Weblogic redirects to administration port, not ssl port, for confidential
Using WLS 9.2 MP2.
I added the following into web.xml to make sure all requests are using https.
It works fine when the administration port is not enabled (weblogic redirects the request to the ssl port).
But when the administration port is enabled, weblogic redirects the request to the administration port, not the ssl port, and hence get a 404 error for the page.
I opened BEA case 759384 in Nov last year, and CR354916 was filed, but have not heard back.
<security-constraint>
<web-resource-collection>
<web-resource-name>All Pages</web-resource-name>
<description>These pages are only accessible by over SSL.</description>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<description>This is how the user data must be transmitted</description>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
setting the setDomainEnv solved the issue.
set MEM_ARGS=-Xms256m -Xmx512m -XX:PermSize=128m
Regards,
Sam.
Similar Messages
-
Weblogic 10.3 deployException: Could not encrypt password for connection
Well, I guess this is my first time posting in a forum.
My problem is that, when trying to run my servlet, using a jdbc:odbc connection
to an Access-database, I get the following error in the server log:
Running dependency analysis...
2009-03-27 16:59:40.106: Writing WAR file to C:\Program Files\JDeveloper\jdeveloper\system\system11.1.1.0.31.51.56\o.j2ee\drs\TableViewApplication\TableViewApplication-tableviewproj-webapp
2009-03-27 16:59:40.12: Wrote WAR file to C:\Program Files\JDeveloper\jdeveloper\system\system11.1.1.0.31.51.56\o.j2ee\drs\TableViewApplication\TableViewApplication-tableviewproj-webapp
ERROR: Could not encrypt password for Connection TBLViewConnect.
The connection I'm using works fine when testing it with the JDeveloper's SQL editor.
It's properties are:
Connection Name: TBLViewConnect
Connection Type: JDBC-ODBC Bridge
as well as username, password and a local datasource
I'm running JDeveloper 11.1.1 on Vista 32bit
Besides, it's my first time using a database-connection with a servlet
thanks for your helpguess I could have found that earlier ;)
I just had to uncheck the "save password" option in the connection menu and write it in the getConnection() method instead. -
Enabled WebLogic Server domain administration port, now can't connect
I am having troubles in an OID 11g cluster using new custom identity and Java standard trust, so setup a basic lab server with WLS 10.3.3 admin server and one managed server. All was well.
I enabled the domain-wide admin port (9002) and can access the admin server console via https://localhost:9002/em.
I am unable to start the managed server with ADMIN_URL of t3s://localhost:9002 or https://localhost:9002 or using the fully-qualified host name. It says "There is no server running at t3s://localhost:9002" for example.
I enabled SSL debugging, and it just "gives up" quietly, deciding there is no SSL trust:
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: -
33322804764672255361779797406005394240
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=myhostname.acme.com
Not Valid Before:Sun Mar 27 17:37:38 EDT 2011
Not Valid After:Sat Mar 28 17:37:38 EDT 2026
Signature Algorithm:MD5withRSA
>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number:
46914133237969612308202465797198785159
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Not Valid Before:Thu Oct 24 11:54:45 EDT 2002
Not Valid After:Tue Oct 25 11:54:45 EDT 2022
Signature Algorithm:MD5withRSA
>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 0>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: -
33322804764672255361779797406005394240
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=myhostname.acme.com
Not Valid Before:Sun Mar 27 17:37:38 EDT 2011
Not Valid After:Sat Mar 28 17:37:38 EDT 2026
Signature Algorithm:MD5withRSA
>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number:
46914133237969612308202465797198785159
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Not Valid Before:Thu Oct 24 11:54:45 EDT 2002
Not Valid After:Tue Oct 25 11:54:45 EDT 2022
Signature Algorithm:MD5withRSA
>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 0>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Trust status (0): NONE>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <Performing hostname validation checks: localhost>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <873462440 SSL3/TLS MAC>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <873462440 received HANDSHAKE>
<Mar 30, 2011 7:38:51 PM EDT> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHelloDone>
I set flags like this: -Dweblogic.security.TrustKeyStore=DemoTrust -Dweblogic.security.SSL.ignoreHostnameVerification=true , no success.
Any assistance you could provide would be much appreciated! Thank you.More info: I'm using the default DemoTrust setup.
