Oracle Fusion Middleware Release Notes

Oracle Fusion Middleware Release Notes
Oracle® Fusion Middleware
Release Notes
11g Release 1 (11.1.1) for HP-UX PA-RISC (64-Bit)
E14775-30
September 2011
Oracle Fusion Middleware Release Notes, 11g Release 1 (11.1.1) for HP-UX PA-RISC (64-Bit)
E14775-30
Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on
use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your
license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license,
transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse
engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is
prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If
you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it
on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data
delivered to U.S. Government customers are "commercial computer software" or "commercial technical data"
pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As
such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and
license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of
the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software
License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software or hardware is developed for general use in a variety of information management
applications. It is not developed or intended for use in any inherently dangerous applications, including
applications that may create a risk of personal injury. If you use this software or hardware in dangerous
applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other
measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages
caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of
their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks
are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD,
Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced
Micro Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information on content, products,
and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly
disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle
Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your
access to or use of third-party content, products, or services.
Contents
Preface ............................................................................................................................................................. xlvii
Audience...................................................................................................................................................
Documentation Accessibility .................................................................................................................
Related Documents .................................................................................................................................
Conventions .............................................................................................................................................
Part I
1
xlvii
xlvii
xlvii
xlvii
Oracle Fusion Middleware
Introduction
Latest Release Information ........................................................................................................ 1-1
Purpose of this Document ......................................................................................................... 1-1
System Requirements and Specifications ................................................................................ 1-1
Memory Requirements............................................................................................................... 1-2
Certification Information ........................................................................................................... 1-2
Where to Find Oracle Fusion Middleware Certification Information ......................... 1-2
Certification Exceptions ...................................................................................................... 1-2
Certification Information for Oracle Fusion Middleware 11g R1 with Oracle
Database 11.2.0.1........................................................................................................... 1-3
1.5.2.2
Restrictions on Specific Browsers............................................................................... 1-3
1.5.2.3
Process to Install and Configure WebCenter With 32-bit JDK on Supported 64-Bit
Platform.......................................................................................................................... 1-3
1.5.2.4
Support for GridLink Data Sources in Oracle Fusion Middleware 11g ............... 1-4
1.5.3
Upgrading Sun JDK From 1.6.0_07 to 1.6.0_11................................................................ 1-4
1.5.4
JMSDELIVERYCOUNT Is Not Set Properly.................................................................... 1-4
1.5.5
Viewer Plugin Required On Safari 4 To View Raw XML Source ................................. 1-5
1.6
Downloading and Applying Required Patches ..................................................................... 1-5
1.7
Licensing Information ................................................................................................................ 1-5
1.1
1.2
1.3
1.4
1.5
1.5.1
1.5.2
1.5.2.1
2 Installation, Patching, and Configuration
2.1
Installation Issues and Workarounds ......................................................................................
2.1.1
Oracle SOA Suite Installation Issues.................................................................................
2.1.1.1
Installing Oracle SOA Suite on a Dual Stack Host with IPv4 ................................
2.1.1.2
Installing Oracle SOA Suite Release 11.1.1.3.0 in a Turkish Environment...........
2.1.2
Oracle Portal, Forms, Reports and Discoverer Installation Issues ...............................
2.1.2.1
Prerequisite Warnings During Installation...............................................................
2-1
2-2
2-2
2-2
2-2
2-2
iii
2.1.3
2.1.3.1
2.1.3.2
2.1.3.3
2.1.3.4
2.1.4
2.1.4.1
2.1.4.2
2.1.4.3
2.1.4.4
2.1.4.5
2.1.4.6
2.1.4.7
2.1.4.8
2.1.5
2.1.5.1
2.1.5.2
2.1.5.3
2.1.5.4
2.1.6
2.1.6.1
2.1.6.2
2.1.7
2.1.7.1
2.1.7.2
2.1.7.3
2.1.8
2.1.8.1
2.1.8.2
2.1.9
2.1.9.1
2.1.9.2
2.1.10
2.1.11
2.1.12
2.2
2.2.1
iv
Oracle Web Tier Installation Issues................................................................................... 2-2
