Q. How does the Apache HTTP Server Plug-In work?
A. For information on how a plug-in works, see Installing and Configuring the Apache HTTP
Server Plug-In in Using Web Server Plugins With WebLogic Server.
Q. How does the plug-in route the request for a sticky session?
A. If the browser sends a cookie, we look for "JSESSIONID" (configurable by a parameter
called "CookieName") in the "Cookie: " header.
17-2
If the cookie is disabled and URL re-writing is used, the session id is encoded in the URL. In
WebLogic Server 5.1 and earlier, it was encoded in the query string:
?WebLogicSession=my_dumy_session
In WebLogic Server 6.0 and later, it was encoded in the parameter:
;JSESSIONID=my_dummy_session
If no session is found in the query string or parameter and if it is small enough to be read into
memory, WebLogic Server looks for the session in the postdata.
Q. What is new for debugging a plug-in in WebLogic Server 6.0?
"Debug = ON" logs only informational and error messages
HFC : headers from the client, informational, and error messages
HTW : headers sent to wls, informational and error messages
HFW : headers sent from wls, informational and error messages
HTC : headers sent to the client, informational and error messages
ALL : everything
OFF : nothing -- default(should be used in production)
The log file is configurable for 6.1. For later versions of WebLogic Server, the WLLogFile was
introduced to configure the debug filename and location.
Q. What is expected in the wlproxy.log?
Every request looks like the following:
"================New Request: [GET / HTTP/1.1] ================="
PathTrim, DefaultFileName, and PathPrepend will be performed in order. The
final request will be logged as the following: "Fri Jun 22 14:24:40 2001 The
request string is '/index.jsp'"
Looking for session information and determining the primary:
"Fri Jun 22 14:24:40 2001 Initializing lastIndex=0 for a list of length=1
Fri Jun 22 14:24:40 2001 create a new server node: id='qa89:443'
server_name='mint.beasys.com', port='18080'"
Init SSL if SecureProxy is set to ON:
“Fri Jun 22 14:24:40 2001 INFO: SSL is configured Fri Jun 22 14:24:40 2001
INFO: Initializing SSL library Fri Jun 22 14:24:40 2001 Loaded 1 trusted
17-3
CA's Fri Jun 22 14:24:40 2001 INFO: Successfully initialized SSL Fri Jun 22
14:24:40 2001 INFO: SSL configured successfully"
Initial connection being made:
"Fri Jun 22 14:24:40 2001 general list: trying connect to '172.17.9.180'/443
Fri Jun 22 14:24:40 2001 Connected to 172.17.9.180:443"
Client headers and the post data (if present) being read:
"Fri Jun 22 14:24:40 2001 Hdrs from clnt:[Accept]=[image/gif,
image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel,
application/msword, application/vnd.ms-powerpoint, */*]"
Client headers and the post data (if any) being sent:
"Fri Jun 22 14:24:40 2001 Hdrs to WLS:[Accept]=[image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, application/vnd.ms-excel, application/msword,
application/vnd.ms-powerpoint, */*]"
Response headers being obtained from WebLogic Server:
“Fri Jun 22 14:24:46 2001 Hdrs from
WLS:[Set-Cookie]=[JSESSIONID=OzI19WqYmFnRviHEu5gKLvot42ABeD8NPWnF0jW6cawSG
crp2mru!4038528127411848936!-1408169548!80!443; path=/] Fri Jun 22 14:24:46
2001 parsed all headers OK"
Response headers being sent to WebLogic Server and indicating if the connection is close or
keep-alive is here:
"Fri Jun 22 14:24:46 2001 Hdrs to client:[Date]=[Fri, 22 Jun 2001 21:24:48
GMT] Fri Jun 22 14:24:46 2001 Hdrs to client:[Server]=[WebLogic WebLogic
Server 6.1 beta 06/21/2001 10:44:44 #122398 - internal build by jlee on
client jlee.qa89] Fri Jun 22 14:24:46 2001 canRecycle: conn=1 status=200
isKA=0 clen=2705 isCTE=0 Fri Jun 22 14:24:46 2001 closeConnection in
load_utils: deleting URL* Fri Jun 22 14:24:46 2001 INFO: Closing SSL context
Fri Jun 22 14:24:46 2001 INFO: sysSend 23 Fri Jun 22 14:24:46 2001 INFO:
Error after SSLClose, socket may already have been closed by peer Fri Jun
22 14:24:46 2001 r->status=200 returning 0"
Q. What changed in the 6.1 plug-in?
A. The following changed:
�� HTTP1.1 support -- chunk-transferred and keep-alive (except for apache1.3.x)
17-4
�� Session parsing (this breaks the backward compatibility)
�� SSL support from the plug-in to WebLogic Server
Q. What is static list, dynamic list, and general list?
A. They are defined as follows:
�� Static list: the initial server list defined in the config file
�� Dynamic list: the current server list sent by wls upon a successful request
�� General list: the current server list (could be static or dynamic) besides the primary and
secondary servers associated with the current request
Q. Does the plug-in support two-way SSL?
A. No. But the plug-in can be set-up to require the client certificate and pass it on to WebLogic
Server. For example:
apache ssl
SSLVerifyClient require
SSLVerifyDepth 10
SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
Q. Sometimes a reponse from WebLogic Server to the plug-in contains the Set-Cookie header.
Is this normal?
A. Yes. WebLogic Server will send the Set-Cookie header in the response if the Cookie header
is missing from the request or X-WebLogic-Force-Cookie is detected. If the plug-in fails to
connect to a bad server, the plug-in will send the header X-WebLogic-Force-Cookie: true to
the next available server to force the client to update the corresponding cookie which contains the
correct session information.
Q. If I install mod_wl_ssl.so with mod_perl to Apache 1.3.19, why does Segmentation Fault (11)
occur in mod_wl_ssl.so when I access WebLogic via the plug-in?
A. The server could be any 6.x and the operating system could be any version of Solaris. The
environment is WebLogic Server 6.x (Use mod_wl_ssl.so), Solaris 2.x.
In order to avoid getting Segmentation Fault (11), add a VirtualHost block for HTTP as in the
following example:
17-5
# General setup for the virtual host
DocumentRoot "/export/home/happy/local/apache_1.3.19/htdocs"
ServerName happy1
ServerAdmin happy@happyville
ErrorLog /export/home/happy/local/apache_1.3.19/logs/error_log
TransferLog /export/home/happy/local/apache_1.3.19/logs/access_log
For the SSL port, also use the IP address in:
Use any valid DNS name for the ServerName.
Q. What should I do if my server “hangs” or “freezes”?
A. If your WebLogic Server “freezes,” you will need to collect certain diagnostic information,
including thread dumps and Java garbage collection metrics, before contacting BEA Technical
Support. For details, see Generate a Log File and Check Garbage Collection.
Q. How do I configure WebLogic to use a SOCKS proxy?
A. You can configure a java.net socket to use SOCKS by setting a Java system property. For
details, see How do I make Java work with a proxy server? at
http://www.sunsite.unc.edu/javafaq/javafaq.html#proxy. Once the property is set, WebLogic
socket connections use the SOCKS proxy.
