HTTPS proxy to WLS as HTTP client connection
HelloI have an interesting situation with the WLS plug-in for iPlanet Web Server (to the WLS 10.3.6). Server 7u15
I followed the installation instructions in the README file provided with the plugin, as well as in the reference manual Oracle Fusion Middleware using Web Server Plug - Ins® with Oracle WebLogic Server 11 g Release 1 (10.3.4) . With active debugging, I see that applications are indeed past WLS paths that I have defined. A test, I configured my WS7 obj.conf to pass the context/console to WLS (the admin webapp WLS console). This is the entry that I did in obj.conf:
< ppath = object "/ console / *" >
Service fn = "wl-proxy" WebLogicHost = localhost WebLogicPort = 7001
"Debug = 'ALL' WLLogFile ='... /logs/WL-proxy.log ' DebugConfigInfo = 'ON '.
< / object >
If any URI that starts with /console/ will be sent to the instance WLS running on the local host, listening on port 7001 (HTTP). Since this is the loopback interface, I took a conscious decision to use HTTP to communicate with WLS as HTTPS would just slow things down right here.
My WS7 instance is configured to listen for HTTPS requests (on port 443) - there is no listener running on port 80, because I want all applications to this SSL server. This configuration poses a problem with the console application.
When I point my browser to the root context, WLS sends a header to redirect to the login page to the client, but it passes the https protocol to http. For example, I point my browser here:
https://server.domain.LCL/console/
I then see in the wl - proxy.log:
2012-08-14 T 11: 52:25.1993 - 05:00 < 886813449631452 > header of WLS: [location] = [http://server.domain.lcl/console/login/LoginForm.jsp]
.. .and Firefox will attempt to load this URL, but since I don't have any HTTP listener running, I get an FF error telling me that it cannot connect. If I manually update the URL in FF and specify https, it loads the login page. I then provide my user name and password and click Connect, and that returns a redirect of http://server.domain.lcl/console/index.jsp again defective because of bad Protocol.
I have experimented with the WLProxySSL and WLProxyPassThrough parameters to the plugin, but they seem to have no effect.
In comparison, if I use the WS7 integrated reverse proxy feature, the console app works perfectly. I guess that the WLS plugin is more effective that the proxy reverse WS7, however, this is why I am trying to get this to work.
This raises two questions:
1 is the WLS plugin really more effective than the proxy feature reverse WS7?
2. How can I make sure that redirects be returned to the client are on https even though WLS sees the connection as being http?
If the answer to #1 is no, then I'll just move on to use the reverse proxy and ignore the difficulty of dealing with the plugin.
Thank you
Bill
Hi Bill,
Try to activate WeblogicPluginEnabled.
You can find this option under.
Servers--> AdminServer---> Configuration--> General
In advance.
Kind regards
Kal
Tags: Fusion Middleware
Similar Questions
-
Network.http.Max - connections by-server not found in 27 FF
Tried searching Network.http.Max - connections-per-server in the subject: config. This has been deleted?
See:
-
necessary to enhance Network.http.Max - connections-per-server to javascript
I have an AJAX web application which is very sensitive the number of connections allowed by the browser. Bad things happen when the limit is set at the bottom: frozen screens, the uncommitted transactions, deadlocks, etc..
To avoid this, I need to check the current value of the configuration parameter "Network.http.Max - connections-per-server" program (i.e. javascript code) and to reject a request if the limit is too low with the instructions appropriate for the user.
I guess that's possible because "subject: config" restores all values of settings and even allows for user to change. However, the code-behind for the page is very complicated, so I can not understand how to accomplish my task. All I need is a function or a method returns the current value of a given configuration parameter.
Any help will be greatly appreciated.
Anatoly
You do not have access to the pref the subject: config page via a Web site.
