Tag: JMX

WebLogic12c with t3s (SSL) secure protocol and the JMX client

Hi,

As part of this article we will see how to use the “t3s” SSL based secure protocol to interact with WebLogic 12.2.1. We will be developing a simple MBean client which will access sime of the MBeans present on weblogic over the SSL. We are going to implement One Way SSL for this demo. With one-way SSL, the server must present a certificate to the client, but the client is not required to present a certificate to the server. The client must authenticate the server, but the server accepts a connection from any client. One-way SSL is common on the Internet where customers want to create secure connections before they share personal data. Often, clients will also use SSL to log on in order that the server can authenticate them.

Secure Sockets Layer (SSL) provides secure connections by allowing two applications connecting over a network to authenticate each other’s identity and by encrypting the data exchaoged between the applications. Authentication allows a server and optionally a client to verify the identity of the application on the other end of a network connection. Encryption makes data transmitted over the network intelligible only to the intended recipient.

What this demo is about ?

As part of this demo we will see how to use implement One way SSL on weblogic so that a Client can interact with it using https/t3s in a secure manner.

1. How to configure the “CustomIdentityAndJavaStandardTrust” on weblogic, In a complete automated way using WLST scripting.

2. How to configure the SSL port on WebLogic 12.2.1 using WLST.

3. How to create Server side Keystore and Client side truststore.

4. Running a simple MBean Client which will use “t3s” protocol to access/query the MBeans which are present on WLS server.

5. Troubleshooting some very common issues which users might encounter while implementing SSL on WebLogic 12c.

Creating Keystores and Truststore.

Step-1). Lets create a simple keystore which will be deployed on the WLS side and then we will be exporting the public key from that which will be imported on the Client side truststore. In order to simplify the keystore and truststore creation and importing / exporting the certificates, We will be writing a very simple shell script. Please change the store password and keystore/truststore file name based on your choice.
Create a shell script “createKeyStore.sh” somewhere in your filesystem as following:

########################################
# Creating Server and Client KeyStores.
########################################
# NOTE: "keytool" is a utility that can be found inside the "$JAVA_HOME/bin" so make sire the PATH includes the JDK's bin directory.

mkdir Keystores
cd Keystores/

echo ""
echo ""
echo "Creating WLS Server side Keystore. (wls12c.keystore)"
echo "----------------------------------------"
keytool -genkey -v -alias wlsalias -keyalg RSA -keysize 1024 -keystore wls12c.keystore -validity 3650 -keypass middleware+magic -storepass middleware+magic -dname "CN=127.0.0.1, OU=MiddlewareMagic, O=Blog, L=Bangalore, S=Karnataka, C=IN"


echo ""
echo ""
echo "Exporting public key (wls12c_server.cer) from the  WLS ServerSide keystore."
echo "----------------------------------------"
keytool -export -keystore wls12c.keystore -alias wlsalias -file wls12c_server.cer -keypass middleware+magic -storepass middleware+magic


echo ""
echo ""
echo "Creating Client side Keystore/truststore. (clientTrustStore.keystore)"
echo "----------------------------------------"
keytool -genkey -v -alias clientalias -keyalg RSA -keysize 1024 -keystore clientTrustStore.keystore -validity 3650 -keypass middleware+magic+client -storepass middleware+magic+client -dname "CN=127.0.0.1, OU=MiddlewareMagic, O=Blog, L=Bangalore, S=Karnataka, C=IN"


echo ""
echo ""
echo "Importing the WLS Servers public key to the Client's truststore."
echo "----------------------------------------"
keytool -import -v -trustcacerts -alias wlsalias -file wls12c_server.cer -keystore clientTrustStore.keystore -keypass middleware+magic+client -storepass middleware+magic+client


echo "Certificates created Successfully !!!"

Step-2). Lets run the above mentioned Shell script which will create the needed keystores and truststores. It also imports the servers public key to the client truststore. “keytool” is a utility that can be found inside the “$JAVA_HOME/bin” so make sire the PATH includes the JDK’s bin directory.

$ cd WLST_and_Keys
$ chmod 755 createKeyStore.sh
$ ./createKeyStore.sh 

--------
Output:
--------
$ ./createKeyStore.sh 


Creating WLS Server side Keystore. (wls12c.keystore)
----------------------------------------
Generating 1,024 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 3,650 days
	for: CN=127.0.0.1, OU=MiddlewareMagic, O=Blog, L=Bangalore, ST=Karnataka, C=IN
[Storing wls12c.keystore]


Exporting public key (wls12c_server.cer) from the  WLS ServerSide keystore.
----------------------------------------
Certificate stored in file <wls12c_server.cer>


Creating Client side Keystore/truststore. (clientTrustStore.keystore)
----------------------------------------
Generating 1,024 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 3,650 days
	for: CN=127.0.0.1, OU=MiddlewareMagic, O=Blog, L=Bangalore, ST=Karnataka, C=IN
[Storing clientTrustStore.keystore]


Importing the WLS Servers public key to the Client's truststore.
----------------------------------------
Owner: CN=127.0.0.1, OU=MiddlewareMagic, O=Blog, L=Bangalore, ST=Karnataka, C=IN
Issuer: CN=127.0.0.1, OU=MiddlewareMagic, O=Blog, L=Bangalore, ST=Karnataka, C=IN
Serial number: 66f456cb
Valid from: Sun Dec 27 19:27:29 IST 2015 until: Wed Dec 24 19:27:29 IST 2025
Certificate fingerprints:
	 MD5:  5A:C2:83:32:24:80:58:0D:A6:1F:68:88:5D:42:F8:C5
	 SHA1: 14:1A:32:08:25:C6:58:DA:37:35:50:FF:5C:D0:DD:F0:26:E5:2E:2E
	 SHA256: 6F:A3:4B:AA:37:D5:47:2C:21:F2:77:92:C6:B6:8C:A4:B2:D9:60:C2:5A:26:E2:A7:32:C5:5B:88:22:84:76:85
	 Signature algorithm name: SHA256withRSA
	 Version: 3

Extensions: 

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 34 6C E7 FE E7 15 B1 DC   99 A9 EB 22 B5 A8 C1 1D  4l........."....
0010: 98 E3 1D B8                                        ....
]
]

Trust this certificate? [no]:  yes
Certificate was added to keystore
[Storing clientTrustStore.keystore]
Certificates created Successfully !!! 

