WebLogic Web Server
Hello!
Actually we have an 3 layer infrastructure (web server <FIREWALL> application server and database) based in Apache HTTP Server, Apache Tomcat and Oracle Database. We are studying the alternative of using Bea Weblogic, but we have some doubts:
- Weblogic has also a web server ?
- How can i separate web server from application server to have completelly separation between web and application layer
- There is some document to migrate from apache http server and tomcat to WebLogic?
- In Apache we use AJP protocol to communcation between web and app... Wich is the protocol used by weblogic?
Thanks a lot
Instead of ajp from the mod_proxy_ajp module you can use the Apache module that comes with Weblogic called mod_wl_2x.
[url http://edocs.bea.com/wls/docs100/pdf/plugins.pdf]
Similar Messages
-
Strange behavior from Weblogic web server
This doesn't seem to be an EJB issue so I'm responding to the servlet
newsgroup. Also, why don't you try posting a simple example of the type of
html/javascript you are serving and/or open a support case with BEA Customer
support. Additionally, this link might help:
http://www.weblogic.com/docs51/classdocs/javadocs/weblogic/html/ScriptElement.html
Thanks,
Charlie
The views expressed in this posting are solely those of the author, and
BEA Systems, Inc. does not endorse any of
these views.
BEA Systems, Inc. is not responsible for the accuracy or completeness
of the information provided
and assumes no duty to correct, expand upon, delete or update any of
the information contained in this posting.
dwang wrote:
Hi:
I am using Weblogic web server to serve up my html/jsp pages. I also
have a javascript function to open up another window if I click on the
button. But when I click on the button, the index.html file from httpd
root directory is always displayed on the browser and the javascript
function is never being excuted completly(I have put an alert statement
on it and it only excuted the first line of statement). Can someone tell
me why?
Many thanks,
David -
Trouble launching extension-associated applications through WebLogic Web Server
We are using WebLogic 7.1 to do a simple document management system. We have a
servlet that generates HTML. The HTML contains a hyperlink to document that is
served through WebLogic Web Server, via a Web Application, and is located in the
application directory.
The problem is, when you click on the hyperlink, an application associated with
the extension (for example, Microsoft Word for .doc extension) is not launched.
Instead, the browser brings up the document in its raw form directly in the browser
window.
This feature works properly when you browse to other sites that contain hyperlinks
to Word Documents (Microsoft Word gets launched properly within the browser).
Any ideas would be greatly appreciated.Hi Jay,
During my on going testing on our DR site, across all the issues which kind of fixed and working now – I have come across 1 which I am a little amazed with
While trying to run the ping and buffer on REN SERVER
ERROR 404 Page not found. Everything is set up perfectly to what I understand.
Env. – HR to portal .
Request goes to RPS passes the firewall goes to LB and to REN and so on along with that.
Initially the Setup was incorrect which is corrected now. Then LB was listening to desired port – which was not activated while RPS was brought up – we have fixed that. so for now LB listens to port.
We have bounced app/prcs and cleared cache. But when tried to ping test – 404 (page not found error )
I have checked config.xml / struts-config.xml and web.xml – jus to verify the document root and context is alrite. Looks Good.
Checked logs - No specific error.
HR – Websphere … RPS apache...
Portal – Weblogic
Tools - 8.49.18
App - 9.0 (HR)
RENQ is up and running.
REN Server Cluster ID: RENCLSTR_0002
*StateFlag Active
*REN Server Cluster URL: https://psportal:8065
*REN Server Browser URL: https://psportal.dowjones.net:8065
Authentication Domain: dowjones.net
request your help pls -
Weblogic web server v/s apache
Hi,
Does anybody have any experiences to share about using weblogic as a web
server versus using apache or something else? Any idea on what is the market
share?
Any links to useful information that anybody can point me to?
I did find a similar question on this newsgroups but Alas, no answer!!!
Thanks
GauravHi,
Does anybody have any experiences to share about using weblogic as a web
server versus using apache or something else? Any idea on what is the market
share?
Any links to useful information that anybody can point me to?
I did find a similar question on this newsgroups but Alas, no answer!!!
