WebLogic HTTP Server
Hello,
How do i bring up only the HTTP services and not all of the
service provided by weblogic. I want to host a simple servlet
on the weblogic and i want weblogic to run on http services
with minimal footprint. Just like in websphere we have separate
http server and application server ???
Bill,
Yes, you are correct.
Bill Kimura wrote:
Correct me if I'm wrong, but Weblogic
HTTP server runs regardless of whether
I use a dedicated web tier using Apache
along with the appropriate plugin, or
if I just use a hw load balancer and combine
the web and presentation tiers?
The proxy plugin for Apache will just proxy
off the request to Weblogic's http server,
correct?
Thanks,
- Bill--
Developer Relations Engineer
BEA Support
Similar Messages
-
Hello,
How do i bring up only the HTTP services and not all of the
service provided by weblogic. I want to host a simple servlet
on the weblogic and i want weblogic to run on http services
with minimal footprint. Just like in websphere we have separate
http server and application server ???Ask your salesperson about the Weblogic Express product ... cheap and easy
... it's Weblogic HTTP without the other stuff.
Peace,
Cameron Purdy
Tangosol, Inc.
Clustering Weblogic? You're either using Coherence, or you should be!
Download a Tangosol Coherence eval today at http://www.tangosol.com/
"Faisal Masood" <[email protected]> wrote in message
news:[email protected]..
Hello,
How do i bring up only the HTTP services and not all of the
service provided by weblogic. I want to host a simple servlet
on the weblogic and i want weblogic to run on http services
with minimal footprint. Just like in websphere we have separate
http server and application server ??? -
Sun Web Server Reverse Proxy and Weblogic HTTP to HTTPS redirection
Hi,
I am currently testing reverse-proxy from SJSW 7.0 update 5 to Weblogic server but I have encountered an issue.
I have configured a context root to be forwarded to weblogic:
Web Server: www.server.com
URI: /path
Reverse Proxy URL: wlserver:9000
When I access https://www.server.com/path, I am getting the correct page. The issue is, the weblogic server is configured to redirect HTTP access to HTTPS, i.e., when I access http://www.server.com/path, it should be redirected to https://www.server.com/path. However, that is not the case. What happens is that I am being redirected instead to https://www.server.com/.
If I don't use reverse proxy, that is, if I use the libproxy.so from weblogic, I get the correct redirection.
Would appreciate it very much if someone can help me troubleshoot this issue.
Thanks in advance!
Edited by: agent_orange on Jul 29, 2010 2:30 AM
Edited by: agent_orange on Jul 29, 2010 2:31 AMI am not sure, how you have configured your reverse proxy since you didn't attach / refer your current configuration file. this is how I would do it..
- create a new configuration (using web server 7 admin gui , within configuration wizard, disable java option if you plan to use web server 7 only for reverse proxy)
- select this new configuration and go to reverse proxy and try to reverse proxy / to the origin server.
that is all it should need.
your obj.conf or <hostname>-obj.conf depending on your configuration should look like following snippet
<Object name="default">
AuthTrans..
NameTrans fn=map from="/" to="/path" name="reverse-proxy-/"
</object>
<Object name="reverse-proxy-/">
Route fn=....
Service ..
</Object>
this is all you should need..
However, if you wanted to add complexity to your configuration, you could do some thing like
<Object name="default">
Auth..
<If defined $security>
NameTrans fn=map from="/" to="/path" name="reverse-proxy-/"
</If>
</Object>
<Object name="reverse-proxy-/">
Route...
</Object> -
How to integrate Oracle Http Server with Weblogic
Weblogic supports Apache web server 2.0 and 2.2 to be a proxy server. Oracle Http Server (OHS) is based on Apache 2.0. I am trying to configure Weblogic to use OHS that comes with OAS install as proxy on Linux environment. I am unable to get the WLS plugin for Apache to work with OHS. When I tried to start the OHS, I got the following errors:
/oracle/product/10.1.3.1/OracleAS_3/Apache/Apache/bin/apachectl startssl: execing httpd
Syntax error on line 1125 of /oracle/product/10.1.3.1/OracleAS_3/Apache/Apache/conf/httpd.conf:
Cannot load /oracle/product/10.1.3.1/OracleAS_3/Apache/Apache/libexec/mod_wl128_20.so into server: /oracle/product/10.1.3.1/OracleAS_3/Apache/Apache/libexec/mod_wl128_20.so: undefined symbol: apr_pool_cleanup_null
I checked the library, and I found in several places, such as /usr/lib.
The following is the configuration that I put in http.conf file:
<IfModule mod_weblogic.c>
WebLogicCluster 127.0.0.1:7001
MatchExpression /AIP
</IfModule>
<Location /weblogic>
SetHandler weblogic-handler
WebLogicCluster 127.0.0.1:7001
DebugConfigInfo ON
PathTrim /weblogic
</Location>
Anybody knows how to fix this?
