Montag, 16. September 2013

Error during creating security store for Oracle Access Manager 11.1.2.1.1

Although it worked with the exact same software versions, I today faced an error while creating the database security store for Oracle Access Manager 11.1.2.1.1

[oracle@server ~]$ $MWH/oracle_common/common/bin/wlst.sh /oracle/identity0/mwh/identity0/common/tools/configureSecurityStore.py -d /oracle/identity0/projects/domains/iamdomain -c IAM -p ***password*** -m create
CLASSPATH=/oracle/identity0/mwh/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/oracle/identity0/mwh/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/oracle/jrockit/jrockit-jdk1.6.0_45-R28.2.7-4.1.0-linux-x64/lib/tools.jar:/oracle/identity0/mwh/wlserver_10.3/server/lib/weblogic_sp.jar:/oracle/identity0/mwh/wlserver_10.3/server/lib/weblogic.jar:/oracle/identity0/mwh/modules/features/weblogic.server.modules_10.3.6.0.jar:/oracle/identity0/mwh/wlserver_10.3/server/lib/webservices.jar:/oracle/identity0/mwh/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/oracle/identity0/mwh/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/oracle/identity0/mwh/oracle_common/modules/oracle.jrf_11.1.1/jrf-wlstman.jar:/oracle/identity0/mwh/oracle_common/common/wlst/lib/adfscripting.jar:/oracle/identity0/mwh/oracle_common/common/wlst/lib/adf-share-mbeans-wlst.jar:/oracle/identity0/mwh/oracle_common/common/wlst/lib/mdswlst.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/auditwlst.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/igfwlsthelp.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/jps-wlst.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/jrf-wlst.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/oamap_help.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/oamAuthnProvider.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/ossoiap_help.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/ossoiap.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/ovdwlsthelp.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/sslconfigwlst.jar:/oracle/identity0/mwh/oracle_common/common/wlst/resources/wsm-wlst.jar:/oracle/identity0/mwh/utils/config/10.3/config-launch.jar::/oracle/identity0/mwh/wlserver_10.3/common/derby/lib/derbynet.jar:/oracle/identity0/mwh/wlserver_10.3/common/derby/lib/derbyclient.jar:/oracle/identity0/mwh/wlserver_10.3/common/derby/lib/derbytools.jar::
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Info: Data source is: opss-DBDS
Problem invoking WLST - Traceback (innermost last):
  File "/oracle/identity0/mwh/identity0/common/tools/configureSecurityStore.py", line 896, in ?
TypeError: cannot concatenate 'str' and 'NoneType' objects

It seems this is caused by JRockit. After switching to jdk1.7.0_40 everything worked fine.
Eingestellt von Keine Kommentare:
Labels: , , , , ,

Mittwoch, 31. Juli 2013

Update BI-Publisher from 11.1.1.5 to 11.1.1.6.9 fails: he target EJB for the ejb-ref could not be found

After updating Weblogic Server 10.3.5 and BI-Publisher 11.1.1.5(the whole BI suite) to Weblogic Server 10.3.6 an BI-Publisher 11.1.1.6.9 I got the following errors in managed server log:


<Jul 30, 2013 1:18:41 PM CEST> <Error> <Deployer> <BEA-149231> <Unable to set the activation state to true for the application 'bipublisher [Version=11.1.1]'.weblogic.application.ModuleException: Could not setup environmentat weblogic.servlet.internal.WebAppModule.activateContexts(WebAppModule.java:1505)at weblogic.servlet.internal.WebAppModule.activate(WebAppModule.java:440)at weblogic.application.internal.flow.ModuleStateDriver$2.next(ModuleStateDriver.java:375)      at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)      at weblogic.application.internal.flow.ModuleStateDriver.activate(ModuleStateDriver.java:95)      Truncated. see log file for complete stacktraceCaused By: weblogic.deployment.EnvironmentException: [J2EE:160101]Error: The ejb-link 'MetadataServiceBean' declared in the ejb-ref or ejb-local-ref 'ess/metadata' in the application module 'xmlpserver.war' could not be resolved. The target EJB for the ejb-ref could not be found. Please ensure the link is correct.      at weblogic.deployment.BaseEnvironmentBuilder.addEJBLinkRef(BaseEnvironmentBuilder.java:469)      at weblogic.deployment.EnvironmentBuilder.addEJBReferences(EnvironmentBuilder.java:496)      at weblogic.servlet.internal.CompEnv.activate(CompEnv.java:157)      at weblogic.servlet.internal.WebAppServletContext.activate(WebAppServletContext.java:3145)      at weblogic.servlet.internal.WebAppModule.activateContexts(WebAppModule.java:1503)      Truncated. see log file for complete stacktrace


