Oracle® Real-Time Decisions Installation and Administration Guide Version 3.0.0.1 Part Number E13856-02 |
|
|
View PDF |
Oracle RTD is supported on both UNIX and Windows platforms for the Oracle WebLogic application server. The following sections explain how to install the Real-Time Decision Server on WebLogic.
Note:
Although the Real-Time Decision Server runs on either UNIX or Windows, the Oracle RTD client tools must be run from a Windows platform.This section contains the following topics:
Section 5.2, "Starting the Node Manager and the WebLogic Server"
Section 5.5, "Creating and Adding a Machine to the Managed Server"
Section 5.7, "Creating a JDBC Provider for the Oracle RTD Database"
Section 5.12, "Uninstalling the Oracle Real-Time Decisions Application from WebLogic"
Section 5.13, "Configuring SSL for Real-Time Decision Server (Recommended)"
Section 5.15, "Changing the Oracle Real-Time Decisions Port Number in WebLogic"
To create the domain for Oracle RTD, perform the following steps:
Start the Configuration Wizard:
Start > All Programs > Oracle WebLogic > WebLogic Server > Tools > Configuration Wizard.
In the Welcome dialog, select the Create a new WebLogic Domain radio button.
Click Next.
In the Domain Source dialog, select Generate a domain configured automatically to support the following products radio button.
Click Next.
In the Configure Administration Username and Password dialog, enter admin username/password, for example weblogic/weblogic.
Click Next.
In the Configure Server Start Mode and JDK dialog, under WebLogic Domain Startup Mode, select the appropriate development mode. Note that for Production mode, you will need to use Edit & Lock key for changes.
In the Configure Server Start Mode and JDK dialog, under JDK Selection, select Available JDKs radio button, then select a JDK that is supported for your system configuration, for example, Sun, JRockit.
Click Next.
In the Customize Environment and Services Settings dialog, select No.
Click Next.
In the Create WebLogic Domain dialog, for Domain Name, enter a name for the Oracle RTD domain, such as RTD_domain
and click Create.
Wait until the installation finishes.
Check the Start Admin Server checkbox.
Click Done.
Stop the Example domain:
Start > All Programs > Oracle WebLogic > WebLogic Server > Examples > Stop Examples Server
Start the domain:
Start > All Programs > Oracle WebLogic > User Projects > domain_name > Start Admin Server for Weblogic Server Domain
To start the Node Manager and the WebLogic Server, perform the following steps:
Navigate the path:
Start > All Programs > Oracle WebLogic > WebLogic Server > Tools > Node Manager
Start the WebLogic Server:
In Windows, navigate the path:
Start > All Programs > Oracle WebLogic > QuickStart
To create a managed server, perform the following steps:
Open the Administration Console for your Oracle RTD domain.
http://
weblogic_host
:
port
/console
For example, http://localhost:7001/console
.
For the WebLogic Server, enter the Username and Password for the domain, and click Log In.
In the tree on the left, expand Environment and choose Servers.
Add a new server, and specify the Server Name, for example, RTD_Server.
For the Server Listen Port, enter the port number that you want to use for Oracle RTD, for example, 8080.
Click Finish.
To add JVM and startup arguments to the managed server, perform the following steps:
Navigate the path:
Environment > Servers > managed_server_name > Configuration > Start Server tab.
For Java Home and Java Vendor, enter the location and vendor name of the JDK that is supported for your system configuration.
For example, C:\Oracle\Middleware\jdk160_23
and Sun, or C:\Oracle\Middleware\jrockit_1.6.0_20
and BEA.