Configuring CustomIdentityAndJavaStandardTrust using WLST

Step-3). Now we will create a simple WLST script “configure_SSL_and_KeyStore.py” which will configure the “CustomIdentityAndJavaStandardTrust” on WebLogic 12c. It will configure the WLS12c to open the HTTPS/SSL port “7443”.

adminURL="t3://localhost:7001"
adminUserName="weblogic"
adminPassword="weblogic1"

connect(adminUserName, adminPassword, adminURL)

edit()
startEdit()
cd('/Servers/AdminServer')
cmo.setKeyStores('CustomIdentityAndJavaStandardTrust')
cmo.setCustomIdentityKeyStoreFileName('/Users/jsensharma/NotBackedUp/Installed/wls1221/user_projects/domains/base_domain/Keystores/wls12c.keystore')
cmo.setCustomIdentityKeyStoreType('jks')
cmo.setCustomIdentityKeyStorePassPhrase('middleware+magic')
activate()
startEdit()

startEdit()
cd('/Servers/AdminServer/SSL/AdminServer')
cmo.setServerPrivateKeyAlias('wlsalias')
cmo.setServerPrivateKeyPassPhrase('middleware+magic')
cmo.setEnabled(true)
cmo.setListenPort(7443)
activate()

Step-4). Now we will start the WebLogic 12.2.1 instance and then we will open a terminal to run the above mentioned WLST script. We will run the “setWLSEnv.sh” script in the terminal first so that it will set the CLASSPATH properly with the required JARs. (or simply use the “wls1221/wlserver/common/bin/wlst.sh” script to start the WLST)

$ cd /Users/jsensharma/NotBackedUp/Installed/wls1221/wlserver/server/bin

$ . ./setWLSEnv.sh 
CLASSPATH=/Library/Java/JavaVirtualMachines/jdk1.8.0_60.jdk/Contents/Home/lib/tools.jar:/Users/jsensharma/NotBackedUp/Installed/wls1221/wlserver/modules/features/wlst.wls.classpath.jar:
PATH=/Users/jsensharma/NotBackedUp/Installed/wls1221/wlserver/server/bin:/Users/jsensharma/NotBackedUp/Installed/wls1221/wlserver/../oracle_common/modules/org.apache.ant_1.9.2/bin:/Library/Java/JavaVirtualMachines/jdk1.8.0_60.jdk/Contents/Home/jre/bin:/Library/Java/JavaVirtualMachines/jdk1.8.0_60.jdk/Contents/Home/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Users/jsensharma/NotBackedUp/Installed/wls1221/wlserver/../oracle_common/modules/org.apache.maven_3.2.5/bin
Your environment has been set.


$ cd WLST_and_Keys

$ java weblogic.WLST configure_SSL_and_KeyStore.py


-------
OUTPUT
-------
$ java weblogic.WLST configure_SSL_and_KeyStore.py 

Initializing WebLogic Scripting Tool (WLST) ...

Welcome to WebLogic Server Administration Scripting Shell

Type help() for help on available commands

Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server "AdminServer" that belongs to domain "two_ssl_domain".

Warning: An insecure protocol was used to connect to the server. 
To ensure on-the-wire security, the SSL port or Admin port should be used instead.

Location changed to edit tree. 	 
This is a writable tree with DomainMBean as the root. 	 
To make changes you will need to start an edit session via startEdit(). 
For more help, use help('edit').

Starting an edit session ...
Started edit session, be sure to save and activate your changes once you are done.
Activating all your changes, this may take a while ... 
The edit lock associated with this edit session is released once the activation is completed.

The following non-dynamic attribute(s) have been changed on MBeans 
that require server re-start:
MBean Changed : com.bea:Name=AdminServer,Type=Server
Attributes changed : CustomIdentityKeyStoreFileName, CustomIdentityKeyStorePassPhraseEncrypted, CustomIdentityKeyStoreType, KeyStores

Activation completed
Starting an edit session ...
Started edit session, be sure to save and activate your changes once you are done.
Starting an edit session ...
Started edit session, be sure to save and activate your changes once you are done.
Activating all your changes, this may take a while ... 
The edit lock associated with this edit session is released once the activation is completed.

The following non-dynamic attribute(s) have been changed on MBeans 
that require server re-start:
MBean Changed : com.bea:Name=AdminServer,Type=SSL,Server=AdminServer
Attributes changed : ServerPrivateKeyAlias, ServerPrivateKeyPassPhraseEncrypted

Activation completed

Step-5). As configuring the SSL on weblogic is a non dynamic change hence we will need to restart the WebLogic 12c instance. We can verify the same by looking at the WebLogic 12c console as following:

<Dec 27, 2015 7:42:24 PM IST> <Warning> <Management> <BEA-141239> <The non-dynamic attribute CustomIdentityKeyStoreFileName on weblogic.management.configuration.ServerMBeanImpl@77977041([two_ssl_domain]/Servers[AdminServer]) has been changed. This may require redeploying or rebooting configured entities.> 
<Dec 27, 2015 7:42:24 PM IST> <Warning> <Management> <BEA-141238> <A non-dynamic change has been made which affects the server AdminServer. This server must be rebooted in order to consume this change.> 
<Dec 27, 2015 7:42:24 PM IST> <Warning> <Management> <BEA-141239> <The non-dynamic attribute CustomIdentityKeyStoreFileName on weblogic.management.configuration.ServerMBeanImpl@77977041([two_ssl_domain]/Servers[AdminServer]) has been changed. This may require redeploying or rebooting configured entities.> 
<Dec 27, 2015 7:42:24 PM IST> <Warning> <Management> <BEA-141239> <The non-dynamic attribute ServerPrivateKeyAlias on weblogic.management.configuration.SSLMBeanImpl@5bbd5356([two_ssl_domain]/Servers[AdminServer]/SSL[AdminServer]) has been changed. This may require redeploying or rebooting configured entities.> 
<Dec 27, 2015 7:42:24 PM IST> <Warning> <Management> <BEA-141238> <A non-dynamic change has been made which affects the server AdminServer. This server must be rebooted in order to consume this change.> 
<Dec 27, 2015 7:42:24 PM IST> <Warning> <Management> <BEA-141239> <The non-dynamic attribute ServerPrivateKeyAlias on weblogic.management.configuration.SSLMBeanImpl@5bbd5356([two_ssl_domain]/Servers[AdminServer]/SSL[AdminServer]) has been changed. This may require redeploying or rebooting configured entities.> 

So we will need to restart the WebLogic 12c instance (in our case AdminServer). After restarting the WebLogic Server we will notice the following kind of output on the Console which indicates that the KeyStore is configured properly.

