Oracle Applications DBA Blog

Behind the Oracle HTTP Server - OHS

The OHS is the abbreviation for the Oracle HTTP Server. This is the core component for the client facing interface of Oracle Applications. Much of how Oracle Applications behaves is controlled from the OHS.

The OHS is built upon the Apache Server project. The Oracle Application server in Oracle Applications 11i (11.5.10.2) is based on Apache 1.3.

Oracle Application Server 10g Release2 is based on Apache 2.Though we do not have 10g release 2 application server by default  in 11i, we can choose to implement the 10g applications server with 11i.

You can find out the current version of OHS by the command httpd -version
$ httpd -version
Server version: Oracle HTTP Server Powered by Apache/1.3.19 (Unix)
Server built:   Apr  5 2004 16:17:45 (iAS 1.0.2.2.2 rollup 4)

There are some core files which control the behavior of the Oracle HTTP Server. Again most of these files are autoconfig  managed , so changes to them should be via the Oracle Applications Manager and autoconfig must be run to propagate these changes to the respective config files.

httpd.conf
This is manin config file for the Apache based OHS. It contains all vital configuration information for the OHS like the port on which the server is running, the portocol used etc.A detailed list of derivates supported by the httpd.conf file can be found in the apache documentation. Again as mentioned before this file is also autoconfig managed.

httpds.conf
The httpds.conf file is similar to the httpd.conf. The httpds.conf filers comes into use when apache runs in the Secure Sockets Layer implementation(SSL).Another way make sure if httpds.conf is being used in your environment or not is to open up the apachectl file in the Apache/bin directory and check if the httpds executable is being used along with the httpd executale. something similar to below

HTTPD=/d01/sam/samsora/iAS/Apache/Apache/bin/httpds

access.conf
The access.conf file is natively used to specify the acess control files for the HTTP server. But in Oracle Implementation of  Apache server this file is essentially kept empty and instead the AccessConfig directive in httpd.conf is used.

url_fw.conf
The URL firewall or the url_fw.conf file implementation is used to provide an additional layer of security on the external  tier.This file comes into play once you define a node as external. After this is enabled only the urls specified in the  url_fw.conf files will be accessible through the external tier in a DMZ architecture.Once enabled the httpd.conf file will have a link to include this file.

security.conf
This file contains the security configuration for the OHS.It has information regarding security auditing and also location of the security audit log file location.

oracle-apache.conf
This a file that stores the configuration information for various supported modules in Oracle applications like imeeting , OEM etc.It will contain entries to include these configuration files. These module specific configuration file like the imeeting.conf will also reside in the Apache/conf directory on the application server.

Posted by Sam at 04:21 AM | Permalink | Comments (5) | TrackBacks (0)

Implementing SSL for Discoverer 10g

One of the things that you would require to do after an SSL implementation in Oracle Applications is to implement SSL in your Discoverer instance as well.
To use discoverer with Oracle Applications, you must integrate discoverer 10g wihch comes bundled with the 10 g application server.

Middle Tier SSL Only
As mentioned in my earlier posts the 10 application server comes with the infrastructure Tier and middle tier products. The  discoverer is a part of the middle tier products. While implementing SSL with Discoverer it is not required to implement SSL on the infrastructure also. Its sufficient to have SSL implementation in your middle tier.in other word infrastructure SSL is
optional.

Current Architecture
Oracle Applications 11.5.10.2 with SSL
Oracle Applications Server 10g
Oracle Discoverer 10g Integrated With Oracle Applications
Operating System Sun Solaris 5.8 64 bit

Oracle Wallet and Certificate Provisioning
To implement the SSL on the middle tier we would need an Oracle Wallet. You have the option to use the default wallet or  create your own wallet. Here we choose to create a new wallet.

To implement SSL for the discoverer you can either provision new certificates or you can use the certificates from our Oracle  Applications instance.
In the current scenario we will be using the existing certificate from the Oracle Applications.

Set you environment to the 10g middle tier
export ORACLE_HOME=/d01/sam/Mid10g
export PATH=$ORACLE_HOME/bin:$PATH
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME/lib

Create a wallet dir in your ORACLE_HOME
cd $ORACLE_HOME
mkdir wallet

Copy Certificate from your Oracle Applications
Copy the following cert files from your application tier to your wallet directory (in my case it was a same server you might have to do a binary FTP)
cp $COMMON_TOP/admin/certs/apache/certs/apache/ssl.crt/server.crt /d01/sam/Mid10g/wallet/
cp $COMMON_TOP/admin/certs/apache/certs/apache/ssl.crt/ca.crt /d01/sam/Mid10g/wallet/
cp $COMMON_TOP/admin/certs/apache/certs/apache/ssl.crt/server.key /d01/sam/Mid10g/wallet/

Convert Certificates
Execute the follwoing from the wallet directory to convert the certificates
$ORACLE_HOME/Apache/Apache/bin/ssl2ossl -cert ./server.crt -key ./server.key -cafile ./ca.crt -wallet . -ssowallet yes

This will create two new files in your wallet
-rw-r--r--   1 sammid  dba         6697 Aug  6 10:57 ewallet.p12
-rw-------   1 sammid  dba         7441 Aug  6 10:57 cwallet.sso

Run SSL Config
Run the SSL config tool to configure SSL for your middle tier discoverer

SSLConfigTool -config_w_default -secure_admin -opwd <orcladmin password> -ptl_inv_pwd <password>

ssl.conf Change
You must set the Listen and Port directives manually to be the same as this does not get updated as a part of the SSLConfigTool.

Update the repository for DCM
Update the distributed cluster repository using
$ORACLE_HOME/dcm/bin/dcmctl updateConfig -v -d

Set up Secure Tunneling Communication
Log on to the Enterprise Manager IAS Console and navigate to
Server->Discoverer->Discoverer Plus->Communication Protocol and choose 'Secure Tunneling' option.



Oracle Applications Profile Options.
Make sure the following profile options in Oracle Application reffer to the correct port and protocol (HTTPS)
ICX_DISCOVERER_LAUNCHER
ICX_DISCOVERER_VIEWER_LAUNCHER
ICX_DISCOVERER_PARAMETERS

Posted by Sam at 04:30 AM | Permalink | Comments (1) | TrackBacks (0)

Cache invalidation in Oracle Applications

With the extended usage of Self Service Web Applications(SSWA) in Oracle Applications, the mechanism of cache invalidation assumes significant importance. In the process of supporting Oracle Application i am sure most of you would have already come across the cache invalidation mechanism and problems associated with it in Oracle Applications.

What do you mean by cache Invalidation?
The main purpose of the web cache is to cache frequently used data and reduce application response time for the end user. However in order to maintain the relevance of the cached data it is important that the old is flushed out or invalidated and new data is cached again. This process is referred to as cache invalidation. All the web server which support web cache have different mechanisms to deal with the invalidation process. These may be time based date based etc.Also invalidation maybe either automatic that is triggered by the application /Server itself or it may be manual like from the console or a simple deletion from the backend.

Cache Invalidation In Oracle Applications
The core web server of Oracle Applications is the apache based Oracle Application Server. The Oracle application Server Web Cache has the ability to cache both static and dynamic data.

The different methods of Invalidation supported by the Oracle Application Server Web Cache are

• Manual Invalidation through Web Server Console
• Manual invalidation through a telnet to the web server.
• Invalidation using PL/SQL,this is available via the wxvutil.sql scriptthe which can be obtained from http://otn.oracle.com/software/products/ias/web_cache/files/api_plsql.zip
• Invalidation from a JSP using the jesi:invalidation tag

Based on the circumstances encountered Oracle Applications also uses these mechanisms to perform cache invalidation to render the most relevant information when using self service web applications.

Oracle Applications implements a Cache Framework to effectively handle the caching mechanisms in E-Business Suite. This framework primarily includes

• Cache Manager: The cache manager is responsible for interacting between the business APIs and the cache components. The business APis request data from the cache via this manager.
• Cache Components: The actual data is stored in the form of cache components. The data is distributed in various cache components based of the attributes.
• Cache Class Loader: Each of the cache components are associated with a cache calss loader. when the data is requested by the business APIs via the cache manager to the cache component, if the object is present it is given back and in case of a miss (also referred as a cache miss) the cache class loader is responsible for fetching the data from the database and loading it into the cache component.

A common case of improper of cache invalidation is when you add a self service responsibility to a user and the user is not able to see that responsibility immediately. A work around is that you manually  clear the cache or bounce your web server after which the change is reflected (as it does a force invalidation of your cache).However if you have applied your latest patches and roll ups you would not see this problem.

