Kavin's SOA Blog

June 30, 2009

Error: Remote request refused because authentication is not configured

Filed under: Configuration, Debugging — Tags: , , , , — Kavin @ 1:02 pm

This error can occur because of wrong configuration at opmn.xml. OPMN supports remote requests to other OPMN servers in the same cluster, but for security reasons all process control requests (start, restart and stop) are only enabled if SSL is enabled in the opmn.xml file and a wallet file is configured. If neither SSL nor a wallet file are configured, OPMN will reject any remote process control request with HTTP code 403."

To fix this, 

  • Make sure the rmi connectivity against the remote OC4J instances is working.
  • Make sure the OC4J instances are configured using only one nic card ip address. If not edit rmi.xml at
    $ORACLE_HOME/j2ee/j2ee/my_instance/config/rmi.xml

<rmi-server
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/rmi-server-10_0.xsd"
host="<localhostname>"
port="23791"
ssl-port = "23943"
schema-major-version="10"
schema-minor-version="0"
>

where <localhostname> is the localhostname, as it is defined in /etc/hosts associated to you
local ip address

  • Make sure you have configured SSL authentication is implemented.

<notification-server interface="ipv4">
<port local="6100" remote="6200" request="6003"/>
<ssl enabled="true" wallet-file="$ORACLE_HOME/opmn/conf/ssl.wlt/default"/>
</notification-server>

  • Restart OPMN

June 18, 2009

Error: Cannot load page due to truncated or corrupt class

Filed under: Debugging, Setup — Tags: , , , , , , — Kavin @ 12:30 pm

One of the reason for it could be some hiccup while applying patch.

I would recommend comparing ORACLE_HOME\bpel\system\services\lib\orabpel.ear file sizes in your ORACLE_HOME. In fact, you might want to go trough tedious process of making sure that all files mentioned in post.sh [or .bat] are updated correctly.

  1. Compare $ORACLE_HOME/bpel/system/services/lib/orabpel.ear with $ORACLE_HOME/j2ee/$CONTAINER/applications/orabpel.ear
  2. Delete any EAR file if present in $ORACLE_HOME/j2ee/$CONTAINER/application-deployments/ folder
  3. Check if size of $ORACLE_HOME/bpel/system/j2ee/orabpel.ear equals $PATCH_HOME/files/bpel/system/j2ee/orabpel.ear. If not then move $ORACLE_HOME/bpel/system/j2ee/orabpel.ear to backup directory and copy $PATCH_HOME/files/bpel/system/j2ee/orabpel.ear. You might need to run additional steps as per post.sh (or.bat) file.
  4. Check if size of $ORACLE_HOME/bpel/system/services/lib/orabpel.ear equals $ORACLE_HOME/j2ee/$CONTAINER/applications/orabpel.ear. if not then move $ORACLE_HOME/j2ee/$CONTAINER/applications/orabpel.ear to backup folder and copy the one from $ORACLE_HOME/bpel/system/services/lib/orabpel.ear
  5. Repeat same process for hw_services.ear and other files in post.sh (or.bat) file.

June 15, 2009

Enable ASControl application

Filed under: Configuration — Tags: , , — Kavin @ 12:23 pm

If you want to move your ascontrol application from an existing OC4J to new one, you need to do something more than simply starting it on one and stopping on another. You have to set ohs-routing which can’t be done from EM console.

  • Edit server.xml located under $ORACLE_HOME/j2ee/<oc4j container name>/config and set the start attribute to true

<application name="ascontrol" path="../../home/applications/ascontrol.ear" parent="system" start="true" />

  • Edit default-web-site.xml and set ohs-routing to true. If the ohs-routing parameter does not exist then you don’t have to do anything.

<web-app application="ascontrol" name="ascontrol" load-on-startup="true" root="/em" ohs-routing="true" />

  • opmnctl  reload / shutdown / then startall

June 7, 2009

FTP Adapter connection Pooling

Filed under: Configuration — Tags: , , , , , , — Kavin @ 11:02 am

In order to setup connection pooling on a connection factory with “none” connection pool we will need to modify oc4j-ra.xml of the FTP adapter. We need to make sure that “keepConnections” parameter is set to true

<config-property name="keepConnections" value="true"/>

and we need to create connection-pool settings. Please note that you might find an empty node like

<connection-pooling use="none">
        </connection-pooling>

and you need to replace it with

<connection-pooling use="private"> 
            <property name="waitTimeout" value="300" />
            <property name="scheme" value="fixed_wait" />
            <property name="maxConnections" value="50" />
            <property name="inactivity-timeout-check" value="all" />
            <property name="minConnections" value="5" />
            <property name="inactivity-timeout" value="50" />
</connection-pooling>

Or create a shared connection pool say “ftpPool” as shown below

<connection-pool name="ftpPool">
      <property name="waitTimeout" value="300" />
       <property name="scheme" value="fixed_wait" />
       <property name="maxConnections" value="50" />
       <property name="inactivity-timeout-check" value="all" />
       <property name="minConnections" value="5" />
       <property name="inactivity-timeout" value="50" />
</connection-pool>

and then modify connection-pooling section as

<connection-pooling use="shared">
      <use-connection-pool>ftpPool</use-connection-pool>
</connection-pooling>’

It’s a good practice to configure connection pool while configuring connection factory for the first time. At that time it asks whether to use “private” or “shared” or “none” connection pool. If you make this selection during that time, you won’t be required to modify configuration files manually (which I discourage most).

May 19, 2009

oc4jadmin password change in SOA Suite

Filed under: Configuration, Deployment, Maintenance, Setup — Tags: , , , — Kavin @ 6:47 pm

The administrator password for each OC4J instance in the Cluster must be the same as the administrator password for the OC4J instance on which Application Server Control is running. So if you have something like home which is your admin instance and than you  have oc4j_soa, oc4j_wsm, oc4j_gtwy and you have to change password of oc4jadmin then you have to perform following steps.

  1. Change oc4jadmin password for admin oc4j in cluster. 
    • Simply log in using the oc4jadmin user name and password, and then click Setup.
  2. On each node and oc4j edit ORACLE_HOME/j2ee/oc4j_instance_name/config/system-jazn-data.xml to update oc4jadmin password 
<user>
     <name>oc4jadmin</name>
     <display-name>OC4J Administrator</display-name>
     <guid>41A2E560C96711DABFD08D3BF8B780C4</guid>
     <description>OC4J Administrator</description>
     <credentials>{903}4nlfYYDwaqMJipVbGXuS2ce8egfwBPqp</credentials>
</user>
Modify credentials to say password123. Please remember to put ! as the exclamation point (!) ensures that the password will be encrypted in the configuration file.
<credentials>!password123</credentials>

Node:There is another approach of modifying with EM console where you go to Cluster Topology > <remote_oc4j> > Administration > Security Providers > Instance Level Security > Realms > click the number in the Users column. Click oc4jadmin and modify password. Return to the Cluster Topology page and restart the remote OC4J instance.

Older Posts »

Theme: Shocking Blue Green. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.