SWS 7.0U1 Custom Session Store

Is there a way to write a custom session store for SWS 7.0U1? The documentation seems to state that there is a way and the DTD shows a type of 'custom' as an accepted type, but there doesn't seem to be any other information about it. If I attempt write something implementing the SessionDataStore that comes in the examples directories the IWSHttpSession class seems to be not available to build again.
Is it where I have to go back and write against the even more deprecated IWS 6.0 Session Manager codebase and plug my own Session Manager in there if I don't want an in-memory, File or JDBC based Session Manager or Session Store?
-steve

Yes, that document. Under where it says :
"File Session Manager
The file is another file-system-based session manager provided with Web Server. For session persistence, file can use a file to which each session is serialized. You can also create your own persistence mechanism."
I was assuming that the "You can also create your own persistence mechanism." meant something along the lines of being able to look at the FileStore.java example code and then create a MemcachedStore.java and possibly somehow use the 'custom' type as defined in the DTD (sun-web-app_2_5-0.dtd) for persistence-manager and possibly a class definition and that _store would be used by the Session Manager to store off the sessions. The problem is that when compiled against the webserv-rt.jar that comes with SWS7.0U1 it says that IWSHttpSession is unavailable.
So now I'm assuming that you pretty much just have to go and create a MemcachedSessionManager along with a MemcachdSession and plug it in there utilizing the deprecated IWS 6.0 mechanism.
-steve

Similar Messages

Custom Session Manager in SJS EWS 6.1, not IWSSessionManager

Now that the IWSSessionManager is deprecated in Enterprise Web Server 6.1, and their is no other persistant server-server session storing Session Managers shipped with Sun Web Server Enterprise 6.1 (file based storage does not count), I would like to know if anyone knows how to configure a custom session manager into the sun-web.xml file (not using IWSSessionManager).
I want to create my own session manager using JGroups multicast, or even JDBC as the persistant store. And I want to be able to use it with the next major version of Enterprise Web Server in addition to the current 6.1 version.
We own Enterprise Application Server, and I also see in GlowFish that a CUSTOM session manager can be configured. So I am betting the SJS Enterprise Web Server also has the same capabilities, but it is not published in the documentation.
Anyone have the real scoop on this matter?
-RG

In the previous post,
I meant GlassFish, not GlowFish.

Servlet/jsp & custom sessions

          Our app is using custom sessions with most of the data stored in
          ejbeans. We can't really use http sessions
          as multiple 'http' sessions may end up using the same set of beans which
          make up our own 'application defined'
          session. As the set of beans making up one session are typically located
          on the same host, we'd like to make sure
          that all requests using them are processed on the respecting host.
          I understand now that performing some kind of 'servlet-chaining' in
          order to forward a request to the correct host
          is a bad idea. Our current solution is to wrap the processing of the
          request into a ejbean which is made available
          throughout the cluster by adding a reference into the jndi tree (using
          the beans allows us to ensure that sessions time
          out when necessary.) What i don't like about this approach is that there
          is no way to write a simple servlet or jsp
          pages as direct access to the servlet interface is lost (a copy of the
          servlet-related data could be sent to the bean
          on remote host, but that's expensive and ends up in something similar to
          servlet-chaining.)
          Does any know of possibilities to solve this problem a little bit more
          elegantly? Essentially i'd like to run servlet and
          jsp pages on top of our 'application defined' sessions, efficiently
          working in a cluster.
          Thanks a lot for any suggestions,
          roman


          thank's for your reply!
          the whole thing is not really related to ejb, i'm just using it as a
          workaround.
          it's actually a gross misuse of ejb...
          the main issue is that i'd like to be able to write jsp pages and store
          per-session
          information in a object other than the HttpSession. i cannot use the
          HttpSession
          because one session in our application does not necessarily correspond
          to one http
          session.
          so far the solution is trivial; i just keep keep a reference to the
          session data
          in the jndi tree. for each request, i can find the data with one jndi
          lookup. it
          even works on a cluster by using remote objects and a replicated jndi
          tree (thank
          you, weblogic!)
          but, for efficiency, i'd also like to process each request on the same
          host where
          the session data is stored... how can i do that without servlet
          chaining?
          roman
          Prasad Peddada wrote:
          >
          > It is not quite clear to me what you are trying to do here.
          >
          > What type of ejbs are you talking about?
          >
          > Roman Puttkammer wrote:
          >
          > > Our app is using custom sessions with most of the data stored in
          > > ejbeans. We can't really use http sessions
          > > as multiple 'http' sessions may end up using the same set of beans which
          > > make up our own 'application defined'
          > > session. As the set of beans making up one session are typically located
          > > on the same host, we'd like to make sure
          > > that all requests using them are processed on the respecting host.
          > >
          > > I understand now that performing some kind of 'servlet-chaining' in
          > > order to forward a request to the correct host
          > > is a bad idea. Our current solution is to wrap the processing of the
          > > request into a ejbean which is made available
          > > throughout the cluster by adding a reference into the jndi tree (using
          > > the beans allows us to ensure that sessions time
          > > out when necessary.) What i don't like about this approach is that there
          > > is no way to write a simple servlet or jsp
          > > pages as direct access to the servlet interface is lost (a copy of the
          > > servlet-related data could be sent to the bean
          > > on remote host, but that's expensive and ends up in something similar to
          > > servlet-chaining.)
          > >
          > > Does any know of possibilities to solve this problem a little bit more
          > > elegantly? Essentially i'd like to run servlet and
          > > jsp pages on top of our 'application defined' sessions, efficiently
          > > working in a cluster.
          > >
          > > Thanks a lot for any suggestions,
          > > roman

Cannot load classes for custom user store

I implemented a custom user store and deployed as sda library into NetWeaver preview SP16. NetWeaver is not able to load those classes when configuring that user store through Visual Administrator. Below is the error message I got,
Unable to register user store!
java.lang.SecurityException: com.sap.engine.services.security.exceptions.BaseSecurityException: Can not instantiate UserContext.
     at com.sap.engine.services.security.server.UserStoreImpl.<init>(UserStoreImpl.java:78)
     at com.sap.engine.services.security.server.UserStoreFactoryCache.registerUserStore(UserStoreFactoryCache.java:120)
     at com.sap.engine.services.security.server.UserStoreFactoryImpl.registerUserStore(UserStoreFactoryImpl.java:150)
     at com.sap.engine.services.security.userstore.RemoteUserStoreFactoryImpl.registerUserStore(RemoteUserStoreFactoryImpl.java:64)
     at com.sap.engine.services.security.userstore.RemoteUserStoreFactoryImplp4_Skel.dispatch(RemoteUserStoreFactoryImplp4_Skel.java:99)
     at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:304)
     at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:193)
     at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:122)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Caused by: java.lang.ClassNotFoundException: mypackage.myusercontextimpl
Found in negative cache
Loader Info -
ClassLoader name: [common:library:com.sap.security.api.sda;library:com.sap.security.core.sda;library:security.class;library:webservices_lib;service:adminadapter;service:basicadmin;service:com.sap.security.core.ume.service;service:configuration;service:connector;service:dbpool;service:deploy;service:jmx;service:jmx_notification;service:keystore;service:security;service:userstore]
Parent loader name: [Frame ClassLoader]
References:
   library:com.sap.ip.basecomps
   library:core_lib
   common:library:IAIKSecurity;library:activation;library:mail;library:tcsecssl
   library:servlet
   library:sapxmltoolkit
   library:com.sap.mw.jco
   library:com.sap.util.monitor.jarm
   library:j2eeca
   library:opensql
   interface:security
   interface:log
   interface:shell
   interface:keystore_api
   library:ejb20
   interface:webservices
   library:com.sap.guid
   interface:appcontext
   interface:endpoint_api
   interface:resourceset_api
   interface:resourcecontext_api
   common:service:iiop;service:naming;service:p4;service:ts
   interface:ejbcomponent
   interface:container
   interface:visual_administration
   interface:transactionext
   interface:dsr_ejbcontext_api
   service:timeout
   library:tc~jmx
   interface:cross
   service:file
   service:locking
   library:tcSLUTIL
   service:memory
   library:antlr
   library:jdbdictionary
   library:opensqlextensions
Resources:
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\dbpool\dbpool.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\basicadmin\basicadmin.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_compat.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\adminadapter\adminadapter.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\basicadmin\jstartupimpl.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\jmx_notification\jmx_notification.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\security\security.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\com.sap.security.core.ume.service\com.sap.security.core.ume.service.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_saml_toolkit_api.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_userstore_lib.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\webservices_lib\webservices_lib.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\basicadmin\jstartupapi.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_jaas_test.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\dbpool\sqljimpl.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\com.sap.security.core.sda\com.sap.security.core.tpd.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\com.sap.security.api.sda\com.sap.security.api.perm.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\connector\connectorimpl.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\webservices_lib\saaj-api.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\configuration\configuration.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_saml_jaas.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_saml_xmlbind.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_saml_util.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_csi.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_saml_toolkit_core.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_ssf.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\userstore\userstore.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_https.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_saml_service_api.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\webservices_lib\jaxrpc-api.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\dbpool\opensqllib.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\deploy\deploy.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\security.class\tc_sec_jaas.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\jmx\jmx_sec.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\com.sap.security.api.sda\com.sap.security.api.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\com.sap.security.core.sda\com.sap.security.core.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\jmx\jmx.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\ext\webservices_lib\jaxm-api.jar
   C:\usr\sap\J2E\JC00\j2ee\cluster\server0\bin\services\keystore\keystore.jar
Loading model: {parent,local,references}
     at com.sap.engine.frame.core.load.ReferencedLoader.loadClass(ReferencedLoader.java:348)
     at com.sap.engine.services.security.server.UserStoreImpl.<init>(UserStoreImpl.java:75)
     ... 13 more
     at com.sap.engine.services.security.exceptions.BaseSecurityException.writeReplace(BaseSecurityException.java:349)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at java.io.ObjectStreamClass.invokeWriteReplace(ObjectStreamClass.java:896)
     at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1011)
     at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:278)
     at com.sap.engine.services.rmi_p4.DispatchImpl.throwException(DispatchImpl.java:139)
     at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:306)
     at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:193)
     at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:122)
     at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
     at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
     at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
     at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)