The Oracle Application cache Framework supports the following features

• Preloading: Preloading allows certain objects to be preloaded in the cache component along with the startup of the JVM. This increases performance by eliminating the need to lod the objects via the class loader.
• Distribution: In case of multiple JVMs in use the caching framework ensures that cache changes and invalidations are propogated in all the caches.
• Dadatabse Invalidation. the caching framework in applications also provides for an invalidation request to be originated from the database level. This means the database cahnges to the cached objects are sent as invalidation requests to the cache. To enable this feature you must however make sure that the Workflow Java Deferred Agent Listener is started in your instance.
• Event Support: Also supported by the applications cache framework is the support for events. This ensures that there is synchronization between inter dependent data in the cache. For this purpose event handlers are registered within the cache components.

You can run diagnostic test on your cache by going to the
http://<hostname>:<port>/OA_HTML/jtflogin.jsp

Another mechanism adopted by the web cache along with invalidation is Expiration. Expiration happens when the objects in the web cache are marked as invalid after a certain period of time. While invalidation is used for randomly changing objects the expiration method is adopted for objects which do not change so frequently.

Posted by Sam at 03:11 AM | Permalink | Comments (1) | TrackBacks (0)

Managing Your 10g Application Server

After having discussed about installation and configuration of Oracle Applications Server, in today’s post I will talk about managing the application server primarily the startup and shutdown procedures. I am sure this would have been already well  documented by oracle but the post aims summing up the process. I will discuss the opmn tool by Oracle and also the Enterprise Manager

The process described here also holds good for other Oracle products like Oracle Collaboration suite and Oracle SOA suite.

Any application server would necessarily consist of a infrastructure Tier, it may or may not have a middle tier associated.

Starting Application Server Services

Order of Startup
As the middle tier is dependent on your infrastructure it is important that the infrastructure should be up and running  before you proceed with the middle tier services.

Using runstartupconsole.sh
You can start up the infrastructure tier services using the runstartupconsole.sh script located at your $ORACLE_HOME/bin/ on  the machine which contains your infrastructure.

# su - saminf
$ cd $ORACLE_HOME/bin
$runstartupconsole.sh start

This command will startup

The AS Meta Data Repository Instance
The Listener
The Enterprise Manager Console
Infrastructure Process Such as OID,OC4J_security,SSO etc.

To startup the middle Tier Services you log in to your middle tier OS user and run the the runstartupconsole.sh from the  middle tier ORACLE_HOME.

# su - sammid
$ cd $ORACLE_HOME/bin
$runstartupconsole.sh start

This Command will start up

The 10g Enterprise Manager
All OPMN managed process for the middle tier like portal

Using Enterprise Manager Console
You can also use the 10g Enterprise Manager console to start up the infrastructure tier and middle tier services, however you  must start up the enterprise manager explicitly before you can use it. The emctl command is used to startup the enterprise manager. The location is $ORACLE_HOME/bin

#su - saminf
$emctl start iasconsole

You can logon top the enterprise manager using the ias_admin username and password given at the time of installatiuon. You  can get the URL of the EM from the setupinfo.txt file located at the $ORACLE_HOME/install directory location.

Similarly you can start the EM of the middle Tier using the emctl command and start the middle tier services using the EM  console.

However you must start your Meta Data Repository instance and Listener manually before starting and using the EM console.

Using OPMN

OPMN stands for the Oracle Process Manager and Notification, is a tool with you can manage the OPMN managed Infrastructure  and Middle Tier Porcess. The opmnctl executable is located at the $ORACLE_HOME/opmn/bin.

opmnctl start
This command will start up your opmn process

opmnctl startall
This will start up the opmn process and all process managed by opmn

opmnctl startporc ias-component=component
This will start a specific opmn managed process like SSO
You can also start using the sub-porcess of a component using
opmnctl startproc process-type=process

You could also restart the processs using
opmnctl restartproc ias-component=component
opmnctl restartproc process-type=process

However before using OPMNCTL you must have started your Metadata Respositery Database Instance and the Listener manually.

Shutdown of Application Tier Services

Order Of Shutdown
Your Middle tier Services must be shutdown before you shutdown your infrastructure services.

Using runstartupconsole.sh
You can shutdown the infrastructure tier services using the runstartupconsole.sh script located at your $ORACLE_HOME/bin/ on the machine which contains your infrastructure.

# su - saminf
$ cd $ORACLE_HOME/bin
$runstartupconsole.sh stop

This command will stop
All infrastructure tier services
The 10g EM console
The meta data repository instance
The listener

For middle Tier services you must run this command for the middle tier ORACLE_HOME.