After "updating" and restarting the application via weblogic console, the error was gone and BI-Publisher runs fine.
Eingestellt von Keine Kommentare:
Labels: , ,

OIM 9.1.0 - Error after changing database connection details in GTC Database Application Table Connector (java.sql.SQLException: No suitable driver)

After changing the database hostname, port and SID of a database which is used for provisioning, I got the following error in OIM log:

13/07/30 17:21:48 Running GENERICADAPTER13/07/30 17:21:48 Target Class =com.thortech.xl.gc.runtime.GCAdapterLibraryDEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBReconFormatProvider/formatData entered.DEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize entered.DEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: driver - Value:oracle.jdbc.driver.OracleDriverDEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: url - Value:oimdb.hostname.de:1521:oimdbDEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: username - Value: oimDEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: password - Value:*******DEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: parentContainerName -Value: APP.UsersDEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBReconTransportProvider/convertCSVToArraylist entered.DEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBReconTransportProvider/convertCSVToArraylist - Data: Run TimeParameters - Value: []DEBUG,30 Jul 2013 17:21:48,854,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data:childContainerTableNames - Value: []DEBUG,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data:parentContainerUniqueKey - Value: USERIDDEBUG,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: statusField - Value:DEBUG,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: statusFieldLookup -Value:DEBUG,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize left.DEBUG,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/initialize - Data: dbDateFormat - Value:
DEBUG,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBProvisioningTransportProvider/sendData entered.DEBUG,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBFacade/getConnectionProp entered.ERROR,30 Jul 2013 17:21:48,855,[OIMCP.DATC],Class/Method:DBFacade/getConnection encounter some problems: No suitable driver java.sql.SQLException: No suitable driver

After checking the whole configuration it turned out the whole jdbc url has to be specified, for example:

jdbc:oracle:thin:@oimdb.hostname.de:1521:oimdb
No restart is needed after this change.


Eingestellt von Keine Kommentare:
Labels: , , , , , ,

Dienstag, 16. April 2013

Error while creating ASInstance in config.sh - Forms and Reports 11gR2 (11.1.2.1.0) initial Install.


When you initially create a domain and instance for Forms and Reports 11gR2 (11.1.2.1.0) the following error may be appear in OUI:

Could not create ASInstance

When you look at the installer logfiles in oraInventory, you will find the following messages