<Dec 27, 2015 7:42:57 PM IST> <Notice> <Security> <BEA-090171> <Loading the identity certificate and private key stored under the alias wlsalias from the jks keystore file /Users/jsensharma/NotBackedUp/Installed/wls1221/user_projects/domains/base_domain/Keystores/wls12c.keystore.> 

<Dec 27, 2015 7:42:57 PM IST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /Library/Java/JavaVirtualMachines/jdk1.8.0_60.jdk/Contents/Home/jre/lib/security/cacerts.> 
<Dec 27, 2015 7:42:57 PM IST> <Warning> <Server> <BEA-002611> <The hostname "localhost", maps to multiple IP addresses: 127.0.0.1, 0:0:0:0:0:0:0:1.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[3]" is now listening on 127.0.0.1:7443 for protocols iiops, t3s, ldaps, https.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default[3]" is now listening on 127.0.0.1:7001 for protocols iiop, t3, ldap, snmp, http.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default[1]" is now listening on 10.0.1.101:7001 for protocols iiop, t3, ldap, snmp, http.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[1]" is now listening on 10.0.1.101:7443 for protocols iiops, t3s, ldaps, https.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default[2]" is now listening on 0:0:0:0:0:0:0:1:7001 for protocols iiop, t3, ldap, snmp, http.> 

<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[2]" is now listening on 0:0:0:0:0:0:0:1:7443 for protocols iiops, t3s, ldaps, https.> 

<Dec 27, 2015 7:42:57 PM IST> <Warning> <Server> <BEA-002611> <The hostname "jaysensharma.local", maps to multiple IP addresses: 168.253.130.227, fe80:0:0:0:9a5a:ebff:fecb:7e2e%12.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 168.253.130.227:7001 for protocols iiop, t3, ldap, snmp, http.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure" is now listening on 168.253.130.227:7443 for protocols iiops, t3s, ldaps, https.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <WebLogicServer> <BEA-000331> <Started the WebLogic Server Administration Server "AdminServer" for domain "two_ssl_domain" running in development mode.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[3]" is now listening on 127.0.0.1:7443 for protocols iiops, t3s, ldaps, https.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default[3]" is now listening on 127.0.0.1:7001 for protocols iiop, t3, ldap, snmp, http.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default[1]" is now listening on 10.0.1.101:7001 for protocols iiop, t3, ldap, snmp, http.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[1]" is now listening on 10.0.1.101:7443 for protocols iiops, t3s, ldaps, https.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default[2]" is now listening on 0:0:0:0:0:0:0:1:7001 for protocols iiop, t3, ldap, snmp, http.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[2]" is now listening on 0:0:0:0:0:0:0:1:7443 for protocols iiops, t3s, ldaps, https.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 168.253.130.227:7001 for protocols iiop, t3, ldap, snmp, http.> 

<Dec 27, 2015 7:42:57 PM IST> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure" is now listening on 168.253.130.227:7443 for protocols iiops, t3s, ldaps, https.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <WebLogicServer> <BEA-000360> <The server started in RUNNING mode.> 
<Dec 27, 2015 7:42:57 PM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING.> 

Writing “t3s” based Secure WebLogic 12c JMX Client

Step-6). Now lets create a simple MBean client code which will interact with WebLogic using “t3s” secure protocol. We are going to use the Maven to build and run out project. So lets create the following directory structure somewhere in our filesystem first. Here the “SSL_JMX” is our project directory:

   $ mkdir  -p  SSL_JMX/src/main/java/client

Now lets create the following kind of JMX code “SecureJMXClient.java” inside “SSL_JMX/src/main/java/client” directory.

package client;
import weblogic.management.mbeanservers.domainruntime.DomainRuntimeServiceMBean;
import weblogic.management.runtime.ServerRuntimeMBean;
import javax.management.MBeanServerConnection;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;
import javax.naming.Context;
import weblogic.management.jmx.MBeanServerInvocationHandler;
import java.util.Hashtable;
import java.io.IOException;
import java.net.MalformedURLException;
import weblogic.management.runtime.JDBCDataSourceRuntimeMBean;
import javax.management.*;
import javax.naming.*;
 
public class SecureJMXClient {
 
   private static MBeanServerConnection connection;
   private static JMXConnector connector;
   private static final ObjectName service;
   private static String combea = "com.bea:Name=";
   private static String service1 = "DomainRuntimeService,Type=weblogic.management.mbeanservers.domainruntime.DomainRuntimeServiceMBean";
   private static String service2 = "RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean";
 
   static {
        try {
               service =new ObjectName(combea + service1);
        } catch (MalformedObjectNameException e) {
               throw new AssertionError(e.getMessage());
        }
   }
 
   public static void initConnection(String hostname, String portString, String username, String password) throws IOException,MalformedURLException {
    String protocol = "t3s";
    Integer portInteger = Integer.valueOf(portString);
    int port = portInteger.intValue();
    String jndiroot = "/jndi/";
    String mserver = "weblogic.management.mbeanservers.domainruntime";
    JMXServiceURL serviceURL = new JMXServiceURL(protocol, hostname, port, jndiroot + mserver);
    Hashtable h = new Hashtable();
    h.put(Context.SECURITY_PRINCIPAL, username);
    h.put(Context.SECURITY_CREDENTIALS, password);
    h.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,"weblogic.management.remote");
    connector = JMXConnectorFactory.connect(serviceURL, h);
    connection = connector.getMBeanServerConnection();
   }
 
   public static ObjectName[] getServerRuntimes() throws Exception {
        return (ObjectName[]) connection.getAttribute(service,"ServerRuntimes");
    }
 
   public void printNameAndState() throws Exception {
    ObjectName arr[]=getServerRuntimes();       
    for(ObjectName temp : arr)
        System.out.println("Servers: "+temp);
 
