WebLogic, SOA Suite and Access Manager

Feb/12

WebLogic, SOA Suite and Access Manager

by René van Wijk under Cluster, NodeManager, Security, WLST

Sort of a deployment guide to integrate the products WebLogic Server, Oracle SOA Suite and Oracle Access Manager. We start with preparing our operating system. Next, we create the repository needed for the SOA Suite. Before we install the software, we first set-up a directory structure that is easy to back-up. Next, we install the software for WebLogic Server and SOA Suite after which we configure an admin server and a cluster for the SOA Suite. Subsequently, we show the steps involved to test the environment and show how the JVM parameters can be set for individual servers. We show the steps involved how the SOA Suite cluster can be scaled out to different machines. To create start and stop scripts we use WLST. After creating the start and stop scripts, we set-up a load balancer by using the WebLogic Server proxy plug-in. For this purpose we install and configure Web Tier components. To secure the environment we will use access manager and set-up a WebGate instance on the configured Web Tier components.

Prepare the environment

We first create a user, for example, oracle. To create a user run the following commands under the root user:

useradd oracle
passwd magic11g

This creates a /home/oracle directory. To delete the user we can use: userdel -r oracle the option -r removes the /home/oracle directory.

Maximum number of open file descriptors. Most operating systems handle sockets as a form of file access and use file descriptors to keep track of which sockets are open. To contain the resources per process, the operating system restricts the number of file descriptors per process. Linux limits the number of open file descriptors per process, by default this is equal to 1024. It could be that the 1024 limit does not offer optimal performance. To obtain the current open file limit we can use the ulimit command. The ulimit -aS command shows the current limit, the ulimit -aH command shows the hard limit. To increase the total number of file descriptors for all users we can add the following to the /etc/sysctl.conf file: fs.file-max = 344030. To check the current value we can use cat /proc/sys/fs/file-max. If we want to make sure that a process (running under the oracle user) gets a maximum of 4096 open file descriptors, we have to edit the /etc/security/limits.conf file:

oracle soft nofile 4096
oracle hard nofile 4096

Note that this number applies across all processes running under the oracle user. To make the adjustments active, execute the ulimit -u 4096 command and log out and log in again.

Required libraries. During the installation a check is performed that concerns a library version check. When failures occur during this step, we must correct them before continuing. The log file /home/oracle/oraInventory/logs/install<date-time>.out shows which part of the check failed. Usually, it means we have to install the updated version, by using, for example,

cd /etc/yum.repos.d/
wget http://yum.hostname.com/repos/filename.repo
yum clean all
yum install gcc
yum install gcc-c++
yum install apr
yum install elfutils-libelf-devel
yum install libaio-devel
yum install sysstat
yum install glibc-devel

More information on the system requirements can be found here.

We use the following versions in the installation:

Repository Creation Utility 11.1.1.5.0 (ofm_rcu_linux_11.1.1.5.0_disk1_1of1.zip)
JRockit JDK 28.2.2 (jrockit-jdk1.6.0_29-R28.2.2-4.1.0-linux-x64.bin)
WebLogic 10.3.5 (wls1035_generic.jar)
SOA Suite 11.1.1.5.0 (ofm_soa_generic_11.1.1.5.0_disk1_1of2.zip and ofm_soa_generic_11.1.1.5.0_disk1_2of2.zip)
Access Manager 11.1.1.5.0 (ofm_iam_generic_11.1.1.5.0_disk1_1of1.zip)
Web Tier 11.1.1.2.0_64 (ofm_webtier_linux_11.1.1.2.0_64_disk1_1of1.zip)
Web Tier Patch 11.1.1.3.0_64 (ofm_webtier_linux_11.1.1.3.0_64_disk1_1of1.zip)
Web Gate 11.1.1.5.0 (ofm_webgates_generic_11.1.1.5.0_disk1_1of1.zip)

Setting up the SOA repository

Before we run the repository creation utility, make sure an 11.2 database or higher is installed:

Download the distribution of Oracle 11g database (for example, win32_11gR2_database_1of2.zip and win32_11gR2_database_2of2.zip, unzip the files and run the installer).
De-select the security update option if you do not wish to receive any updates.
Select create and configure a database and click next.
Select desktop class and click next.
Enter the following parameters:
- oracle base: /home/oracle/Oracle
- software location: /home/oracle/Oracle/product/11.2.0/dbhome_1
- database file location: /home/oracle/Oracle/oradata
- database edition: enterprise edition
- character set: unicode (al32utf8)
- global database name: orcl11
- administrative password: magic11g
- confirm password: magic11g
Click next and in the pop-up yes.
Click finish.

The steps for creating a SOA repository are as follows:

Unzip ofm_rcu_linux_11.1.1.5.0_disk1_1of1.zip.
Run the installer (./rcu), which is located in the /rcuHome/bin directory.
Click next on the welcome screen.
Choose create and click next.
Enter the following parameters:
- database type: Oracle Database
- host name: hostname or IP-address of the database server
- port: 1521
- service name: orcl11
- username: sys
- password: magic11g
- role: sysdba
Click next and click OK in the pop-up.
Enter the following parameters:
- create a new prefix: DEV
- open the soa and bpm infrastructure tree and select soa infrastructure (note that user messaging service and meta-data services are automatically selected)
Click next and OK in the pop-up.
Select use the same password for all schemas, for example, magic11g.
Click next.
Accept the defaults in the tablespace screen, click next and click OK in the pop-up.
Click OK, click create and when the creation is finished click close.

Installation

First, we define an installation directory structure, for example,

/home/oracle
	/jrockit-jdk1.6.0_29-R28.2.2-4.1.0 (created during the installation of JRockit)
	/oraInventory (created during the installation of Oracle SOA Suite)
	/soa
		/installation (directory which will contain all the software)
			/coherence_3.6 (created during the installation of WebLogic Server)
			/oracle_access_manager (created during the installation of Oracle Access Manager)
			/oracle_common (created during the installation of Oracle SOA Suite)
			/oracle_soa_suite (created during the installation of Oracle SOA Suite)
			/oracle_webgate (created during the installation of Oracle WebGate only on machine 192.168.1.66)
			/oracle_webtier (created during the installation of Oracle WebTier Components only on machine 192.168.1.66)
			/wlserver_10.3 (created during the installation of WebLogic Server)
		/configuration
			/applications
				/soa_domain (created during the configuration of Oracle SOA Suite)
			/domains
				/soa_domain (created during the configuration of Oracle SOA Suite)
			/instances
				/webtier_instance (created during the configuration of Oracle WebTier only on machine 192.168.1.66)
			/nodemanagers
				/soa_domain (created by the startNodeManager.sh script)

Here /home/oracle/soa/installation will be our middleware home in the installation of WebLogic. To back-up the configuration we can use tar -cvpf /home/oracle/temp/backup.tar /home/oracle/soa/configuration.