Hi sheshu0022,
Based on my research, the issue can be occurred due to something get corrupted in the script task. To fix this issue, please copy the code in the task, then rebuild the script task with the same code to test again.
The following similar thread is for your reference:
http://stackoverflow.com/questions/15165760/ssis-script-task-fails-on-server-with-error-cannot-load-script-for-execution
Thanks,
Katherine Xiong
Katherine Xiong
TechNet Community Support

How to clear the variable value in session store?

I'll try to build form for search. There are LOV and
search button on form. When user don't select anything then push
search button, I'd like the report to show query everything. I
mean the report will show like condition where id like '%'.
And I send variable between form to report by using session
store.
I select nothing in LOV but value that return by LOV is
not null. It's in stead of old value of LOV.
Please tell me.. How to clear the variable value in
session store? I'd like to set it to null. If you have greater
way to do like this, please tell me.
Thank you.

Please suggest on this..
Thanks.

URGENT---EJB 3.0--Toplink essential - loading custom session customizer

Dear all,
I am a newbie to EJB as well as JPA...for some reason i need to write a custom session customizer
i config the persistence.xml with the following property:
<property name = "toplink.session.customizer" value = "customizer.MyCustomizer"/>
My EJB project structure:
Application1
->EJB_Project1
->customizer
->MyCustomizer.java
->bean
->BeanARemote.java
->BeanBRemote.java
->META-INF
->persistence.xml
when i want to test the EJB project..the following exception occur...
==============================================================
Exception Description: ClassNotFound: [customizer.MyCustomizer] specified in [toplink.session.customizer] property.
Internal Exception: oracle.classloader.util.AnnotatedClassNotFoundException:
Missing class: customizer.MyCustomizer
Dependent class: oracle.toplink.essentials.internal.security.PrivilegedAccessHelper
Loader: oracle.persistence:1.0
Code-Source: /C:/Oracle10-1-3-11/toplink/jlib/toplink-essentials.jar
Configuration: <code-source> in /C:/Oracle10-1-3-11/jdev/system/oracle.j2ee.10.1.3.39.14/embedded-oc4j/config/server.xml
This load was initiated at oracle.persistence:1.0 using the Class.forName() method.
The missing class is available from the following locations:
1. Code-Source: /G:/JDeveloper/jdev/mywork/Application1/EJB_Project1/classes/ (from <ejb> in unknown)
     This code-source is available in loader current-workspace-app.root:0.0.0.
     This is the current thread's context loader, and it appears that Class.forName() was used to load the dependent class.
     If a loader was not explicitly passed to Class.forName(), try passing the result of calling Thread.currentThread().getContextClassLoader().
==============================================================
the application server cannot load the class but it can locate where the class is...
why???
i futher check if the problem is related to parent-child class-loader mechanism
in the code, i call the Class.getClassLoader() in order to obtain which classloaders
my session customizer and JPA EntityManager (implied for the whole toplink essential?) were loaded by...
result: for custom session customizer..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
5th classLoader == system.root:0.0.0
6th classLoader == default.root:0.0.0
result: for JPA EntityManager..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
it seems the EntityManager is loaded in 'higer level' class loader, so it can't access
class load in 'lower level' class loader ..
Dependent class: oracle.toplink.essentials.internal.security.PrivilegedAccessHelper
Loader: oracle.persistence:1.0But something strange is that the exception message saying the loader is oracle.persistence:1.0 ???
Could anybody help me......?
what is the solution...?
i have searching in the web for days but can't find solution !!!
Thank you very much ...
** My development environment:
JDeveloper: 10.1.3.1
window xp sp2
sun java sdk 5 update 9