 MBean Server Connection is :javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection@69df39hostname 5002java.lang.Exception: oracle.as.provisioning.exception.ASProvisioningException at oracle.as.install.classic.ca.standard.InstanceProvisioningTask.doExecute(InstanceProvisioningTask.java:222) at oracle.as.install.classic.ca.standard.StandaloneTool.execute(StandaloneTool.java:50) at oracle.as.install.classic.ca.standard.StandardProvisionTaskList.execute(StandardProvisionTaskList.java:61) at oracle.as.install.classic.ca.ClassicConfigMain.doExecute(ClassicConfigMain.java:124) at oracle.as.install.engine.modules.configuration.client.ConfigAction.execute(ConfigAction.java:371) at oracle.as.install.engine.modules.configuration.action.TaskPerformer.run(TaskPerformer.java:88) at oracle.as.install.engine.modules.configuration.action.TaskPerformer.startConfigAction(TaskPerformer.java:105) at oracle.as.install.engine.modules.configuration.action.ActionRequest.perform(ActionRequest.java:15) at oracle.as.install.engine.modules.configuration.action.RequestQueue.perform(RequestQueue.java:64) at oracle.as.install.engine.modules.configuration.standard.StandardConfigActionManager.start(StandardConfigActionManager.java:160) at oracle.as.install.engine.modules.configuration.boot.ConfigurationExtension.kickstart(ConfigurationExtension.java:81) at oracle.as.install.engine.modules.configuration.ConfigurationModule.run(ConfigurationModule.java:86) at java.lang.Thread.run(Thread.java:662)Caused by: oracle.as.provisioning.exception.ASProvisioningException at oracle.as.provisioning.engine.Config.executeConfigWorkflow_WLS(Config.java:872) at oracle.as.install.classic.ca.standard.InstanceProvisioningTask.doExecute(InstanceProvisioningTask.java:218) ... 12 moreCaused by: oracle.as.provisioning.engine.CfgWorkflowException at oracle.as.provisioning.engine.Engine.processEventResponse(Engine.java:596) at oracle.as.provisioning.fmwadmin.ASInstanceProv.createInstance(ASInstanceProv.java:178) at oracle.as.provisioning.fmwadmin.ASInstanceProv.createInstanceAndComponents(ASInstanceProv.java:116) at oracle.as.provisioning.engine.WorkFlowExecutor._createASInstancesAndComponents(WorkFlowExecutor.java:523) at oracle.as.provisioning.engine.WorkFlowExecutor.executeWLSWorkFlow(WorkFlowExecutor.java:439) at oracle.as.provisioning.engine.Config.executeConfigWorkflow_WLS(Config.java:866) ... 13 moreCaused by: oracle.as.provisioning.util.ConfigException: Fehler beim Erstellen der AS-Instanz forms0.Cause: Ein interner Vorgang war nicht erfolgreich: The oracle instance is not empty.  Select a different location or remove the instance at this location.Action: Weitere Informationen finden Sie in den Logs. at oracle.as.provisioning.util.ConfigException.createConfigException(ConfigException.java:123) at oracle.as.provisioning.fmwadmin.ASInstanceProv._createInstance(ASInstanceProv.java:317) at oracle.as.provisioning.fmwadmin.ASInstanceProv.createInstance(ASInstanceProv.java:166) ... 17 moreCaused by: oracle.as.config.exception.LocationAlreadyUsedException: The oracle instance is not empty.  Select a different location or remove the instance at this location. at oracle.as.config.impl.OperationValidator.validateInstanceLocationForCreate(OperationValidator.java:206) at oracle.as.config.impl.OracleASInstanceImpl.create(OracleASInstanceImpl.java:79) at oracle.as.provisioning.fmwadmin.ASInstanceProv._createInstance(ASInstanceProv.java:249) ... 18 more

Cause: The installer already created the folder "reports" in Instance-Home. Once you have deleted that folder, the installer succeeds. I think it is a bug.
Eingestellt von Keine Kommentare:
Labels: , , , ,

Dienstag, 26. März 2013

Tutorial: Update Oracle Identity Manager 11.1.2.0 to 11.1.2.0.4 (in clustered environment)

This post shows how to patch Oracle Identity Manager 11.1.2.0 to version 11.1.2.0.4. The bundle patch brings some improvements including some bugfixes in reconciliation and provisioning processes and it also removes some glitches in OIM GUI.

Patch Number: 16229450 availale via metalink (oracle support)
Patch Filename: p16229450_111200_Generic.zip

 Download the patch, unzip it and make it available and all servers you want to patch OIM. Read the Readme (that's what it is for).

Make sure you have at least OPatch Version 11.1.0.8.3 (I used 11.1.0.9.0). Also make sure you have recent backups of your file system and repository database.

1. Stop all OIM- and SOA-Servers in your OIM-Domain.
2. Change to the directory where you have unzipped the patch and


[oim0@server0 16229450]$ opatch apply
[WARN ][jrockit] MaxPermSize=256m ignored: Not a valid option for JRockit
Oracle Interim Patch Installer version 11.1.0.9.0
Copyright (c) 2011, Oracle Corporation.  All rights reserved.

