Weblogic transactions

Weblogic transactions

http://download.oracle.com/docs/cd/E12840_01/wls/docs103/jta/trxman.html#wp1052600

Handling Heuristic Completions
Heuristic error
After the abandon transaction timer expires, no further attempt is made to resolve the transaction with any resources that are unavailable or unable to acknowledge the transaction outcome. If the transaction is in a prepared state before being abandoned, the transaction manager will roll back the transaction to release any locks held on behalf of the abandoned transaction and will write an heuristic error to the server log.
A heuristic completion (or heuristic decision) occurs when a resource makes a unilateral decision during the completion stage of a distributed transaction to commit or rollback updates. This can leave distributed data in an indeterminate state. Network failures or resource timeouts are possible causes for heuristic completion. In the event of an heuristic completion, one of the following heuristic outcome exceptions may be thrown:

HeuristicRollback—one resource participating in a transaction decided to autonomously rollback its work, even though it agreed to prepare itself and wait for a commit decision. If the Transaction Manager decided to commit the transaction, the resource's heuristic rollback decision was incorrect, and might lead to an inconsistent outcome since other branches of the transaction were committed.

HeuristicCommit—one resource participating in a transaction decided to autonomously commit its work, even though it agreed to prepare itself and wait for a commit decision. If the Transaction Manager decided to rollback the transaction, the resource's heuristic commit decision was incorrect, and might lead to an inconsistent outcome since other branches of the transaction were rolled back.

HeuristicMixed—the Transaction Manager is aware that a transaction resulted in a mixed outcome, where some participating resources committed and some rolled back. The underlying cause was most likely heuristic rollback or heuristic commit decisions made by one or more of the participating resources.

HeuristicHazard—the Transaction Manager is aware that a transaction might have resulted in a mixed outcome, where some participating resources committed and some rolled back. But system or resource failures make it impossible to know for sure whether a Heuristic Mixed outcome definitely occurred. The underlying cause was most likely heuristic rollback or heuristic commit decisions made by one or more of the participating resources.
When an heuristic completion occurs, a message is written to the server log. Refer to your database vendor documentation for instructions on resolving heuristic completions.
Some resource managers save context information for heuristic completions. This information can be helpful in resolving resource manager data inconsistencies. If the ForgetHeuristics attribute is selected (set to true) on the JTA panel of the WebLogic Console, this information is removed after an heuristic completion. When using a resource manager that saves context information, you may want to set the ForgetHeuristics attribute to false.

SSL

These are the steps I followed. This was a straightforward task to configure apache to accept HTTPS traffic. Further enhancements such as forcing HTTPS only, or validating client certificates were not required.

This article is quite good

http://articles.sitepoint.com/article/securing-apache-2-server-ssl

If on linux then install mod_ssl. (http://www.cyberciti.biz/faq/rhel-apache-httpd-mod-ssl-tutorial/ )

yum install mod_ssl ...

Also http://www.csrparser.com/ is handy for checking any old CSRs

Setting up certs etc.

generate a certificate.

PreRequisite:

To do this you need a Certification Authority, CA, (openssl to DIY, or public CA). See links above

1/ Generate CSR (Certificate Signing Request)

Multiple ways to do this. OpenSSL or Keytool.

For openssl using defaults you can simply do

openssl req -new

2/ Generate certificate (using CA)

3/ Install certificate in Apache (as root)

4/ Edit ssl.conf file (equivalent to httpd.conf). Configure any VirtualHosts you require, and assign them the requisite keys and certs, e.g.

