi, i'm new at this, i was almost done with the configuring of a new instance of Oracle 11g, however i'm running into this error, when one of the assistants is executing. can any of you point out what should i try or what could be the cause of this problem. any help would be really appreciated.
  the error is this:
  oracle.search.config.wls.OESException: Error while executing actiong: "setup_all"
  Caused by: oracle.search.config.wlsOESException: The SES Backend is not up! Backend must be up to configure midtier
  at oracle.search.config.wls.SearchCtl.run(SearchCtl.java:1340)
  at oracle.search.config.wls.SearchCtl.main(SearchCtl.java:1384)
  caused by: oracle.search.config.wlsOESException: The SES Backend is not up! Backend must be up to configure midtier
  at oracle.search.config.wls.SearchCtl.setup.Midtier(SearchCtl.java:609)
  at oracle.search.config.wls.SearchCtl.setupAll(SearchCtl.java:1095)
  at oracle.search.config.wls.SearchCtl.run(SearchCtl.java:1266)
  ..... 1 more
  Error while executing action: "setup_all"

  ok, the version is 11.1.2.0.0 , OS CentOS 5.0(kernel 2.6.18-308.11.1.el5PAE) = , all system requirements were met prior to installation.

• SES posting via worklfow is failing

  Hi,
  Our SES acceptance workflow is failing to post an SES and returning error 'Field ESSR-BUDAT. is not an input field'. It uses a custom method from BO ZBUS2091, calling BDC in call transaction mode, calling txn ML81. The BDC returns the above message post execution.
  It is not getting replicated across any of the other systems. When I ran the BDC in mode 'A' in our test system, then this message is replicated only for the cases where the SES is in accepted state (as ML81 is obviously not expecting posting date or other fields as input since the SES is already accepted).
  I also referred the forum thread 'ESSR-BUDAT (Posting date) field not an input field' however, this config is already present in SPR.
  (P.S. Our system is recently upgraded to SPS9 service pack, however, the SPS team claims it is not an upgrade effect.)
  Please advice, thanks heaps.
  Rgds,
  Sagar

  All,
  The issue was that whenever the SES had an associated PR created from SRM (Contract) the service line item picked up the external ID field. This field gets greyed out whenever the posting is done via ML81 (BDC Call transaction) - this is as per the SAP logic implemented in SPS 9 upgrade pack. However, the BDC expects the field to be an input field, causing an error while posting.
  SAP has given a pilot OSS 1528756, causing Posting date field to be input always.
  Rgds,
  Sagar

• Invalid username or password when trying to start/stop SES

  I've recently taken over this project as the previous person left the company. Last week everything was running just fine. This week, when I tried to go to either the search page or the admin page, I see:
  Internet Explorer can not display the Webpage.
  It seems something died on the server.
  When I exectue the searchctl.bat, I get the following error.
  oracle.search.config.OESException: Error while executing action: "stopall"
  Caused by: oracle.search.config.OESException: Invalid username or password. Unable to connect to Oracle SES.
  at oracle.search.config.Ctl.run(Ctl.javva:2119)
  at oracle.search.config.Ctl.main(Ctl.java:2173)
  Caused by: oracle.search.config.OESException: Invalid username or password. Unable to connect to Oracle SES.
  I'm not promoted for a username/password so I don't know if it's trying to use my windows login or if it's reading from a config file somewhere. If it's the former, then I need to give myself access (I do have the admin username/password).
  Version info:
  Oracle Database 10g Enterprise Edition Release 10.1.0.5.0
  SES 10.1.8
  Windows Server 2002 SP 2
  The server was patched and restarted over the weekend.
  I also tried rebooting the server to see if it would automatically startup, and it didn't.
  Edited by: 903593 on Dec 20, 2011 4:00 PM

