Wednesday Feb 26, 2014

My new Active Directory Provider is not Working!

When you create LDAP providers, an easy way to verify they are working fine is by verifying in WebLogic console, you can see the users listed.

After added Active Directory Provider, Users and Groups are listed in Admin Console:

Security Realms -> My Realm -> Users and Groups.


When attempting to login to an application that is using the users, the login is being denied, and you might not see any clues in weblogic server logs.

If you enable Atn debug, the following is observed in server log:

<Debug> <SecurityAtn> <MyDomain> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)' for workmanager: consoleapp@null@consoleWorkManager> <<WLS Kernel>> <> <593625378f0917fe:-23dcaa48:143ea3e7180:-8000-0000000000000400> <1391205135889> <BEA-000000> <weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.authenticate authenticate failed for user MyUser>


This can occur when  default authenticator is selected as REQUIRED  by default. So the login process is denied by the default authenticator due to it is not aware of users in Active Directory.

So, to fix the issue

1. Go to Admin Console > Security Realms > <Your Realm> >Providers.
2. Make Active Directory provider is in the top of the list and set Control Flag SUFFICIENT.
3. Make default authenticator Control Flag is set to OPTIONAL.

You can read more in this My Oracle Support document:

How to Configure Active Directory as the LDAP Provider for WebLogic Server (Doc ID 1299072.1)

Enjoy!

Friday Feb 14, 2014

How to install weblogic Administration Console after it is uninstalled?

As per security purposes, you might need to uninstall your WebLogic Administration Console, or perhaps by mistake.
I would say that this is a very uncommon scenario, but one of my customer's faced it recently.


So,  How do I uninstall WebLogic Administration Console?

1. To uninstall WebLogic Administration Console, execute uninstall script, and select Administration Console to be uninstall it.

eg:

For Windows Environments

wlserver_10.3/uninstall/uninstall.cmd

For Linux/Unix Environments

wlserver_10.3/uninstall/uninstall.sh

2. Hit Next

You have Administration Console Uninstalled it.

Admin Server will start normally, but you won't have access to admin console e.g.: http://localhost:7001/console


What if you just did it by mistake and you need to access it again?

So, How do I install it again ?

Voila!

1. Use the installer you used to re install the components uninstalled, e.g:

java -d64 -jar wls1036_generic.jar

2. Start Admin Server

3. Access Administration Console at http://localhost:7001/console


Enjoy!

Tuesday Feb 04, 2014

Do I need to run WebLogic Server in a certified platform?

Well, the answer is Yes. But, Why is it important to be in a certified platform?

We have faced several issues which customers in a non certified platforms where after a long time and huge
 troubleshooting efforts we concluded that the issue was fixed after moving to a tested configuration.

WebLogic Server might run in any other non certified platform like any flavor of Linux, but we can not assure that it will work correctly.

So, What if you have a problem when running a non certified configuration?  If you don't find a known issue in the net or in My Oracle Support, try to reproducing the issue in a certified configuration. That will save a lot of time because as per out experience, the most probably cause of the issue is that the configuration where you are running WebLogic Server is causing the issue.

Eventually, if the issue still occurs, that will help to focus on the real issue and not in the noise added by the environment used to run WebLogic server.

It is also recommended to be in the latest JDK, that will help you to include in your environment the latest security fixes and patches for known issues already faced by other customers.

Another thing to consider is that you are upgrading your WebLogic Server. Then, you will probably need to upgrade your JDK as well. Always check certification matrix

Here you can find the supported configurations of Fusion Middleware products:

http://www.oracle.com/technetwork/middleware/ias/downloads/fusion-certification-100350.html

If you are in 12.1.1 or 12.1.2, make sure you pick the correct link. WebLogic Server 12.1.2 is very different from 12.1.1.

If you are in 11g, you will need to pick the document depending on your configuration.


You can see more information here:
https://blogs.oracle.com/certify/

Enjoy!
About


My name is Luz Mestre. I work as Principal Technical Support Engineer at Oracle Support. I'll post here the most interesting challenges I have in my daily work. The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.

Search

Categories
Archives
« February 2014 »
SunMonTueWedThuFriSat
      
1
2
3
5
6
7
8
9
10
11
12
13
15
16
17
18
19
20
21
22
23
24
25
27
28
 
       
Today