Using Enterprise Manager Console
You can also use the 10g EM console to shutdown your middle tier and infrastructure services.
After that you must shutdown your EM console manually using the emctl command

emctl stop iasconsole

You can also shutdown the Infrastructure services using the EM Console of the infrastructure tier after which you must manually shutdown the EM console manually using emctl at the infrastructure tier.

You must also remember to bring down your Meta Data Repository and Listener manually from the infrastructure home after all  the services are brought down.

Using OPMN
Using opmnctl you can shutdown your middle tier services and infrastructure services.

opmnctl shutdown
This shutdown the opmn process and along with it all the managed opmn processes

opmnctl stopall
This command stops all opmn managed process for a particular tier.

You can also stop a specify OPMN managed component using
opmnctl stopproc ias-component=component
or
opmnctl stopproc process-type=process

The EM console on the middle tier and the infrastructure tier needs to be brought down manually using emctl stop iasconsole.
Also the Meta Data Repository Instance and Listener need to be brought down manually.

Posted by Sam at 05:46 PM | Permalink | Comments (7) | TrackBacks (0)

Oracle Portal

Continuing with the series of Oracle Applications Server integration, today i shall discuss about Oracle Portal and Integrating Portal with Oracle Applications.

A portal is a web based implementation of content management which allows the enterprise to effectively manage content  without having to make use of complex programming tools. There have been various implementation of Portals by various third parties. But In this post i shall limit the discussion to Oracle's implementation of Portal.

Oracle Allows a out of box portal solution as a part of its Fusion Middleware bundled with 10g Oracle Application Server. Oracle Portal lets the enterprise employ a single portal framework to manage Organization’s entire Web presence. It is based in the Oracle's implementation of J2EE containers or Oracle Containers for J2EE (OC4J).

Besides providing standard functionalities of a enterprise portal Oracle Portal also allows integration with the E-Business suite enabling organizations to provide dynamic content to employees, Partners and vendors. This integration with enterprise  applications extends itself to non Oracle Applications like SAP also.

Other Benefits of Oracle Portal Include

Single Sign On
Ability to implement Single Sign On by integrating with Oracle Internet Directory.

Business Intelligence
Oracle Portal offer in built portlets which can be used with Other Oracle Business Intelligence tools like Discoverer.

Business Process
Oracle Portal also offers interaction with the business process engineering tools like BEPL.

Desktop Publishing
Apart from the dynamic content and integration with other enterprise applications Oracle Portal also allows for convenient publishing of content through the desktop.

Custom Development
Oracle Portal also comes with an inbuilt Portal Development Kit (PDK) which allows developer to do custom development.

SOA Enabler
Organizations that aim at implementing a Service Oriented Architecture(SOA) require there applications to be bound together in a secure portal framework. Oracle Portal helps them archive this.

As mentioned earlier Oracle Portal is a component of the 10g Application Server. It is installed as a part of the Middle Tier  components of the 10g Application Server. As a result you must have a Oracle Applications Server Infrastructure installed first before going ahead with the installation of Oracle Portal.

The latest release of Oracle Portal is 10.1.4, though the Portal which comes with Oracle Application server 10.1.2.0.2 is discussed in this post.

Portal Integration With Oracle Applications

This kind of integration allows access to Ebusiness suite protlets from within Oracle Portal. A link to E Business suite is  created when we register Oracle Applications as a partner application with Oracle Portal.

Architecture Configuration

Oracle Applications 11.5.10.2 (With ATG RUP 4)
Oracle Applications 10g 10.1.2.0.2
Redhat Linux AS 4
Oracle Applications HTTP Port 8032
Oracle Application Server Infrastructure Port 7777
Oracle Application Server Middle Tier Port 7778
OS Applications user applsam
OS Database User orasam
10g Application Server Infrastructure OS user asinf
10g Application Server Middle Tier OS user asmid

Pre Requisites

This post assumes the following configurations have been successfully setup.

E-Business suite 11.5.10.2 has been setup
Oracle Applications Server 10.1.2.0.2 Infrastructure and Middle Tier is Installed (With Portal)
10g Application Server Integrated with Oracle Applications and Single Sign On Implemented

Check Portal Setup
Check the setup and configuration of your portal by logging in to the portal url

http://<hostname>.<domain>:<port>/pls/portal

orcladmin is the super user for portal you can login with user to see that the portal admin screen.