  Your directions were fine.
  The only admin account I have is eqsys, not sys. And this account was able to connect to the Admin page last week before the server restart.
  I entered
  sqlplus eqsys/[pwd] as sysdbaIt returns:
  SQL*Plus: Release 10.1.0.5.0 - Production on Wed Dec 21 08:04:01 2011
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  ERROR:
  ORA-01031: insufficient privileges
  Enter user-name:
  If I insetad enter
  sqlplus eqsys/[pwd]It connects just fine (but doesn't have sysdba privlege).
  So, of course if I enter
  SQL> startup
  I get
  ORA-01031: insufficient privileges
  Edited by: 903593 on Dec 21, 2011 8:12 AM

• Problem while creating Oracle Content Server source  in SES

  Hi,
  I am Integrating Oracle SES with UCM.Both UCM and Oracle SES are installed on the same machine.
  I have installed SESCrawlerExport compoent on UCM and also taken Snapshot of Repository.
  But when i am trying to create Oracle Content server Source in SES, it gives following exception.
  13:05:46:562 INFO     main          Crawling started at 10/15/09 1:05 PM
  13:05:47:578 INFO     main          URL manager connecting to Oracle...
  13:05:47:843 INFO     main          connected
  13:05:47:984 ERROR     main          EQG-31209: No security attribute defined for source (id=70)
       at oracle.search.crawler.WebCrawler.init(WebCrawler.java:631)
       at ImtCrawler.run(ImtCrawler.java:1954)
       at ImtCrawler.main(ImtCrawler.java:534)
  13:05:47:984 ERROR     main          EQG-30249: Crawler process aborted
  Please help me on the same.

  Thanks very much, Roger. That's very kind of you. The answer was very helpful. I've changed the host and realm accordingly, and altered the Authentication Type to BASIC (previously NATIVE).
  When I now try a crawl of UCM, it fails and the log file provides the debugging info listed at the bottom of this message. I've tried to research the exception type and have experimented by altering a few configuration values, but have so far failed to resolve the issue. Are you able to hazard a guess as to what could be causing it?
  The parameters I am using are listed below (I have only entered/changed values under the three tabs listed; any fields under those tabs which are omitted below have been left blank):
  Source Configuration
  Configuration URL: http://<hostname>/ucm/idcplg?IdcService=SES_CRAWLER_DOWNLOAD_CONFIG&source=feeds
  Authetication Type: BASIC
  Realm: ucm
  User ID: sysadmin
  Password: <password for sysadmin>
  Max connections: 3
  Authentication
  Host: <hostname>
  Realm: ucm
  Username: sysadmin
  Password: <password for sysadmin>
  Authorization
  ACLs controlled by Source
  HTTP endpoint: http://<hostname>/ucm/idcplg
  Display URL prefix: http://<hostname>/ucm
  Administrator user: sysadmin
  Administrator pw: <password for sysadmin>
  Display crawled version: true
  Authorization user ID format: username
  Use cached user and role info to authorize results: false
  Authentication Type: BASIC
  Realm: ucm
  Debugging info:
  09/10/23 11:29:05 oracle.search.admin.exception.DBSetException
  09/10/23 11:29:05      at oracle.search.admin.util.AdminObject.handleBackEndException(AdminObject.java:297)
  09/10/23 11:29:05      at oracle.search.admin.users.InstanceManager.isOwnerOfInstance(InstanceManager.java:497)
  09/10/23 11:29:05      at schedules.schedules._jspService(_schedules.java:551)
  09/10/23 11:29:05      at com.orionserver.http.OrionHttpJspPage.service(OrionHttpJspPage.java:59)
  09/10/23 11:29:05      at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:462)
  09/10/23 11:29:05      at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:594)
  09/10/23 11:29:05      at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:518)
  09/10/23 11:29:05      at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  09/10/23 11:29:05      at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:713)
  09/10/23 11:29:05      at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:221)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:122)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:111)
  09/10/23 11:29:05      at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
  09/10/23 11:29:05      at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:234)
  09/10/23 11:29:05      at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:29)
  09/10/23 11:29:05      at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:879)
  09/10/23 11:29:05      at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
  09/10/23 11:29:05      at java.lang.Thread.run(Thread.java:534)
  09/10/23 11:29:05 oracle.search.admin.exception.DBSetException
  09/10/23 11:29:05      at oracle.search.admin.util.AdminObject.handleBackEndException(AdminObject.java:297)
  09/10/23 11:29:05      at oracle.search.admin.users.InstanceManager.isOwnerOfInstance(InstanceManager.java:497)
  09/10/23 11:29:05      at control.error._jspService(_error.java:543)
  09/10/23 11:29:05      at com.orionserver.http.OrionHttpJspPage.service(OrionHttpJspPage.java:59)
  09/10/23 11:29:05      at oracle.jsp.runtimev2.JspPageTable.service(JspPageTable.java:462)
  09/10/23 11:29:05      at oracle.jsp.runtimev2.JspServlet.internalService(JspServlet.java:594)
  09/10/23 11:29:05      at oracle.jsp.runtimev2.JspServlet.service(JspServlet.java:518)
  09/10/23 11:29:05      at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  09/10/23 11:29:05      at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:713)
  09/10/23 11:29:05      at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:221)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:122)
  09/10/23 11:29:05      at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:111)
  09/10/23 11:29:05      at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
  09/10/23 11:29:05      at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
  09/10/23 11:29:05      at java.lang.Thread.run(Thread.java:534)
  Thanks again.