Oracle Home       : /opt/idm0/mwh/idm0
Central Inventory : /opt/idm0/oraInventory
   from           : /opt/idm0/mwh/idm0/oraInst.loc
OPatch version    : 11.1.0.9.0
OUI version       : 11.1.0.9.0
OUI location      : /opt/idm0/mwh/idm0/oui
Log file location : /opt/idm0/mwh/idm0/cfgtoollogs/opatch/16229450_Mar_19_2013_22_42_00/apply2013-03-19_22-43-33PM_1.log
Patch history file: /opt/idm0/mwh/idm0/cfgtoollogs/opatch/opatch_history.txt

OPatch detects the Middleware Home as "/opt/idm0/mwh"
OPatch will do the following:
[Oracle Home discovery]                      : Configure and Validate Oracle Home info.
[Prerequisite for apply]                     : Invoke prerequisites to see if patch can be applied.
[Patch conflict detection for apply patch]   : Check if any conflict with already installed patches in Oracle Home.
ApplySession applying interim patch '16229450' to OH '/opt/idm0/mwh/idm0'
Running prerequisite checks...
To continue, OPatch will do the following:
[Back up for restore]           : Back up 92 files for Oracle Home restore in case of patching error.
[Back up for rollback]          : Back up 86 files for future patch rollback.
[Patch Oracle Home for apply]   : Copy 86 file(s) to Oracle Home.
[Update inventory for apply]    : Modify the inventory to record  patch [16229450].
[Post-script processing]        : Excute post script for patch [16229450].

Do you want to proceed? [y|n]
y
User Responded with: Y
OPatch detected non-cluster Oracle Home from the inventory and will patch the local system only.

Please shutdown Oracle instances running out of this ORACLE_HOME on the local system.
(Oracle Home = '/opt/idm0/mwh/idm0')

Is the local system ready for patching? [y|n]
y
User Responded with: Y
Backing up files and inventory (not for auto-rollback) for the Oracle Home
Backing up files affected by the patch '16229450' for restore. This might take a while...
Backing up files affected by the patch '16229450' for rollback. This might take a while...
   creating: /opt/idm0/mwh/idm0/server/apps/was/oim.ear/xlWebApp.war/META-INF/
  inflating: /opt/idm0/mwh/idm0/server/apps/was/oim.ear/xlWebApp.war/META-INF/MANIFEST.MF
Patching component oracle.oim.server, 11.1.2.0.0...
[cut ...]
Verifying the update...
Inventory check OK: Patch ID 16229450 is registered in Oracle Home inventory with proper meta-data.
Files check OK: Files from Patch ID 16229450 are present in Oracle Home.
Execution of 'sh /share/stage/idm11g/patch/16229450/custom/scripts/post -apply 16229450 ':
[cut ...]

Return Code = 0
The local system has been patched and can be restarted.

OPatch succeeded.


3. confirm all prompts and repeat opatch apply on all cluster members (if you don't have your middleware home on shared storage).

4. After opatch succeeds you have to edit the file OIM_ORACLE_HOME/server/bin/patch_oim_wls.profile which is needed for the next update step. The file already contains all needed values but they have to be changed to fit the local environment (I have no idea why the patch mechanism does not do this automatically). You may specify your weblogic and db passwords in that file but you also can enter them interactively. The file is write-protected, for whatever reason.

5. Start all servers in OIM domain (AdminServer, soa_server1, oim_server1, and all others if clustered)

Execute patch_oim_wls.sh (and enter passwords if not already done in profile-file):

[oim0@server0 bin]$ . ./patch_oim_wls.sh
Buildfile: /opt/idm0/mwh/idm0/server/setup/deploy-files/automation.xml
    [input]Enter the oim db password:
    [input]Enter MDS db password:
    [input]Enter Weblogic password:
    [input]Enter OIM password:  

6. It is very important to check patch_oim_wls.log, because patch_oim_wls.sh does not generate any output. So check patch_oim_wls.log and see if everything went fine. I first had following error message:


BUILD FAILED
/opt/idm0/mwh/idm0/server/setup/deploy-files/automation.xml:132: The following error occurred while executing this line:
/opt/idm0/mwh/idm0/server/setup/deploy-files/automation.xml:77: java.sql.SQLException: ORA-01017: invalid username/password; logon denied
So obviously I did not enter the correct schema password. 

Be careful, a "BUILD SUCCESSFUL" does not mean there were no errors before, so take a look at the whole file.

If the script fails, it can simply be re-executed.

7. If this is a clustered environment, repeat steps 4, 5 and 6 on every cluster member. The script recognizes all changes already commited to the repository database. 