Correction: I can connect to the console at https://localhost:9002/console (not /em). -
Error: All administrative tasks must go through an Administration Port
Hi,
I run weblogic's example MedRec as a cluster. I follow the
instruction and it works.
I have a java application (swing) connecting to the cluster.
When I set MedRec to use 7001 port for both admin and other
tasks, it works fine.
Now, I set weblogic to have separated administration port
(9002). I set ssl as requested. I can deploy ejbs to the
cluster from my swing application. So, the cluster setting
seems okay.
But I want to access ejbs from my swing application. When I
try to get InitialContext using url like "t3://mymachine:8001"
or "t3s://mymachine:7002" I get error:
"All administrative tasks must go through an Administration Port"
For my understanding, request an instance of InitialContext
is not an administration task. What is wrong here? What should I do?
Any information would be appreciated. Thanks in advance.Jimmy Ivanov <[email protected]> writes:
If you use the admin credentials then its an admin task. Try using a
different user.
andy
Hi,
I run weblogic's example MedRec as a cluster. I follow the
instruction and it works.
I have a java application (swing) connecting to the cluster.
When I set MedRec to use 7001 port for both admin and other
tasks, it works fine.
Now, I set weblogic to have separated administration port
(9002). I set ssl as requested. I can deploy ejbs to the
cluster from my swing application. So, the cluster setting
seems okay.
But I want to access ejbs from my swing application. When I
try to get InitialContext using url like "t3://mymachine:8001"
or "t3s://mymachine:7002" I get error:
"All administrative tasks must go through an Administration Port"
For my understanding, request an instance of InitialContext
is not an administration task. What is wrong here? What should I do?
Any information would be appreciated. Thanks in advance.-- -
How to monitor WebLogic Server when enable the Administration Port
It works fine when use Listenport 7001, but when enable the Administration Port(9002), it does not work.
Maybe I should do something to set the system environment property, but how?
help~
Sorry for my poor English~
Thanks~HI,
If the admin port is enabled then you have to use these parameters to run any scripts
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.TrustKeyStore=DemoTrust
-The you can use Admin URL: t3s://localhost:9002 with Admin Port and Secure Protocol.
Example:
java -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.security.TrustKeyStore=DemoTrust weblogic.WLST application_status.py
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Connecting to t3s://localhost:9002 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'Domain_7001'.
.Regards,
Ravish Mody
http://middlewaremagic.com/weblogic
Come, Join Us and Experience The Magic… -
Hi all,
I installed JES2 and selected AM, Directory Service.
when installer configure web server, at
Enter SSL Administration Port [-1] {"<" goes back, "!" exits}I can't changed it to be 8989 or other ports.
Enter SSL Administration Port [-1] {"<" goes back, "!" exits}: 8989
Error: The SSL Admin Port could not be validated. Please specify a different
Port.
Enter SSL Administration Port [8989] {"<" goes back, "!" exits}: 1000
Error: The SSL Admin Port could not be validated. Please specify a different
Port.
Enter SSL Administration Port [1000] {"<" goes back, "!" exits}: 100001
Error: The SSL Admin Port specified is out of range. Please enter a valid Port.
Enter SSL Administration Port [100001] {"<" goes back, "!" exits}: 10002
Error: The SSL Admin Port could not be validated. Please specify a different
Port.Anybody help me plz.try the following
ssl-server 90 vip address 10.1.2.136
ssl-server 90 urlrewrite 1 10.1.2.136
ssl-server 90 rsacert xxxxcert
ssl-server 90 rsakey xxxxkey
ssl-server 90 cipher rsa-export-with-rc4-40-md5 10.1.2.136 4443
service esl0011-4443
ip address 10.1.1.120
port 4443
keepalive type http
keepalive uri "/"
active
content HTTP-4443
vip address 10.1.2.136
port 4443
protocol tcp
add service esl0011-4443
active
BTW, I also corrected your urlrewrite command as it was incorrect. You need to specify the host. So not http or https in front.
Gilles. -
Administration ports without SSL
Hi!
Is there any way of using administration ports (to get the separation of real/admin traffic) without using SSL?
We have a secured network (good enough anyway) so the SSL is not of any great use for us, it's just a complex factor that creates a lot of work.
thanks.
H. WallerThe port setting under the Advanced tab for the account preferences is for the incoming mail server only. You can select "Use SSL" for the .Mac incoming mail server which will change the incoming mail server port from 143 to 993 automatically.