Thanks
Gaurav -
'java.lang.InternalError: undefined opcode' when startup weblogic web server
hi,All
I found a very strange error message when I startup weblogic server
please check the following attachment.
Fri Sep 27 17:11:09 EDT 2002:<I> <ServletContext-General> *.jsp: init
A nonfatal internal JIT (3.10.107(x)) error 'Structured
Exception(c0000005)' has occurred in :
'jspclasses/_onlane/_jsp/_consignment/__consignmentsearchpage._jspService
(Ljavax/servlet/http/Htt
pServletRequest;Ljavax/servlet/http/HttpServletResponse;)V':
Interpreting method.
Please report this error in detail to
http://java.sun.com/cgi-bin/bugreport.cgi
Fri Sep 27 17:11:09 EDT 2002:<E> <ServletContext-General> Servlet failed
with Exception
java.lang.InternalError: undefined opcode
at
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:120)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:138)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java,
Compi
led Code)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:905)
at
weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:
269)
at
weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:391)
at
weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:273)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java,
Compiled Code)
I use weblogic 5.1 sp 11 with JDK1.2.2_007 on WinNT2000 Advanced server
environment.
Did anyone meet this problem before?
It looks to me the JIT found an unexpected error in one of my jsp page,
but I check this jsp page, it looks normal and work fine even JIT
compliant it.
Any help would be very appreciated.
thanks,
Roy
Hi,Ann
Thanks for your help.
Roy
Ann Cao wrote:
>Hello Roy,
>
>It sounds like a JIT problem. The version of SDK you are using is not certified for WAS 5.1
>on Windows 2000 Advanced server. Please try a certified SDK. For certification information,
>please see http://e-docs.bea.com/wls/certifications/certifications/win2000.html#40242.
>
>Regards,
>Ann Cao
>Developer Relations Engineer
>BEA Support
>
>Roy Wu wrote:
>
>
>
>>hi,All
>>I found a very strange error message when I startup weblogic server
>>please check the following attachment.
>>----------------
>>Fri Sep 27 17:11:09 EDT 2002:<I> <ServletContext-General> *.jsp: init
>>A nonfatal internal JIT (3.10.107(x)) error 'Structured
>>Exception(c0000005)' has occurred in :
>>
>>'jspclasses/_onlane/_jsp/_consignment/__consignmentsearchpage._jspService
>>(Ljavax/servlet/http/Htt
>>pServletRequest;Ljavax/servlet/http/HttpServletResponse;)V':
>>Interpreting method.
>> Please report this error in detail to
>>http://java.sun.com/cgi-bin/bugreport.cgi
>>
>>Fri Sep 27 17:11:09 EDT 2002:<E> <ServletContext-General> Servlet failed
>>with Exception
>>java.lang.InternalError: undefined opcode
>> at
>> at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
>> at
>>weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:120)
>> at
>>weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:138)
>> at
>>weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java,
>>Compi
>>led Code)
>> at
>>weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:905)
>> at
>>weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:
>>269)
>> at
>>weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:391)
>> at
>>weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:273)
>> at weblogic.kernel.ExecuteThread.run(ExecuteThread.java,
>>Compiled Code)
>>---------------------------
>>
>>I use weblogic 5.1 sp 11 with JDK1.2.2_007 on WinNT2000 Advanced server
>>environment.
>>Did anyone meet this problem before?
>>It looks to me the JIT found an unexpected error in one of my jsp page,
>>but I check this jsp page, it looks normal and work fine even JIT
>>compliant it.
>>Any help would be very appreciated.
>>
>>thanks,
>>
>>Roy
>>
>>
>
>--
>Regards,
>Ann
>Developer Relations Engineer
>BEA Support
>
>
>
>
[att1.html]
-
Sun Web Server Reverse Proxy and Weblogic HTTP to HTTPS redirection
Hi,
I am currently testing reverse-proxy from SJSW 7.0 update 5 to Weblogic server but I have encountered an issue.
I have configured a context root to be forwarded to weblogic:
Web Server: www.server.com
URI: /path
Reverse Proxy URL: wlserver:9000
When I access https://www.server.com/path, I am getting the correct page. The issue is, the weblogic server is configured to redirect HTTP access to HTTPS, i.e., when I access http://www.server.com/path, it should be redirected to https://www.server.com/path. However, that is not the case. What happens is that I am being redirected instead to https://www.server.com/.
