Usage of default keyStores(.jks) in WLS production mode

Similar Messages

• Default-keystore.jks cannot be loaded due to java.io.IOException

  Hi All,
  i am facing this error in the SOA composite created for approval. I think it is the either the access of the keystore file or the keystore file itself is corrupted. Any pointers on this would be great!
  Also, can someone let me know how do we create the new keystore for this and map the new keystore to the composite?
  FYI - The same composite is working in an other environment.
  [2014-01-01T05:31:05.011-07:00] [soa_server1] [ERROR] [WSM-00055] [oracle.wsm.resources.security] [tid: orabpel.invoke.pool-4.thread-1] [userId: weblogic] [ecid: 004viVPMDD9Fw000jzwkno0005E5000QKe,1:31579] [WSM_POLICY_NAME: oracle/wss11_saml_token_with_message_protection_client_policy] [APP: soa-infra] [composite_name: MgrApproval] [component_name: ApprovalProcess] [component_instance_id: 120001] [URI: /identity/faces/home] The keystore located at /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks cannot be loaded due to java.io.IOException: Keystore was tampered with, or password was incorrect. Ensure that valid keystore type and password are configured.
  [2014-01-01T05:31:05.037-07:00] [soa_server1] [ERROR] [WSM-07501] [oracle.wsm.resources.enforcement] [tid: orabpel.invoke.pool-4.thread-1] [userId: weblogic] [ecid: 004viVPMDD9Fw000jzwkno0005E5000QKe,1:31579] [WSM_POLICY_NAME: oracle/wss11_saml_token_with_message_protection_client_policy] [APP: soa-infra] [composite_name: MgrApproval] [component_name: ApprovalProcess] [component_instance_id: 120001] [URI: /identity/faces/home] Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.client, application=default, composite=MgrApproval, modelObj=CallbackService_2, policy=null, policyVersion=null, assertionName=null.[[
  oracle.wsm.common.sdk.WSMException: WSM-00055 : The keystore located at /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks cannot be loaded due to java.io.IOException. Ensure that valid keystore type and password are configured.
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.initialize(SecurityScenarioExecutor.java:463)
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.init(SecurityScenarioExecutor.java:336)
    at oracle.wsm.security.policy.scenario.executor.Wss11SamlWithCertsScenarioExecutor.init(Wss11SamlWithCertsScenarioExecutor.java:72)
    at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.populateAssertionExecutors(WSPolicyRuntimeExecutor.java:262)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
    at com.collaxa.cube.engine.dispatch.Dispatcher$ContextCapturingThreadFactory$2.run(Dispatcher.java:850)
    at java.lang.Thread.run(Thread.java:722)
  Caused by: oracle.wsm.security.SecurityException: WSM-00055 : The keystore located at /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks cannot be loaded due to java.io.IOException. Ensure that valid keystore type and password are configured.
    at oracle.wsm.security.jps.WsmLegacyKeyStore.<init>(WsmLegacyKeyStore.java:270)
    at oracle.wsm.security.jps.WsmKeyStoreFactory.getKeyStore(WsmKeyStoreFactory.java:63)
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.updateWsmKeyStore(SecurityScenarioExecutor.java:1293)
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.initialize(SecurityScenarioExecutor.java:437)
    ... 120 more
  Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
    at java.security.KeyStore.load(KeyStore.java:1214)
    at oracle.wsm.security.jps.WsmLegacyKeyStore.createInstanceOfKeyStoreWrapper(WsmLegacyKeyStore.java:604)
    at oracle.wsm.security.jps.WsmLegacyKeyStore.<init>(WsmLegacyKeyStore.java:249)
    ... 123 more
  Caused by: java.security.UnrecoverableKeyException: Password verification failed
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
    ... 127 more
  [2014-01-01T05:31:05.076-07:00] [soa_server1] [ERROR] [] [oracle.integration.platform.blocks.soap] [tid: orabpel.invoke.pool-4.thread-1] [userId: weblogic] [ecid: 004viVPMDD9Fw000jzwkno0005E5000QKe,1:31579] [APP: soa-infra] [composite_name: MgrApproval] [component_name: ApprovalProcess] [component_instance_id: 120001] [URI: /identity/faces/home] Unable to dispatch request to http://iam.secureoracle.com:80/workflowservice/CallbackService due to exception[[
  javax.xml.ws.WebServiceException: oracle.fabric.common.PolicyEnforcementException: WSM-00055 : The keystore located at /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks cannot be loaded due to java.io.IOException. Ensure that valid keystore type and password are configured.
    at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:867)
    at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:235)
    at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.invoke(OracleDispatchImpl.java:106)