<VirtualHost www.nixcraft.com:> 
SSLEngine On 
SSLCertificateFile /etc/pki/tls/http/apachecert.pem 
SSLCertificateKeyFile /etc/pki/tls/http/apachekey.pem 
SSLProtocol All -SSLv2 
SSLCipherSuite HIGH:MEDIUM:!aNULL:+MD5 
DocumentRoot /var/www/html/ssl
ServerName www.nixcraft.com
</VirtualHost>

Create CA private Key (used for generating CSR’s)

openssl genrsa –aes256 -out domainname.com.key 1024

In general generate a private key per domain

Create Self Signed CA cert (Also generates private Key for CA)

openssl req -new -x509 -extensions v3_ca -keyout ./private/cakey.pem -out cacert.pem -days 3650

Create Self signed CA using existing private key

openssl req -new -x509 -extensions v3_ca -key privateKey.pem -out cacert.pem -days 3650

This command demonstrates the how commands in openssl combine functionality

Req command allows switch to x509

Keystore

The default locations of the of the keystore files is %JAVA_HOME%/jre/security/.keystore

To include trusted certs from the keystore in a java client you must add the following

Java -Djavax.net.ssl.trustStore=...

Problems

Unsupported OID in the AlgorithmIdentifier
<ms_osb1> <[ACTIVE] ExecuteThread: '13' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1315908488277> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>

http://java.sun.com/javase/6/webnotes/6u13.html

I was doing some work with 2-way SSL, and seeing the following error in my weblogic (OSB) logs.

As it happens this is a problem with JDK 1.6_013. They included a non compatible CA cert in the keystore.

keytool -delete -keystore $JAVA_HOME\jre\lib\security\cacerts -alias ttelesecglobalrootclass2ca -keystorepass changeit
keytool -delete -keystore $JAVA_HOME\jre\lib\security\cacerts -alias ttelesecglobalrootclass3ca -keystorepass changeit

How do I remove a passphrase from a key?

Perhaps you’ve grown tired of typing your passphrase every time your secure daemon starts. You can decrypt your key, removing the passphrase requirement, using the rsa or dsa option, depending on the signature algorithm you chose when creating your private key.

If you created an RSA key and it is stored in a standalone file called key.pem, then here’s how to output a decrypted version of the same key to a file called newkey.pem.

# you'll be prompted for your passphrase one last time

openssl rsa -in key.pem -out newkey.pem

Often, you’ll have your private key and public certificate stored in the same file. If they are stored in a file called mycert.pem, you can construct a decrypted version called newcert.pem in two steps.

# you'll need to type your passphrase once more

openssl rsa -in mycert.pem -out newcert.pem

openssl x509 -in mycert.pem >>newcert.pem

from

http://www.madboa.com/geek/openssl/#key-removepass

Hudson and Ant

The following error was blocking all my Hudson builds

UNC paths are not supported.  Defaulting to Windows directory.

This was occurring after checkout, just as it starts to try and build

The problem was that I was building on a network drive, and this was causing problems. Solution is

1/ to map network drive to a lettered drive

2/ Set Hudson_Home to point to new directory. (export CATALINA_OPTS="-DHUDSON_HOME=/path/to/hudson_home/ -Xmx512m")

3/ Restart

At revision 11699

no change for https://svnServer/svn/AdminToolsWeb since the previous build

[workspace] $ cmd /c call "F:\My Documents\apps\apache-tomcat-7.0.4\temp\hudson6361.bat"

'\\c\USERS_HOME\khyland\.hudson\jobs\WAT\workspace'

CMD.EXE was started with the above path as the current directory.

UNC paths are not supported.  Defaulting to Windows directory.

C:\WINDOWS>f:\\apps\\ant.bat clean package 

Buildfile: build.xml does not exist!

Build failed

Finished: FAILURE 

Windows Batch files

http://blogs.msdn.com/b/oldnewthing/archive/2005/01/28/362565.aspx

Good article.

Summary

%~dp0 = directory current resource is in. Useful for loading dependencies relative to batch file.