Add the appropriate path for your configuration to ClassPath:
On Windows
For Oracle
MW_HOME
\wlserver_10.3\server\lib\weblogic.jar;
RTD_HOME
\lib\jdbc\ojdbc14.jar
For SQLServer
MW_HOME
\wlserver_10.3\server\lib\weblogic.jar;
RTD_HOME
\lib\jdbc\sqljdbc.jar
For DB2
MW_HOME
\wlserver_10.3\server\lib\weblogic.jar;
RTD_HOME
\lib\jdbc\db2jcc.jar
; RTD_HOME
\lib\jdbc\db2jcc_license_cu.jar
On Linux/Unix
For Oracle
MW_HOME
\wlserver_10.3\server\lib\weblogic.jar:
RTD_HOME
\lib\jdbc\ojdbc14.jar
For SQLServer
MW_HOME
\wlserver_10.3\server\lib\weblogic.jar:
RTD_HOME
\lib\jdbc\sqljdbc.jar
For DB2
MW_HOME
\wlserver_10.3\server\lib\weblogic.jar:
RTD_HOME
\lib\jdbc\db2jcc.jar
: RTD_HOME
\lib\jdbc\db2jcc_license_cu.jar
For the Arguments field, add the following, all on one line:
-Dorg.eclipse.emf.ecore.EPackage.Registry.INSTANCE=com.sigmadynamics.emf.util.SDEMFRegistry -Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=12345 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.net.preferIPv4Stack=true -Dweblogic.wsee.skip.async.response=true -XX:MaxPermSize=256m
Save.
To create a machine and add it to the managed server, perform the following steps:
Logon to the Administration Console:
http://
weblogic_host
:
port
/console
In the tree to the left under Domain Structure, expand Environment and click Machines.
Click New.
For Name, enter the WebLogic server host name, for example, MyMachine
.
Click Save.
Under Environments > Machines > <your_newly_created_machine>, click the Servers tab, then Add.
In the Add A Server to the Machine page, select the server that you created in step 4 of Section 5.3, "Creating a Managed Server" from the dropdown list.
Click Finish.
Note:
The instructions in the main part of this section are for Oracle RTD deployed onto WebLogic managed servers when they are started and stopped through node manager.For the WebLogic server startup instructions where you deploy Oracle RTD onto the WebLogic admin server, or where you start managed servers without going through node manager, see Section 5.6.1, "Starting Oracle RTD When Deployed to Admin Server or Through Startup Scripts."
To start the managed server, perform the following steps:
Logon to the Administration Console:
http://
weblogic_host
:
port
/console
In the tree to the left under Domain Structure, expand Environment and click Servers.
Click the Control tab.
Select the checkbox for the managed server that you created in Section 5.3, "Creating a Managed Server.", and start the server.
Wait a few seconds before refreshing the page.
The server that you selected should be in a Running state.
If you deploy Oracle RTD onto the WebLogic admin server, or if you start managed servers without going through node manager, you must specify the JVM arguments as detailed in step 4 of Section 5.4, "Configuring Managed Server Properties" in one of two ways:
1. Update the appropriate startup scripts:
startWebLogic.cmd
and startWebLogic.sh
for admin server
startManagedWebLogic.cmd
and startManagedWebLogic.sh
for managed servers
by adding the JVM arguments that follow to the top of the script, with one line for each JVM argument.
For example, for Windows (extra blank lines are shown for clarity, but are not required in the script):
set JAVA_OPTIONS=%JAVA_OPTIONS% -Dorg.eclipse.emf.ecore.EPackage.Registry.INSTANCE=com.sigmadynamics.emf.util.SDEMFRegistry set JAVA_OPTIONS=%JAVA_OPTIONS% -Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl set JAVA_OPTIONS=%JAVA_OPTIONS% -Dcom.sun.management.jmxremote=true set JAVA_OPTIONS=%JAVA_OPTIONS% -Dcom.sun.management.jmxremote.port=12345 set JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.authenticate=false set JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.ssl=false set JAVA_OPTS=%JAVA_OPTS% -Djava.net.preferIPv4Stack=true set JAVA_OPTS=%JAVA_OPTS% -Dweblogic.wsee.skip.async.response=true set JAVA_OPTS=%JAVA_OPTS% -XX:MaxPermSize=128m
For example, for Unix (extra blank lines are shown for clarity, but are not required in the script):
JVMARGS=$JVMARGS -Dorg.eclipse.emf.ecore.EPackage.Registry.INSTANCE=com.sigmadynamics.emf.util.SDEMFRegistry JVMARGS=$JVMARGS -Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl JVMARGS=$JVMARGS -Dcom.sun.management.jmxremote=true JVMARGS=$JVMARGS -Dcom.sun.management.jmxremote.port=12345 JVMARGS=$JVMARGS -Dcom.sun.management.jmxremote.authenticate=false JVMARGS=$JVMARGS -Dcom.sun.management.jmxremote.ssl=false JVMARGS=$JVMARGS -Djava.net.preferIPv4Stack=true JVMARGS=$JVMARGS -Dweblogic.wsee.skip.async.response=true JVMARGS=$JVMARGS -XX:MaxPermSize=128m
