Saturday, September 25, 2010

Errors

ORA-01033:

####<Sep 25, 2010 10:29:13 AM EDT> <Info> <JDBC> <e08k302> <upd2unlock1> <main> <<WLS Kernel>> <> <BEA-001156> <Stack trace as
sociated with message 001129 follows:

java.sql.SQLException: ORA-01033: ORACLE initialization or shutdown in progress

        at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:125)
        at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:305)
        at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:272)
        at oracle.jdbc.driver.T4CTTIoauthenticate.receiveOsesskey(T4CTTIoauthenticate.java:239)
        at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:295)
weblogic.common.ResourceException: Could not create pool connection. The DBMS driver exception was: ORA-01033: ORACLE initialization or shutdown in progress at weblogic.jdbc.common.internal.ConnectionEnvFactory.createResource(ConnectionEnvFactory.java:153)
        at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1145)
        at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1079)
        at weblogic.common.resourcepool.ResourcePoolImpl.start(ResourcePoolImpl.java:171)
        at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1018)
        at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:142)

This error is because of database is down.

BEA-000337:
The threads have been waiting for the lock in the thread dump we can see that all the threads are in object.Wait()

ThreadDump Analysing

We will analyse the thread dump by taking different scenarios:

"ExecuteThread: '15' for queue: 'weblogic.kernel.Default'" daemon prio=5 tid=0x01c7fe88 nid=0x20 in Object.wait() [cbfff000..cbfffc28]
        at java.lang.Object.wait(Native Method)
        at java.lang.Object.wait(Object.java:429)
        at weblogic.kernel.ExecuteThread.waitForRequest(ExecuteThread.java:153)
        - locked <0xd9925f60> (a weblogic.kernel.ExecuteThread)
        at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:172)

Here when we seen that object is waited for some other resources, Lets discuss about this in programming when we use synchronized objects for some typical application like blank. This happens because of two or more threads tries to acquires lock on the object(some other thread may hold that)

Wednesday, September 15, 2010

Configuring SSL on Weblogic

set path to
C:\j2sdk1.4.2_04\bin; for java
C:\j2sdk1.4.2_04\jre\bin; for keytool
C:\Program Files\GnuWin32\bin for openssl

Weblogic server uses SSL on its defaulf port of 7002.
Using ssl is comprehensive overhead for the server, not feasible to use in dev envs.However always use in prod enviornments.
To Setup SSL:
1) For an ssl creation we need two things one is identity(private keys and Digital Certificates) other is trust(trusted root CA ceritificates). By default weblogic server kit ie certgen and java keytool will provide identity and trust stores, we can get those by thrid party vendors like verisign, thawte.
2) Store the private key and trusted CA certificates in to keystore.
3) Configure the identiry and trust in the admin console with the password of the keystore.
We can get privatekeys digitalcertificates and Trustedroot using:
   To use SSL the server needs privatekey, digitalcertificate containing matching publickey and one trusted certificate. By default all these are avialble in /wl_home/server/lib.
   We can create those by using javakeytool which is used to generate privatekey, self-signed digitalcertificate, CSR, if you need a third party certificate we can produce a CSR and sent to CA they will provide the certificate.
   We can also get by using certgen which is used for demonstrative purpose. The demonstration digital certificate provided by the weblogic server uses the hostname as default machine hostname.
Using CertgenUtility:
   The certgen utility which is used to generate privatekey and digital certificate which is used for demo purpose. CertGenCA.der and CertGenCAkey.der are the default key and certificate used by certgen.
   In order to use certgen we need to set the classpath to \weblogic_homm\server\lib then execute the commands for different purpose
1) To generate the certificate we need to execute the following command.
$ java utils.CertGen

[-cacert <ca_cert_file-name>] [-cakey <ca_key_filename>]
[-cakeypass <ca_key_password>] [-selfsigned]
[-certfile <certfile>] [-keyfile <privatekeyfile>]
[-keyfilepass <keyfilepassword>] [-strength <keystrength>]
[-cn <commonname>] [-ou <orgunit>] [-o <organization>]
[-l <locality>] [-s <state>] [-c <countrycode>]
[-subjectkeyid <subjectkeyidentifier>]
[-subjectkeyidformat UTF-8|BASE64]

If you mention selfsigned no need to mention cacert cakey as those are used when you taken from CA.