Apply Patch 3418272
This patch has to be applied on your E-Business Suite with your ORACLE_HOME set to your IAS ORACLE_HOME.To do set the environment correctly source the SID_hostname.env located in your IAS Home of your E-Business Suite. The patch has two scripts namely  c3418272.csh and d3418272.csh you only need to apply the first script that is c3418272.csh.

Apply Compatibility patch 3615177
This patch is also applied to your IAS_ORACLE_HOME. Again your need to source the SID_hostname.env located in your IAS Home of your Ebusiness suite for to get the environment correct.

Apply patch  4585791
This patch is to be applied to your Portal home that is your Oracle Applications Server Middle Tier home. The patch is  applied by OPatch. It is advisable to have the latest OPatch installed in your ORACLE_HOME before you apply this patch.

#su - asmid
$cd $ORACLE_HOME/OPatch
$./opatch apply -silent /u01/4585791 -pre -s portal -p TyOQH8Ax -c samlnx:1521:samasdb.appsdbablog.com

You can get the portal password by running the ldapsearch script on your Infrastructure

ldapsearch -h samlnx.appsdbablog.com -p 389 -D "cn=orcladmin" -w test123 -b "cn=IAS,cn=Products,cn=OracleContext" -s sub -v 
"OrclresourceName=portal"| grep orclpasswordattribute

Apply Patch 5378265
Apply this patch on your E-Business Suite using adpatch.

Change the Cookie Domain
Change the Cookie Domain to conatin the last last two letters of the value mentioned in the APPS_WEB_AGENT.In our case in should contain .appsdbablog.com. Make this change from the Oracle Applications Manager (OAM).

Comment for topleveldomain
Remove the comment in from topleveldomain variable from Oracle Applications manager.

OProcMgr Trusted Nodes
In case you have your Oracle Application server on a different host then make sure you add the entry for this host also in the OProcMgr Trusted Nodes through OAM.

Run Autoconfig
Run autoconfig on your application tier so that the changes get reflect across the system. Bounce your Apache Server to have the chages take effect.

Register E-Business Suite Framework
Go to the portal page using
http://<AS10g_hostname>:<AS10g_app_tier_portnumber>/pls/portal
Login as orcladmin user and navigate to Administer" tab -> "Portlets" region -> "Register a Provider" link

You need to fill in the details as required and register  Oracle Applications with the following URL
http://[Release_11i_host]:[port]/servlet/framework
Attempting to access this URL from your desktop may result in an access denied message but you can ignore it and proceed with  the registration.You might get a cookie related warning post registeration which also can be ignored.

Once registered a link to the Oracle Applications Framework with a list of Oracle Applications Portlets will be accessible from your portal.



Additional References
Using Oracle Portal 10g with Oracle E-Business Suite 11i Note:305918.1

Posted by Sam at 05:57 PM | Permalink | Comments (9) | TrackBacks (0)

Goodbye mod_plsql

In my previous post relation to Oracle Application Express i briefly discussed that running APEX with Oracle  Applications Release 12 will not be that straightforward after all. The reason being the absence of mod_plsql in the Release 12 Application Server. In today’s post i will explore this topic a bit further and understand what  exactly does the mod_plsql do and its absence in Oracle Applications Release 12.

mod_plsql

mod_plsql is a extension module of the Apache Web Server which is the core component of the Oracle Application server. It was also formally referred to as Oracle PLSQL Cartridge. The main function of the mod_plsql is that is  allows the middle tier or the web server to understand and execute plsql code. This is particular useful in  generation of dynamic web pages. The mod_plsql makes a connection to your database based on the information defined  by your Data Access Descriptor (DAD) settings. That is in Oracle Applications the wdbsrv.app file would be used by  the mod_plsql to connect to your database and execute the sql/plsql code against it. What this does mean is that  virtually almost any plsql code can be executed through the web browser via a http/https protocol.

In a default apache web server configuration mod_plsql is configured and started by default.The Oracle Application  server both standalone and the one bundled within Oracle Applications Release 11i.

mod_plsql Vulnerabilities

Although i am yet to see any official document from Oracle on the mod_plsql's demise in release 12 apart from  Steven Chan’s blog and the Oracle Open World presentations, the reason for its exclusion are not mentioned.

The main reason which i feel is the security vulnerabilities that mod_plsql has. Since a connection to a database is  possible relatively easily in a mod_plsql implementation its gives rise to security threats. In fact it allows anyone with access to the Oracle Application web server to execute any sql /plsql code against  the APPS schema and view any data which is visible to the APPS user. This obviously quite dangerous. Also exists a risk of sql injection, which is one of the most commonly used techniques by hackers. Sql injection is a technique where the hacker tries to add in malicious code in between a valid sql/plsql code.This often makes the system quite vulnerable and difficult to detect the intrusion.