Q. How can I speed up connection responses?
A. Connection delays are often caused by DNS problems. WebLogic performs a reverse lookup
on the hostname from which a new connection is made. If the DNS reverse lookup is not working
properly because the connection is coming from a proxy server, it could be responsible for the
delay. You might want to work with your system administrator to determine whether DNS and
the third-party networking software are working properly. Try writing a simple server program
that performs a reverse lookup on any connection made to it. If that lookup is delayed, then you
know that the proxy server is the source of the problem.
Q. How does WebLogic support CORBA and client communication via IIOP?
A. “CORBA” support means many things to many people. It often means simply IIOP and ORB
support and does not use many CORBA services. WebLogic supports CORBA in multiple ways.
The WebLogic Server 8.1 implementation of RMI-IIOP allows you to: connect Java RMI clients
to WebLogic Server using the standardized IIOP protocol; connect CORBA/IDL clients,
including those written in C++, to WebLogic Server; interoperate between WebLogic Server and
Tuxedo clients; connect a variety of clients to EJBs hosted on WebLogic Server. For more
information, see Using WebLogic RMI over IIOP at
http://e-docs.bea.com/wls/docs81/rmi_iiop/index.html.
Q. How do I speed up HTTP tunneling?
A. Unfortunately, a significant performance hit occurs when you use HTTP tunneling. We have
optimized it somewhat, but, because everything is encapsulated in HTTP, HTTP tunneling is
slower than direct
Be sure that you really need to use HTTP tunneling. For example, if your firewall can pass IP
packets through port 80, you can use the fast T3 protocol on port 80.
Q. Can WebLogic Server start with a UNIX boot?
18-3
A. You can add a startup script to your UNIX rc scripts to run WebLogic Server at UNIX boot
time. For information about creating startup scripts, refer to “Starting an Administration Server
Using a Script” in Administration Console Online Help.
Q. What affects servlet performance besides clients and traffic?
A. Response time for a servlet is about 5 times slower when you are running a screen saver on
the machine, particularly for the OpenGL screen savers. Try turning off your screen saver and see
if that helps!
Q. Why do I get “NoClassDefFound”/“Too Many Open files”messages on Solaris?
Problem: When I am using WebLogic Server on Solaris and try to run my application, I get a
“NoClassDefFound” error, although the class causing the error does exist and is in the right
directory. In fact, there are other classes in the same directory that are getting loaded. I also get a
“Too many open files” error.
A. We have seen this situation when the user account runs out of file descriptors. On Solaris,
each user account has a certain limited number of file descriptors. You can find out how many
file descriptors you have with the limit command in csh.
You can increase file descriptors if you have enough privileges with the ulimit command in the
csh. Otherwise, ask your system administrator to increase the file descriptors available to your
processes.
Q. How do I increase WebLogic Server memory?
A. Increase the allocation of Java heap memory for WebLogic Server. (Set the minimum and
the maximum to the same size.) This example starts the server with a fixed heap size of 200MB:
$ java ... -ms200m -mx200m ...
This allocates 32 megabytes of Java heap memory to WebLogic Server, which improves
performance and allows WebLogic Server to handle more simultaneous connections. You can
increase this value if necessary.
Q. Java-CORBA integration: RMI-IIOP or Java IDL?
A. It is important to understand the distinction between these two ways of integrating Java with
CORBA.
RMI-IIOP is for Java programmers who want to program to the RMI interfaces but use IIOP as
the underlying transport. RMI-IIOP provides interoperability with other CORBA objects
implemented in various languages, but only if all the remote interfaces are originally defined as
18-4
Java RMI interfaces. It is of particular interest to programmers using Enterprise JavaBeans
(EJBs), because the remote object model for EJB is RMI-based. It also allows you to use the
standardized IIOP protocol and have a lightweight (minimal weblogic classes) client.
Java IDL is for CORBA programmers who want to program in Java based on interfaces defined
in CORBA IDL. This is "business as usual" CORBA programming, supporting Java in exactly
the same way as other languages like C++ or COBOL. If you want to integrate C++ (or any other
language your orb supports into IDL) you would use the CORBA IDL method of programming.
Q. How do an RMI-IIOP application and an existing CORBA object interoperate?
A. If the existing CORBA object has its remote interfaces defined originally in CORBA IDL,
then interoperability is not possible. RMI-IIOP applications can interoperate with other CORBA
objects only when their remote interfaces are originally defined as Java RMI interfaces.
For example, to interoperate between an RMI-IIOP client and a C++ object you need to:
1. Define the remote interface of the object in Java as an RMI interface..
2. Run rmic -idl against the interface to produce IDL compatible with the RMI interface.
3. Run a C++ stub compiler against the IDL file to produce the C++ skeleton for your C++
server object.
Q. What is the function of T3 in WebLogic Server?
A. T3 provides a framework for WebLogic Server messages that support for enhancements.
These enhancements include abbreviations and features, such as object replacement, that work in
the context of WebLogic Server clusters and HTTP and other product tunneling.
T3 predates Java Object Serialization and RMI, while closely tracking and leveraging these
specifications. T3 is a superset of Java Object. Serialization or RMI; anything you can do in Java
Object Serialization and RMI can be done over T3.
T3 is mandated between WebLogic Servers and between programmatic clients and a WebLogic
Server cluster. HTTP and IIOP are optional protocols that can be used to communicate between
other processes and WebLogic Server. It depends on what you want to do. For example, when
you want to communicate between
�� A browser and WebLogic Server-use HTTP
�� An ORB and WebLogic Server-IIOP.
18-5
Q. How can I debug the Java code that I have running in WebLogic Server?
A. You can use tools such as WebGain, JBuilder, NetBeans and JDB that rely on the Java
Platform Debugger Architecture (JPDA) to debug your Java code running in WebLogic Server.
JPDA is integrated in the Java 2 Platform, Standard Edition (J2SE) SDK 1.3 on all platforms and
SDK 1.2.2 for Linux. There is a download available from Sun to add JPDA support to the J2SE
SDK 1.2.2 on Solaris and Microsoft Window platforms. If you are using J2SE SDK 1.2.2 on these
platforms you must first get this download.
To allow a debugger to attach to the virtual machine that WebLogic runs you have to start
WebLogic in debug mode. In order to start WebLogic in debug mode using a Sun virtual machine
follow these steps (start with step one only if using a Solaris platform):
1. If using a Solaris platform, change the LD_LIBRARY_PATH environment variable to prepend
$JAVA_HOME/lib/sparc:
export LD_LIBRARY_PATH=$JAVA_HOME/lib/sparc:$LD_LIBRARY_PATH
2. Add the following parameters to the java command line (before the "weblogic.Server"
string) that launches WebLogic server:
-Xdebug
-Xnoagent
-Xrunjdwp:transport=dt_socket
server=y
address=
suspend=n
-Djava.compiler=NONE
Note that with the Hotspot Performance engine the -Xnoagent and -Djava.compiler=NONE
options are no longer required, but are accepted and ignored for compatibility reasons.
