Feed aggregator

Oracle Traffic Director (OTD) 12c : Basics & Overview

Online Apps DBA - Thu, 2016-10-27 03:23

  Oracle Traffic Director (OTD) is software load balancer from Oracle that receive requests from client and forward it to back-end application like WebLogic , WebCenter, Portal etc. In this first post on OTD, I’ll be covering basic concepts related to OTD (More on installation & configuration of OTD later in future posts) 1. Oracle […]

The post Oracle Traffic Director (OTD) 12c : Basics & Overview appeared first on Oracle Trainings for Apps & Fusion DBA.

Categories: APPS Blogs

New OA Framework 12.2.5 Update 7 Now Available

Steven Chan - Thu, 2016-10-27 02:04

Web-based content in Oracle E-Business Suite 12 runs on the Oracle Application Framework (OAF or "OA Framework") user interface libraries and infrastructure.  Since the release of Oracle E-Business Suite 12.2 in 2013, we have released several cumulative updates to Oracle Application Framework to fix performance, security, and stability issues. 

These updates are provided in cumulative Release Update Packs, and cumulative Bundle Patches that can be applied on top of the Release Update Pack. "Cumulative" means that the latest RUP or Bundle Patch contains everything released earlier.

The latest OAF update for EBS 12.2.5 is now available:

Screenshot EBS 12.2.5 OAF Bundle Patch 7

Where is the documentation for this update?

Instructions for installing this OAF Release Update Pack are here:

Who should apply this patch?

All EBS 12.2.5 users should apply this patch.  Future OAF patches for EBS 12.2.5 will require this patch as a prerequisite. 

What's new in this update?

This bundle patch is cumulative: it includes all fixes released in previous EBS 12.2.5 bundle patches.

This latest bundle patch includes new fixes for the following critical issues:

  • The number values in Total column in the Budget table are partially hidden after applying some set of ATG and Mobile Application patches.
  • Failed to return to the base page after submitting the popup due to client side validation.
  • The rawtext with style class set to OraInstrcutionText under HideShowHeader with style class OraHeaderSub does not word-wrap.
  • Tables are not get rendered properly when scrolling when there are more than 300 records in the table.
  • Page/form image icons are not aligned on home page with the function name links in Navigator and Favorites regions in Chrome and Firefox browsers.
  • The document catalog column was displayed on inline attachment popup windows even if document catalog option was disabled.
  • In HTTPS-enabled environments, navigating to 3-Frame JSP page shows a blank page since the request to load mixed active content has been blocked.
Related Articles
Categories: APPS Blogs

Documentum story – Status of IndexAgent not visible in HTTPS (xPlore)

Yann Neuhaus - Thu, 2016-10-27 02:00

In one of our project, we were using CS 7.2 P02 (upgraded later with P05) in correlation with xPlore 1.5 P02. With these versions, we wanted to setup the IndexAgents in HTTPS to have a completely secured environment. We choose to follow the xPlore documentation and use the Groovy script that EMC is now providing to facilitate the setup in HTTPS of the IndexAgents & Primary DSearch.

 

The first thing to note is that the documentation is describing some parts of how to setup the SSL in xPlore but it is not the complete setup and some other parts are missing! You can use one of my previous blog to know how to setup an IndexAgent in HTTPS using the Groovy Script: click here. The second thing to note is that after setting our IndexAgents in HTTPS, we faced an issue where the status of the IndexAgents weren’t available anymore (it was working in HTTP)! After following the steps described in the other blogs, please take a look at the explications below in case you are having the same issue.

 

So after doing what is described in the link above, the status of the IndexAgents in Documentum Administrator was “Not responding” and we weren’t able to start/stop them. Same behavior via iapi, the status command returned a 200 code. Unlike the HTTP response codes, the IndexAgents codes are:

  • 0 => Everything is running & working
  • 100 => The JBoss instance hosting the IndexAgent is running BUT the IndexAgent isn’t started (E.g.: not in the status “Start in Normal Mode”)
  • 200 => The JBoss instance hosting the IndexAgent isn’t running OR not responding

 

Now to check the status of the IndexAgent, you can do the following using iapi:

API> ?,c,select object_name, index_name from dm_ftindex_agent_config;
object_name                                      index_name
-----------------------------------------------  ------------------------------------------------
xplore_server_01_9200_IndexAgent                  DOCBASE_ftindex_01
(1 row affected)

API> apply,c,,FTINDEX_AGENT_ADMIN,NAME,S,DOCBASE_ftindex_01,AGENT_INSTANCE_NAME,S,xplore_server_01_9200_IndexAgent,ACTION,S,status
...
q0
API> next,c,q0
...
OK
API> dump,c,q0
...
USER ATTRIBUTES
 
  name                         [0]: xplore_server_01_9200_IndexAgent
  status                       [0]: 200

SYSTEM ATTRIBUTES


APPLICATION ATTRIBUTES
 

INTERNAL ATTRIBUTES
 

API> exit
Bye

 

You can see above a status 200… I can assure you that the JBoss instance and IndexAgent are up, running & working properly (we had to start it using the GUI since it was the only way to check the status)! Then why is a status code 200 returned? Well that’s the purpose of this blog!