In theory it is possible, but the user get a pop-up and must confirm each time.See also http://www.mozilla.org/projects/security/components/signed-scripts.html
-
Scalar JSON parsing of the HTTP Client
Hello everyone, I have been using the HTTP Client to call an API via HTTP GET to get a JSON string. I want to be able to analyze all the information and data that I get in this JSON string. I think that the JSON string I get is a JSON scalar and not an array or an object. It looks like a combination of table and object. Here is an example of the data that I'll be back:
{"Measurements": [{"voltageRMS": 120.12,: 121044.295 ' currentRMS ': 11.85, ' totalEnergy '}], 'code': 'OK', 'time': 7}
I tried to use "JSON unflatten" but it did not work. I continued to get several errors. Error 1 was that this path not found in JSON when I put in currentRMS as a string table in the way even though I am following the directions for help. Error 2, is that I have a different type of data between JSON and LabView. In one of the LabView examples, it is an array JSON goes to several unflatten JSON and it works fine (as long as it's a JSON array). However, once I use my JSON scalar, the JSON unflatten function no longer works.
So, I downloaded some addons and used the JSON API in the LAVA. I used the JSON API for scalar but kept on getting errors. One of these errors is that the vi is unable to analyze the data. I tried with several vi analysis (i.e. timestamp). I tried to use the JSON array and thus got errors.
Any advice would be greatly appreciated, I'm completely stuck. Help, please. Thank you.
Even if you have only 1 point in the array, the field of 'measures' is a JSON array - noted in square brackets. Don't forget - the cluster should match the JSON data structure you are trying to decode exactly (not the format you expect!).
With JSON Unflatten - you can either convert the entire string JSON, or you can draw the elements individually on the way (for example, an XPath in XML).
Here are some examples:
In the top example - I unflatten the entire cluster and this will give an array of measures. In the second example, I only remove the "0th" of the measure as a scalar array. Had not added the '0' in the path of the table, the data type / output would have been an array of measures.
-
RegisterExtension with standard Http client
Hello
I try to register the plug-in with my own http client in my application.
I create SOAP message en send it to http://vcenterIP/SDK/vimService
It works with the message of propertyCollector and other.
But when I try to send a message to register one soap plugin, I got an error
<soapenv:Fault><faultcode>ServerFaultCode</faultcode><faultstring>Not initialized: string version</faultstring><detail><InvalidRequestFault xmlns=\"urn:vim25\" xsi:type=\"InvalidRequest\"></InvalidRequestFault></detail>I think the soap message I send is correct because I test with the MOB of vCenter interface https://vCEnterIP/mob/?MOID=EventManager
my xml below message:
<soapenv:Body><RegisterExtension xmlns="urn:vim25">
<_this type="ExtensionManager">ExtensionManager</_this>
<extension><description><label>taratatatatata</label><summary>taratatatatata</summary></description><key>com.test.vmware</key><company>taratatatatata</company><type>com.vmware.vim.viClientScripts</type><version>1.1</version><subjectName>taratatatatata</subjectName><server><url>http://127.0.0.1/vmware</url><description><label>taratatatatata</label><summary>taratatatatata</summary></description><company>Company test</company><type>com.vmware.vim.viClientScripts</type><adminEmail>[email protected]</adminEmail></server><lastHeartbeatTime>2012-12-23T00:00:00Z</lastHeartbeatTime></extension></RegisterExtension>< / soapenv:Body > < / soapenv:Envelope >
Thanks for your help
It is more than the message SOAP itself, but also the associated HTTP headers. Read this article:
http://www.doublecloud.org/2011/02/vSphere-SDK-compatibility/
Steve Jin, author of VMware VI and vSphere SDK, creator of Open Source VI Java API, http://www.doublecloud.org
Update Windows in Windows 7 will be not updated.
Error code 80244008.
Troubleshooting report says 'device or resource (web proxy) is not configured to accept connections on port "8080".
You may encounter temporary connection errors [for example, 0 x 80244008] when you use Windows Update or Microsoft Update to install updates
http://support.Microsoft.com/kb/836941What application or antivirus security suite is installed and your current subscription? What anti-spyware (other than Defender) applications? What third-party firewall (if applicable)?