Thanks.You're right: Weblogic supports Apache web server 2.0 and 2.2 to be a proxy server but you are using Oracle Application Server 10.1.3.1.0 which is based on Apache *1.3* as you can read in "Oracle® HTTP Server Administrator's Guide"
10g (10.1.3.1.0) - Part Number B28948-01 - 1.1 Oracle HTTP Server Features, right under "Based on Apache - HTTP v1.1 Support" at
http://download.oracle.com/docs/cd/B31017_01/web.1013/b28948/overview.htm#i1008837.
As far as I know, the only OHS based on Apache *2.0* is available as a standalone release: "Oracle HTTP Server (Apache 2.0) (10.1.3.3.0) for Linux x86" - 32bit. You can download it from http://www.oracle.com/technology/software/products/database/oracle11g/111060_linuxsoft.html (as_101330_apache2_lnx.zip).
I've tested it successfully.
Edited by: Virgil on Jan 15, 2009 3:08 AM -
Hi!
We need to implement authentication using our own methods, and the authentication
information is provided to the web service implementation in a basic authentication
header. The problem is, that the servlet
weblogic.webservice.server.servlet.WebServiceServlet, which handles web services
in
wls 7.0.sp2, always attempts to perform authentication, if the header is present.
Is there any way to circumvent this, because we want to implement authentication
on our own?
I already know two workarounds:
The best would of course be to implement a custom security realm for our own
authentication system. This is not an option, implementing an own security
realm is overkill for this specific web service.
The other way would be to route the requests by way of a custom servlet, which
would
remove the basic authentication header, and put the authentication info in custom
headers, such as x-auth: <user:password>, or smthng similar, and after successful
authentication, make a call to bea's servlet weblogic.webservice.server.servlet.WebServiceServlet.
But still, I'd like to know if there is any way to tell bea's servlet to ignore
the basic
authentication header?
Oh yeah, by the way, this is URGENT, as always. (really!! ;)
Toni NykanenCurrently there is no option to turn off security check.
I think you can use a servlet filter mapped to the URL
of your service, instead of a proxy servlet?
Regards,
-manoj
http://manojc.com
"Toni Nykanen" <[email protected]> wrote in message
news:3ef1577b$[email protected]..
>
Hi!
We need to implement authentication using our own methods, and theauthentication
information is provided to the web service implementation in a basicauthentication
header. The problem is, that the servlet
weblogic.webservice.server.servlet.WebServiceServlet, which handles webservices
in
wls 7.0.sp2, always attempts to perform authentication, if the header ispresent.
Is there any way to circumvent this, because we want to implementauthentication
on our own?
I already know two workarounds:
The best would of course be to implement a custom security realm for ourown
authentication system. This is not an option, implementing an own security
realm is overkill for this specific web service.
The other way would be to route the requests by way of a custom servlet,which
would
remove the basic authentication header, and put the authentication info incustom
headers, such as x-auth: <user:password>, or smthng similar, and aftersuccessful
authentication, make a call to bea's servletweblogic.webservice.server.servlet.WebServiceServlet.
>
But still, I'd like to know if there is any way to tell bea's servlet toignore
the basic
authentication header?
Oh yeah, by the way, this is URGENT, as always. (really!! ;)
Toni Nykanen -
Configuring Apache HTTP Server with Oracle Weblogic Server plugin
Hello friends,
I have a scenario of OIM 9.1.0.2 on Oracle Application Server 11g and Weblogic Server Apache HTTP Server.
Oracle WebLogic Server is configured in cluster (node1 and node2), also use the Oracle Weblogic Server plugin for integration with Apache.
One of the tests is to lose one of the nodes for the apache plugin redirects the node that has less overhead.
When the mode is node1 and node2 stop start mode and try to access the management console of Oracle Identity Manager, the plugin sometimes redirects to the other active node, and on another occasion shows the oracle management console identity manager without the colors of the basic look and feel.
Deputy of the Apache HTTP Server log, do you expect your comments to solve this case?