Oracle SOA Suite and Oracle Application Developer Must Be Installed Before
Oracle Web Tier ............................................................................................................ 2-3
Oracle Web Tier Silent Install Requires Oracle Web Cache Component Name . 2-3
Oracle Web Tier Sample Response File is Missing the MIDDLEWARE_HOME
Entry ............................................................................................................................... 2-3
Ignore Error Message CheckPatchApplicableOnCurrentPlatform Failed........... 2-3
Oracle Identity Management Installation Issues............................................................. 2-3
"Null" Dialog Box Appears When Installing Oracle Identity Management to FAT32
File System on Windows ............................................................................................. 2-4
WebLogic Administration Server Must Be Running When Extending Oracle
Identity Management Domains.................................................................................. 2-4
Ignore Syntax Error Message While Installing Classic, IDM, and WebTier
Shiphomes ..................................................................................................................... 2-4
Commands for Determining if Shared GCC Libraries for 11g WebGate Are Correct
Versions.......................................................................................................................... 2-5
Do Not Install Patch 9824531 During the Setup of OIM and OAM Integration . 2-5
JDK Installed in ORACLE_COMMON During WebTier and IDM Installation . 2-6
Welcome Screen of Oracle Entitlements Server Installer Not Translated ............ 2-6
Additional Information When Using a Java Security Module with Oracle
Entitlements Server ...................................................................................................... 2-6
JDK and JRE Installation Issues ......................................................................................... 2-7
Specifying the JRE Location if Installing with Automatic Updates ...................... 2-7
Upgrading Sun JDK in the Oracle Home Directory ................................................ 2-7
Installation Fails on 64-bit Operating Systems with 32-bit JDKs........................... 2-8
Out of Memory Errors When Using JDK 6 Update 23............................................ 2-8
Oracle Universal Installer Issues ....................................................................................... 2-8
Installer is Checking for the Wrong System Patches on Solaris x86-64 ............... 2-9
Entering the Administrator Password for a Simple Oracle Business Intelligence
Installation on Linux Operating Systems.................................................................. 2-9
Database and Schema Installation Issues......................................................................... 2-9
Setting the nls_length_semantics Parameter in your Database ............................. 2-9
Installing the SOAINFRA Schema with DBA Permissions .................................... 2-9
Database Connection Failure During Schema Creation When Installing Oracle
Internet Directory ...................................................................................................... 2-10
Error Messages and Exceptions Seen During Installation.......................................... 2-10
JRF Startup Class Exceptions May Appear in Oracle WebLogic Managed Server
Logs After Extending Oracle Identity Management Domain............................. 2-10
Sun JDK and Oracle Configuration Manager Failures in the Installation
Log File ........................................................................................................................ 2-10
Deinstallation Issues......................................................................................................... 2-10
Proper Deinstallation for Reinstallation in the Event of a Failed Installation .. 2-11
Deinstallation Does Not Remove WebLogic Domains ........................................ 2-11
Installing Oracle Service Registry in the Same Domain as Oracle SOA Suite ......... 2-11
Problems Installing in Thai and Turkish Locales......................................................... 2-13
Enterprise Manager Configuration Fails with Timezone Error Message................. 2-13
Patching Issues and Workarounds........................................................................................ 2-14
Oracle SOA Suite Patching Issues .................................................................................. 2-14
2.2.1.1
2.2.1.2
2.2.1.3
2.2.1.4
2.2.1.5
2.2.1.6
2.2.2
2.2.2.1
2.2.2.2
2.2.2.3
2.2.2.4
2.2.3
2.2.3.1
2.2.3.2
2.2.3.3
2.2.3.4
2.2.3.5
2.2.3.6
2.2.3.7
2.2.3.8
2.2.4
2.2.4.1
2.2.4.2
2.2.5
2.2.6
2.2.7
2.2.8
2.2.9
2.2.10
2.3
2.3.1
2.3.1.1
2.3.2
2.3.2.1
Exception Seen When Extending Your Existing Oracle SOA Suite Domain with
Oracle Business Process Management Suite.......................................................... 2-14
Exception Seen When Undeploying any SOA Composite with Range-Based
Dimension Business Indicators ............................................................................... 2-15
Running Oracle Business Process Management Suite with Microsoft SQL Server
2008 Database............................................................................................................. 2-16
Update to Oracle SOA Suite Release 11.1.1.3.0 Does Not Remove the b2b.r1ps1
Property ...................................................................................................................... 2-16
Manual Steps for Migrating Oracle UMS and Oracle MDS ................................ 2-16
Monitored BPEL Processes Generate Warning Messages in Log File After
Applying 11g Release 1 (11.1.1.4.0) Patch Set ........................................................ 2-17
Oracle WebCenter Patching Issues ................................................................................ 2-17
Deploying WebCenterWorklistDetailApp.ear for WebCenter Spaces
Workflows .................................................................................................................. 2-17
Some WebCenter Applications Show Old Version Number .............................. 2-17