If server=y and no address parameter is supplied, WebLogic Server chooses the transport
address and prints it to the standard output stream. So, if a line such as:
Listening for transport dt_socket at address: 46666
prints in your standard output stream when the server starts, the number 46666 is the port number
to be supplied to your tool's remote debugger in order to attach it to WebLogic's virutal machine.
Q. How do I call a servlet with parameters in the URL?
A. The usual format of a servlet parameter is a name=value pair that comes after a question-mark
(?) at the end of the URL. To access these parameters, call the getParameter() method on the
HttpServletRequest object, then write code to test the strings. For example, if your URL
parameters are “func=topic,” where your URL appears as:
http://www.myserver.com/myservlet?func=topic
then you could parse the parameter as follows, where “req” is the HttpServletRequest object:
String func = req.getParameter("func");
if (func.equalsIgnoreCase("topic")) {
. . . do some work
}
Q. How can I run multiple instances of the same servlet class in the same WebLogic Server
instance?
A. If you want to run multiple instances, your servlet will have to implement the
SingleThreadModel interface. An instance of a class that implements the
SingleThreadModel interface is guaranteed not to be invoked by multiple threads
simultaneously. Multiple instances of a SingleThreadModel interface are used to service
simultaneous requests, each running in a single thread.
When designing your servlet, consider how you use shared resources outside of the servlet class
such as file and database access. Because there are multiple instances of servlets that are identical,
and may use exactly the same resources, there are still synchronization and sharing issues that
must be resolved, even if you do implement the SingleThreadModel interface.
Q. How do I deserialize an httpsession?
A. To deserialize an httpsession, construct a utility class that uses the current thread's
contextclassloader to load the user defined objects within the application context. then add this
utility class to the system CLASSPATH.
Q. What is the difference between the Compatibility realm and myrealm? Under what
circumstances should I use each of these realms?
A. If you have a 6.x config.xml file and you boot WebLogic Server, the following realms are
created:
�� Compatibility realm—Allows you to use an existing 6.x security configuration as is in the
management environment provided in this release of WebLogic Server. The Realm Adapter
providers allows access to existing stores of users, groups, and access control lists (ACLs).
�� myrealm—Is the default security realm in this release of WebLogic Server. By default, the
WebLogic Security providers are configured in myrealm.
20-3
For more information, see Managing WebLogic Security.
Q. What are the default groups users and everyone used for?
A. The users and everyone groups are convenience groups that allow you to apply global
roles and security policies. All WebLogic Server users are members of the everyone group. Only
WebLogic Servers who are not the
For more information, see Managing WebLogic Security.
Q. Is there still a guest user?
A. The guest user is no longer supported by default in this release of WebLogic Server. In
WebLogic Server 6.x, guest was both the name of a user and the name for anonymous logins.
The new user name for an anonymous user is
booting WebLogic Server with the following command line argument:
-Dweblogic.security.anonymousUserName=newAnonymousUserName
This argument allows you to make the name of the anonymous user guest for the purpose of
backward compatibility.
If you want to have a guest user in this release of WebLogic Server, create a user with the name
guest in the Authentication provider in the default security realm and give the user the password
of guest. If your code depends on the guest user, you should consider rewriting it to use the
utility methods in weblogic.security.WLSPrincipals.
Q. I want to provide additional fields in my Web application for form-based authentication. What
application programming interfaces (APIs) should I use?
A. The CallbackHandler implementation in the WebLogic Authentication provider supports
only stringified versions of a username and password when using form-based authentication.
If a Web application requires more authentication information, use the
javax.security.auth.TextInputCallback interface of the JAAS Callback application
programming interface (API) in the code for your LoginModule. The implementation of the
javax.security.auth.TextInputCallback interface needs to use the name of the
authentication field as the prompt to the method constructor. For example:
Callback[] callbacks=new Callback[1];
callbacks[1]=new TextInputCallback(“TextField”);
try{
callbackHandler.handle(callbacks)
20-4
textField1=((TextInputCallback)callbacks[2].getText
} catch (java.io.IOException ioe) {
throw new LoginException(ioe.toString());
}catch (UnsupportedCallbackException uce) {
throw new LoginException
(“Error:”+uce.getCallback().toString() +
“not available to garner authentication information” +
“from the user”);
}
//”textField1 is not set correctly
When the ServletCallbackHandler gets a TextInputCallback, the callback looks for a field
matching the prompt of the TextInputCallback. If there is a match, the callback handler sets
the value in the callback. If no match is found, an UnsupportedCallback exception is raised.
Q. I am using the 6.x security realm APIs in my application. How do I upgrade this functionality
to the security APIs in this release of WebLogic Server?
Specifically, I am using the security.getRealm() method and then the getGroup(),
getGroups(), and getUser() methods on the returned realm.
A. You can use your 6.x application as is in the WebLogic Server environment by using
Compatibility security.
The management of WebLogic Server changed in 6.x away from direct calls on the realm to the
use of MBeans. This change was the first step in creating a unified administration model for
WebLogic Server. While the Security MBeans introduced in 6.x mirrored the capabilities defined
for the realm, they were not flexible enough to allow security vendors to integrate their products
with WebLogic Server. This release of WebLogic Server provides a set of Security Service
Provider Interfaces (SSPI) and Security SPI MBeans that allow you to write custom security
products for WebLogic Server. These MBeans can also be used to replicate functionality in an
existing application so that the application can be used in the WebLogic Server environment.
If you choose to upgrade your realm, you will need to write an implementation of the MBeans
found in the weblogic.management.security package. These MBeans allow you to
implement management methods that are specific to your 6.x realm. For a description of using
the MBeans in the weblogic.management.security package, see Developing Security
Providers for WebLogic Server.
The following are some hints that may help you upgrade applications based on security realms to
the security architecture available in this release of WebLogic Server:
20-5
�� If you are using the security realm to authenticate users, instead use the JAAS API to
authenticate users.
�� Table 20-1 lists the mappings between the interfaces in the 6.x of the
weblogic.security.acl package to the interfaces in the
weblogic.managment.security.authentication package.
Note: The weblogic.security.acl package is deprecated in this release of WebLogic
Server.
Q. Does WebLogic Server support Diffie-Hellman or DSS/DSA digital certificates?
A. No. The exportable version of WebLogic supports only 512 bit RSA with 40 bit RC4.
Additionally, Web browsers do not support these types of certificates, and there are no
commercial issuers for DSA certificates.