2)Use ImportPrivateKey utility to load the digitalcertificate and privatekey into keystore.

        We already discussed that the certgen default takes the hostname as common name it uses the jdk1.3  InetAddress.getLocalHost().getHostname() takes the hostname and placed in the place of commonname by default.

         When we entered hostname in command prompt it takes tha FullyQualifiedDomainName from /etc/hosts, when you enter java.net.InetAddress.getHostname() it searches the hostname for /etc/nsswitch.conf

http://download.oracle.com/docs/cd/E13222_01/wls/docs81/secmanage/ssl.html

Install SSL Certificate BEA WebLogic Server 8 & 9

Download and copy your certificate files to your server

Download your SSL certificate and support files by clicking on the download link in your fulfillment email or from your GeoCerts SSL Manager account. Download the PKCS#7 formatted version of your certificate.

Use the following command to install the PKCS#7 certificate into your keystore. You MUST use the same keystore used for your private key and CSR.
keytool -import -trustcacerts -alias tomcat -file your_site_name.p7b -keystore mykeystore.jksYou MUST you the same alias used when the keystore was created, in this case the alias used was tomcat
Enter your keystore password
You should get the follow response:
... is not trusted. Install reply anyway? [no]: yes
Enter 'yes' and hit Enter.
You should get the following response:
Certificate reply was installed in keystore

The SSL Certificate and intermeidate cert are now installed into your keystore.

Configure the Identity and Trust keystores

Expand the Servers node and select the name of the server for which you want to configure keystores.
Select the button 'Keystores and SSL tab' to configure the keystore for the domain.
By default, WebLogic ships with demo certificates for testing purposes. Click the 'Change' link in the upper-right portion of the configuration items. This will display the drop-down list of options for configuration.
Choose 'Custom Identity and Java Standard Trust' from the list.
Specify the identity keystore information:
[Custom identity]
- Custom Identity key store file Name: c:\full\path\to\mykeystore.jks (The fully-qualified-path to your keystore)
- Custom Identity key Store Type: jks (Generally, this attribute is jks)
- Custom Identity key Store Pass Phrase: keystore password (The password defined when creating the keystore. If you don't know the password you have to start over.)
- Confirm Customer Identity key Store Pass Phrase: Keystore_password (same as above)
[Java Standard Trust]
- Java standard Trust Key Store Pass Phrase: changeit (unless your system admin changed it the password for the cacerts keystore is "changeit")
- Confirm Java Standard Trust Key Store Pass Phrase: changeit
- Click Continue
- [Review SSL Private Key Settings]
- Private key Alias: keyEntry_friendly_name (If you followed our instructions to generate the private key the alias will be 'tomcat'. The alias is the friendly name for your keyEntry (private key), if you do not remember it please run the following command on your keystore to confirm the alias: keytool -list -keystore [keystore_friendly_name] -v)
- Passphrase: keyEntry_password (specify the keyEntry (private key) password. The password for the private key may differ from the one for the keystore)
- Confirm Passphrase
Click Continue
Click Finish
Reboot WebLogic Server.

SSL

Errors:

C:\Documents and Settings\kanthi\Desktop\trail\testing>c:\bea9.23\jdk150_12\bin\
keytool.exe -import -alias privkey -keystore abc.jks -storepass storepass -trust
cacerts -file root.crt
Enter key password for <privkey>keypass
keytool error: java.lang.Exception: Public keys in reply and keystore don't matc
h

Because you cannot install seperately all the certificates in to the jks( first time creating with private key) ie.. we cannnot import the certificates(root.serverm, intermediate) we need to put all these certs in to a file (server fisrt ,inter root) then import to jks.

set path to

C:\j2sdk1.4.2_04\bin; for java

C:\j2sdk1.4.2_04\jre\bin; for keytool

C:\Program Files\GnuWin32\bin for openssl

Root- it validates the entire chain. As this is a trial cert, its our trial root. Without the root, the domain certificate wont be trusted.