Problem Using WebCenter Spaces Customizations with .jsp Pages After Installing
the 11.1.1.4.0 Patch Set .............................................................................................. 2-17
Errors When Updating Oracle WebCenter Using WLST Commands............... 2-18
Oracle Identity Management Patching Issues .............................................................. 2-18
Uploading Third Party JAR Files to the Database ................................................ 2-18
Access Policy With Approval Does Not Work After Patch ................................ 2-18
OID and OVD Saved Connections Not Available After Patch From Release
11.1.1.2.0 or 11.1.1.3.0 ................................................................................................ 2-19
Error When Running the upgradeOpss() Command When Upgrading Oracle
Identity Management................................................................................................ 2-19
Errors in the Log Files After Patching Oracle Identity Management to Release
11.1.1.4.0 ...................................................................................................................... 2-19
Warning Message When Migrating Oracle Identity Federation from Release
11.1.1.1.0 to Release 11.1.1.2.0 .................................................................................. 2-20
Benign Errors Logged When Patching Oracle Identity Management 11.1.1.2.0
Installation to 11.1.1.3.0............................................................................................. 2-20
Exception Seen When Starting Oracle Identity Management Server ................ 2-21
System Component Patching Issues .............................................................................. 2-21
Redeploy System Components to Ensure Proper Deinstallation ....................... 2-21
Setting Execute Permissions for emctl When Migrating System Components 2-21
MDS Schema Version Number is Incorrect .................................................................. 2-22
Oracle BI Components Show Incorrect Version Number After Patching ................ 2-22
Warnings When Running upgradeOpss() .................................................................... 2-22
"Patch Already Installed" Warning Message in Log File ............................................ 2-23
Manual Step for ODI-BAM Users After Installing 11.1.1.4.0 Patch Set .................... 2-23
Applications Generate javax.xml.bind.JAXBException Runtime Errors After Installing
11.1.1.4.0 Patch Set ............................................................................................................ 2-24
Configuration Issues and Workarounds .............................................................................. 2-24
Oracle SOA Suite Configuration Issues......................................................................... 2-24
Exception Seen for Oracle SOA Suite with WebSphere Application Server .... 2-24
Oracle Identity Management Configuration Issues..................................................... 2-25
Errors Logged to Managed Server Log Files When Extending a 11.1.1.3.0 Oracle
Identity Management Domain on a Remote System............................................ 2-25
v
2.3.2.2
2.3.2.3
2.3.2.4
2.3.2.5
2.3.2.6
2.3.3
2.3.3.1
2.3.3.2
2.3.3.3
2.3.4
2.3.4.1
2.3.4.2
2.3.5
2.3.5.1
2.3.5.2
2.3.5.3
2.3.6
2.3.6.1
2.3.6.2
2.3.6.3
2.3.7
2.3.8
2.3.9
2.4
2.4.1
2.5
2.5.1
2.5.2
Log Messages Appearing on Console During Oracle Identity Management Schema
Creation....................................................................................................................... 2-26
Configuring Oracle Identity Management When WebLogic Node Manager is
Running....................................................................................................................... 2-26
Configuring OID with Oracle Data Vault.............................................................. 2-26
Password Requirements for Oracle Internet Directory Administrator ............. 2-27
Error Message When Configuring Oracle Identity Federation .......................... 2-27
Configuration Wizard Issues .......................................................................................... 2-27
Starting the Configuration Wizard From a New Window.................................. 2-28
Specify Security Updates Screen Does Not Appear in the Configuration
Wizard ......................................................................................................................... 2-28
Some Text Truncated on the "Server Start Mode and JDK Configuration"
Screen........................................................................................................................... 2-28
Repository Creation Utility Issues ................................................................................. 2-28
Schemas Are Not Visible After Upgrade of Oracle Identity Management....... 2-28
RCU Summary Screen Issues................................................................................... 2-28
Pack and Unpack Issues .................................................................................................. 2-29
Ensure There Are No Missing Products When Using unpack.sh or
unpack.cmd................................................................................................................. 2-29
Running unpack.sh or unpack.cmd on a Different Host..................................... 2-29
Starting Managed Servers on Remote System After Packing and Unpacking
Domain........................................................................................................................ 2-30
Configuration Issues Working With Clusters .............................................................. 2-30
Extend Domain and Expand Cluster Scenarios with Remote Systems ............. 2-31
Unable to Extend an Existing Domain by Selecting Only Oracle Directory
Integration Platform Without Cluster .................................................................... 2-31
Expand Cluster Requires Changes to the emd.properties File ........................... 2-31
Changing the Listen Address of a Managed Server .................................................... 2-31
Domain Extension Overwrites JDBC Data Source Name........................................... 2-31