*************************************************log****************************************************
Server Details are:
OrigHostInfo [192.168.1.200]
isOrigHostInfoDNS [0]
Host [192.168.1.200]
Port [7002]
SecurePort [7004]
Mon Jan 30 22:10:43 2012 <2600713279794431> Initializing lastIndex=0 for a list of length=1
Mon Jan 30 22:10:43 2012 <2600713279794431> initJVMID: Trying to locate Primary or Secondary using SrvrInfo with JVMID [-872106207]
Mon Jan 30 22:10:43 2012 <2600713279794431> initJVMID: Found Primary 192.168.1.200:7002:7004
Mon Jan 30 22:10:43 2012 <2600713279794431> INFO: Closing SSL context
Mon Jan 30 22:10:43 2012 <2600713279794431> .....internal request /bea_wls_internal/WLDummyInitJVMIDs.....processed
Mon Jan 30 22:10:43 2012 <2600713279794431> getPreferredFromCookie: Found 1 servers
Mon Jan 30 22:10:43 2012 <2600713279794431> attempt #0 out of a max of 5
Mon Jan 30 22:10:43 2012 <2600713279794431> trying connect to PRIMARY '192.168.1.200'/7002/7004
Mon Jan 30 22:10:43 2012 <2600713279794431> getPooledConn: No more connections in the pool for Host[192.168.1.200] Port[7002] SecurePort[7004]
Mon Jan 30 22:10:43 2012 <2600713279794431> New SSL URL: match = 0 oid = 22
Mon Jan 30 22:10:43 2012 <2600713279794431> Connect returns -1, and error no set to 150, msg 'Operation now in progress'
Mon Jan 30 22:10:43 2012 <2600713279794431> EINPROGRESS in connect() - selecting
Mon Jan 30 22:10:43 2012 <2600713279794431> Setting peerID for new SSL connection
Mon Jan 30 22:10:43 2012 <2600713279794431> 0ae2 0436 0000 1b5c ...6...\
Mon Jan 30 22:10:43 2012 <2600713279794431> Local Port of the socket is 39186
Mon Jan 30 22:10:43 2012 <2600713279794431> Remote Host 192.168.1.200 Remote Port 7004
Mon Jan 30 22:10:43 2012 <2600713279794431> created a new connection to preferred server '192.168.1.200/7004' for '/xlWebApp/images/spacer.gif', Local port:39186
Mon Jan 30 22:10:43 2012 <2600713279794431> INFO: CA certificate missing basicConstraints, validation failed
Mon Jan 30 22:10:43 2012 <2600713279794431> ERROR: SSLWrite failed
Mon Jan 30 22:10:43 2012 <2600713279794431> SEND failed (ret=-1) at 793 of file ../nsapi/URL.cpp
Mon Jan 30 22:10:43 2012 <2600713279794431> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 794 of ../nsapi/URL.cpp
Mon Jan 30 22:10:43 2012 <2600713279794431> Marking 192.168.1.200:7004 as bad
Mon Jan 30 22:10:43 2012 <2600713279794431> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0, line 794 of ../nsapi/URL.cpp]: at line 3160
Mon Jan 30 22:10:43 2012 <2600713279794431> INFO: Closing SSL context
Mon Jan 30 22:10:43 2012 <2598413279794431>
================New Request: [GET /images/cab.gif HTTP/1.1] =================
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: SSL is configured
Mon Jan 30 22:10:43 2012 <2598413279794431> SSL Main Context not set. Calling InitSSL
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: SSL configured successfully
Mon Jan 30 22:10:43 2012 <2598413279794431> Using Uri /images/cab.gif
Mon Jan 30 22:10:43 2012 <2598413279794431> After trimming path: '/images/cab.gif'
Mon Jan 30 22:10:43 2012 <2598413279794431> adding prepend path: /xlWebApp/
Mon Jan 30 22:10:43 2012 <2598413279794431> The final request string is '/xlWebApp/images/cab.gif'
Mon Jan 30 22:10:43 2012 <2598413279794431> Host extracted from serverlist is [192.168.1.100]
Mon Jan 30 22:10:43 2012 <2598413279794431> Host extracted from serverlist is [192.168.1.200]
Mon Jan 30 22:10:43 2012 <2598413279794431> Initializing lastIndex=0 for a list of length=2
Mon Jan 30 22:10:43 2012 <2598413279794431> getListNode: created a new server node: id='192.168.1.100:7004,192.168.1.200:7004' server_name='OIMSERVER', port='443'
Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferred: availcookie=[JSESSIONID=6RGCPnbTFRG7LBrTRpFnv1QLnQHkxkqr4pjGhhGJyrJWJ1rv86NK!-872106207!NONE]
Mon Jan 30 22:10:43 2012 <2598413279794431> Found cookie from cookie header: JSESSIONID=6RGCPnbTFRG7LBrTRpFnv1QLnQHkxkqr4pjGhhGJyrJWJ1rv86NK!-872106207!NONE
Mon Jan 30 22:10:43 2012 <2598413279794431> Parsing cookie JSESSIONID=6RGCPnbTFRG7LBrTRpFnv1QLnQHkxkqr4pjGhhGJyrJWJ1rv86NK!-872106207!NONE
Mon Jan 30 22:10:43 2012 <2598413279794431> getpreferredServersFromCookie: [-872106207!NONE]
Mon Jan 30 22:10:43 2012 <2598413279794431> primaryJVMID: [-872106207]
secondaryJVMID: [NONE]
Mon Jan 30 22:10:43 2012 <2598413279794431> No of JVMIDs found in cookie: 1
Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferredFromCookie: Start Position is 0, listLen is 2
Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferredFromCookie: Either JVMIDs not set or they are stale. Will try to get JVMIDs from WLS
Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Iterating SrvrList from position 0
Mon Jan 30 22:10:43 2012 <2598413279794431> ======internal request /bea_wls_internal/WLDummyInitJVMIDs======
initJVMID: Trying Host[192.168.1.100] Port[7004] SecurePort[7004] useSSL [1] ioTimeout [30] socketTimeout [2]
Mon Jan 30 22:10:43 2012 <2598413279794431> New SSL URL: match = 0 oid = 0
Mon Jan 30 22:10:43 2012 <2598413279794431> Connect returns -1, and error no set to 146, msg 'Connection refused'