To install JRockit we follow these steps:

Change the execution right when necessary, for example, chmod ug+x jrockit-jdk1.6.0_29-R28.2.2-4.1.0-linux-x64.bin.
Run ./jrockit-jdk1.6.0_29-R28.2.2-4.1.0-linux-x64.bin .
Click next on the welcome screen.
Define the install directory /home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0 and click next.
Optionally select extra components and click next.
When the installation is finished click done.

To install WebLogic we follow these steps:

Navigate to the JDK’s bin directory (/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0).
Enter the following command: ./java -d64 -Xms1024m -Xmx1024m -jar wls1035_generic.jar.
Click next on the welcome screen.
Define the middleware home directory (/home/oracle/soa/installation) and click next.
Fill in support credentials if applicable and click next.
Select custom as installation type and click next.
De-select the evaluation database and click next.
Select the installed JDK (if the JDK is not shown, click browse and browse to the root of the JDK) and click next.
Accept the defaults in the directories screen and click next.
Click next to start the installation.
De-select run quickstart and click done.

To uninstall WebLogic we can run uninstall.sh located in the /home/oracle/soa/installation/wlserver_10.3/uninstall directory.

To install the SOA Suite we follow these steps:

Unzip ofm_soa_generic_11.1.1.5.0_disk1_1of2.zip and ofm_soa_generic_11.1.1.5.0_disk1_2of2.zip to /home/oracle/temp/soa.
Navigate to Disk1 and run the installer (./runInstaller).
Specify the inventory directory and click OK.
Open a new terminal and run createCentralInventory.sh as root.

[oracle@axis-into-ict ~]$ su root
Password:
[root@axis-into-ict oracle]# cd /home/oracle/oraInventory/
[root@axis-into-ict oraInventory]# ./createCentralInventory.sh
Setting the inventory to /home/oracle/oraInventory
Setting the group name to oracle
Creating the Oracle inventory pointer file (/etc/oraInst.loc)
Changing permissions of /home/oracle/oraInventory to 770.
Changing groupname of /home/oracle/oraInventory to oracle.
The execution of the script is complete

Click OK in the pop-up
Click next in the welcome screen.
Enter the credentials of software updates when applicable and click next.
Prerequisite checks are run, click next when all the prerequisite succeed.
Enter the following parameters:
- Oracle middleware home: /home/oracle/soa/installation
- Oracle home directory: oracle_soa_suite
Click next and select the application server, in our case we choose WebLogic Server.
Click next.
Check the install summary and click install.
Click next when the installation finishes and click finish.

To uninstall a fusion middleware installation, such as SOA Suite, we can run ./runInstaller -deinstall.

Configuration

Create an admin server

Run the configuration wizard (./config.sh) located in the ${MIDDLEWARE_HOME}/oracle_common/common/bin directory.
On the welcome screen select create a new weblogic domain.
Click next and select the following products:
- basic weblogic server domain (automatically selected)
- oracle enterprise manager – 11.1.1.0 [oracle_common]
- oracle jrf – 11.1.1.0 [oracle_common] (automatically selected when oracle enterprise manager is selected)
Click next and enter the following parameters:
- domain name: soa_domain
- domain location: /home/oracle/soa/configuration/domains
- application location: /home/oracle/soa/configuration/applications
Click next and enter the admin username and password.
Click next, select production mode and select the JDK.
Click next, no need to select anything, click next again, check the configuration summary and click create.
Click done.

Create a SOA cluster

Run the configuration wizard again.
Select extend an existing weblogic domain and click next.
Select the domain directory: /home/oracle/soa/configuration/domains/soa_domain.
Click next and select the following products:
- oracle soa suite – 11.1.1.0 [oracle_soa_suite]
- oracle wsm policy manager – 11.1.1.0 [oracle_common] (automatically selected when oracle soa suite is selected)
Click next, select all schemas and enter the following parameters:
- vendor: Oracle
- driver: Oracle’s driver (thin) for service connections
- schema owner: varies among component schemas (the defaults are ok)
- schema password: magic11g
- dbms/service: orcl11
- hostname: hostname or IP-address of the database server
- port: 1521
Click next and when the test succeeds click next again.
Select the options: jms distributed destinations, managed servers clusters and machines, deployments and services, JMS file stores.
Click next.
Make sure the UDD (uniform distributed destination) option is selected for all JMS system resources.
Click next (click OK in the pop-up the cluster will be configured later).
Configure a managed server using the following parameters:
- name: soa_server1
- listen address: 192.168.1.66
- listen port: 8001
Click next.
Configure a cluster, click add and enter the following parameters:
- name: soa_cluster
- clustering messaging mode: unicast
Click next and add soa_server1 to the soa_cluster and click next
Configure a machine, delete the localmachine, click on the unix machine, click add and enter the following parameters:
- name: soa_machine1
- post bind UID enables: select this option
- post bind UID: oracle
- nodemanager listen address: 192.168.1.66
- nodemanager listen port: 5556
Click next and soa_server1 to soa_machine1 and click next.
Target deployments to clusters and servers:
- target oracle.wsm.*, oracle.soa.* and oracle.sdp.* only to the soa_cluster
Click next.
Target services to cluster or servers:
- target JOC-Startup and JOC-Shutdown only to the soa_cluster
Click next and configure the JMS file stores:
- name: UMSJMSFileStore1 – directory: /home/oracle/soa/configuration/application/soa_domain
- name: BPMJMSFileStore1 – directory: /home/oracle/soa/configuration/application/soa_domain
- name: SOAJMSFileStore1 – directory: /home/oracle/soa/configuration/application/soa_domain
Click next, check the summary and click extend.
Click done.

Test the environment

Add a boot.properties file in the ${DOMAIN_HOME}/servers/AdminServer/security directory (in which ${DOMAIN_HOME} is /home/oracle/soa/configuration/domains/soa_domain):

[oracle@axis-into-ict ~]$ cd soa/configuration/domains/soa_domain/servers/AdminServer/
[oracle@axis-into-ict AdminServer]$ mkdir security
[oracle@axis-into-ict AdminServer]$ vi boot.properties

Add the following name-value pairs to the boot.properties file:

username=weblogic
password=magic11g

Change the JVM parameters for the admin server and the managed servers. Edit the setSOADomainEnv.sh file (located in the ${DOMAIN_HOME}/bin directory, locate the DEFAULT_MEM_ARGS and PORT_MEM_ARGS and make the following alterations:

#DEFAULT_MEM_ARGS="-Xms512m -Xmx1024m"
#PORT_MEM_ARGS="-Xms768m -Xmx1536m"

# memory arguments for the admin server
if [ "${SERVER_NAME}" = "AdminServer" ] ; then
	DEFAULT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
	PORT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
fi

# memory argument for soa_server1
if [ "${SERVER_NAME}" = "soa_server1" ] ; then
	DEFAULT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
	PORT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
fi

# memory arguments for soa_server2 which will be added in a later stadium
if [ "${SERVER_NAME}" = "soa_server2" ] ; then
	DEFAULT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
	PORT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
fi

# memory arguments for oam_server1 which will be added in a later stadium
if [ "${SERVER_NAME}" = "oam_server1" ] ; then
	DEFAULT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
	PORT_MEM_ARGS="-Xms1024m -Xmx1024m -Xns256m -Xgc:throughput"
fi

Start the admin server by using ./startWebLogic.sh, which is located in the ${DOMAIN_HOME} directory. When the admin server is running open the admin console http://hostname:7001/console, edit the nodemanager username and password, and disable hostname verification. To change the nodemanager username and password

Click soa_domain, security, advanced link and enter the following parameters:
- NodeManager Username: weblogic
- NodeManager Password: magic11g
- Confirm NodeManager Password: magic11g

Click save and activate the changes.