8. Restart all servers in OIM domain.

9. Check if everything is fine and the version now is 11.1.2.0.4.

I thought you could check the version with the following SQL query in OIM repository:

select XSD_KEY, XSD_CODE, XSD_VALUE, XSD_CREATE, XSD_UPDATE  from XSD;

But this is not the case anymore, the output is still:

XSD_KEY                XSD_CODE                          XSD_VALUE                                 
---------------------- --------------------------------- ------------------------------------------
1                      XL_BUILD_NUMBER                   11.1.2.0.0.0.0                            
2                      XL_ENCRYPTED                      TRUE                                      
3                      XL_BUILD                          0.0                                       
4                      XL_PATCH_BASE                     11.1.2.0.0                                
5                      XL_PATCHLEVEL                     0.0                                       
6                      XL_BRANCH_NAME                    1                                         
7                      XL_ADE_LABEL                      IAM_11.1.2.0.0_GENERIC_120710.1630     

Oracle Support confirmed that only "opatch lsinventory" will give correct information about the patchlevel. It should output this:


Patch 16229450 : applied on Tue Mar 20 10:19:21 CET 2013Unique Patch ID: 15949936 Created on 14 Feb 2013, 04:42:10 hrs PST8PDT Bugs fixed: 14847432, 16027930, 14377844, 14607531, 14528143, 15993556, 9448227 14572885, 15829600, 15865789, 14294315, 15856138, 13849266, 15970366 14383293, 14118283, 14626660, 16022674, 14577685, 14274939, 14587847 14292212, 14501796, 14699616, 14616072, 14173555, 16084304, 14575653 15910342, 14579979, 16005515, 14292257, 14621587, 14347443, 14516538 14287866, 14597181, 14375429, 14690219, 14495107, 15905163, 14696429 14489661, 14149793, 14313692, 14298147, 14687681, 14553954, 14293783 14638470, 15911767, 14825743, 14762289, 15908074, 14627112, 14389156 14191812, 15896540, 16008683, 14345811, 14292190, 14293244, 14267405 15940692, 15879277, 14390529, 14522028, 16105425, 14667903, 13994326 15856621, 15872376, 14698977, 14310109, 14641595, 15971475, 14834319 14509729, 14309065, 14401981, 14313594, 14338499, 14475196, 15999820 14577886, 16105398, 14307751, 14665516, 15971696, 14844556, 13981517 14292237, 14571421, 14342301, 14512231, 14762113, 14512233, 14735224 14469575, 14367137, 14690304, 14345828, 14592982, 14493129, 16058277 14598437, 14072627, 15856565, 14318075, 14205971, 14808348, 14744480 14401887, 14764229, 14645564, 14230147, 16206358, 14350003, 14159688





Eingestellt von Keine Kommentare:
Labels: , , , ,

Error when logging in to Oracle Identity Manager Design Console (11.1.2): java.net.MalformedURLException: no protocol: @jndi_url

This problem is caused by xlconfig.xml ($OIM_ORACLE_HOME/designconsole/config), just update the line


<java.naming.provider.url>@jndi_url</java.naming.provider.url>

with proper connection information, example:

<java.naming.provider.url>t3://linux:7102/Xellerate</java.naming.provider.url>

 Another Error:
SEVERE: An error occured while trying to notify server that a new login session has been created.
oracle.iam.platform.utils.NoSuchServiceException: java.lang.reflect.InvocationTargetException
at oracle.iam.platform.OIMClient.getServiceDelegate(OIMClient.java:279)
at oracle.iam.platform.OIMClient.getService(OIMClient.java:256)
at oracle.iam.platform.OIMClient.loginSessionCreated(OIMClient.java:291)
at oracle.iam.platform.OIMClient.login(OIMClient.java:216)
at oracle.iam.platform.OIMClient.login(OIMClient.java:184)
at com.thortech.xl.client.base.tcAppWindow.internalLogin(tcAppWindow.java:585)
at com.thortech.xl.client.base.tcAppWindow.login(tcAppWindow.java:504)
at com.thortech.xl.client.base.tcAppWindow.<init>(tcAppWindow.java:118)
at com.thortech.xl.client.base.tcAppWindow.main(tcAppWindow.java:174)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at oracle.iam.platform.OIMClient.getServiceDelegate(OIMClient.java:275)
at oracle.iam.platform.OIMClient.getService(OIMClient.java:256)
at oracle.iam.platform.OIMClient.loginSessionCreated(OIMClient.java:291)
at oracle.iam.platform.OIMClient.login(OIMClient.java:215)
at oracle.iam.platform.OIMClient.login(OIMClient.java:184)
at com.thortech.xl.client.base.tcAppWindow.internalLogin(tcAppWindow.java:583)
at com.thortech.xl.client.base.tcAppWindow.login(tcAppWindow.java:504)
at com.thortech.xl.client.base.tcAppWindow.<init>(tcAppWindow.java:118)
at com.thortech.xl.client.base.tcAppWindow.main(tcAppWindow.java:173)
Caused by: oracle.iam.platform.utils.NoSuchServiceException: javax.naming.NoInitialContextException: Cannot instantiate class: @jndi_factory [Root exception is java.lang.ClassNotFoundException: @jndi_factory]