Mon Jan 30 22:10:43 2012 <2598413279794431> Error connecting to host 192.168.1.100:7004
Mon Jan 30 22:10:43 2012 <2598413279794431> *******Exception type [CONNECTION_REFUSED] (Error connecting to host 192.168.1.100:7004 errno = 146) raised at line 1723 of ../nsapi/URL.cpp
Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Failed to retrieved JVMID for 192.168.1.100:7004:7004
Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Marked server as BAD
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Closing SSL context
Mon Jan 30 22:10:43 2012 <2598413279794431> .....internal request /bea_wls_internal/WLDummyInitJVMIDs.....processed
Mon Jan 30 22:10:43 2012 <2598413279794431> ======internal request /bea_wls_internal/WLDummyInitJVMIDs======
initJVMID: Trying Host[192.168.1.200] Port[7004] SecurePort[7004] useSSL [1] ioTimeout [30] socketTimeout [2]
Mon Jan 30 22:10:43 2012 <2598413279794431> New SSL URL: match = 0 oid = 0
Mon Jan 30 22:10:43 2012 <2598413279794431> Connect returns -1, and error no set to 150, msg 'Operation now in progress'
Mon Jan 30 22:10:43 2012 <2598413279794431> EINPROGRESS in connect() - selecting
Mon Jan 30 22:10:43 2012 <2598413279794431> Setting peerID for new SSL connection
Mon Jan 30 22:10:43 2012 <2598413279794431> 0ae2 0436 0000 1b5c ...6...\
Mon Jan 30 22:10:43 2012 <2598413279794431> Local Port of the socket is 39188
Mon Jan 30 22:10:43 2012 <2598413279794431> Remote Host 192.168.1.200 Remote Port 7004
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Certificate validation succeeded
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Negotiated to cipher: 3
Mon Jan 30 22:10:43 2012 <2598413279794431> SSLWrite sent 171
Mon Jan 30 22:10:43 2012 <2598413279794431> SSLWrite completed, sent 171
Mon Jan 30 22:10:43 2012 <2598413279794431> Reader::fill() SSLRead returned: 0 290
Mon Jan 30 22:10:43 2012 <2598413279794431> URL::parseHeaders: CompleteStatusLine set to [HTTP/1.1 404 Not Found]
Mon Jan 30 22:10:43 2012 <2598413279794431> URL::parseHeaders: StatusLine set to [404 Not Found]
Mon Jan 30 22:10:43 2012 <2598413279794431> parsed all headers OK
Mon Jan 30 22:10:43 2012 <2598413279794431> Parsing cluster list: -872106207!182584374!7002!7004
Mon Jan 30 22:10:43 2012 <2598413279794431> parseJVMID: Parsing JVMID '-872106207!182584374!7002!7004'
Mon Jan 30 22:10:43 2012 <2598413279794431> parseJVMID: Actually parsing '-872106207!182584374!7002!7004'
Mon Jan 30 22:10:43 2012 <2598413279794431> ServerInfo struct for JVMID '-872106207' populated
Server Details are:
OrigHostInfo [192.168.1.200]
isOrigHostInfoDNS [0]
Host [192.168.1.200]
Port [7002]
SecurePort [7004]
Mon Jan 30 22:10:43 2012 <2598413279794431> Initializing lastIndex=0 for a list of length=1
Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Trying to locate Primary or Secondary using SrvrInfo with JVMID [-872106207]
Mon Jan 30 22:10:43 2012 <2598413279794431> initJVMID: Found Primary 192.168.1.200:7002:7004
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Closing SSL context
Mon Jan 30 22:10:43 2012 <2598413279794431> .....internal request /bea_wls_internal/WLDummyInitJVMIDs.....processed
Mon Jan 30 22:10:43 2012 <2598413279794431> getPreferredFromCookie: Found 1 servers
Mon Jan 30 22:10:43 2012 <2598413279794431> attempt #0 out of a max of 5
Mon Jan 30 22:10:43 2012 <2598413279794431> trying connect to PRIMARY '192.168.1.200'/7002/7004
Mon Jan 30 22:10:43 2012 <2598413279794431> getPooledConn: No more connections in the pool for Host[192.168.1.200] Port[7002] SecurePort[7004]
Mon Jan 30 22:10:43 2012 <2598413279794431> New SSL URL: match = 0 oid = 22
Mon Jan 30 22:10:43 2012 <2598413279794431> Connect returns -1, and error no set to 150, msg 'Operation now in progress'
Mon Jan 30 22:10:43 2012 <2598413279794431> EINPROGRESS in connect() - selecting
Mon Jan 30 22:10:43 2012 <2598413279794431> Setting peerID for new SSL connection
Mon Jan 30 22:10:43 2012 <2598413279794431> 0ae2 0436 0000 1b5c ...6...\
Mon Jan 30 22:10:43 2012 <2598413279794431> Local Port of the socket is 39189
Mon Jan 30 22:10:43 2012 <2598413279794431> Remote Host 192.168.1.200 Remote Port 7004
Mon Jan 30 22:10:43 2012 <2598413279794431> created a new connection to preferred server '192.168.1.200/7004' for '/xlWebApp/images/cab.gif', Local port:39189
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: CA certificate missing basicConstraints, validation failed
Mon Jan 30 22:10:43 2012 <2598413279794431> ERROR: SSLWrite failed
Mon Jan 30 22:10:43 2012 <2598413279794431> SEND failed (ret=-1) at 793 of file ../nsapi/URL.cpp
Mon Jan 30 22:10:43 2012 <2598413279794431> *******Exception type [WRITE_ERROR_TO_SERVER] raised at line 794 of ../nsapi/URL.cpp
Mon Jan 30 22:10:43 2012 <2598413279794431> Marking 192.168.1.200:7004 as bad
Mon Jan 30 22:10:43 2012 <2598413279794431> got exception in sendRequest phase: WRITE_ERROR_TO_SERVER [os error=0, line 794 of ../nsapi/URL.cpp]: at line 3160
Mon Jan 30 22:10:43 2012 <2598413279794431> INFO: Closing SSL context
Thanks"One of the tests is to lose one of the nodes for the apache plugin redirects the node that has less overhead."