To disable the hostname verification:

Click environment, servers, admin server.
Click on the SSL, configuration tab, subsequently on the advanced link and enter the following parameters:
- Hostname Verification: none
Click save and activate the changes.

In order for the changes to take effect the admin server must be restarted. Next, we create a new node manager home. To this end open the startNodeManager.sh file (located in the ${WL_HOME}/server/bin directory, in which ${WL_HOME} is /home/oracle/soa/installation/wlserver_10.3) and edit the NODEMGR_HOME property, i.e., set this property to:

WL_HOME="/home/oracle/soa/installation/wlserver_10.3"
. "${WL_HOME}/common/bin/commEnv.sh"

NODEMGR_HOME="/home/oracle/soa/configuration/nodemanagers/soa_domain"

# If NODEMGR_HOME does not exist, create it

Run ./startNodeManager.sh in order to create the nodemanager.properties file and stop the nodemanager again (ctrl+c). Open the nodemanager.properties file (located in the specified ${NODEMGR_HOME} directory) and set the property StartScriptEnabled to true. Create a nodemanager.domains file in the ${NODEMGR_HOME} directory and add the following key-value pair:

soa_domain=/home/oracle/soa/configuration/domains/soa_domain

Note that when the configuration wizard is run such a file is created in the ${WL_HOME}/common/nodemanager directory. Start the nodemanager by using ./startNodeManager.sh. Next, use to admin console to start the managed server soa_server1.

Scaling

Let us add an extra server on a different machine. Open the admin console and clone soa_server1 and set the server name to soa_server2, server listen address to 192.168.1.67 and server listen port to 9001. Delete soa_server2 from soa_machine1. Create a new machine:

Click machine, new and enter the following parameters:
- name: soa_machine2
- machine os: unix
Click next and enter the nodemanager parameters:
- type: ssl
- listen address: 192.168.1.67
- listen port: 5556
Click finish
Click soa_machine2, select enable post bind uid and set post bind uid to the user oracle
Click save
Click servers tab and add soa_server2

Create persistent stores for BPM, SOA and UMS, for example, name: BPMJMSFileStore2, target: soa_server2, directory: /home/oracle/soa/configuration/applications/soa_domain. Subsequently, create corresponding JMS Servers and target these to soa_server2. Next, we have to edit the subdeployments of the JMS modules and add the appropriate JMS server to the subdeployment. After the subdeployments have been adjusted, check if the targets of the uniform distributed queues show both the JMS servers.

Pack the domain by using pack.sh, for example,

[oracle@axis-into-ict ~]$ cd soa/installation/wlserver_10.3/common/bin/
[oracle@axis-into-ict bin]$ ./pack.sh -managed=true -domain=/home/oracle/soa/configuration/domains/soa_domain -template=/home/oracle/temp/soa_domain.jar -template_name=soa_domain
<< read domain from "/home/oracle/soa/configuration/domains/soa_domain"
>>  succeed: read domain from "/home/oracle/soa/configuration/domains/soa_domain"
<< set config option Managed to "true"
>>  succeed: set config option Managed to "true"
<< write template to "/home/oracle/temp/soa_domain.jar"
....................................................................................................
>>  succeed: write template to "/home/oracle/temp/soa_domain.jar"
<< close template
>>  succeed: close template

Copy the create template to the other machine by using

[oracle@axis-into-ict bin]$ scp oracle@192.168.1.66:/home/oracle/temp/soa_domain.jar oracle@192.168.1.67:/home/oracle/temp/
oracle@192.168.1.66's password:
oracle@192.168.1.67's password:
soa_domain.jar                                                   100%  512KB 512.3KB/s   00:00
Connection to 192.168.1.66 closed.

Install the software on the soa_machine2 (192.168.1.67) by using the same steps as presented in the Installation section.

Unpack the domain by using unpack.sh, for example,

[oracle@middleware-magic ~]$ cd soa/installation/wlserver_10.3/common/bin/
[oracle@middleware-magic bin]$ ./unpack.sh -domain=/home/oracle/soa/configuration/domains/soa_domain -template=/home/oracle/temp/soa_domain.jar -app_dir=/home/oracle/soa/configuration/applications/soa_domain
<< read template from "/home/oracle/temp/soa_domain.jar"
>>  succeed: read template from "/home/oracle/temp/soa_domain.jar"
<< set config option AppDir to "/home/oracle/soa/configuration/applications/soa_domain"
>>  succeed: set config option AppDir to "/home/oracle/soa/configuration/applications/soa_domain"
<< set config option DomainName to "soa_domain"
>>  succeed: set config option DomainName to "soa_domain"
<< write Domain to "/home/oracle/soa/configuration/domains/soa_domain"
...............................................................................................
>>  succeed: write Domain to "/home/oracle/soa/configuration/domains/soa_domain"
<< close template
>>  succeed: close template

Configure the nodemanager by using the nodemanager configuration steps presented in the configuration section. Test if soa_server2 can be started by using the admin console.

Start and stop scripts

To create start and stop scripts we will use WLST. First, we define a properties file (environment.properties) that contains the environment settings:

domain_name=soa_domain
domain_home=/home/oracle/soa/configuration/domains/soa_domain
listen_address_machine1=192.168.1.66
listen_address_machine2=192.168.1.67
node_manager_listen_port=5556
node_manager_listen_address=192.168.1.66 (for soa_machine2 this must be set to 192.168.1.67)
node_manager_home=/home/oracle/soa/configuration/nodemanagers/soa_domain
admin_username=weblogic
admin_password=magic11g
admin_server_listen_port=7001
admin_server_url=t3://192.168.1.66:7001

To start the nodemanager (startNodeManager.py) we can use:

startNodeManager(verbose='true', NodeManagerHome=node_manager_home, ListenPort=node_manager_listen_port, ListenAddress=node_manager_listen_address);

To stop the nodemanager (stopNodeManager.py) we can use:

nmConnect(admin_username, admin_password, node_manager_listen_address, node_manager_listen_port, domain_name, domain_home, 'ssl');
stopNodeManager();