%CD% = current working directory. (Possible different from %~dp0)

e.g.

dir¬

-bin

-lib

If batch file is in bin and includes artifacts in lib, it needs to be able to access them regardless of where cwd is

mvn quickie

Mvn command for downloading external sources and including them in eclipse.. (handy for debugging)

mvn eclipse:clean eclipse:eclipse -DdownloadSources




Transparent divs, centering CSS

Transparent Div

filter: alpha(opacity=55);

-moz-opacity: .55;

background-color:#AAA;

opacity: 0.55;

Transparent floating div

Note we had a problem getting a background image to display on div

div#overlay {

filter: alpha(opacity=55);

-moz-opacity: .55;

background-color:#AAA;

opacity: 0.55;

position:absolute;

top:200;

left:100;

width: 500px;

height: 260px;

z-index:1;

}

Finally to make an image centered in div (absolutely

div#overlay img{

margin: 120px;

top: 400px;}

HTML

<div id="overlay">

<img src="${ctx}/img/wait30.gif" /> <div>

JQuery Centre, even when scrolling

jQuery.fn.center = function () {

this.css("position","absolute");

this.css("top", ( $(window).height() - this.height() ) / 2+$(window).scrollTop() + "px");

this.css("left", ( $(window).width() - this.width() ) / 2+$(window).scrollLeft() + "px");

return this;

}

or

jQuery.fn.center = function () {

this.css("position","absolute");

this.css("top", ( $(window).height() - this.outerHeight() ) / 2+$(window).scrollTop() + "px");

this.css("left", ( $(window).width() - this.outerWidth() ) / 2+$(window).scrollLeft() + "px");

return this;

}

then user jQuery(element).center();

http://stackoverflow.com/questions/210717/what-is-the-best-way-to-center-a-div-on-the-screen-using-jquery

Oracle Service Bus

Interesting article on OSB Route Node vs Service Callout

Taken from http://forums.oracle.com/forums/thread.jspa?threadID=1003862

Little differences between ServiceCallout and Route nodes. Route node can be seen as an action which defines where a Request thread stops and Response thread begins, in addition to what ever it does. It is know that by-design, request and response pipelines of a OSB proxy will be in different threads unless other wise configured.
And also Route Node can be (request-response and request only)

Service Callout wsdl operation is request-response only)

Java and XML Date fields

If you use Xml Date and time field you will need to use the XmlGregorianCalendar

Easiest way to invoke this is.

GregorianCalendar cal = new GregorianCalendar();
cal.setTime(yourDate);
XMLGregorianCalendar date2 = DatatypeFactory.newInstance().newXMLGregorianCalendar(cal);

However if your Xml schema required separate Date and Time elements, not a single DateTime field then the following should be used. The standard XMLGregorianCalendar constructor used above will generate a DateTime field

Note there a couple of gothca's, such as having to add one to the month (since java counts months from 0).

GregorianCalendar cal = new GregorianCalendar();
cal.setTime(yourDate);
XMLGregorianCalendar xmlDate = df.newXMLGregorianCalendarDate(cal.get(Calendar.YEAR), cal.get(Calendar.MONTH)+1, cal.get(Calendar.DAY_OF_MONTH), 0);
XMLGregorianCalendar xmlTime = df.newXMLGregorianCalendarTime(cal.get(Calendar.HOUR_OF_DAY), cal.get(Calendar.MINUTE), cal.get(Calendar.SECOND), 0);

OSB Route Node vs Service Callout

Interesting article on OSB Route Node vs Service Callout

Taken from http://forums.oracle.com/forums/thread.jspa?threadID=1003862

Little differences between ServiceCallout and Route nodes. Route node can be seen as an action which defines where a Request thread stops and Response thread begins, in addition to what ever it does. It is know that by-design, request and response pipelines of a OSB proxy will be in different threads unless other wise configured.
And also Route Node can be (request-response and request only)

Service Callout wsdl operation is request-response only)

java.lang.IllegalStateException: Cannot forward a response that is already committed

We saw a few of the following errors running Oracle Enterprise Manager on Weblogic 11g (10.3.3)

java.lang.IllegalStateException: Cannot forward a response that is already committed

“EM web client user sends a request to the SOA WebLogic Server, the SOA WebLogic Server will process the request and send the response back to the EM Web Client.

Before the EM Web Client receives the response, if the user choose not to wait for the response, the user may click other buttons in EM Web Client or another site so the browser is not longer in waiting for response. When the SOA WebLogic Server has the response and tries to send the response, it finds out that the browser is no longer in the waiting state for the response, so the SOA WebLogic Server throws this error”

Usually seeing this error should not cause any alarms, however if you see many such errors you should talk to the EM Web client users to see if the SOA Weblogic server responds too slowly, if this is the case, you should decide if there is need to improve SOA Weblogic performance.”