    at oracle.integration.platform.blocks.soap.AbstractWebServiceBindingComponent.dispatchRequest(AbstractWebServiceBindingComponent.java:553)
    at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.processOutboundMessage(WebServiceExternalBindingComponent.java:248)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
    at com.collaxa.cube.engine.dispatch.Dispatcher$ContextCapturingThreadFactory$2.run(Dispatcher.java:850)
    at java.lang.Thread.run(Thread.java:722)
  Caused by: oracle.fabric.common.PolicyEnforcementException: WSM-00055 : The keystore located at /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks cannot be loaded due to java.io.IOException. Ensure that valid keystore type and password are configured.
    at oracle.fabric.common.AbstractSecurityInterceptor.processResult(AbstractSecurityInterceptor.java:184)
    at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:95)
    at oracle.integration.platform.common.InterceptorChainImpl$1.run(InterceptorChainImpl.java:210)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAsPrivileged(Subject.java:536)
    at oracle.integration.platform.common.InterceptorChainImpl.processRequestAsSubject(InterceptorChainImpl.java:208)
      ... 100 more
  Caused by: oracle.wsm.common.sdk.WSMException: WSM-00055 : The keystore located at /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks cannot be loaded due to java.io.IOException. Ensure that valid keystore type and password are configured.
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.initialize(SecurityScenarioExecutor.java:463)
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.init(SecurityScenarioExecutor.java:336)
    at oracle.wsm.security.policy.scenario.executor.Wss11SamlWithCertsScenarioExecutor.init(Wss11SamlWithCertsScenarioExecutor.java:72)
    at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.populateAssertionExecutors(WSPolicyRuntimeExecutor.java:262)
    at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.populateAssertionExecutors(WSPolicyRuntimeExecutor.java:285)
    at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.init(WSPolicyRuntimeExecutor.java:168)
    at oracle.wsm.policyengine.impl.PolicyExecutionEngine.getPolicyExecutor(PolicyExecutionEngine.java:137)
    at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:101)
    at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:1039)
    at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:485)
    at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:94)
    ... 110 more
  Caused by: oracle.wsm.security.SecurityException: WSM-00055 : The keystore located at /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks cannot be loaded due to java.io.IOException. Ensure that valid keystore type and password are configured.
    at oracle.wsm.security.jps.WsmLegacyKeyStore.<init>(WsmLegacyKeyStore.java:270)
    at oracle.wsm.security.jps.WsmKeyStoreFactory.getKeyStore(WsmKeyStoreFactory.java:63)
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.updateWsmKeyStore(SecurityScenarioExecutor.java:1293)
    at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.initialize(SecurityScenarioExecutor.java:437)
    ... 120 more
  Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
    at java.security.KeyStore.load(KeyStore.java:1214)
    at oracle.wsm.security.jps.WsmLegacyKeyStore.createInstanceOfKeyStoreWrapper(WsmLegacyKeyStore.java:604)
    at oracle.wsm.security.jps.WsmLegacyKeyStore.<init>(WsmLegacyKeyStore.java:249)
    ... 123 more
  Caused by: java.security.UnrecoverableKeyException: Password verification failed
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
    ... 127 more
  [2014-01-01T05:31:05.097-07:00] [soa_server1] [ERROR] [] [oracle.integration.platform.blocks.soap] [tid: orabpel.invoke.pool-4.thread-1] [userId: weblogic] [ecid: 004viVPMDD9Fw000jzwkno0005E5000QKe,1:31579] [APP: soa-infra] [composite_name: MgrApproval] [component_name: ApprovalProcess] [component_instance_id: 120001] [URI: /identity/faces/home] Unable to dispatch request to http://iam.secureoracle.com:80/workflowservice/CallbackService due to exception[[
  oracle.fabric.common.FabricInvocationException: Unable to access the following endpoint(s): http://iam.secureoracle.com:80/workflowservice/CallbackService
    at oracle.integration.platform.blocks.soap.AbstractWebServiceBindingComponent.dispatchRequest(AbstractWebServiceBindingComponent.java:581)
    at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.processOutboundMessage(WebServiceExternalBindingComponent.java:248)
    at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.sendSOAPMessage(WebServiceExternalBindingComponent.java:1026)
    at oracle.integration.platform.blocks.soap.WebServiceExternalBindingComponent.request(WebServiceExternalBindingComponent.java:745)