To change the port setting for the account's SMTP server, go to Mail > Preferences > Accounts and under the Account Information tab for the account preferences at the SMTP server selection, select the Server Settings button below for the .Mac SMTP server.
Enter 587 in place of 25 in the Server Port field and when finished, select OK to save the changed setting. -
Hi,
I have a Weblogic server installation from which the field "Enable Administration Port" has been checked (Probably the Administration Port is now 9002, but I cannot check it).
As a consequence I am unable to access the Console.
When I try to access the Console through the 7001 port, I get the message:
Console/Management requests or requests with <require-admin-traffic> specified to 'true' can only be made through an administration channel.
Does someone know how to disable the "Enable Administration Port"? Maybe with WSLT?
Thanks and Regards.Solved. Port 9004 can be accessed through https.
-
Can not login to CiscoSecure ACS, all Administration ports are currently in
I changed the administrator password but cannot longer log to the ACS. I get "Can not login to CiscoSecure ACS, all Administration ports are currently in use". The old password no longer works so i know it is not a password issue.
Disregard!!!
-
Administration port - network channel for admin traffic
I am trying to configure a separate channel for Administration traffic on weblogic. I followed the oracle docos and configured the SSL, domain wide admin port, server listen address, ‘admin’ channel.
The issue is admin traffic in not happening through the newly created channel.
L2 network is not getting used. I can’t see any activity in the monitoring tab of new Channel. Also the netstat is showing that the port 9101/9102 is getting used on the 192.168.100.218 and not on 10.254.252.849.
I also tried by setting up the newly created channel weight as 51, but no luck.
Is JMX connectivity related to admin channel?
Any help is highly appreciated. Thanks.
Ipconfig:
Admin: adminserver701.mycompany.internal, 192.168.100.238, 10.254.252.808
Managed: appserver701.mycompany.internal, :192.168.100.218, 10.254.252.849
Domain wide admin port: 9101
Admin:
Listen address –> adminserver701.mycompany.internal
Channel –> admin -> 10.254.252.808/9101
Startup -> -Dweblogic.admin.ListenAddress=admin://10.254.252.808:9101
Managed:(appserver701)
Listen address –> appserver701.mycompany.internal
Admin port override: 9102
Channel –> admin -> 10.254.252.849/9102
Startup -> -Dweblogic.admin.ListenAddress=admin://10.254.252.849:9102
AdminServer Logs:
####<Feb 18, 2013 1:53:33 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159613346> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://adminserver701.mycompany.internal:9101/jndi/weblogic.management.mbeanservers.runtime .>
####<Feb 18, 2013 1:53:33 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159613353> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://adminserver701.mycompany.internal:9101/jndi/weblogic.management.mbeanservers.edit .>
####<Feb 18, 2013 1:53:33 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159613367> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://adminserver701.mycompany.internal:9101/jndi/weblogic.management.mbeanservers.domainruntime .>
####<Feb 18, 2013 1:53:36 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159616699> <BEA-002613> <Channel "DefaultAdministration" is now listening on 192.168.100.238:9101 for protocols admin, ldaps, https.>
####<Feb 18, 2013 1:53:36 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361159616700> <BEA-002613> <Channel "Channel-0" is now listening on 10.254.252.808:9101 for protocols admin, ldaps, https.>
####<Feb 18, 2013 1:55:12 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <cd259038c7dcf5a8:-26ac3ba0:13ceb6f767d:-8000-000000000000001a> <1361159712920> <BEA-002613> <Channel "Default" is now listening on 192.168.100.238:7001 for protocols iiop, t3, ldap, snmp, http.>
####<Feb 18, 2013 1:55:12 PM EST> <Notice> <Server> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <cd259038c7dcf5a8:-26ac3ba0:13ceb6f767d:-8000-000000000000001a> <1361159712920> <BEA-002613> <Channel "DefaultSecure" is now listening on 192.168.100.238:7002 for protocols iiops, t3s, ldaps, https.>
ManagedServer Logs:
####<Feb 18, 2013 2:54:19 PM EST> <Info> <JMX> <appserver701.mycompany.internal> <adp_ms01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361163259911> <BEA-149512> <JMX Connector Server started at service:jmx:iiop://appserver701.mycompany.internal:9102/jndi/weblogic.management.mbeanservers.runtime .>
####<Feb 18, 2013 2:54:20 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361163260350> <BEA-002613> <Channel "Channel-0" is now listening on 10.254.252.849:9102 for protocols admin, CLUSTER-BROADCAST-SECURE, ldaps, https.>
