X

Proactive insights, news and tips from Oracle WebLogic Server Support. Learn Oracle from Oracle.

  • December 9, 2015

WLS JNDI Multitenancy

  The most important feature introduced in WebLogic Server 12.2.1 is multi-tenancy.
As we know, before WLS 12.2.1, one WLS domain is used by one tenant.
Since WLS 12.2.1, WLS domain can be divided into multiple partitions
so that tenants can use different partitions of on WLS domain. Then
Multiple tenants can share one WLS domain without influence each other.
So isolation of resources between partitions is key. Since JNDI is a
common way to access to these resources, the main target of JNDI in WLS
12.2.1 is to isolate JNDI resources.



  Before WLS 12.2.1,
there is only one JNDI global tree of WLS domain. It is difficult to use
this one JNDI global tree to support multiple partitions. Because
partition requires a unique isolated namespace. For example, it is
possible multiple partitions use same JNDI name to bind/lookup JNDI
resource separately. And it will result in NameAlreadyBoundException. To
isolate JNDI resources in different partitions, every partition has
unique JNDI global tree since WLS 12.2.1. Then tenant can operate JNDI
resource in one partition without name conflict with one in other
partition. For Application scoped JNDI tree, it is only visible in
application internal, so it isolated naturally. So there is no change
for App scoped JNDI tree in WLS 12.2.1. Let us see how to access JNDI
resource in partition.

Access JNDI resource in partition

 
To access JNDI resources in partition, we need add partition
information in provider url property during creating InitialContext.

  Runtime environment:

    Managed server:           ms1 , ms2

    Cluster:                         managed server ms1, managed server ms2

    Virtual target:               VT1 target to managed server ms1, VT2 target to cluster

    Partition:                      Partition 1 has available target VT1, Partition2 has available target VT2.

  We need add parition1 inforamtion in properties during creating InitialContext to access JNDI resources in partition1.

    Hashtable<String, String> env = new Hashtable<>();
    env.put(Context.PROVIDER_URL, "t3://ms1:7001/partition1");  
    env.put(Context.SECURITY_PRINCIPAL, "weblogic");
    env.put(Context.SECURITY_CREDENTIALS, "welcome1");
    Context ctx = new InitialContext(env);
    Object c = ctx.lookup("jdbc/ds1");

  Partition2 runs in cluster, so we can use cluster address format in properties during creating InitialContext.

    Hashtable<String, String> env = new Hashtable<>();
    env.put(Context.PROVIDER_URL, "t3://ms1:7001,ms2:7003/partition2");
    env.put(Context.SECURITY_PRINCIPAL, "weblogic");
    env.put(Context.SECURITY_CREDENTIALS, "welcome1");
    Context ctx = new InitialContext(env);
    Object c = ctx.lookup("jdbc/ds1");

  In weblogic, we can create
Foreign JNDI provider to link JNDI resources in other server. In WLS
12.2.1, we also can use Foreign JNDI provider to link to  JNDI resources
in specified partition by adding partition information in
configuration. These partition information including provider url, user
and password will be used to create JNDI context. The following is an
example of Foreign JNDI provider configuration in partition1. This
provider links to partition2.

<foreign-jndi-provider-override>
  <name>jndi_provider_rgt</name>
  <initial-context-factory>weblogic.jndi.WLInitialContextFactory</initial-context-factory>
  <provider-url>t3://ms1:7001,ms2:7003/partition2</provider-url>
  <password-encrypted>{AES}6pyJXtrS5m/r4pwFT2EXQRsxUOu2n3YEcKJEvZzxZ7M=</password-encrypted>
  <user>weblogic</user>
  <foreign-jndi-link>
    <name>link_rgt_2</name>
    <local-jndi-name>partition_Name</local-jndi-name>
    <remote-jndi-name>weblogic.partitionName</remote-jndi-name>
  </foreign-jndi-link>
</foreign-jndi-provider-override>

Stickiness of JNDI Context

  When a JNDI context is created, the context will associate with  specified partition. Then all subsequent JNDI operations are done within
associated partition JNDI tree, not in current partition one. And this
associated partition will remain even if the context is used by a
different thread than was used to create the context.. If
provider url property is set in environment during creating JNDI
context, partition specified in provider url is associated. Otherwise,
JNDI context associates with current partition.

Life cycle of Partition JNDI service

 
Before WLS 12.2.1,, JNDI service life cycle is same with weblogic
server. In WLS 12.2.1, every partition owns JNDI global tree by itself,
so JNDI service life cycle is same with partition. As soon as partition
startup, JNDI service of this partition is available. And during
partition shutdown, JNDI service of this partition is destroyed.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha
Oracle

Integrated Cloud Applications & Platform Services