i have futher check if the problem is related to class loading
i call the Class.getClassLoader() in order to obtained which classloaders
my session customizer and EntityManager were loaded...
obtain the following result: for my session customizer..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
5th classLoader == system.root:0.0.0
6th classLoader == default.root:0.0.0
for EntityManager..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
it seems the entity manager is loaded in 'higer level' class loader, so it can't access
class load in 'lower level' class loader ..
Dependent class: oracle.toplink.essentials.internal.security.PrivilegedAccessHelper
Loader: oracle.persistence:1.0But something strange is that the exception message saying the loader is oracle.persistence:1.0 ????
Could anybody help me......?
what is the solution...?
Thank you ...

Clearing custom session variable in 5.0

I have set a custom session variable in a method called in the OnAfterLogin PEI.
Do I need to ckear this session variable on logout? If so, how do I do that?
Or does the session variable clear on its own if teh session is abandoned or killed on logout?
I just want to make sure I am not leaking any memory and do proper housekeeping.
Thanks!
Vanita
Staples

Sam,
It appears that you are one of the few installations that actually used a display/formatting page under 4.x. Under 5.0 you have the option of going directly to the source of the card or gatewaying the card. Those are your only two options to my knowledge. I suppose that the answer might rest on using docfetch but this would require a custom CWS.
Good Luck
Phil Orion

Custom HTML Store Open Link in Safari

Hi there,
I'm working on Custom HTML Store.
And today I faced with one problem.
Is there any way to open html link directly in Safari or in standard DPS view (with back button and open-in-safari button)?
Currently my link reloads HTML Store in UIWebView.
I tried three different approaches:
1) <a href="http://site/" target="_blank"></a>
2) window.open('http://www.site/','_blank');
3) window.open('http://www.site/','_system');
But I didn't get result.
Thank you!
Best regards,
Andrey

Thank you for reply!
Directly in Safari - yes, I agree.
But in GQ US, GQ Italia I can see banners, which are working fine - they open standard DPS view (with back button and open-in-safari button) .

IsolatedClientSession (10.1.3) vs. custom session broker

Hi, Doug.
You may still remember the design of the custom session broker originated from you in our project.
Basically, we dynamically partition the classes during the session initiation time such that all the read-only classes (reference data) are put to a shared server session and all the non-read-only classes (transactional data) to a database session. A custom client session broker is constructed based on two sessions, the shared server session and a private database session whose life only spans a single transaction. The main idea here is that, the transactional data is volatile, and should not been cached in the shared session cache.
Now, with TopLink_10.1.3 available, I noticed that there is a new type of session called isolated client session, and that a class can be configured to be isolated. In my understanding, this solves the exactly same problem as the custom session broker.
I did some investigation to see whether it is possible for replace the custom session broker by the isolated client session. However, I got a run time exception:
Isolated Data is not currently supported within a Client Session Broker.
My questions is:
Is the isolated data to be supported by the client session broker soon?
Or you have other suggestions?
Thanks.
Zhonghua

Thanks for your response.
Yes, you are right, and it is not entirely necessary for us to use SessionBroker any more. I already did some experiments in this regard.
But, there are two downsides here:
(1) The existing code and configuration are tied to the SessionBroker, and lots of changes would be required.
(2) SessionBroker does provide us some flexibility in case we do need to use multiple databases in the future.
Therefore, if TopLink will support isolated classes in the client SessionBroker soon, it would be better for us to just wait for a future release.