Rerouting to Original URL After SSO Authentication in Firefox and Safari
Browsers ............................................................................................................................. 2-32
Known Issues............................................................................................................................ 2-32
Forms and Reports Builder Not Supported.................................................................. 2-32
Documentation Errata ............................................................................................................. 2-32
Updating OIM Configuration to Use Oracle HTTP Server 10g WebGate................ 2-32
Missing Logout Configuration Steps in the Oracle Identity Management Installation
Guide .................................................................................................................................. 2-33
3 Upgrade
3.1
General Issues and Workarounds ............................................................................................ 3-1
3.1.1
Patches Required to Address Specific Upgrade and Compatibility Requirements .. 3-2
3.1.1.1
Obtaining Patches and Support Documents From My Oracle Support (Formerly
OracleMetaLink) ............................................................................................................ 3-5
3.1.1.2
Upgrading the Oracle BAM Schema on Oracle Database 11g on Microsoft
Windows ........................................................................................................................ 3-5
3.1.2
Unable to Read Composite Model Error During SOA Application Upgrade ............ 3-5
3.1.3
Oracle BAM Upgrade Issues .............................................................................................. 3-6
vi
3.1.3.1
3.1.3.2
3.1.3.3
3.1.3.4
3.1.3.5
3.1.4
3.1.5
3.1.6
3.1.7
3.1.7.1
3.1.7.2
3.1.7.3
3.1.8
3.1.8.1
3.1.8.2
3.1.8.3
3.1.8.4
3.1.9
3.1.10
3.1.11
3.1.12
3.1.13
3.1.14
3.1.15
3.1.16
3.1.17
3.1.18
3.2
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.2.7.1
3.2.7.2
3.3
Datapump Export for Oracle BAM Upgrade Plug-in Fails in Oracle Database 10g
(10.2.0.3), 10g (10.1.2.0.4), and Oracle Database 11g (11.1.0.7) ............................... 3-6
Dependent Alerts Do Not Upgrade Correctly ......................................................... 3-6
Problem Upgrading a Report that Contains Calculated Fields ............................. 3-7
Calculated Fields Reference the Field ID Rather Than Field Names After Upgrade
to Oracle BAM 11g........................................................................................................ 3-7
Using the Oracle BAM 11g Samples After Upgrade from Oracle BAM 10g........ 3-7
Error When Upgrading Oracle Internet Directory Due to Invalid ODS Schema....... 3-8
Restore From Backup Required If Upgrade Fails During a Colocated Oracle Internet
Directory and Oracle Directory Integration Platform Upgrade ................................... 3-8
Cannot Verify Oracle Forms Services Upgrade When Oracle HTTP Server is Running
On a Separate Host .............................................................................................................. 3-8
WebCenter Security Upgrade Release Notes .................................................................. 3-8
RowSetPermission check fails with compatibility flag set ..................................... 3-9
Grants not migrated properly if application contains grants without
permissions .................................................................................................................... 3-9
Shared/public credentials not found after external application deployed ......... 3-9
Oracle B2B Upgrade Release Notes ............................................................................... 3-10
Service Name Is Required When Using ebMS with Oracle B2B ........................ 3-10
Converting Wallets to Keystores for Oracle B2B 11g ........................................... 3-10
Oracle B2B UCCnet Documents Not Upgraded to 11g........................................ 3-10
Errors in the Upgrade Log Files Even When Oracle B2B Schema Upgrade is
Successful.................................................................................................................... 3-11
Problem Accessing the Welcome Pages in Oracle HTTP Server After Upgrade .... 3-11
Misleading Error Message When Upgrading Oracle Internet Directory ................. 3-11
Additional Steps Required When Redeploying the SOA Order Booking Sample
Application on Oracle Fusion Middleware 11g ........................................................... 3-12
Additional Steps Required When Upgrading Human Taskflow Projects ............... 3-12
Stopping Oracle Virtual Directory Processes During Upgrade................................. 3-13
Providing Input to Upgrade Assistant Screens When Oracle Internet Directory
Upgrade Fails .................................................................................................................... 3-13
Upgrading Oracle Access Manager Middle Tier ......................................................... 3-14
Inaccurate Results When Running the Upgrade Assistant Verify Feature .............. 3-14
Missing jdk_version.log File When Launching Upgrade Assistant.......................... 3-14
Test Suites in Oracle SOA Suite 10g Projects Not Upgraded to 11g.......................... 3-14
General Issues and Workarounds for Migrating from 11.1.1.1.0...................................... 3-14
Stopping the 11.1.1.2.0 Domain ...................................................................................... 3-15
Patching the Schema for Oracle Internet Directory ..................................................... 3-15
Changing the patchmaster.ValidationErrorContinue Property ................................ 3-15
Changing the Default Setting for Validation Tasks ..................................................... 3-15
Severe Error When Running the execute-sql-rcu Macro ............................................ 3-16
Machine Names Do Not Appear in the Oracle WebLogic Server Administration
Console ............................................................................................................................... 3-16
Using the Oracle BAM 11g Prepackaged Samples After Migrating from 11.1.1.1.0 3-16