  Try to execute the following command:
  $JAVA_HOME/bin/keytool -list -keystore /app/oracle/product/ofm/user_projects/domains/IAM_domain/config/fmwconfig/default-keystore.jks -storepass PASSWORD_OF_THE_DEFAULT_KEYSTORE
  If the KeyStore entries are displayed, at least this much can be sure that the KeyStore is not corrupt or tampered with.
  With incorrect password, you will receive: keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
  If PASSWORD_OF_THE_DEFAULT_KEYSTORE is correct, and the default-keystore.jks is not corrupt, it may be possible that in the Credential store, somehow password may be incorrect.
  So, log in the Enterprise Manager console (http://hostname:7001/em), Weblogic Domain --> IAM_Domain --> Right Click --> Security --> Credentials --> oim.
  Then edit the password of default-keystore.jks And then restart the servers.

• WSM00101 error: The specified keystore file /domains/wlsaas/config/fmwconfig/default-keystore.jks cannot be found

  In JCS 13.2, same endpoint testing get this error starting last week
  oracle.wsm.common.sdk.WSMException: WSM-00101 : The specified keystore file /domains/wlsaas/config/fmwconfig/default-keystore.jks cannot be found; it either does not exist or its path is not included in the application classpath.
  Same app deployed to local Weblogic, against same endpoint, works fine.
  Ran another testing in JCS 13.1 use the same endpoint and username & password for web service call,
  got this error
  InvalidSecurityToken : The security token is not valid.
  Any thoughts?
  Thanks,
  Philip

  I think its a known issue your service likely uses message protection which, as I understand, is not available, see 18386527 through the support system.
  Jani Rautiainen
  Fusion Applications Developer Relations
  https://blogs.oracle.com/fadevrel/

• App Server 9.1 -  Where is the keystore.jks

  Hi there
  Been fiddling with this problem for a bit now.
  I have installed the EE version of 9.1 and on the domain1, when I try to use the SSL listener it tells me that the certificate isn't valid. So, I went to the HTTP listener configured with security and noticed that the name of the certificate in use is called "s1as" . So far so good.
  Now I want to add my own certificate ( a valid one, issues by a propa issuer and such ) into the keystore and change the alias name to use that one instead.
  So .... where is the keystore.jks file that all the documentation is talking about ? Since the app server is already using a certificate ( with alias s1as ) I think it as got to be stored somewhere... but i just can't seam to find it.
  This is what I got inside the config folder for the domain :
  [root@server config]# pwd
  /opt/SUNWappserver/domains/domain1/config
  [root@server config]#
  [root@server config]# ls -isa
  total 440
  492179 4 . 492339 4 default-config 492215 132 key3.db 492208 4 sun-acc.xml
  492178 4 .. 492210 36 default-web.xml 492207 4 keyfile 492392 4 .synchronize
  492205 4 admch 492393 0 derby.log 492211 4 login.conf 492387 0 .upgradedTo91
  492206 4 admin-keyfile 492217 4 domain-passwords 492216 16 secmod.db 492213 8 wss-server-config-1.0.xml
  492394 4 admsn 492388 4 domain-registry 492396 4 secure.seed 492212 8 wss-server-config-2.0.xml
  492214 132 cert8.db 492389 4 .domain-registry.system 492399 0 server.csr
  492395 4 .__com_sun_appserv_pid 492202 40 domain.xml 492397 8 server.policy
  find / -name keystore.jks
  [root@server config]#
  Any thoughs ?
  Thx
  Rp