• SES installation problems

  I'm installing SES on windows and linux.
  I installed ses10.1.8 on windows XP. Everything is ok during the installation. But I can't open the search page and the admin page after the insatallation. What's the probem?
  And I install SES 11.1.2 on linux64, but it failed during the "Configuration Assistant" process. It seems that it can't find the file /DB/app/oracle/11.2.0/seshome/seshome/search/webapp/SESAuthenticator.jar
  What's the problem? I just follow the installation instructions step by step.
  The enviroment setting are:
  ORACLE_BASE="/DB/app/oracle/11.2.0"
  ORACLE_HOME=="/DB/app/oracle/11.2.0/seshome"
  Thanks very much!
  Edited by: user13114260 on 2010-5-31 下午11:00

  Thanks chandruthala.
  I still have some problems on the installation. The process failed during the "Oracle Search Configuration Assistant". I read the installation log and find the following message:
  "oracle.search.config.wls.OESException: 执行以下操作时出错: "setup_all"
  根源: java.io.FileNotFoundException: /home/orases/oracle/product/11.1.2.0.0/ses2/seshome/search/webapp/SESAuthenticator.jar (No such file or directory)
       at oracle.search.config.wls.SearchCtl.run(SearchCtl.java:1340)
       at oracle.search.config.wls.SearchCtl.main(SearchCtl.java:1384)
  Caused by: java.io.FileNotFoundException: /home/orases/oracle/product/11.1.2.0.0/ses2/seshome/search/webapp/SESAuthenticator.jar (No such file or directory)
       at java.io.FileInputStream.open(Native Method)
       at java.io.FileInputStream.<init>(FileInputStream.java:106)
       at java.io.FileInputStream.<init>(FileInputStream.java:66)
       at oracle.search.config.wls.WLSCtl.copyCustomSecurityProvider(WLSCtl.java:590)
       at oracle.search.config.wls.SearchCtl.setupMidtier(SearchCtl.java:597)
       at oracle.search.config.wls.SearchCtl.setupAll(SearchCtl.java:1095)
       at oracle.search.config.wls.SearchCtl.run(SearchCtl.java:1266)
       ... 1 more"
  It seems that it needs "SESAuthenticator.jar ". How can I get this file and solve this problem?
  Thanks a lot.