To start all the servers present in the domain (startDomain.py) we can use:

print 'CONNECT TO NODE MANAGER ON MACHINE1';
nmConnect(admin_username, admin_password, listen_address_machine1, node_manager_listen_port, domain_name, domain_home, 'ssl');

print 'START ADMIN SERVER ON MACHINE1';
nmStart('AdminServer');

print 'CONNECT TO ADMIN SERVER';
connect(admin_username, admin_password, admin_server_url);

print 'START MANAGED SERVERS ON MACHINE1';
start('soa_server1','Server');

print 'DISCONNECT FROM NODE MANAGER ON MACHINE1';
nmDisconnect();

print 'CONNECT TO NODE MANAGER ON MACHINE2';
nmConnect(admin_username, admin_password, listen_address_machine2, node_manager_listen_port, domain_name, domain_home, 'ssl');

print 'START MANAGED SERVERS ON MACHINE2';
start('soa_server2','Server');
start('oam_server1','Server');

print 'DISCONNECT FROM THE ADMIN SERVER';
disconnect();

print 'DISCONNECT FROM NODE MANAGER ON MACHINE2';
nmDisconnect();

To stop all the servers present in the domain (stopDomain.py) we can use:

print 'CONNECT TO NODE MANAGER ON MACHINE2';
nmConnect(admin_username, admin_password, listen_address_machine2, node_manager_listen_port, domain_name, domain_home, 'ssl');

print 'CONNECT TO ADMIN SERVER';
connect(admin_username, admin_password, admin_server_url);

print 'STOPPING MANAGED SERVERS ON MACHINE2';
shutdown('oam_server1','Server','true',1000,'true');
shutdown('soa_server2','Server','true',1000,'true');

print 'DISCONNECT FROM NODE MANAGER ON MACHINE2';
nmDisconnect();

print 'CONNECT TO NODE MANAGER ON MACHINE1';
nmConnect(admin_username, admin_password, listen_address_machine1, node_manager_listen_port, domain_name, domain_home, 'ssl');

print 'STOPPING MANAGED SERVERS ON MACHINE1';
shutdown('soa_server1','Server','true',1000,'true');

print 'STOPPING ADMIN SERVER ON MACHINE1';
shutdown('AdminServer','Server','true',1000,'true');

print 'DISCONNECT FROM NODE MANAGER ON MACHINE1';
nmDisconnect();

Next, we create shell scripts that run the created WLST scripts (note the use of the loadProperties option, which enables us to define properties that will become available automatically in the WLST script that will be run):

#!/bin/sh

SCRIPTS_HOME="/home/oracle/soa/configuration/applications/soa_domain/scripts"
export SCRIPTS_HOME

WL_HOME="/home/oracle/soa/installation/wlserver_10.3"
export WL_HOME

. ${WL_HOME}/common/bin/wlst.sh -loadProperties ${SCRIPTS_HOME}/environment.properties ${SCRIPTS_HOME}/startDomain.py

To start-up the servers, we first start the nodemanager on both machines (below the output is shown for soa_machine1):

[oracle@axis-into-ict scripts]$ ./NodeManagerStartService.sh
CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:

PATH=/home/oracle/soa/installation/wlserver_10.3/server/bin:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/home/oracle/bin

Your environment has been set.

CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/home/oracle/soa/installation/utils/config/10.3/config-launch.jar::/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbynet.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbytools.jar::

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Launching NodeManager ...
 Properties: {ListenAddress=192.168.1.66,ListenPort=5556,NodeManagerHome=/home/oracle/soa/configuration/nodemanagers/soa_domain,}
 Command: /home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/bin/java -classpath /home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/lib/rt.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/lib/i18n.jar:/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:/home/oracle/soa/installation/utils/config/10.3/config-launch.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbynet.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbytools.jar weblogic.NodeManager -v
NMProcess: <Feb 07, 2012 3:44:54 PM> <INFO> <Loading domains file: /home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.domains>
NMProcess: Feb 07, 2012 3:44:54 PM weblogic.nodemanager.server.NMServerConfig initDomainsMap
NMProcess: INFO: Loading domains file: /home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.domains
NMProcess: <Feb 07, 2012 3:44:54 PM> <INFO> <Loading identity key store: FileName=/home/oracle/soa/installation/wlserver_10.3/server/lib/DemoIdentity.jks, Type=jks, PassPhraseUsed=true>
NMProcess: Feb 07, 2012 3:44:54 PM weblogic.nodemanager.server.SSLConfig loadKeyStoreConfig
NMProcess: INFO: Loading identity key store: FileName=/home/oracle/soa/installation/wlserver_10.3/server/lib/DemoIdentity.jks, Type=jks, PassPhraseUsed=true
NMProcess: <Feb 07, 2012 3:44:54 PM> <INFO> <Loaded node manager configuration properties from '/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.properties'>
NMProcess: Feb 07, 2012 3:44:54 PM weblogic.nodemanager.server.NMServer <init>
NMProcess: INFO: Loaded node manager configuration properties from '/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.properties'
NMProcess: Node manager v10.3
NMProcess:
NMProcess: Configuration settings:
NMProcess:
NMProcess: NodeManagerHome=/home/oracle/soa/configuration/nodemanagers/soa_domain
NMProcess: ListenAddress=192.168.1.66
NMProcess: ListenPort=5556
NMProcess: ListenBacklog=50
NMProcess: SecureListener=true
NMProcess: AuthenticationEnabled=true
NMProcess: NativeVersionEnabled=true
NMProcess: CrashRecoveryEnabled=false
NMProcess: JavaHome=/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre
NMProcess: StartScriptEnabled=true
NMProcess: StopScriptEnabled=false
NMProcess: StartScriptName=startWebLogic.sh
NMProcess: StopScriptName=
NMProcess: LogFile=/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.log
NMProcess: LogLevel=INFO
NMProcess: LogLimit=0
NMProcess: LogCount=1
NMProcess: LogAppend=true
NMProcess: LogToStderr=true
NMProcess: LogFormatter=weblogic.nodemanager.server.LogFormatter
NMProcess: DomainsFile=/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.domains
NMProcess: DomainsFileEnabled=true
NMProcess: StateCheckInterval=500
NMProcess: QuitEnabled=true
NMProcess: UseMACBroadcast=false
NMProcess: DomainRegistrationEnabled=false
NMProcess: DomainsDirRemoteSharingEnabled=false
NMProcess:
NMProcess: Domain name mappings:
NMProcess:
NMProcess: soa_domain -> /home/oracle/soa/configuration/domains/soa_domain
NMProcess:
NMProcess: <Feb 07, 2012 3:44:55 PM> <INFO> <soa_domain> <soa_server1> <Startup configuration properties loaded from "/home/oracle/soa/configuration/domains/soa_domain/servers/soa_server1/data/nodemanager/startup.properties">
NMProcess: Feb 07, 2012 3:44:55 PM weblogic.nodemanager.server.AbstractServerManager log
NMProcess: INFO: Startup configuration properties loaded from "/home/oracle/soa/configuration/domains/soa_domain/servers/soa_server1/data/nodemanager/startup.properties"
NMProcess: <Feb 07, 2012 3:44:55 PM CET> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
NMProcess: <Feb 07, 2012 3:44:55 PM> <INFO> <Secure socket listener started on port 5556, host /192.168.1.66>
NMProcess: Feb 07, 2012 3:44:55 PM weblogic.nodemanager.server.SSLListener run
NMProcess: INFO: Secure socket listener started on port 5556, host /192.168.1.66
Successfully launched the Node Manager.
The Node Manager process is running independent of the WLST process.
Exiting WLST will not stop the Node Manager process. Please refer
to the Node Manager logs for more information.
The Node Manager logs will be under /home/oracle/soa/configuration/nodemanagers/soa_domain
Node Manager starting in the background

