jueves, 25 de septiembre de 2008

OC4J is configured to make JMX connections via RMIS and fall back to RMI if the RMIS port is not configured

Hola a todos!

Pues el otro dia, estuve jugando con las propiedades de Seguridad del servidor de aplicaciones, y tratando de solucionar un problema, me salio otro que, la verdad ya no sabia ni que era.

El error es:

OC4J is configured to make JMX connections via RMIS and fall back to RMI if the RMIS port is not configured

 

Bueno, esta es la razón por la que a mi me ocurrio, OJO: pueden ser varias causas las de este error.

 

Tuve un problema con Oracle Web Services Manager (OWSM) que es este:

<faultstring>WS-Security process failure:null</faultstring>

 

Y buscando en Metalink encontré esta nota para resolverlo:

Problems With Using a PKCS12 Keystore with Oracle Web Service Manager
Doc ID:     Note:457746.1    

Symptoms

It is a requirement of a project that a PKCS12 keystore be used for the signing of a web service response through the use of Oracle Web Services Manager (OWSM).  After creating this type of keystore using keytool and using this in the request pipeline an error is thrown that states that there was a security process failure.
the error received is as follows:

<SOAP-ENV:Envelope  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV-Body>
    <SOAP-ENV:Fault>
      <faultcode xmlns:p="http://schemas.oblix.com/ws/2003/08/Faults">p:Client.GenericFault</faultcode>
          <faultstring>WS-Security process failure:null</faultstring>
null</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

The following exeception is thrown in the gateway.log:

wssecurity.SecurityBaseStep - Failure while applying XML Security
java.lang.NullPointerException
at com.cfluent.policysteps.security.wssecurity.SignStep.performXmlSecurity(SignStep.java:170)
at com.cfluent.policysteps.security.wssecurity.SecurityBaseStep.execute(SecurityBaseStep.java:238)
at com.cfluent.pipelineengine.container.DefaultPipeline.executeStep(DefaultPipeline.java:124)
at com.cfluent.pipelineengine.container.DefaultPipeline.execute(DefaultPipeline.java:97)
at com.cfluent.pipelineengine.container.DefaultPolicy$DeferredPipeline.execute(DefaultPolicy.java:63)
at com.cfluent.pipelineengine.container.DefaultPolicy$DeferredPipeline.access$300 (DefaultPolicy.java:18) at com.cfluent.pipelineengine.container.DefaultPolicy.execute(DefaultPolicy.java:126)
at com.cfluent.pipelineengine.container.PipelineContainer.execute(PipelineContainer.java:114)
at com.cfluent.agent.Agent.intercept(Agent.java:123)
at com.cfluent.agent.AgentRuntime.intercept(AgentRuntime.java:200)
at com.cfluent.pipelineengine.util.PolicyInvoker.execute(PolicyInvoker.java:30)
at com.cfluent.pipelineengine.util.InvokerChain.execute(InvokerChain.java:30)
at com.cfluent.gateway.Invoker.execute(Invoker.java:118)
at com.cfluent.gateway.listener.ProtocolListener$ListenerTask.run(ProtocolListener.java:272)
at com.cfluent.gateway.listener.ProtocolListener.invoke(ProtocolListener.java:110)
at com.cfluent.gateway.listener.GatewayRuntime.invoke(GatewayRuntime.java:32)
at com.cfluent.gateway.listener.http.HttpListener.invoke(HttpListener.java:30)
at com.cfluent.gateway.listener.http.ServicesServlet.handlePost(ServicesServlet.java:34)
at com.cfluent.common.servlet.BaseServlet.doPost(BaseServlet.java:264)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
...
...
at java.lang.Thread.run(Thread.java:595)

CSWComponent - Step execution failed: Fault
Code=[http://schemas.oblix.com/ws/2003/08/Faults/GenericFault] Fault
String=[WS-Security process failure:null] Policy=[SID0003001] Pipeline=[Request] Step Name=[Sign Message] Step Class=[com.cfluent.policysteps.security.wssecurity.SignStep]
common.PrepareForServiceStep - Step PrepareForServiceStep called
wssecurity.WSSecurityUtils - Could not find the Security Header
gateway.Invoker - Result of Request Pipeline is 1
Changes

 

 

La nota menciona que vaya al directorio JRE de la SOA Suite y que en el archivo java.security agregue esto:

security.provider.x=org.bouncycastle.jce.provider.BouncyCastleProvider

 

Seguí la nota y no se resolvio mi problema.

Pero no note que hiciera nada raro el Oracle App Server.

Así que deje esa entrada del BouncyCastleProvider.

 

Para mi sorpresa cuando reinicie el IAS.

Dias despues, la consola de administración ya no arrancaba, y me mostraba este mensaje (el cual no te dice NADA):

This OC4J is configured to make JMX connections via RMIS and fall back to RMI if the RMIS port is not configured. The RMIS connection on the OC4J instance null on Application Server null is configured but a connection could not be established. The JMX protocol is specified by the oracle.oc4j.jmx.internal.connection.protocol property in opmn.xml

 

Buscando en internet, no encontre nada, hasta que recorde que había cambiado cosas de seguridad, y cuando quite la entrada del BouncyClastleProvider Funcionó.

 

Asi que si alguien cambio esta propiedad y se olvido (COMO YO) de quitarla. Si la quitan, la consola de administración del IAS funciona de nuevo!

 

Saludos!

Mau

Publicado por Wanzjin en 7:06
Etiquetas:
Suscribirse a: Enviar comentarios (Atom)
 
Themes by: Free Templates Studio. Powered by Blogger