####<Feb 18, 2013 2:54:20 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1361163260350> <BEA-002613> <Channel "DefaultAdministration" is now listening on 192.168.100.218:9102 for protocols admin, CLUSTER-BROADCAST-SECURE, ldaps, https.>
####<Feb 18, 2013 2:54:58 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[STANDBY] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <d3208ed6c2482016:-46ac5fed:13ceba69a8e:-7ffe-000000000000000e> <1361163298045> <BEA-002613> <Channel "DefaultSecure" is now listening on 192.168.100.218:7102 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.>
####<Feb 18, 2013 2:54:58 PM EST> <Notice> <Server> <appserver701.mycompany.internal> <adp_ms01> <[STANDBY] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <d3208ed6c2482016:-46ac5fed:13ceba69a8e:-7ffe-000000000000000e> <1361163298045> <BEA-002613> <Channel "Default" is now listening on 192.168.100.218:7101 for protocols iiop, t3, CLUSTER-BROADCAST, ldap, snmp, http.>
AdminServer logs update while starting managed:
####<Feb 18, 2013 2:54:57 PM EST> <Info> <JMX> <adminserver701.mycompany.internal> <soa_as> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <cd259038c7dcf5a8:-26ac3ba0:13ceb6f767d:-8000-0000000000000162> <1361163297488> <BEA-149506> <Established JMX Connectivity with adp_ms01 at the JMX Service URL of service: jmx:admin://appserver701.mycompany.internal:9102 /jndi/weblogic.management.mbeanservers.runtime.>
Admin Server :
[oracle@adminserver701 bin]$ netstat -an | grep 9101
tcp 0 0 10.254.252.808:9101 0.0.0.0:* LISTEN
tcp 0 0 192.168.100.238:9101 0.0.0.0:* LISTEN
tcp 0 0 192.168.100.238:9101 192.168.100.218:59038 ESTABLISHED
I am wondering if the JMX connectivity is using the server listen address (adminserver701.mycompany.internal) which will by default resolve to 192.168.100.238. Is there a way to force JMX to use 10.254.252.808?Hi
For first question the answer is no. With the administration port, you enable the SSL between the admin server and Node manager-managed Servers. You can still use the web console.
For teh second question, you can use ANT or can use the WLS Scripting ..you can get more details in dev2dev.bea.com
Jin -
Use of domain administration port breaks session access?
WLS 8.1.2;
We have a third-party app deployed in a pretty basic cluster setup (two managed servers, each on a separate machine). When accessing the main web app, it works fine. If/when we enable the domain-wide administration port (DAP)(after enabling SSL on each server), we can no longer access the application - we get the exception shown below.
Note - if we shut down one of the two managed servers with DAP enabled, the app works. If we disable DAP and run both managed servers using SSL, the app works.
What have done wrong?
tia,
Rick
<snip>
####<Jun 9, 2005 10:26:49 AM EDT> <Error> <HTTP Session> <OYARSA4> <ep01> <ExecuteThread: '9' for queue: 'weblogic.kernel.Default'> <<WLS Kernel>> <> <BEA-100060> <An unexpected error occurred while retrieving the session for Web application: ServletContext(id=247422,name=eprovision-client,context-path=/eprovision-client).
java.lang.SecurityException: User <anonymous> does not have access to the administrator port.
at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:138)
at weblogic.cluster.replication.ReplicationManager_812_WLStub.create(Unknown Source)
at weblogic.cluster.replication.ReplicationManager.trySecondary(ReplicationManager.java:1064)
at weblogic.cluster.replication.ReplicationManager.createSecondary(ReplicationManager.java:997)
at weblogic.cluster.replication.ReplicationManager.register(ReplicationManager.java:391)
at weblogic.cluster.replication.ReplicationManager.register(ReplicationManager.java:376)
at weblogic.cluster.replication.ReplicationManager.register(ReplicationManager.java:370)
at weblogic.servlet.internal.session.ReplicatedSessionData.<init>(ReplicatedSessionData.java:95)
at weblogic.servlet.internal.session.ReplicatedSessionContext.getNewSession(ReplicatedSessionContext.java:304)
at weblogic.servlet.internal.ServletRequestImpl.getNewSession(ServletRequestImpl.java:2472)
at weblogic.servlet.internal.ServletRequestImpl.getSession(ServletRequestImpl.java:2169)
at weblogic.servlet.security.internal.SecurityModule$SessionRetrievalAction.run(SecurityModule.java:637)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.security.internal.SecurityModule.getUserSession(SecurityModule.java:612)
at weblogic.servlet.security.internal.FormSecurityModule.stuffSession(FormSecurityModule.java:404)
at weblogic.servlet.security.internal.FormSecurityModule.checkUserPerm(FormSecurityModule.java:391)
at weblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.java:197)
at weblogic.servlet.security.internal.FormSecurityModule.checkA(FormSecurityModule.java:181)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:145)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3539)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
Caused by: java.lang.SecurityException: User <anonymous> does not have access to the administrator port.