Q. Can a Weblogic Server deployment have one RSA and one non-RSA certificate?
Table 20-1 Interface Mapping
Methods in the 6.x
weblogic.security.acl package
Corresponding Method in the
weblogic.management.security.
authentication package
newUser() UserEditor.createUser()
deleteUser() UserRemover.removeUser()
newGroup() GroupEditor.createGroup()
deleteGroup() GroupRemover.removeGroup()
Group.addMember() GroupEditor.addMemberToGroup
Group.removeMember() GroupEditor.removeMemberFromGroup()
Group.isMember() GroupMemberLister.listGroupMembers()
or SubjectUtils.isUserInGroup()
Group.members() GroupMemberList.listGroupMembers()
userExists() UserReader.isUser()
isGroupMember() GroupReader.groupExists(),
GroupReader.isMember()
20-6
A. No.
Q. Must we pay RSA licensing costs for non-RSA client code?
A. WebLogic Server has licensed RSA for SSL communications between WebLogic Server and
WebLogic clients. When using WebLogic Server, no extra licensing for RSA is necessary,
although different rules apply to VARs.
Q. How do I use Netscape security certificates with WebLogic Server?
A. Netscape stores the private and public keys together in a key-pair file which prevents you
from separating the public and private keys. Therefore, you must generate another request for a
certificate, not using Netscape utilities.
Q. How do I restrict access to servlets and JSPs?
The Java Servlet API Specification v2.3, at
http://www.java.sun.com/products/servlet/download.html#specs, allows you to declaratively
restrict access to specific Servlets and JSPs using the Web Application deployment descriptor.
Section 13.3.2 of the specification has an example deployment descriptor that uses declarative
security. For more information, see Programming WebLogic HTTP Servlets. You can also
specify roles for EJBs and Web applications through the Administration Console. For more
information, see Securing WebLogic Resources.
Q. Can I use RSA encryption algorithms and javax.crypto.* API to build applications?
A. No. WebLogic’s RSA license does not permit end-users to use RSA classes directly. You
must obtain your own license for the encryption libraries from RSA.
Q. Can I use a JNDI Initial Context to pass the security credentials of a WebLogic Server user?
A. The ability to use JNDI to pass security credentials was deprecated in 6.1 of WebLogic
Server. You can still use this method in this release WebLogic Server. However, BEA
recommends using the Java Authentication and Authorization Service (JAAS) runAs() method
rather than JNDI to associate a user with a security context. For more information, see
Programming WebLogic Security.
Q. Are WebLogic Server passwords secure?
A. The config.xml file no longer has clear text passwords. In place of clear text passwords,
the config.xml file has encrypted passwords. You cannot copy encrypted passwords from one
20-7
domain to another. Instead, you can edit the config.xml file and replace the existing encrypted
passwords with clear text passwords and then copy the file to the new domain. The
Administration Console will encrypt the passwords the next time it writes to the file.
Q. Why do I get a certificate configuration error when I start the my Weblogic Server?
For example: Alert>
certificate file
A. It is possible that you did not specify a WL_HOME relative file name in your SSL configuration
files.
For more information, see Managing WebLogic Security.
Q. Why can't I establish an outbound SSL connection when using the demonstration certificates?
A. When establishing an SSL connection, the subject DN of the digital certificate must match
the host name of the server initiating the SSL connection. Otherwise, the SSL connection is
dropped. If you use the demonstration certificates, the host names will not match. To avoid this
situation, use the following command-line argument when starting WebLogic Server:
-Dweblogic.security.SSL.ignoreHostnameVerification=true
This argument disables the Hostname Verifier which compares the subject DNs and host names.
This solution is recommended in development environments only. A more secure solution is to
obtain a new digital certificate for the server making outbound SSL connections.
Q. Why do I get a configuration error when establishing an SSL connection to WebLogic Server?
For example:
to connect to t3s://localhost:8802.
A problem with the configuration of the SSL protocol will also raise the following exception:
failure>
A. By default, WebLogic Server contains a Hostname Verifier that compares the subject DNs
of digital certificates and host names. When establishing an SSL connection, the subject DN of
the digital certificate must match the host name of the server initiating the SSL connection. If you
use the demonstration certificates the host names will not match. To avoid this situation, use the
following command-line argument when starting WebLogic Server:
-Dweblogic.security.SSL.ignoreHostnameVerification=true
20-8
This argument disables the Hostname Verifier. This solution is recommended in development
environments only. A more secure solution is to obtain a new digital certificate for your
WebLogic client.
In this release of WebLogic Server, WebLogic clients perform a trusted certificate authority
check on the digital certificate for WebLogic Server. The client may reject the digital certificate
of WebLogic Server if the certificate was not issued by a certificate authority trusted by the client.
Previous versions of WebLogic Server did not perform this check.
Q. Why does my servlet return a no certificate message?
A. Unless WebLogic Server is configured to ask a client for its digital certificate during the SSL
handshake (referred to as Two-Way SSL), WebLogic Server will not have the digital certificate.
You get this error when a WebLogic servlet or JSP tries to perform peer validation on the client.
Set the Client Certificate Enforced attribute when configuring SSL to requireWebLogic Server
to request client certificates.
Q. Why doesn’t my Custom security provider show up (that is, it doesn’t appear as a Configure
a new Security_Provider_Type link) in the Administration Console?
A. Check to make sure the system administrator put the MBean JAR file (MJF) in the
lib/mbeantype directory.
Q. Why do I get a 401 Unauthorized User error when using CLIENT-CERT in the login-config
of my web application?
A. To use a login-config of CLIENT_CERT, ensure the following:
1. Two-way SSL is configured on the server with the Client Enforced option set.
2. The web application is access via https.
3. A user corresponding to the CN attribute of the digital certificate for the web application is
defined as a user in the default security realm and that the security realm has an Identity
Assertion provider configured.
CLIENT_CERT also applies when perimeter authentication is used (meaning digital certificates
are coming in via http headers or cookies). In this case, two-way SSL and https are not required.
Q. Why can’t I use keytool to import a digital certificate into the identity keystore?
A. When using the keytool utility to create a Certificate Signing Request (CSR), a self-signed
digital certificate is placed in the identity keystore. On occasion, a problem will occur when using
20-9
the keytool commands to replace the self-signed digital certificate in the keystore with a signed
digital certificate received from a trusted CA. Use the keytool utility to import the trusted CA
certificate into the keystore before importing the signed digital certificate into the keystore. The
steps are as follows:
1. Obtain the trusted CA certificate.
2. Use the der2pem utility to convert the trusted CA certificate to a PEM file.
3. Use the keytool utility to create an identity keystore. For example:
keytool -genkey -alias subjectkey -keypass keypassword -keystore
nameofkeystore -storepass keystorepassphrase
4. Use keytool certreq command to create a CSR and submit the CSR to a certificate
authority. For example:
keytool -certreq -alias subjectkey -keypass keypassword keystore
nameofkeystore -storepass keystorepassphrase -file mycertificate.cer
5. Use the keytool import command to import the PEM file for the trusted CA into the
keystore.
6. Use the keytool import command with the -trustcacerts option to import the signed
digital certificate from the certificate authority into the keystore.
Q. Can I programmatically add users and groups to the WebLogic Authentication provider?
A. Use the createUser() and createGroup() interfaces in the
weblogic.management.security.authentication class.
