Friday May 01, 2015

Securing passwords in Coherence override files by Peter van Nes

clip_image002In a previous post i wrote how to Secure Coherence communications for FMW SOA by enabling SSL through a Coherence override file. Setting up SSL involves setting up a keystore and truststore which are protected by a passsword. To access the key- and truststores Coherence retrieves the required passwords from the elements in the Coherence override files. Currently Coherence does not support encryption of these password element values. A possible solution to prevent clear-text keystore passwords in the Coherence override files is to use a System Property override for these password elements.

You can override element values in the Coherence override file using the attribute system-property. The value assigned to this attribute is the System Property containing the value overriding the element value in de Coherence override file. Let’s make it more clear using a snippet from a Coherence override file below. The default private keystore password at line 8 is intentionally left empty and the attribute system-property is added to the password element. The value assigned to the attribute system-property, coh.override.keyst.pwd, is the name of the System Property which is used to override the value in the password element.

So now we can set the value for the private keystore password using the System Property ‘coh.override.keyst.pwd’. You could set this system property for example by adding the next two lines to the setDomainEnv.sh.

But really, this is not a great improvement, the clear-text password has moved from one file to another! Also the password now can be retrieved by anyone who has access to the system by displaying the active processes. What we have learned from here is that the use of System Properties allows us override the value for the password elements in the Coherence override file. If there is a possibility to read the keystore password values from an encrypted file and set the corresponding system properties when starting a Managed Server the it would improve the protection of the keystore passwords.

And yes, it is possible. For those who are not interested in the nitty gritty details but just want to store the keystore passwords in the Coherence Override file in a secure manner here the concise installation instructions first.

Download the Weblogic Startup classes in CoherenceKeystorePasswordCipher.jar here.
Copy this jar into the lib folder of your domain_home and add the jar file to the classpath.
This can be done, for example, by adding the next line to the setDomainEnv.sh
POST_CLASSPATH="${DOMAIN_HOME}/lib/CoherenceKeystorePasswordCipher.jar${CLASSPATHSEP}${POST_CLASSPATH}"

Edit the Coherence override file and change all elements for which you want to secure the password.

Remove the value (password) from the password element.

Add the attribute system-property to the password element and assign a descriptive and unique system property name

For example, change Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Sunday Apr 05, 2015

Securing Coherence unicast communications for FMW SOA by Peter van Nes

clip_image002When confidentiality is required for an Oracle Fusion Middleware environment, the first thing you probably will do is configure SSL for the domain. You might think that this will secure all your connections in the domain, but various FMW applications utilize different frameworks like JGroups or Oracle Coherence which connections are not secured by configuring SSL for the domain.

Various FMW applications, like Oracle Identity Manager, use FMW SOA which utilizes Oracle Coherence for Unicast communications. As Oracle recommends Unicast communication for SOA enterprise deployments in the Fusion Middleware Enterprise Deployment Guide for Oracle SOA Suite, you probably will have setup Unicast communication in your production environments accordingly by adding the Java properties tangosol.coherence.wka[1-n] and tangosol.coherence.localhost.

Instead of adding the properties to the Server Start arguments for each server individually you could add these settings to the setDomainEnv.sh. This way you have consolidated view of all the configuration settings for the Coherence cluster. Securing Unicast communications

Unicast (TCMP) communications for Coherence can be secured using by defining a SSL Socket Provider.  [Coherence Security Guide; Using SSL to Secure TCMP Communication]

A pre-defined SSL Socket Provider ‘ssl’ is defined in the tangosol-coherence.xml file of java archive coherence.jar which can be found in the lib directory of your coherence installation in the <MW_HOME>. The pre-defined SSL Socket Provider expects a key- and truststore with the name keystore.jks which must be present in the classpath. Therefore this Socket Provider is less suitable for production environments where truststores and keystores are defined in separate Keystores. Best practice is not to replace tangosol-coherence.xml, but to override the operational and run-time settings using  an Operational Override File. The property tangosol.coherence.override specifies the name of the override file to be used instead of the default. In this override file the cluster-config element should be defined to enable SSL for TCMP (Unicast). The cluster-config element contains three sub-elements; member-identity, unicast-listener and socket-provider.