Intermediate-is the subordinate of the root, its required as well. The intermediate signs the domain cert

Root > Intermediate > SSL cert

that is the certificate path

Domain\server\public certificate:the cert issued to your domain

when u use customidentity and java trust we can use jdk based jks ie default we can find at :\bea9.23\JDK150~1\jre\lib\security\cacerts is the jks and the password for this is changeit.

If you want to use custom identity and custom trust they use your own jks
We have different types of certificates
A server certificate is nothing but the domain certificate ie ur url.
-Root Ceritificate, Intermediate Certificate, Chained Certificate:
   The ceritificate authority issues certificate in the form of tree structure. A root certificate is the topmost of the tree.All the certificates below root are inherit the trust worthy of the root certificate. By default all the webbrowser will contains all the root certificates. Any certificate in between your certificate and root certificate is termed as intermediate or chain certificate.These intermediate certificate should be there in your webbrowser in order to link your certificate to a trusted authority.Most of the CA uses these intermediate certificate for security purpose and most of web server, browsers support them.
-CSR
   The certificate signing request is a piece of text that is generated in the web server. The CA uses the info contained in the CSR and with some additional information(organization name, common name nothing but domain name....) to create a certificate. It also contains public key that will be included in your certificate and the private key that is generated at the time of creating CSR. We no need to send our private key to certificate authority. The certificate that was created using the CSR will only work with the private key that was genereated with the CSR. If you lost the private key the certificate is invalid.
A CSR contains:
Comman Name: The domain name of your server, this should be exactly same as what we typed in the browser or you will recieve name mismatch.
ex: www.xxxx.com
Organization: The name of the organization
ex: xxxx Inc.
Organization Unit: The division of the organization
ex: IT
City/Locality: The name of the city
ex: Bangalore
State/Country/Region: The state the company is located
ex: Karnataka
Country: Country name
ex: IN
Email Address: An email address to contact you
ex: kanthi@xxx.com
Public Key: The public key that will go in to the certificate
ex: It will automatically.

The format of CSR is in Base64 encoded format which includes --Begin Certificate Signing Request-- --End Certificate Sigining Request--
A key size of 512 is weak, if the private key is broken all the information will exposed who has the private key. We can user 1024 which is stronger and 2048 is pretty stronger.

The PrivateKey:
The private key is that much importantm, without this your certificate is useless. It is impossible to recover if your private key was lost, even the CA cant recover it as they dint know the private key. If you lost the certificate we need to create new private key and reissue the certificate.
The PublicKeys
The public key is the key used to encrypt the data and the private key is used to decrypt the data. The public key is sent to browser along with the digital certificate, the public key encrypt the data and sent to server the server decrypt the data using the private key that was stored in confidential area.
The publlic key is embeded in the digital ceritificate along with the owner name, street and email address.
A private key and digital certificate shows the identity of the server
The digital certificate is verified by the certificate autority and they will signed the certificate. So that the trusted CA certificate establishes the trusrt for a certificate.All the webservers, browsers support this digital cetificates signed by the ceritficate authority.

Comman Certificate Errors:
1) Certificate is untrusted:
   There are several reasons for this error.
   - The certificate is not signed by the CA authority.
   - The link between your certifiacate and the root may be broken.
We can view the certificate chain in the web browser by cliking on the lock command.
2) certificate error navigation blocked:
   These are prompted and displays There is a problem with website's security: continue to this website(not recommended)
   - The reason for this error is the common name(domain name) in the certificate does not mathches with the address in the browser for example if you click directly xxxx.com if the domain name in the server may be www.xxxx.com then it may throw this namemismatcherror
3) Secure and nonSecure items:
   This is because of the connection we are using is https but the data in the page ie images, javascripts may be developed using http. for example <img src="https://www.xxxx.com/image.gif" alt="" />, By chnging all the file which has written with http to htts <img src="https://www.xxxx.com/image.gif" alt="" /> we can erradicate these type of errors for all the images, javascript and frames.