Although there have been workaround to block the mod_plsql vulnerabilities, they have been known to cause problems in  complex implementations of Oracle Applications. These vulnerabilities have not gone unnoticed by oracle and it has  relase Oracle Security Alert #28 which takes about the risk arising from the mod_plsql.

As a result i feel the security vulnerabilities surrounding mod_plsql would have been one of the major factors for  Oracle to decide to de support mod_plsql in Oracle Applications Release 12.

Oracle Applications Framework.
When i has started blogging my third post covered Oracle Applications Framework(OAF).Its time to revisit the topic  now. The Oracle Applications Framework is a java framework which is based on the J2EE MVC design pattern and allows to execute HTMl,XML,PL/SQL,Java and web services without compromising on security. The connection to the database  in Oracle Applications Framework model is done through Java Database Connection (JDBC) Drivers.

The Oracle Applications Framework comes bundled in a default installation of Oracle Applications Release 11.5.10  and later for Oracle Applications Release 11.5.9 and prior you would be required to upgrade to the latest AD patchset level to be able to use Oracle Applications Framework. For the current release of OAF you must have be on  java 1.3 atleast. The actual requirements for OAF in Release 12 are not known as the official documentation on that  is yet to be released.

Apart from addressing the security vulnerabilities OAF also allows the out of box customizations of the Oracle  Applications imodules. In Oracle Applications Release 12 all customizations which use the application server  mod_plsql would have to be migrated to the Oracle Applications Framework model.

Additional References
Red-database-security.com's Sql Injection via mod_plsql
Steven Chan's Post on Release 12 Tech Stack

Posted by Sam at 08:12 PM | Permalink | Comments (2) | TrackBacks (0)

Oracle Containers For J2EE (OC4J)

One of the reasons I am writing today’s post on Oracle Container For J2EE is that apart from being a core component of the 10g  Application Server Oracle Containers For J2EE is also an important member of the new Oracle Applications Release 12 Tech Stack. In this and my coming posts i would be touching upon the new feature which are planned to included in Oracle Applications Release 12.

Oracle Containers For J2EE or commonly referred to as OC4J is the underlying runtime engine for the 10g Application Server infrastructure. It is an extremely lightweight and easy to install component which requires less than 50 MB of disk space and  20 MB of your server memory to be up and running. It also has a support for a wide range of operating systems including  NT, Linux, Solaris, HP-UX, IBM-AIX and Compaq True 64 with support for both 32 and 64 bit operating system.

OC4J runs on the Java 1.4 virtual machine and is J2EE 1.3 complaint. You can have multiple OC4J process running configured each  of which is referred to as a OC4J instance. The OC4J configuration is controlled via  XML configuration files and OC4J properties file. An OC4J instance is referred to as a container as it provides a web container to support services like Java Server  
Pages(JSP),Servlets , Enterprise Java Beans(EJB) and Web Services.

The OC4J also implements the following J2EE services.

• Java Authentication And Authorization Service (JAAS)
• Java API for XML Parsing (JAXP)
• J2EE Connector (J2C)
• Java Mail
• Java Naming and Directory Interface(JNDI)
• Java Database Connectivity (JDBC)
• Java Application Framework(JAF)
• Java Transaction API (JTA)
• Java Messaging Service (JMS)

High Availability Single Sign On and SOA

OC4J can also be configured to support High availability architectures with Oracle RDBMS using Real Application Clusters and Oracle Datagaurd Technologies.OC4J also supports the Single Sign On functionality by make use of the JAAS service.OC4J is also out of box Service Oriented Architecture (SOA) compliant as it supports the underlying feature of persistence.

Deployment

Though in the current post we are mostly talking about OC4J as a component of the Oracle Application Server, its important to note here that it comes as a standalone java component as well in the form a single zip file. Both the standalone distribution and the Application server distribution are developer friendly and deployment friendly. The code deployment in OC4J is done 
through a Enterprise Archive File (EAR). The EAR file contains the Web Archive (WAR file) which in turn encapsulates the Java Archive (JAR) files containing the code.

OC4J In Oracle Applications

OC4J replaces the Jserv component which is there in the current release 11i of Oracle Applications. Also as a result the  mod_jserv component would be replaced by the mod_oc4j component in release 12 of Oracle Applications. The mod_oc4j is used to  communicate between different OC4J instances.

