Category Archives: WebLogic

java.security.InvalidKeyException: Public key presented not for certificate signature

After resolving the below mention problem, I start getting the exception given below.

Exception : [ERROR] Exception at line 122, column 68 of oxf:/ops/pfc/xforms-epilogue.xpl (re

ading processor output: name=’document’, id=’xhtml-data’)

java.security.InvalidKeyException: Public key presented not for certificate sign

ature

        at org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Un

known Source)

        at org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So

urce)

        at javax.crypto.SunJCE_b.d(DashoA12275)

        at javax.crypto.SunJCE_b.c(DashoA12275)

        at javax.crypto.SunJCE_r.run(DashoA12275)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.crypto.SunJCE_b.<clinit>(DashoA12275)

        at javax.crypto.Cipher.getInstance(DashoA12275)

        at org.orbeon.oxf.util.SecureUtils.encrypt(SecureUtils.java:135)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeBytes(XFormsUtils.java:184)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeXML(XFormsUtils.java:157)

        at org.orbeon.oxf.xforms.XFormsStaticState.getEncodedStaticState(XFormsS

taticState.java:220)

The resolution to this problem was probably the last nail in the coffin of my problems which I was facing since last 13-14 days. I have found the resolution on this link. Though you can find the steps of resolution of this problem on the link (And infect they are original) I am writing them again (copying infect) in case this link stop working tomorrow.

1. Suppose you are using jdk15. Go to http://java.sun.com/javase/downloads/index_jdk5.jsp

2. Go to the Other Downloads section and click on download link next to “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0”

3. Download jce_policy-1_5_0.zip and extract it in to a directory.

4. You will find local_policy.jar and US_export_policy.jar files there in the extracted directory. Copy these two files to $JAVA_HOME/jre/lib/security directory. (These files will already be there. you may replace them)

5. Restart WSO2 WSAS and invoke your secured service again. You will not encounter the “invalidkeyException” any more.

I would like to say thanks to Charitha to help me out in resolving this issue in the same way as Yuvi is doing to Kumar Sangakara and M. Jaya to help him in winning a match or two for KIP.

5 Comments

Filed under WebLogic

No class def found error at java.lang.NoClassDefFoundError: javax/crypto/SunJCE_b:

Exception – InitUtils.runProcessor(110) | Exception at line 122, column 68 of oxf:/o

ps/pfc/xforms-epilogue.xpl (reading processor output: name=’document’, id=’xhtml

-data’)

java.lang.NoClassDefFoundError: javax/crypto/SunJCE_b

        at javax.crypto.Cipher.getInstance(DashoA12275)

        at org.orbeon.oxf.util.SecureUtils.encrypt(SecureUtils.java:135)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeBytes(XFormsUtils.java:184)

        at org.orbeon.oxf.xforms.XFormsUtils.encodeXML(XFormsUtils.java:157)

        at org.orbeon.oxf.xforms.XFormsStaticState.getEncodedStaticState(XFormsS

taticState.java:220)

        at org.orbeon.oxf.xforms.processor.XFormsToXHTML.createCacheContainingDo

cument(XFormsToXHTML.java:328)

        at org.orbeon.oxf.xforms.processor.XFormsToXHTML.access$200(XFormsToXHTM

L.java:51)

The solution for this problem was quit tricky and taken out a hell out of us. While trying to up WSI along with ODE and Axis2 on WL, whenever we start WSI before rest of the services, it was working fine. But when we started or used WSI after other two services, we were getting this exception. Thanks to efforts of Sri, that in the end we come through to this.

Solution: Put bcprov-jdk15-143.jar in bea\jdk150_12\jre\lib\ext folder. This jar can be downloaded from http://www.bouncycastle.org/latest_releases.html. Also put the line ‘security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider’ in bea\jdk150_12\jre\lib\security\java.security. Make sure this line is at number two only. Change the sequence of others.