How the SSL works:
- When we hit the url using https, the browser sends the requst to server
- In response the webserver sends its public key and certificate to the browser.
- The browser already consists of the trusted certificates validates the cetificate sent by server ie it check whether it was trustworthy, its comman name matches to the website that it requested to and it is expired?
- The browser encrypt the page with the help of public key and sent to the server .
- The server Decrypt the data with the help of private key, created at the time of CSR.
- The server send the page encrypted with the publcikey.
- The browser decrypts the page using the public key and displays the information.

Netstat Commands

Syntax

netstat [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-v] [interval]

-a Displays all connections and listening ports

-b Displays the executable involved in creating each connection or listening port. (Added in XP SP2.)

-e Displays Ethernet statistics

-n Displays addresses and port numbers in numerical form

-o Displays the owning process ID associated with each connection

-p proto Shows connections for the protocol specified by proto; proto may be any of: TCP, UDP, TCPv6, or UDPv6.

-r Displays the routing table

-s Displays per-protocol statistics

-v When used in conjunction with -b, will display sequence of components involved in creating the connection or listening port for all executables

[interval] An integer used to display results multiple times with specified number of seconds between displays. Continues until stopped by command ctrl+c. Default setting is to display once,

Applications of Netstat

Netstat is one of a number of command-line tools available to check the functioning of a network. It provides a way to check if various aspects of TCP/IP are working and what connections are present. In Windows XP SP2, a new switch "-B" was added that allows the actual executable file that has opened a connection to be displayed. This newer capability provides a chance to catch malware that may be phoning home or using your computer in unwanted ways on the Internet. There are various ways that a system administrator might use the assortment of switches but I will give two examples that might be useful to home PC users

Checking TCP/IP connections

TCP and UDP connections and their IP and port addresses can be seen by entering a command combining two switches: netstat –an

Description of various connection states

CLOSED Indicates that the server has received an ACK signal from the client and the connection is closed

CLOSE_WAIT Indicates that the server has received the first FIN signal from the client and the connection is in the process of being closed

ESTABLISHED Indicates that the server received the SYN signal from the client and the session is established

FIN_WAIT_1 Indicates that the connection is still active but not currently being used

FIN_WAIT_2 Indicates that the client just received acknowledgment of the first FIN signal from the server

LAST_ACK Indicates that the server is in the process of sending its own FIN signal

LISTENING Indicates that the server is ready to accept a connection

SYN_RECEIVED Indicates that the server just received a SYN signal from the client

SYN_SEND Indicates that this particular connection is open and active

TIME_WAIT Indicates that the client recognizes the connection as still active but not currently being used

Checking for malware by looking at which programs initiate connections

To find out which programs are making connections with the outside world, we can use the command netstat -b Actually, it is better to check over a period of time and we can add a number that sets the command to run at fixed intervals. Also, it is best to create a written record of the connections that are made over some period of time. The command can then be written netstat -b 5 >> C:\connections.txt Note that as written, this command will run with five-second intervals until stopped by entering "Ctrl+c", which is a general command to exit. (Some reports say that this can be fairly CPU intensive so it may cause a slower, single-core machine to run sluggishly. It was not noticeable on my dual-core machine.) A simple example of the type of output is shown in Figure 2. Note that the Process ID (PID) is given. This command can be combined with other tools such as Task Manager to analyze what executable files and processes are active and are trying to make Internet connections.

Batch program to check connections and terminate automatically

The previous example of using "netstat -b" to check connections at intervals has the disadvantage that it requires manual termination. It is also possible to use a batch file that runs a specified number of times with a given time interval and then terminates automatically. In Windows XP we can make use of a command from the Windows 2003 Server Tools called "Sleep". A possible batch file is: @echo off
for /L %%X in (1,1,100) do (netstat -b >> C:\connections.txt)&(sleep 5) This particular example does 100 iterations of the netstat command at 5 second intervals.

Weblogic Introduction

WebLogic Server

“WebLogic is a server software application that runs on middle tier, between backend databases, related applications and browser based thin clients. “

Paul Ambrose, Bob Pasker, Laurie Pitman, and Carl Resnikoff founded WebLogic, Inc. in September 1995. The founders worked together to pursue what eventually became the "Application Server".