In addition, the experts pointed that is should not cause the crash of the AdminServer, well, in our case if we see the logs again, the AdminServer did not crash, but seems that while it was generating the dump, the applications running on it(Weblogic Admin Console, SOA EM) were not available, so during that time we could not access to the consoles, but the AS was up and running, then we decided to stop and start again. To make sure about that, my proposal is, if we have the problem again in the future, as AdminServer is not business critical let’s wait to the AdminServer to finish to generate the dump and check after that if the consoles are accessible.

Below you have the error we extracted from our logs

####<Mar 1, 2011 5:21:24 PM GMT> <Error> <HTTP> <server> <AdminServer> <[ACTIVE] ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <a0306302dbfb8417:6ff05d54:12c0925588a:-8000-0000000000057b39> <1299000084317> <BEA-101020> <[ServletContext@407257383[app:em module:/em path:/em spec-version:2.5]] Servlet failed with Exception

java.lang.IllegalStateException: Cannot forward a response that is already committed

at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)

at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:410)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:267)

at com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:473)

at com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:141)

at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:189)

at org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:193)

at oracle.sysman.emSDK.adfext.ctlr.EMViewHandlerImpl.renderView(EMViewHandlerImpl.java:150)

at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:205)

at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)

at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)

at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)

at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:97)

at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:421)

at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:421)

at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)

at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:421)

at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)

at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:166)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:160)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:183)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)

at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)

at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)

at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)

at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

>

####<Mar 1, 2011 5:21:24 PM GMT> <Notice> <Diagnostics> <server> <AdminServer> <[ACTIVE] ExecuteThread: '21' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <a0306302dbfb8417:6ff05d54:12c0925588a:-8000-0000000000057b3b> <1299000084321> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'AdminServer' has triggered at Mar 1, 2011 5:21:24 PM GMT. Notification details:

WatchRuleType: Log

WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA-000802'))

WatchData: DATE = Mar 1, 2011 5:21:24 PM GMT SERVER = AdminServer MESSAGE = [ServletContext@407257383[app:em module:/em path:/em spec-version:2.5]] Servlet failed with Exception

java.lang.IllegalStateException: Cannot forward a response that is already committed

at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)

at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:410)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidad.context.ExternalContextDecorator.dispatch(ExternalContextDecorator.java:44)

at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:267)

at com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:473)

at com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:141)

at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:189)

at org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:193)

at oracle.sysman.emSDK.adfext.ctlr.EMViewHandlerImpl.renderView(EMViewHandlerImpl.java:150)

at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:205)

at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)

at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)

at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)

at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:27)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:97)

at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:421)

at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)

at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:421)

at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)

at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:166)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:160)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:183)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:542)

at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:57)

at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)

at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)

at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)

at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)

at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

SUBSYSTEM = HTTP USERID = <WLS Kernel> SEVERITY = Error THREAD = [ACTIVE] ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)' MSGID = BEA-101020 MACHINE = server TXID = CONTEXTID = a0306302dbfb8417:6ff05d54:12c0925588a:-8000-0000000000057b39 TIMESTAMP = 1299000084317

WatchAlarmType: AutomaticReset

WatchAlarmResetPeriod: 30000

>

####<Mar 1, 2011 5:21:25 PM GMT> <Alert> <Diagnostics> <server> <AdminServer> <oracle.dfw.dump.DumpManager - Dump Executor (created: Tue Mar 01 17:21:25 GMT 2011)> <<WLS Kernel>> <> <a0306302dbfb8417:6ff05d54:12c0925588a:-8000-0000000000057b40> <1299000085085> <BEA-320016> <Creating diagnostic image in /app/prod/nwk_soa/Admin/nwk_soa_prod_dom/servers/AdminServer/adr/diag/ofm/nwk_soa_prod_dom/AdminServer/incident/incdir_5 with a lockout minute period of 1.>

WS-Security

The following are the standard (Pre-Defined) security policies available with weblogic.