 

Like I said before, we choose to setup the SSL for the IndexAgents using the Groovy script and that’s the reason why we faced this issue in the first place… The Groovy script is setup to automatically update the file “standalone.xml” to add some configuration for the SSL. This is what the script will add:

[xplore@xplore_server_01 ~]$ grep -A4 "connector name=\"https\"" /app/xPlore/jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/standalone.xml
    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
        <ssl name="https" password="***********"
            certificate-key-file="/app/xPlore/dsearch/admin/./../../jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/my.keystore"
            cipher-suite="TLS_RSA_WITH_AES_128_CBC_SHA"/>
    </connector>

 

Now what is wrong with this configuration? It actually looks quite good… We were working on this specific issue for a few months with EMC without any special findings (no errors in logs, nothing in the DFC/RPC/HTTP_POST traces, aso…) when we noted that the Groovy script only added a “normal” Cipher to the standalone.xml file but our Content Servers were setup at that time using the default SSL mode of Documentum which is commonly named “Anonymous SSL”. As shown above, the SSL Cipher that the Groovy script added is “TLS_RSA_WITH_AES_128_CBC_SHA”. The problem is that the JBoss instance hosting the IndexAgent is restricting the Ciphers available but the docbase on the other side isn’t able to use this Cipher because it is using the “Anonymous SSL”. Therefore there is mismatch in the Ciphers available and the communication can’t be completed.

 

So what is the solution to that? Well we simply need to extend the Cipher list to find a Cipher that is available for both the docbase and the IndexAgent. To solve this issue, you just have to replace the “cipher-suite” as follow:

[xplore@xplore_server_01 ~]$ grep -A4 "connector name=\"https\"" /app/xPlore/jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/standalone.xml
    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
        <ssl name="https" password="***********"
            certificate-key-file="/app/xPlore/dsearch/admin/./../../jboss7.1.1/server/DctmServer_Indexagent_DOCBASE/configuration/my.keystore"
            cipher-suite="TLS_DH_anon_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA"/>
    </connector>

 

With this setup, you just have to restart the JBoss instance hosting the IndexAgent, reinitialize the Content Server and after doing that, the status will be available again:

API> apply,c,,FTINDEX_AGENT_ADMIN,NAME,S,DOCBASE_ftindex_01,AGENT_INSTANCE_NAME,S,xplore_server_01_9200_IndexAgent,ACTION,S,status
...
q0
API> next,c,q0
...
OK
API> dump,c,q0
...
USER ATTRIBUTES

  name                         [0]: xplore_server_01_9200_IndexAgent
  status                       [0]: 100

SYSTEM ATTRIBUTES
 

APPLICATION ATTRIBUTES
 

INTERNAL ATTRIBUTES


API> apply,c,,FTINDEX_AGENT_ADMIN,NAME,S,DOCBASE_ftindex_01,AGENT_INSTANCE_NAME,S,xplore_server_01_9200_IndexAgent,ACTION,S,start
...
q1
API> next,c,q1
...
OK
API> dump,c,q1
...
USER ATTRIBUTES

  name                         [0]: xplore_server_01_9200_IndexAgent
  status                       [0]: 0

SYSTEM ATTRIBUTES


APPLICATION ATTRIBUTES
 

INTERNAL ATTRIBUTES
 

API> exit
Bye

 

As you might know, the Cipher that we added contains “_anon_”. This means Anonymous (no authentication) and this also means that it is not the most secure of all Ciphers but this is necessary if you are using the default SSL mode in Documentum (without specifically setting up your own SSL Certificates). That’s why EMC recommends you to setup a non-Anonymous SSL mode but that’s a little bit more difficult to setup than just using the default one. Might be the subject of another blog :)

 

Cet article Documentum story – Status of IndexAgent not visible in HTTPS (xPlore) est apparu en premier sur Blog dbi services.