2. When calling the scripts to start the admin server or managed servers, pass in the JVM arguments.
For example:
>startManagedWebLogic.sh Managed_Server_Name http://${IP_ADDRESS}:${MS_PORT} -Dorg.eclipse.emf.ecore.EPackage.Registry.INSTANCE=com.sigmadynamics.emf.util.SDEMFRegistry -Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=12345 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.net.preferIPv4Stack=true -Dweblogic.wsee.skip.async.response=true -XX:MaxPermSize=128m
Note:
If you are not using the WebLogic built-in JDBC drivers to set up the Oracle RTD Database, add the appropriate JDBC drivers bundled with Oracle RTD (RTD_HOME\lib\*.jar) to the WebLogic classpath.Use the WebLogic Server Administration Console to create a JDBC provider for the Oracle RTD Database. Before you begin, ensure that WebLogic is started.
Notes:
If your WebLogic version is 11g 10.3.3+ and your Oracle RTD database is in an Oracle database server, see Section 5.7.1, "Creating an Oracle JDBC Provider for the Oracle RTD Database on WebLogic 11g 10.3.3+."
To create a JDBC provider for the Oracle RTD Database:
Access the WebLogic Server Administration Console for your Oracle RTD domain at the URL http://
weblogic_host
:
port
/console
. At the login prompt, enter the administrator user name and password. On Windows, you can also access the WebLogic Server Administration Console through Start > Programs > Oracle WebLogic > User Projects > domain_name > Admin Server Console.
Navigate the path Services -> Data Sources -> New -> Generic Data Source.
On the JDBC Data Source Properties page, follow these steps:
For Name, enter a descriptive data source name, such as RTD_DS
.
For JNDI Name, enter SDDS
.
For Database Type, select Other.
Ensure that the Database Driver is set to Other, then click Next.
On the Transaction Options page, deselect Supports Global Transactions, then click Next.
On the Connection Properties page, follow these steps:
For Database Name, enter the name of the Oracle RTD Database you created in Section 2.2.
For Host Name, enter the name of the computer hosting the database server.
For Port, enter the port number on the database server used to connect to the database (such as 1433
for SQL Server, 1521
for Oracle Database, or 50000
for DB2).
For Database User Name, enter the name of the database run-time user.
For Password, enter the password of the database run-time user, then click Next.
On the Test Database Connection page, for Driver Class Name, enter the full package name of the JDBC driver class used to create the physical database connections in the connection pool (note that this driver class must be in the classpath of any server to which it is deployed):
SQL Server: com.microsoft.sqlserver.jdbc.SQLServerDriver
Oracle Database: oracle.jdbc.pool.OracleDataSource
DB2: com.ibm.db2.jcc.DB2Driver
For URL, enter the URL of the database to which you want to connect. The format of the URL varies by database type:
SQL Server: jdbc:sqlserver://
db_host
:
db_port
Note:
If the database is on a SQL Server named instance, specify thedb_host
parameter using the format host_name\instance_name
.Oracle Database: jdbc:oracle:thin:@
db_host
:
db_port
:
sid
DB2: jdbc:db2://
db_host
:
db_port/db_name
In the Properties field, enter properties and their values required by the JDBC driver. The properties you need to provide vary by database type:
For SQL Server, enter the properties user=
db_user_name
and DatabaseName=
db_name
on separate lines
For Oracle Database, enter the property user=
db_user_name
For DB2, enter the property user=
db_user_name
Scroll to the bottom of the page and enter SDAPPS
for Test Table Name.