They are stored in the weblogic.jar file under
weblogic/wsee/policy/runtime

To use in Java code (taken from http://forums.oracle.com/forums/thread.jspa?messageID=2966292 )
If you need (or want) to extract it and modify it to do something different, you'd put it in the same directory as the JWS. If you renamed the copy to MyAuth.xml, your @Policy annotation would look something like this:
@Policy(
uri = "MyAuth.xml",
Policy.Direction.inbound

)

to use the "provided by BEA" Auth.xml, do this:
@Policy(

uri = "policy:Auth.xml",
Policy.Direction.inbound
)


With the MyAuth.xml, you can also create a policies directory in JWS project's WebContent/WEB-INF and put it in there.
WebContent/WEB-INF/policies/MyAuth.xml
Then you can remove the @Policy annotation from the JWS altogether, and use the WebLogic Admin Console to associate the policy at runtime. It (policy:MyAuth) will show up in the selectable list, along side the other "provided by BEA" WS-Policy files.
PreDefined policys

Heres a list of some of the more popular policy files
Auth.xml
<?xml version="1.0"?>

<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wssp="http://www.bea.com/wls90/security/policy"
>

<wssp:Identity/>

</wsp:Policy>

Encrypt.xml
<?xml version="1.0"?>

<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wssp="http://www.bea.com/wls90/security/policy"
>

<wssp:Confidentiality>
<wssp:KeyWrappingAlgorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<wssp:Target>
<wssp:EncryptionAlgorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<wssp:MessageParts Dialect="http://schemas.xmlsoap.org/2002/12/wsse#part">wsp:Body()</wssp:MessageParts>
</wssp:Target>
<wssp:KeyInfo/>
</wssp:Confidentiality>

</wsp:Policy>

DefaultResliability.xml
<?xml version="1.0"?>

<wsp:Policy
xmlns:wsrm="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:beapolicy="http://www.bea.com/wsrm/policy"
>
<wsrm:RMAssertion >
<wsrm:InactivityTimeout
Milliseconds="600000" />
<wsrm:BaseRetransmissionInterval
Milliseconds="3000" />
<wsrm:ExponentialBackoff />
<wsrm:AcknowledgementInterval
Milliseconds="200" />
<beapolicy:Expires Expires="P1D" optional="true"/>
</wsrm:RMAssertion>
</wsp:Policy>

LongRunningReliability.xml
<?xml version="1.0"?>

<wsp:Policy
xmlns:wsrm="http://schemas.xmlsoap.org/ws/2005/02/rm/policy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:beapolicy="http://www.bea.com/wsrm/policy"
>
<wsrm:RMAssertion >
<wsrm:InactivityTimeout
Milliseconds="86400000" />
<wsrm:BaseRetransmissionInterval
Milliseconds="3000" />
<wsrm:ExponentialBackoff />
<wsrm:AcknowledgementInterval
Milliseconds="200" />
<beapolicy:Expires Expires="P1M" optional="true"/>
</wsrm:RMAssertion>
</wsp:Policy>


Sign.xml
<?xml version="1.0"?>

<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wssp="http://www.bea.com/wls90/security/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wls="http://www.bea.com/wls90/security/policy/wsee#part"
>

<wssp:Integrity>

<wssp:SignatureAlgorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<wssp:CanonicalizationAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#"/>

<wssp:Target>
<wssp:DigestAlgorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" />
<wssp:MessageParts Dialect="http://www.bea.com/wls90/security/policy/wsee#part">
wls:SystemHeaders()
</wssp:MessageParts>
</wssp:Target>

<wssp:Target>
<wssp:DigestAlgorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" />
<wssp:MessageParts Dialect="http://www.bea.com/wls90/security/policy/wsee#part">
wls:SecurityHeader(wsu:Timestamp)
</wssp:MessageParts>
</wssp:Target>

