Skip to main content

Adventures in F5, OHS and weblogic

http://fusionsecurity.blogspot.com/2011/04/ssl-offloading-and-weblogic-server.html
https://blogs.oracle.com/ateamsoab2b/entry/configuration_notes_for_offloading_of

So I wanted to enable ssl between my F5 and ohs and between ohs and my weblogic.
I needed to do this because we redirect 80 to https on the F5 and I had a couple of external web services deployed. When you deploy the web service and are using https only on the F5 and http pass through to the rest your wsdl url will be secure but you may not be able to easily generate services from the wsdl (because the content of the wsdl will all point to http which we blocked).

IMPORT your certificates into a new wallet - using orapki - http://docs.oracle.com/cd/E11882_01/network.112/e10746/asoappf.htm

So on your F5
  Make sure you point to the ohs on the secure socket port (4443 by default).
  Easiest way to block http is with a https redirect iRule (http://fixmyitsystem.com/2012/11/handy-simple-f5-redirect-irules.html)

OHS

mod_wl_ohs I added on my web service location
  WLProxySSLPassThrough ON
I also pointer to the SSL ports

ssl.conf I added   

  RequestHeader set IS_SSL ssl 
  RequestHeader set WL-Proxy-SSL true
  SSLEngine on 





Weblogic

Set WebLogic Plugin Enabled (see initial link)
Enable SSL (enviroment>servers>yourserver> tick ssl listen port enabled)



*Shortcut for slackers*

Fool ohs into thinking you have a secure connection instead of setting up ssl everwhere (8892 is webcenter http port):


    WebLogicCluster serverName:8892,serverName:8892
    SetHandler weblogic-handler
    WLProxySSLPassThrough ON
    RequestHeader set IS_SSL ssl
    RequestHeader set WL-Proxy-SSL true


Labels:

Comments

Post a Comment

Popular posts from this blog

MANIFEST.MF merge JDeveloper for an executable jar

Goto your project > properties. Then click on deployment in the menu. Edit or add a jar deployment profile. Fill in the details under jar options (select Include manifest and give it a main class name) Also remember that the merge functionality only works with a BLANK line at the end of the merge file. REALLY this caught me. My merge file contents: Class-Path: commons-codec-1.3.jar [...empty line here CRLF...]
1 comment
Read more

ADF: LOV Description instead of code

I keep on forgetting how to do this so this is a note to self in terms I understand (ie pictures): Add the related entiy object to yours (in the example we are adding RegionEO(list of values) to CountryEO) Now add the RegionName field from the EO and a transient attribute (I named mine RegionNameLOV) Make the transient attribute updateable and base it on the expression RegionName (the description you wish to display) Add a list of values to RegionNameLOV and map BOTH key to parent fk (region id here) AND RegionName to your transient coulmn (RegionNameLOV).  Map the transient as an Input text with List of Values. Then just drag the lov item onto the page (RegionNameLOV)
Post a Comment
Read more

OJDeploy: Documentation for the tool

Real DOCS:  http://docs.oracle.com/cd/E26098_01/user.1112/e17455/deploying_apps.htm#OJDUG645 OJDeploy Documentation if you run it from the command line - I keep looking for this so I though I would post it here so I remeber. Oracle JDeveloper Deploy 11.1.2.1.0.6081 Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. Usage:   ojdeploy -profile <name> -workspace <jws> [ -project <name> ] [ <options> ]   ojdeploy -buildfile <ojbuild.xml> [ <options> ]   ojdeploy -buildfileschema Arguments:   -profile               the name of the Profile to deploy   -workspace      full path to the JDeveloper Workspace file(.jws)   -project              name of the JDeveloper Project within the .jws where the Profile can be...
4 comments
Read more