Links for 2016-10-26 [del.icio.us]

Categories: DBA Blogs

OSB - Use os stored procedures

Tom Kyte - Wed, 2016-10-26 18:46
Hello, I'm working on a SOA project and we're using stored procedures to work with Oracle RAC in OSB. This keep the project clean, organized, avoiding XA and others benefits. The only bad thing is a little extra time to work with. We decided t...
Categories: DBA Blogs

alter session force parallel QUERY parallel

Tom Kyte - Wed, 2016-10-26 18:46
I have a job running with the error ORA-12842: Cursor Invalidated During Parallel Execution,and I re-run and it's complete. I check the MOS NOTE:1322894.1 to look up the cause,I see that it give the cause is : ORA-12842 can be reported to a user ...
Categories: DBA Blogs

Oracle Marketing Cloud Empowers Customers to Manage Identity Gap

Oracle Press Releases - Wed, 2016-10-26 17:43
Press Release
Oracle Marketing Cloud Empowers Customers to Manage Identity Gap Enhancements to Oracle Data Management Platform Enable Marketers to Seamlessly Define, Select, Count and Deliver Audience IDs Based on User Environment

Redwood Shores, Calif.—Oct 26, 2016

Oracle today introduced a series of new data management platform innovations within the Oracle Marketing Cloud that enable customers to seamlessly define, select, count, and deliver audience IDs based on the users’ environment. This allows customers to create audience segments tied to the customer journey across devices, channels, media environments, and ID spaces. Powered by the Oracle ID Graph, this release helps marketing and media professionals deliver on their marketing strategies by delivering relevant experiences to customers on whichever device they choose.

As consumers increasingly interact with brands across a range of different devices and environments, marketers and publishers face the challenge of unifying consumer IDs from different platforms and devices in order to gain a holistic view of individual buyers. To empower marketers and publishers to quickly and efficiently manage these multiple environments, Oracle has released major enhancements to the Audience Builder user interface within the Oracle Data Management Platform to help marketers visualize and manage ID source, with planned functionality to link these audiences via a self-service UI through the Oracle ID Graph.  The new user interface released today makes it easier for customers to manage and select ID types in order to identify, build, plan and analyze audiences based on the device or platform within which the ID was originally created. This lays the foundation for the next iteration of the platform, which will further enable cross-device marketing by bridging IDs and scoring linkages between those IDs. This set of enhancements accelerates the convergence of adtech and martech within and outside of the Oracle technology stack.

“The explosive growth in connected devices has created immense opportunities for marketers to engage with consumers at the moments that truly matter,” said Steve Krause, group vice president, product management, Oracle Marketing Cloud. “To capitalize on this opportunity, marketers need to be able to manage audiences based on the engaged environment. This is critical to intelligent linking for use cases like cross-device targeting and that is why we have revamped the Audience Builder user interface within the Oracle Data Management Platform to help address device agnostic identity management.”

Audience Builder enables marketers to plan audiences for their campaigns using a combination of their own data and third-party data sources. Through the new Audience Builder users are able to:

  • Enhance Audience Segmentation and Engagement: Understand audience composition by device and environment to increase the effectiveness of engagements.
  • Optimize Media Buys: By identifying the devices driving conversions, marketers can modify campaign strategies to focus the conversion points and eliminate wasted impressions.
  • Increase Campaign Effectiveness: By managing advertising dollars based on targeting environment, customers can personalize campaigns against the source ID for relevant retargeting and prospecting.
  • Improve Mobile App Targeting at Scale: Enables marketers to activate 1st and 3rd-party audiences on channels against their mobile ad IDs based on behaviors like mobile app installs.

The new Audience Builder user interface is the latest in a series of innovative enhancements to the Oracle Data Management Platform. In the last year, Oracle has:

  • Integrated Native Tools for Data Ingest and Custom Audience Creation: Self-serve tools available in the platform for custom audience creation powered by Oracle Data Cloud’s Audience Discovery Platform, as well as embedded offline onboarding functionality via Oracle OnRamp, are now native functionalities of the platform.
  • Enhanced Personalization: Maxymiser integration enables marketers to tap into 1st, 2nd and 3rd party data for testing and optimization initiatives. This makes it easier for marketers to deliver experiences that are relevant to customers even before the first page view.
  • Enhanced Partner Integration: Enables partners to self-integrate into the Oracle Data Management Platform by setting up their endpoint for turnkey data campaign delivery. Since the new self-service portal was launched in November 2015, more than 20 new partners have been added.

The Oracle Marketing Cloud is part of the Oracle Customer Experience (CX) Cloud, one of the industry’s most complete CX solutions. Oracle CX Cloud empowers organizations to improve experiences, enhance loyalty, differentiate their brands, and drive measurable results by creating consistent, connected, and personalized brand experiences across all channels and devices.

Contact Info
Simon Jones
PR for Oracle
+1.415.856.5155
sjones@blancandotus.com
About Oracle

Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services. For more information about Oracle (NYSE:ORCL), visit www.oracle.com.

Trademarks

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Safe Harbor

The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle Corporation. 