A (another) Norton or McAfee application has already been installed on the computer (for example, a free trial version which is preinstalled when you bought it)?
~ Robear Dyer (PA Bear) ~ MS MVP (that is to say, mail, security, Windows & Update Services) since 2002 ~ WARNING: MS MVPs represent or work for Microsoft
IPSec tunnel between a client connection mobility and WRV200
Someone has set up an IPSec tunnel between a client connection mobility and WRV200? I can't get the right configuration.
Agitation, these products are treated by the Cisco Small Business support community. Please refer to the URL: https://supportforums.cisco.com/community/netpro/small-business
The device or resource (web proxy) is not configured to accept connections on port "8080".
I move my windows pc to windows 7 10 but its many problems.
can I roll back to windows 7, my internet connection is always troubleshoot 'device or resource (web proxy) is not configured to accept connections on port "8080".
First of all, I say I have windows 7 os in the office and we are connected to the network with BSNL Modem LAN cable. Its saying connected and access to the Internet but cannot able to access to any browser.
I can using only Mozilla Fire Fox his work but other browser do not work.
Hi Dhyan Singh Talodiya,
Thanks for posting your query in Microsoft Community.
I imagine the inconvenience that you are experiencing and will certainly help you in the right direction to solve the problem. However, I would be grateful if you could answer a few questions to refine the question in order to provide you with better assistance.
- Are all the device drivers and Windows updates are updated?
- You have security software installed?
According to the description of the computer problem is cannot connect web proxy. The device or resource is not set to accept the connection on port 8080. The question might be if there is a corruption of parameters network or security software is limiting. Then, I suggest you to try the steps below and see if it helps you to solve the problem.
Method 1: Resolution of network performance problems.
Automated convenience store is a tool that can find and automatically fix problems with your computer. These utilities are not designed to solve all the problems, but they are useful to try because they can often save your time and efforts.
Run the network troubleshooter utility:
Method 2: Are looking for connection settings:
1. start Internet Explorer.
2. click on the Tools menu and then click Internet Options.
3. click on the Connections tab.
4. by dial and VPN settings, click the broadband connection, click settings, and then click on automatically detect settings.
5. click on OK.Method 3:
Temporarily disable the software security and user account control exit ramp when connecting.
Follow the steps described in the article below to temporarily turn off the ramp of user account control and security software.
Disable the antivirus software
http://Windows.Microsoft.com/en-us/Windows7/disable-antivirus-softwareNote: Antivirus software can help protect your computer against viruses and other security threats. In most cases, you should not disable your antivirus software. If you need to disable temporarily to install other software, you must reactivate as soon as you are finished. If you are connected to the Internet or a network, while your antivirus software is disabled, your computer is vulnerable to attacks.
Enable or disable the User Account Control
http://Windows.Microsoft.com/en-us/Windows/turn-user-account-control-on-off#1TC=Windows-7
Note: User Account Control (UAC) can help you to prevent your computer from unauthorized changes. It works by asking permission when a task requires administrative rights, such as installing software or changing settings affecting other users. We do not recommend disable user account control. If you turn it off, you must reactivate as soon as possible.
I hope this helps. Please let us know the results. Feel free to write us again for any further assistance. We will be happy to help you.
Kind regards
Limits of pix 506 for VPN client connections
Hello. My company is looking to move away from using Microsoft's RRAS to workers to remote VPN connections. We have a 506th Pix currently serving 2 site VPN connections and client connections. Nobody knows what the limit for concurrent client vpn connections on a 506e and if having 10 to 20 clients connected at the same time (on a user base of 100 +) would cause problems. Any thoughts would be greatly appreciated.
There is no license for the number of connections limit, this is more a limitation of resources. Check that the data sheet a 506E can handle 16 MB of 3DES VPN. It's marketing plug so the actual throughput will be lower.