When the nodemanagers are running we can start the servers:

[oracle@axis-into-ict scripts]$ ./DomainStartService.sh
CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:

PATH=/home/oracle/soa/installation/wlserver_10.3/server/bin:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/home/oracle/bin

Your environment has been set.

CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/home/oracle/soa/installation/utils/config/10.3/config-launch.jar::/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbynet.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbytools.jar::

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

CONNECT TO NODE MANAGER ON MACHINE1
Connecting to Node Manager ...
Successfully Connected to Node Manager.
START ADMIN SERVER ON MACHINE1
Starting server AdminServer ...
Successfully started server AdminServer ...
CONNECT TO ADMIN SERVER
Connecting to t3://192.168.1.66:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'soa_domain'.

Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.

START MANAGED SERVERS ON MACHINE1

Starting server soa_server1 ..........................................................................................................................................................
Server with name soa_server1 started successfully
DISCONNECT FROM NODE MANAGER ON MACHINE1
Successfully disconnected from Node Manager.
CONNECT TO NODE MANAGER ON MACHINE2
Connecting to Node Manager ...
Successfully Connected to Node Manager.
START MANAGED SERVERS ON MACHINE2

Starting server soa_server2 ...........................................................................................................................
Server with name soa_server2 started successfully
DISCONNECT FROM THE ADMIN SERVER
Disconnected from weblogic server: AdminServer
DISCONNECT FROM NODE MANAGER ON MACHINE2
Successfully disconnected from Node Manager.

Load balancer

To install the Oracle Web Tier we can follow the following steps:

Unzip ofm_webtier_linux_11.1.1.2.0_64_disk1_1of1.zip.
Navigate to the directory Disk1 and run ./runInstaller.
Click next in the welcome screen.
Select install software – do not configure and click next.
Prerequisite checks are run, when these succeed click next.
Specificy the install directories:
- oracle middleware home: /home/oracle/soa/installation
- oracle home directory: oracle_webtier
Click next and enter credentials for security updates when applicable.
Click next and click install.
Click next and click finish.

Next, we patch the installation to 11.1.1.3 or higher (which is needed for WebGate not for the WebLogic plug-in):

Unzip ofm_webtier_linux_11.1.1.3.0_64_disk1_1of1.zip.
Navigate to the directory Disk1 and run ./runInstaller.
Click next in the welcome screen.
Specificy the install directories:
- oracle middleware home: /home/oracle/soa/installation
- oracle home directory: oracle_webtier
Click next and enter credentials for security updates when applicable.
Click next and click install.
Click next and click finish.

To configure the HTTP server, we can follow these steps:

Run ./config.sh (/home/oracle/soa/oracle_webtier/bin).
Click next in the welcome screen.
Only select the Oracle HTTP Server and click next.
Specify the following component details:
- instance home location: /home/oracle/soa/configuration/instances/webtier_instance
- instance name: webtier_instance
- ohs component name: http_server
Click next and select auto port configuration.
Click next and enter credentials for security updates when applicable.
Click configure.
Click next and click finish.

Next, we create a shell script (ohs.sh) to start and stop the HTTP server, for example,

#!/bin/sh

ORACLE_INSTANCE=/home/oracle/soa/configuration/instances/webtier_instance
export ORACLE_INSTANCE
PATH=${PATH}:${ORACLE_INSTANCE}/bin/

if [ "$1" == "status" ] ; then
	opmnctl status -l
fi

if [ "$1" == "startopmn" ] ; then
	opmnctl start
fi

if [ "$1" == "stopohs" ] ; then
	opmnctl stopproc process-type=OHS
fi

if [ "$1" == "startohs" ] ; then
	opmnctl startproc process-type=OHS
fi

if [ "$1" == "stopopmn" ] ; then
	opmnctl shutdown
fi

Edit mod_wl_ohs.conf (located in the ${ORACLE_INSTANCE}/config/OHS/http_server directory) such that requests to the HTTP server are forwarded to the appropriate WebLogic server, for example,

LoadModule weblogic_module   "${ORACLE_HOME}/ohs/modules/mod_wl_ohs.so"

<IfModule weblogic_module>
	ConnectTimeoutSecs 10
	ConnectRetrySecs 2
	DebugConfigInfo ON
	WLSocketTimeoutSecs 2
	WLIOTimeoutSecs 300
	Idempotent ON
	FileCaching ON
	KeepAliveSecs 20
	KeepAliveEnabled ON
	DynamicServerList ON
	WLProxySSL OFF
</IfModule>

<Location /b2bconsole>
	SetHandler weblogic-handler
	WebLogicCluster 192.168.1.66:8001,192.168.1.67:9001
</Location>

<Location /integration>
	SetHandler weblogic-handler
	WebLogicCluster 192.168.1.66:8001,192.168.1.67:9001
</Location>

<Location /soa-infra>
	SetHandler weblogic-handler
	WebLogicCluster 192.168.1.66:8001,192.168.1.67:9001
</Location>

We can also edit the listen port of the HTTP server. Open the httpd.conf (${ORACLE_INSTANCE}/config/OHS/http_server) file and adjust the Listen directive, for example, Listen 7779.

Restart the HTTP Server (./ohs.sh stopohs and ./ohs.sh startohs). Test if the configuration is working by using the URLs:

http://192.168.1.66:7779/b2bconsole
http://192.168.1.66:7779/integration/worklistapp
http://192.168.1.66:7779/soa-infra

Access Manager

At one point in time, we decide to use access manager for our security. First, we need to set-up the necessary data environment by running the repository creation utility:

Stop the servers and the Apache HTTP server in the environment.
Navigate to /rcuHome/bin and run ./rcu
Click next on the welcome screen
Choose create and click next
Enter the database parameters:
- hostname: hostname of the machine where the database is running
- port: 1521
- service name: service name of the database
- username: sys username
- password: sys password
- role: sysdba
Click next, select an existing prefix (DEV) and select the following components:
- identity management, oracle access manager (DEV_OAM)
Click next and select use same passwords for all schemas and enter the password and confirm password fields
Click next and check the tablespaces
Click next such that the tablespaces are created
Check the summary and click create

Install access manager

Unzip ofm_iam_generic_11.1.1.5.0_disk1_1of1.zip.
Navigate to Disk1 and run ./runInstaller.
Specify the JDK location: /home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0.
Click next in the welcome screen.
Enter the credentials of software updates when applicable and click next.
The prerequisite checks are run, click next when these succeed.
Specify the install directory:
- oracle middleware home: /home/oracle/soa/installation
- oracle home directory: oracle_access_manager
Click next and click install.
Click next and click finish.