Talk to a Press Contact

Simon Jones

  • +1.415.856.5155

Oracle Wins Technology Innovation Award for Adaptive Intelligent Apps

Linda Fishman Hoyle - Wed, 2016-10-26 17:17

A Guest Post by Oracle's Jack Berkowitz, VP of AI Apps Development (pictured left)

I'm thrilled to report that industry watchers liked what they heard at OpenWorld about our next-generation cloud strategy. One in particular, Ventana Research, named Oracle a winner of its 2016 Technology Innovation Awards for our Adaptive Intelligent Applications. How cool is that! These decision science and data-driven apps are part of the hottest trend in technology right now: AI and machine learning.

But our AI notoriety doesn’t stop at one award. Our OpenWorld announcement generated a lot of analyst and press interest (see list of published articles below). We even received favorable coverage from some of the most skeptical pundits. Here are a few that stand out:

“I see Salesforce as the first mover, but Oracle has significant long-term advantages.” – Doug Henschen, Constellation Research

"Oracle's new Adaptive Intelligent solutions take this value proposition a step further. They are set apart from others by allowing the intelligent applications to learn from billions of anonymized consumer and business profiles available from Oracle." – Dave Schubmehl, IDC, quoted in eWeek

“It is good to see a major vendor start to talk about specific use cases and put a bit more business context around the current buzz around machine learning.” - Vinnie Mirchandani, Enterprise Irregulars

Real products. Real benefits.

But this isn’t just us talking a good game. (In fact, there’s no shortage of hype as evidenced by articles such as this: Salesforce's "Einstein" receives mixed reviews.) Our Dev team is on track to meet the product rollout plan we shared with analysts and press at OpenWorld.

The first product we plan to release in 2017 is Adaptive Intelligent Offers. It enhances Oracle Commerce and Marketing Clouds with the ability to deliver offers and product recommendations to consumers at a specific moment. There are a number of competitive solutions out there, but they don’t have the same decision science/machine-learning algorithms that we do and require manual tuning of rules.

In addition, our apps don’t require huge data science departments to use them. Here’s why that’s an advantage. Some customers, such as the largest retailers, will want to build proprietary machine learning platforms, but most won’t have access to the talent, data, and infrastructure required. Gartner predicts that many organizations will opt for packaged applications because the data science needed to create these systems is so complex.[1]

No one can match Oracle's winning combination

So what sets our apps apart? It's the combo of these four elements:

  1. The most data with five billion anonymous consumer and business profiles
  2. The broadest domain expertise and delivery platform with 12,500 SaaS customers across CX, HCM, ERP, EPM, and SCM
  3. Data science, machine learning, and AI expertise in consumer research, systems optimization, IOT predictive analytics, business analytics and prediction
  4. Scalable cloud infrastructure that is automated

We're also working on AI Actions for sales and service, AI Discounts for procurement and finance, AI Dynamic Planning and Bidding for logistics, and AI Candidate Experience for HR.

You can contact me jack.berkowitz@oracle.com or melissa.boxer@oracle.com with questions.

[1] “Top 10 Strategic Technology Trends for 2017”, Gartner, October 2016.

Analyst and Press Articles Covering Adaptive Intelligent Apps

CMSWire: “Oracle Ups its Cloud Strategy with Adaptive Intelligent Applications #OOW16,” Derek Walter, Sept. 20, 2016

CMSWire: “Oracle Wraps Up OpenWorld With Promises of a Smarter Cloud,” Derek Walter, Sept. 26, 2016

Constellation Research: “Oracle Vs Salesforce on AI: What to Expect When,” Doug Henschen, Sept. 20, 2016

CRN: “Oracle Delivers Artificial Intelligence Solutions To Partners,” Joseph Tsidulko, Sept. 19, 2016

Destination CRM: “At OpenWorld 2016, Oracle Unveils Adaptive Intelligent Cloud Applications,” Oren Smilansky, Sept. 20, 2016

Enterprise Apps Today: “Oracle Updates Apps for Next Gen Cloud,” Sean Michael Kerner, Sept. 20, 2016

Enterprise Irregulars: “Oracle AI: Adaptive Intelligence,” Vinnie Mirchandani, Sept. 21, 2016

eWeek: “Oracle Launches Major AI Initiative With ‘Intelligent cloud Apps',” David Needle, Sept. 19, 2016

FierceCMO: “AI brings great potential to B2B marketing,” Patrick Gorman, Sept. 30, 2016

Fortune: “Salesforce and Oracle Vie to Prove Whose Apps Will Be Smarter,” Heather Clancy, Sept. 19, 2016

IoT Evolution World: “OpenWorld: Oracle is Dropping All Sorts of IoT Cloud Knowledge,” Ken Briodagh, Sept. 19, 2016

ITWeb: “Oracle ups cloud game in a bid to outdo rivals,” Admire Moyo, Sept. 20, 2016

The Register: “Oracle: We're going to be the practical AI people, we swear it,” Shaun Nichols, Oct. 11, 2016