Q. When using the WebLogic Credential Mapping provider, how do you create mappings for
anonymous or unauthenticated users?
A. When using the Resource container, special usernames are established for different cases. A
mapping called wls_ra_anonymous is used when there is not authenticated WebLogic user
(meaning, the Subject has no users or is null). The Resource container also defines special
mappings for mappings created during a Resource Adapter’s pool startup (wls_ra_initial)
and when no other configured mapping applies to the given Subject (wls_ra_default).
Q. How do I configure multiple Authentication providers to work together in a security realm?
A. The Login Modules for all the different types of supported Authentication providers conform
to the JAAS specification. If there are two Authentication providers configured in a security
realm and you want valid users from either provider to login into the system, set the JAAS
Control Flag on each Authentication provider to REQUISITE.
20-10
Q. Can an application use Java security?
A. Yes. An application can use Java security as well as JAAS authorization within itself. The
application can use checkPermission() and all the other Java security calls. The only caveat
is there is no guarantee of your identity or code base when the application is being called from
the server. At all entry points, your identity and code base must be re-established using
AccessController.doPrivileged() or Subject.DoAs().
Q. When using Java security, how do I change the default permissions for an application?
A. In the Java security policy file, there are three “fake” codebases for each of the three
component types:
“file:/weblogic/application/defaults/EJB” for EJBs
“file:/weblogic/application/defaults/Web for Web applications
“file:/weblogic/application/defaults/Connector for Connector applications
These codebases contain the defaults for these types of applications. When evaluating these
defaults, the string “WEBLOGIC-APPLICATION-ROOT” will be expanded to the top-level directory
when the application was deployed.
Q. How do I protect access to the embedded LDAP server?
A. The acls.prop file (located in WLHOME/server/lib/acls.prop) controls access to the
embedded LDAP server. You can modify the acls.prop file to control access to the LDAP
server. For more information, see Managing the Embedded LDAP Server.
Q. Does the embedded LDAP server support SSL?
A. Yes. Use the SSL listen port (7002). The WebLogic Server muxer is actually performing all
the SSL work so there should be no additional configuration required when using SSL to talk to
the embedded LDAP server.
Q. What is the password for the LDAP Admin Account?
A. The password is specified in the Credential field of the EmbeddedLDAP MBean. The
password is generated on the first boot of the server and written to the config.xml file. The LDAP
Admin account DN is cn=Admin. Use the WebLogic Server Administration Console to change
the password for the LDAP Admin account. For more information, see Configuring the
Embedded LDAP Server.
A.
21-1
C H A P T E R 21
FAQs: Upgrading
�� What is Compatibility mode?
�� How do I run WebLogic Server 8.1 in Compatibility mode when upgrading?
�� What is two-phase deployment?
�� Why do I keep getting a NoSuchMethodError when running an application on WebLogic
Server 8.1?
Q. What is Compatibility mode?
A. When you upgrade to WebLogic Server 8.1 from previous versions of WebLogic Server,
Compatibility mode allows you to keep your old configuration of users, groups, and ACLs.
Q. How do I run WebLogic Server 8.1 in Compatibility mode when upgrading?
A. WebLogic Server 8.1 recognizes your old config.xml file and automatically runs in
Compatibility mode.
Q. What is two-phase deployment?
A. WebLogic Server 8.1 uses two-phase deployment. Previous to WebLogic Server 7.0, when
you deployed an application, a copy of the application file(s) was sent to all the targeted servers,
which in turn, loaded the application. If any of those servers failed (or partially failed), the
deployment was placed in an inconsistent state.
FAQs: Upgrading
21-2
In the current release of WebLogic Server, the application is first prepared across the servers and
then activated in a separate phase. In the prepare phase, the application is prepared for
deployment without allowing user requests to the application. When the servers are ready, the
application is activated everywhere. With this model, it is still possible to have a failure occur
during the activation phase, which leads to the inconsistent state, but it is much less likely to
occur.
For more information on this deployment model and other 8.1 deployment features, see
WebLogic Server Application Deployment.
Q. Why do I keep getting a NoSuchMethodError when running an application on WebLogic
Server 8.1?
A. Make sure that you are not running the server with a patch for a previous version of WebLogic
Server. For exact information of a particular patch, contact Customer Support.
Also make sure that you do not have any JAR files in your server CLASSPATH that conflict with
the version of J2EE that is supported by WebLogic Server 8.1, J2EE version 1.3. The 1.3 version
of J2EE is added to the WebLogic Server 8.1 CLASSPATH by default. For example, you may have
to remove j2ee12.jar from your server CLASSPATH.
Q. I am getting a java.lang.IncompatibleClassChangeError exception when I execute the
clientgen or autotype Ant task to generate non-built-in data type components from an XML
Schema file. This only started happening after I installed WebLogic Platform or WebLogic
Workshop; everything worked just fine when WebLogic Server was installed on its own. What
is going on?
A. This problem happens only when you have the wlxbean.jar and xbean.jar files in your
build or deployment environment CLASSPATH variable and you are using the clientgen or
autotype Ant tasks to generate non-built-in data type components from an XML Schema that
references SOAP encoding data types. The two JAR files, used by the XMLBeans feature, are
part of WebLogic Platform and Workshop, and not part of WebLogic Server. The JAR files
contain SOAP encoding data type classes which come into conflict with those generated by the
Ant tasks.
There are three different ways to work around this problem:
�� Use the packageName or packageBase attributes of the autotype Ant task (or the
typePackageName or typePackageBase attributes of the clientgen Ant task) to force
22-2
the Ant-task-generated SOAP encoding data types into a user-specified package so that
they do not conflict with the XMLBeans data types.
See Web Service Ant Tasks and Command-Line Utilities at
http://e-docs.bea.com/wls/docs81/webserv/anttasks.html for information about the
attributes of the autotype and client Ant tasks.
�� Remove the xbean.jar and wlxbean.jar files from your build and deployment
environment. These files are installed into the WL_HOME\server\lib directory by
WebLogic Platform, where WL_HOME refers to the main WebLogic Platform installation
directory, such as c:\beahome\weblogic81. If you need these JAR files (because some of
your Web Services use XMLBeans), then put a copy of the two JAR files in the
APP-INF/lib directory of only those EAR files that contain WebLogic Web Services that
use XMLBeans.
�� If you are not using WebLogic Workshop to create applications, or do not deploy any
applications generated by WebLogic Workshop, then you can remove the conflicting SOAP
encoding classes from the wlxbean.jar and xbean.jar files.
Q. Does WebLogic Server 8.1 support SOAP Messages with Attachments?
A. Yes. As long as the data type of the attachment is on the list of supported JAX-RPC data
types, then WebLogic Server will automatically handle parameters to Web services that are
SOAP attachments. If you want to do further processing of the attachment, you can use handlers
to intercept the request and response SOAP message (which includes the attachment.)
