General Archive

Unable to start managed server from nodemanager

When we try to start the managed server from nodemanager, we get the following error.

<BEA-090064> <The DeployableAuthorizer “myrealm_weblogic.security.providers.xacml.authorization.XACMLAuthorizationProviderImpl” returned an error: weblogic.security.spi.ResourceCreationException: [Security:090310]Failed to create resource.>

This errror comes because the managed server ldap server (slave) is not in sync with the Admin Server ldap server ( master).

To overcome this issue we can use two very important configurations.

 

Refresh Replica at Startup and Master First.

 

master first

 

Master First ensures managed server always connect to the ldap server of the admin server.

Refresh Replica at startup ensures that whenever managed server is restarted, it takes the latest ldap data from the admin server.

 

 

Recommended Best Practices for Securing WebLogic Server.

Disable SSL V2, Weak Ciphers, and Null Encryptions

You can use the following jvm options to disable Weak Ciphers.

-Dweblogic.security.SSL.allowUnencryptedNullCipher=false
-Dweblogic.security.disableNullCipher=true

Steps to disable SSL V2 follows later.

Use Secure Cookies to Prevent Session Stealing

Please refer to this article : link

Configure WebLogic Server to use a Specific Cipher Suite or a List of Ciphers

Please refer to this article : link

-Dweblogic.security.SSL.Ciphersuites=TLS_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_RC4_128_MD5

Restrict the SSL Protocol Versions Allowed by WebLogic Server

Please refer to this article : link

You should also allow only the required http methods ( GET/POST) to access the resource on the server. You can restrict other methods from the web.xml

Refer this

Weblogic Server Administration for Beginners.

This article is for System Admins who are new to Weblogic Administration.

The following are the day to day task of a Weblogic Server Administrators.

1. Setting up infrastructure ( Managed Servers, Cluster, Nodemanager)
2. Deploying Applications
3. Creating resources( JMS, JDBC, Security)
4. Monitoring
5. Performance Tuning
6. Troubleshooting

Setting up infrastructure ( Managed Servers, Cluster, Nodemanager)

This includes installing Weblogic Server , creating domains, domain templates.
You need to figure out the needs of the application/applications that the domain is going to host.
Do you need a distibuted setup with Weblogic Server running on multiple machines?
Do you need a cluster, is session replication necessary for your application or load balancing is enough?
Do you want to control ( start/stop) the managed server from the console or you’ll prefer scripts to do it for you?
What environment you are going to create, DEV, UAT, SIT, Production?

You will need answers to these questions before going ahead with setting up the infrastructure.

Deploying Applications

You will have to select the mode of deployment ( stage, nostage, external stage) of the application.
This is largely determined by the size of the application. Also before deploying the applications you will have to know the dependency of the applications. Does your application need a datasource configuration? Do you have MDB’s in your application?What Queues/Topics the application needs? Read the Create Configurations section.

Create resources

Your application might need datasources/ jms queues and topics. You need to configure them. Also check if your application is using J2EE security , does it rely on Application Server container authentication. If yes, you’ll have to create users and groups. In some cases you will have to configure external security providers.

Monitoring

In production usually third party tools ( that rely on SNMP) are available to do the monitoring. You can also use JMX and WLST to write your own monitoring tools.

Performance Tuning

This is a very important area. You need to know the number of concurrent users who will be accessing the application, what wil be the transaction per second. You need to tune the heap and work manager accordingly to cater to the load. There is a calculation that goes behind it and I will try to cover in a separate article.

Troubleshooting

Admins are expected to resolve issues starting from the initial phase of setting up the infrastructure till the application goes live. A lot of Weblogic related issues are covered in the troubleshooting section of wonders.

Configuring CacheFilter in WebLogic

At times there could be scenarios where you  might want to cache the attributes and results from standard requests and responses to enhance the performace of your application by using the Dynamic Content Caching feature.

It can be achieved by two ways.

1. Using the CacheFilter Servlet Filter

2. Using the wl:cache custom tag.

It is always always recommended to cache the contents that change infrequently such as headers, footers etc. You can also cache the repetitive database queries which change infrequently.

