It's all about Weblogic..!!

September 29, 2010

Configure Iplanet / NSAPI / SunOne webServer with weblogic

Filed under: * Plugins — streethawkz @ 3:12 pm

Steps to configure SunOne WebServer with Weblogic server :

Here lets take an example of SunOne webserver 6.1 and WLS 9.2.3

First we need to copy the plugin file from the plugin folder of the Weblogic installation ( Eg : ” C:\bea\weblogic92\server\plugin\win\32 ” ) to lib folder of SunOne server ( Eg : ” C:\Sun\WebServer6.1\plugins\lib ” )



Create a managed server in SunOne webserver. Below are the screenshots to explain it better.

So in our example we are using the managed server i.e beatest to configure with weblogic

So lets hit the SunOne WebServer console and start the managed server, as shown in the fig below :

Once the managed server is running we can be sure that it is successfully created.

Stop the servers and make the following changes in the magnus.conf and obj.conf ( located in ” C:\Sun\WebServer6.1\https-beatest\config ” ) :

Obj.conf :

Add the following lines to the end of the obj.conf file which is already present in C:\Sun\WebServer6.1\https-beatest\config

Service fn=”wl_proxy” WebLogicHost=10.10.71.63 WebLogicPort=7001 WLLogFile=”C:/proxy1.log” Debug=ALL DebugConfigInfo=ON

Sample obj.conf :
# BEGIN

# Use only forward slashes in pathnames–backslashes can cause
# problems. See the documentation for more information.

AuthTrans fn=”match-browser” browser=”*MSIE*” ssl-unclean-shutdown=”true”
NameTrans fn=”ntrans-j2ee” name=”j2ee”
NameTrans fn=pfx2dir from=/mc-icons dir=”C:/Sun/WebServer6.1/ns-icons” name=”es-internal”
NameTrans fn=document-root root=”$docroot”
PathCheck fn=nt-uri-clean
PathCheck fn=”check-acl” acl=”default”
PathCheck fn=find-pathinfo
PathCheck fn=find-index index-names=”index.html,home.html,index.jsp”
ObjectType fn=type-by-extension
ObjectType fn=force-type type=text/plain
Service method=(GET|HEAD) type=magnus-internal/imagemap fn=imagemap
Service method=(GET|HEAD) type=magnus-internal/directory fn=index-common
Service method=(GET|HEAD|POST) type=*~magnus-internal/* fn=send-file
Service method=TRACE fn=service-trace
Error fn=”error-j2ee”
AddLog fn=flex-log name=”access”

ObjectType fn=force-type type=text/html
Service fn=”service-j2ee” method=”*”

ObjectType fn=force-type type=magnus-internal/cgi
Service fn=send-cgi

PathCheck fn=”check-acl” acl=”es-internal”

PathCheck fn=”find-compressed”

Output fn=”insert-filter” filter=”http-compression”

Service fn=”wl_proxy” WebLogicHost=10.10.71.63 WebLogicPort=7001 WLLogFile=”C:/proxy1.log” Debug=ALL DebugConfigInfo=ON

#END

magnus.conf :
Add the following lines at the end of magnus.conf file :
Init fn=”load-modules” funcs=”wl_proxy,wl_init” shlib=”C:/Sun/WebServer6.1/plugins/lib/proxy61.dll”
Init fn=”wl_init”
Sample magnus.conf file :
#START
#
# The NetsiteRoot, ServerName, and ServerID directives are DEPRECATED.
# They will not be supported in future releases of the Web Server.
NetsiteRoot C:/Sun/WebServer6.1
ServerName beatest
ServerID https-beatest
#
RqThrottle 128
DNS off
Security off
ExtraPath C:/Sun/WebServer6.1/bin/https/bin
Init fn=flex-init access=”$accesslog” format.access=”%Ses->client.ip% – %Req->vars.auth-user% [%SYSDATE%] \”%Req->reqpb.clf-request%\” %Req->srvhdrs.clf-status% %Req->srvhdrs.content-length%”
Init fn=”load-modules” shlib=”C:/Sun/WebServer6.1/bin/https/bin/j2eeplugin.dll” shlib_flags=”(global|now)”
Init fn=”load-modules” funcs=”wl_proxy,wl_init” shlib=”C:/Sun/WebServer6.1/plugins/lib/proxy61.dll”
Init fn=”wl_init”
#END

Now start the SunOne server.
Start the Weblogic Server.
Hit the URL : http://10.10.71.63:7001/console — > you should be able to access the Weblogic console.
Now try the URL : http://beatest/console — > this is the proxy URL –> You should be able to see the Weblogic Console.
Note :
In case the page is not displayed through the proxy URL check if the log file is created in “C:/proxy1.log”. If this file is not created or doesnot have the logs then there is something wrong in the configuration done on the obj.conf and magnus.conf.
Since we have set ” DebugConfigInfo=ON ” in the obj.conf file we can also check the bridge config file by accessing the following link : ” http://beatest/?__WebLogicBridgeConfig/ ” to troubleshoot the issue
You can also check the access and error logs of the plugin to check if any of the modules are not getting loaded ( Eg : ” C:\Sun\WebServer6.1\https-beatest\logs ” )
————
Below are the steps to configure SSL between proxy and Weblogic Server :

As we all know two way SSL is not possible between the proxy and weblogic Server, until WLS 10.3.3🙂 ( Yes two way SSL is possible in the latest version of Weblogic i.e 10.3.3 , but I believe SunOne is no more supported😦 )
Configure SSL on the Weblogic Server, Click the link below to know more about the same :
Link : https://wls4mscratch.wordpress.com/2010/06/08/steps-to-configure-custom-identity-custom-trust-on-wls/
Now we need to make changes on the Plugin end.
.
Add the following lines in the obj.conf file :

Service fn=”wl_proxy” WebLogicHost=10.10.71.63 WebLogicPort=7002 WLLogFile=”C:/proxy1.log” Debug=ALL DebugConfigInfo=ON SecureProxy=ON TrustedCAFile=”C:/bea/user_projects/domains/sun_one_ssl/cert.pem” RequireSSLHostMatch=false

Additional parameters that we have added are :
SecureProxy=ON
TrustedCAFile=”C:/bea/user_projects/domains/sun_one_ssl/cert.pem”
RequireSSLHostMatch=false
Disable the non SSL port on the Weblogic server so that we can be sure that the SSL is setup properly between the plugin and Weblogic.
Note user will still access the plugin URL with http ( as we have just configured the SSL for communication between plugin and weblogic )
Hit the URL : http://beatest/console/ and you should be able to see the console🙂
Note :
In the above configuration I have created and configured ” Custom Identity and Custom Trust ” on the Weblogic Server.
Plugin requires a certificate in pem format, so use the following commands :
– keytool -export -alias cooldragon – file cert.der -keystore identity.jks
Use the following command to convert the der file to pem file :
– java utils.der2pem cert.der –> pem file will be created in the same directory
There is one unexpected behavior seen :
When you dont have the SSL enabled you can access the page using either of these URL :
http://beatest/console OR http://beatest/console/
But when Secure proxy is enabled URL http://beatest/console ( i.e without a ‘/ ‘ at the end of URL ) will throw an error.
Yaaa I know this is an unexpected behavior. Oracle knows is as well they have a patch for it :
BUG 8486828 – ” HTTPREQUEST.GETREQUESTURL RETURN A URL WITH HTTPS INSTEAD OF HTTP ”
————–

1 Comment »

  1. can you please specify how to do the same with weblogic 11g

    Comment by anju — April 9, 2011 @ 1:55 pm


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: