Weblogic Archive

What is Kerberos?

Three parties are involved in Kerberos Based Authentication – Client, Server and a Kerberos Distribution Centre.

The diagram below clearly demonstrates how the interactions between the three parties happen.

1 – Client requests for a TGT (Ticket to Get Tickets) from the KDC (Key Distribution Centre). Client sends its username in plain text format to get the TGT.

2 – KDC returns a TGT to the client. The TGT has the Session Key (SK) which is encrypted with a Key derived from the Client’s password. Hence only the Client will be able to retrieve the Session Key. This Session Key is used for all furthur communications between the Client and the KDC.

3 – The Client requests for a Service Ticket (ST) to the KDC by providing the Service name along with the Session Key for its own identification. The KDC will be able to provide the ST only if the Service is already registered with it.

4 – The KDC creates the Service Ticket. The Service Ticket has the Client’s Authentication Data and a Sub Sesion Key (SSK). The Service Ticket is then encrypted with a Key Derived from the Server’s Key which is shared with the KDC. This ensures that the Service Ticket can only be decrypted by the Server. The KDC then authors a message containing the Service Ticket and a Sub Session Key. The whole message is then encrypted with the Session Key so that only the intended Client can decrypt it.

Pictorially the Message looks like this.

5 – The Client decrypts the Message with the Session Key, retrieves the Service Ticket and the Sub Session Key. It sends the Service Ticket to the Server. This Service Ticket is the SPNEGO Token. The Server decrypts the Service Ticket with its Key and authenticates the Client based on the Clients Authentication Data. Also it gets a copy of a Sub Session Key from the Service Ticket. Now both the Client and the Server have a common key, Sub Session Key, which they use for all further communication.

6 – A session is established and no further authentication is required.

References :-

http://technet.microsoft.com/en-us/library/bb742516.aspx

Silent Installation of WebLogic Server

The below post describes about the Silent Installation of Oracle WebLogic Server 11g.

Silent mode installation allows you to define an installation configuration file called silent.xml, based upon which the required components are installed. This does not provide any configuration options during the installation process. Silent installation allows using the configuration to duplicate the installation on many machines. Silent-mode installation works on both Windows and UNIX systems.

The silent-mode installation process has two primary steps:

1. Create a silent.xml file that defines the installation configuration that you would normally enter during an interactive installation process, such as graphical-mode or console-mode installation.

For example, in silent.xml, you can supply the values for the Middleware home directory, the product directory, and the components to be installed.

A sample silent.xml looks like below.

**************************************
<?xml version="1.0" encoding="UTF-8"?>
<bea-installer>
<input-fields>
<data-value value="D:\WLS11g"/>
<data-value name="WLS_INSTALL_DIR" value="D:\WLS11g\wlserver_10.3"/>
<data-value name="COMPONENT_PATHS"
value="WebLogic Server/Core Application Server|WebLogic Server/Administration Console|WebLogic Server/Configuration Wizard and Upgrade Framework|WebLogic Server/Web 2.0 HTTP Pub-Sub Server|WebLogic Server/WebLogic JDBC Drivers|WebLogic Server/Third Party JDBC Drivers|WebLogic Server/WebLogic Server Clients|WebLogic Server/WebLogic Web Server Plugins|WebLogic Server/UDDI and Xquery Support|WebLogic Server/Server Examples"/>
<!--<data-value name="INSTALL_NODE_MANAGER_SERVICE" value="yes"  />
<data-value name="NODEMGR_PORT" value="5559" />
<data-value name="INSTALL_SHORTCUT_IN_ALL_USERS_FOLDER" value="yes"/>
<data-valuemso-spacerun:yes">       "value="D:\jrockit_160_05|D:\jdk160_11"/>
-->
</input-fields>
</bea-installer>
**************************************

NOTE: Make sure there are no empty spaces with in the COMPONENT_PATHS values.

2. Open a command prompt and start the installation by executing the below command.

wls1031_win32.exe -mode=silent -silent_xml=<path_to_silent.xml>

NOTE: Optionally you can specify an installation log file so that you can keep a track of any issues that occur during installation of the WebLogic server as below.

wls1031_win32.exe -mode=silent -silent_xml=<path_to_silent.xml> -log=g:\silent-install.log

It opens up a new windows showing the installation progress.

3. Check the install progress window and a successful install would display message like below.

In the verbose install log, a successful install would read like below.

[WizardController] com.bea.plateng.wizard.silent.tasks.LogTask – The installation was successfull!

Note: A typical install in the windows would look like.
Note: If you are using a generic jar installer then you need to set the PATH before you run the installer.

java -jar file_name.jar -mode=silent -silent_xml=path_to_silent.xml

file_name.jar is the name of the installation file
path_to_silent.xml is the full path to the silent.xml file.

There are other ways of silent installation of the weblogic server according to your situation, refer the below links to have more insight into them.

Common errors during installation:

1:

An external Eclipse Home must be specified when using the generic installer.

Troubleshooting:

You can specify the Eclipse External Home by using the below argument in the silent.xml

USE_EXTERNAL_ECLIPSE=”true”

EXTERNAL_ECLIPSE_DIR=<Eclipse-Location-Directory>

2:

The directory “/tmp” does not have enough space for extraction.

Troubleshooting:

Silent-mode installation requires the same amount of temporary disk space and uses the same temporary storage directories as a standard installation. If you re running out of temporary space, you can change the default temporary directory by using the below parameter.

Specify the below java handler.

-Djava.io.tmpdir=<temp-dir-location>:
References:
Cheers,
Wonders Team. 🙂

Not able to configure Error Page?

Customers have often reported issues that they are not able to configure error page even though the do the configuration in the web.xml correctly

web.xml
<?xml version=’1.0′ encoding=’UTF-8′?>
<web-app xmlns=”http://java.sun.com/xml/ns/j2ee” xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”>
<display-name>TestApplication</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<error-page>
<error-code>404</error-code>
<location>/error.jsp</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/error.jsp</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/error.jsp</location>
</error-page>
</web-app>

error.jsp

<%@page isErrorPage=”true” contentType=”text/html” %>
<html>
<body>
Request that failed: ${pageContext.errorData.requestURI}
<br />
Status code: ${pageContext.errorData.statusCode}
<br />
Exception: ${pageContext.errorData.throwable}
<br />
${pageContext.errorData.servletName}
</body>
</html>
index.jsp
<HTML>
<HEAD>
<TITLE>Test</TITLE>
</HEAD>
<BODY>
<%
String s = null;
out.println(s.trim());
%>
</BODY>
</HTML>

When I deployed this application on Weblogic Server and tried to acces the application. I got null pointer exception causing server to send HTTP 500 Response
with Exception

java.lang.NullPointerException
at jsp_servlet.__index._jspService(__index.java:76)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
tyHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
a:292)
Truncated. see log file for complete stacktrace

But since we had done the error page configuration, we expected to see our custom error page. This was not the case.
We saw the following. ( Note I was using IE 7)



I had to do the following configuration change on IE to get it working. ( Uncheck Show Friendly HTTP Error Messages)



After changing the IE Setting, I was able to get the custom error page.


Reference :-

http://www.java2s.com