  ok ok ok
  got it, using NSS .
  http://docs.sun.com/app/docs/doc/819-3671/ablnk?a=view

• SAP JVM default keystore file for Active MQ JMS SSL integration?

  Hi all,
  does the SAP JVM still have a default keystore file?
  I'm asking this question because I would like to integrate with Active MQ JMS SSL. The MQ-Libs are refering to the VMs default keystore in order to find the certificate for the SSL handshake.
  Kind regards,
  Heiko

  Same here, with almost the same things (JDK @ 1.5.0_16) but same WLS version, as well as Eclipse & WTP.
  Also have the Bea WLS Tools plugin 1.1.1
  Ideas right here...?

• Wls 9.1 doesn't pick up changes to static content in production mode

  Hi Everybody,
            I'm running wls 9.1 on XP in production mode as a stand-alone server. My web app is deployed in exploded format in an external directory.
            I'm trying to force the server to pick up the changes to static content like JSPs automatically and it's not working.
            1. I've set pageCheckSeconds = 1 in weblogic.xml and even though server picks this setting up it does nothing about it.
            2. I tried weblogic.Deployer utitlity to redeploy just one jsp file and it's not working because it's unable to get the full path to a source file. Can this happen due to application Context Path not being set properly?
            Does anybody come across issues like this?
            Thanks.
            Paul.

  Hi Everybody,
            I'm running wls 9.1 on XP in production mode as a stand-alone server. My web app is deployed in exploded format in an external directory.
            I'm trying to force the server to pick up the changes to static content like JSPs automatically and it's not working.
            1. I've set pageCheckSeconds = 1 in weblogic.xml and even though server picks this setting up it does nothing about it.
            2. I tried weblogic.Deployer utitlity to redeploy just one jsp file and it's not working because it's unable to get the full path to a source file. Can this happen due to application Context Path not being set properly?
            Does anybody come across issues like this?
            Thanks.
            Paul.

• How do I set the default keystore password?

  The following code is currently failing with the exception below.
  private X509Certificate getX509Certificate(String alias)
                 throws CertificateException {
            // NOTE The default keystore password is "**********", as specified in the Sun KeyStore documentation
            // NOTE For more information, read the Sun documentation at http://java.sun.com
            X509Certificate cert  = null;
            String keystore      = "keystore";
            try {
                 cert = getX509Certificate(alias, keystore, "**********");
            catch(KeyStoreException exception) {
                 // A keystore exception occurred in the call to getX509Certificate, which could be indicative of a
                 // bad installation
                 throw new CertificateException("A keystore exception occurred accessing the default keystore."
                          + " Check your keystore installation, ensuring that the default keystore password"
                          + " is the standard Java keystore password\r\n"
                          + exception.getMessage());
            }+[04/12/07 15:02:57:827 GMT] 0000001f SystemErr R java.security.cert.CertificateException: A keystore exception occurred accessing the default keystore. Check your keystore installation, ensuring that the default keystore password is the standard Java keystore password+
  A keystore exception occurred accessing the default keystore. Check your keystore installation, ensuring that the default keystore password is the standard Java keystore password
  The provider 'SUN' has not been configured
  no such provider: SUN
  So it looks like my default keystore password is not the same as that in the code above (I've replaced it with ******). How do I set the default keystore to be the same as in the code above? Please note the exact same code works for another application - and so I would like to use the same class file rather than having to change the code above.