Click Test Configuration. If the test fails, go back and check your settings. If the test succeeds, click Next.
Select the server where you want the data source to be made available (for example, RTD_Server). You must perform this step before completing the data source configuration.
Click Finish.
To create a JDBC provider when your Oracle RTD database is in an Oracle database server, and Oracle RTD is deployed on WebLogic 11g 10.3.3+, perform the following steps:
Log into the WebLogic Server Administration Console with the administrator user name and password.
Navigate the path Services -> Data Sources -> New -> Generic Data Source.
On the JDBC Data Source Properties page, follow these steps:
For Name, enter a descriptive data source name, such as RTD_DS
.
For JNDI Name, enter SDDS
.
For Database Type, select Oracle.
For the Database Driver, select Oracle's Driver (Thin) for Instance connections; Versions: 9.0.1 and later, then click Next.
On the Transaction Options page, deselect Supports Global Transactions, then click Next.
On the Connection Properties page, follow these steps:
For Database Name, enter the name of the Oracle RTD Database you created in Section 2.2.
For Host Name, enter the name of the computer hosting the database server.
For Port, enter the port number on the database server used to connect to the database.
For Database User Name, enter the name of the database run-time user.
For Password, enter the password of the database run-time user, then click Next.
On the Test Database Connection page, leave all the settings already filled, except enter SDAPPS
for Test Table Name.
Click Test Configuration. If the test fails, go back and check your settings. If the test succeeds, click Next.
Select the server where you want the data source to be made available (for example, RTD_Server). You must perform this step before completing the data source configuration.
Click Finish, then click Activate Changes.
Note:
For general information about roles and permissions in Oracle RTD, see Chapter 7, "Configuring Security for Oracle Real-Time Decisions."In WebLogic, Oracle RTD roles are defined in terms of user groups. A user is in a role if the user is in any of the groups referenced by the role. So the process is to create the groups, then create the roles that reference the groups. Users may be assigned to or removed from the groups at any time to add them or remove them from the referencing roles.
The following topics describe the stages of the process of creating Oracle RTD roles for WebLogic:
To create user groups for standard roles, perform the following steps:
Open the WebLogic Administration Console.
In the tree on the left, select Security Realms.
In the window on the right, select the security realm to use. The default realm is myrealm.
Select the Users and Groups tab.
Select the Groups sub-tab.
Create each of these groups, or names of your own choosing:
RTDUserGroup
RTDAdminGroup
RTDBatchAdminGroup
RTDChoiceEditorGroup
RTDDCEditorGroup
RTDDCUserGroup
RTDStudioDeployerGroup
RTDStudioDownloaderGroup
Create enterprise-specific groups, if Inline Service developement and access is to be controlled for separate Inline Services.
For example:
ILS2DevGroup - Developers for Inline Service ILS2
ILS2UserGroup - Business users for Inline Service ILS2
Select each of the Oracle RTD groups in turn, except for RTDUserGroup, and make each of them a member of the group RTDUserGroup. This will allow any user to be automatically added to the RTDUserGroup when they are added to one of the other Oracle RTD groups.
The individual steps for each group are as follows:
Select the group.
Select its Membership tab.
Select RTDUserGroup in the Available column and move it to the Chosen column.
Click Save.
Create standard Oracle RTD roles and any custom roles needed by the enterprise. Standard roles are the ones to which Oracle RTD automatically assigns realm permissions. Custom roles require cluster permission assignments through JMX.
The following table shows the standard roles and some custom roles, as well as the groups to associate with the roles, to illustrate the steps described in this section.