Configure access manager

Start the configuration wizard. Navigate to the directory /home/oracle/soa/oracle_access_manager/common/bin and run ./config.sh.
Select extend an existing domain and click next.
Select soa_domain (/home/oracle/soa/configuration/domains/) and click next.
Select Oracle Access Manager with Database Policy Store – 11.1.1.3 [oracle_iam].
Click next and enter the following parameters:
- vendor: Oracle
- driver: Oracle’s driver (thin) for service connections
- schema owner: DEV_OAM
- schema password: magic11g
- dbms/service: service name of the database
- host name: host name or IP address of the machine where the database is located
- port: 1521
Click next.
Click next when the tests are succeeded.
Select managed servers, clusters and machines:
- configure managed servers: set the listen address of oam_server1 to 192.168.1.67 and click next.
- configure clusters: click add and set name to oam_cluster and clustering messaging mode to unicast, and click next.
- assign servers to clusters: add oam_server1 to the oam_cluster and click next.
- create HTTP proxy: accept the defaults and click next.
- configure machines (unix machine): accept the defaults and click next.
- assign servers to machines: add the oam_server1 to the soa_machine2 and click next.
Click extend to start the configuration.
Click done.

When we extend a WebLogic domain in which the managed servers are distributed (by using the pack and unpack commands) to remote machines, the startup scripts on the remote machines are not updated automatically. To ensure that startup scripts on the remote machines are updated, we have to perform the following steps after extending the domain:

Delete the managed server directories (/home/oracle/soa/configuration/domains/soa_domain) on the remote machines.
Create a managed server template from the extended domain, by using the pack command with the managed=true option.
Create managed servers on the remote machines, by using the unpack command to unpack the managed server template.

Before we continue let us test the environment. Start the servers in the domain by using the start scripts:

[oracle@axis-into-ict scripts]$ ./NodeManagerStartService.sh
CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:

PATH=/home/oracle/soa/installation/wlserver_10.3/server/bin:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/home/oracle/bin

Your environment has been set.

CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/home/oracle/soa/installation/utils/config/10.3/config-launch.jar::/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbynet.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbytools.jar::

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Launching NodeManager ...
 Properties: {ListenAddress=192.168.1.66,ListenPort=5556,NodeManagerHome=/home/oracle/soa/configuration/nodemanagers/soa_domain,}
 Command: /home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/bin/java -classpath /home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/lib/rt.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/lib/i18n.jar:/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:/home/oracle/soa/installation/utils/config/10.3/config-launch.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbynet.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbytools.jar weblogic.NodeManager -v
NMProcess: <Feb 08, 2012 5:49:50 PM> <INFO> <Loading domains file: /home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.domains>
NMProcess: Feb 08, 2012 5:49:50 PM weblogic.nodemanager.server.NMServerConfig initDomainsMap
NMProcess: INFO: Loading domains file: /home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.domains
NMProcess: <Feb 08, 2012 5:49:51 PM> <INFO> <Loading identity key store: FileName=/home/oracle/soa/installation/wlserver_10.3/server/lib/DemoIdentity.jks, Type=jks, PassPhraseUsed=true>
NMProcess: Feb 08, 2012 5:49:51 PM weblogic.nodemanager.server.SSLConfig loadKeyStoreConfig
NMProcess: INFO: Loading identity key store: FileName=/home/oracle/soa/installation/wlserver_10.3/server/lib/DemoIdentity.jks, Type=jks, PassPhraseUsed=true
NMProcess: <Feb 08, 2012 5:49:51 PM> <INFO> <Loaded node manager configuration properties from '/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.properties'>
NMProcess: Feb 08, 2012 5:49:51 PM weblogic.nodemanager.server.NMServer <init>
NMProcess: INFO: Loaded node manager configuration properties from '/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.properties'
NMProcess: Node manager v10.3
NMProcess:
NMProcess: Configuration settings:
NMProcess:
NMProcess: NodeManagerHome=/home/oracle/soa/configuration/nodemanagers/soa_domain
NMProcess: ListenAddress=192.168.1.66
NMProcess: ListenPort=5556
NMProcess: ListenBacklog=50
NMProcess: SecureListener=true
NMProcess: AuthenticationEnabled=true
NMProcess: NativeVersionEnabled=true
NMProcess: CrashRecoveryEnabled=false
NMProcess: JavaHome=/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre
NMProcess: StartScriptEnabled=true
NMProcess: StopScriptEnabled=false
NMProcess: StartScriptName=startWebLogic.sh
NMProcess: StopScriptName=
NMProcess: LogFile=/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.log
NMProcess: LogLevel=INFO
NMProcess: LogLimit=0
NMProcess: LogCount=1
NMProcess: LogAppend=true
NMProcess: LogToStderr=true
NMProcess: LogFormatter=weblogic.nodemanager.server.LogFormatter
NMProcess: DomainsFile=/home/oracle/soa/configuration/nodemanagers/soa_domain/nodemanager.domains
NMProcess: DomainsFileEnabled=true
NMProcess: StateCheckInterval=500
NMProcess: QuitEnabled=true
NMProcess: UseMACBroadcast=false
NMProcess: DomainRegistrationEnabled=false
NMProcess: DomainsDirRemoteSharingEnabled=false
NMProcess:
NMProcess: Domain name mappings:
NMProcess:
NMProcess: soa_domain -> /home/oracle/soa/configuration/domains/soa_domain
NMProcess:
NMProcess: <Feb 08, 2012 5:49:51 PM> <INFO> <soa_domain> <soa_server1> <Startup configuration properties loaded from "/home/oracle/soa/configuration/domains/soa_domain/servers/soa_server1/data/nodemanager/startup.properties">
NMProcess: Feb 08, 2012 5:49:51 PM weblogic.nodemanager.server.AbstractServerManager log
NMProcess: INFO: Startup configuration properties loaded from "/home/oracle/soa/configuration/domains/soa_domain/servers/soa_server1/data/nodemanager/startup.properties"
NMProcess: <Feb 08, 2012 5:49:52 PM CET> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
NMProcess: <Feb 08, 2012 5:49:52 PM> <INFO> <Secure socket listener started on port 5556, host /192.168.1.66>
NMProcess: Feb 08, 2012 5:49:52 PM weblogic.nodemanager.server.SSLListener run
NMProcess: INFO: Secure socket listener started on port 5556, host /192.168.1.66
Successfully launched the Node Manager.
The Node Manager process is running independent of the WLST process.
Exiting WLST will not stop the Node Manager process. Please refer
to the Node Manager logs for more information.
The Node Manager logs will be under /home/oracle/soa/configuration/nodemanagers/soa_domain
Node Manager starting in the background

[oracle@axis-into-ict scripts]$ ./DomainStartService.sh
CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:

PATH=/home/oracle/soa/installation/wlserver_10.3/server/bin:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/jre/bin:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/home/oracle/bin

Your environment has been set.