• Certificate Revocation on SAP Web Dispatcher

  We have recently set up X.509 Certificate based authentication. The SSL handshake is performed by the Web Dispatcher. Requests are forwarded to SAP Netwewaver 2004s Portal with the certificate in the header field. All of this works "as advertised". Certificates are created by an OpenSSL based CA with the proper extensions and are mapped to UME accounts.
  Now we want add the ability to revoke certificates. One reason is, that even if a certificate is no longer mapped to an account, the Portal will still allow the user to log in and use the certificate. The certificate is not stored in the UME, but for the time of the session it looks as if the user did authenticate with a certificate.
  We have added the CRL distribtion point extension ot a certificate. We can see that the CRL is downloaded from this site. It shows up in the certificate revocation service page. However, all revoked certificates still work.
  The same CRL works correctly on an Apache test server. Here a revoked client certificate will already cause the SSL handshake to fail.
  Does it help us to have the CRL installed to the Portal server? Or is it necessary to set up revocation on the Web Dispatcher? Does the Web Dispatcher support certificate revocation at all? If yes, where does it get the CRL from? Does the CRL have to meet certain requirements in addition to the ones defined in RFC 3280?

  >
  Niels Carstensen wrote:
  > OSS ticket is pending.
  >
  > But if the Web Dispatcher accepted the revoked certificate for the SSL handshake, the Portal will just not authenticate the user. It will, however, allow the user to map the certificate to his account. This even seems to happen, if the CertPersisterLoginModule has been removed from the login stack. So all of a sudden the user can login with username password, and at the same time present the (invalid!) certificate to the applications...
  That indeed sounds like a bug - so it was a good idea to submit a support message.
  Regards, Wolfgang
  PS: I still believe that certificate revocation should be customizable on a per-application level ("application" in this context refers to "usage type": the same certificate might be used for different purposes: SSO, digital signature, encryption, S/MIME, ...). Furthermore, some of the certificate revocation mechanisms have a negative performance impact so they might be used with care. Take the payment card validation as an example: depending on the purchase amount you might be prompted for an online validation (requires to enter your PIN) and sometimes you simply need to sign-off a piece of paper - the decision is up to the shop operator and depends on the related costs (for online validation) which is comparable to "performance impacts" in our case).

• New to  Webcenter Search- Oracle SES or WebCenter live search adapters.

  Hi
  We are planing to implement the search functionality for Webcenter .
  As per the Developer's guide WebCenter provides two ways of searching your application:
  ■ Oracle Secure Enterprise Search (SES) adapter
  ■ Oracle WebCenter live search adapters
  Documents service provides its own search engine for file searches.(Is it only for file search ? What kind of Files ?)
  - Can you provide the the differences between the three searches (SES , live search , Document Service)?
  - Where can i find the refernces for implementing WebCenter live search adapters?
  - What are the search functionality that WebCenter live search adapters provide?
  -What are the benifts of using Oracle SES over WebCenter live search adapters ?
  - What is that we cannot do with WebCenter live search adapters but with Oracle SES ? and the other way round.
  Edited by: 887508 on Sep 28, 2011 9:46 PM

  Hi Dani,
  Eventually I found the problem, it is reported in Oracle Support as Doc ID 1503173.1.
  It seems jDeveloper is a bit special when adding Directories to the MAR file. If the whole directory "/oracle" is added, the adf-config.xml introduces the following line:
  namespace metadata-store-usage="WebCenterFileMetadataStore" path="/oracle"/
  As a result, this diverts all /oracle/... file and class requests to MDS, which causes failures.
  So when editing the MAR deployment profile be careful to select the sub-directories under /oracle/webcenter/portalapp/ one by one.
  Added to this, I had to perform the cleaning process you suggested to make it work too, otherwise I get a different error...
  Final steps are:
  1. Undeploy application.
  2. Delete MDS partition.
  3. Shutdown managed server.
  4. Delete /cache and /tmp content for the managed server.
  5. Start managed server.
  6. Exectute Clean all in jDeveloper.
  7. Create a new mar deployment as described in SR 1503173.1.
  8. Deploy to EAR file.
  9. Deploy new application to managed server using Enterprise Manager.
  And it works!
  Thanks for your help!