Note that the plug-in does a round robin load balancing, for example, in the case of three server (1,2,3) it does 1-2-3-1-2-3-1...
with server 3 going down it does 1-2-1-2-1...
An example configuration (with SSL off) looks as follows:
LoadModule weblogic_module "/home/oracle/weblogic12.1.1/apache/modules/mod_wl.so"
<IfModule weblogic_module>
ConnectTimeoutSecs 10
ConnectRetrySecs 2
DebugConfigInfo ON
WLSocketTimeoutSecs 2
WLIOTimeoutSecs 300
Idempotent ON
FileCaching ON
KeepAliveSecs 20
KeepAliveEnabled ON
DynamicServerList ON
WLProxySSL OFF
</IfModule>
<Location /LoadTest6>
SetHandler weblogic-handler
WebLogicCluster 172.31.0.175:7002,172.31.0.113:7003
</Location>Also see the complete example here: http://middlewaremagic.com/weblogic/?p=7795
"the plugin sometimes redirects to the other active node"
This is somewhat strange, do you have session binding turned off?
"and on another occasion shows the oracle management console identity manager without the colors of the basic look and feel."
This could happen due to mime types (not really sure just a hunch). Here is a general story on this concept: https://developer.mozilla.org/en/Properly_Configuring_Server_MIME_Types
and the apache module: http://httpd.apache.org/docs/2.2/mod/mod_mime.html -
Hi,
I am using servlets in Weblogic Server environemt. My client (browser based) switches
from HTTPS to HTTP and vice versa while accessing different servlets.
In IE application works fine but when using Netscape it fails in many parts .
I have read that there is a fix for Netscape , it goes like this
" Question : When a Netscape browser starts a session with WebLogic Server on an
HTTP page and then moves to an HTTPS page, a new session is created. How can I preserve
the session while switching to or from HTTPS?
Answer : The cookie WebLogic Server sends includes the port number. When the Netscape
browser sees a cookie with a different port number, it assumes the destination is
a different server, so it does not return the cookie to WebLogic Server. The way
to prevent this is to specify the domain name that WebLogic Server writes in the
cookie with the weblogic.httpd.session.cookie.domain property. For example:
weblogic.httpd.session.cookie.domain=.mydomain.com "
I have tried this also by giving different versions of the above mentioned line in
weblogic.properties file
i) weblogic.httpd.session.cookie.domain=.myServerName
where myServerName is name of the machine in which Weblogic App server is runningWhich ports are you using for HTTP and HTTPS?
Robert Patrick wrote:
Is the browser talking directly to WLS or going through another web server (and the
weblogic plug-in)? In the URLs being used from the browser, do you always uss the full
machine name (e.g., mymachine.mydomain.com) or are you trying to use just the hostname
(e.g., mymachine) or the IP address?
Robert
Ajay Singh wrote:
Hi,
I am using servlets in Weblogic Server environemt. My client (browser based) switches
from HTTPS to HTTP and vice versa while accessing different servlets.
In IE application works fine but when using Netscape it fails in many parts .
I have read that there is a fix for Netscape , it goes like this
" Question : When a Netscape browser starts a session with WebLogic Server on an
HTTP page and then moves to an HTTPS page, a new session is created. How can I preserve
the session while switching to or from HTTPS?