If I don't use reverse proxy, that is, if I use the libproxy.so from weblogic, I get the correct redirection.
Would appreciate it very much if someone can help me troubleshoot this issue.
Thanks in advance!
Edited by: agent_orange on Jul 29, 2010 2:30 AM
Edited by: agent_orange on Jul 29, 2010 2:31 AMI am not sure, how you have configured your reverse proxy since you didn't attach / refer your current configuration file. this is how I would do it..
- create a new configuration (using web server 7 admin gui , within configuration wizard, disable java option if you plan to use web server 7 only for reverse proxy)
- select this new configuration and go to reverse proxy and try to reverse proxy / to the origin server.
that is all it should need.
your obj.conf or <hostname>-obj.conf depending on your configuration should look like following snippet
<Object name="default">
AuthTrans..
NameTrans fn=map from="/" to="/path" name="reverse-proxy-/"
</object>
<Object name="reverse-proxy-/">
Route fn=....
Service ..
</Object>
this is all you should need..
However, if you wanted to add complexity to your configuration, you could do some thing like
<Object name="default">
Auth..
<If defined $security>
NameTrans fn=map from="/" to="/path" name="reverse-proxy-/"
</If>
</Object>
<Object name="reverse-proxy-/">
Route...
</Object> -
WebLogic as Web Server Installation using WebLogic Express
Hi all,
I am in a process of installing WebLogic Web server. I downloaded WebLogic Express from bea site, and it turns out to be the same bin file that I had used for WebLogic Server installation. During the installation, I did not come across an specific steps meant for WebLogic Express (which is a web server + servlet/jsp container)
Can some one please guide me at the earlier as regards installation steps for WebLogic Web Server,
Regards,Jim,
I am trying to set up WLS 9.1 and got this error.
Could you help me with this? Why I am getting it?
Thanks!
Marvin
####<Jan 16, 2008 10:54:13 PM EST> <Error> <HTTP> <netwave8888> <MedRecServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1200542053359> <BEA-101359> <The servlet weblogic.servlet.AsyncInitServlet init method failed while it was run in the background. The exception was: java.lang.ExceptionInInitializerError.
java.lang.ExceptionInInitializerError
at java.lang.Class.forName(Ljava.lang.String;ZLjava.lang.ClassLoader;)Ljava.lang.Class;(Unknown Source)
at weblogic.servlet.AsyncInitServlet.createDelegate(AsyncInitServlet.java:43)
at weblogic.servlet.AsyncInitServlet.initDelegate(AsyncInitServlet.java:92)
at weblogic.servlet.internal.WebAppServletContext$AsyncInitRequest.run(WebAppServletContext.java:1641)
at weblogic.work.ServerWorkManagerImpl$WorkAdapterImpl.run(ServerWorkManagerImpl.java:518)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
org.apache.commons.logging.LogConfigurationException: java.lang.reflect.InvocationTargetException
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:532)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:272)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:246)
at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:395)
at org.apache.struts.action.ActionServlet.<clinit>(ActionServlet.java:375)
at java.lang.Class.forName(Ljava.lang.String;ZLjava.lang.ClassLoader;)Ljava.lang.Class;(Unknown Source)
at weblogic.servlet.AsyncInitServlet.createDelegate(AsyncInitServlet.java:43)
at weblogic.servlet.AsyncInitServlet.initDelegate(AsyncInitServlet.java:92)
at weblogic.servlet.internal.WebAppServletContext$AsyncInitRequest.run(WebAppServletContext.java:1641)
at weblogic.work.ServerWorkManagerImpl$WorkAdapterImpl.run(ServerWorkManagerImpl.java:518)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
java.lang.reflect.InvocationTargetException
at jrockit.reflect.NativeConstructorInvoker.newInstance([Ljava.lang.Object;)Ljava.lang.Object;(Unknown Source)
at java.lang.reflect.Constructor.newInstance([Ljava.lang.Object;I)Ljava.lang.Object;(Unknown Source)
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:525)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:272)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:246)
at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:395)