BEA Systems acquired WebLogic, Inc. in 1998.

Oracle Corporation acquired BEA Systems in 2008.

Following the success of the Java platform, the term application server sometimes refers to a J2EE or Java EE 5 application server. Some of the better-known Java Enterprise Edition application servers include:

§ WebSphere Application Server and WebSphere Application Server Community Edition (IBM)

§ Sybase Enterprise Application Server (Sybase Inc)

§ Oracle WebLogic Server (Oracle)

§ ATG Dynamo (ATG)

§ JBoss (Red Hat)

§ JRun (Adobe Systems)

§ Apache Geronimo (Apache Software Foundation)

§ Oracle OC4J (Oracle)

§ Sun GlassFish Enterprise Server (based on GlassFish Application Server) (Sun Microsystems)

§ SAP Netweaver AS (ABAP/Java) (SAP)

§ Glassfish Application Server (open source)

§ WebObjects (Apple Inc.)

§ Pramati Application Server (Pramati Technologies)

Application Architecture:

WebLogic Features:

WebLogic Server provides essential features for developing and deploying mission-critical e-commerce applications across distributed, heterogeneous computing environments. These features include the following:

Standards leadership—Comprehensive enterprise Java supports to ease the implementation and deployment of application components. WebLogic Server is the first independently developed Java application server to achieve J2EE certification. In addition, BEA actively participates in the development of J2EE and Web Services standards that drive innovation and advancement in Java and XML technology.
Rich client options—WebLogic Server supports Web browsers and other clients that use HTTP; Java clients that use RMI (Remote Method Invocation) or IIOP (Internet Inter-ORB Protocol); SOAP clients on any SOAP-enabled plaftorm; and mobile devices that use (WAP) Wireless Access Protocol. Connectors from BEA and other companies enable virtually any client or legacy application to work with a WebLogic Server application.
Flexible Web services—WebLogic Server provides a solid platform for deploying Web services as components of a heterogeneous distributed application. Web services use a cross-platform, cross-language data model (XML) to provide interoperability among application components on diverse hardware and software platforms. Web services support user-defined data types and one-way asynchronous operations. A Web service can intercept SOAP messages for further processing. New Ant tasks automatically generate important components and package the service into a deployable EAR file.

WebLogic Server uses Web Services Description Language (WSDL) 1.1, an XML-based specification, to describe Web services. WebLogic Web services support Simple Object Access Protocol (SOAP) 1.1 and 1.2 as the message format and HTTP as a connection protocol.

Note: WebLogic Web services accept both SOAP 1.1 and 1.2 incoming requests, but produce only SOAP 1.1 outgoing responses.

Enterprise e-business scalability—Efficient use and high availability of critical resources are achieved through Enterprise JavaBean business components and mechanisms such as WebLogic Server clustering for dynamic Web pages, backend resource pooling, and connection sharing.
Robust administration—WebLogic Server offers a Web-based Administration Console for configuring and monitoring WebLogic Server services. A command-line interface for configuration makes it convenient to administer WebLogic Servers with scripts.
E-commerce-ready security—WebLogic Server provides Secure Sockets Layer (SSL) support for encrypting data transmitted across WebLogic Server, clients, and other servers. User authentication and authorization for all WebLogic Server services are provided through roles and security providers. External security stores, such as Lightweight Directory Access Protocol (LDAP) servers, can still be adapted to WebLogic realms, enabling single sign-on for the enterprise. The Security Service Provider Interface makes it possible to extend WebLogic Security services and to implement WebLogic Security features in applications.
Maximum development and deployment flexibility—WebLogic Server provides tight integration with and support for leading databases, development tools, and other environments.
Bi-directional functional interoperability between Java/J2EE objects and Microsoft ActiveX components—BEA WebLogic jCOM provides a run-time component that implements both Component Object Model (COM)/Distributed Component Object Model (DCOM) and Remote Method Invocation (RMI) distributed components infrastructures. This makes the objects look like native objects for each environment.
Java Message Service (JMS)—An enterprise messaging system, also referred to as message-oriented middleware (MOM), enables applications to communicate with one another through the exchange of messages. A message is a request, report, and/or event that contains information needed to coordinate communication between different applications. A message provides a level of abstraction, allowing you to separate the details about the destination system from the application code.

