Thursday, May 29, 2014

Oracle HTTP Server(OHS) IPAddress restriction to reverse proxy resource

Sample Location directive that will allow access to "SampleApp" only to the IPAddresses mentioned below:

Example:

<Location /SampleApp>
      SetHandler weblogic-handler
      WebLogicHost <<Host Name>>
      WebLogic <<Port Number>>
      Order deny,allow
      Deny from all
      Allow from 192.168.1.1
</Location>

-- Siva Pokuri.

Tuesday, May 27, 2014

Get Stack Trace from a Oracle HTTP Server(OHS) CORE file on Unix



-- Navigate to core file location (Ex: /oracle/Middleware/Oracle_WT1/instances/instance1/)

-- Execute command "file <<corefilename>>". 
    Sample Output: core.12273: ELF 64-bit LSB core file x86-64, version 1 (SYSV), SVR4-style, from '/oracle/middleware/Oracle_WT1/ohs/bin/httpd.worker -DSSL'

-- Execute command "file httpd.worker".
    Sample Outputhttpd.worker: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically     linked (uses shared libs), for GNU/Linux 2.4.0, not stripped.

-- Execute command "script <<filename to generate stacktrace>>". 
    Sample OutputScript started, file is /opt/mystack

-- Execute command "gdb <<program(Ex: https.worker file)>> <<core file>>". This will start the stack trace.

-- Once the stack trace is completed, execute commands "quit" and then "exit". 

Core file stack trace is loaded into targeted file!!

-- Siva Pokuri. 

    

Monday, May 26, 2014

Integrate Oracle Entitlements Servers 11g + Java Application using OES custom tag libraries

HiAll,

From last couple of days, I have been trying different options to integrate Java Application using Oracle Entitlements Server custom java tag libs and finally able to make it work.

Thought to share high level steps:

-- Oracle Entitlements Server 11g 11.1.1.5.0
-- OES Weblogic Security module (Installed on separate Weblogic domain) with Java application running in that domain
-- Java Application which has JAAS authentication module enabled

Note: Since there is no way to pass the User ID as part of authorization check JAAS authentication is mandatory.

-- Define application policies according to the requirement in OES APM console
-- Distribute the application policies to Weblogic Security module
-- Use samples provided in OES documentation
    Ref: http://docs.oracle.com/cd/E21764_01/security.1111/e14097/jsp_tags.htm#sthref305

-- Siva Pokuri.