Table 5-1 Role and Group Associations
Role | Group | Standard or Custom |
---|---|---|
RTDUsers |
RTDUserGroup |
Standard |
RTDAdministrators |
RTDAdminGroup |
Standard |
RTDDecisionCenterEditors |
RTDDCEditorGroup |
Standard |
RTDDecisionCenterUsers |
RTDDCUserGroup |
Standard |
RTDStudioDeployers |
RTDStudioDeployerGroup |
Standard |
RTDStudioDownloaders |
RTDStudioDownloaderGroup |
Standard |
RTDBatchAdministrators |
RTDBatchAdminGroup |
Standard |
RTDChoiceEditors |
RTDChoiceEditorGroup |
Standard |
ILS2Developers |
ILS2DevGroup |
Custom - an example |
ILS2Users |
ILS2UserGroup |
Custom - an example |
Perform the following steps:
Select the Roles and Policies tab of the security realm.
Expand the Global Roles item in the Name column of the Roles.
Select Roles.
The following steps enable you to create the roles and to reference the corresponding group, as shown in the preceding table.
For each role, perform the following steps:
Click New to create a new global role.
Enter the role name, as in Table 5-1.
Click OK.
Open the new role by clicking on its name in the global roles list.
Click Add Conditions.
Make sure that the Predicate List drop-down shows Group.
Click Next.
Enter the group name in the GroupArgument Name field, as in Table 5-1.
Click Add.
Click Finish.
Click Save.
Go back to the Global Roles list by clicking Global Roles in the list of bread-crumbs at the top of the screen.
To create an Oracle RTD Administrator, perform the following steps:
Go to the myrealm page, and select the Users and Groups tab.
Select the Users sub-tab.
Create an Oracle RTD administrator.
Enter the user's name and password.
Click OK.
Click the user name, to edit the user properties.
Select the Groups tab.
Select the RTDAdminGroup in the left list, Available, and click the right arrow to move it to the right list, Chosen.
Click Save.
Return to the Users and Groups tab by selecting Users and Groups in the list of bread-crumbs at the top of the screen.
To create more users and put them into appropriate groups referenced by the roles, perform steps 4 through 11 of the preceding list of steps for each user.
WebLogic does not require the updating of Oracle RTD's deployment descriptors to reference any custom roles.
To deploy Oracle RTD to the managed server, perform the following steps:
Logon to the Administration Console:
http://
weblogic_host
:
port
/console
In the tree to the left under Domain Structure, navigate to Deployments > Install.
In the Install Application Assistant page, set the Path of the deployment to the location of deployment to the expanded folder that you set up in either Section 2.1.1, "Installing Oracle RTD on a Single Windows Computer" or Section 2.1.2, "Installing Real-Time Decision Server on UNIX."
For example, RTD_HOME
\package\expanded
.
Set Install this deployment as an application.
Set the Name as OracleRTD.
In the Security area, select Custom Roles.
Note:
Use roles that are defined in the Administration Console; use policies that are defined in the deployment descriptor.In the Source accessibility area, select Copy this application onto every target for me under Recommended selection.
Select the managed server that you created in Section 5.3, "Creating a Managed Server" as the target on which to deploy.
After deployment, Oracle RTD is started automatically.
The Oracle RTD log file can be found at RTD_RUNTIME_HOME
/log/server.log
, for example, MW_HOME
/user_projects/domains/
domain_name
/servers/
server_name
/stage/OracleRTD/log/server.log
.
As described in Section 7.4, "Assigning Permissions," assign Cluster permissions, Inline Service permissions, and Decision Center Perspective permissions to any custom roles.
Restart Oracle RTD by stopping and then restarting the WebLogic server or cluster that Oracle RTD is deployed into.
You can use the WebLogic Server Administration Console to uninstall Oracle RTD from WebLogic. Before you begin, ensure that WebLogic is started.
To uninstall Oracle RTD from WebLogic:
Access the WebLogic Server Administration Console for your Oracle RTD domain at the URL http://
weblogic_host
:
port
/console
. At the login prompt, enter the administrator user name and password. On Windows, you can also access the WebLogic Server Administration Console through Start > Programs > Oracle WebLogic > User Projects > domain_name > Admin Server Console.