at org.apache.struts.action.ActionServlet.<clinit>(ActionServlet.java:375)
at java.lang.Class.forName(Ljava.lang.String;ZLjava.lang.ClassLoader;)Ljava.lang.Class;(Unknown Source)
at weblogic.servlet.AsyncInitServlet.createDelegate(AsyncInitServlet.java:43)
at weblogic.servlet.AsyncInitServlet.initDelegate(AsyncInitServlet.java:92)
at weblogic.servlet.internal.WebAppServletContext$AsyncInitRequest.run(WebAppServletContext.java:1641)
at weblogic.work.ServerWorkManagerImpl$WorkAdapterImpl.run(ServerWorkManagerImpl.java:518)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
java.lang.NoClassDefFoundError: org/apache/log4j/LogManager
at org.apache.log4j.Category.getInstance(Category.java:514)
at org.apache.commons.logging.impl.Log4JCategoryLog.<init>(Log4JCategoryLog.java:104)
at jrockit.reflect.NativeConstructorInvoker.newInstance([Ljava.lang.Object;)Ljava.lang.Object;(Unknown Source)
at java.lang.reflect.Constructor.newInstance([Ljava.lang.Object;I)Ljava.lang.Object;(Unknown Source)
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:525)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:272)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:246)
at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:395)
at org.apache.struts.action.ActionServlet.<clinit>(ActionServlet.java:375)
at java.lang.Class.forName(Ljava.lang.String;ZLjava.lang.ClassLoader;)Ljava.lang.Class;(Unknown Source)
at weblogic.servlet.AsyncInitServlet.createDelegate(AsyncInitServlet.java:43)
at weblogic.servlet.AsyncInitServlet.initDelegate(AsyncInitServlet.java:92)
at weblogic.servlet.internal.WebAppServletContext$AsyncInitRequest.run(WebAppServletContext.java:1641)
at weblogic.work.ServerWorkManagerImpl$WorkAdapterImpl.run(ServerWorkManagerImpl.java:518)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
>
####<Jan 16, 2008 10:54:13 PM EST> <Info> <Management> <netwave8888> <MedRecServer> <[STANDBY] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1200542053609> <BEA-141052> <The auto deployment poller has started.> -
Install PS Web Server / Weblogic?
Installing PTools 8.48...
I chose to install Weblogic web server, per the installation guide. When I install PTools, one window asks which servers I'll be installing, and one of the options is PeopleSoft Web Server.
Should I check this? Is this a PS component that works with the selected web server, or is it yet a fourth alternative to the three (Weblogic, WebSphere and Oracle web server) that have already been offered?When you are installing the Peopletools, the Installer ask you if your server will be an Application server, a Batch server, a File server and a Web server.
That has nothing to do with the webserver software you are choosing to use, this is very separate.
Those options are to install or not the Peopletools' associated components.
So, if you checked the Web server, the Installer will install all the components you need later to deploy the PIA.
Separately of the Peopletools installation, install your prefered Webserver software (mainly WebSphere or Weblogic), then go to for the PIA deployement. That'll prompt you the Webserver vendor you choosed to use, and the HOME directory of that one.
HTH,
Nicolas. -
Security Principal propagation from Web Server to App Server
How would I propagate a customer Principal from weblogic Web Server
to a Weblogic App Server?
For e.g this is what I want to do.
1. User logs in via a login page with UserId and password.
2. After a user is authenticated successfully, I want to fetch
some user credentials like groups he belongs to, his status etc.
basically his profile info (stored in oracle db). I want to store
this as part of a security principal object. How do I let the weblogic
web server know about this principal?
3. I want the Weblogic Servlet container to recognize this principal
and whenever any servlet calls a ejb, the web server should send
this custom principal to the weblogic app server so that the ejb
container can identify it.
4. In the ejb, I should be able to do sessionContext.getPrincipal()
that will return my custom principal object, which would give the
ejb access to the credentials of the logged on user.
