Monday, September 9, 2013

Create User and set Role in WLST






wls:/base_domain/serverConfig/cd SecurityConfiguration/base_domain/Realms/myrealm/AuthenticationProviders/DefaultAuthenticator

wls:/base_domain/serverConfig/SecurityConfiguration/base_domain/Realms/myrealm/AuthenticationProviders/DefaultAuthenticator> cmo.createUser ('robin','welcome1','test')

wls:/base_domain/serverConfig/SecurityConfiguration/base_domain/Realms/myrealm/RoleMappers/XACMLRoleMapper> cmo.setRoleExpression ('','Anonymous','Usr(robin)')

wls:/base_domain/serverConfig/SecurityConfiguration/base_domain/Realms/myrealm/RoleMappers/XACMLRoleMapper> save
<function save 1>

wls:/base_domain/serverConfig/SecurityConfiguration/base_domain/Realms/myrealm/RoleMappers/XACMLRoleMapper> activate
<function activate 2>

Tuesday, June 4, 2013

Set the MaxRequestParamterCount Value

at weblogic.utils.http.QueryParams.checkLimit(
at weblogic.utils.http.QueryParams.getCurrentAndCheck(
at weblogic.utils.http.QueryParams.put(

The default value of MaxRequestParamterCount is 10,000, crossing which would cause a MaxRequestParameterExceedException

1.We can apply patch 13656558 for version 10.3.6, but since it is a security patch it is not freely available
Instead we can upgrade our version to by applying patch 16083651.
(patch 16083651already in itself includes the patch 13656558).

2. Follow Doc ID 1505598.1

The MaxRequestParamterCount can be set in 3 places:

    On the WebAppContainerMBean, which is under the DomainMBean and has domain wide effect.
    On the WebServerMBean, which is under ServerMBean and has effect on only JVM. 

    This overrides settings on the WebAppContainerMBean.
    On the VirtualHostMBean. Virtual hosts, like servers, are under DomainMBean. 

    This overrides settings on the WebAppContainerMBean.

Use WLST to set it


$ connect('<user>','<pwd>','<admin_url>')
$ edit()
$ startEdit()
$ cmo.getWebAppContainer().setMaxRequestParamterCount(1000)
$ save()
$ activate()
$ exit()


$ connect('<user>','<pwd>','<admin_url>')
$ edit()
$ startEdit()
$ cd('Servers/<server-name>')
$ cmo.getWebServer().setMaxRequestParamterCount(1000)
$ save()
$ activate()
$ exit()

For VirtualHostMBean:
$ connect('<user>','<pwd>','<admin_url>')
$ edit()
$ startEdit()
$ cd('VirtualHosts/<virtualhost>')
$ cmo.setMaxRequestParamterCount(1000)
$ save()
$ activate()
$ exit()

I tried making the change in my and it works fine.

####<Aug 21, 2013 10:45:03 AM IST> <Info> <Management> <****> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1377062103640> <BEA-000000> <Version: WebLogic Server PSU Patch for BUG14736141 Mon Dec 17 02:10:51 MST 2012


D:\work\wls\wls12.1.1\user_projects\domains\base_domain>cd D:\work\wls\wls12.1.1
wls:/base_domain/config> connect('weblogic','welcome1','t3://localhost:8001')
wls:/base_domain/config> easeSyntax()
wls:/base_domain/serverConfig/Servers/m1/WebServer/m1> edit
<function edit 3>
wls:/base_domain/edit> cd Servers
wls:/base_domain/edit/Servers> cd m1
wls:/base_domain/edit/Servers/m1> cd WebServer
wls:/base_domain/edit/Servers/m1/WebServer> cd m1
wls:/base_domain/edit/Servers/m1/WebServer/m1> startEdit ()  
Starting an edit session ...
Started edit session, please be sure to save and activate your
changes once you are done.
wls:/base_domain/edit/Servers/m1/WebServer/m1 !> cmo.getMaxRequestParamterCount()
wls:/base_domain/edit/Servers/m1/WebServer/m1 !> cmo.setMaxRequestParamterCount(-1)
wls:/base_domain/edit/Servers/m1/WebServer/m1 !>ls
wls:/base_domain/edit/Servers/m1/WebServer/m1 !> ls
dr--   Targets
dr--   WebServerLog
-rw-   AcceptContextPathInGetRealPath               false
-rw-   AuthCookieEnabled                            true
-rw-   Charsets                                     null
-rw-   ChunkedTransferDisabled                      false
-rw-   ClientIpHeader                               null
-rw-   DefaultWebAppContextRoot                     null
-rw-   DeploymentOrder                              1000
-rw-   FrontendHTTPPort                             0
-rw-   FrontendHTTPSPort                            0
-rw-   FrontendHost                                 null
-rw-   HttpsKeepAliveSecs                           60
-rw-   KeepAliveEnabled                             true
-rw-   KeepAliveSecs                                30
-rw-   MaxPostSize                                  -1
-rw-   MaxPostTimeSecs                              -1
-rw-   MaxRequestParamterCount                      -1

wls:/base_domain/edit/Servers/m1/WebServer/m1 !> save
<function save 4>
wls:/base_domain/edit/Servers/m1/WebServer/m1 !> save ()
Saving all your changes ...
Saved all your changes successfully.