Important Links:

1) http://mail-archives.apache.org/mod_mbox/ws-axis-user/200606.mbox/<OF2E2E121C.A4B12874-ON85257184.00457BAE-85257184.00461B2C@mro.com>

2) http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6567947

3) http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6647104

Leave a comment

Filed under WebLogic

ODE Qname NameSpace Exception

After resolving previously mentioned issue, something more interesting was waiting for me on the way to my journey to deploy ODE on weblogic. Here is a small stack trace for the same.

 java.rmi.ServerException: RemoteException occurred in server thread; nested exce

ption is:

        java.rmi.UnmarshalException: error unmarshalling arguments; nested excep

tion is:

        java.io.InvalidClassException: javax.xml.namespace.QName; local class in

compatible: stream classdesc serialVersionUID = 4418622981026545151, local class

 serialVersionUID = -711357515002332258

 This issue was reported as a bug with java and you can check its description and some more information about it at this link. Below are some of the solutions which are given at above mentioned link.

 Submitted On 04-MAY-2007
chris-j-01

I had the same problem as the last person who submitted
On 08-MAR-2007. I was using 1.5.0_10 with weblogic 9.2.
I downgraded to 1.5.0_06 and it works.

Submitted On 22-JUN-2007
mdepot

Look into adding the following option to java as a workaround for this issue:
 
-Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0
 

Submitted On 24-JUL-2008
Titto 
Even I solved this error by pointing the jdk for weblogic to
BEA JRockit(R) JDK 5.0 Update 4 (R26.0.0-189_CR269406)

 I have tried almost all of them but nothing has worked for yours truly. Workaround ‘-Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0’ has been suggested by many of other links and I’ll suggest you to use this solution first. Below are some of the links I have gone through during my voyage of resolving this issue.

 http://mattfleming.com/node/264

http://jira.codehaus.org/browse/MOJO-1223

http://objectmix.com/weblogic/519553-javax-xml-namespace-qname-incompatible-4.html

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6267224

 http://forums.terracotta.org/forums/posts/list/204.page

 Some of these links can prove beneficial for you if you are struggling with this kind of exception.

 Solution: The solution which worked for us can’t be suggested at first go. But we were not able to move forward and the delivery deadlines were about to crush us, we were left with no more RnD time and have implemented it. And the solution is to change QName.class in stax-api-1.0.1.jar in ODE libs with one in C:\bea\jdk150_12\jre\lib\rt.jar. Ummm, the solution looks tricky but it is just like that.

Leave a comment

Filed under WebLogic

Exception org.apache.xml.serialize.XML11Serializer overrides final method

While trying to run ODE with WebLogic, I got the following exception.

 

A) <[weblogic.servlet.int

ernal.WebAppServletContext@10c1fd1 – appName: ‘ode’, name: ‘ode’, context-path:

‘/ode’] Root cause of ServletException.

java.lang.VerifyError: class org.apache.xml.serialize.XML11Serializer overrides

final method ?.?

        at java.lang.ClassLoader.defineClass1(Native Method)

        at java.lang.ClassLoader.defineClass(ClassLoader.java:620)

        at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:12

4)

        at weblogic.utils.classloaders.GenericClassLoader.defineClass(GenericCla

ssLoader.java:355)

        at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(Generic

ClassLoader.java:294)

        Truncated. see log file for complete stacktrace

 

This is not complete stack trace but I have just given the top of exception description. This is a good example of class loading problem. Actually XML11Serializer class is in ‘xercesImpl-2.9.0.jar’ in ODE. This class file conflicts with one in WebLogic. To resolve this issue, other then changing some small application level configuration, I have Created weblogic.xml with ‘<prefer-web-inf-classes>true</prefer-web-inf-classes>’ entry and put

it in ode/web-inf/ directory.  This fixed the problem for me. ‘prefer-web-inf-classes’ element (a sub-element of the <container-descriptor> element), by default is set to False. Setting this element to True subverts the classloader delegation model so that class definitions from the Web application are loaded in preference to class definitions in higher-level classloaders. This allows a Web application to use its own version of a third-party class, which might also be part of WebLogic Server. If you want to read more about this you can go to this link. Since I have used WL 9.2, it’s a link for docs92. You can change it to 81 or 100 for WL 8.1 and 10.0 respectively.

Leave a comment

Filed under WebLogic

How to customize weblogic WLST Template to create a domain?

Before start writing anything about this, I would like to thanks my friends P.venkat and Srinivas Rao to help me in understand and modify the existing wls.jar template according to my requirements. As I have posted in my previous post, I am going to explain how you can modify it according to your requirements. You may need few extra things or you may want to skip few of them, but that’s all should be decided by you. I am leaving you with my modification.