Has anyone done this? This is urgent. Can anyone pls shed some
light on this.Hi,
Basically you need to install the loadbalancer plugin on the web server and then configure the loadbalancer.xml in the config folder. You need to turn the httpsrouting to true. Then all will work fine for HTTPS and HTTPS
for HTTPS on web server and HTTP on app server, you need to turn the httpsrouting to false.
Regards,
Abrar -
26194 (7080/tcp) Web Server Uses Plain Text Authenti ...
Our recent tenable security scan on the PeopleSoft web server shows the web
server is using the plan text authentication. We are using the both secured
(port 7081) and non-secured (port 7080) web services (PeopleSoft Weblogic
web server). I have attached the detailed message to the submitted case. It
looks that the LoginForm.jsp is passing the plain text password. I just
don't know how to fix this? any suggestions?
Vulnerability Details
Vulnerability Report Description:
Synopsis :
The remote web server might transmit credentials over clear text
Description :
The remote web server contains several HTML forms containing
an input of type password which transmit their information to
a remote web server over plain text.
An attacker eavesdropping the traffic might use this setup to
obtain logins and passwords of valid users.
Solution :
Make sure that every form transmits its results over HTTPS
Risk factor:
Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin output :
Page : /console/login/LoginForm.jsp;ADMINCONSOLESESSION=LGY........
Destination page : /console/j_security_check
Input name : xxxxxxxxx
Page : /console/login/LoginForm.jsp;ADMINCONSOLESESSION=LGY........
Destination page : /console/j_security_check
Input name : xxxxxxxxxThe most common solution to the problem is to only transmit user/pass over https. You might want to only enable https on your server. Or (more finer grained solution might be to access the app only over https)
-
How to make weblogic proxy to work on Sun Java system web server 7?
Hi Every one,
I am working on upgrade our Sun one 6.1 webserver to Sun Java system web server 7. Our website uses weblogic server to process jsp, web server only send static pages. I did all configurations as on Sun one. But somehow, the webserver does not forward "get jsp page" request to weblogic. The log record is:
for host 10.78.124.118 trying to GET /home.jsp, send-file reports: HTTP4142: can't find /www/a/WebServer7/docs/bmd9i/home.jsp (File not found)
home.jsp is at weblogic server.
And redirect "NameTrans fn="redirect" from="/" url="/home.jsp"" seems does not work. when I type on IE http://32.69.253.131/ (32.69.253.131 is http listener IP), it always shows index.html page under the document root.
Could some on can help? I am the first time to configurate web server. Thanks in advance.
The configuration files are like:
1. magnus.conf
# Copyright 2006 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
Init fn="load-modules" funcs="wl_proxy,wl_init" shlib="/www/a/WebServer7/weblogic6.1sp6/libproxy.so"
Init fn="wl_init"
2. obj.conf
# Copyright 2010 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
# You can edit this file, but comments and formatting changes
# might be lost when you use the administration GUI or CLI.
#<Object name="weblogic">
#Service fn="wl_proxy" WebLogicCluster="32.69.253.86:7210" ConnectTimeoutSecs="240" ConnectRetrySecs="60"
#</Object>
<Object name="default">
<Client method="TRACE">
AuthTrans fn="set-variable" remove-headers="transfer-encoding" set-headers="content-length: -1" error="501"
</Client>
#AuthTrans fn="match-browser" browser="*MSIE*" ssl-unclean-shutdown="true"
NameTrans fn="strip-params"
NameTrans fn="redirect" from="/" url="/home.jsp"
NameTrans fn="redirect" from="/index.jsp" url="/home.jsp"
NameTrans fn="redirect" from="/index.html" url="/home.jsp"
NameTrans fn="document-root" root="$docroot"
NameTrans fn="pfx2dir" from="/mc-icons" dir="/www/a/WebServer7/lib/icons" name="es-internal"
NameTrans fn="home-page" path="index.html"
<If $uri =~ "/*.jsp">
Service method="(GET|HEAD|POST|PUT)" fn="wl_proxy" WebLogicCluster="32.69.253.86:7210" ConnectTimeoutSecs="240" ConnectRetrySecs="60"
#Service method="(GET|HEAD|POST|PUT)" type="text/jsp" fn="wl_proxy" WebLogicCluster="32.69.253.86:7210" ConnectTimeoutSecs="240" ConnectRetrySecs="60"
</If>
PathCheck fn="unix-uri-clean"
PathCheck fn="check-acl" acl="default"
PathCheck fn="find-pathinfo"
PathCheck fn="find-compressed" check-age="off" vary="on"
ObjectType fn="type-by-extension"
ObjectType fn="force-type" type="text/plain" charset="iso_8859-1"
ObjectType fn="set-default-type" charset="iso_8859-1"
Service method="(GET|HEAD)" type="magnus-internal/directory" fn="send-error"
Service method="(GET|HEAD)" type="*~magnus-internal/*" fn="send-file"
AddLog fn="flex-log" name="access"
</Object>
<Object name="es-internal">
PathCheck fn="check-acl" acl="es-internal"
</Object>
<Object name="send-precompressed">
PathCheck fn="find-compressed"
</Object>
<Object name="compress-on-demand">
Output fn="insert-filter" filter="http-compression"
</Object>
3.mime.types
I add one line: type=text/jsp exts=jspQuick obvious question - Are you positive you're editing the correct obj.conf? Check the config directory and see if there is a second one called something like <instance>.obj.conf (where <instance> is the name of your configured instance).