ZDNet: “Oracle and Salesforce and IBM? Oh My! Here comes AI sprawl,” Larry Dignan, Sept. 19, 2016

ZDNet: “Oracle vs. Salesforce on AI: What to expect when,” Doug Henschen, Sept. 21, 2016

Page Composer for PeopleSoft Fluid Approvals

PeopleSoft Technology Blog - Wed, 2016-10-26 13:36

There is a new technology available from PeopleSoft that makes it very easy to configure Fluid Appovals. It’s called Enterprise Common Components Page Composer or often referred to as just Page Composer. With Page Composer, administrators can modify the contents, layout and format of Fluid Approval Pages without having to customize the underlying PeopleTools managed objects (pages and records).

Fluid Approvals are often one of the first product areas that many of you distribute to users to use on mobile devices. They are also an area of the product that each organization likes to tweak to meet their needs. Previous versions of mobile-ready approvals were built with IScripts and Mobile Application Platform (MAP), so customizing the UI was difficult and required developers. Now with Page Composer, changes are made using a simple drag-drop UI that doesn’t require complex programming.

The beauty of the Page Composer architecture makes it so that no PeopleSoft page is modified or customized, and the changes take effect immediately.  That means the change does not need to be managed when updating underlying PeopleSoft objects and code.  In Fluid Approvals, each approval type and device size has its own composition (page layout) providing full flexibility to customers when deciding what data to display.

It’s important to point out that in order to use Page Composer, you must use the new Fluid Approvals that are built for use with Page Composer.  Application teams will make the first set of approvals available in the following PeopleSoft Update Images, FSCM image 20, HCM image 20, CRM image 12 and ELM image 15. It’s also important to mention that Page Composer only supports Fluid Approvals and is not something that can be used with any Fluid page. We’ll let you know if that changes.

You can read more about Page Composer in the Tech Update found on MOS Note 764222.1.

Oracle Database 12.2.0.1 – Oracle Search Index for JSON (Search, Dataguide and VC’s)

Marco Gralike - Wed, 2016-10-26 08:39
Maybe not so evident to make a second post about Oracle 12.2.0.1 about the JSON…

ORA-01036 Error in Node.js app with Oracle Database Node.js Add-on

Recently I’ve experimented with Node.js REST application using node-oracledb add-on and tried to deploy it to Oracle Application Container Cloud Service (AcCS). I’ve encountered with issue, that...

We share our skills to maximize your revenue!
Categories: DBA Blogs

Quarterly CPU – To Patch or Not

Michael Dinh - Wed, 2016-10-26 08:13

If the organization is mandated by regulation, e.g. PCI, then it’s a no brainer.

What if the is no regulation and system is stable?

At this point, it depends on risk tolerance.

Review Oracle Critical Patch Update Advisory – October 2016 and search for Oracle Database Server Risk Matrix.

This example is for Oracle Database Server and please search accordingly for the required components.

Remote Exploit without Auth.? NO for all except Application Express

How much time is spent assessing risk and is it more efficient to spend the time patching?

It all boils down to time and tolerance.


Documentum story – User gets kicked out of D2 when navigating in D2Config

Yann Neuhaus - Wed, 2016-10-26 04:30

On a customer site, one of the users complained about being kicked out each time he wanted to create new documents in D2. This issue is happening in a default deployment of D2 and D2Config in a WebLogic Domain.We found out that the user sessions for D2Config and D2 are conflicting together.
This issue occurs if D2Config and D2 applications are opened in the same browser using different TABs and if the user is navigating from D2 to D2Config and vice versa.
The error message is misleading as it shows a session time out and the user just signed in   .

D2 session timeout

Investigations:
Using a HTTP Header tracing tool, we saw that the JSESSIONID cookie which is the cookie storing the HTTP Session for the Java applications is changing when switching from one application to the other. This showed us that both Java Application were using the same session cookie which conduct to session lost.

Workaround or Fix:
An easy fix for this is to update the D2 weblogic.xml file included in the D2.war file with a section defining a new session cookie name as shown below:

<session-descriptor>
      <cookie-name>JSESSIONID_D2</cookie-name>
      <cookie-http-only>false</cookie-http-only>
</session-descriptor>

To proceed, follow the steps below:

  1. Extract the weblogic.xml file from the war file
    mkdir mytemp
    cd mytemp
    -- Put the D2.war file here
    jar xvf D2.war WEB-INF/weblogic.xml
  2. Edit the file and add the session-descriptor bloc above just after the Description closing TAG.
  3. Update the D2.war file with the new weblogic.xml
    jar uvf D2.war WEB-INF/weblogic.xml
  4. And finally redeploy the D2.war file to the WebLogic Server.

This fix has been submitted to and validated by EMC support.