<wssp:Target>
<wssp:DigestAlgorithm URI="http://www.w3.org/2000/09/xmldsig#sha1" />
<wssp:MessageParts Dialect="http://schemas.xmlsoap.org/2002/12/wsse#part">
wsp:Body()
</wssp:MessageParts>
</wssp:Target>

</wssp:Integrity>

<wssp:MessageAge/>

</wsp:Policy>



WSSP1.2-2007-HTTPS-BasicAuth.xml
<?xml version="1.0"?>
<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken>
<wsp:Policy>
<sp:HttpBasicAuthentication/>
</wsp:Policy>
</sp:HttpsToken>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
</wsp:Policy>


Wssp1.2-2007-Https-UsernameToken-Digest.xml
<?xml version="1.0"?>
<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:HashPassword/>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>

Wssp1.2-2007-HTTPS.xml
<?xml version="1.0"?>
<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken />
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
</wsp:Policy>

access.log analysis

We're using awstat to analyse the access.log statistics.

Weblogic JMS pause and resume consumption

This program is an example of connecting to weblogic and manipulating the JMS queues.
The example here, pauses and resumes the consumption of a selected queue.


/*
* $Revision: $
* $Date: $
* $Author: $
*/

package com.test;

import java.io.IOException;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Map;
import java.util.Hashtable;
import java.util.Set;
import java.util.Vector;

import javax.management.MBeanServerConnection;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class QueueManipulator {
Logger logger = LoggerFactory.getLogger(this.getClass());
public static final String SYSTEM_OSB = "OSB";

public static void main(String[] args) {
QueueManipulator qm = new QueueManipulator();
qm.run();
}

public void run() {
String[] queues = { "PurchaseRequisitionCreateQueue" };
// Pause
updatePauseStatus(queues, true);
// resume
updatePauseStatus(queues, false);
}

private Collection updatePauseStatus(String[] queueNames,
boolean pause) {
Vector updatedQueues = new Vector();
Collection serverList;
// Connection details
String jmsModuleName, username, password;
serverList = new ArrayList();
serverList.add(new Server("ms_soa1", "osb1tst2:7001"));
// serverList.add(new Server("ms_soa2" ,"soa2tst2:7001"));
jmsModuleName = "ApplicationModule";
username = "khyland";
password = "Password1";

for (Server server : serverList) {
JMXConnector jmxCon = null;
try {
jmxCon = getJMXConnector(server, username, password);
jmxCon.connect();
MBeanServerConnection con = jmxCon.getMBeanServerConnection();
String action = pause ? "pauseConsumption"
: "resumeConsumption";
Exception exception = null;
for (String queueName : queueNames) {
exception = null;
try {
ObjectName destination = findQueueObjectName(con,
jmsModuleName, queueName);
if (pause) {
Object pauseConsResult = con.invoke(destination,
action, null, null);
logger.info("Result from pauseConsumption: "
+ pauseConsResult);
} else {
Object resumeConsResult = con.invoke(destination,
action, null, null);
logger.info("Result from resumeConsumption: "
+ resumeConsResult);
}
updatedQueues.add(new QueueInfo(SYSTEM_OSB, queueName));
} catch (Exception e) {
exception = e;
logger.error("Queue not found name " + jmsModuleName
+ ":" + queueName);
throw e;
} finally {
// Audit.getInst().msg(Audit.AuditAction.PauseQueue,
// action+" of "+jmsModuleName+":"+queueName+" "+(exception==null?"success":"failed"),
// null, exception);
}
}

} catch (Exception ioe) {
// TODO: review
// throw new RuntimeException("Error while pausing the queue",
// ioe);
// ignore the error and continue working with the rest of the
// nodes
logger.error("Error while pausing the queue on " + server, ioe);
} finally {
if (jmxCon != null)
try {
jmxCon.close();
} catch (IOException e) {
logger.error("Error while closing JMX connection", e);
}
}
}
return updatedQueues;
}

private static JMXConnector getJMXConnector(Server server, String username,
String password) throws IOException {
String fullServerURL = "service:jmx:iiop://" + server.getUrl()
+ "/jndi/weblogic.management.mbeanservers.runtime";
JMXConnector jmxCon = null;