Alternatively you can grep for object-file in the server.xml to see which obj.conf the server is using:
# grep object-file server.xml
<object-file>bare-php.obj.conf</object-file>Assuming that you are editing the correct obj.conf file, are you making certain to restart Web Server after making your changes? -
Weblogic app server wsdl web service call with SSL Validation error = 16
Weblogic app server wsdl web service call with SSL Validation error = 16
I need to make wsdl web service call in my weblogic app server. The web service is provided by a 3rd party vendor. I keep getting error
Cannot complete the certificate chain: No trusted cert found
Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure
Validation error = 16
From the SSL debug log, I can see 3 verisign hierarchy certs are correctly loaded (see 3 lines in the log message starting with “adding as trusted cert”). But somehow after first handshake, I got error “Cannot complete the certificate chain: No trusted cert found”.
Here is how I load trustStore and keyStore in my java program:
System.setProperty("javax.net.ssl.trustStore",”cacerts”);
System.setProperty("javax.net.ssl.trustStorePassword", trustKeyPasswd);
System.setProperty("javax.net.ssl.trustStoreType","JKS");
System.setProperty("javax.net.ssl.keyStoreType","JKS");
System.setProperty("javax.net.ssl.keyStore", keyStoreName);
System.setProperty("javax.net.ssl.keyStorePassword",clientCertPwd); System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump","true");
Here is how I create cacerts using verisign hierarchy certs (in this order)
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignClass3G5PCA3Root.txt -alias "Verisign Class3 G5P CA3 Root"
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediatePrimary.txt -alias "Verisign C3 G5 Intermediate Primary"
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediateSecondary.txt -alias "Verisign C3 G5 Intermediate Secondary"
Because my program is a weblogic app server, when I start the program, I have java command line options set as:
-Dweblogic.security.SSL.trustedCAKeyStore=SSLTrust.jks
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.enforceConstraints=strong
That SSLTrust.jks is the trust certificate from our web server which sits on a different box. In our config.xml file, we also refer to the SSLTrust.jks file when we bring up the weblogic app server.
In addition, we have working logic to use some other wsdl web services from the same vendor on the same SOAP server. In the working web service call flows, we use clientgen to create client stub, and use SSLContext and WLSSLAdapter to load trustStore and keyStore, and then bind the SSLContext and WLSSLAdapter objects to the webSerive client object and make the webservie call. For the new wsdl file, I am told to use wsimport to create client stub. In the client code created, I don’t see any way that I can bind SSLContext and WLSSLAdapter objects to the client object, so I have to load certs by settting system pramaters. Here I attached the the wsdl file.
I have read many articles. It seems as long as I can install the verisign certs correctly to web logic server, I should have fixed the problem. Now the questions are:
1. Do I create “cacerts” the correct order with right keeltool options?
2. Since command line option “-Dweblogic.security.SSL.trustedCAKeyStore” is used for web server jks certificate, will that cause any problem for me?
