This chapter describes issues associated with Oracle Web Cache. It includes the following topics:
This section describes configuration issues and their workarounds. It includes the following topics:
Section 10.1.2, "Running Oracle Web Cache Processes as a Different User Is Not Supported"
Section 10.1.3, "Processing Order of Request Filters Is Incorrect"
For enhanced security, no default hard-coded passwords are used for managing Oracle Web Cache.
When you install the Oracle Web Tier installation type, the Oracle Universal Installer prompts you to choose a password. The Web Cache Administrator page of the Oracle Universal Installer prompts you to enter a password for the administrator
account. The administrator
account is the Oracle Web Cache administrator authorized to log in to Oracle Web Cache Manager and make configuration changes through that interface.
When you install the Oracle Portal, Forms, Reports and Discoverer installation type, the prompt for the administrator
password is missing. Instead, the Oracle Portal, Forms, Reports and Discoverer install type uses a random value chosen at install time.
No matter the installation type, before you begin configuration, change the passwords for these accounts to a secure password. If you are configuring a cache cluster, all members of the cluster must use the same password for the administrator
account.
To change the password, use the Passwords page of Fusion Middleware Control, as described in Section 5.2, "Configuring Password Security," of the Oracle Fusion Middleware Administrator's Guide for Oracle Web Cache.
Running Oracle Web Cache as a user other than the installed user through the use of the webcache_setuser.sh setidentity
command is not supported for this release. Specifically, you cannot change the user ID with the following sequence:
Change the process identity of the Oracle Web Cache processes in the Process Identity page using Oracle Web Cache Manager (Properties > Process Identity).
Use the webcache_setuser.sh
script as follows to change file and directory ownership:
webcache_setuser.sh setidentity <user_ID>
where <
user_ID
>
is the user you specified in the User ID field of the Process Identity page.
Restart Oracle Web Cache using opmnctl
.
Oracle Web Cache will start and then immediately shut down.
In addition, messages similar to the following appear in the event log:
[2009-06-02T21:22:46+00:00] [webcache] [ERROR:1] [WXE-13212] [logging] [ecid: ] Access log file /scratch/webtier/home/instances/instance1/diagnostics/logs/WebCache/webcache1/access_log could not be opened. [2009-06-02T21:22:46+00:00] [webcache] [WARNING:1] [WXE-13310] [io] [ecid: ] Problem opening file /scratch/webtier/home/instances/instance1/config/WebCache/webcache1/webcache.pid (Access Denied). [2009-06-02T21:22:46+00:00] [webcache] [ERROR:1] [WXE-11985] [esi] [ecid: ] Oracle Web Cache is unable to obtain the size of the default ESI fragment page /scratch/webtier/home/instances/instance1/config/WebCache/webcache1/files/esi_fragment_error.txt. [2009-06-02T21:22:46+00:00] [webcache] [WARNING:1] [WXE-11905] [security] [ecid: ] SSL additional information: The system could not open the specified file.
For further information about the webcache_setuser.sh
script, see Section 5.9, "Running webcached with Root Privilege," of the Oracle Fusion Middleware Administrator's Guide for Oracle Web Cache.
Both Fusion Middleware Control and Oracle Web Cache Manager display the request filters in the following order:
Privileged IP
Client IP
Method
URL
Header
Query String
Format
Instead, Oracle Web Cache processes the filters in the following order, where the Header request filter follows the Client IP filter:
Privileged IP
Client IP
Header
Method
URL
Query String
Format
For example, a deny by the Header filter type would occur before a deny by the Method or URL filter.