CacheFilter:

—————–

WebLogic Server includes a filter called CacheFilter that provides page-level response caching for webapplications. This filter operates at the complete page level rather than surrounding and caching only a section of JSP content in a page.

Steps to configure the CacheFilter servlet.


1. Define the cachefilter servlet in the application deployment descriptor i.e. web.xml:


It is registered as any other servlet filters. It is defined as weblogic.cache.filter.CacheFilter in the <filter-class> attribute. Specify the <url-pattern> of the page or pages to cache.
A sample entry looks like below

 

<filter>

<filter-name>CacheFilter1</filter-name>

<filter-class>weblogic.cache.filter.CacheFilter</filter-class>

<init-param>

<param-name>timeout</param-name>

<param-value>60</param-value>

</init-param>

</filter>

...

<filter-mapping>

<filter-name>CacheFilter1</filter-name>

<url-pattern>CacheFilterTest1.jsp</url-pattern>

</filter-mapping>

 

Note:   The CacheFilterTest1.jsp page will execute the first time the URL is accessed by any client, and the content of the HTTP response will be cached by the filter and used for all subsequent access requests for60 seconds.
2. Define the cachefilter properties.

Use initialization parameters in the filter registration to define timeout criteria and other cache control values. For example, to cache theresponse from a specific JSP page for 60 seconds, register the CacheFilter using elements similar tothe following:

 

<init-param>

<param-name>timeout</param-name>

<param-value>60</param-value>

</init-param>

 

Note:  By default cached entries never timeout. max-cache-size attribute can be used to specify the maximum size of an element that can be cached, by default MAX_CACHED_SIZE size the size of the cache.

A sample web.xml would look like below.

 

<?xml version='1.0' encoding='UTF-8'?>

<web-app>

<display-name>TestApplication</display-name>

<welcome-file-list>

<welcome-file>CacheFilterTest1.jsp</welcome-file>

</welcome-file-list>

<filter>

<filter-name>CacheFilter1</filter-name>

<filter-class>weblogic.cache.filter.CacheFilter</filter-class>

<init-param>

<param-name>timeout</param-name>

<param-value>60</param-value>

</init-param>

</filter>

<filter-mapping>

<filter-name>CacheFilter1</filter-name>

<url-pattern>CacheFilterTest1.jsp</url-pattern>

</filter-mapping>

</web-app>

 

For further reading you can refer the below link.

http://download.oracle.com/docs/cd/E13222_01/wls/docs92/javadocs/weblogic/cache/filter/CacheFilter.html

There is an alterative solution for this caching by using the wl:cache element. However the CacheFilter may also be used with servlets and static content,unlike the related wl:cache custom tag, which works only in JSP pages.

http://download.oracle.com/docs/cd/E13222_01/wls/docs103/webapp/customtags.html#wp56944

Cheers,

Wonders Team. 🙂

Basic FileNet FAQs

Basic FileNet FAQs:

 

Question 1: Why ECM?

Answer:  ECM stands for Enterprise Content management. Industry contains mix of Structured and Unstructured data.

Structured data, include a customer record or a transaction history with well-defined data fields, such as customer name, customer ID, and transaction date. Search facilities within an RDBMS can quickly locate records based on an index of the data fields.

Unstructured data, on the other hand, does not lend itself to fitting in an orderly fashion within the columns and rows of a database. Unstructured data usually resides within documents, electronic forms, reports, Web pages, and the bodies and attachments of emails. Unstructured data can be found spread across file shares, intranets, e-mail systems and users’ desktops

To address the challenges of managing unstructured and semi-structured content, enterprise content management (ECM) is introduced as the management of these types of content at the enterprise level. The management includes capturing, organizing, securing, and storing unstructured and semi-structured content within an enterprise from creation to disposition, and facilitates searching and controlled access to managed information assets directly from business processes or from other line-of-business applications.

ECM represents an evolution and convergence of a variety of different technologies that include elements of document management, imaging, workflow, collaboration, knowledge management, and compliance

ECM goes beyond these core features to meet a broader range of requirements, adding:

  1. Capture and collect both physical and electronic content
  2. Support for virtually any file format
  3.  Integrate with full business process management
  4. Support for an enterprise taxonomy
  5. System-wide audit and tracking capability
  6. Content transformation
  7. Content life cycle management, from creation to archival or destruction
  8. Federated management and collection of content across repositories
  9. Open interfaces to integrate with other applications and systems and deliver highly-specialized applications
  10. Integrated security and access management
  11. Robust metadata support
  12. Automated classification of existing and new content

m.  Enterprise-level availability and scalability

Question 2:  What is FileNet?

 Answer:  FileNet is an Enterprise Content Management (ECM) solution product suite from IBM. Enterprises use FileNet to manage their content and business processes. FileNet P8 platform, the latest version of FileNet system, provides a framework for developing custom enterprise systems, offering much functionality out of the box and capable of being customized to manage a specific business process.

Question 3: What are the three core IBM FileNet P8 products?

Answer: FileNet Enterprise Content Management (ECM) product suite includes:

 

  1. 1.     Content Management Products:

FileNet Content Manager (CE) – CE is the core content management solution for the FileNet P8 platform.

FileNet Image Services (IS) – IS is used to store and manage documents.

 

  1. 2.     Business Process Management Products:

FileNet BPM – BPM manages workflows to reduce cycle times and to improve productivity by streamlining and improving complex processes. BPM component includes Process Engine, Process Analyzer and Process Simulator.

  1. 3.     FileNet Records Manager:

FileNet RM streamlines record based activity to enforce compliance either with or without user participation. It helps in applying records classification, holds, retention policies, and to store electronic records as per fiscal, legal and regulatory requirements.

Example:

An insurance company receives address change requests from its policy holders though a signed form mailed to one central location. The requirement is to digitalize the request came though paper form, process it quickly, send the response to customer and keep the digital images (for say 7 years) for regulatory reasons.

FileNet technology provides a platform and out of box products which help automating this kind of processes quickly. After manual preparing of mails received in mailroom, ‘FileNet Capture’ allows scanning paper documents. Once scanned, digital images (documents) can be stored in ‘FileNet Content Engine (CE)’ and a workflow is launched in ‘FileNet Process Engine (PE)’. The work of address change is now assigned to an employee located in different part of the world. The employee gets the work request in ‘FileNet Business Process Framework (BPF)’ or Application Engine (Inbox/Public Inbox) web application. The employee checks the request assign to him and performs the address change activity on the customer policy. After performing the address change work, communication is sent back to customer and digital documents are moved to ‘FileNet Record Manager’ for archival.

Question 4:  What does document lifecycle mean?

 Answer:  Document lifecycle in FileNet P8 is a sequence of states (like Draft, Review, Publish, close etc) that a document will go though over its lifetime.

Also User can perform various actions when the document move from one state to another like Modify, apply annotations, change the version (major/minor).

A user or application can move the document forward or backward in its lifecycle.

 

Question 5: Difference between Content Manager and Image Manager?

Answer: Content management is the management of documents that change. For e.g. Management of meeting minutes that change and are updated every week once a meeting has been had. A CM system stores the original template of the minutes and then all subsequent versions created after every meeting

Image management is the management of applications used to manage static scanned images. Those are images that can never be changed. For e.g. a bank who needs to keep record of all the cheques that have been processed. Once processed they are scanned into an image management system and then stored for ever or for a certain period of time.

Business Process Management means that you can move the images / content through your business to enable workflow process to complete such as an application for a mortgage – would require your driver’s license image, application form (content) and so forth

Question 6: Difference between Panagon and FileNet P8?

Answer: P8 – this is the latest generation of the filenet product and has many applications (Content Engine, Application Engine, Process Engine, Records Manager, Process Anaylzer, Simulator, eForms, BAM, BPF, Image Manager, CFS/IS and so on)

FileNet’s Panagon is the older generation for Filenet production (Content Services, IDM Desktop, IDM WebServices, Open Client, Image Services)

Question 7: Which protocol is used by FileNet P8 Process Engine (PE) to connect to Content Engine (CE) or Application Engine (AE)?

Answer: IIOP is used by PE to communicate with CE and AE.

IIOP means ‘Internet Inter-ORB Protocol’

ORB means ‘Object Request Broker’

As CE is installed on AE, it uses direct API calls to communicate with AE.