    ObjectName domain = (ObjectName) connection.getAttribute(service,"DomainConfiguration");
    System.out.println("Domain: " + domain.toString());
    ObjectName[] servers = (ObjectName[]) connection.getAttribute(domain,"Servers");
    for (ObjectName server : servers) {
        String serverState="UNKNOWN";
        String aName = (String) connection.getAttribute(server,"Name");
        try {
            ObjectName ser= new ObjectName("com.bea:Name="+aName+",Location="+aName+",Type=ServerRuntime");
            serverState=(String) connection.getAttribute(ser,"State");
            System.out.println("Server: "+aName+"t State: "+serverState);
         } catch(Exception e) {
            System.out.println("Server: "+aName+"t State: SHUTDOWN (or) In State : "+ serverState);
         }
      }
    }
 
  public static void main(String[] args) throws Exception {
    String hostname   = "localhost";    // CHANGE ME !!!
    String portString = "7443";         // CHANGE ME !!!
    String username   = "weblogic";     // CHANGE ME !!!
    String password   = "weblogic1";    // CHANGE ME !!!
    
    SecureJMXClient s = new SecureJMXClient();
    initConnection(hostname, portString, username, password);
    s.printNameAndState();
    connector.close();
   }
 }

Step-7). Now the most important part in which we will be writing the maven “pom.xml” which will compile and build the above Java code and will package them as part fo a JAR file. We will be using the “exec-maven-plugin” maven plugin in this pom sothat we can easily run the project via “mvn clean install exec:exec”

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>middleware.magic</groupId>
    <artifactId>JMX_Over_SSL</artifactId>
    <version>1.0</version>
    <packaging>jar</packaging>

    <properties>
        <java.version>1.7</java.version>
        <middleware.home>/Users/jsensharma/NotBackedUp/Installed/wls1221</middleware.home> <!-- CHANGE ME !!! -->
    </properties>
    
    <dependencies>
        <dependency>
        	<groupId>weblogic</groupId>
        	<artifactId>wlthint3client.needed.jars</artifactId>
        	<version>1.0</version>
            <scope>system</scope>   
            <systemPath>${middleware.home}/wlserver/server/lib/wlthint3client.jar</systemPath>     	
        </dependency>   
        <dependency>
        	<groupId>weblogic</groupId>
        	<artifactId>com.bea.core.management.jmx.jars</artifactId>
        	<version>1.0</version>
            <scope>system</scope>   
            <systemPath>${middleware.home}/wlserver/modules/com.bea.core.management.jmx.jar</systemPath>     	
        </dependency>   
        <dependency>
        	<groupId>weblogic</groupId>
        	<artifactId>wls-api.jars</artifactId>
        	<version>1.0</version>
            <scope>system</scope>   
            <systemPath>${middleware.home}/wlserver/server/lib/wls-api.jar</systemPath>     	
        </dependency>                       
    </dependencies>
    
    <build>
         <defaultGoal>install</defaultGoal>
         <finalName>${project.artifactId}</finalName>
         <plugins>
            <plugin>
               <groupId>org.apache.maven.plugins</groupId>
               <artifactId>maven-compiler-plugin</artifactId>
               <version>2.3.2</version>
               <configuration>
                  <source>1.7</source>
                  <target>1.7</target>
               </configuration>
            </plugin>

            <!-- Allows the example to be run via 'mvn compile exec:exec' -->
            <plugin>
                <groupId>org.codehaus.mojo</groupId>
                <artifactId>exec-maven-plugin</artifactId>
                <version>1.4.0</version>
                <configuration>
                    <executable>java</executable>
                       <arguments>
                           <argument>-Davax.net.ssl.trustStorePassword=middleware+magic+client</argument>         <!-- CHANGE ME !!! -->
                           <argument>-Djavax.net.ssl.trustStore=${basedir}/ClientKey/client.keystore</argument>   <!-- CHANGE ME !!! -->
                           <argument>-classpath</argument>
                           <!-- UNIX Based OS use the following classpath setting -->                             <!-- CHANGE ME !!! -->
                           <argument>${middleware.home}/wlserver/server/lib/wlthint3client.jar:${middleware.home}/wlserver/server/lib/wls-api.jar:${middleware.home}/wlserver/modules/com.bea.core.management.jmx.jar:target/${project.artifactId}.jar:.:</argument>

                           <!-- WINDOWS Based OS use the following classpath setting -->                          <!-- CHANGE ME !!! -->
                           <!-- <argument>${middleware.home}/wlserver/server/lib/wlthint3client.jar;${middleware.home}/wlserver/server/lib/wls-api.jar;${middleware.home}/wlserver/modules/com.bea.core.management.jmx.jar;target/${project.artifactId}.jar;.;</argument> -->
                           <argument>client.SecureJMXClient</argument>
                       </arguments>
                </configuration>
            </plugin>
         </plugins>
     </build>
     
</project>


<!--  ######   For those who wants to run the "client.SecureJMXClient" manually do the following:
export MW_HOME=/Users/jsensharma/NotBackedUp/Installed/wls1221
export CLASSPATH=$MW_HOME/wlserver/server/lib/wlthint3client.jar:$MW_HOME/wlserver/server/lib/wls-api.jar:$MW_HOME/wlserver/modules/com.bea.core.management.jmx.jar:.:
java   -Davax.net.ssl.trustStorePassword=middleware+magic+client   -Djavax.net.ssl.trustStore=${basedir}/ClientKey/client.keystore  client.SecureJMXClient
-->

Running the t3s protocol based Secure JMX Client

Step-8). Now we are going to build and run the JMX Client to interact with WebLogic 12.2.1 using “t3s://” protocol. Users need to make sure that in the “pom.xml” file they edit the “CHANGE ME!!!” sections to specify the correct path & for the client truststore and the correct truststore password.