The member-identity element contains the cluster-name of the Coherence cluster. This is the same name as the cluster name set in property tangosol.coherence.cluster when configuring unicast communications. Element unicast-listener defines the well- known-addresses, listen-ports and other properties of all cluster nodes. This are the values you assigned to the properties tangosol.coherence.wka[1-n] and tangosol.coherence.localhost when setting up unicast communications. The element socket-provider should have the same value as attribute id of the socket-provider element which will be described next. Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Friday Apr 03, 2015

Coherence: Explaining the 3 different cache types free online training

clip_image002

This video explains the 3 different types of cache used in Oracle Coherence. Video put together by Simon Cook of Oracle. Watch the video here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Thursday Apr 02, 2015

Coherence, WebLogic and Java SE 8 by René van Wijk

clip_image002

In this post we will explore some new Java SE 8 features,

  • Lambda Expressions enable us to treat functionality as a method argument, or code as data. Lambda expressions let us express instances of single-method interfaces (referred to as functional interfaces) more compactly. The Java SE 8 API also ships a lot of new functional interfaces to make our life easier.
  • Method references provide easy-to-read lambda expressions for methods that already have a name.
  • Default methods enable new functionality to be added to the interfaces of libraries and ensure binary compatibility with code written for older versions of those interfaces.
  • Classes in the new java.util.stream package provide a Stream API to support functional-style operations on streams of elements. The Stream API is integrated into the Collections API, which enables bulk operations on collections, such as sequential or parallel map-reduce transformations.

and see how these work out on WebLogic and Coherence. Note that WebLogic 12.1.3 and Coherence 12.1.3 are supported on Java SE 8, with the following restrictions:

  • WebLogic Server 12.1.3 does not support applications using the Java SE 8 fork/join and parallel streams features. Avoid these features when building WebLogic Server 12.1.3 applications using Java SE 8. The reason for this restriction is that the threads used by the fork/join thread pool will not be WebLogic Server managed threads. Any of the work performed in these threads may not be able to make use of WebLogic Server or Java EE facilities because the state of these threads, including security and transaction state, may not be created properly. Further, these threads will not be controlled by WebLogic Server Work Manager thread management facilities, possibly resulting in excessive thread usage.
  • When using Java SE 8, the use of permgen-memory is no longer required. The Java command line options -XX:PermSize and -XX:MaxPermSize are ignored: Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0.
  • Java SE 8 has new APIs for JDBC 4.2 and is supported for WebLogic Server 12.1.3 running on Java SE 8 with a JDBC driver that supports JDBC 4.2. However, although the Oracle JDBC thin driver bundled with WebLogic Server is certified on Java SE 8, the Oracle JDBC thin driver does not support JDBC 4.2.
  • When running using SSL connections with JCE on JDK 8, it may be necessary to install the Java Cryptography Extension Unlimited Strength Jurisdiction Policy Files 8.

As an example, we will use the application presented in the post Coherence 12c Grid Archive. To include some Java SE 8 features, we rewrite the servlet as (in which we also use parallel streams, although not supported, but just out of curiosity to see what goes on in the Java runtime). Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Tuesday Mar 31, 2015

Spinning-up a Coherence Cluster with Weblogic Scripting (WLST) by dxfelcey

clip_image002The WebLogic scripting and management features available with Coherence 12c Managed Servers make it easy to create Coherence clusters and manage applications. Using the Weblogic Scripting Tool (WLST),  the whole lifecycle of Managed Coherence Servers can be controlled, from creating and starting a Coherence cluster to deploying Coherence applications.

WLST scripts are written in Jython and can manipulate Weblogic JMX MBean's to manage Weblogic and Coherence. The flexibility and power they provide make it easy to create, configure and startup up a complete Coherence environment - in just a few minutes.  This post will outline how to do just this, using some sample WLST scripts.