Using a custom certificate store for SCCM 2012 clients and primary site server

I have read what seems to be all the pki related documentation out there for SCCM 2012. I have a PKI infrastructure up and running issueing certificates with an offline root through group policy autoenrollment. The problem that i'm faced with is we are migrating
from SCCM 2007 that was in native mode and we chose not to use the CA that we used for the old SCCM environment. When the clients attempt to communicate with the M.P. it runs through all of the different certificates and adds a tremendous amount of overhead
to the M.P. We will have ten's of thousands of clients by migration end. Could someone please point me to a document that goes over how to leverage a custom certificate store that I could then tell the new 2012 environment to use? I know that it's in there,
I've seen it in the console. The setup is one primary site server with SQL on box and the pki I just mentioned as well as the old 2007 environment that is still live.
I read that you can try and use SAN as a method of identifying the new certs but I haven't found a good document covering exactly how that works. Any info you could provide I would be very grateful for. Thanks.

Jason, thank you for your reply. I'm getting the impression that you have never been in the situation where you had to deal with 2 different PKI environments. Let me state that I understand what your saying about trust. We have to configure the trusted root
CA via GPO. That simply isn't enough, and I have a valid example to backup this claim. When the new clients got the advertisement and began the ccmsetup process I used the /pki switch among others. What the client end up doing was selecting a certificate that
had the longest validity period which was issued by our old CA. It checked the authentication chain, found it to be valid and selected it for communication. At that point the installation failed, period, no caveats as you say. The reason the install failed
because the new PKI infrastructure is integrated into the new environment, and the old is not. So when you said " that
are trusted and they can use *any* cert that is trusted because at the end of the day, there is no
difference between two valid certs that have the same purpose as long as they are trusted. "
that is not correct. Both certs are trusted, and use the same certificate template, but only one certificate would allow the install to complete successfully.
Once I started using the CCMCERTISSUERS
switch the client install went swimmingly. The only reason I'm still debating this point is because someone might read this thread see your comments and assume "well I've got my new PKI configured as a trusted root CA, I should be all set" and their
deployment will fail, just as my pilot did.
About Intune I'm looking forward to doing a POC in the lab i built with my Note 3. I'm hoping it goes well as I really want to have our MDM migrated into ConfigMgr... I think the
biggest obstacle outside of selling it to management will be the actual device migration from the current MDM solution. From what I understand of the enrollment process manual install and config is the only path forward.
Thanks Jason for your post and discussion.