Q. Does WebLogic Server 8.1 support SOAP?
A. Yes. WebLogic Server’s implementation of SOAP is included as part of the Web Services
subsystem. For detailed information on creating Web Services with WebLogic Server, see
Programming WebLogic Web Services at
http://e-docs.bea.com/wls/docs81/webServices/index.html.
Q. What is a wireless (mobile) device?
A. A wireless device in this context is a device that has connectivity to the Internet without being
physically plugged into a network with a wire. The most common examples of these are the
Internet-enabled cell phone such as a WAP Phone or i-Mode phone, personal digital assistant
(PDA) such as Palm VII, Pocket PC such as Wireless iPaq, and pager such as RIM Blackberry.
Q. Can WebLogic Server support wireless devices?
A. Yes. For information on wireless support, see Using WAP with WebLogic Server. Wireless
examples, if installed, are located in the /samples/examples directory of your WebLogicServer
installation and are available from the Start menu.
Q. What should I consider when writing an application for wireless devices?
A. The following is a list of factors to consider when writing applications for wireless clients:
FAQs: Wireless-Related Questions
23-2
�� Content should be personalized based on the location of the device and/or the type of the
device.
�� Device microbrowsers are usually not HTML-based; some are WML-based, some are
cHTML-based, some are HDML-based, some use Web Clipping, etc.
�� Some devices have additional features such as Bluetooth, power keys and SMS messaging
that can be used to enhance an application.
�� Often the devices can be used with voice portals using voice recognition and
text-to-speech.
�� Most of the devices have smaller screens that may or may not display color or graphical
images.
�� These screens range in form from a vertically-oriented rectangle to a square to a
horizontally-oriented rectangle.
�� Many of the devices have a difficult data entry and selection mechanism with numeric
keypads or styli.
�� Connectivity is often lost when the device is mobile.
�� The devices usually have no PKI security capability.
�� A few of the devices are limited in the amount of data that can be transmitted to them for a
page.
For more information see Wireless, Internet and Email.
Q. What is WAP and what is i-Mode?
A. WAP and i-Mode are the two major over-the-air (OTA) protocols for wireless Internet
communication with cell phones and some other devices. WAP stands for Wireless Application
Protocol and is found predominantly in Europe and North America. i-Mode is the protocol used
in Japan by NTT DoCoMo. A new protocol called WAP-NG (WAP Next Generation) is being
considered as a replacement for both of these protocols.
Both WAP and i-Mode are comprised of both the OTA protocol and a markup language
understood by their microbrowsers. The WAP markup language is WML (Wireless Markup
Language) and cHTML (Compact HTML) is the markup language specified by i-Mode. WML
and cHTML may be superseded by XHTML (Basic) in the future.
Note that other wireless carriers and devices use protocols and markup languages other than WAP
and i-Mode. For example, the Palm VII uses web clipping over a proprietary protocol.
23-3
For more information about WAP, see http://www.wapforum.org/faqs.
Q. Will my solution work on different networks such as CDMA, GPRS, TDMA and PDC-P?
A. Yes. WAP and i-Mode were designed to hide the network details from the application
developer. They will both work equally well on any underlying network. Therefore, as carriers
upgrade their networks, applications written for either WAP or i-Mode will continue to work
without any need for modifications. As the networks are upgraded to higher speeds, the
performance of wireless applications written in either WML or cHTML should improve as well.
Q. What changes do I need to consider for 3G wireless networks?
A. None. As described in the previous answer, neither WAP nor i-Mode is dependent on the
underlying network. However, a developer may consider enriching an application with streaming
media or other content that requires greater bandwidth.
Q. Which XML parser comes with WebLogic Server 8.1?
A. We bundle the following two parsers with WebLogic Server 8.1:
– a built-in parser based on Apache’s Xerces 2.1.0 parser
– WebLogic FastParser, a high-performance non-validating parser that you can use for
small to medium sized XML documents.
FAQs: XML
24-2
The WebLogic XML Registry allows you to configure the parser you want to use for
specific document types.
You can also use the WebLogic XML Streaming API to parse your XML documents. The
Streaming API is based on the SAX API, but provides a more procedural, stream-based
handling of XML documents rather than having to write SAX event handlers, which can
get complicated when dealing with complex XML documents.
Q. Is there an XSLT processor included in WebLogic Server 8.1?
A. Yes, the one that ships in the JDK 1.4.1_02: Apache’s Xalan 2.2D11. This is the built-in
XSLT processor for WebLogic Server 8.1.
Q. The built-in XML parser is based on Apache’s Xerces 2.1.0. Can I upgrade the built-in XML
parser to a later Xerces version?
A. Yes. To upgrade to version 2.2.0, 2.3.0, or 2.4.0 of Apache’s Xerces, follow these steps:
1. Append the appropriate Apache xercesImpl.jar file to the end of WebLogic Server's
CLASSPATH variable. The CLASSPATH variable is typically set in the scripts used to start
WebLogic Server. The xercesImpl.jar file contains Apache’s implementation of the
version of Xerces to which you want to upgrade.
You can also put the xercesImpl.jar file in the WEB-INF/lib directory of the WAR file
of your application. You do not need to enable the PreferWebInfClasses flag for your
Web application.
Warning: Do not use the archives from Apache named xml-apis.jar or
xmlParserAPIs.jar.
2. Configure your XML Registry to use org.apache.xerces.jaxp for the
DocumentBuilderFactory or SAXParserFactory factories. For details, see
Administering WebLogic Server XML at
http://e-docs.bea.com/wls/docs81/xml/xml_admin.html.
Q. The built-in XSLT processor is based on Apache’s Xalan 2.2D11. Can I upgrade the built-in
XSLT processor to a later Xalan version?
A. Yes. For instructions, see Endorsed Standards Override Mechanism at
http://java.sun.com/j2se/1.4.2/docs/guide/standards/.
The version of Xalan to which you upgrade will be used from any user application code that gets
a transformer through JAXP. WebLogic Server itself uses this transformer when processing Web
Service attachments and for the JSP XSLT tag library.
24-3
Q. What version of the JAXP API specification is implemented in WebLogic Server 8.1?
A. Version 1.1. This version includes pluggable XML transformation as well as pluggable XML
parsing.
Q. Can I use the getAttribute() and setAttribute() methods of Version 2.3 of the Java Servlet API
to parse XML documents?
A. Yes. Use the setAttribute() method for SAX mode parsing and the getAttribute()
method for DOM mode parsing. Using these methods in a Servlet, however, is a
WebLogic-specific feature. This means that the Servlet may not be fully portable to other Servlet
engines, so use the feature with caution.
Q. How do I identify the document type of an XML document?
A. If the XML document has a Public ID, then that is its document type. For example, if an
XML document contains the following DOCTYPE declaration:
"http://foo.com/url/to/my/dtd">
then its document type is My public ID String.
If the DOCTYPE declaration does not contain a Public ID, but specifies a System ID, then the
document type is the System ID. For example, in the following DOCTYPE declaration:
the document type is http://foo.com/url/to/my/dtd.
Note: The System ID is of the DTD, not of the XML document itself. It can, however, still be
used as a way to identify the XML document.