Installing Coherence

So lets get started. If you haven’t already done so you need to install the Java JDK 1.8 and zipped distribution of Weblogic - which also contains Coherence. You can find these here;

For the JDK installation just follow the instructions. To keep things really simple for the Cohernece installation we will be using the zip installer for Weblogic (and Coherence). This avoids the need to have Administrator rights on Windows etc. The directory you unzip Coherence into will be referred to as the MW_HOME.  Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Friday Mar 27, 2015

WebLogic 12.2.1 & Coherence Roadmap

clip_image002

· New Video: WebLogic Roadmap
WebLogic is currently in its 12.1.3 release, but exciting things are coming in 12.2.1 and beyond. Get the scoop in this video from Oracle OpenWorld.

· New Video: Coherence Roadmap
In another OpenWorld video session, we explore the history, present-day and futures for Oracle Coherence.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Wednesday Feb 25, 2015

Updated Coherence JVisualVM Plugin in Latest Coherence Patch by Tim Middleton

clip_image002We have just released Coherence 12.1.3.0.1, (Patch 18378184) which is the first patch set on top of 12.1.3.  As part of this patch there are a few updates to the Coherence JVisualVM Plugin that improve the range of functionality that we can support, a couple of UI tweaks as well as addressing an issue monitoring Coherence clusters in WebLogic Server environments.

The feature highlights are:

1. Added a tab for displaying information about Elastic Data

2. Added a tab for display JCache Information when using Coherence to store JCache (JSR-107) caches

3. Additional metrics to track partitions stats graphically for a service

4. Displaying extra details for some data via drill down.

Displaying Elastic Data Information

We have added support for displaying a tab when you are using Elastic Data. We support clusters running 3.7.x and above and display information about both the Ram Journal and Flash Journal usage as well as the number of compactions taking place. Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Thursday Feb 19, 2015

WebLogic & Coherence customer presentations


At our WebLogic Community Workspace (WebLogic Community membership required) we posted customer WebLogic and Coherence customer presentations.

clip_image002WebLogic:

  • Cloud Application Foundation CVC Presentation - PPT
  • Cloud Application Foundation Technical Presentation - PPT
  • Approaches for Oracle WebLogic Server in the Cloud - Slideshare

Coherence:

  • Webcast: Top 3 Use-Cases for an In-Memory Data Grid - Replay
  • Coherence CVC, Technical and Roadmap Presentation - PPT
  • Updated Coherence JVisualVM Plugin in Latest Coherence Patch - Blog

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Friday Jan 16, 2015

Getting Started with Oracle Coherence

clip_image002

Part 2 of the Coherence Webinar Series

In this webinar we will demonstrate the principles of Oracle Coherence and develop the code to store data in and retrieve data from the grid. Watch the video here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Saturday Nov 01, 2014

Cloud Application Foundation SIG in Munich November 4th 2014

On Nov., 4th there will be a Cloud Application Foundation Special Interest Group at Oracle in Munich. Oracle Product Management will talk about latest innovation and the future and plans of Java, Oracle WebLogic Server and Oracle Coherence.
The SIG is a good opportunity to meet partners, customer, and Oracle Product Management.
For more information please visit the registration page
If you would like to attend pls. click on the mail link (an email client should open with subject "Anmeldung zur Oracle  CAF SIG"  - which means "Registration to Oracle CAF SIG"). Please be so kind to add your name and contact data to the mail body and send it to barbara.frank@oracle.com She takes care of the registration process.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Mix Forum Wiki

Thursday Oct 23, 2014

Discover popular uses for in-memory data grids – Webcast October 29th 2014

LogoTop Three Reasons to Use an In-Memory Data Grid
Date: Wednesday, October 29, 2014
Time: 10:00 AM PDT
As data volumes and customer expectations increase—driven by social, mobile, and cloud devices—so does the need to manage more data, often in real time. Companies facing this challenge benefit from the in-memory data grid technology of Oracle Coherence due to its ability to offload overburdened databases and shared data services and provide real-time data updates to applications. This saves infrastructure cost and ensures optimal performance.
Join the webcast to learn how companies like yours are:

  • Offloading their mainframes and shared services
  • Delivering real-time data to customers to provide the best experiences
  • Caching commonly used data to keep it highly available for application consumption

For details please visit our registration page here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Mix Forum Wiki


Wednesday Jul 23, 2014

Getting Started with Coherence*Web in WebLogic Server 12.1.2 by Tim Middleton

Coherence*Web is a great feature which allows you to store your HTTP sessions in a Coherence Cluster. Doing this allows your to de-couple the HTTP sessions from your JVM’s that are running your web apps, (which can free up JVM memory) and take advantage of the RASP (Reliability, Availability, Scalability and Performance) capabilities of Coherence for storage.

With this separation you can also more easily scale and manage and your HTTP session tier as well as utilise the wide array of session management options that Coherence*Web provides.

What I’d like to show you here is how to configure Coherence*Web in WebLogic Server 12.1.2 and deploy a basic web application that utilises this.

For more detailed information on Coherence*Web and the options available, see http://docs.oracle.com/middleware/1212/coherence/COHCW/start.htm#sthref11.
Setup

For this example, I’m assuming you already have installed WebLogic Server 12.1.2 and created a domain with node manager running.
If you are not familiar with how to do this, then you can use one of my posts here as a starting point or see the product documentation here.

We are going to create two WebLogic Server Clusters and a Coherence cluster into which we shall place both WLS clusters. This will ensure that the manages servers in both WLS clusters are associated with a common set of Coherence caching services. Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Mix Forum Wiki

Friday Mar 14, 2014

WebLogic section: Configure Coherence HotCache by Edwin Biemond

Coherence can really accelerate and improve your application because it's fast, high available, easy to setup and it's scalable. But when you even use it together with the JCache framework of Java 8 or the new Coherence Adapter in Oracle SOA Suite and OSB 12c it will even be more easier to use Coherence as your main HA Cache.

Before Coherence 12.1.2 when you want to use Coherence together with JPA for the database connectivity, you must make sure that there is no batch job or application doing modifications directly in the database. This will lead to an out of sync Coherence Cache. But with Coherence 12.1.2 together with GoldenGate you can capture these database changes and send updates to the Coherence Cache. This is called Coherence HotCache. Here you can see how it basically works. Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Mix Forum Wiki

Wednesday Feb 05, 2014

Coherence 12c (12.1.2) Proficiency

Coherence is am in-Memory Data Grid solution that provides predictable scalability for mission-critical applications, continuous data availability, and transactional integrity.

All videos and more can be found on the Coherence YouTube Playlist At our WebLogic Community Workspace ( WebLogic Community membership required).you can find the latest ppt presentations tagged with Coherence.


WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Mix Forum Wiki

Monday Jan 06, 2014

Coherence 12c hands-on Bootcamp at Fusion Middleware Partner Community Forum February 18th-21st 2014

As part of the Fusion Middleware Partner Community Forum 2014 we offer hands-on Coherence 12c Bootcamp The conference is ONLY for Oracle Partners, for details please visit our registration page!maciej

Trainer: Maciej Gruszka, Senior Principal Product Manager at Oracle
Agenda Highlights

  • Basic knowledge in Java and JavaEE
  • Understanding the Application Server concept
  • Basic knowledge in older releases of WebLogic Server

Technical Requirements:

  • Laptop 6 GB RAM
  • Pentium 4 CPU with minimal 1.6 GHz (better Dual-Core)
  • Minimum 15 GB free disk space

Take this opportunity and register now for the Oracle Fusion Middleware Partner Community Forum that will be held in the Hilton Malta on February 18th and 19th 2014 with hands-on training on February 20th & 21st 2014- Like last year we expect that the conference is booked out – register asap!

  • SOA Suite 12c & Cloud integration
  • BPM Suite 12c & Adaptive Case Management 12c
  • Internet of Things & mobile strategy & fast data
  • WebLogic 12c the foundation of Oracle Fusion Middleware.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Mix Forum Wiki

Search

Archives
« May 2015
SunMonTueWedThuFriSat
     
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
      
Today