3. Is it possible to use wsimport to generate client stub that I can bind SSLContext and WLSSLAdapter objects to it?
4. Do I need to put the “cacerts” to some specific weblogic directory?
---------------------------------wsdl file
<wsdl:definitions name="TokenServices" targetNamespace="http://tempuri.org/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://tempuri.org/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
<wsp:Policy wsu:Id="TokenServices_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="true"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:TransportBinding>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import schemaLocation="xsd0.xsd" namespace="http://tempuri.org/"/>
<xsd:import schemaLocation="xsd1.xsd" namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="ITokenServices_GetUserToken_InputMessage">
<wsdl:part name="parameters" element="tns:GetUserToken"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetUserToken_OutputMessage">
<wsdl:part name="parameters" element="tns:GetUserTokenResponse"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetSSOUserToken_InputMessage">
<wsdl:part name="parameters" element="tns:GetSSOUserToken"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetSSOUserToken_OutputMessage">
<wsdl:part name="parameters" element="tns:GetSSOUserTokenResponse"/>
</wsdl:message>
<wsdl:portType name="ITokenServices">
<wsdl:operation name="GetUserToken">
<wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetUserToken" message="tns:ITokenServices_GetUserToken_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetUserTokenResponse" message="tns:ITokenServices_GetUserToken_OutputMessage"/>
</wsdl:operation>
<wsdl:operation name="GetSSOUserToken">
<wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserToken" message="tns:ITokenServices_GetSSOUserToken_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserTokenResponse" message="tns:ITokenServices_GetSSOUserToken_OutputMessage"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="TokenServices" type="tns:ITokenServices">
<wsp:PolicyReference URI="#TokenServices_policy"/>
<soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="GetUserToken">
<soap12:operation soapAction="http://tempuri.org/ITokenServices/GetUserToken" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
<wsdl:operation name="GetSSOUserToken">
<soap12:operation soapAction="http://tempuri.org/ITokenServices/GetSSOUserToken" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="TokenServices">
<wsdl:port name="TokenServices" binding="tns:TokenServices">
<soap12:address location="https://ws-eq.demo.i-deal.com/PhxEquity/TokenServices.svc"/>
<wsa10:EndpointReference>
<wsa10:Address>https://ws-eq.demo.xxx.com/PhxEquity/TokenServices.svc</wsa10:Address>
</wsa10:EndpointReference>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
----------------------------------application log
adding as trusted cert:
Subject: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x641be820ce020813f32d4d2d95d67e67
Valid from Sun Feb 07 19:00:00 EST 2010 until Fri Feb 07 18:59:59 EST 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be
Valid from Sun Jan 28 19:00:00 EST 1996 until Wed Aug 02 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x250ce8e030612e9f2b89f7054d7cf8fd
Valid from Tue Nov 07 19:00:00 EST 2006 until Sun Nov 07 18:59:59 EST 2021
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Cipher: SunPKCS11-Solaris version 1.6 for algorithm DESede/CBC/NoPadding>
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Cipher for algorithm DESede>
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 28395435>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 SSL3/TLS MAC>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 received HANDSHAKE>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
<Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure.>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
at javax.xml.ws.Service.<init>(Service.java:56)
at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 22803607>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 14640403>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 SSL3/TLS MAC>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 received HANDSHAKE>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
<Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - 12.29.210.156 was not trusted causing SSL handshake failure.>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
at javax.xml.ws.Service.<init>(Service.java:56)
at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 16189141>I received a workaround by an internal message.
The how to guide is :
-Download the wsdl file (with bindings, not the one from ESR)
-Correct it in order that the schema corresponds to the answer (remove minOccurs or other things like this)
-Deploy the wsdl file on you a server (java web project for exemple). you can deploy on your local
-Create a new logicial destination that point to the wsdl file modified
-Change the metadata destination in your web dynpro project for the corresponding model and keep the execution desitnation as before.
Then the received data is check by the metadata logical destination but the data is retrieved from the correct server. -
Using weblogic as web server for Enterprise Manager can someone pls help?
hello,
can i have your help on this?
i want to use Weblogic as web server instead of apache in the structure of Enterprise Manager 10g R3?
have any of you try this? can someone please provide me some link related to how to configure Weblogic as web server for Enterprise Manager.