Unable to load custom trust store in cluster

Weblogic 9.2 cluster with three nodes. Each is configured to use custom trust store. The same jks is copied to every node.
On node1 ssl works perfectly but on node2 and node3 certificate validation fails. Interesting is the stack that is thrown after first validation request, when Weblogic starts to load truststore:
####<Jan 17, 2011 5:46:51 PM EET> <Debug> <SecuritySSL> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279211972> <000000> <SSLSetup: loading trusted CA certificates>
####<Jan 17, 2011 5:46:51 PM EET> <Debug> <SecuritySSL> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279211984> <000000> <SSLContextManager: loading server SSL identity>
####<Jan 17, 2011 5:46:51 PM EET> <Debug> <SecurityKeyStore> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279211986> <000000> <MBeanKeyStoreConfiguration: constructor - using mbean trust config>
####<Jan 17, 2011 5:46:51 PM EET> <Debug> <SecurityKeyStore> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279211989> <000000> <PreMBeanKeyStoreConfiguration: constructor - explicitly configured=true>
####<Jan 17, 2011 5:46:51 PM EET> <Debug> <SecurityKeyStore> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279211992> <000000> <PreMBeanKeyStoreConfiguration: constructor - TrustKeyStore[0]=FileName=/bea/keystores/MyTrust.jks, Type=jks, PassPhraseUsed=true>
####<Jan 17, 2011 5:46:51 PM EET> <Debug> <SecurityKeyStore> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279211994> <000000> <MBeanKeyStoreConfiguration: constructor - TrustKeyStore[0]=FileName=/bea/keystores/MyTrust.jks, Type=jks, PassPhraseUsed=true>
####<Jan 17, 2011 5:46:51 PM EET> <Notice> <Security> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <1295279211998> <BEA-090171> <Loading the identity certificate and private key stored under the alias beal2.srv.sise from the jks keystore file /bea/keystores/MyIdentity.jks.>
####<Jan 17, 2011 5:46:52 PM EET> <Debug> <SecuritySSL> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279212009> <000000> <Failed to load server trusted CAs
java.lang.NullPointerException
     at weblogic.security.utils.SSLContextManager.getRealmName(SSLContextManager.java:594)
     at weblogic.security.utils.SSLContextManager.getServerSSLIdentity(SSLContextManager.java:535)
     at weblogic.security.utils.SSLContextManager.createServerSSLContext(SSLContextManager.java:276)
     at weblogic.security.utils.SSLContextManager.getDefaultServerSSLContext(SSLContextManager.java:221)
     at weblogic.security.utils.SSLContextManager.getServerTrustedCAs(SSLContextManager.java:183)
     at weblogic.security.utils.SSLSetup.getTrustedCAs(SSLSetup.java:505)
     at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:384)
     at weblogic.security.SSL.SSLSocketFactory.setSSLClientInfo(SSLSocketFactory.java:218)
     at weblogic.security.SSL.SSLSocketFactory.<init>(SSLSocketFactory.java:36)
     at weblogic.security.SSL.SSLSocketFactory.<init>(SSLSocketFactory.java:28)
     at weblogic.security.SSL.SSLSocketFactory.getDefault(SSLSocketFactory.java:55)
     at com.liferay.portal.security.auth.WeblogicSocketFactory.createSocket(WeblogicSocketFactory.java:21)
     at com.liferay.portal.security.auth.WeblogicSocketFactory.createSocket(WeblogicSocketFactory.java:30)
     at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
     at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
     at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
     at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
     at com.liferay.portal.servlet.filters.sso.cas.Cas20ProxyTicketValidator.retrieveResponse(Cas20ProxyTicketValidator.java:73)
     at com.liferay.portal.servlet.filters.sso.cas.Cas20ProxyTicketValidator.validate(Cas20ProxyTicketValidator.java:46)
     at com.liferay.portal.servlet.filters.sso.cas.CASFilter.processFilter(CASFilter.java:172)
     at com.liferay.portal.kernel.servlet.BaseFilter.doFilter(BaseFilter.java:91)
     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3242)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2010)
     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1916)
     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
>
####<Jan 17, 2011 5:46:52 PM EET> <Deb...
during the validation I get following:
####<Jan 17, 2011 5:46:52 PM EET> <Debug> <SecuritySSL> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279212020> <000000> <Cannot complete the certificate chain: No trusted cert found>
####<Jan 17, 2011 5:46:52 PM EET> <Debug> <SecuritySSL> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279212020> <000000> <Validating certificate 0 in the chain: Serial number: 1283510590
####<Jan 17, 2011 5:46:52 PM EET> <Debug> <SecuritySSL> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279212023> <000000> <validationCallback: validateErr = 16>
####<Jan 17, 2011 5:46:52 PM EET> <Debug> <SecuritySSL> <beal2.srv.sise> <bea2A> <[ACTIVE] ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1295279212025> <000000> <weblogic user specified trustmanager validation status 16>
I have run out of ideas. The certificate is in trustore. I think my issues are related to that NullPointer but because it is Weblogic internal code I have no idea what's causing it. I know somehow node1 has to be different but I don't know where to look anymore.
After decompiling SSLContextManager getRealmName looks like this:
private final String getRealmName()
return runtimeAccess.getDomain().getSecurity().getRealm().getName();
What configuration am I missing?

Maybe this helps....
I would try to check the following steps:
- Are node2 and node3 on the same machine as node1?
- Is present and readable "/bea/keystores/MyTrust.jks" on each machine?
- Who signs the trust certificate in "MyTrust.jks"? I.E.: it is needed a trust chain to validate MyTrust?
From your decompilation it seems that one of these
- runtimeAccess;
- runtimeAccess.getDomain();
- runtimeAccess.getDomain().getSecurity();
- runtimeAccess.getDomain().getSecurity().getRealm();
is null ...
Bye
Mariano

Oracle State Session Store throws an Unhandled Exception with Xml

I wish to use the Oracle.Net Session Store to store a value to session. The value or object if you prefer is marked as serializable in order to be placed within the store.
Unfortunately, when running the code I get an unhandled exception error being displayed to the screen. The code itself does not fail at any point in debug. The actual error message in full is "An unhandled exception occurred 'Type 'System.Xml.XmlDocument' in Assembley 'System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' is not marked as serializable"
Now, we have xml fields in our classes, and we have tried all sorts things, but I would like to know whether there is a far simpler way of saving xml documents to session when using Oracle.Net Session Store. We have also tried saving sessions using the ASP.Net State Server and hit exactly the same error.
Does anyone have any good ideas/solutions?