JMXServiceURL serviceUrl = new JMXServiceURL(fullServerURL);

Hashtable env = new Hashtable();
env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,
"weblogic.management.remote");
env.put(javax.naming.Context.SECURITY_PRINCIPAL, username);
env.put(javax.naming.Context.SECURITY_CREDENTIALS, password);

jmxCon = JMXConnectorFactory.newJMXConnector(serviceUrl, env);

return jmxCon;
}

private ObjectName findQueueObjectName(MBeanServerConnection con,
String jmsModuleName, String queueName)
throws MalformedObjectNameException, NullPointerException,
Exception {
ObjectName query_obj_name;
query_obj_name = new ObjectName(
"com.bea:Type=JMSDestinationRuntime,Name=" + jmsModuleName
+ "!*" + queueName + "*,*");
Set objectNames = con.queryNames(query_obj_name, null);
if (objectNames == null || objectNames.size() == 0) {
throw new Exception(
"NotFoundException: Error while getting a reference to the queue (queue "
+ queueName + " not found)");
} else if (objectNames.size() > 1) {
throw new Exception(
"DuplicateFoundException: Error while getting a reference to the queue (more than one queue found named "
+ queueName + ")");
} else {
return objectNames.iterator().next();
}
}

class Server implements Serializable {
private static final long serialVersionUID = -466143988049844989L;

private String name;
private String url;

public Server() {
}

public Server(String name, String url) {
setName(name);
setUrl(url);
}

public void setName(String name) {
this.name = name;
}

public String getName() {
return name;
}

public void setUrl(String url) {
this.url = url;
}

public String getUrl() {
return url;
}

@Override
public String toString() {
return (new StringBuilder()).append(getName()).append(" [")
.append(getUrl()).append("]").toString();
}
}

public class QueueInfo implements Comparable {

private String system;
private String queueName;
private String jndiName;
private Collection serverQueueInfo = new Vector();

public QueueInfo(String system, String queueName) {
this(system, queueName, "");
}

public QueueInfo(String system, String queueName, String jndiName) {
this.system = system;
this.queueName = queueName;
this.jndiName = jndiName;
}

public String getQueueName() {
return queueName;
}

public void setQueueName(String queueName) {
this.queueName = queueName;
}

public Collection getServerQueueInfo() {
return serverQueueInfo;
}

public void setServerQueueInfo(
Collection serverQueueInfo) {
this.serverQueueInfo = serverQueueInfo;
}

public void addSingleServerQueueInfo(String serverName,
SingleServerQueueInfo singleServerQueueInfo) {
serverQueueInfo.add(singleServerQueueInfo);
}

public String getJndiName() {
return jndiName;
}

public void setJndiName(String jndiName) {
this.jndiName = jndiName;
}

@Override
public int compareTo(QueueInfo o) {
return queueName.compareTo(o.getQueueName());
}

@Override
public boolean equals(Object o) {
if (o == null)
return false;
if (o instanceof QueueInfo)
return this.compareTo((QueueInfo) o) == 0;
return false;
}

@Override
public int hashCode() {
return queueName.hashCode();
}

@Override
public String toString() {
return getSystem() + ":" + getQueueName() + ":" + getJndiName();
}

public String getSystem() {
return system;
}

public void setSystem(String system) {
this.system = system;
}
}

public class SingleServerQueueInfo {

private String serverName;
private String queueName;
private String jndiName;
private long messagesCurrent;
private long messagesHigh;
private long messagesPending;
private long consumersCurrent;
private long consumersHigh;
private boolean insertionPaused;
private boolean consumptionPaused;
private boolean productionPaused;

public String getQueueName() {
return queueName;
}

public void setQueueName(String queueName) {
this.queueName = queueName;
}

public long getMessagesCurrent() {
return messagesCurrent;
}

public void setMessagesCurrent(long messagesCurrent) {
this.messagesCurrent = messagesCurrent;
}