• The problem when i install SES 10.1.3

  I install ORACLE SES 10.1.3 in virtual machine.
  The physical os is WINDOW 2003 SERVER,the vmware version is VMWARE GSX SERVER V3.1,and the vm os is win 2000 server.
  First, I install AS 10.1.3 , everything is ok. After thatI install SES , when i goto choose "Select Installation Type" step, the problem tell me contact oracle technique,and the related error is:
  Exception java.lang.ExceptionInInitializerError occurred..
  java.lang.ExceptionInInitializerError
       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
       at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
       at java.lang.Class.newInstance0(Class.java:350)
       at java.lang.Class.newInstance(Class.java:303)
       at oracle.sysman.oii.oiix.OiixJarResourceBundle.extractBundle(OiixJarResourceBundle.java:332)
       at oracle.sysman.oii.oiis.OiisLibraryLoader.<init>(OiisLibraryLoader.java:116)
       at oracle.sysman.oii.oiis.OiisQueryLibLoader.<init>(OiisQueryLibLoader.java:41)
       at oracle.sysman.oii.oiic.OiicInstallSession.getLibLoader(OiicInstallSession.java:3077)
       at oracle.sysman.oii.oiic.OiicPullSession.getQueryLibLoader(OiicPullSession.java:3865)
       at oracle.sysman.oii.oiis.OiisCompContext.doQuery(OiisCompContext.java:2406)
       at Components.oracle.edge.server.standalone.v10_1_3_0_0.CompContext.getCalculatedValueObject_PRE_REQUISITE(Unknown Source)
       at Components.oracle.edge.server.standalone.v10_1_3_0_0.CompContext.getCalculatedValueObject(Unknown Source)
       at oracle.sysman.oii.oiis.OiisCompContext.getCalculatedValue(OiisCompContext.java:656)
       at oracle.sysman.oii.oiis.OiisPreRequisiteVar.getCalculatedValue(OiisPreRequisiteVar.java:155)
       at oracle.sysman.oii.oiis.OiisVariable.setVariable(OiisVariable.java:2162)
       at oracle.sysman.oii.oiis.OiisVariable.setVariable(OiisVariable.java:1893)
       at oracle.sysman.oii.oiis.OiisCompInstallation.getPreRequisite(OiisCompInstallation.java:822)
       at oracle.sysman.oii.oiis.OiisCompInstallation.getContext(OiisCompInstallation.java:509)
       at oracle.sysman.oii.oiio.oiiod.OiiodDepEngine.checkPreReq(OiiodDepEngine.java:5119)
       at oracle.sysman.oii.oiio.oiiod.OiiodDepEngine.applySelection(OiiodDepEngine.java:3541)
       at oracle.sysman.oii.oiio.oiiod.OiiodDepEngine.depModeApply(OiiodDepEngine.java:2708)
       at oracle.sysman.oii.oiif.oiifw.OiifwPostDepModesWCCE.doOperation(OiifwPostDepModesWCCE.java:339)
       at oracle.sysman.oii.oiif.oiifb.OiifbCondIterator.iterate(OiifbCondIterator.java:162)
       at oracle.sysman.oii.oiic.OiicDepWizEngine.doOperation(OiicDepWizEngine.java:358)
       at oracle.sysman.oii.oiif.oiifb.OiifbCondIterator.iterate(OiifbCondIterator.java:162)
       at oracle.sysman.oii.oiic.OiicPullSession.doOperation(OiicPullSession.java:970)
       at oracle.sysman.oii.oiic.OiicSessionWrapper.doOperation(OiicSessionWrapper.java:232)
       at oracle.sysman.oii.oiic.OiicInstaller.run(OiicInstaller.java:399)
       at oracle.sysman.oii.oiic.OiicInstaller.runInstaller(OiicInstaller.java:717)
       at oracle.sysman.oii.oiic.OiicInstaller.main(OiicInstaller.java:628)
  Caused by: java.util.MissingResourceException: Can't find bundle for base name resources/libRes, locale zh_CN
       at java.util.ResourceBundle.throwMissingResourceException(ResourceBundle.java:837)
       at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:806)
       at java.util.ResourceBundle.getBundle(ResourceBundle.java:550)
       at OiJarResourceLoader.<clinit>(Unknown Source)
       ... 32 more
  But when I install SES in physical machine with win2000 server, everything is ok!
  asking for help!
  think u!