at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:910)
at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:844)
at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:222)
at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:794)
at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:570)
at weblogic.socket.SSLFilter.dispatch(SSLFilter.java:281)
at weblogic.socket.NTSocketMuxer.processSockets(NTSocketMuxer.java:105)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:32)
</snip>An unexpected error occurred while retrieving the session for Web application: logContext.
Cause might Failed to retrieve the session from persistent store.
pl. check your configuration
Prasanna Yalam -
Administration Port Definition
Hello,
I have create 1 admin server & 1 manager server on same UNIX box. Can both instance
have same Administration Port number ?
Thanks
Kumar,
I am more confused with Admin Port.
Here is my Configuration :
Domain : Admn_srvr
Server Name : Admn_srvr ( Admin Server )
Port : 4401
SSL Port : 4402
Admin Port : 4501.
Server Name : Admn_srvr1 ( Managed Server )
Port : 4403
SSL Port : 4404
Admin Port : 4502.
In stead of using 4501 on Admin server, we have to set it 0 ?
In above configuration, Everything works fine. We are getting following error
message in admn_srvr.log file. I don't understand, Why Admin server tries to
contact Managed server ?
We are not passing Discover=True on commmand line.
++++++++++++++++++++
vr> <ExecuteThread: '1' for queue: '__weblogic_admin_rmi_queue'> <system> <> <170008>
<Unable to contact managed server - admn_srvr1, at 10.0.192.182:4403. Domain logfile
will not contain messages from this server.>
java.lang.IllegalArgumentException: Invalid user name or password
at weblogic.management.logging.DomainLogHandler.getMBeanHome(DomainLogHandler.java:281)
at weblogic.management.logging.DomainLogHandler.subscribeToServer(DomainLogHandler.java:243)
++++++++++++++
Thanks
Kumar Allamraju <[email protected]> wrote:
>Don't set administration port (via console) in 6.0. This is broken in 6.0 For
now just use Listen Port
>Also you can have admin & managed server's running on the same port,
>but they should be
>binded to a unique IP.
>
>--
>Kumar
>
>wlstech wrote:
>
>> Hello,
>>
>> I have create 1 admin server & 1 manager server on same UNIX box. Can
>both instance
>> have same Administration Port number ?
>>
>> Thanks
>
-
Domain-wide administration port?
Hi,
I tried to start a cluster of 2 servers across 2 physical machines, I got error and server starting failed:
"Starting Managed Servers in Standby mode requires the domain-wide administration port."
My topology is as following:
Domain A is created in machine A and copy to machine B:
Machine A: admin serverr at port 8001. Managed server at port 8088 of cluster1.
Machine B: Managed server at port 8088 of the same cluster1.
What is wrong? Why I cannot start cluster? Why I got error " need domain-wide administration port"? What is "domain-wide administration port"? Why my created domain admin server at Machine A didn't work?
Your prompt help is highly appreciated. I am waiting for your help.
Thank you in advanceHi,
First of all the domain-wide administration port enables you to start a WebLogic Server instance in STANDBY state. It also allows you to separate administration traffic from application traffic in your domain.
so check in ur console whether u have specified the start up mode as STANDBY.if so change it to Running and try restarting the server:-
You can do that by chking the below link:-
http://e-docs.bea.com/wls/docs92/ConsoleHelp/taskhelp/startstop/SpecifyAStartupMode.html.