  You define the password for a keystore when you create it.
  There is no default.
  There is a default on the 'cacerts' truststore provided for JSSE: see
  http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html

• SAP JVM Default Keystore for Active MQ Integration

  Hi all,
  does the SAP JVM still have a default keystore file?
  I'm asking this question because I would like to integrate with Active MQ JMS SSL. The MQ-Libs are refering to the VMs default keystore in order to find the certificate for the SSL handshake.
  Kind regards,
  Heiko

  Hi all,
  does the SAP JVM still have a default keystore file?
  I'm asking this question because I would like to integrate with Active MQ JMS SSL. The MQ-Libs are refering to the VMs default keystore in order to find the certificate for the SSL handshake.
  Kind regards,
  Heiko

• Weblogic starting in production mode LINUX x86

  I am having a problem when creating a new weblogic 10.3.3 domain. I created this domain in development mode yet when i try and start the domain the admin server always starts in Production mode?
  Does anyone know why this is happening as i've check the weblogic console and it shows that the domain is set to development. Below is the message recieved on start up of the admin server:
  <Warning> <Management> <BEA-141274> <Production mode has specified at the command line via the weblogic.ProductionModeEnabled system property. This system property overrides the development mode setting contained in config.xml. However, the console and WLST show the attribute values and defaults that correspond to the development mode specified in config.xml.>
  Thanks for your help in advance.

  I have the same problem during the start of Oracle Identity Manager 11G...Admin Server and Managed Server on different machines...
  ####<Dec 2, 2010 5:25:17 PM MSK> <Error> <Security> <asoim.sgp.gazprom.ru> <oim_server1> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <1291299917129> <BEA-090892> <The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.>
  ####<Dec 2, 2010 5:25:17 PM MSK> <Critical> <WebLogicServer> <asoim.sgp.gazprom.ru> <oim_server1> <main> <<WLS Kernel>> <1291299917132> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.
  weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider. Exception was thrown when loading or setting the JPSS policy provider. Enable the debug flag -Djava.security.debug=jpspolicy to get more information. Error message: JPS-01538: The default policy provider was not found.
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1394)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused By: oracle.security.jps.JpsRuntimeException: JPS-01538: The default policy provider was not found.
  at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:273)
  at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:265)
  at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:136)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
  at java.lang.Class.newInstance0(Class.java:355)
  at java.lang.Class.newInstance(Class.java:308)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1312)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused By: oracle.security.jps.JpsException: JPS-01538: The default policy provider was not found.
  at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:705)
  at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:271)
  at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:265)
  at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:136)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
  at java.lang.Class.newInstance0(Class.java:355)
  at java.lang.Class.newInstance(Class.java:308)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1312)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused By: oracle.security.jps.JpsException: JPS-01514: The default context is missing in jps-config.xml.
  at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:665)
  at oracle.security.jps.internal.policystore.PolicyUtil$1.run(PolicyUtil.java:650)
  at java.security.AccessController.doPrivileged(Native Method)
  at oracle.security.jps.internal.policystore.PolicyUtil.getDefaultPolicyStore(PolicyUtil.java:650)
  at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:271)
  at oracle.security.jps.internal.policystore.PolicyDelegationController.<init>(PolicyDelegationController.java:265)
  at oracle.security.jps.internal.policystore.JavaPolicyProvider.<init>(JavaPolicyProvider.java:136)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
  at java.lang.Class.newInstance0(Class.java:355)
  at java.lang.Class.newInstance(Class.java:308)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadOPSSPolicy(CommonSecurityServiceManagerDelegateImpl.java:1312)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1018)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused By: oracle.security.jps.service.credstore.CredStoreException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
  at oracle.security.jps.internal.credstore.ssp.CsfWalletManager.openWallet(CsfWalletManager.java:177)
  at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.doInit(SspCredentialStore.java:218)
  at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:140)
  at oracle.security.jps.internal.credstore.ssp.SspCredentialStore.<init>(SspCredentialStore.java:127)
  at oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider.getInstance(SspCredentialStoreProvider.java:115)
  at oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider.getInstance(SspCredentialStoreProvider.java:53)
  and help???