Hi Muthuraja,
The warning in error log is caused by the error you mentioned above. Based on my search, the error message can be caused by various reasons.
To troubleshooting the issue, please refer to the following steps:
Check the "Idle Time-out" option of the application pool, if its value is not zero, set it to a larger integer value such as 120.
Check the "Virtual Memory Limit" option of the application tool, if its value is not zero, set it to 0 instead.
Set the "Maximum Worker Processes" option of the application tool to 1.
In the web.config of the Web Application, set the “cookieless” to “true” like below:
<sessionState mode="InProc" cookieless="true" timeout="120"/>
Modify the httpRuntime settings like below:
<httpRuntime maxRequestLength="20000" executionTimeout="600"/>
Reference:
sessionState Element
httpRuntime Element
AspNetSessionExpiredException
If you have any more questions, please feel free to ask.
Thanks,
Wendy Fu
If you have any feedback on our support, please click
here.

Help? Session Store stopped working

... w/o warning - from one use to the next within one hour.
Happened after I updated MS-XP + Keyscrambler + restarted computer, but don't think that should have created a problem.
Checked "Containing Folder" & it shows 'session store', 'sessionstore-1', and 'sessionstore-2' in place. Any help appreciated

For this one on Vista machines, the following announcement has some troubleshooting tips:
http://discussions.apple.com/ann.jspa?annID=640
... for more info on using MSConfig, see the following document:
Using MSCONFIG to troubleshoot conflicts in Windows Vista

DPS Custom Library/Store Toolbar

Hello.
In the 'Navigation Toolbar' section of the DPS App Builder i see an option to hide the navigation toolbar, but then i cant have custom library/store fronts ...
Is there a way to hide the navigation (bottom) toolbar when launching a custom library/store ?
I know i can go back to the default app library via DPS JS API ( adobeDPS.configurationService.gotoState( 'library' ) ), so a way to hide the toolbar would be great ...
Thank you.

Well thank you
maybe you could think of it as a new feature to implement in the near future ?
Also, if i may, an app filter in the main DPS App Builder app would be great (filtering by type(iOS,android), name, etc )
Thank you.

DPS Custom front store problem( Plz ....)

Hi everyone,
A few months ago I builded a front store using DPS API 1. But it does not load the content automatically when the user install the app at the first time. If I pressed reload button and It become works.
Recently I need to develop again the custom front store using DPS API 2 and I found this as my first step:
http://www.adobe.com/devnet/digitalpublishingsuite/articles/library-store-separate-templat e.html
I downloaded the sample file and followed this tutoral carefully but I still feel so confused. There is no any content in my ipad after I put the custom store zip file into the folio builder, however, it is so weird that when I add the custom library zip file together, the custom store become works!
Right now I don't know how to start to my work. Would anyone tell me how to solve it ?Is it a must to use DPS API 2 instead of API 1??
Please give me any advice.Thanks a lot!

It is so so helpful! Thanks for your quick reply.
My situration is that I just need to build custom store only and use default library.
May I ask you more questions? And I hope it will give me more direction to finish my work.
1) What is the difference between API 1 and 2. At my first glance, the functions, syntax, and structure are quite different. If I use API 1 to bulid the custom store, what disadvantage it is? Will the API 1 not being supported in the furture? If API 2 is perferable for my case, do you give me any advice/reference to start working?
2) Yesterday I followed this tutorial using API 1 and download the sample file to ipad:
http://www.adobe.com/devnet/digitalpublishingsuite/articles/dps-custom-store.html
I found there is the same reload problem at the first installation. Apart from the subscribe banner which is in local host, other contents(e.g. folio preview image, title) do not show.Only when I press reload button it become viewable.
I deeply appreciate your kindness.

SWS 7.0U1 Custom Session Store

Similar Messages

Maybe you are looking for