Hope that helps.
How can I control the number of clients connecting to one or more access points?
Hi guys,.
I am using several access points LWAPP/CAPWAP (1010, 1131, 1142) connected to the 4400 series wlan controllers (OS Version 4.2 and 7.0).
Regarding the client connection to access points, I have several questions:
1. extent to which clients can connect to an access point (maximum possible vs recommended)?
2. can I limit the maximum number of clients connecting to the access point in the gui controller? I found how to configure thresholds for sending traps when a number of clients connected to an access point is reached.
3 How can I balance the number of customers between two adjacent ap, who use the same SSID?
Best regards
Thorsten
Hello
1. extent to which clients can connect to an access point (maximum possible vs recommended)?
YEARS-
Here is the link for possible Maximum...
http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/
c70ccfg.html#wp1085099Recommended , Not more than 20 clients per AP.
2. can I limit the maximum number of clients connecting to the access point in the gui controller? I found how to configure thresholds for sending traps when a number of clients connected to an access point is reached.
YEARS - here's the software bug that we had raised with the development team of thre...
Symptom:
There should be a way to limit the number of wireless clients that can associate to a lightweight AP.
Conditions:
Workaround:
3 How can I balance the number of customers between two adjacent ap, who use the same SSID?
YEARS - you can configure the feature aggressive load balancing across the WLC, it can help...
Let me know if that answers your question...
Concerning
Surendra
====
Please do not forget to note positions that answered your question and mark as answer or was useful'Require SSL for client connections and Administrator display.
Whence him 'require SSL for client connections and Administrator display' option under Display Configuration > global settings go into View 5.1? I don't see this because I do not have the right license or move it elsewhere?
According to the documentation of view 5.0 (http://pubs.vmware.com/view-50/index.jsp?topic=/com.vmware.view.installation.doc/GUID-5706AA18-795A-4575-96EF-98CA3E19228C.html), the option should always be there.
Thank you!
In the login server access configuration display: > servers > server connection > edit one of the servers, and you should see the optoins
Can number of concurrent VI client connections there be on VSphere 4.x?
Thank you
Prashant
Hello, Prashant-
It depends on your version of vSphere. By the maximum of Configuration docs, the maximum rates are:
vSphere 4.0 with 32-bit vCenter server: 15
vSphere 4.0 with 64-bit vCenter server: 30
vSphere 4.1 (vCenter works on 64 - bit): 100
The docs of Maximums:
vSphere 4.0: http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf (see page 7)
vSphere 4.1: http://www.vmware.com/pdf/vsphere4/r41/vsp_41_config_max.pdf (see page 6)
Enjoy.
Configure client connections view
my environment is essentially connected LAN Wyse P20 customer zero. When you configure the client connections to see that I am currently using the default 'secure connection tunnel.
should I consider that instead use "direct connect"?
Thanks in advance!
Cheers.
I don't think it's that much more administrative overhead. You can change the direct connection and since the LAN environment based so there would probably changes to firewall is necessary. In anyway, if I'm not mistaken the P20 would directly connect anyway when using PCOIP.