• Difference between production mode and developement mode of weblogic STARTMODE?

  when set STARTMODE to true,weblogic will be started on production mode?
  what's the difference of production mode & developement mode ?

  Obtain the default number of threads available to the execute queues.
  If the default number of threads is 15, the server is set to Development mode.
  If the default number of threads is 25, the server is set to Production Mode.
  thanks,
  Deepak
  Richard Hendershot <[email protected]> wrote:
  is it possible for my code to find out what mode is in effect? I need
  to be able to suppress some features when running in development mode.
  TIA!
  Deepak Vohra wrote:
  Refer to
  http://e-docs.bea.com/wls/docs81/adminguide/overview_domain.html#DevModeOrProdMode
  thanks,
  Deepak
  "Icewolf Li" <[email protected]> wrote:
  when set STARTMODE to true,weblogic will be started on production mode?
  what's the difference of production mode & developement mode ?

• How to recompile a single JSP in WLS10.3 running in production mode

  In OAS there was a parameter...something like ?precompile=true which would force recompile of a JSP. Does anyone know any equivalent setting in WLS? We are running in production mode, but there are cases where we need to make a JSP change to fix an issue. And I dont want to have to run the server in development mode.
  Thanks

  Just an update...It cannot be done. Even if you compile the class manually and put it in place of the old class, it will not take effect. The WLS must cache the classes in production mode, which makes perfect sense. Just a pain.

• Start Weblogic 10.3.5 in production mode

  I am doing a Weblogic upgrade from 9.1 to 10.3.5.
  I am also simultaneously doing a Java upgrade to 1.6.0_27.
  All changes are done and the project is in in System test mode.
  I have configured my Sysytem test environment in development mode and used JDk installed on my computer.
  To move the changes to the UAT server, I want to start weblogic in production mode.
  can anyone help me as to how will this be different,I am planning thing for UAT and production right now.
  Can I run my System test server in production mode .
  Is it that with production mode ,we have to use jrockit and not Sun Jdk?
  Please help.
  Thanks,

  Hi
  When you started the Weblogic Server, in the starup window (or nohup output file) search for the word named like "Development". When I started my AdminServer and in the output from startup window, I could see a line like this: and in the end it says like AdminServer started in Development mode. On your side search for the word like "Production" or just "WLS Start Mode".
  WLS Start Mode=Development
  There should be a way to find out from Weblogic Admin Console, but I am not aware of this.
  Coming to redirecting the log file(s). do you want to redirect the startup log file(s) like when you start weblogic, you want all the outputs to go to someother file. Or is it the full log files from each server which are under like domain/servers/AdminServer/logs folder. I guess from weblogic console you should be able to control this.
  Coming to redirecting startup log files on Linux, under the domain root folder I created a simple file like admin_start.sh with below contents. And I run this admin_start.sh instead of startWeblogic.sh command. This takes care of starting weblogic and all output goes to specific file I mentioned. Also I can kill this window and still weblogic will be starting:
  DOMAIN_HOME="/home/ravijegga/Oracle/Middleware115/user_projects/domains/myDomain1"
  LOG_FILE="/home/ravijegga/Oracle/Middleware115/user_projects/domains/myDomain1/logs/admin.log"
  nohup ${DOMAIN_HOME}/bin/startWebLogic.sh > ${LOG_FILE} &
  The point is if you use > you can redirect to any log file. Google around and you should be able to find more examples for Windows OS also.
  Thanks
  Ravi Jegga

