Several application running Oracle Weblogic were detected by Nessus as having a vulnerable version (being exploited in the wild). Impacted Versions: WebLogic 10.X, WebLogic 12.1.3 Resolution/ Workaround: Oracle is working on the fix, below is the work around for the time being. To prevent attacks, KnownSec 404 is recommending that
Continue reading »Author: Faisal
How to create Work Manager and assign to application.
Please follow the steps below to create a WORK MANAGER Environment -> Work Manager -> New Configure Maxmimum and Minimum Thread Contraint Target them on the server. Once the work manager is created, an application can be configured to use it. weblogic-ejb-jar.xml <weblogic-enterprise-bean> <ejb-name>PRAsync</ejb-name> <message-driven-descriptor> <pool> <max-beans-in-free-pool>1000</max-beans-in-free-pool> <initial-beans-in-free-pool>50</initial-beans-in-free-pool> </pool>
Continue reading »Steps to generate boot.properties and startup.properties for AdminServer
If we start the AdminServer( which has never been started before using script ) from NodeManager, boot.properties and startup.properties file don’t get created by default and AdminServer fails to start. To create the boot.properties and startup.properties file we need to follow the steps below. sed -i “s/StartScriptEnabled=true/StartScriptEnabled=false/g” nodemanager.properties connect(‘user’,’pwd!’,’t3://host:port’)
Continue reading »How to view active database connections in Tomcat
Configure remote JMX Connectivity for Tomcat by adding these JAVA OPTIONS -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9999 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false 2. Start jmxconsole and connect to the remote tomcat process. 3. Go to MBeans -> Datasource -> Application Name -> Your Datasource -> numActive
Continue reading »Unable to start managed server from nodemanager
When we try to start the managed server from nodemanager, we get the following error. <BEA-090064> <The DeployableAuthorizer “myrealm_weblogic.security.providers.xacml.authorization.XACMLAuthorizationProviderImpl” returned an error: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource.> This errror comes because the managed server ldap server (slave) is not in sync with the Admin Server ldap server ( master). To
Continue reading »How to prevent CSRF attack
Sometimes when one application tries to call another application running on another server you get an error window with the message potential CSRF attack. At the same time you will see the following error message in the log files. <BEA-000000> <A request has been denied as a potential CSRF attack.>
Continue reading »Using JConsole to view JMX MBeans of Weblogic Server
1. Set the environment using setWLSEnv.cmd 2. Start JMX Console using the below arguments and connect to the local/remote process. jconsole -J-Djmx.remote.protocol.provider.pkgs=weblogic.management.remote -J-Dcom.sun.tools.jconsole.mbeans.keyPropertyList=Location,type,Type,j2eeType,name,Name -debug 3. Go to the Mbeans tab and view the Mbeans
Continue reading »How to configure SSL on JBoss EAP
Create Connector Create Keystores keytool -genkey -alias mykey -keyalg RSA -keysize 1024 -dname “CN=myserver.beasys.com, OU=Customer Support, O=BEA Systems Inc, L=Denver, ST=Colorado, C=US” -keypass password -keystore identity.jks -storepass password keytool -selfcert -v -alias mykey -keypass password -keystore identity.jks -storepass password -storetype jks keytool -export -v -alias mykey -file rootCA.der -keystore identity.jks
Continue reading »Shared Library example for Oracle Weblogic Server
1. Compile your code and package it in a jar file. In this example I have written a simple program that has a function that just takes a string as input and prints hello infront of the string. package wonders; public class MyTestClass { static { System.out.println("MyTestClass class Loaded
Continue reading »Using WLDF to view Historical Data
1. Go to the Home Page and click on Monitoring Dashboard under charts & graph 2. This will open the dashboard in a new tab. There are some built in views. You can select JVM Runtime Heap and click on the start button on the top. 3. You should be
Continue reading »