When facing this error, you have to set the following setting in xlconfig.xml to a proper value:

<java.naming.factory.initial>weblogic.jndi.WLInitialContextFactory</java.naming.factory.initial>

This depends on what appserver you are using.


Eingestellt von Keine Kommentare:
Labels: , ,

Error when logging in to Oracle Identity Manager Design Console (11.1.2): unable to find LoginModule class: org.jboss.security.ClientLoginModule

I tried to log into to OIM Design Console and after submittung xelsysadm credentials I got the following error (after clicking "Details"):


Error Keyword: DAE.LOGON_DENIED
Description: Invalid Login.
Remedy: Contact your system administrator.
Action: E
Severity: H
Help URL: 
Detail: 
javax.security.auth.login.LoginException: unable to find LoginModule class: org.jboss.security.ClientLoginModule

Strange message since I don't use JBoss for this installation. While looking in xlclient.sh for the error I noticed it points to the wrong auth file:

   -Djava.security.manager -Djava.security.auth.login.config=config/auth.conf 

Change this line to:

  -Djava.security.manager -Djava.security.auth.login.config=config/authwl.conf 

(not authws.conf!!) After that it works.
Eingestellt von Keine Kommentare:
Labels: , ,

Error when starting Oracle Identity Manager Design Console (11.1.2): java.lang.NoClassDefFoundError: javax/ejb/CreateException

After a new installation of  Oracle Identity Manager (OIM) I tried to start the Design Console and all I got was the following error:

[oim@linux designconsole]$ ./xlclient.sh
Exception in thread "Main Thread" java.lang.NoClassDefFoundError: javax/ejb/CreateException
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2427)
at java.lang.Class.getDeclaredMethod(Class.java:1935)
at java.awt.Component.isCoalesceEventsOverriden(Component.java:5975)
at java.awt.Component.access$500(Component.java:169)
at java.awt.Component$3.run(Component.java:5929)
at java.awt.Component$3.run(Component.java:5927)
at java.awt.Component.checkCoalescing(Component.java:5926)
at java.awt.Component.<init>(Component.java:5895)
at java.awt.Container.<init>(Container.java:249)
at java.awt.Window.<init>(Window.java:430)
at java.awt.Frame.<init>(Frame.java:403)
at java.awt.Frame.<init>(Frame.java:368)
at javax.swing.JFrame.<init>(JFrame.java:158)
at com.thortech.xl.gui.base.tcFrame.<init>(tcFrame.java:34)
at com.thortech.xl.client.base.tcAppWindow.<init>(tcAppWindow.java:104)
at com.thortech.xl.client.base.tcAppWindow.main(tcAppWindow.java:173)

It turns out I missed one step in installation instruction. Fix:

  • Change to MW_HOME/wlserver_10.3/server/lib directory
  • Set JAVA_HOME
  • Execute 

java -jar wljarbuilder.jar
.
.
.
Created new jar file: /oracle/oim0/mwh/wlserver_10.3/server/lib/wlfullclient.jar

  • Copy wljarbuilder.jar to $OIM_ORACLE_HOME/designconsole/ext

After that it works.
Eingestellt von Keine Kommentare:
Labels: , ,

Freitag, 15. März 2013

I don't always dump mysql databases ...

... but when I do, I use commandline tools instead of phpmyadmin - it's much faster and you don't get in trouble with large databases and php filelimits. Today I had to clone some mysql databases from one linux server to another. This happens every few months and I always forget the exact mysqldump commands - so I will note them down here.