If you have found this device or any other useful post please consider the use of buttons useful/correct to award points
Twitter: http://twitter.com/mittim12
OID to display clients connected to AP
Hello, can anyone help me or know an implementation of an OID to display the number of clients connected through an Access Point? I use a WLC 5508
Thank you
+ 5 to solve your problem
Sent by Cisco Support technique iPad App
PIX: Cisco VPN Client connects but no routing
Hello
We have a Cisco PIX 515 with software 7.1 (2). He accepts Cisco VPN Client connections with no problems, but no routing does to internal networks directly connected to the PIX. For example, my PC is affected by the IP 172.16.2.57 and then ping does not respond to internal Windows server 172.16.0.12 or trying to RDP. The most irritating thing is that these attempts are recorded in the system log, but always ended with "SYN timeout", as follows:
2009-01-06 23:23:01 Local4.Info 217.15.42.214% 302013-6-PIX: built 3315917 for incoming TCP connections (172.16.2.57/1283) outside:172.16.2.57/1283 inside: ALAI2 / 3389 (ALAI2/3389)
2009-01-06 23:23:31 Local4.Info 217.15.42.214% 302014-6-PIX: TCP connection disassembly 3315917 for outside:172.16.2.57/1283 inside: ALAI2 / 3389 duration 0:00:30 bytes 0 SYN Timeout
2009-01-06 23:23:31 Local4.Debug 217.15.42.214% 7-PIX-609002: duration of disassembly-outside local host: 172.16.2.57 0:00:30
We tried to activate and deactivate "nat-control", "permit same-security-traffic inter-interface" and "permit same-security-traffic intra-interface", but the results are the same: the VPN connection is successfully established, but remote clients cannot reach the internal servers.
I enclose the training concerned in order to understand the problem:
interface Ethernet0
Speed 100
full duplex
nameif outside
security-level 0
IP address xx.yy.zz.tt 255.255.255.240
!
interface Ethernet1
nameif inside
security-level 100
172.16.0.1 IP address 255.255.255.0
!
access extensive list ip 172.16.0.0 inside_nat0_outbound allow 255.255.255.0 172.16.2.56 255.255.255.248
!
access extensive list ip 172.16.0.0 outside_cryptomap_dyn_20 allow 255.255.255.0 172.16.2.56 255.255.255.248
!
VPN_client_group_splitTunnelAcl list standard access allowed 172.16.0.0 255.255.255.0
!
IP local pool pool_vpn_clientes 172.16.2.57 - 172.16.2.62 mask 255.255.255.248
!
NAT-control
Global xx.yy.zz.tt 12 (outside)
NAT (inside) 0-list of access inside_nat0_outbound
NAT (inside) 12 172.16.0.12 255.255.255.255
!
internal VPN_clientes group strategy
attributes of Group Policy VPN_clientes
xxyyzz.NET value by default-field
internal VPN_client_group group strategy
attributes of Group Policy VPN_client_group
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list VPN_client_group_splitTunnelAcl
xxyyzz.local value by default-field
!
I join all the details of the cryptographic algorithms because the VPN is successfully completed, as I said at the beginning. In addition, routing tables are irrelevant in my opinion, because the inaccessible hosts are directly connected to the internal LAN of the PIX 515.
Thank you very much.
can you confirm asa have NAT traversal allow otherwise, activate it in asa and vpn clients try again.
PIX / ASA 7.1 and earlier versions
PIX (config) #isakmp nat-traversal 20
PIX / ASA 7.2 (1) and later versions
PIX (config) #crypto isakmp nat-traversal 20
Maybe you are looking for
-
I don't know where to go to get to the next level when the office is saying that the level I am sure will soon expire. Can I upgrade before its expiry, a new level NOT the newest one and how do I do it?
-
HP ENVY 15 Notebook PC G7Z03AV: Cursor jumps randomly
I start with the screen of the laptop closed and use an external monitor and a keyboard and mouse. After have started upward to a random interval later the cursor starts jumping around the screen and the function of the left button of the mouse is a
-
What is the highest speed of RAM I can install in my DV6-3112sa?
What is the highest speed of RAM I can install in my DV6-3112sa? The factory installed is RAM PC3-10700 (1333) installed. I'm looking to upgrade to PC3-12800 (1600). Will this work?
-
No HDMI Audio after the resumption of sleep\standby
Original title: No Audio HDMI Windows recognizes not the HDMI audio after recovering from sleep mode. The Audio is back, via HDMI, after restarting.
-
BlackBerry Z10 Importing & management google cotacts
I've used android earlier & manages all my contacts in gmail. Now, I am using Z10 & created account gmail in BB. But no option for synchronization. Google contacts. Is it possible to continue using, to manage and synchronize contacts from google in B