Configuring the Oracle BAM 11g Samples After Migrating from 11.1.1.1.0 .... 3-17
Using the Foreign Exchange Sample After Migrating from 11.1.1.1.0............... 3-17
Documentation Errata for Upgrade ...................................................................................... 3-17
vii
3.3.1
3.3.1.1
3.3.2
3.3.2.1
3.3.2.2
3.3.3
3.3.3.1
Documentation Errata for the Upgrade Guide for Oracle SOA Suite, WebCenter, and
ADF..................................................................................................................................... 3-17
Errors in Additional Steps for Upgrading Technology Adapter Headers........ 3-18
Documentation Errata for the Oracle Fusion Middleware Upgrade Guide for Oracle
Identity Management ....................................................................................................... 3-18
Error in Procedure for Identifying Additional Oracle Internet Directory
Instances ..................................................................................................................... 3-18
Error in Oracle Virtual Directory Releases Supported......................................... 3-19
Documentation Errata for the Oracle Fusion Middleware Upgrade Guide for
Java EE ................................................................................................................................ 3-19
Clarification of Post-Upgrade Tasks for SSL-Enabled Oracle HTTP Server..... 3-19
4 Oracle Fusion Middleware Administration
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.1.7
4.2
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.2.6
General Issues and Workarounds ............................................................................................ 4-1
Clarification About Path for OPMN ................................................................................. 4-1
Fusion Middleware Control May Return Error in Mixed IPv6 and IPv4
Environment ......................................................................................................................... 4-2
Deploying JSF Applications ............................................................................................... 4-2
Limitations in Moving from Test to Production ............................................................. 4-2
Limitations in Moving Oracle Business Process Management from Test to Production
Environment ......................................................................................................................... 4-4
Message Returned with Incorrect Error Message Level ................................................ 4-4
Recovering from Loss of Host for Oracle Essbase Not Supported............................... 4-5
Configuration Issues and Workarounds ................................................................................. 4-5
Must Stop Oracle SOA Suite Managed Server Before Stopping soa-infra .................. 4-5
Configuring Fusion Middleware Control for Windows Native Authentication ....... 4-5
Fusion Middleware Control Does Not Keep Column Preferences in Log
Viewer Pages ........................................................................................................................ 4-7
Topology Viewer Does Not Display Applications Deployed to a Cluster.................. 4-7
Changing Log File Format.................................................................................................. 4-7
SSL Automation Tool Configuration Issues ................................................................... 4-7
5 Oracle Enterprise Manager Fusion Middleware Control
General Issues and Workarounds ............................................................................................ 5-1
Product Behavior After a Session Timeout ...................................................................... 5-2
Fixing Errors Displayed When Selecting the TopLink Sessions Command in Fusion
Middleware Control ............................................................................................................ 5-2
5.1.3
Verifying the DISPLAY Variable to Correct Problems Displaying Graphics ............. 5-2
5.1.4
Incomplete Information Available on the MDS Configuration Page .......................... 5-3
5.1.5
Exceptions When Starting Oracle Web Cache After Accessing Configuration Pages
from Oracle Enterprise Manager Fusion Middleware Control..................................... 5-3
5.1.6
Table Display Problems When Using Some Language Variants.................................. 5-3
5.1.7
Problems When Internet Explorer 7 is Configured to Open Pop-Up Windows in a New
Tab.......................................................................................................................................... 5-3
5.1.8
Additional Fusion Middleware Control Release Notes ................................................. 5-3
5.1.9
Problem with Performance Charts After Moving a Chart Region ............................... 5-3
5.1.10
Display Problems When Running JDK 160_18 on Intel Systems that Support the SSE4.2
Instruction Set....................................................................................................................... 5-4
5.1
5.1.1
5.1.2
viii
Adobe Flash Plugin Required When Displaying Fusion Middleware Control in the
Apple Safari Browser ..........................................................................................................
5.1.12
Unable to Access Fusion Middleware Control After Installing the Oracle Identity
Management 11.1.1.4.0 Patch Set.......................................................................................
5.1.13
Disk Space Considerations When Using Fusion Middleware Control to Scale Out
Oracle BI EE ..........................................................................................................................
5.2
Documentation Errata ................................................................................................................
5.2.1
Search Unavailable for Some Embedded Administrator's Guides ..............................
5.2.2
Patching Section in the Fusion Middleware Control Online Help is Not
Supported..............................................................................................................................