Export database

mysqldump -u db_user -pPasswordWithoutBlank --databases db_name --result-file=dbname.sql

Import database

mysql -u db_user -pPasswordWithoutBlank db_name < dbname.sql
Thanks to this post by Ramesh Natarajan which is always my favorite google result on this topic.
Eingestellt von Keine Kommentare:
Labels: , , , ,

Mittwoch, 23. Januar 2013

Error during sca deployment: unable to extend lob segment

Today I got an error while doing an sca deployment:
---->response code=500, error:There was an error deploying the composite on soa_server1: 
oracle.mds.transfer.TransferException:MDS-00001: exception in Metadata Services layerMDS-00522: failure to save document /deployed-composites/app/appfu_rev1.0/lib/bpm-services.jar to the metadata repository
ORA-01691: unable to extend lob segment SOA_MDS.SYS_LOB0000088234C00023$$ by 1024 in tablespace SOA_MDSORA-01691: unable to extend lob segment SOA_MDS.SYS_LOB0000088234C00023$$ by 1024 in tablespace SOA_MDS

The solution was quite simple: The tablespace for the mds repository was to small. After increasing the tablespace size, everything was fine.
Eingestellt von Keine Kommentare:
Labels: , , ,

Montag, 21. Januar 2013

Find out who / what is connected to weblogic server (or to specific tcp port generally)

In the past weeks I had to stick around with outbound and inbound firewall rules. Firewalls are sometimes a real pain in the ass, but if you observe some rules, it should be possible to generate a working ruleset.

One important thing when configuring a firewall is to know which network hosts are connecting to the protected host (inbound rules) and to which hosts the protected host connects itself (outbound rules).

Very usefull tools for linux here are netstat and lsof. With that tools you can find out, what is connected to an tcp-port and which outgoing connections there are.

With netstat, you can see what services are listening on which networking interface. For example, if you have a weblogic server running on ports 7001 (AdminServer) and 7002 (managed_server0) on a specific networking device you will get something like that:

[root@linux ~]# netstat -tnlp 
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 192.168.0.20:7001         0.0.0.0:*                   LISTEN      22451/java        
tcp        0      0 192.168.0.20:7002         0.0.0.0:*                   LISTEN      22493/java          

Of course you will also see some open ports for sshd and so on.

Now if you want to know what process is behind a open port you can use ps in combination with grep.

