23 January 2016

Installing webLogic 12.2.1 (12cR2)

I installed WebLogic 12c on windows 10 last week and it was pretty smooth.
I went to the download page and downloaded the generic distribution.
There's a link to an install manual right below the download.
I downloaded the zip an unpacked it to a jar of the same size :-/
Some points of attention now

  • start  a cmd window as administrator
  • make sure to use java from the JDK. If Java from JRE is in your path first this does not work
  • Start the Oracle Universal Installer GUI as in the documentation, it will first check if your platform meets the requirements:
> java -jar fmw_12.

Checking if CPU speed is above 300 MHz.   ...Passed

Checking monitor: must be configured to display at least 256 colors.   ...Passed

Checking swap space: must be greater than 512 MB    ...Passed

Checking if this platform requires a 64-bit JVM.   Actual 32    Passed (64-bit not required)
During the install you can choose to install WebLogic, Coherence or both.
Just answered the basic questions and clicked finish when installation was done.
In the log file after install (C:\Program Files\Oracle\Inventory\logs) I find a few throwables from patch installations, but nothing worrying.
Maybe you have to explicitly click the "installation complete" menu item, because after I clicked finished the cofiguration wizardfor setting up a domain did not fire. In my cmd tool I went to %WL_HOME%\oracle_common\common\bin (in earlier releases this is %WL_HOME%\wlserver\common\bin) and ran
> config.cmd
This launches the domain create/update GUI, another easy sequence of steps.
You can always return here, if after the installation you want to add additional templates to your installation:

At the end you get a link to the admin console at http://localhost:7001/console.

These days WebLogic by default starts DerbyDB, and I already have that from my Java EE installation, so I disabled that by editing my_domain\bin\setDomainEnv.cmd. Look for the DERBY_FLAG in this file and set it to false:

@REM Set DERBY_FLAG, if derby is available.

if "%DERBY_FLAG%"=="" (
    if exist %WL_HOME%\common\derby\lib\derby.jar (
        set DERBY_FLAG=true

20 January 2016

windows 10: easy PATH editing

In windows 10 Microsoft has finally provided an update for the PATH setting mechanism that, if I remember well, must have been around since the earliest versions of windows I remember (windows 3?). Previously you had a one line input box of about 30 characters for setting a path that could be hundreds of characters long. Now they have provided an easier tool, although it is harder to find :).
From the start menu, go to:
 Settings > System > About > Advanced System Settings > Environment Variables
Wen editing the Path System variable, you get a list editor for the entries (instead of the semicolon separated list inherited from Unix). For editing an entry you have an optional directory browser.

8 January 2016

Flaws in OAuth protocol

A formal scientific analysis of the principles and mechanisms underlying OAuth 2.0 has been published. Two weaknesses have been identified. The rest of the protocol has been formally recognised as sound and secure. The weaknesses are

  • allowing HTTP Temporary redirect (status 307), which can cause a browser to disclose sensitive information to a malicious Resource Server
  • an attack on the Resource Server, tricking it to rely on a malicious Identity Provider (possibly using OpenId)
No exploits on these weaknesses are currently known to exist in the wild and the authors have proposed solutions for the vulnerabilities, which are being adopted by the working groups for OAuth and OpenID Connect.