For Windows Based OS

$ set M2_HOME=C:\PATH\TO\apache_maven_3.2.3
$ set JAVA_HOME=C:\PATH\TO\jdk1.8.0_60
$ set PATH=%JAVA_HOME%/bin;C:\PATH\TO\apache_maven_3.2.3\bin;%PATH%

$ cd C:\SSL_JMX
$ mvn clean install exec:exec

For Unix Based OS

$ export M2_HOME=/PATH/TO/apache_maven_3.2.3
$ export JAVA_HOME=/PATH/TO/jdk1.8.0_60
$ export PATH=$JAVA_HOME/bin:/PATH/TO/apache_maven_3.2.3/bin:$PATH

$ cd /PAYTH/TO/SSL_JMX

$ mvn clean install exec:exec


---------
  OUTPUT
---------
$ mvn clean install exec:exec
[INFO] Scanning for projects...
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building JMX_Over_SSL 1.0
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ JMX_Over_SSL ---
[INFO] Deleting /Users/jsensharma/NotBackedUp/MM_Tests/WLS/SSL_JMX/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ JMX_Over_SSL ---
[WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent!
[INFO] skip non existing resourceDirectory /Users/jsensharma/NotBackedUp/MM_Tests/WLS/SSL_JMX/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ JMX_Over_SSL ---
[WARNING] File encoding has not been set, using platform encoding UTF-8, i.e. build is platform dependent!
[INFO] Compiling 1 source file to /Users/jsensharma/NotBackedUp/MM_Tests/WLS/SSL_JMX/target/classes
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ JMX_Over_SSL ---
[WARNING] Using platform encoding (UTF-8 actually) to copy filtered resources, i.e. build is platform dependent!
[INFO] skip non existing resourceDirectory /Users/jsensharma/NotBackedUp/MM_Tests/WLS/SSL_JMX/src/test/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ JMX_Over_SSL ---
[INFO] No sources to compile
[INFO] 
[INFO] --- maven-surefire-plugin:2.12.4:test (default-test) @ JMX_Over_SSL ---
[INFO] No tests to run.
[INFO] 
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ JMX_Over_SSL ---
[INFO] Building jar: /Users/jsensharma/NotBackedUp/MM_Tests/WLS/SSL_JMX/target/JMX_Over_SSL.jar
[INFO] 
[INFO] --- maven-install-plugin:2.4:install (default-install) @ JMX_Over_SSL ---
[INFO] Installing /Users/jsensharma/NotBackedUp/MM_Tests/WLS/SSL_JMX/target/JMX_Over_SSL.jar to /Users/jsensharma/.m2/repository/middleware/magic/JMX_Over_SSL/1.0/JMX_Over_SSL-1.0.jar
[INFO] Installing /Users/jsensharma/NotBackedUp/MM_Tests/WLS/SSL_JMX/pom.xml to /Users/jsensharma/.m2/repository/middleware/magic/JMX_Over_SSL/1.0/JMX_Over_SSL-1.0.pom
[INFO] 
[INFO] --- exec-maven-plugin:1.4.0:exec (default-cli) @ JMX_Over_SSL ---
Handshake succeeded: TLSv1.2
Servers: com.bea:Name=AdminServer,Location=AdminServer,Type=ServerRuntime
Domain: com.bea:Name=two_ssl_domain,Location=two_ssl_domain,Type=Domain
Server: AdminServert State: RUNNING
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.943 s
[INFO] Finished at: 2015-12-27T21:12:40+05:30
[INFO] Final Memory: 13M/245M
[INFO] ------------------------------------------------------------------------

For those who wants to run the same code without using Maven. Just compile and run the “” code as following:


 $ export MW_HOME=/Users/jsensharma/NotBackedUp/Installed/wls1221

 $ export CLASSPATH=$MW_HOME/wlserver/server/lib/wlthint3client.jar:$MW_HOME/wlserver/server/lib/wls-api.jar:$MW_HOME/wlserver/modules/com.bea.core.management.jmx.jar:.:

 $ javac -d . SecureJMXClient.java 
 
 $ java   -Davax.net.ssl.trustStorePassword=middleware+magic+client   -Djavax.net.ssl.trustStore=/PATH/TO/SSL_JMX/WLST_and_Keys/Keystores/clientTrustStore.keystore    client.SecureJMXClient

---------
  OUTPUT
---------
Handshake succeeded: TLSv1.2
Servers: com.bea:Name=AdminServer,Location=AdminServer,Type=ServerRuntime
Domain: com.bea:Name=two_ssl_domain,Location=two_ssl_domain,Type=Domain
Server: AdminServert State: RUNNING

Some Common Issues

Issue-1). If the Client keystore/truststore PATH is not valid, so check the path specified in “-Djavax.net.ssl.trustStore” (OR) if the client keystore does not include the WebLogic certificate imported in it then we may see the following kind of error:

Handshake failed: TLSv1.2, error = sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
Handshake failed: TLSv1.1, error = sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
Handshake failed: TLSv1, error = Received fatal alert: handshake_failure
Handshake failed: TLSv1.2, error = sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
Handshake failed: TLSv1.1, error = sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
Handshake failed: TLSv1, error = Received fatal alert: handshake_failure
Exception in thread "main" java.io.IOException: t3s://localhost:7443: [RJVM:000575]Destination 0:0:0:0:0:0:0:1, 7443 unreachable.; nested exception is: 
	javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure; [RJVM:000576]No available router to destination.; nested exception is: 
	java.rmi.ConnectException: [RJVM:000576]No available router to destination.
	at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:301)
	at weblogic.management.remote.common.ClientProviderBase.newJMXConnector(ClientProviderBase.java:135)
	at javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:369)
	at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:267)
	at client.SecureJMXClient.initConnection(SecureJMXClient.java:47)
	at client.SecureJMXClient.main(SecureJMXClient.java:83)
Caused by: javax.naming.CommunicationException: t3s://localhost:7443: [RJVM:000575]Destination 0:0:0:0:0:0:0:1, 7443 unreachable.; nested exception is: 
	javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure; [RJVM:000576]No available router to destination.; nested exception is: 
	java.rmi.ConnectException: [RJVM:000576]No available router to destination. [Root exception is java.net.ConnectException: t3s://localhost:7443: [RJVM:000575]Destination 0:0:0:0:0:0:0:1, 7443 unreachable.; nested exception is: 
	javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure; [RJVM:000576]No available router to destination.; nested exception is: 
	java.rmi.ConnectException: [RJVM:000576]No available router to destination.]
	at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:44)
	at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:889)
	at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:377)
	at weblogic.jndi.Environment.getContext(Environment.java:348)
	at weblogic.jndi.Environment.getContext(Environment.java:316)
	at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:119)
	at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
	at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
	at javax.naming.InitialContext.init(InitialContext.java:242)
	at javax.naming.InitialContext.<init>(InitialContext.java:216)
	at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:278)
	... 5 more
Caused by: java.net.ConnectException: t3s://localhost:7443: [RJVM:000575]Destination 0:0:0:0:0:0:0:1, 7443 unreachable.; nested exception is: 
	javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure; [RJVM:000576]No available router to destination.; nested exception is: 
	java.rmi.ConnectException: [RJVM:000576]No available router to destination.
	at weblogic.rjvm.RJVMFinder.findOrCreateInternal(RJVMFinder.java:238)
	at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:170)
	at weblogic.rjvm.ClientServerURL.findOrCreateRJVM(ClientServerURL.java:178)
	at weblogic.jndi.WLInitialContextFactoryDelegate$1.run(WLInitialContextFactoryDelegate.java:355)
	at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
	at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:143)
	at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:351)
	... 13 more
Caused by: java.rmi.ConnectException: [RJVM:000575]Destination 0:0:0:0:0:0:0:1, 7443 unreachable.; nested exception is: 
	javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure; [RJVM:000576]No available router to destination.; nested exception is: 
	java.rmi.ConnectException: [RJVM:000576]No available router to destination.
	at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:524)
	at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:339)
	at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:306)
	at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:155)
	at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:258)
	at weblogic.rjvm.RJVMFinder.findOrCreateRemoteCluster(RJVMFinder.java:329)
	at weblogic.rjvm.RJVMFinder.findOrCreateInternal(RJVMFinder.java:227)
	... 19 more
Caused by: java.rmi.ConnectException: [RJVM:000576]No available router to destination.
	at weblogic.rjvm.ConnectionManager.findOrCreateRouter(ConnectionManager.java:1643)
	at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:505)
	... 25 more

The Source Code for this demo can be found at:
https://github.com/jaysensharma/MiddlewareMagicDemos/tree/master/WebLogic/Security/SSL_JMX_WLS12c
.
.

Regards
Jay SenSharma


[UPDATED VERSION] Deploying Applications Using JMX On managed Servers

Hi,

Jay SenSharma

Jay SenSharma

It is not a good approach to deploy an application using JMX as already there are various useful tools available to do the same like ANT, WLST or weblogic.Deployer. Still due to certain specific requirements we may want to deploy it through a Plain Java code. So we developed an article sometimes back for that http://middlewaremagic.com/weblogic/?p=483 . But as the previous code needed some enhancement to deploy the applications on the selective targets.

So based on the comment of Mr. Ram Bonala http://middlewaremagic.com/weblogic/?p=483#comment-4286 here we are going to see how we can use JMX code to deploy an application on a particular Managed Server or to a Chosen target.

NOTE:

We need to make sure that the  “Lock & Edit” button is present in the AdminConsole. By default when we run our Server on Production mode then we can see the Change Center butttone (Lock & Edit).   If you are running in Development Mode then please make sure that the “Lock & Edit” button is present in the admin console. If it is not present then Please login to admin-console  and then click on “Preferences —> Automatically Acquire Lock and Activate Changes (UNCHECK)” this check box .

Step1). Now Suppose we want too deploy two EAR files on WebLogic Servers “FirstEAR.ear” and “SecondEAR.ear” using the JMX Code then write the following jmx code in your local or remote file system .
“ApplicationDeployment_ManagedServer.java”

import java.io.*;
import weblogic.deploy.api.tools.*;  //SesionHelper
import weblogic.deploy.api.spi .*;  //WebLogicDeploymentManager
import weblogic.deploy.api.spi.DeploymentOptions;
import javax.enterprise.deploy.spi.TargetModuleID;
import javax.enterprise.deploy.spi.status.ProgressObject;
import javax.enterprise.deploy.spi.status.DeploymentStatus;
import javax.enterprise.deploy.shared.ModuleType;
import javax.enterprise.deploy.spi.Target;

import javax.enterprise.deploy.shared.*;

public class ApplicationDeployment_ManagedServer
{
     public static void main(String ar[]) throws Exception
		{
			ApplicationDeployment_ManagedServer appDeploy=new ApplicationDeployment_ManagedServer();
			String protocol="t3";
			String hostName="10.10.10.10";
			String portString="7001";
			String adminUser="weblogic";
			String adminPassword="weblogic";

			WebLogicDeploymentManager deployManager=SessionHelper.getRemoteDeploymentManager( protocol,hostName,portString,adminUser,adminPassword);
			System.out.println("nt WebLogicDeploymentManager: "+deployManager);
			DeploymentOptions options = new DeploymentOptions();
                        options.setRemote(true);
                        options.setStageMode(DeploymentOptions.NOSTAGE);
                        options.setTimeout(10000);   //Deployment will timeput in 10 seconds...change it accordingly
			System.out.println("nt DeploymentOptions: "+options);