public long getMessagesHigh() {
return messagesHigh;
}

public void setMessagesHigh(long messagesHigh) {
this.messagesHigh = messagesHigh;
}

public long getMessagesPending() {
return messagesPending;
}

public void setMessagesPending(long messagesPending) {
this.messagesPending = messagesPending;
}

public long getConsumersCurrent() {
return consumersCurrent;
}

public void setConsumersCurrent(long consumersCurrent) {
this.consumersCurrent = consumersCurrent;
}

public long getConsumersHigh() {
return consumersHigh;
}

public void setConsumersHigh(long consumersHigh) {
this.consumersHigh = consumersHigh;
}

public boolean isInsertionPaused() {
return insertionPaused;
}

public void setInsertionPaused(boolean insertionPaused) {
this.insertionPaused = insertionPaused;
}

public boolean isConsumptionPaused() {
return consumptionPaused;
}

public void setConsumptionPaused(boolean consumptionPaused) {
this.consumptionPaused = consumptionPaused;
}

public boolean isProductionPaused() {
return productionPaused;
}

public void setProductionPaused(boolean productionPaused) {
this.productionPaused = productionPaused;
}

public String getServerName() {
return serverName;
}

public void setServerName(String serverName) {
this.serverName = serverName;
}

public String getJndiName() {
return jndiName;
}

public void setJndiName(String jndiName) {
this.jndiName = jndiName;
}

@Override
public String toString() {
return getServerName() + "::" + getQueueName();
}
}
}

Weblogic JMS and Reporting action

One important fact to consider with the Reporting action is how it interacts with Transactions

10g
Suspend all transactions before continuing

11g
If datasource is XA then continue with transaction
If not. Suspend transaction, and run with local transaction.
Therefore if you always want reporting to work you must use non-XA datasource.

Check out jars in path below to decompile...

Oracle\OSB_10_3_1\osb_10.3\lib\common\reporting-impl.jar\com\bea\wli\reporting\jmsprovider\init\
JmsReportingDataHandler.class

Weblogic Patch levels

To work out the patch level for weblogic
All Weblogic level pathces are output to Admin console log.
However OSB patches are not.

For OSB
Change to the MW_HOME /utils/bsu directory. Enter the bsu.sh command

http://download.oracle.com/docs/cd/E14759_01/doc.32/e14143/quickrefax.htm

Not sure how to run it from command line (possibly repoitn DISPLAY to desktop, and run X server)

Magic Query

To me this query is magic.

We were asked to summarize the number of requests going through our system for a month, but split into daytime (8am – 8pm), and nighttime (8pm – 8am).

Immediately I was thinking about writing a program, but this handy query (Oracle) does it in one go, including backtracking to the last day of the previous month to get values. (i.e. For December, we must get the values from midnight November 30, to 8am Dec1)

SELECT E.interface
, CASE WHEN TO_CHAR(time, 'HH24MISS') < '080000' THEN TO_CHAR(time-1, 'YYYY/MM/DD') ELSE TO_CHAR(time, 'YYYY/MM/DD') END "REPORT_DATE"
, COUNT(CASE WHEN TO_CHAR(time, 'HH24MISS') > '080000' AND TO_CHAR(time, 'HH24MISS') <= '200000' THEN '1' ELSE NULL END) "08AM_08PM"
, COUNT(CASE WHEN TO_CHAR(time, 'HH24MISS') > '200000' OR TO_CHAR(time, 'HH24MISS') <= '080000' THEN '1' ELSE NULL END) "08PM_08AM"
FROM transactions E
,projects P
WHERE E.project_name = P.Project_Name
AND P.seq = 1
AND E.status = 'Entry'
AND E.time > TO_DATE('20101201000000','YYYYMMDDHH24MISS')
AND E.time < TO_DATE('20101231235959','YYYYMMDDHH24MISS')
GROUP BY E.interface
, CASE WHEN TO_CHAR(TIME, 'HH24MISS') < '080000' THEN TO_CHAR(TIME-1, 'YYYY/MM/DD') ELSE TO_CHAR(TIME, 'YYYY/MM/DD') END
ORDER BY 1,2