Many thanks in advance
Cheers,
CosminYou'll probably have better luck posting in the Enterprise Manager forum:
Enterprise Manager -
Using Weblogic as web server for Enterprise Manager 10g R3?
hello,
can i have your help on this?
i want to use Weblogic as web server instead of apache in the structure of Enterprise Manager 10g R3?
have any of you try this? can someone please provide me some link related to how to configure Weblogic as web server for Enterprise Manager.
Many thanks in advance
Cheers,
CosminIm dont think its possible to do this with enterpise manager (Dbcosole), It might be possible with GRID .. have a look here
http://www.oracle.com/technology/products/wag/index.html -
Hi!
We need to implement authentication using our own methods, and the authentication
information is provided to the web service implementation in a basic authentication
header. The problem is, that the servlet
weblogic.webservice.server.servlet.WebServiceServlet, which handles web services
in
wls 7.0.sp2, always attempts to perform authentication, if the header is present.
Is there any way to circumvent this, because we want to implement authentication
on our own?
I already know two workarounds:
The best would of course be to implement a custom security realm for our own
authentication system. This is not an option, implementing an own security
realm is overkill for this specific web service.
The other way would be to route the requests by way of a custom servlet, which
would
remove the basic authentication header, and put the authentication info in custom
headers, such as x-auth: <user:password>, or smthng similar, and after successful
authentication, make a call to bea's servlet weblogic.webservice.server.servlet.WebServiceServlet.
But still, I'd like to know if there is any way to tell bea's servlet to ignore
the basic
authentication header?
Oh yeah, by the way, this is URGENT, as always. (really!! ;)
Toni NykanenCurrently there is no option to turn off security check.
I think you can use a servlet filter mapped to the URL
of your service, instead of a proxy servlet?
Regards,
-manoj
http://manojc.com
"Toni Nykanen" <[email protected]> wrote in message
news:3ef1577b$[email protected]..
>
Hi!
We need to implement authentication using our own methods, and theauthentication
information is provided to the web service implementation in a basicauthentication
header. The problem is, that the servlet
weblogic.webservice.server.servlet.WebServiceServlet, which handles webservices
in
wls 7.0.sp2, always attempts to perform authentication, if the header ispresent.
Is there any way to circumvent this, because we want to implementauthentication
on our own?
I already know two workarounds:
The best would of course be to implement a custom security realm for ourown
authentication system. This is not an option, implementing an own security
realm is overkill for this specific web service.
The other way would be to route the requests by way of a custom servlet,which
would
remove the basic authentication header, and put the authentication info incustom
headers, such as x-auth: <user:password>, or smthng similar, and aftersuccessful
authentication, make a call to bea's servletweblogic.webservice.server.servlet.WebServiceServlet.
>
But still, I'd like to know if there is any way to tell bea's servlet toignore
the basic
authentication header?
Oh yeah, by the way, this is URGENT, as always. (really!! ;)
Toni Nykanen
Maybe you are looking for
-
Purchase order of a service with account assignment to fixed asset
We entry a service PO with asset accounting. When we select PO in Ml81n, does not working. Anybody nows if there is something to configure to use in that way.? Thanks
-
Pin names and numbers do not print with black and white printer setup option
Multisim V12 Printer HP LaserJet 1320 File -> Print Options -> Print Sheet Setup, check In black/white, OK Then File -> Print Preview, shows all elements of the drawing in black white Then select Print and the drawing prints without pin names and p
-
Is there a way to get a deleted text message back ?
Is there a way to get a deleted text message back ?
-
One quick dumb question on BM3.9sp1
I have running on nw65sp7 edir 8.7.9. Want to patch all servers, which are all the same as above, with nw65sp8. Prior to want to upgrade to edir 8.8 on all boxes including BM. I believe BM3.9sp1 is supported on edir 8.8, correct? Any other gotcha's w
-
Regex - matching literal characters
Im trying to match the following pattern using regex: The string begins with a literal '\' is followed by any number of letters and/or numbers and ends with '&0]' e.g. '\07761739009B&0]' Im trying to devise my pattern but Im not exactly sure how to w