5.1.11
5-4
5-5
5-5
5-5
5-5
5-5
6 Oracle Fusion Middleware High Availability and Enterprise Deployment
6.1
6.1.1
6.1.2
6.1.3
6.1.4
6.1.5
6.1.6
6.1.7
6.1.8
6.1.9
6.1.10
6.1.11
6.1.12
6.1.13
6.1.14
6.1.15
6.1.16
6.1.17
6.1.18
6.1.19
6.1.20
6.1.21
6.1.22
6.1.23
General Issues and Workarounds ............................................................................................ 6-1
Secure Resources in Application Tier ............................................................................... 6-2
mod_wl Not Supported for OHS Routing to Managed Server Cluster....................... 6-3
Only Documented Procedures Supported....................................................................... 6-3
SOA Composer Generates Error During Failover .......................................................... 6-3
Accessing Web Services Policies Page in Cold Failover Environment ........................ 6-3
Considerations for Oracle Identity Federation HA in SSL Mode................................. 6-3
Online Help Context May be Lost When Failover Occurs in High Availability
Environment ......................................................................................................................... 6-4
ASCRS Cannot be Used to Create a Database Resource for the Oracle Database
Console Service on Windows............................................................................................. 6-4
Changes to Rulesets May Not be Persisted During an Oracle RAC Instance
Failover .................................................................................................................................. 6-4
Manual Retries May be Necessary When Redeploying Tasks During an Oracle RAC
Failover.................................................................................................................................. 6-4
Timeout Settings for SOA Request-Response Operations are Not Propagated in a Node
Failure .................................................................................................................................... 6-5
Scale Out and Scale Up Operations Fail ........................................................................... 6-5
Harmless SQLIntegrityConstraintViolationException Can be Received in a SOA
Cluster ................................................................................................................................... 6-5
WebLogic Cluster WS-AT Recovery Can Put a Server into a 'Warning' State ........... 6-6
Very Intensive Uploads from I/PM to UCM May Require Use of IP-Based Filters in
UCM Instead of Hostname-Based Filters......................................................................... 6-6
Worklist Application May Throw Exception if Action Dropdown Menu is Used
During a Failover ................................................................................................................. 6-6
ClassCastExceptions in a SOA Cluster for the SOA Worklist Application................. 6-7
Use srvctl in 11.2 Oracle RAC Databases to Set Up AQ Notification and Server-side
TAF ........................................................................................................................................ 6-7
Oracle I/PM Input Files May Not be Processed Correctly During an Oracle RAC
Failover.................................................................................................................................. 6-8
Failover Is Not Seamless When Creating Reports in Oracle BI Publisher .................. 6-8
Failed to Load Error Appears in Layout View When Oracle BI Publisher Managed
Server is Failed Over ........................................................................................................... 6-8
When Scheduling an Oracle BI Publisher Job, a Popup Window Appears After
Managed Server Failover.................................................................................................... 6-9
Cannot Save Agent When Oracle Business Intelligence Managed Server Fails
Over........................................................................................................................................ 6-9
ix
6.1.24
6.1.25
6.1.26
6.1.27
6.2
6.2.1
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9
6.2.10
6.2.11
6.2.12
6.2.13
6.2.14
6.2.15
6.2.16
6.2.17
6.2.18
6.2.19
6.2.20
6.2.21
6.2.22
6.3
6.4
6.4.1
6.4.1.1
6.4.2
6.4.2.1
6.4.2.2
6.4.2.3
6.4.3
6.4.3.1
x
Patch 10094106 Required for SSO Configuration in an Enterprise Deployment ....... 6-9
Installing Additional Oracle Portal, Forms, Reports, and Discoverer Instances After
Upgrading Oracle Single Sign-On 10g to Oracle Access Manager 11g........................ 6-9
JMS Instance Fails In a BI Publisher Cluster................................................................. 6-10
Null Pointer Exception Error Window Opens during Approving Task When Failover
Occurs ................................................................................................................................. 6-10
Configuration Issues and Workarounds .............................................................................. 6-10
jca.retry.count Doubled in a Clustered Environment ................................................. 6-11
Cluster Time Zones Must Be the Same.......................................................................... 6-11
Fusion Middleware Control May Display Incorrect Status........................................ 6-11
Accumulated BPEL Instances Cause Performance Decrease ..................................... 6-11
Extra Message Enqueue when One a Cluster Server is Brought Down and
Back Up .............................................................................................................................. 6-12
Duplicate Unrecoverable Human Workflow Instance Created with Oracle RAC
Failover............................................................................................................................... 6-12
Configuration Files Missing after Planned Administration Server Node Shutdown or
Reboot................................................................................................................................. 6-12
No High Availability Support for SOA B2B TCP/IP .................................................. 6-12
WebLogic Administration Server on Machines with Multiple Network Cards ..... 6-13
Additional Parameters for SOA and Oracle RAC Data Sources................................ 6-13
Message Sequencing and MLLP Not Supported in Oracle B2B HA Environments 6-14
Credentials not Propagated for Transport Protocols in B2B ...................................... 6-14
