Best Practices for Configuring and Extending Fusion Applications Cloud

Introduction Oracle’s Fusion SaaS applications cloud is built on a single data model that connects end-to-end business processes across Human Capital Management (HCM), Enterprise Resource Planning (ERP), Customer Experience (CX) and Supply Chain Management (SCM) functionalities. While Oracle is providing a common extension and configuration framework across all Fusion SaaS applications, every pillar has also […]

Discover Utility : A Tool to Collect Comprehensive Configuration Details of a Fusion Applications Instance

Introduction Oracle Fusion Applications is a large collection of artifacts at various levels – from Application Modules,URLs and Web services at the top levels to storage, hostnames and IPs at the lower layers with numerous connection and configuration settings and tunable parameters within and across the various products in different layers.  Often administrators need values […]

Oracle GoldenGate: Parameter Substitution

Introduction Oracle GoldenGate (OGG) provides a mechanism for assigning values to parameters at run time. In this article we shall discuss this feature and show you how to reference operating system variables from within an OGG parameter file. Main Article Typically when we create OGG Groups we edit a parameter file and define configuration options. […]

OIM Clustering: Keeping separate environments separate

Oracle Identity Manager 11g incorporates several clustering technologies in order to ensure high-availability across its different components. Several of these technologies use multicast to discover other cluster nodes on the same subnet. For testing and development purposes, it is common to have multiple distinct OIM environments co-existing on the same subnet. In that scenario, it […]

Getting Started with WebCenter Portal – Content Contribution Project – Part 2

Introduction This continues for part 1 and dives into the runtime environment setup of WebCenter portal project. All content listed on this page is the property of Oracle Corp. Redistribution not allowed without written permission

Getting Started with WebCenter Portal – Content Contribution Project – Part 1

Introduction A very common use-case for WebCenter applications is to use them for Content Contribution projects. WebCenter Portal and WebCenter Content are designed to work seamlessly with each other. Once set up correctly a content contribution user can make all content changes from within the Portal application, without going into content administration application. The following […]

Oracle GoldenGate Veridata – How To Configure Using Secured Shell (SSH) Tunneling Protocol

Introduction This document will walk you through how to configure Oracle GoldenGate Veridata with Secured Shell (SSH) tunneling protocol in a Linux environment. Main Article The example configuration in this document was done using 3 separate servers. A Veridata server (veridata-ole), a second server acting as a database source server (db-source-ole) running Veridata agent locally, […]

Database Permissions Required For OGG Users in a Database Vault Environment

Introduction In a Database Vault Environment, the Oracle GoldenGate Extract and Replicat users will require additional permissions in order to access Redo Log Information, System views and Table Data. Main Article Both Extract and Replicat will require access to the table data.  Extract may need to fetch certain data and Replicat will need to apply […]

Oracle GoldenGate Best Practices: NFS Mount options for use with Oracle GoldenGate

Introduction The purpose of this document is to outline the file system mount options to use when configuring GoldenGate to run with NFS mounted file system. Main Article Unless IO buffering is OFF, NFS mounts should not be used when running any Oracle GoldenGate processes.  The danger occurs when one process registers the end of a trail file or transaction log […]

Oracle GoldenGate Best Practices: Configuring Downstream Integrated Extract

Introduction Oracle GoldenGate provides data capture from transaction logs and delivery for heterogeneous databases and messaging systems. Oracle GoldenGate (OGG) provides a flexible, de-coupled architecture that can be used to implement virtually all replication scenarios. Main Article In version 11.2.1, OGG released a feature that enables downstream capture of data from a single source or […]

Which managed server needs Java Object Cache and how to verify JOC is running

 

My college Yannick already wrote very good article about how to configure Java Object Cache in clustered environment you can find HERE.

There are two things on top of that, I would like to share regarding the Java Object Cache: which managed server needs JOC and the second one is how to verify if JOC is running.

The documentation section here, says that the JOC should be configured on all servers running Oracle Web Service Manager OWSM and Oracle WebCenter Portal’s Spaces application. The tricky part here is where the OWSM runs. The application you have to look after in your WebLogic Administration Console is the “wsm-pm”

iwsp-pm application

If you click on the application and then go to the target tab…

wsp-pm target servers

 

…you will see there all managed servers targeting this application. Those are the servers for which you have to configure JOC. By default the wsp-pm does not runs on all those servers but only on the utilities, spaces and custom portal. If you want to secure web services from other custom application or existing web services like for example from UCM, you have to target this application to the according managed server which runs the application. After that you would need to extend your JOC configuration to cover this server as well.

Next important step is how to validate that the JOC runs?

First option will be to have a look inside the diagnostic log file from your managed server (<managed_server_name-diagnostig.log>) and search inside for JOC. After you configure JOC you have to restart the managed servers and you should see something like that:

[2013-03-14T14:17:57.685+01:00] [WC_CustomPortal] [NOTIFICATION] [] [oracle.as.cache.Lifecycle] [tid: [STANDBY].ExecuteThread: ‘2’ for queue: ‘weblogic.kernel.Default (self-tuning)’] [ecid: 0000Jpd36SXFw000jzwkno1HGSrd000002,0] [APP: wsm-pm] JOC is initialized from oracle.mds.internal.cache.JOCCacheProvider.createNamedCacheInternal, ver=11.1.1.2.0, distribute=true, vid=1, coordinator=0, discover list=[[localhost:9991] segID=1, SSL]

This message appears only if the wsm-pm application targets the managed server into which log file you look.