 First of all go to C:\bea\weblogic92\common\templates\domains, assuming your WL is installed at C:/ drive, and you will get the wls.jar template there. Unjar this file in some folder. You can use Winzip or winrar or you can do it via command prompt. Use the following command

 ‘Path of the folder where you want to unjar this template>jar -xvf C:\bea\weblogic92\common\templates\domains\wls.jar’.

 It will extract all the files in wls folder. The wls will look like the picture given below. It will have the following folders

1)      autodeploy

2)      config

3)      console-ext

4)      lib

5)      META-INF

6)      user_staged_config

and the following files

 1)      fileRealm.properties

2)      security.xml

3)      startmenu.xml

4)      startscript.xml

5)      stringsubs.xml

6)      template-info.xml

   doc

 

Now you can make the following changes in this exploded template

1)      In autodeploy folder, you have to put all your applications which you want to deploy on any machine and want to deliver it as a bundle with setup environment

2)      In Config/config.xml file, you have to change the name tag with the name of domain you want to create e.g if you want to create skydomain then the tag should be like <name>skydomain</name>.

3)      Inside lib folder, put all the library file you need to run your application and you need them on the machine where you are going to install your application by creating you domain.

4)      In startscript.xml file you can give the value of JAVA_OPTIONS under <setenv > tab. The value tag will look something line <value>%JAVA_OPTIONS% -Dfile.encoding=UTF-8 -Dode.connection.isolation=2</value>.

5)      Othere then this you can fix java_home in this file according to your requirement to SUN or to JRocket.

You need not to change rest of the things but you can search and change any other thing required by you in this exploded template.

After making all these changes, you have to make a jar file again. You can use command prompt for the same like

‘Path of the folder from where you want to make a jar file>jar -cvf C:\bea\weblogic92\common\templates\domains\skyjar.jar *’

And you are done. All you have to do is to provide this jar file along with your script.py file to create a domain on any machine according to your requirement. 

If you have further any question, please feel free to write me back.

 Regards,

–Vicky

2 Comments

Filed under WebLogic

Jython script to create domain and set database connection using WLST.

In one of my recent project I have to prepare a jython script to create a domain and database connection and up this database connection on admin server in Weblogic environment. I have gone through various Weblogic documentation and few other websites where I find some examples but no explanation was given about these example. Being a new jython user I found it very difficult to make changes in the code according to my requirement. Here I am trying to explain those things along with script, so that whenever somebody have to modifiy the script, he/she can do it with ease according to his/her requirement.

 

Here is the script.

 

myScript.py

(When you copy this script, please remove all lines which are in brackets in italic fonts and in the color you are reading now. These are explanation lines.)

 

#============================================================

# Open a domain template.

#============================================================

 

readTemplate(“C:/bea/weblogic92/common/templates/domains/wls.jar”)

 

(Here you can modify the template by extract wls.jar file on your local disk. Put all the changes which are specific to your project. You can put all library jar’s in modified domain which your application need and you want to deliver to client. Other changes like which JDK you want to use SUN or JRocket you can define here. Also you can set  JAVA_Opetions for your environment. Then again make a jar file with these changes with some other name like myProject.jar to use new template. When your script will use this customized template, it will set your environment on any machine. All you have to do is to deliver this customized template (myProject.jar) and your script (myScript.py).I will explain every thing about template customization in my next post on this blog.)

 

#============================================================# #Configure the Administration Server and SSL port.

# To enable access by both local and remote processes, you should not set the

# listen address for the server instance (that is, it should be left blank or not set).

# In this case, the server instance will determine the address of the machine and

# listen on it.

#===========================================================

cd(‘Servers/AdminServer’)

set(‘ListenAddress’,”)

set(‘ListenPort’, 7001)

(Leave above section as it is if you want your application to run on 7001. Or you can change port number according to your requirement.)

 

create(‘AdminServer’,’SSL’)

cd(‘SSL/AdminServer’)

set(‘Enabled’, ‘True’)

set(‘ListenPort’, 7002)

 

(Leave above section as it is.)