CLASSPATH=/home/oracle/soa/installation/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/soa/installation/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0/lib/tools.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic_sp.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/weblogic.jar:/home/oracle/soa/installation/modules/features/weblogic.server.modules_10.3.5.0.jar:/home/oracle/soa/installation/wlserver_10.3/server/lib/webservices.jar:/home/oracle/soa/installation/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/oracle/soa/installation/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/home/oracle/soa/installation/utils/config/10.3/config-launch.jar::/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbynet.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/oracle/soa/installation/wlserver_10.3/common/derby/lib/derbytools.jar::

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

CONNECT TO NODE MANAGER ON MACHINE1
Connecting to Node Manager ...
Successfully Connected to Node Manager.
START ADMIN SERVER ON MACHINE1
Starting server AdminServer ...
Successfully started server AdminServer ...
CONNECT TO ADMIN SERVER
Connecting to t3://192.168.1.66:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain 'soa_domain'.

Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.

START MANAGED SERVERS ON MACHINE1

Starting server soa_server1 ............................................................................................................................................................
Server with name soa_server1 started successfully
DISCONNECT FROM NODE MANAGER ON MACHINE1
Successfully disconnected from Node Manager.
CONNECT TO NODE MANAGER ON MACHINE2
Connecting to Node Manager ...
Successfully Connected to Node Manager.
START MANAGED SERVERS ON MACHINE2

Starting server soa_server2 ..........................................................................................................................
Server with name soa_server2 started successfully

Starting server oam_server1 ...............................................................................
Server with name oam_server1 started successfully
DISCONNECT FROM THE ADMIN SERVER
Disconnected from weblogic server: AdminServer
DISCONNECT FROM NODE MANAGER ON MACHINE2
Successfully disconnected from Node Manager.

Install WebGate

Unzip ofm_webgates_generic_11.1.1.5.0_disk1_1of1.zip.
Navigate to the directory Disk1 and run: ./runInstaller -jreLoc /home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0.
Click next in the welcome screen.
Prerequisite checks are run, when these succeed click next.
Click next and specify the install directories:
- oracle middleware home: /home/oracle/soa/installation
- oracle home directory: oracle_webgate
Click next and specify the location of the gcc libraries. In general the locations are as follows:
- libgcc_s.so.1 – /lib64
- libstdc++.so.6 – /usr/lib64
As we can specify only one directory we need to copy one library to the other directory, for example, open a new command shell and login as root (su root) and run the following commands:
- cd /usr/lib64
- cp libstdc++.so.6 /lib64
- cp libstdc++.so.6.0.8 /lib64
Click next and click install.
Click next and click finish.

Next, we need to install WebGate on the HTTP server. To this end run the following commands:

[oracle@axis-into-ict ~]$ cd /home/oracle/soa/installation/oracle_webgate/webgate/ohs/tools/deployWebGate

[oracle@axis-into-ict deployWebGate]$ ./deployWebGateInstance.sh -w /home/oracle/soa/configuration/instances/webtier_instance/config/OHS/http_server -oh /home/oracle/soa/installation/oracle_webgate
Copying files from WebGate Oracle Home to WebGate Instancedir

[oracle@axis-into-ict deployWebGate]$ export LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/home/oracle/soa/installation/oracle_webtier/lib
[oracle@axis-into-ict deployWebGate]$ echo ${LD_LIBRARY_PATH}
:/home/oracle/soa/installation/oracle_webtier/lib

[oracle@axis-into-ict deployWebGate]$ cd ../setup/InstallTools/

[oracle@axis-into-ict InstallTools]$ ./EditHttpConf -w /home/oracle/soa/configuration/instances/webtier_instance/config/OHS/http_server -oh /home/oracle/soa/installation/oracle_webgate -o /home/oracle/temp/output.log
The web server configuration file was successfully updated
/home/oracle/soa/configuration/instances/webtier_instance/config/OHS/http_server/httpd.conf has been backed up as /home/oracle/soa/configuration/instances/webtier_instance/config/OHS/http_server/httpd.conf.ORIG

To register a WebGate agent we need to create the appropriate artifacts, to this end

Unzip the file RREG.tar.gz to /home/oracle/temp. The file RREG.tar.gz is located in the directory /home/oracle/soa/installation/oracle_access_manager/oam/server/rreg/client.
Adjust the oamreg.sh file privileges (chmod ug=rwx oamreg.sh). The file oamreg.sh is located in the directory /home/oracle/temp/rreg/bin.
Edit oamreg.sh such that the OAM_REG_HOME and JAVA_HOME variables are pointing to the appropriate directories:
- OAM_REG_HOME=/home/oracle/temp/rreg
- JAVA_HOME=/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0
Open the file OAM11GRequest.xml (/home/oracle/temp/rreg/input) and adjust the following values:
- server address: http://192.168.1.66:7001
- agent name: RREG_OAM11G (can be any name)
- agentBaseUrl: http://192.168.1.66:7779
- security: open
Execute the command: ./oamreg.sh inband /home/oracle/temp/rreg/input/OAM11GRequest.xml.

[oracle@axis-into-ict bin]$ ./oamreg.sh inband /home/oracle/temp/rreg/input/OAM11GRequest.xml
JAVA_HOME=/home/oracle/jrockit-jdk1.6.0_29-R28.2.2-4.1.0
CLASSPATH=/home/oracle/temp/rreg/lib/rreg.jar:/home/oracle/temp/rreg/lib:/home/oracle/temp/rreg/lib/RequestResponse.jar:/home/oracle/temp/rreg/lib/commons-codec-1.3.jar:/home/oracle/temp/rreg/lib/commons-httpclient-3.1.jar:/home/oracle/temp/rreg/lib/commons-logging-1.1.1.jar:/home/oracle/temp/rreg/lib/ojmisc.jar:/home/oracle/temp/rreg/lib/jps-api.jar:/home/oracle/temp/rreg/lib/jps-internal.jar:/home/oracle/temp/rreg/lib/jps-common.jar:/home/oracle/temp/rreg/lib/identitystore.jar:/home/oracle/temp/rreg/lib/identityutils.jar:/home/oracle/temp/rreg/lib/ldapjclnt11.jar:/home/oracle/temp/rreg/lib/dms.jar:/home/oracle/temp/rreg/lib/fmw_audit.jar:/home/oracle/temp/rreg/lib/ojdl.jar:/home/oracle/temp/rreg/lib/oraclepki.jar:/home/oracle/temp/rreg/lib/osdt_cert.jar:/home/oracle/temp/rreg/lib/osdt_core.jar:/home/oracle/temp/rreg/lib/osdt_jce.jar:/home/oracle/temp/rreg/lib/osdt_saml.jar:/home/oracle/temp/rreg/lib/osdt_xmlsec.jar:/home/oracle/temp/rreg/lib/xmlparserv2.jar:/home/oracle/temp/rreg/lib/jps-unsupported-api.jar:/home/oracle/temp/rreg/lib/nap-api.jar:/home/oracle/temp/rreg/lib/utilities.jar:.
OAM_REG_HOME=/home/oracle/temp/rreg
------------------------------------------------
Welcome to OAM Remote Registration Tool!
Parameters passed to the registration tool are:
Mode: inband
Filename: /home/oracle/temp/rreg/input/OAM11GRequest.xml
Enter admin username:weblogic
Username: weblogic
Enter admin password:
Do you want to enter a Webgate password?(y/n):
n
Do you want to import an URIs file?(y/n):
n