Doc ID 1505598.1

Tuesday, March 26, 2013

popup appears multilpe times

Problem : 
ADF application times out with message

"Page Expired The page has expired. Click OK to continue."

if this message is left for a while, sometimes the following message is displayed multiple times:

"Because of inactivity, your session has timed out and is no longer active.
Click OK to reload the page."

solution : patch 13366844 for WLS 10.3.6

Monday, March 18, 2013

JCA binding

error message : 
 <Error> <oracle.soa.adapter> <BEA-000000> <JCABinding=>  SCA_Oracle*_Aceva:Oracle*_FileWrite [ Write_ptt::Write(body) ]  Could not invoke operation 'Write' against the 'File Adapter' due to:
Unable to acquire mutex for interaction.
Unable to acquire mutex for interaction.
Unable to acquire lock on resource "/*/*/soa_nfs/data/*/file/*PAYMENT/output*.tmp" for "DatabaseMutex::acquireNoSave"

This is a SOA bug 13344070

Tuesday, March 5, 2013

Native Library(terminalio) not found

Error message :
<Mar 4, 2013 9:31:55 AM PST> <Info> <Security> <BEA-090065> <Getting boot identity from user.>
Enter username to boot WebLogic server:<Mar 4, 2013 9:31:55 AM PST> <Error> <Security> <BEA-090782> <Server is Running in Production Mode and Native Library(terminalio) to read the password securely from commandline is not found.>
<Mar 4, 2013 9:31:55 AM PST> <Notice> <WebLogicServer> <BEA-000388> <JVM called WLS shutdown hook. The server will force shutdown now

Looks like  library "terminalio" is missing on your system, this is a OS related issue, however you can workaround this in weblogic by the following method.

Go to the domain / server / security folder for example :
if security folder is not found under adminserver, go ahead an create it. and provide it 777 permissions (chmod -r -R 777 security)
for unix system ->

cd user_projects\domains\base_domain\servers\AdminServer\
mkdir security
chmod 777 security/

under security folder create a new file called and enter the values of weblogic username and password and save + exit.

for unix system ->

cd security/
esc + i

esc + :wq

for windows system ->

under security
right click -> New Text Document.txt
open it

file - save as -
file name :
save as type : All files


repeat the same procedure for your managed server as well.

start your admin server

Thursday, January 31, 2013

jdk1.6.0_37/bin/java: not found

Description : after installing wls 10.3.6 64 bit and jdk 1.6u37 64 bit sparc we are not able to start weblogic
Error message : jdk1.6.0_37/bin/java: not found

Solution : download the 64 bit jdk as well as 32 bit jdk from

Place them on winSCP and upload using binary mode.

Provide chmod 777 *.sh to both the files.

-rwxrwxrwx   1 slcruser other    12721088 Jan 31 00:16
-rwxrwxrwx   1 slcruser other    76926483 Jan 31 00:17

install the 32 bit version first ( and later the 64 bit version ( on the same path as 32 bit version and provide this new path of jdk in

refer my earlier blog
on how to update with the new jdk path.

Thursday, January 24, 2013

GSSException No valid credentials provided Mechanism level Failed to find any Kerberos Ticket Key

Error message :
Caused By: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos Key)

This may occur if no valid Kerberos credentials are obtained. In particular, this occurs if you want the underlying mechanism to obtain credentials but you forgot to indicate this by setting the system property value to false (for example via in your execution command).

Be sure to set the system property value to false if you want the underlying mechanism to obtain credentials, rather than your application or a wrapper program (such as the Login utility used by some of the tutorials) performing authentication using JAAS.

Stop the admin server
Modify the file located in DOMAIN_HOME/bin
add the flag in java_options
save and start your admin server

below is a typical example assuming your weblogic is on linux box

Modify the file located in DOMAIN_HOME/bin

Locate the following line:
# Start WebLogic

Below this line, add the following, replacing the correct path to krb5Login.conf:

Save the file. Start the Administration Server

For Windows
Modify the startWebLogic.cmd file located in DOMAIN_HOME\bin (default is c:\Oracle\Middleware\user_projects\domains\base_domain\bin\startWebLogic.cmd)

Locate the following line:

Below this line, add the following:

set JAVA_OPTIONS=%JAVA_OPTIONS%\krb5Login.conf – –

Ref :

Friday, January 4, 2013

webserver ip address is being recorded instead of client ip address after enabling WebLogic Plug-In Enabled option in console

webserver ip address is being recorded instead of client ip address after enabling WebLogic Plug-In Enabled option in console (<weblogic-plugin-enabled>true</weblogic-plugin-enabled>)

1. Checked the plugin version by hitting the url
http://<host>:<port>/?__WebLogicBridgeConfig  (console ip and port)
found it to be 1.1

WebLogic Server Plugin version 1.1,

Ref : Doc id 1285304.1

2. Made sure that the customer has enabled WebLogic Plug-In Enabled option at the below places

Environment >>> clusters >>  CLUSTER NAME > configuration -> general tab -> WebLogic Plug-In  Enabled (checked)
Environment >>> SERVER >> SERVER NAME > General -> Advanced -> WebLogic Plug-In Enabled (checked)
Domain_Name >>> Configuration Tab > Web Applications Tab  -> WebLogic Plug-In Enabled (checked)

3. Enabled debugs in webserver config file
Debug ALL
DebugConfigInfo ON

Ref : Doc ID 780007.1

Later realized that customer has installed  Microsoft TMG server in the same machine as that of webserver which is masking the client ip.