• Deploying simple EAR to WL10.3 in Production Mode

  Hi,
  I'm trying to deploy a simple EAR developed using Workshop and am getting library reference errors for beehive-controls-1.0.1-10.0.
  The target server is running on Solaris with a domain created using the wls.jar template.
  I'd like to bundle the additional libraries needed in the EAR file (in APP-INF/lib, dropped in automagically using the workshop J2EE module dependencies setting) but don't know which libraries I need (can only find beehive-controls.jar on the filesystem).
  Will this work on a server running in production mode, and if so, what libraries do i need?
  Cheers.
  Martin.
  Edited by: user10925870 on 23-Nov-2009 03:19
  The library references that wls complains about are:
  - beehive-controls-1.0.1-10.0
  - weblogic-controls-10.0
  - wls-commonsloggingbridge

  You can do one thing. Create a workshop domain in a test environment and then start the console. All the shared libraries are deployed as modules and can be seen in the admin console. Then search and place theses libraries in the lib of your application and used the <prefer-web-inf-classes> or <prefer-application-packages> in case of .war or .ear respectively. Hope this helps :)
  Edited by: Manish Chellappan on Nov 24, 2009 1:05 PM

• Cant move domain from devlopment mode to production mode

  We have tried to move the domain from dev mode to produciton mode but experiencing following exception. we have been using the domain in dev mode for quite long never had issue, applications used to work fine. Soon after we tried to change to production mode, all application stopped working. Is it due to the additional security that comes with prod mode? In past, we have anonymous lookup enable for domain security. Is it the issue? And should we have cross domain security enable? we have inter domain communication via t3 i.e WLX->t3->WLS and tomcat->t3>WLS.
  ault (self-tuning)'> <<anonymous>> <> <> <1276584731722> <BEA-010051> <EJB Exception occurred during invocation from home: com.fares.useraccess.ej
  b.UserAccessService_wrjm2t_HomeImpl@2235afd threw exception: java.lang.NoClassDefFoundError: com/fares/common/lookup/Admin
  java.lang.NoClassDefFoundError: com/fares/common/lookup/Admin
  at com.fares.activity.ifc.model.ActivityInfo.<init>(ActivityInfo.java:79)
  at com.fares.activity.impl.util.ActivityLog.setSuccess(ActivityLog.java:146)
  at com.fares.useraccess.impl.process.UserAccessProcess.activityWriting(UserAccessProcess.java:65)
  at com.fares.useraccess.impl.process.UserAccessProcess.userLogout(UserAccessProcess.java:239)
  at com.fares.useraccess.ejb.UserAccessBean.userLogout(UserAccessBean.java:57)
  at com.fares.useraccess.ejb.UserAccessService_wrjm2t_EOImpl.userLogout(UserAccessService_wrjm2t_EOImpl.java:1385)
  at com.fares.useraccess.ejb.UserAccessService_wrjm2t_EOImpl_WLSkel.invoke(Unknown Source)
  Regards
  RR

  The error there shows that can't find a library, this usually is because a Variable such as LD_LIBRARY_PATH or CLASSPATH could be wrong or miss as well that a new or JDK version has been installed into the server and that's why the class is missed.
  What is the procedure you use to change from Dev to Prod?
  greetings

• Problem in starting the domain in production mode

  Hi Friends,
       I have created the domain in production mode and i am using the JRockit 1.6 JDK for production.The Domain is created successfully ,no error  arises when i create the domain.But when i start the domain it raises the error because of some jdk related issues.I am not able to find the issue so please guide me for solving the issue.

  Hello,
  I checked the certification matrix for weblogic 12.1.3, and it seems it's not yet certified with Jrockit:
  Is it possible that you re-install using Oracle JDK 7u51+ ..?
  Regards,
  Mohab