The default installation Release 12 of Oracle Applications creates 3 OC4J instances

• Oacore: This runs the OA Framework -based applications.
• Forms: This runs the Forms-based applications.
• OAFM:  This is responsible for running the web services.

The Jserv groups which are there current in Oracle Applications Release 11i are also planned be replaced by OC4J instances.

As mentioned earlier the OC4J properties are controlled using the XML files and OC4J.properties file. These files are  managed by the standard Oracle Applications Autoconfig.

The Java code deployment in Oracle E-Business suite for OC4J is done at the time of install using rapid install and maintained by ad tools like adadmin and adpatch. New custom code deployment can be done by using the Application Server Control user interface.

The OC4J implementation In Oracle Applications Release 12 includes the following directory structure.

• applications: Contains applications deployed
• applications-deployment: Contains configuration settings for the applications deployed
• config: Contains common configuration setting for the OC4J instance.

Posted by Sam at 08:31 PM | Permalink | Comments (7) | TrackBacks (0)

Changing the Net Listener Port in Oracle Applications Server 10g

In my previous post I discussed installing the 10g application server. The Application server installation uses the port 1521 as the default port for the application meta data repository. If you already have a listener using that port you have the option of either sharing the listener or configuring a new listener. In my case i tried to change the listener and found out it included just a little bit more than just changing the listener.ora file.

I am listing out the steps that i performed to configure a new listener and get the applications server back to shape.

System Overview

10g Application server with infrastructure and middle tier installed on the same box.

Infrastructure Tier Services  
OID
HTTP Server

Middle Tier Application
Portal

OS Users
Infrastructure OS user: asinf
Middle Tier OS user: asmid

Task
Current Listener running on port 1521.
Configuring a new listener on port 1525

Shutdown Services.

Shutdown all the infrastructure and middle tier services.

su - asmid
$opmnctl stopall
$emctl stop iasconsole

su - asinf
$opmnctl stopall
$emctl stop iasconsole

Shutdown Your Infrastructure Listener

# su - asinf
$lsnrctl stop

Change The Listener Configuration

Make the change to have the new post number in the lsitener.ora file on your infrastructure tier.

# su - asinf
$cd $ORACLE_HOME/network/admin
$vi listener.ora

SID_LIST_SAM =
  (SID_LIST =
    (SID_DESC =
      (SID_NAME = PLSExtProc)
      (ORACLE_HOME = /u03/oracleAS/asinf/OraHome)
      (PROGRAM = extproc)
    )
  )

SAM =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS_LIST =
        (ADDRESS = (PROTOCOL = TCP)(HOST =
samlnx02.appsdbablog.com)(PORT = 1525))
      )
      (ADDRESS_LIST =
        (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC))
      )
    )
  )

Change Your TNSNAMES

After this you need to make the change reflecting the new port in your TNSNAMES.ora file on both the infrastructure tier and the middle tier.

$su - asinf
$ vi $ORACLE_HOME/network/admin/tnsnames.ora
EXTPROC_CONNECTION_DATA =
  (DESCRIPTION =
    (ADDRESS_LIST =
      (ADDRESS = (PROTOCOL = TCP)(HOST = samlnx02.appsdbablog.com)(PORT
= 1525))
    )
    (CONNECT_DATA =
      (SERVICE_NAME = PLSExtProc)
    )
  )

SAM =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = samlnx02.appsdbablog.com)(PORT =
1525))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = sam.appsdbablog.com)
    )
  )

Also replicate this change in middle tier tnsnames.ora.


Start Your Listener

Start your infrastructure tier listener.

# su - asinf
$lsnrctl start SAM

Set The New Listener At The Database Level.

You must execute this command in your infrastructure database to have the parameter local_listener set to your new listener.

# su - asinf
$sqlplus "/ as sysdba"
SQL*Plus: Release 10.1.0.4.2 - Production on Thu Oct 26 18:38:38 2006

Copyright (c) 1982, 2005, Oracle.  All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.1.0.4.2 - Production
With the Partitioning, OLAP and Data Mining options

SQL> alter system set local_listener='SAM';
system altered

Bounce The Database.

Stop and startup your meta data repository database to have it register the new listener name.

Start Your OID On The Infrastructure Tier

# su - asinf
$opmnctl startproc ias-component=OID

Change The Port Number In OID.