Question 8: Can FileNet be integrated with existing systems?

Answer: FileNet provides numerous products of its own which helps in integrating the FileNet (CE, PE) with existing systesm. Also FileNet architecture is based on Java/J2EE, EJB technology which makes it easier for customization based on Business requirement.

Lot of FileNet applications uses SOA to integrate with existing applications, or to synch different applications in an organization.

FileNet can be integrated with most of ERP systems. FileNet provides imaging and document management functionality as a “Bolt-on” to existing ERP Platforms.

Typically integration of FileNet is provided via one or three of the routes:

  1. FileNet middleware products such as ClientLink for SAP integration of PeopleLink for People soft application.
  2. Custom Applications using various FileNet Toolkits and resource adaptors.
  3. Third Party portals and workflow engines.

 

Question 9: List few IBM FileNet driven expansion products and applications.

Answer:  IBM FileNet has list of products as mentioned below:

  1. Content ingestion related products:
    1. IBM FileNet Content Collector
    2. IBM Capture Professional and ADR
    3. Connectors and federation products:
      1. IBM FileNet Application Connector for SAP R/3 (ACSAP R/3)
      2.  IBM Content Integrator
      3. IBM FileNet Services for Lotus Quickr
      4. IBM FileNet Connectors for Microsoft SharePoint
      5. Application framework products:
        1. IBM FileNet eForms
        2. IBM FileNet Business Process Framework
        3. IBM FileNet Business Activity Monitor (BAM) and Cognos Now
        4. Search, classification, and discovery products:
          1. IBM Classification Module
          2. IBM Content Analyzer
          3. IBM eDiscovery Manager and Analyzer
          4. IBM OmniFind Enterprise Edition
          5. Other expansion product:
            1. IBM FileNet System Monitor

 

Question 10: What is Authentication and Authorization?

Answer:  

 

Authentication is the process of determining who users are and whether users are who they say that they are. For authentication, Content Engine relies on the

J2EE authentication model, which is based on the Java Authentication and

Authorization Service (JAAS)

Authorization is the process of determining whether a user is allowed or denied to perform an action on an object. It is managed within the Content Engine

Question 11: What is Event Framework?

Answer: Content Engine provides an extensible framework by which custom code can execute in response to various system-defined events or user-defined events, such as adding a document to an object store. The primary elements of the Content Engine event framework include:

  1. Event: A predefined action, such as the creation or deletion of a document.
  2. Event action: An object associated with the event, which specifies, through its property settings, which custom code to execute in response to the event.
  3. Event action handler: The code, written as custom Java classes that implement the EventActionHandler interface.
  4. Subscription: An object which, using its properties, specifies one or more events, a target Content Engine object on which those events can be triggered, and an event action object.

 

When a predefined action takes place on a Document, Folder, or Custom object, an event is triggered and the custom code, which is called the event action handler, is executed. Based on a property setting on the event object, event actions can execute either synchronously or asynchronously. Synchronous events execute within the transaction context of the executing request and can force the overall transaction to fail. Asynchronous events are queued for later processing by the Content Engine server in the background, asynchronous-event thread.

In IBM FileNet P8 4.x, event action handler code is written as custom Java classes that implement the EventActionHandler interface. These custom Java classes are delivered as jar files located through the global class path or saved 34 IBM FileNet P8 Platform and Architecture within the system as special content objects called Code Modules (the jar files are stored as content elements). When a given action occurs on a particular object, a query is executed to find the set of associated subscriptions and their corresponding event action handlers. For each subscription, the event action handler is loaded through a custom classloader and executed through the EventActionHandler.onEvent() method.

Event action handlers provide one of the primary ways for customizing Content Engine server-side behavior. It is common to use event handlers to deliver customized behavior for specific events. There is an out-of-the-box event action handler for launching process flows based on a given event action. There is also

a CustomEvent class, which can be extended to define custom event actions that can be programmatically raised.

FileNet Training Guide

Link below shows the basics of FileNet and its products like Application Engine, Content Engine, Process Engine  and their real time implementations.

This link helps FileNet begineers to have basic idea on FileNet products and to understand its importance at organisation level.

Weblogic Wonders – FileNet Training