In the tree on the left, click Deployments.
Select OracleRTD and click Stop > Force Stop Now.
Select OracleRTD and click Delete.
These steps uninstall Oracle RTD from WebLogic, but they do not remove the Oracle RTD files from the operating system.
To be able to redeploy Oracle RTD, you must delete the Oracle RTD files manually, with the managed server shut down. Delete the apps
folder under the directory into which you expanded the file RTD.ear
when you installed Oracle RTD. For more information about this directory, see Step 2 of Section 2.1.1, "Installing Oracle RTD on a Single Windows Computer" or Step 2 of Section 2.1.2, "Installing Real-Time Decision Server on UNIX."
Follow the steps in this section to set up SSL for all client connections to Real-Time Decision Server. Before you begin, ensure that you followed the instructions in Section 2.6 to change the default Oracle RTD keystore and truststore passwords. Also, ensure that WebLogic is started.
Note:
If you want to use your own keystore and truststore, you do not need to complete the instructions in Section 2.6.To configure SSL for Real-Time Decision Server:
Access the WebLogic Server Administration Console for your Oracle RTD domain at the URL https://
weblogic_host
:
port
/console
. At the login prompt, enter the administrator user name and password. On Windows, you can also access the WebLogic Server Administration Console through Start > Programs > Oracle WebLogic > User Projects > domain_name > Admin Server Console.
In the tree on the left, expand Environment and choose Servers.
Click the name of the RTD Managed Server (for example, RTD_Server).
In the General tab, select SSL Listen Port Enabled, then enter 8443
for SSL Listen Port.
Click the Keystores tab, then provide the following values:
For Keystores, select Custom Identity and Custom Trust.
For Custom Identity Keystore, enter RTD_HOME
/etc/ssl/sdserver.keystore
. Alternatively, if you do not want to use the default Oracle RTD keystore, enter the path to your own keystore.
For Custom Identity Keystore Type, enter JKS
.
For Custom Identity Keystore Passphrase and Confirm Custom Identity Keystore Passphrase, enter the password for your keystore. If you are using the default Oracle RTD keystore, enter the password you created in Section 2.6.
For Custom Trust Keystore, enter RTD_HOME
/etc/ssl/sdtrust.store
. Alternatively, if you do not want to use the default Oracle RTD truststore, enter the path to your own truststore.
For Custom Trust Keystore Type, enter JKS
.
For Custom Trust Keystore Passphrase and Confirm Custom Trust Keystore Passphrase, enter the password for your truststore. If you are using the default Oracle RTD truststore, enter the password you created in Section 2.6.
Click the SSL tab, then provide the following values:
For Identity and Trust Locations, select Keystores
.
For Private Key Alias, enter tc-ssl
.
For Private Key Passphrase and Confirm Private Key Passphrase, enter the password for your keystore. If you are using the default Oracle RTD keystore, enter the password you created in Section 2.6.
Click Save.
Restart the RTD Managed Server.
Note:
For a truly secure environment, you should also disable the regular HTTP port to ensure that all client connections are routed through the SSL port. To do this, perform the following step:Disable the HTTP port for your Web server using application server tools. Refer to the WebLogic documentation for more information.
If you are using your own keystore and truststore, perform the following additional steps to enable SSL for Decision Center and Load Generator. You do not need to perform these steps if you are using the default Oracle RTD keystore and truststore.
Open RTD_HOME
\eclipse\eclipse.ini
for editing.
Locate the following line:
-Djava.net.ssl.trustStore="..\etc\ssl\sdtrust.store"
Replace ..\etc\ssl\sdtruststore
with the full path to your truststore file.
Save and close the file.
Open RTD_HOME
\scripts\sdexec.cmd
for editing.