			Target targets[]=deployManager.getTargets();
			System.out.println("------------------------------------------------------------");
			System.out.println("t Application Can be Deployed in the Following targets:");
			int i=0;
			for (i=0;i<targets.length;i++)
					{
					   System.out.println("n"+i+"   => Available Deployment Targets Are Below : "+targets[i]);
				        }
                        BufferedReader br=new BufferedReader(new InputStreamReader(System.in));
                        System.out.print("nn Please Enter the Target Number in which you want to deploy Your Application: ");
                        int targetNumber=Integer.parseInt(br.readLine());
			Target deployTargets[]=new Target[1];
			//SUPPOSE You Chose it TO BE DEPLOYWD ON Managed Server ...
			deployTargets[0]=targets[targetNumber];
                        br.close();
            //-------------DEPLOYING FIRST APPLICATION-------------//
			String applicationDisplayName="FirstEARApplication";
			options.setName(applicationDisplayName);
			ProgressObject processStatus=deployManager.distribute(deployTargets, new File("FirstEAR.ear"), null,options);
			Thread.sleep(500);
			processStatus=deployManager.deploy(deployTargets, new File("FirstEAR.ear"), null,options);
			DeploymentStatus deploymentStatus=processStatus.getDeploymentStatus() ;
			System.out.println("nnt For FirstEAR.ear DeploymentStayus.getState(): "+deploymentStatus.getState() +"nn");

			System.out.println("Sleeping for atleast 5-Seconds. Sothat the Deployment Activation gets Completed Successfully.");
			Thread.sleep(5000);

            //-------------DEPLOYING SECOND APPLICATION-------------//
			deployManager=null;
			deployManager=SessionHelper.getRemoteDeploymentManager( protocol,hostName,portString,adminUser,adminPassword);
			applicationDisplayName="SecondEARApplication";
			options.setName(applicationDisplayName);
			processStatus=deployManager.distribute(deployTargets, new File("SecondEAR.ear"), null,options);
			Thread.sleep(500);
			Thread.sleep(5000);
			processStatus=deployManager.deploy(deployTargets, new File("SecondEAR.ear"), null,options);
			deploymentStatus=processStatus.getDeploymentStatus() ;
			System.out.println("nnt For SecondEAR.ear DeploymentStayus.getState(): "+deploymentStatus.getState() +"nn");
                        deployManager.release();
		}
}

Step2). Now open a Shell prompt then run “. ./setWLSEnv.sh” or “setWLSEnv.cmd” to make sure that PATH and CLASSPATH are set properly. then compile and run the following program:

[UserName@localhost Deploy_WLS]$ javac ApplicationDeployment_ManagedServer.java
[UserName@localhost Deploy_WLS]$ java ApplicationDeployment_ManagedServer

	 WebLogicDeploymentManager: weblogic.deploy.api.spi.deploy.WebLogicDeploymentManagerImpl@2b3d9460

	 DeploymentOptions: {isRetireGracefully=true,isGracefulProductionToAdmin=false,isGracefulIgnoreSessions=false,rmiGracePeriod=-1,retireTimeoutSecs=-1,undeployAllVersions=false,archiveVersion=null,planVersion=null,isLibrary=false,libSpecVersion=null,libImplVersion=null,stageMode=nostage,clusterTimeout=3600000,altDD=null,altWlsDD=null,name=null,securityModel=null,securityValidationEnabled=false,versionIdentifier=null,isTestMode=false,forceUndeployTimeout=0,defaultSubmoduleTargets=true,timeout=10000deploymentPrincipalName=null}
------------------------------------------------------------
	 Application Can be Deployed in the Following targets:

0   => Available Deployment Targets Are Below : AdminServer/server
1   => Available Deployment Targets Are Below : MS-1/server
2   => Available Deployment Targets Are Below : MS-2/server
3   => Available Deployment Targets Are Below : FrontEnd_MS/server
4   => Available Deployment Targets Are Below : TestCluster/cluster

 Please Enter the Target Number in which you want to deploy Your Application: 1
<Jun 21, 2011 4:48:03 PM IST> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating distribute operation for application, FirstEARApplication [archive: FirstEAR.ear], to MS-1 .>
<Jun 21, 2011 4:48:04 PM IST> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, FirstEARApplication [archive: FirstEAR.ear], to MS-1 .>

	 For FirstEAR.ear DeploymentStayus.getState(): running

Sleeping for atleast 5-Seconds. Sothat the Deployment Activation gets Completed Successfully.
<Jun 21, 2011 4:48:09 PM IST> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating distribute operation for application, SecondEARApplication [archive: SecondEAR.ear], to MS-1 .>
<Jun 21, 2011 4:48:15 PM IST> <Info> <J2EE Deployment SPI> <BEA-260121> <Initiating deploy operation for application, SecondEARApplication [archive: SecondEAR.ear], to MS-1 .>

	 For SecondEAR.ear DeploymentStayus.getState(): running

<Jun 21, 2011 4:48:15 PM IST> <Warning> <JNDI> <BEA-050001> <WLContext.close() was called in a different thread than the one in which it was created.>

.
.
Thanks
Jay SenSharma


Getting All Server’s Lifecycle State in a Domain

Hi,

Jay SenSharma

Jay SenSharma

Based on the query of one of our Magic User  Mr. Vibhor Rastogi (http://middlewaremagic.com/weblogic/?p=2110#comment-4287) We are developing this article.   It was asked that how we can get the Server’s actual lifecycle state using JMX Code when the server is not in Running state. Earlier we developed a JMX Code “Getting ServerState (Enhanced Version) for WLS9.x & Above” but that code was able to just fetch the Servers state which already started listening on it’s Listen Port so it was easy to get it’s State using ServerRuntimeMBean.

But in the current demonstration we will see how to fetch the Server’s different lifecycle states like “Starting”, “Stand By”, “Admin” , “Resuming”, “Running” etc while the Server is coming up and the Listen port is not actually opened so far.