Answer : The cookie WebLogic Server sends includes the port number. When the Netscape
browser sees a cookie with a different port number, it assumes the destination is
a different server, so it does not return the cookie to WebLogic Server. The way
to prevent this is to specify the domain name that WebLogic Server writes in the
cookie with the weblogic.httpd.session.cookie.domain property. For example:
weblogic.httpd.session.cookie.domain=.mydomain.com "
I have tried this also by giving different versions of the above mentioned line in
weblogic.properties file
i) weblogic.httpd.session.cookie.domain=.myServerName
where myServerName is name of the machine in which Weblogic App server is running -
HTTPS to HTTP switching in weblogic App server
Hi,
I am using servlets in Weblogic Server environemt. My client (browser based) switches
from HTTPS to HTTP and vice versa while accessing different servlets.
In IE application works fine but when using Netscape it fails in many parts .
I have read that there is a fix for Netscape , it goes like this
" Question : When a Netscape browser starts a session with WebLogic Server on an
HTTP page and then moves to an HTTPS page, a new session is created. How can I preserve
the session while switching to or from HTTPS?
Answer : The cookie WebLogic Server sends includes the port number. When the Netscape
browser sees a cookie with a different port number, it assumes the destination is
a different server, so it does not return the cookie to WebLogic Server. The way
to prevent this is to specify the domain name that WebLogic Server writes in the
cookie with the weblogic.httpd.session.cookie.domain property. For example:
weblogic.httpd.session.cookie.domain=.mydomain.com "
I have tried this also by giving different versions of the above mentioned line in
weblogic.properties file
i) weblogic.httpd.session.cookie.domain=.myServerName
where myServerName is name of the machine in which Weblogic App server is runningtry
weblogic.httpd.session.cookie.domain=.myDomainName
where myDomainName is something like india.techspan.com, make sure you don't put
in the name of your machine. WLS doesn't care about that in this property.
"Ajay Singh" <[email protected]> wrote:
>
Hi,
I am using servlets in Weblogic Server environemt. My client (browser
based) switches
from HTTPS to HTTP and vice versa while accessing different servlets.
In IE application works fine but when using Netscape it fails in many parts
I have read that there is a fix for Netscape , it goes like this
" Question : When a Netscape browser starts a session with WebLogic Server
on an
HTTP page and then moves to an HTTPS page, a new session is created. How
can I preserve
the session while switching to or from HTTPS?
Answer : The cookie WebLogic Server sends includes the port number. When
the Netscape
browser sees a cookie with a different port number, it assumes the destination
is
a different server, so it does not return the cookie to WebLogic Server.
The way
to prevent this is to specify the domain name that WebLogic Server writes
in the
cookie with the weblogic.httpd.session.cookie.domain property. For example:
weblogic.httpd.session.cookie.domain=.mydomain.com "
I have tried this also by giving different versions of the above mentioned
line in
weblogic.properties file
i) weblogic.httpd.session.cookie.domain=.myServerName
where myServerName is name of the machine in which Weblogic App server
is running -
Weblogic certificate is not being authenticated in Oracle HTTP Server
I am using Oracle HTTP Server with SSL and mod_proxy set up trying to pass a url through to the weblogic server. I start with my OHS url in the browser and the proxy is switches to the url to weblogic but I get the following error on the OHS side:
[2011-12-22T18:40:09.4683-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-2077] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] nzos proxy handshake error, nzos_Handshake returned 29024(server social.us.oracle.com:443, client 10.139.164.191)
[2011-12-22T18:40:09.4683-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-2171] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] NZ Library Error: Invalid X509 certificate chain [Hint: the client probably doesn't provide a valid client certificate]
[2011-12-22T18:40:09.4685-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-9999] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] (20014)Internal error: proxy: pass request body failed to 10.139.164.191:7001 (denovm11-1.us.oracle.com)
[2011-12-22T18:40:09.4685-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-9999] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] proxy: pass request body failed to 10.139.164.191:7001 (denovm11-1.us.oracle.com) from 10.139.164.196 ()
And the following error on the weblogic side:
####<Dec 22, 2011 6:40:10 PM MST> <Warning> <Security> <denovm11-1> <AdminServer> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <8e6c6502a1af117a:4eeee51e:13466bb040d:-8000-000000000000a764> <1324604410502> <BEA-090482> <BAD_CERTIFICATE alert was received from denovm11-6.us.oracle.com - 10.139.164.196. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.>
Here is my ssl.conf from OHS:
# Oracle HTTP Server mod_ossl configuration file: ssl.conf #
# OHS Listen Port
Listen 443
<IfModule ossl_module>
## SSL Global Context
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
# Some MIME-types for downloading Certificates and CRLs
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
SSLSessionCache "shmcb:${ORACLE_INSTANCE}/diagnostics/logs/${COMPONENT_TYPE}/${COMPONENT_NAME}/ssl_scache(512000)"
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
<IfModule mpm_winnt_module>
SSLMutex "none"
</IfModule>
<IfModule !mpm_winnt_module>
SSLMutex pthread
</IfModule>
## SSL Virtual Host Context
<VirtualHost *:443>
<IfModule ossl_module>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional and require.