  zerapat:
  I guess you were installing SES 10.1.3.0 on SOA Suite 10.1.3.1. I met this exact problem. This error is thrown at the stage to deploy edge application.
  If installing SES 10.1.3.1 on SOA Suite 10.1.3.1, the application will be deployed successfully, but it will fail at the stage to configure JNDI name for the datasource. The reason is just what mentioned by tomaszhaase. But we can finish the installation wizard and manually configure the datasource in Enterprise Control.

• Help,runtime exception when using oracle ses 11g

  development environment is myeclipse 8.5 , jdk1.6 , oracle ses 11g is installed on centos .
  I use the query web service example in oracle ses 11g administrator's guide to test ses 11g.
  I added wseeclient.jar,ant.jar and search_client.jar to my projects .
  the project is compiled successfully, however, A runtime exception occured when runing the project :
  Exception in thread "main" java.lang.NoClassDefFoundError: weblogic/descriptor/DescriptorManager
       at oracle.search.query.webservice.client.OracleSearchService.<clinit>(OracleSearchService.java:58)
       at client.SESClient.main(SESClient.java:8)
  Caused by: java.lang.ClassNotFoundException: weblogic.descriptor.DescriptorManager
       at java.net.URLClassLoader$1.run(URLClassLoader.java:200)
       at java.security.AccessController.doPrivileged(Native Method)
       at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
       at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
       at java.lang.ClassLoader.loadClass(ClassLoader.java:252)
       at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320)
  The code is listed blow :
  package client;
  import oracle.search.query.webservice.client.*;
  public class SESClient {
       public static void main(String[] args) throws Exception {
            // runtime exception occured : java.lang.ClassNotFoundException: weblogic.descriptor.DescriptorManager
  // when create the object OracleSearchService
            OracleSearchService stub = new OracleSearchService();
            stub.setSoapURL("http://59.77.132.154:7777/search/query/OracleSearch");
            OracleSearchResult result = stub.doOracleSearch("fzu site:www.fzu.edu.cn", 1,
                      Integer.MAX_VALUE, Boolean.TRUE, Boolean.TRUE, null, "zh",
                      "zh", Boolean.TRUE, null, null, null);
            int estimatedHitCount = result.getEstimatedHitCount().intValue();
            if (estimatedHitCount == 0)
                 System.out.println("No Result!");
            else {
                 ResultElement[] resElemArray = result.getResultElements();
                 for (int i = 0; i < resElemArray.length; ++i) {
                      System.out.println(resElemArray.getTitle() + ":"
                                + resElemArray[i].getUrl());
                      System.out.println("-----------------------------------------------------------");

  I have a reason to believe that my anti virus scanner is modifying the jar file.
  I had initially downloaded the jar file from sourceforge. It had the com.iwss.... package.
  Now i dowloaded the file in zip format and that package is not there in the zip file. But i have a new problem now.
  My eclispe just crashed with the following error message.
  JVM terminated. Exit code=1
  D:\Oracle\product\10.1.0\Client_2\jre\1.4.2\bin\javaw.exe
  -Xms40m
  -Xmx256m
  -jar C:\eclipse\startup.jar
  -os win32
  -ws win32
  -arch x86
  -launcher C:\eclipse\eclipse.exe
  -name Eclipse
  -showsplash 600
  -exitdata 1bc_74
  -vm D:\Oracle\product\10.1.0\Client_2\jre\1.4.2\bin\javaw.exe
  -vmargs
  -Xms40m
  -Xmx256m
  -jar C:\eclipse\startup.jar