Create a Protected Resource for Oracle Identity Navigator ....................................... 6-14
Use Fully-Qualified Hostnames when Configuring Front-end Hosts in High
Availability Configurations............................................................................................. 6-15
Managed Server goes into Suspended Status After Oracle RAC Failover............... 6-15
Primary/Secondary Configuration Section of the Availability Tab is Not Visible 6-15
Permission Denied Error appears and Oracle Identity Manager Fails to
Configure............................................................................................................................ 6-16
Limitation in the Command Line Options for the OAM Configuration Tool ......... 6-16
Server Start Parameters Not Getting Set After Scaling Out the Oracle Business
Intelligence Managed Server.......................................................................................... 6-16
Ensuring the Oracle HTTP Server Lock File is on a Local Drive ............................... 6-16
Enabling High Availability for Oracle JMS Adapter................................................... 6-16
Oracle Access Manager Servers Fail to Start................................................................. 6-17
Testing Abrupt Failures of WebLogic Server When Using File Stores on NFS .............. 6-18
Documentation Errata ............................................................................................................. 6-22
Documentation Errata for the Fusion Middleware High Availability Guide ......... 6-22
Latest Requirements and Certification Information............................................. 6-22
Documentation Errata for the Fusion Middleware Enterprise Deployment Guide for
Oracle WebCenter............................................................................................................. 6-23
Link to Section 8.1.3 is Missing................................................................................ 6-23
Additional Information for Discussions Forum Mulitcast to Unicast
Conversion .................................................................................................................. 6-23
Additional Discussion Connection Properties Explained in Administration
Guide .......................................................................................................................... 6-23
Documentation Errata for the Fusion Middleware Enterprise Deployment Guide for
Oracle Identity Management .......................................................................................... 6-23
Set -DDomainRegistrationEnabled=true when Starting Node Manager.......... 6-24
6.4.3.2
6.4.3.3
6.4.3.4
6.4.4
6.4.4.1
6.4.4.2
6.4.5
6.4.5.1
6.4.5.2
6.4.5.3
6.4.5.4
6.4.5.5
6.4.5.6
Ignore Empty Section in the Oracle Virtual Directory Chapter ......................... 6-24
Modify oracleRoot.sh Script and Run It as root When Configuring Oracle
Internet Directory Instances..................................................................................... 6-24
Missing Content in Section on Disabling Oracle Virtual Directory Listener SSL
NIO .............................................................................................................................. 6-24
Documentation Errata for the Oracle Fusion Middleware Enterprise Deployment
Guide for Oracle Business Intelligence .......................................................................... 6-25
Additional Step Must be Performed After Setting the Location of the BI Publisher
Configuration Folder ................................................................................................. 6-25
Corrections to the Setting the Location of the Shared Oracle BI Presentation
Catalog Section........................................................................................................... 6-25
Documentation Errata Affecting Multiple Enterprise Deployment Guides ............ 6-26
Sections on Configuring Oracle Coherence for SOA Composites Need Fixes . 6-26
Updates are Needed to Steps for Testing Server Migration................................ 6-27
Steps for Updating Data Sources for Server Migration Need Updates............. 6-27
Clarification of the Procedure for Configuring the Analytics Collectors.......... 6-28
Correction to Table 2-2, "Ports Used" ..................................................................... 6-28
WebLogic Versions May Not Be Current in Enterprise Deployment Guides .. 6-28
Part II Oracle Development Tools
7 Oracle JDeveloper and Oracle Application Development Framework (ADF)
8 Oracle TopLink
8.1
General Issues and Workarounds ............................................................................................ 8-1
8.1.1
TopLink Object-Relational Issues...................................................................................... 8-1
8.1.1.1
Incorrect outer join SQL on SQLServer2005 ............................................................ 8-1
8.1.1.2
UnitOfWork.release() not Supported with External Transaction Control ........... 8-2
8.1.1.3
Returning Policy for UPDATE with Optimistic Locking ....................................... 8-2
8.1.1.4
JDBC Drivers returning Timestamps as Strings ...................................................... 8-2
8.1.1.5
Proxy Authentication with Oracle Containers for Java EE (OC4J) Managed Data
Sources ........................................................................................................................... 8-3
8.1.1.6
Unit of Work does not add Deleted Objects to Change Set ................................... 8-3
8.1.2
TopLink Workbench Issues................................................................................................ 8-3
8.1.2.1
Accessibility................................................................................................................... 8-4
8.1.2.2
Running the TopLink Workbench on Windows OS ............................................... 8-4
8.1.3
Oracle Database Extensions with TopLink ...................................................................... 8-4
8.1.3.1
Template JAR for Spatial and XDB Support in Oracle WebLogic Server ............ 8-4
8.1.4
Allowing Zero Value Primary Keys.................................................................................. 8-5
8.1.5
Managed Servers on Sybase with JCA Oracle Database Service .................................. 8-6
8.1.6
Logging Configuration with EclipseLink Using Container Managed JPA................. 8-6
8.1.7