SSLVerifyClient none
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
SSLCipherSuite SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
# SSL Certificate Revocation List Check
# Valid values are On and Off
SSLCRLCheck Off
#Path to the wallet
SSLWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/default"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
<IfModule proxy_module>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# Path to the wallet
SSLProxyWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/default"
SSLProxyEngine on
SSLProxyVerify none
# ottest : denovm11-1
ProxyPass /test https://abc.us.oracle.com:7001/test
ProxyPassReverse /test https://abc.us.oracle.com:7001/test
</IfModule>
</VirtualHost>
</IfModule>
On the OHS side I have all the certificates needed so SSL is working properly. The weblogic environment is currently working fine with other webgates, but those are apache and we are trying to switch to OHS.
Can OHS use mod_proxy to connect to weblogic or do I need to use mod_wl_ohs?
Does anyone see anything wrong in my ssl.conf file in regards to the proxy section.
Thanks in advance.In summary:
You need to create a new wallet with CSR (certificate signing req)
Send this to your certificate authority and get the signed server certificate.
Now import the signed server cert and the trusted root cert in to the wallet that you created newly.
Modify ssl.conf to point to the new wallet location.
To create wallet refer to : http://docs.oracle.com/cd/E25054_01/core.1111/e10105/wallets.htm#CHDGIJDC
Further reference: http://docs.oracle.com/cd/E25054_01/core.1111/e10105/sslconfig.htm#CBDGIJDF
Dont mind if this doc is 500 pages ;) -
Hi all,
My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
for 120 seconds. This causes Weblogic to timeout after a while. The error I get
is as follows:
<Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
at java.net.Socket.<init>(Socket.java:273)
at java.net.Socket.<init>(Socket.java:127)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
at weblogic.net.http.HttpClient.New(HttpClient.java:149)
at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
t.java:285)
at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
>
I get the same error when I added the following plug-in configuration parameters
(in obj.conf):
ConnectTimeoutSecs="170" ConnectRetrySecs="170".
What do I need to do to extend this timeout? Any help you can provide will be
greatly appreciated..
Thanks
ManishHi all,
My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
for 120 seconds. This causes Weblogic to timeout after a while. The error I get
is as follows:
<Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
at java.net.Socket.<init>(Socket.java:273)
at java.net.Socket.<init>(Socket.java:127)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
at weblogic.net.http.HttpClient.New(HttpClient.java:149)
at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
t.java:285)
at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
>
I get the same error when I added the following plug-in configuration parameters
(in obj.conf):
ConnectTimeoutSecs="170" ConnectRetrySecs="170".
What do I need to do to extend this timeout? Any help you can provide will be
greatly appreciated..
Thanks
Manish -
Slow performance with oracle http server connecting weblogic
I have a performance issue while using Oracle HTTP server as a proxy with weblogic server. It takes 10-15 seconds to pass the requests.
I also received the error related to SSL in my error logs even though i havent configured the SSL.
please find the error received in the OHS error logs
nzos handshake error, nzos_Handshake returned 28862
NZ Library Error: SSL IO error [Hint: the client stop the connection unexpectedly]
And please find a request information from the access log files.
Fri May 28 09:24:48 2010 <5944127503148828> getPooledConn: No more connections in the pool for Host[114.57.162.39] Port[6499] SecurePort[6499]
Fri May 28 09:24:48 2010 <5944127503148828> general list: trying connect to '114.57.162.39'/6499/6499 at line 3082 for '/fed/user/authnoam?refid=id-ixGFItkxw4Nt4l3wlz4W9sWR-ao-'
Fri May 28 09:25:00 2010 <5944127503148828> SSL is not configured for this connection
Fri May 28 09:25:00 2010 <5944127503148828> Local Port of the socket is 4472
it is visible that the while it is doing "general list trying to connect to" it takes a long time
Any pointers are highly appreciated.Shannon,
The OHS + Weblogic installation, just means you will have an admin server, with Enterprise Manager that can manage your OHS instances. That being said:
1 - You don't have to extend any domain, since the only thing OHS will need is an Admin Server with Enterprise Manager.
2 - I (myself, I don't speak for Oracle here) have a personal preference of having stand alone OHS. If you don't know how to work with httpd.conf and mod_wl.conf, I would suggest installing a separate domain only for it, that way you can keep the weblogic turned off, and turn it on only when you need to edit any configuration.
Thanks -
Can't start Appache HTTP server with Weblogic Server 8.1.
We are trying to use the Appache HTTP server with the Weblogic Server 8.1 on HPUX 11i platform.
For this purpose we use Weblogic 8.1 plug-in for Apache 2.0.50 - mod_wl_20.so shared library.
When trying to start the Apache server I got the following error:
/usr/lib/dld.sl: Can't shl_load() a library containing Thread Local Storage: /usr/lib/libcl.2
/usr/lib/dld.sl: Exec format error
Syntax error on line 234 of /tsauser5.p302/tsa/crm/tsacla2/Apache_DEV2/conf/httpd.conf:
Cannot load /tsauser5.p302/tsa/crm/tsacla2/Apache_DEV2/modules/mod_wl_20.so into server: Exec format error
It looks like plug-in mod_wl_20.so wasn't’t compiled with the –lpthread library.