The Java Message Service (JMS) is a standard API for accessing enterprise messaging systems. Specifically, JMS enables Java applications sharing a messaging system to exchange messages, and it simplifies application development by providing a standard interface for creating, sending, and receiving messages.

WebLogic Versions

§ WebLogic Server 11g (10.3.1) JDK 160_11

§ WebLogic Server 10.3 JDK 160_05

§ WebLogic Server 10.0 JDK 150_11

§ WebLogic Server 9.2 JDK 150_12

§ WebLogic Server 9.1 JDK 150_13

§ WebLogic Server 9.0 JDK

§ WebLogic Server 8.1 JDK !42_11

§ WebLogic Server 7.0 JDK 131_06

§ WebLogic Server 6.1 JDK 131_01

§ WebLogic Server 6.0 JDK

§ WebLogic Server 5.1 JDK 1.3.1_09

Hardware Requirements:

A Windows computer must have the following minimum configuration.

· A Pentium-class processor running at 400 MHz or faster

· Random Access Memory (RAM)

· 1GB recommended

· 512MB minimum

· 5G available hard drive space

· SVGA monitor

· CD-ROM drive (for installation)

· TCP/IP network interface

· Local area network (LAN) card and persistent Internet connection is required.

Protocol Support:

Client applications connect with WebLogic Server using standard networking protocols over TCP/IP. WebLogic Server listens for connection requests at a network address that can be specified as part of a Uniform Resource Identifier (URI).

Scheme	Protocol
HTTP	HyperText Transfer Protocol. Used by Web browsers and HTTP-capable programs.
HTTPS	Hypertext Transfer Protocol over Secure Sockets Layer (SSL). Used by Web browsers and HTTPS-capable client programs.
T3	WebLogic T3 protocol for Java-to-Java connections, which multiplexes JNDI, RMI, EJB, JDBC, and other WebLogic services over a network connection.
T3S	WebLogic T3 protocol over Secure Sockets Layer (SSL).
RMI	Remote Method Invocation (RMI), the standard Java facility for distributed applications.
IIOP	Internet Inter-ORB protocol, used by CORBA-enabled Java clients to execute WebLogic RMI objects over IIOP. Other CORBA clients connect to WebLogic Server with a CORBA naming context instead of a URI for WebLogic Server.
IIOPS	Internet Inter-ORB protocol over Secure Sockets Layer (SSL).
SOAP	WebLogic Web services use Simple Object Access Protocol (SOAP) 1.1 as the message format and HTTP as a connection protocol.

Installation Methods

The BEA installation program supports the following methods for installing the BEA WebLogic Platform software:

§ Graphical mode

Graphical-mode installation is an interactive, GUI-based method for installing WebLogic Platform. It can be run on both Windows and UNIX systems. For installation procedures, see Installing WebLogic Platform Using Graphical-Mode Installation.

Note: If you want to run graphical-mode installation, the console attached to the machine on which you are installing the software must support a Java-based GUI. All consoles for Windows systems support Java-based GUIs, but not all consoles for UNIX systems do. If you attempt to start the installation program in graphical mode on a system that cannot support a graphical display, the installation program automatically starts console-mode installation.

§ Console mode

Console-mode installation is an interactive, text-based method for installing WebLogic Platform, from the command line, on either a UNIX system or a Windows system. For instructions for using this method, see Installing WebLogic Platform Using Console-Mode Installation.

§ Silent mode

Silent-mode installation is a noninteractive method of installing WebLogic Platform that requires the use of an XML properties file for selecting installation options. You can run silent-mode installation in either of two ways: as part of a script or from the command line. Silent-mode installation is a way of setting installation configurations only once and then using those configurations to duplicate the installation on many machines. For instructions, see Installing WebLogic Platform Using Silent-Mode Installation.

C:\ server923_win32.cmd –mode=silent –silent_xml=path_to_silent.xml –log=C:\temp\install.log

Sample XML Template

<?xml version="1.0" encoding="UTF-8"?>

<domain-template-descriptor>

<input-fields>

<data-value name="BEAHOME" value="C:\bea923" />

<data-value name="USER_INSTALL_DIR" value="C:\bea923\weblogic92" />

<data-value name="INSTALL_NODE_MANAGER_SERVICE" value="no" />

<data-value name="COMPONENT_PATHS" value="WebLogic Server|WebLogic Workshop|WebLogic Integration|WebLogic Portal" />

</input-fields>

</domain-template-descriptor>

Difference between Application Server and Web Server:

· Web Server serves pages for viewing in web browser, static HTML pages or gifs, jpegs, etc., and can also run code written in CGI, JSP etc. A Web server handles the HTTP and HTTPS protocol.

Ex: IBM web server, Apache web server, IIS web server, Sun one web server, etc.

· An Application Server is used to run business logic or dynamically generated presentation code. It can either .NET based or J2EE based.

Ex: BEA WebLogic Server, IBM WebSphere, JBoss, etc.

· The basic difference between a web server and an application server is
Webserver can execute only web applications i.e. servlets and JSPs and has only a single container known as Web container which is used to interpret/execute web applications.

· Application server can execute Enterprise application, i.e. (servlets, jsps, and EJBs) it is having two containers 1. Web Container(for interpreting/executing servlets and jsps) 2. EJB container (for executing Ejbs). It can perform operations like load balancing, transaction demarcation etc

· Webserver delegation model is fairly simple, when the request comes into the webserver; it simply passes the request to the program best able to handle it (Server side program). It may not support transactions and database connection pooling.

· Application server is more capable of dynamic behaviour than webserver. We can also configure application server to work as a webserver.Simply application server is a superset of webserver.

Administration Tools

· Configuration Wizard

GUI/scriptable tool to create and extend WebLogic domains Template based.

· Administration Console

Browser-based tool for configuring and monitoring domains, deploying applications, and controlling servers.

· WebLogic Scripting Tool (WLST)

Script or command line tool to do the same thing as the Administration Console and Configuration Wizard.

Note: that we will cover details on WLST in a separate document.

· weblogic.Admin

Deprecated command line tool for configuring a domain.

Recommend using WLST instead.

· weblogic.Deployer

Command line tool for deploying applications.

WebLogic Domains:

A domain is the basic administration unit for WebLogic Server instances. It consists of one or more WebLogic Server instances and their associated resources.
• Multiple domains can be created based on different system administrator’s responsibilities, application boundaries, or geographical locations of servers.
• A single domain can be used to centralize all WebLogic Server administration activities.

Each domain’s configuration is stored in a separate configuration file called config.xml, which is stored on the Administration Server along with other files such as logs. When the Administration Server is used to perform a configuration task, the changes apply only to the domain managed by that Administration Server.
The management of a domain is specific to the Administration Server for that domain. Accordingly, this means that server instances, applications, and resources in one domain should be treated as being independent of servers, applications, and resources in a different domain.

Contents of a Domain:

A domain can include multiple WebLogic Server clusters and non-clustered WebLogic Server instances. The scope and purpose of a domain can vary significantly. A minimal domain can contain only one WebLogic Server instance, which functions both as an Administration Server, and as a Managed server. Production Environment: 4 standalone Managed Servers, and a cluster of 4 Managed Servers. WLS Domain may contain Resources like Machine, Node Manager, etc. And services like JMS, JDBC,etc.

Administration Server

The Administration Server operates as the central control entity for the configuration of the entire domain. It maintains the domain's configuration documents and distributes changes in the configuration documents to Managed Servers. You can also use the Administration Server as a central location from which to monitor all resources in a domain.

Managed Server

Managed Servers host business applications, application components, Web services, and their associated resources. To optimize performance, Managed Servers maintain a read-only copy of the domain's configuration document. When a Managed Server starts up, it connects to the domain's Administration Server to synchronize its configuration document with the document that the Administration Server maintains.