.
Just use the following JMX Code and compile and run it after running the “$WLS_HOME/server/bin/setWLSEnv.sh” or “setWLSEnv.cmd” script so that the CLASSPATH and PATH will contain the required set of Jars and executables.
ServerLifecycleState.java

import weblogic.management.mbeanservers.domainruntime.DomainRuntimeServiceMBean;
import weblogic.management.runtime.*;
import javax.management.MBeanServerConnection;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;
import javax.naming.Context;
import weblogic.management.jmx.MBeanServerInvocationHandler;
import java.util.Hashtable;
import java.io.IOException;
import java.net.MalformedURLException;
import weblogic.management.runtime.JDBCDataSourceRuntimeMBean;
import javax.management.*;
import javax.naming.*;

public class ServerLifecycleState {

private static MBeanServerConnection connection;
private static JMXConnector connector;
private static final ObjectName service;
private static String combea = "com.bea:Name=";
private static String service1 = "DomainRuntimeService,Type=weblogic.management.mbeanservers.domainruntime.DomainRuntimeServiceMBean";
private static String service2 = "RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean";

   static
      {
        try {
               service =new ObjectName(combea + service1);
            } catch (MalformedObjectNameException e) {
              throw new AssertionError(e.getMessage());
            }
      }

   public static void initConnection(String hostname, String portString, String username, String password) throws IOException,MalformedURLException
     {
	String protocol = "t3";
	Integer portInteger = Integer.valueOf(portString);
	int port = portInteger.intValue();
	String jndiroot = "/jndi/";
	String mserver = "weblogic.management.mbeanservers.domainruntime";
	JMXServiceURL serviceURL = new JMXServiceURL(protocol, hostname, port, jndiroot + mserver);
	Hashtable h = new Hashtable();
	h.put(Context.SECURITY_PRINCIPAL, username);
	h.put(Context.SECURITY_CREDENTIALS, password);
	h.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,"weblogic.management.remote");
	connector = JMXConnectorFactory.connect(serviceURL, h);
	connection = connector.getMBeanServerConnection();
     }

   public static ObjectName[] getServerRuntimes() throws Exception
    {
        return (ObjectName[]) connection.getAttribute(service,"ServerRuntimes");
    }

   public void printNameAndState() throws Exception
    {
	ObjectName arr[]=getServerRuntimes();
	ObjectName domain = (ObjectName) connection.getAttribute(service,"DomainConfiguration");
	System.out.println("t Domain: " + domain.toString());
	ObjectName[] servers = (ObjectName[]) connection.getAttribute(domain,"Servers");
    String serverState="UNKNOWN";
	for (ObjectName server : servers)
              {
		        String aName = (String) connection.getAttribute(server,"Name");
       		    try{
 			         ObjectName ser= new ObjectName("com.bea:Name="+aName+",Location="+aName+",Type=ServerRuntime");
			         serverState=(String) connection.getAttribute(ser,"State");
			         System.out.println("nt Server: "+aName+"t State: "+serverState );
		           }
		        catch(Exception e)
		           {
					 DomainRuntimeServiceMBean domainRuntimeService = (DomainRuntimeServiceMBean) MBeanServerInvocationHandler.newProxyInstance(connection, new ObjectName(DomainRuntimeServiceMBean.OBJECT_NAME));
					 DomainRuntimeMBean domainRuntime = domainRuntimeService.getDomainRuntime();
					 ServerLifeCycleRuntimeMBean serverLifeCycleRuntimeMBean = domainRuntime.lookupServerLifeCycleRuntime(aName);
			         System.out.println("t Server: "+aName+"t In LifeCycleState : "+ serverLifeCycleRuntimeMBean.getState());
		           }
              }
      System.out.println("t -------------------------- data/time:t"+new java.util.Date()+" ----------------------------");
    }

  public static void main(String[] args) throws Exception
   {
	String hostname = args[0];
	String portString = args[1];
	String username = args[2];
	String password = args[3];
	ServerLifecycleState s = new ServerLifecycleState();
	initConnection(hostname, portString, username, password);
	for(int i=0;i<1000;i++)
	   {
	       s.printNameAndState();
		   Thread.sleep(500);
	   }
	connector.close();
   }
 }

Compile and run the following program and for testing in parallel start any of your Managed Server.
you will see following kind of output Notice the Managed Server LifeCycle state is changing:

  -------------------------- data/time:  Mon Jun 20 00:16:36 IST 2011 ----------------------------
  Domain: com.bea:Name=9001_domain,Location=9001_domain,Type=Domain

  Server: AdminServer     State: RUNNING
  Server: MS1     In LifeCycleState : SHUTDOWN
  -------------------------- data/time:  Mon Jun 20 00:16:37 IST 2011 ----------------------------
  Domain: com.bea:Name=9001_domain,Location=9001_domain,Type=Domain

  Server: AdminServer     State: RUNNING
  Server: MS1     In LifeCycleState : STARTING
  -------------------------- data/time:  Mon Jun 20 00:16:38 IST 2011 ----------------------------
  Domain: com.bea:Name=9001_domain,Location=9001_domain,Type=Domain

  Server: AdminServer     State: RUNNING
  Server: MS1     In LifeCycleState : STARTING
  -------------------------- data/time:  Mon Jun 20 00:16:38 IST 2011 ----------------------------
  Domain: com.bea:Name=9001_domain,Location=9001_domain,Type=Domain

  Server: AdminServer     State: RUNNING
  Server: MS1     In LifeCycleState : STARTING
  -------------------------- data/time:  Mon Jun 20 00:16:39 IST 2011 ----------------------------
  Domain: com.bea:Name=9001_domain,Location=9001_domain,Type=Domain

  Server: AdminServer     State: RUNNING
  Server: MS1     In LifeCycleState : RESUMING
  -------------------------- data/time:  Mon Jun 20 00:16:39 IST 2011 ----------------------------
  Domain: com.bea:Name=9001_domain,Location=9001_domain,Type=Domain

  Server: AdminServer     State: RUNNING

  Server: MS1     State: RUNNING
Server State Using ServerLifeCycleRuntimeMBean

Server State Using ServerLifeCycleRuntimeMBean

.
.
Thanks
Jay SenSharma


Copyright © 2010-2012 Middleware Magic. All rights reserved. |