Do you know if we can achieve the source of the “mod_wl_20” plug-in and recompile it after that?contact support they should be able to help you out.
-
Disabling Weblogic's http server port - Using an external web server
Hi,
We are using Weblogic 8.1 as application server and IWS as web server. We have
siteminder web agent configured on the web server for implementing authentication
and authorization.
All our requests first go to the web server which redirects them to the application
server.
Since Weblogic itself has a http listen port, user can still send requests directly
to the application server(which does not have any siteminder configuration on
it). Is it possible to ensure that all http requests made directly to the application
server are not processed so that the user is forced to hit the web server first.
Thanks,
AkashWhen you say redirect, do you mean you use an HTTP redirect to send it to your
WLS servers URL? Or do you mean you proxy the requests from the webserver to
the WLS instance? In the former case, you must expose WLS's HTTP server to the
clients in order to redirect them to the address and you will not be able to
stop them from going directly there. In the case of the latter, you can put
your WLS instance behind the firewall so external users can't get to it. If you
also need to protect it from internal users you should probably not use
siteminder as your authentication mechanism. You may be able to configure
siteminder so that it has to authenticate itself to send requests to weblogic
and then protect all weblogic resources with that role requirement.
Sam
[email protected] wrote:
Hi,
We are using Weblogic 8.1 as application server and IWS as web server. We have
siteminder web agent configured on the web server for implementing authentication
and authorization.
All our requests first go to the web server which redirects them to the application
server.
Since Weblogic itself has a http listen port, user can still send requests directly
to the application server(which does not have any siteminder configuration on
it). Is it possible to ensure that all http requests made directly to the application
server are not processed so that the user is forced to hit the web server first.
Thanks,
Akash -
Embedded HTTP server in weblogic vs OHS
Hi,
I have installed EPM. Along with it weblogic is installed. I forget to install OHS so weblogic is using it's own HTTP server.
I have some questions related to embedded server vs OHS.
1 - Will embedded HTTP Server will work as fine as OHS?
2 - Is there any speed difference between 2 servers?
3 - I am having a lot of unusual issues, could it be due to embedded HTTP server?
RegardsHi there JanGLi,
your question is rather architectural than technical.
The use of OHS should be dictated by your environment topology.
1 - Will embedded HTTP Server will work as fine as OHS?
Sure. WLS is designed and can work standalone, i.e. without requiring
OHS in front.
2 - Is there any speed difference between 2 servers?
Though I have NOT done any stress tests to compare OHS vs WLS in serving
content, I expect the OHS to better serve static content, i.e. images,
JS, css, etc.
I would say that OHS is required when you are running web based
applications distributed among several DMZ's where OHS should be in your
Internet zone and WLS in the application server zone. You can also
offload WLS from SSL, i.e. you can configure OHS to handle the SSL
communication and leave the WLS to do its job - running JEE components.
3 - I am having a lot of unusual issues, could it be due to embedded
HTTP server?
In your case I doubt that the problems you are experiencing with EPM are
due to the lack of OHS in front. If your are more specific in the issues
you are facing I (or someone else in the community) might be able to
help you.
Hope this helps,
A. -
What is the HTTP server [default/built-in] that Weblogic server uses
Is the built-in web server in weblogic Apache or is it some other http server that
BEA owns ?WebLogic Server is a single java process, that has two listen ports, one SSL
and non-ssl.
These two ports use protocol discrimination to handle multiple protocols on
a single port.
NON-SSL --> http, t3 (proprietary rmi protocol), iiop
SSL --> https, t3s, iiops
So WebLogic comes with a build in Webserver. Or you can use a third party
webserver in front of WLS with plugin to proxy to WLS.
See;
http://edocs.bea.com/wls/docs81/plugins/
Cheers
mbg
"Manoj" <[email protected]> wrote in message
news:3edb0ba5$[email protected]..
>
Is the built-in web server in weblogic Apache or is it some other httpserver that
BEA owns ?
Maybe you are looking for
-
With a document open password - is there a way to ask only once per session?
Here's my scenario: User is reading a "password to open" document that contains links to other web pages, etc. The user clicks on a link, goes to the new page, then uses the back button/back key to return to the password protected document, where t
-
Audio Problems in Adobe Presenter: Help Needed Urgently!!
I am using trial versions of Adobe Presenter 7 and Adobe Connect 8. I created a presentation in in Powerpoint 2002 and published through Adobe Presenter to Adobe Connect Pro. This presentation has voice over recorded through the Adobe Presenter "reco
-
I'd like to start over with a brand new addresbook
I would like to possibly back up and then remove current addressbook and start over Fresh. What I want to do is back up my Blackberry/Altell phone's contacts to a new addressbook. without wiping out the information I have on the Blackberry I tried th
-
Does anyone know of any free programs to convert from .swf to another file type like mpg, avi, wmv, etc.
-
My son signed into my Game Center account on his iPod touch and it reverted all my apps on my iPod to his. How do I reverse it to get all my apps back?