If the XML document does not specify a DOCTYPE declaration, then the document type can be
either the root element name or the namespace URI, if it has one.
Q. I get a java.lang.LinkageError exception when I use Ant to run a client application that
uses the WebLogic JAXP implementation. What is the problem?
A. The problem might have to do with Ant classloading. The workaround is to fork the VM by
setting the fork="true" attribute of the java Ant task while running the application.
The full text of the error is as follows:
FAQs: XML
24-4
[java] java.lang.LinkageError: loader constraints violated when linking org
/xml/sax/InputSource class
[java] at
weblogic.xml.jaxp.RegistryDocumentBuilderFactory.newDocumentBuilder(RegistryDo
cumentBuilderFactory.java:128)
Q. What is WebLogic Express?
A. BEA WebLogic Express (WLX) is a production-proven Java servlet engine designed to get
you up and running on the BEA WebLogic™ product line in a cost-effective manner. WebLogic
Express allows you to quickly develop and launch dynamic Web sites and basic Web applications
that do not require the full suite of application server capabilities. WebLogic Express is a good
fit for projects that don’t yet use advanced technologies such as EJB, JMS, and JCA, and instead
favor Servlets, Java Server Pages (JSP), Java objects, RMI, and JDBC. WebLogic Express
notably does not support EJB, JMS, JCA, the two-phase commit protocol for transactions, or
some other features targeted at enterprise-level applications.
Q. What J2EE technologies are supported by the latest version of WebLogic Express?
A. WebLogic Express 8.1 supports Java Servlets 2.3, JSP 1.2, JDBC 2.0, JNDI 1.2.1, JTA 1.01a,
JMX 1.0, and JavaMail 1.1.3.
Q. When should I upgrade from WebLogic Express to WebLogic Server?
A. WebLogic Express is a good fit for less complex applications built on Servlets, JSPs, Java
objects, and simple data access. You can use RMI for client-server and client-client
communication, and even build basic Web Services using these technologies.
Reasons to migrate to WebLogic Server from WebLogic Express could include the following:
�� Your application needs an upgrade - Perhaps you need to repartition your application layers
to create a separate business logic/EJB layer to meet certain business needs or to manage
architecture complexity.
�� You need to integrate with other applications supported with JCA adapters.
�� You need a messaging infrastructure (i.e., JMS) for you application.
�� You need some of the more advanced features that come with WebLogic Server such as
two-phase commit transactions, message-driven beans, and object tier clustering and
caching.
Q. Is the upgrade from WebLogic Express to WebLogic Server difficult?
A. Upgrading from WebLogic Express to WebLogic Server is actually very easy. Since
WebLogic Express and WebLogic Server share the same code base, your applications will run as
is – without any modifications - on WebLogic Server.
Upgrading is as easy as copying over a new WebLogic Server license file to your existing
WebLogic Express installation.
Q. Does WebLogic Express support Web Services?
A. Yes, WebLogic Express is Web Services enabled. WebLogic Express offers
presentation-level Web Services with the latest XML, SOAP, and JAX-RPC standards.
Q. Does WebLogic Express support Clustering?
FAQs: WebLogic Express
25-4
A. Yes, WebLogic Express Premium Edition has full clustering capabilities for your
mission-critical Web applications. Clustering support in Premium Edition includes clustered
JDBC, in-memory replication of servlet sessions with automatic failover, and load balancing
features.
Q. How do I install a new WebLogic Express license?
A. The WebLogic Express license file resides under the BEA_HOME directory of your
installation. The license file contains licenses for all products of the BEA WebLogic Platform.
A. If you do not have any other Weblogic products installed, you could simply copy over the
new WebLogic Express license file to the existing one. Otherwise -- and preferably -- install the
new WebLogic Express license with the following steps:
1. Save the new license file with a name other than license.bea in the target BEA Home
directory. For example, save the file as platform_license.bea. Use this file as the
license_update_file in step 4 of this procedure.
2. Open a command shell and go to the target BEA Home directory.
3. If it is not already included, add the JDK to your PATH variable by entering the following
commands:
– On a Windows system: set PATH=BEA_HOME\jdk131_03\bin;%PATH%
– On a UNIX system: PATH=BEA_HOME/jdk131_03/bin:$PATH
export PATH
4. Merge the license update file into your existing license by entering one of the following
commands:
– On a Windows system: UpdateLicense license_update_file
– On a UNIX system: sh UpdateLicense.sh license_update_file.
license_update_file is the name to which you saved the license update file in step 1.
5. Save a copy of your updated license.bea file in a safe place outside of the BEA_Home
directory or on a different machine.
Q. What is a WebLogic Express Domain?
A. For ease of administration and management, one or more WebLogic Express instances – and
their associated resources - are grouped together in an administrative unit called a domain. A
domain can include multiple WebLogic Express clusters and non-clustered WebLogic Express
instances. A single Administration Server manages a domain.
25-5
A domain could consist of only one WebLogic Express instance. However, that sole server
instance would serve as an Administration Server, because each domain must have exactly one
Administration Server.
You can define multiple domains based on different system administrators' responsibilities,
application boundaries, or geographical locations of servers.
Q. Can a domain include a mix of WebLogic Express and WebLogic Server instances?
A. Yes, you can have WebLogic Express and WebLogic Server instances in the same domain.
The domain would be managed by a single Administratiion Server and Administration Console.
Q. What version of the Java Servlet and JSP specifications does WebLogic Express support?
A. WebLogic Express 8.0 supports Java Servlet version 2.3 and JSP version 1.2.
Q. Do I need to make any changes to my Web application currently deployed in Tomcat in order
to move it to WebLogic Express?
A. Any Web application deployed in standard .WAR format, as per the Servlet specification,
will deploy without code changes on WebLogic Express. You may have to define the resource
and resource mappings in the WebLogic Express server if your application depends on any
WebLogic Express resources.
Q. How should I use the existing BEA e-docs if I am a WebLogic Express user?
A. BEA has provided a separate eDocs page for WebLogic Express. This page provides links to
most of the documentation related to WebLogic Express features, installation, programming,
management, and “Getting Started” material. You will find that many of the links in the
WebLogic Express documentation pages actually point to WebLogic Server documentation
pages. This is because WebLogic Express shares the same code base as WebLogic Server and
WebLogic Server documentation for common WebLogic Server/WebLogic Express features can
be applied to WebLogic Express.
Q. Can I build Web services with WebLogic Express? If so, how?
A. Yes, you can build and deploy Web Services in WebLogic Express using Java classes. See
Overview of WebLogic Web Services at
http://e-docs.bea.com/wls/docs81/webserv/overview.html for instructions on building Web
services for WebLogic Express. Note that in WebLogic Express you can only use Java classes to
implement Web services. You cannot use EJBs or JMS.
Q. How does the Console differ between WebLogic Express and WebLogic Server?
A. There is no difference between the WebLogic Express and WebLogic Server console.
Q. Where can I download WebLogic Express for an evaluation?
A. You can download a trial version of WebLogic Express at
http://commerce.bea.com/downloads/weblogic_express.jsp.