 

#===========================================================

# Define the user password for weblogic.

#===========================================================

cd(‘/’)

cd(‘Security/DOMAIN_NAME/User’)

delete(‘weblogic’,’User’)   

create(‘YOUR_USERNAME’,’User’)   

cd(‘YOUR_USERNAME’)   

set(‘Password’,’YOUR_PASSWORD’)   

set(‘IsDefaultAdmin’,1)

 

(In the above section, you have to change the following variables 1. DOMAIN_NAME = replace this with the name of domain. 2. YOUR_USERNAME = replace this with the name you want to use for login in WL console 3. YOUR_PASSWORD = replace this with the password you want to set for login in WL console. Left rest of the things as it is.) 

 

#===========================================================

# Create and configure a JDBC Data Source, and sets the JDBC user.

#===========================================================

 

cd(‘/’)

create(‘YOUR_DATABASE_NAME’, ‘JDBCSystemResource’)

cd(‘JDBCSystemResource/YOUR_DATABASE_NAME/JdbcResource/YOUR_DATABASE_NAME’)

create(‘YOUR_DATABASE_NAME’,’JDBCDriverParams’)

cd(‘JDBCDriverParams/NO_NAME_0’)

set(‘DriverName’,’ca.ingres.jdbc.IngresDriver’)

set(‘URL’,’jdbc:ingres://localhost:21071/YOUR_DATABASE_NAME’)

set(‘PasswordEncrypted’, ‘YOUR_DATABASE_PASSWORD’)

set(‘UseXADataSourceInterface’, ‘false’)

create(‘YOUR_DATABASE_NAME’,’Properties’)

cd(‘Properties/NO_NAME_0’)

create(‘YOUR_DATABASE_USER_NAME’, ‘Property’)

cd(‘Property/YOUR_DATABASE_USER_NAME’)

cmo.setValue(‘YOUR_DATABASE_PASSWORD’)

 

cd(‘/JDBCSystemResource/YOUR_DATABASE_NAME/JdbcResource/YOUR_DATABASE_NAME’)

create(‘YOUR_DATABASE_NAME’,’JDBCDataSourceParams’)

cd(‘JDBCDataSourceParams/NO_NAME_0’)

set(‘JNDIName’, java.lang.String(“jdbc/YOUR_DATABASE_NAME”))

 

cd(‘/JDBCSystemResource/YOUR_DATABASE_NAME/JdbcResource/YOUR_DATABASE_NAME’)

create(‘YOUR_DATABASE_NAME’,’JDBCConnectionPoolParams’)

cd(‘JDBCConnectionPoolParams/NO_NAME_0’)

set(‘TestTableName’,’SQL SELECT 1 FROM iitables’)

 

(In the above section, you have to change the following variables

1. YOUR_DATABASE_NAME = replace this with the name of your database.

2. YOUR_DATABASE_USER_NAME = replace this with the user name with which you access data base.

3. YOUR_DATABASE_PASSWORD = replace this with the password you want to set for login in WL console.

4) ca.ingres.jdbc.IngresDriver = replace this driver with the name of driver of database which you want to use.

5) jdbc:ingres://localhost:21071/YOUR_DATABASE_NAME  = replace this with the URL of your database.

The best way to get this URL and driver name is by first creating a dataresource manually from WL console and copy these fields from there. Left rest of the things as it is.)

 

#===========================================================

# Target resources to the servers.

#===========================================================

 

cd(‘/’)

assign(‘JDBCSystemResource’, ‘YOUR_DATABASE_NAME’, ‘Target’, ‘AdminServer’)

 

(In the above section, you have to change the following variables

1. YOUR_DATABASE_NAME = replace this with the name of your database. Left rest of the things as it is.)

 

#===========================================================

# Write the domain and close the domain template.

#===========================================================

 

setOption(‘OverwriteDomain’, ‘true’)

writeDomain(‘C:/bea/user_projects/domains/DOMAIN_NAME’)

closeTemplate()

 

(In the above section, you just have to give the path of domain where you want to create it. We are just assuming that your WL is installed at C:/ drive. Left rest of the things as it is.)

 

#===========================================================

# Exit WLST.

#===========================================================

 

exit()

 

 

If you have any further question or you need some more clarification on this script, you can write me back. Below are the links which help me in my course of action. You can refer to these links as they might prove handy in your requirement.

 

http://weblogicserver.blogspot.com/

http://e-docs.bea.com/wls/docs92/deployment/index.html

http://e-docs.bea.com/wls/docs92/config_scripting/using_WLST.html

 

Any suggestion or comment on this post is most welcome.

 

Regards,

–vikas

5 Comments

Filed under WebLogic