Domain-wide administration port is used when you have configured ssl for ur servers. Refer http://e-docs.bea.com/wls/docs103/ConsoleHelp/taskhelp/domainconfig/EnableTheDomainwideAdministrationPort.html for more info. -
Administration Port / command line / console gui question
In the Admin_ref.pdf doc it says "After enabling the administration port, all Administration Console traffic must connect via the administration port". Does this mean that you can no longer use the web gui console to manage the servers?
I would like the option to script deployments (deploy ears, stop start servers etc.) via command line to reduce the possibility of user error during routine deployments.
I do config mgmt. and am not a developer so I may be getting hung up on the language here.
Thanks,
gjHi
For first question the answer is no. With the administration port, you enable the SSL between the admin server and Node manager-managed Servers. You can still use the web console.
For teh second question, you can use ANT or can use the WLS Scripting ..you can get more details in dev2dev.bea.com
Jin -
Java.security.acl.NotOwnerException when Administration Port is set
I get the NOE, posted below, when I start some of my managed servers, while other managed servers
start fine. After some scrutiny I discover the differences is that in /console, I've set some of my
managed server's Administration Port to that of my admin server, and these are the ones that are
busted! Those that I left as default '0' start up just fine. Hence the question: "What the heck
is the use of this field???"
<Apr 3, 2001 3:12:02 PM PDT> <Info> <WebLogicServer> <IIOP subsystem enabled.>
<Apr 3, 2001 3:12:02 PM PDT> <Emergency> <Server> <Unable to initialize the server: 'Fatal
initialization exception
Throwable: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
'>
The WebLogic Server did not start up properly.
Exception raised: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
Gene Chuang
Join Kiko.com!Ah, I see! The introduction of an "admin server" in 6.0 caused the confusion for me. The
Administration Port is NOT the port number of the admin server!
Gene
"Kumar Allamraju" <[email protected]> wrote in message news:[email protected]...
This is equivalent to weblogic.system.AdministrationPort in 451/510.
In 451/51 if you start WLS server with
java -Dweblogic.system.administrativePort=2000 weblogic.Server
and then executing
D:\releases\510>java weblogic.Admin admin://localhost:2000 VERSION
returns the WLS version.
WebLogic Build: 5.1.0 Service Pack 8 12/20/2000 16:34:54 #95137
Bottom line is, once you set admin port, all admin stuff can be done on admin protocol only.
It appears this is not happening/broken in 6.0 . There's already an engg issue filed on thisproblem.
>
Kumar
Gene Chuang wrote:
I get the NOE, posted below, when I start some of my managed servers, while other managed
servers
start fine. After some scrutiny I discover the differences is that in /console, I've set someof my
managed server's Administration Port to that of my admin server, and these are the ones that are
busted! Those that I left as default '0' start up just fine. Hence the question: "What theheck
is the use of this field???"
<Apr 3, 2001 3:12:02 PM PDT> <Info> <WebLogicServer> <IIOP subsystem enabled.>
<Apr 3, 2001 3:12:02 PM PDT> <Emergency> <Server> <Unable to initialize the server: 'Fatal
initialization exception
Throwable: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
'>
The WebLogic Server did not start up properly.
Exception raised: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
Gene Chuang
Join Kiko.com!
Maybe you are looking for
-
XML Parser for C++ v2(Error 219)
Hi, I am using Oracle XML Parser for C++ v2. I tried to parse an xml document. When I execute the following code: ecode = parser.xmlparse((oratext *) DOCUMENT, (oratext *) 0, flags) I got the 219 error code (no message file for product=ORACORE, facil
-
How do I apply one same transition to multiple slides in one go?
How do I apply one same transition to multiple slides in one go?
-
Migrating/Porting of Hyperion / Essbase
Hi Experts, We have Hyerion HFM,FDM running on a single host of Windows 2003, Hyperion Enterprise is on Second Host and Shared Services, Essbase and Planning on third Windows box. We are using 11.1.1.3 version. This setup was for Development environm
-
When using the "search the web" I get overlapping lines of data
just the top right search engine has the problem. The yahoo and bing searches work correctly. Again, I get correct responses but the results are hard to read because there are overlapping pictures of buildings in the background (11 repetitions of the
-
No sound after Win 7 install w/Pavillion a1430n
Hey, I've just did a full install of Windows 7 on my HP Pavillion A1430N and I've got no sound. Got the red x next to the speaker in the icon tray. I've seen while searching that loosing the sound is common with this upgrade/install, but I haven't se