----------------------------------------
Request summary:
OAM11G Agent Name:RREG_OAM11G
Base URL:http://192.168.1.66:7779
URL String:RREG_HostId11G
Registering in Mode:inband
Your registration request is being sent to the Admin server at: http://192.168.1.66:7001
----------------------------------------

Inband registration process completed successfully! Output artifacts are created in the output folder.

The artifacts are created in the directory /home/oracle/temp/rreg/output/RREG_OAM11G.
Copy the artifacts to the directory /home/oracle/soa/configuration/instances/webtier_instance/config/OHS/http_server/webgate/config.

Start the HTTP Server:

[oracle@axis-into-ict ~]$ cd soa/configuration/applications/soa_domain/scripts/
[oracle@axis-into-ict scripts]$ ./ohs.sh startopmn
[oracle@axis-into-ict scripts]$ ./ohs.sh startohs
opmnctl startproc: starting opmn managed processes...
[oracle@axis-into-ict scripts]$ ./ohs.sh status

Processes in Instance: webtier_instance
---------------------------------+--------------------+---------+----------+------------+----------+-----------+------
ias-component                    | process-type       |     pid | status   |        uid |  memused |    uptime | ports
---------------------------------+--------------------+---------+----------+------------+----------+-----------+------
http_server                      | OHS                |   13235 | Alive    | 1047755169 |   449744 |   0:00:05 | https:10000,https:4444,http:7779

To check if the set-up works, enter the following URL: http://192.168.1.66:7779/, and enter the WebLogic admin user credentials.

References

[1] WebLogic Documentation.
[2] SOA Suite Documentation.
[3] Identity and Access Management Documentation.
[4] Web Tier Components Documentation.

access manager, SOA Suite, weblogic

1 Comment for this entry

trustrai
April 6th, 2012 on 5:15 pm
Hi,

I am using weblogic 11g SQL authenticator to authenticate the users in my application and it s working fine.
But as the enhancements occurs and I want to authenticate the user on certain condition instead of default
condition provided by weblogic.For e.g: I want to authenticate the user on the basis of his password and Status.

Let us suppose I want to check the user on the condition of password and description( Later I
want to add one more column like “Status”)

The query would be like

SELECT U_NAME FROM USERS WHERE U_NAME = ‘eRewards’ AND U_DESCRIPTION=’N’.

Now, If I am runnig this query in SQl_Server is working fine and returning the appropriate response.
But I am still able to login into my application even if U_DESCRIPTION=’Y’.

Hence, Its not accepting my conditions. So, please let me know how to do this.
or else let me know if there are any other approaches except this.

Thanks for the help in advance……:)
TopMagicUsers

You must be logged in to post a comment.

RSS feed for this post (comments)

Testimonials

$\"René$
Thanks Rene. That was helpful.
- Manish

$\"\"$
Thanks Ravish, It worked absolutely fine. I further made some changes so that it suits my need. Thanks again, was browsing through the site and could find lot of useful stuff.
- ccherukuri

$\"Jay$
Hi Jay, Thanks your site is really helpful....
- learning_weblogic

$\"René$
Great article. Thanks for writing it.
- kkinney

$\"\"$
Ravish, Thanks a lot. It was really helpful. I know this is the right place to look for weblogic stuff instead of wasting time on google and you prove me right.
- Syed Sohel

$\"Jay$
Really a beauty…… Thanks Sir….:D
-Sandeep N

$\"René$
Hi René, Great post. Starting from installation to testing, all things explained very clear.
- Mugdha

$\"\"$
Ravish, Thanks for the quick response, as usual.
- Sathya

$\"Jay$
Thanks for the explanation Jay… you rock as always…
- kishore

$\"René$
Kudos to you Rene. This is the best concept on JMS I have ever read. CHEERS TO YOU GUYS
-swordfish

$\"\"$
It worked Ravish.. there was a typo in the e-mail address.. Thanks for your help…You guys are Excellent…Good site for WebLogic Admins…
- Lakshmi Srikanth

$\"Jay$
Thanks Jay, this is what I wanted, timely response. Thank you very much again. It works cool.
- finjava

$\"René$
Rene, Very conceptual and helpful post .keep going.GL!!
- Adrian

$\"\"$
Ravish, Now the script is working. Thank you so much.
- Pavan

$\"Jay$
Thanks Jay. This is the post I have been looking for. It helped me a lot. Awesome post :)
- Kiran

Middleware Magic – JBoss

Integrate your Eclipse Juno IDE with Openshift February 24, 2013
Hi, In this article we will discuss how can we integrate our Eclipse IDE to OpenShift and create new applications.Read the Rest... […]
How to load jars residing over NFS in JBossAS7 classpath ? January 25, 2013
Hi, In this article we will discuss how can we load jars residing over NFS in JBoss AS-7 classpath. InRead the Rest... […]
How to achieve high availability on Openshift ? January 13, 2013
Hi, High availability is a very important feature for any kind of infrastructure. As the name suggests the services shouldRead the Rest... […]

Receive FREE Updates

Magic Account…

Top Magic Users

Magic Archives

Recent Tech. Discussion

René van Wijk on Force Shutingdown WLS Using JMX
René van Wijk on WebLogic Heap Dump Genration Using Jmap
René van Wijk on Forums
sumitsharma0819@GMAIL.COM on Force Shutingdown WLS Using JMX
mek on WebLogic Heap Dump Genration Using Jmap
dude on Forums
Inderpreet on Creating WebLogic DataSource Using WLST and Properties File
René van Wijk on WebLogic
René van Wijk on Creating Users And Groups Using WLST NonStop
bayapple22 on Creating Users And Groups Using WLST NonStop
User on WebLogic
René van Wijk on Spring and JBoss AS7 JMS
insanitydesign on Spring and JBoss AS7 JMS
Rajesh Naidu on WebLogic
anish2343 on Force ServerLog Rotation

Sitemeter Status

ClusterMap 7-Nov-2011 till Date