To help you with your WebLogic Express evaluation, there is a WebLogic Express evaluation
guide that will guide you through the process of a WebLogic Express installation, creating and
deploying a Web application on WebLogic Express, and reviewing WebLogic Express features.
Q. Can I get JDBC drivers with WebLogic Express?
A. Yes, BEA offers two JDBC drivers that come with WebLogic Express:
�� Type 2 native JDBC driver for Oracle.
�� Type 4 JDBC driver for Microsoft SQL Server.
In addition, you can use any JDBC-compliant driver with WebLogic Express. For more
information on WebLogic Express and JDBC drivers, see Introduction to WebLogic JDBC at
http://e-docs.bea.com/wls/docs81/jdbc/intro.html.
Q. Can I use WebLogic Express as the Web tier in an n-tiered application architecture?
A. Yes, WebLogic Express will fit your Web-tier needs very well. WebLogic Express can be
used as your primary Web server and also host advanced J2EE Web applications built with
HTML, XML, Servlets, JSP, applets, etc. WebLogic Express has complete Web server
functionality, including a built-in HTTP server.
Q. Can I use WebLogic Express as an admin server in a larger WebLogic Server cluster?
A. Yes, you can use WebLogic Express as the admin server in a larger WebLogic Server Cluster.
Q. Can I do integration with WebLogic Express?
A. WebLogic Express is intended to be use as a Java Servlet/Web application engine. It does not
support the integration features that come with WebLogic Server like J2EE Connector
Architecture (JCA) and WebLogic Server-Tuxedo connectors.
Q. How does WebLogic Express integrate with my IDE?
A. WebLogic Express can work with various third party modeling, development and testing
tools. For information on tools support and integration kits see Tools and Utilities for WebLogic
Server 8.1 at http://e-docs.bea.com/wls/docs81/toolstable/ToolsTable.html.
Q. When should I consider Open Source vs WebLogic Express?
A. Please see our white paper discussing the considerations involved in making a choice
between WebLogic Express and Open Source Servlet Engines.
Q. Does WebLogic Express support virtual hosting?
A. WebLogic Express supports virtual hosting that allows a single WebLogic Express instance
or WebLogic Express cluster to host multiple Web sites. Each logical Web server has its own host
name, but all Web servers are mapped in DNS to the same cluster IP address.
When a client sends an HTTP request to the cluster address, a WebLogic Express instance is
selected to serve the request. The Web server name is extracted from the HTTP request headers
and is maintained on subsequent exchanges with the client so that the virtual host name remains
constant from the client's perspective.
Multiple Web applications can be deployed on a WebLogic Express instance, and each Web
application can be mapped to a virtual host.
Q. Does WebLogic Express work with other popular Web servers?
A. WebLogic Express can either act as your primary Web server or can be used as the servlet
engine behind a Web server like Microsoft IIS, Apache HTTP Server, or Netscape Enterprise
Server.
WebLogic Express includes plug-ins that enable WebLogic Express applications to communicate
with these other Web servers. For information on using plugins see Using Web Server Plug-Ins
With WebLogic Server at http://e-docs.bea.com/wls/docs81/plugins/index.html.
Q. Can I use WebLogic Express as a Web server?
A. Yes, WebLogic Express has complete Web server functionality. This allows a Web browser
to request pages from WebLogic Express using standard HTTP protocol. Used as a Web server,
WebLogic Express supports several standard features like security, SSL, virtual hosting, Proxy
configurations, load balancing, and automatic failover. For more information on WebLogic
Express as Web server refer to WebLogic Server Services at
http://e-docs.bea.com/wls/docs81/intro/chap2.html.
Q. Which platforms are WebLogic Express certified on?
A. For a list of certified platforms see Supported Configurations at
http://e-docs.bea.com/platform/suppconfigs/index.html.
Q. Can I use other BEA products with WebLogic Express, like WebLogic Workshop, WebLogic
Portal, or WebLogic Integration?
A. WebLogic Express can be a front-end to these other BEA WebLogic products and to the BEA
WebLogic Platform.
Q. How does clustering work with WebLogic Express Premium edition?
A. WebLogic Express Premium Edition includes clustering and failover of JSPs, Servlets, RMI
objects, and JDBC connections for increased reliability and availability. For more information on
WebLogic Express Clustering features see Introduction to WebLogic Server Clustering at
http://e-docs.bea.com/wls/docs81/cluster/overview.html.
Q. What is dev2dev Support?
A. BEA now offers dev2dev Support for WebLogic Express customers. BEA dev2dev Support
provides comprehensive Web-based support for easier and more productive implementations so
you can meet your project goals. Developers have access to extensive online technical
information, best practices, and automated online help request services – all allowing you to tap
into the expertise of BEA Support.
Dev2dev Support is an additional offering to the pre-existing Production Support offering from
BEA. BEA Production Support is a more comprehensive offering, ensuring your key business
processes are up and running. Combining 24x7 response for faster problem resolution with
proactive services to leverage best practices, BEA Production Support improves your IT team’s
productivity. The BEA Production Support offering allows all members of your team access to
BEA expertise through phone or Web, as well as full access to online self-help resources.
Q. Can I access CORBA applications with WebLogic Express?
A. Yes. WebLogic Express contains support for RMI over IIOP, which can be used for
connectivity with CORBA applications. Because WebLogic Express does not contain support
for EJB, you can only use RMI over IIOP to communicate with plain RMI objects, however.
More information on RMI over IIOP, see Overview of RMI over IIOP at
http://e-docs.bea.com/wls/docs81/rmi_iiop/rmiiiop1.html.
Q. What kind of applications can I build with WebLogic Express?
A. WebLogic Express is designed for building and deploying simple Web applications that do
not require the full application server capabilities. WebLogic Express is a good fit for projects
that use Servlets and Java Server Pages (JSPs), and simple Java applications using Java classes,
RMI, and JDBC. WebLogic Express does not support EJB, JMS, JCA, advanced Web services,
or other features targeted at enterprise-level applications.
Q. Are there any newsgroups for WebLogic Express?
A. You can access the BEA newsgroups for your particular area of interest at
http://www.bea.com/support/newsgroup.shtml.
Q. How do I start developing on WebLogic Express?
A. The best place to start is with the “Getting Started” section of WebLogic Express.
There is also a WebLogic Express evaluation guide and toolkit that you can download. The guide
helps you to get started quickly with WebLogic Express installation and Web application
programming with a self paced tutorial.
Q. Where can I take classes on Java development?
A. Information can be found at http://www.bea.com/education/index.shtml.
Q. Why does a JMS error message appear when I start WebLogic Express?
A. The Domain Wizard adds JMS tags when it creates a new domain, and when this domain is
used to start the server, the JMS tags are noted, and the error message is displayed. If you have
not specified any JMS resources in your domain, you can ignore this error message and continue
to run the server.