Another possibility to verify the JOC is to use CacheWatcher as described HERE. The issue here is that the ORACLE_HOME is not clear to everyone, since there is also modules folder inside the middleware folder. If you as classpath the middleware modules folder, you will get following error message:

Exception in thread “main” java.lang.NoClassDefFoundError: oracle.ias.cache.CacheUtil

In that case, make sure that your classpath goes to oracle_common/modules folder, to get this running:

./java -classpath “/u01/app/oracle/product/Middleware/oracle_common/modules/oracle.javacache_11.1.1/

cache.jar:/u01/app/oracle/product/Middleware/oracle_common/modules/oracle.odl_11.1.1/ojdl.jar”

oracle.ias.cache.CacheUtil watch -config=

“/u01/app/oracle/product/Middleware/user_projects/domains/webcenter/

config/fmwconfig/servers/WC_CustomPortal/javacache.xml”

If you want to learn more about the JOC how it works or how to monitor it, follow this link HERE

 

Detached Credential Collector Configuration – OAM 11GR2

Detached Credential Collector (DCC) has been introduced in OAM 11GR2 release. And the documentation, http://docs.oracle.com/cd/E27559_01/admin.1112/e27239/register.htm#BABEGDFA, explains in detail about how to deploy it in various architecture scenarios.
 In addition to the documentation, this blog post will help clarify the configuration steps.

 
The following step presumes your deployment uses Open mode communication. It also assumes that a webgate 11G is registered with the OAM Server.

A. Enable credential operations for an existing 11G Webgate

 

Using the Oracle Access Management Console, find and open the page for the 11.1.2 Webgate that will function as the DCC:

  • Click on System Configuration tab
  • Click Access Manager
  • Expand the SSO Agents node
  • Double Click on OAM Agents
  • Click on Search
  • Click on the Webgate (say, the name is RREG_OAM11G)
  • Check the box beside Allow Credential Collector Operations.
  • Click Apply.
Here is the snapshot of the above configuration:
 
 

B.     Invoke the right perl executable

Ensure that the path name of the perl executable as mentioned in the perl scripts is correct.
For example, if the Webgate is installed $MW_HOME/Oracle_OAMWebGate1, the perl scripts for DCC-based login are located in the following path:  $MW_HOME/Oracle_OAMWebGate1/webgate/ohs/oamsso-bin.
In most of the cases, by default for Unix based system, the perl executable located at /usr/bin/perl. This can be verified by the command “which perl” in the OAM Server. However, the perl scripts themselves point to: /usr/local/bin/perl
To make sure that the scripts execute correctly, there are two choices:
  1. Create a symbolic link for /usr/local/bin/perl so that it points to /usr/bin/
  2. Or alter the first line of the scripts so that they points to the correct location for perl, that is, replace the line #!/usr/local/bin/perl by #!/usr/bin/perl.
 

C.   Configure the Authentication Scheme for DCC

Configure a new authentication scheme as follows:
  • Click on Authentication Scheme
  • Click on + on the top to add a new Authentication Scheme
  • A page will open for the new authentication scheme and then fill up the fields as follows:
    • Name: DCC AuthScheme [It can be anything]
    • Authentication Level: 2
    • Challenge Method: FORM
    • Challenge Redirect URL: http://oam.oracleateam.com:7778 [Note: This is theURL for the OHS Server where webgate is configured for DCC]
    • Authentication Module: LDAP [If the LDAP authentication module is the authentication engine]
    • Challenge URL: /oamsso-bin/login.pl
    • Context Type: Select the blank
  •  Select Apply
Here is the snapshot for the above configuration:
 

 

D.     Configure the Authentication Policy for the Protected Resource

Go to the Authentication Policy and make sure that you choose the “DCC AuthScheme” as the authentication scheme for the Protected Resource Policy.
A typical snapshot would be as follows:
 

 

 

Now restart the OAM Server and test the above configuration. Create a sample page, for example, test.html, in the OHS root location. And try to access the page as
This will redirect you to the following login page as shown below:

The above URL shows that you are directed to the Detached Credential Collector.
Now if you enter the credential correctly, you should be able to access the test.html page.

Configuring trace file size and number in WebCenter Content 11g

Lately I’ve been doing a lot of debugging using the System Output tracing in WebCenter Content 11g.  This is built-in tracing in the content server which provides a great level of detail on what’s happening under the hood.  You can access the…

Adding and removing WebCenter Content cluster nodes

If you follow the Enterprise Deployment Guide, Fusion Middleware High Availability guide, or the support technote onexample steps for installing a multi node cluster of WebCenter Content 11g, they all cover establishing a multi node cluster using …

WebCenter Content shared folders for clustering

When configuring a WebCenter Content (WCC) cluster, one of the things which makes it unique from some other WebLogic Server applications is its requirement for a shared file system.  This is actually not any different then 10g and previous version…

Setup WebCenter Custom Portal and Content Enabled Domain

WebCenter Custom Portal and Content Sever Installation overview for WebCenter Suite 11g PS5 (11.1.1.6)
The process highlights the order and high level steps to include in the installation and configuration

Preventing Deletes from Replicating In Archiver

I’m working on a project in which there is a particular use-case to prevent the deletion of content from migrating to a target instance of WebCenter Content.  Normally, when automatic replication is configured between instances of WebCenter Conten…

Integrating the Inbound Refinery with 3rd Party Image Converters

With WebCenter Content 11g, the Inbound Refinery handles image conversions with a built-in copy of the Oracle Outside In technology.  This provides a nice basic way of doing image conversions without any extra installation or configuration steps.  But in UCM 10g, there was no built-in conversion offered, so image converters (such as Image Alchemy or ImageMagick) were always necessary.

While the built-in converter can do some basic conversion functions such as manipulating sizes and formats, to do more advanced changes you still might need a 3rd party product such as Adobe Photoshop, Helios Image Server, or NConvert.  And to integrate to those 3rd party converters, you need extra components that is not installed directly with WebCenter Content.