Locate the line beginning with %SD_START%
, near the bottom of the file. Near the end of the line, locate the following string:
-Djavax.net.ssl.trustStore="%SD_ROOT%\etc\ssl\sdtrust.store"
Replace %SD_ROOT%\etc\ssl\sdtruststore
with the full path to your truststore file.
Save and close the file.
To verify that the SSL port is functioning properly, go to Decision Center at the URL https://
server_name
:
ssl_port
/ui
. If the SSL port is functioning property, your browser will display the "Welcome to Decision Center" login screen.
You may get a message from your Web browser, similar to “Do you want to accept this certificate?” This message is generated because the browser does not know about the self-signed certificate that was shipped with the default Oracle RTD keystore. This self-signed certificate is suitable for development and test environments, but it is not recommended for production environments.
For production environments, Oracle recommends the self-signed certificate be replaced with a certificate from a trusted certificate authority (CA), like Verisign/Thawte, by submitting to the CA a certificate request generated by Sun's keytool utility. For instructions on generating a certificate request, and for importing the certificate from the CA into the keystore, go to the following URL:
http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html
Perform the following steps to set up security for the JConsole management tool.
Navigate the path:
Environment > Servers > managed_server_name > Configuration > Start Server tab.
For the Arguments field, add the following, all on one line:
-Dcom.sun.management.jmxremote.authenticate=true
Save.
Go to MW_HOME/jdkversion/jre/lib/management
. Then, create a copy of the jmxremote.password.template
file and rename it to jmxremote.password
.
Note:
If WebLogic is running on HP-UX or an AIX-based system, go toJDK_HOME
/jre/lib/management
instead, where JDK_HOME
is the installation directory of the JDK being used by the WebLogic application server. See Section 1.3.4 for information about which JDK to use for WebLogic on those platforms.Open the jmxremote.password
file for editing. At the end of the file, remove the pound character (#) in front of the following two lines:
monitorRole QED controlRole R&D
Each line lists a set of credentials, or in other words, a user name followed by the corresponding password. Optionally, you can add new user names and passwords on separate lines. If you decide to keep the default user names monitorRole
and controlRole
, change the default passwords to new ones of your choice.
By default, the user name monitorRole
allows JConsole MBean read-only permissions, while the user name controlRole
allows for full JMX MBean control. The following step explains how to change these default permissions.
To set permissions for each set of credentials, open the jmxremote.access
file, located in the same directory, for editing. Then, use the keywords readonly and readwrite to specify the access level for each set of credentials. For example:
monitorRole readonly controlRole readwrite
Make sure to add permissions for any new credentials you added to the jmxremote.password
file.
Because the jmxremote.password
file contains passwords in clear text, you need to restrict access to this file to the file owner by changing the file access permissions, as follows:
On Windows: Follow the instructions at:
http://java.sun.com/j2se/1.5.0/docs/guide/management/security-windows.html
On UNIX: Run the command chmod 600 jmxremote.password
For more information on JConsole security, go to:
http://java.sun.com/j2se/1.5.0/docs/guide/management/agent.html#PasswordAccess
Important:
You must change the file access permissions for thejmxremote.password
file. Do not skip this step.Restart the managed server.
You can now run JConsole and log in, using the user name and password combination defined in the jmxremote.password
file. See Section 15.1, "Accessing JConsole" for more information.
To change the Oracle RTD application port number in WebLogic, perform the following steps:
Access the WebLogic Server Administration Console for your Oracle RTD domain at the URL http://
weblogic_host
:
port
/console
. At the login prompt, enter the administrator user name and password. On Windows, you can also access the WebLogic Server Administration Console through Start > Programs > Oracle WebLogic > User Projects > domain_name > Admin Server Console.
In the tree on the left, expand Environment and choose Servers.
Click the name of the managed server where Oracle RTD is running, for example, RTD_Server.
Click the Configuration tab, then the General subtab.
For Listen Port, enter the new port number you want to use for Oracle RTD.
Select Listen Port Enabled.
Click Save.
Restart the managed server on which Oracle RTD is running.