Start the Oracle Directory Manager from your desktop if you have the client installed else you can use the one on the server at $ORACLE_HOME/bin/oidadmin

Under Entry Management->cn=Oracle Context->cn=SAM->orclnetdescstring chnage the value of the new port here.

Change The Other Config Files.

Based on your installation you may need to change the following files also

$ORACLE_HOME/sysman/emd/targets.xml
$ORACLE_HOME/Apache/modplsql/conf/dads.conf

Posted by Sam at 09:37 PM | Permalink | Comments (6) | TrackBacks (0)

Installing 10G Application Server

Last week i spent a considerable amount of time working on Oracle Application server configurations, i also revisited some of the installation of the core application server components. For starters i will blog with about the installation of Oracle Applications server.

The Oracle Application Server is divided into two main server side components which are infrastructure  and middle tier. Apart from there it also includes developer kits.

These components can be installed on the same server but must have separate ORACLE_HOMEs. Also the  infrastructure must be installed first after which you must install your middle tier components as the  meta data repository is a part of the infrastructure installation.

Another important fact to note is that the oracle application server uses 1521 port as default for its listener. In case the port is used by another listener on your system you must share it with this instance or you must manually configure the application server DB listener to use a different port.

The OS is Redhat Linux AS
The Version Of Oracle Application Server is 10.1.2.0

1.Required OS packages
The first step would be to make sure you have the following packages (or a higher version) installed

glibc-2.3.4-2.9
glibc-common-2.3.4-2.9
binutils-2.15.92.0.2-13
compat-libstdc++-296-2.96-132.7.2
gcc-3.4.3-22.1
gcc-c++-3.4.3-22.1
libstdc++-3.4.3-22.1
libstdc++-devel-3.4.3-22.1
openmotif21-2.1.30-11.RHEL4.4
pdksh-5.2.14-30
setarch-1.6-1
make-3.80-5
gnome-libs-1.4.1.2.90-44.1
sysstat-5.0.5-1
compat-db-4.1.25-9
control-center-2.8.0-12
xscreensaver-4.18-5.rhel4.2

For Linux you can use the rpm -qa|grep <package_name> command to check.


2. OS Directories
Next we will make a directory structure to hold your application server components.

# cd /u03
# mkdir oracleAS
# chmod -R 777 oracleAS


3. OS User Accounts
Having two seperate OS accounts for the infrastructure and middle tier comapnets make it easier to manage the installation.

# useradd -g dba -d /u03/oracleAS/asinf asinf
# useradd -g dba -d /u03/oracleAS/asmid asmid

4.Oracle Inventory

Make sure to set your oracle inventory location to a accessible location.

vi /etc/oraInst.loc
inventory_loc=/u03/oracleAS/oraInventory
inst_group=dba

5. Starting the installation.
The installation has to be started as the infrastructure user (asinf), but executing the runInstaller  
executable. The first screen is the welcome screen.

6.In this screen you would specify your ORACLE_HOME for your infrastructure.

7. The next screen presents you with the option of installing either of the application server  
componets as bloged above we will proceed with the installation of the infrastructure first.

8.The next screen you can choose to install the Oracle Internet Directory, Single Sign On and Meta Data Repository, you could choose to make either of them or all of them included in your application server infrastructure.

9.Next the installer will carry out a pre installation check of your OS.

10. You must conform pre requisite as root privileges on your system.

11. This screen will allow you to choose the services which the installer will configure and start for  
you.

12. In this screen you can choose either to let the installer decide the ports for the various 10G  
Application server services or you can prove one manually using the static port file.

13. This screen will display the default realm for your OID

14. Here you can choose your database SID and also the location for your datafile locations.

15.Next you specify the passwords for your database schema (Unfortunately it does not allow you to  specify passwords for the PORTAL schema ;)

16. In this screen you specify the your instance name and the ias_admin password.

17. The next screen will display the components the installer will install.

 

18. After this a progress bar displays the status of the installation, allowing you just enough time to  catch up on your mails.

19.As a post installation step the installer configures and starts up the installed products.

 

20.You now can start with the installation of the middle tier component as the asmid OS user and choose to install the middle tier services like portal.

 

21. The other steps are all repetitive except the screen where you have register your middle tier component with your OID which was installed as part of your infrastructure.

There two important files that the installation process creates, the first is the portlist.ini located at the $ORACLE_HOME/install directory this file contains the various port numbers used by the application server services. The other file is the supportinfo.txt which contains the URLs to access the installation.

Posted by Sam at 11:26 PM | Permalink | Comments (11) | TrackBacks (0)