 

Cet article Documentum story – User gets kicked out of D2 when navigating in D2Config est apparu en premier sur Blog dbi services.

Documentum story – Setup the DSearch & IndexAgent in HTTPS (xPlore)

Yann Neuhaus - Wed, 2016-10-26 02:00

In this blog, I will show you how to setup the Primary DSearch and IndexAgent in HTTPS for xPlore 1.5. The documentation about that is available on the EMC WebSite as always and the pdf name is: “xPlore 1.5 Installation Guide.pdf”. The reason why I wanted to wrote this blog is because the documentation is not too bad but there are still some missing parts and without these parts, your configuration will just not work properly. Moreover, I think it is better to have a concrete an complete example rather than just reading a PDF with some information spread on 40 different pages.

 

So let’s begin the configuration. The first thing to do is obviously to login to the Full Text Server where you xPlore 1.5 is installed. For this blog, I will use /app/xPlore as the installation folder of xPlore. I will also use a Self-Signed SSL Certificate with a Certificate Chain composed of a Root and Gold CA. So let’s import the Certificate Chain in xPlore (following commands assume all certificates are available under “/app/xPlore/jboss7.1.1/certs”):

[xplore@xplore_server_01 ~]$ /app/xPlore/java64/1.7.0_72/bin/keytool -import -trustcacerts -alias root_ca -keystore /app/xPlore/java64/1.7.0_72/jre/lib/security/cacerts -file /app/xPlore/jboss7.1.1/certs/Internal_Root_CA.cer
Enter keystore password:
[xplore@xplore_server_01 ~]$ /app/xPlore/java64/1.7.0_72/bin/keytool -import -trustcacerts -alias gold_ca -keystore /app/xPlore/java64/1.7.0_72/jre/lib/security/cacerts -file /app/xPlore/jboss7.1.1/certs/Internal_Gold_CA1.cer
Enter keystore password:

 

All java processes using /app/xPlore/java64/1.7.0_72/bin/java will now trust the Self-Signed SSL Certificate because the Certificate Chain is trusted. When this is done, shutdown all xPlore processes (Primary DSearch and IndexAgent(s)) and let’s configure the Primary DSearch in HTTPS:

[xplore@xplore_server_01 ~]$ /app/xPlore/scripts/startstop stop
  ** Indexagent_DOCBASE1 has been stopped successfully
  ** PrimaryDsearch has been stopped successfully
[xplore@xplore_server_01 ~]$ cd /app/xPlore/dsearch/admin
[xplore@xplore_server_01 admin]$ ./xplore.sh -f scripts/ConfigSSL.groovy -enable -component IS \
    -alias ft_alias -keystore "/app/xPlore/jboss7.1.1/certs/xplore_server_01.jks" \
    -storepass K3ySt0r3P4ssw0rd -indexserverconfig "/app/xPlore/config/indexserverconfig.xml" \
    -isname PrimaryDsearch -ianame Indexagent_DOCBASE1

 

Some remarks:

  • “-enable” means that HTTPS will be enabled and HTTP will be disabled. If you want both to be enabled, use the “-dual” option instead
  • “-component” defines which component should be configured with this command. It can be “IS” (IndexServer), “IA” (IndexAgent) or “ALL” (IndexServer and IndexAgent)
  • “-isname” defines the name of the IndexServer/Primary DSearch that you installed
  • “-ianame” defines the name of the IndexAgent that you installed

 

Now what happen if you have more than one IndexAgent on the same server? Well the script isn’t smart enough for that and that’s the reason why I didn’t put “ALL” above but just “IS”. You might also noticed that I defined the “-ianame” parameter with “Indexagent_DOCBASE1”. This is because even if we are configuring the Primary DSearch in HTTPS, all IndexAgents have a reference in a configuration file that defines which port and protocol the IA should use to connect to the DSearch and if this isn’t setup properly, the IA will not be able to start.

 

Now the IndexServer is configured in HTTPS so let’s do the same thing for the IndexAgent:

[xplore@xplore_server_01 admin]$ ./xplore.sh -f scripts/ConfigSSL.groovy -enable -component IA \
    -alias ft_alias -keystore "/app/xPlore/jboss7.1.1/certs/xplore_server_01.jks" \
    -storepass K3ySt0r3P4ssw0rd -indexserverconfig "/app/xPlore/config/indexserverconfig.xml" \
    -ianame Indexagent_DOCBASE1 -iaport 9200

 

As you can see above, this time no need to add the “-isname” parameter, it is not needed for the IndexAgent(s). Let’s say that you have a second IndexAgent for the docbase named DOCBASE2 , then you also have to execute the above command for this second indexAgent:

[xplore@xplore_server_01 admin]$ ./xplore.sh -f scripts/ConfigSSL.groovy -enable -component IA \
    -alias ft_alias -keystore "/app/xPlore/jboss7.1.1/certs/xplore_server_01.jks" \
    -storepass K3ySt0r3P4ssw0rd -indexserverconfig "/app/xPlore/config/indexserverconfig.xml" \
    -ianame Indexagent_DOCBASE2 -iaport 9220

 

In case you didn’t know, yes each IndexAgent need at least 20 consecutive ports (so 9200 to 9219 for Indexagent_DOCBASE1 // 9220 to 9239 for Indexagent_DOCBASE2).

When configuring the IndexServer in HTTPS, I specified the “-ianame”. This is, like I said before, because there is a reference somewhere to the Protocol/Port used. This reference has been updated properly for Indexagent_DOCBASE1 normally but not for Indexagent_DOCBASE2. Therefore you need to do that manually:

[xplore@xplore_server_01 admin]$ grep -B1 -A10 dsearch_qrserver_protocol /app/xPlore/jboss7.1.1/server/DctmServer_Indexagent_DOCBASE2/deployments/IndexAgent.war/WEB-INF/classes/indexagent.xml
        <parameter>
            <parameter_name>dsearch_qrserver_protocol</parameter_name>
            <parameter_value>HTTP</parameter_value>
        </parameter>
        <parameter>
            <parameter_name>dsearch_config_host</parameter_name>
            <parameter_value>xplore_server_01</parameter_value>
        </parameter>
        <parameter>
            <parameter_name>dsearch_config_port</parameter_name>
            <parameter_value>9300</parameter_value>
        </parameter>

 

Just open this file and update the few lines that I printed above by replacing “HTTP” with “HTTPS” and “9300” with “9302” and that’s it. If you have several IndexAgents, then you need to do that for all of them.

 

The next step is to login to the Content Server (e.g.: ssh dmadmin@content_server_01) and update some properties in the docbase:

[dmadmin@content_server_01 ~]$ iapi DOCBASE1 -Udmadmin -Pxxx
 

        EMC Documentum iapi - Interactive API interface
        (c) Copyright EMC Corp., 1992 - 2015
        All rights reserved.
        Client Library Release 7.2.0050.0084


Connecting to Server using docbase DOCBASE1
[DM_SESSION_I_SESSION_START]info:  "Session 013f245a8014087a started for user dmadmin."


Connected to Documentum Server running Release 7.2.0050.0214  Linux64.Oracle
Session id is s0
API> ?,c,select r_object_id from dm_ftengine_config where any lower(param_value) = lower('xplore_server_01');
r_object_id
----------------
083f245a800052ae
(1 row affected)

API> fetch,c,083f245a800052ae
...
OK
API> dump,c,l
...
USER ATTRIBUTES

  object_name                     : DSearch Fulltext Engine Configuration
  ...
  param_name                   [0]: dsearch_qrserver_protocol
                               [1]: dsearch_qrygen_mode
                               [2]: dsearch_qrserver_target
                               [3]: dsearch_qrserver_port
                               [4]: dsearch_config_port
                               [5]: dsearch_qrserver_host
                               [6]: dsearch_domain
                               [7]: dsearch_config_host
                               [8]: query_plugin_mapping_file
                               [9]: load_balancer_enabled
                              [10]: ft_wildcards_mode
  param_value                  [0]: HTTP
                               [1]: both
                               [2]: /dsearch/IndexServerServlet
                               [3]: 9300
                               [4]: 9300
                               [5]: xplore_server_01
                               [6]: DOCBASE1
                               [7]: xplore_server_01
                               [8]: /app/dctm/server/fulltext/dsearch/dm_AttributeMapping.xml
                               [9]: true
                              [10]: trailing_implicit
  ...

 

You might have noticed that I specified a WHERE clause on the select to find the r_object_id of the xPlore Server. That’s basically because in this case, there are two xPlore Servers in a HA setup (the parameter load_balancer_enabled is setup to true) but I just want to update the right object. So let’s update the parameters highlighted above (“dsearch_qrserver_protocol”, “dsearch_qrserver_port” and “dsearch_config_port”):

API> set,c,l,param_value[0]
SET> HTTPS
...
OK
API> set,c,l,param_value[3]
SET> 9302
...
OK
API> set,c,l,param_value[4]
SET> 9302
...
OK
API> save,c,l
...
OK

 

With these steps, we updated the dm_ftengine_config object. The next step is to also update the URL of the IndexAgent:

API> ?,c,select r_object_id from dm_server_config
r_object_id
----------------
3d3f245a80000102
3d3f245a80003796
(2 rows affected)

API> fetch,c,3d3f245a80000102
...
OK
API> dump,c,l
...
USER ATTRIBUTES

  object_name                     : DOCBASE1
  ...
  app_server_name              [0]: do_method
                               [1]: do_mail
                               [2]: do_bpm
                               [3]: xplore_server_01_9200_IndexAgent
                               [4]: xplore_server_02_9200_IndexAgent
  app_server_uri               [0]: https://content_server_01:9082/DmMethods/servlet/DoMethod
                               [1]: https://content_server_01:9082/DmMail/servlet/DoMail
                               [2]: https://content_server_01:9082/bpm/servlet/DoMethod
                               [3]: http://xplore_server_01:9200/IndexAgent/servlet/IndexAgent
                               [4]: http://xplore_server_02:9200/IndexAgent/servlet/IndexAgent
  ...

 

So we setup the IndexAgent installed on xplore_server_01 in HTTPS and therefore we also need to update the URL referenced in the docbase. That’s actually one of the things that aren’t in the official documentation at the moment. This is done as before:

API> set,c,l,app_server_uri[3]
SET> https://xplore_server_01:9202/IndexAgent/servlet/IndexAgent
...
OK
API> save,c,l
...
OK

 

As you saw above, this is an environment with two dm_server_config objects (two Content Servers) and two IndexAgents. Above, we setup the Primary DSearch and IndexAgent installed on xplore_server_01 in HTTPS. The dm_ftengine_config for this Primary DSearch has been updated and the URLs defined in one dm_server_config object have been updated too. But the same references are present in the second dm_server_config and therefore you also need to do that for the second one (3d3f245a80003796 in this case). Same steps so just repeat with the other r_object_id!

 

Ok so now all objects in the docbase have been updated successfully. Therefore return on the xPlore Server, clean the caches and start everything again:

[xplore@xplore_server_01 ~]$ rm -rf /app/xPlore/jboss7.1.1/server/DctmServer_*/tmp/work/*
[xplore@xplore_server_01 ~]$ /app/xPlore/scripts/startstop start
  ** PrimaryDsearch has been started successfully
  ** Indexagent_DOCBASE1 has been started successfully

 

As said before, some of these steps aren’t described/explained in the official documentation and that will lead you to a non-working situation… In addition to that, there are some bugs impacting the proper behavior of the Primary DSearch and/or the Index Agents when configured in HTTPS. We reported these bugs to EMC which was able to provide a fix for some of them and include that in a later patch but as you know it is not always possible to upgrade or patch your environment. For example with the CS 7.2 P02 or P05, the searches will NOT work against a DSearch in HTTPS (corrected in the P08 or P09 if I remember correctly) but I will not describe that in this blog. If you are facing an issue with the IndexAgents not responding in HTTPS, please check this blog.

 

Cet article Documentum story – Setup the DSearch & IndexAgent in HTTPS (xPlore) est apparu en premier sur Blog dbi services.

timestamp of a inserted row

Tom Kyte - Wed, 2016-10-26 00:26
In a classic case of replication (forget the tool of replication here ) Oracle - 2 - Oracle create table abc (anum number, aname varchar2(30) , adate date default sysdate ) ; insert into abc values(1,'1test',sysdate); insert into abc val...
Categories: DBA Blogs

PL/SQL Programming

Tom Kyte - Wed, 2016-10-26 00:26
Write a PL/SQL block that uses looping to display the value of the number two (2) raised to a power. The power should be given as a local variable called lv_power. For example, if the variable is initialized to 5, the output would be 2 raised to th...
Categories: DBA Blogs

How to avoid external table's data source file be replaced when another query is using the old data source file

Tom Kyte - Wed, 2016-10-26 00:26
The external table's data source file is updated with some interval, if another query is running, replace the old data source file will cause 1)ORA-29913 and ORA-30653 if not setting reject limit UNLIMITED 2) data inconsistent, part data is old sou...
Categories: DBA Blogs

Query on Stored Procedure - MINUS clause

Tom Kyte - Wed, 2016-10-26 00:26
Dear All, Ques 1. Please advise if the use of minus clause is best when I am looking to exclude certain specific conditions or shall I be using Not IN? I am in situation where I know what to avoid, not sure what all to select and hence I needed...
Categories: DBA Blogs

When shutting down a container database

Tom Kyte - Wed, 2016-10-26 00:26
Hello, Some background info: We are working in a 12c multitenant environment on windows server 2012 R2. Container database contains about 20-25 pluggable databases. Typically we have to shutdown the container database to perform maintenan...
Categories: DBA Blogs

ORA-29532: Java call terminated by uncaught Java exception: java.lang.OutOfMemoryError

Tom Kyte - Wed, 2016-10-26 00:26
When Passing clob size more than 3 MB to java stored procedure I get java.lang.OutOfMemoryError. The data is in the JSON format which we try to deserialize into an object using a java json library in the java stored procedure. We have tried the ...
Categories: DBA Blogs

Pages

Subscribe to Oracle FAQ aggregator