[root@linux ~]# ps -ef | grep 22493 
  wluser   22493  6937  3 19:23 ?        00:20:13 /opt/oracle0/mwh/jrockit/bin/java -jrockit -Xms256m -Xmx1024m -Dweblogic.Name=managed_server0 -Djava.security.policy=/opt/oracle0/mwh/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.ProductionModeEnabled=true -Dweblogic.security.SSL.trustedCAKeyStore=/opt/oracle0/mwh/wlserver_10.3/server/lib/cacerts -Dweblogic.ProductionModeEnabled=true -da -Dplatform.home=/opt/oracle0/mwh/wlserver_10.3 -Dwls.home=/opt/oracle0/mwh/wlserver_10.3/server -Dweblogic.home=/opt/oracle0/mwh/wlserver_10.3/server -Dcommon.components.home=/opt/oracle0/mwh/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/opt/oracle0/projects/domains/domain0 -Djrockit.optfile=/opt/oracle0/mwh/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/opt/oracle0/projects/domains/domain0/config/fmwconfig/servers/AdminServer -Doracle.domain.config.dir=/opt/oracle0/projects/domains/domain0/config/fmwconfig -Digf.arisidbeans.carmlloc=/opt/oracle0/projects/domains/domain0/config/fmwconfig/carml -Digf.arisidstack.home=/opt/oracle0/projects/domains/domain0/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/opt/oracle0/projects/domains/domain0/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/opt/oracle0/projects/domains/domain0/servers/AdminServer/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/opt/oracle0/mwh/oracle_common/modules/oracle.ossoiap_11.1.1,/opt/oracle0/mwh/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.jdbc.remoteEnabled=false -DEPM_ORACLE_HOME=/opt/oracle0/mwh/bip0 -DHYPERION_HOME=/opt/oracle0/mwh/bip0 -DEPM_ORACLE_INSTANCE=novalue -Dhyperion.home=/opt/oracle0/mwh/bip0 -DEPM_REG_PROPERTIES_PATH=/opt/oracle0/projects/domains/domain0/config/fmwconfig -Depm.useApplicationContextId=false -Doracle.biee.search.bisearchproperties=/opt/oracle0/mwh/bip0/bifoundation/jee/BISearchConfig.properties -Dweblogic.management.clearTextCredentialAccessEnabled=true -Doracle.notification.filewatching.interval=2000 -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.security.SSL.enableJSSE=true -Dfile.encoding=utf-8 -Duser.language=en -Duser.region=US -Dxdo.server.config.dir=/opt/oracle0/projects/domains/domain0/config/bipublisher -DXDO_FONT_DIR=/opt/oracle0/mwh/bip0/common/fonts -Dem.oracle.home=/opt/oracle0/mwh/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=true -Dwlw.iterativeDev=false -Dwlw.testConsole=false -Dwlw.logErrorsToConsole=false -Dweblogic.ext.dirs=/opt/oracle0/mwh/patch_wls1035/profiles/default/sysext_manifest_classpath:/opt/oracle0/mwh/patch_ocp360/profiles/default/sysext_manifest_classpath -Djava.io.tmpdir=/opt/oracle0/tmp -da -Dplatform.home=/opt/oracle0/mwh/wlserver_10.3 -Dwls.home=/opt/oracle0/mwh/wlserver_10.3/server -Dweblogic.home=/opt/oracle0/mwh/wlserver_10.3/server -Dcommon.components.home=/opt/oracle0/mwh/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/opt/oracle0/projects/domains/domain0 -Djrockit.optfile=/opt/oracle0/mwh/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/opt/oracle0/projects/domains/domain0/config/fmwconfig/servers/managed_server0 -Doracle.domain.config.dir=/opt/oracle0/projects/domains/domain0/config/fmwconfig -Digf.arisidbeans.carmlloc=/opt/oracle0/projects/domains/domain0/config/fmwconfig/carml -Digf.arisidstack.home=/opt/oracle0/projects/domains/domain0/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/opt/oracle0/projects/domains/domain0/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/opt/oracle0/projects/domains/domain0/servers/managed_server0/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/opt/oracle0/mwh/oracle_common/modules/oracle.ossoiap_11.1.1,/opt/oracle0/mwh/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.jdbc.remoteEnabled=false -DEPM_ORACL

OK, now you know what process runs the port. Now you can use lsof to determine which connections there are to and from the specified tcp-port.

[root@linux ~]# lsof -i tcp:7002
COMMAND   PID    USER   FD   TYPE   DEVICE SIZE NODE NAME
java    22493 wluser  290u  IPv4 61184208       TCP localhost:7002->clusterpartner1:55879 (ESTABLISHED)
java    22493 wluser  303u  IPv4 61184159       TCP localhost:7002->clusterpartner1:35736 (ESTABLISHED)
java    22493 wluser  382u  IPv4 61189759       TCP localhost:7002->clusterpartner1:55955 (ESTABLISHED)
java    22493 wluser  386u  IPv4 61170023       TCP localhost:7002->localhost:54803 (ESTABLISHED)
java    22493 wluser  389u  IPv4 61170863       TCP localhost:7002 (LISTEN)
java    22493 wluser  390u  IPv4 61170864       TCP
java    22493 wluser  398u  IPv4 61170992       TCP localhost:7002->localhost:54793 (ESTABLISHED)
java    22493 wluser  399u  IPv4 61171023       TCP localhost:7002->localhost:54799 (ESTABLISHED)
java    22493 wluser  400u  IPv4 61184168       TCP localhost:7002->clusterpartner1:35773 (ESTABLISHED)
java    22493 wluser  401u  IPv4 61171039       TCP localhost:7002->localhost:54903 (ESTABLISHED)
java    22493 wluser  405u  IPv4 61189776       TCP localhost:7002->clusterpartner1:55993 (ESTABLISHED) 

You can see my Managed Server (PID 22493) has some ingoing and outgoing connections to it's clusterpartner. So you can get an idea of which ports are needed and should be opened in local firewall.
Eingestellt von Keine Kommentare:
Labels: , , , , , ,
Abonnieren Posts (Atom)