Grid Cache requires CacheLoader .................................................................................... 8-6
Part III
Web Tier
xi
9 Oracle HTTP Server
10 Oracle Web Cache
10.1
Configuration Issues and Workarounds .............................................................................. 10-1
10.1.1
Reset the Random Password Generated When Installing Oracle Portal, Forms, Reports,
and Discoverer .................................................................................................................. 10-1
10.1.2
Running Oracle Web Cache Processes as a Different User Is Not Supported......... 10-2
Part IV Oracle WebLogic Server
11 Oracle WebLogic Server
11.1
General Issues and Workarounds ......................................................................................... 11-2
11.1.1
Oracle WebLogic Server Version Number.................................................................... 11-2
11.1.2
Oracle ojdbc14.jar File Has Been Changed to ojdbc6.jar............................................. 11-2
11.1.3
Strong Password Enforcement May Cause Issues With WLST Offline Scripts....... 11-2
11.1.4
In Turkish Locale, MDS Initialization Fails .................................................................. 11-3
11.1.5
Administration Server Reports a 'Too Many Open Files' Message on the EM
Console ............................................................................................................................... 11-3
11.2
Administration Console Issues and Workarounds............................................................. 11-3
11.2.1
Console Help Viewer Does Not Display Help Table of Contents or Search ........... 11-4
11.2.2
Cached JDBC Information is not Displayed ................................................................. 11-4
11.2.3
Pressing Browser Back Button Discards Context......................................................... 11-4
11.2.4
Unsupported Work Manager Configurations Can Be Created ................................. 11-4
11.2.5
Server Status Table Reflects Inconsistent Information ................................................ 11-4
11.2.6
Exceptions When Defining a Security Policy for an EJB............................................. 11-5
11.2.7
Administration Console Does Not Always Reflect External Changes Made in a
Deployment Plan .............................................................................................................. 11-5
11.2.8
Oracle OCI Driver Support ............................................................................................. 11-5
11.2.9
Data Takes a Long Time to Display on the Metric Browser Tab ............................... 11-5
11.3
Apache Beehive Support Issues and Workarounds ........................................................... 11-6
11.4
Configuration Issues and Workarounds .............................................................................. 11-6
11.4.1
Directory For a Non-Existent Server Name Is Created ............................................... 11-6
11.4.2
Abnormal Behavior in Terminal Window After Entering WebLogic Password .... 11-6
11.4.3
Creating and Updating Domains Takes Too Long...................................................... 11-6
11.4.4
Password Field Is Not Editable When Configuring a New Domain ........................ 11-7
11.5
Connector (Resource Adapter) Issues and Workarounds ................................................. 11-7
11.6
Console Extensions Issues and Workarounds..................................................................... 11-7
11.7
Core Server and Core Work Manager Issues and Workarounds ..................................... 11-7
11.7.1
Threads Become Stuck While Waiting to Get a Connection ...................................... 11-8
11.7.2
Using IPv6-Formatted Addresses .................................................................................. 11-8
11.7.3
Server Cannot Be Started After a Whole Server Migration ........................................ 11-8
11.7.4
Object State is not Retained After Renaming Field...................................................... 11-8
11.7.5
Forcing Unicast Messages To Be Processed in Order ................................................. 11-9
11.7.6
Servers Configured to Listen on a Host Name Are Listening on a Different Host Name
After Startup ...................................................................................................................... 11-9
11.7.7
Administration Server or Node Manager Cannot Track the Status of a Managed
Server ................................................................................................................................ 11-10
xii
Multicast Traffic Observed to be Unreliable During or After a Network
Partition ............................................................................................................................ 11-10
11.8
Deployment Issues and Workarounds ............................................................................... 11-10
11.8.1
security-permission Element is not Available in weblogic-application.xml ......... 11-10
11.8.2
Extraneous String Values Interpreted as File Specification...................................... 11-11
11.8.3
java.lang.NoClassDefFoundError is Displayed ......................................................... 11-11
11.8.4
The restore Method Does Not Update the DConfig Bean With Plan Overrides... 11-11
11.8.5
config-root <directory> not found Warning Is Displayed When Applying a Plan 11-11
11.8.6
Deployment Task Fails When a Large Application File Is Deployed ..................... 11-12
11.8.7
Application State Is Not Updated If the Server Starts in MSI Mode....................... 11-12
11.8.8
Attempting to Redeploy an Application Fails if the Application is Already Deployed
Using a Different Source File Location ........................................................................ 11-12
11.9
EJB Issues and Workarounds ............................................................................................... 11-12
11.9.1
Primary Key in Oracle Table is CHAR ........................................................................ 11-13
11.9.2
No Available Annotation That Enables Creation of a Clusterable Timer .............. 11-13
11.9.3
Kodo's MappingTool Cannot Generate Schemas ...................................................... 11-13
11.9.4
Extensions to the JPA Metadata Model Can Only Be Specified Via Annotations 11-13
11.9.5
Lookup Method Injection Not Supported by Spring ................................................ 11-14
11.9.6
Deserializing a JDO PersistenceManagerFactory in a Managed Environment
May Fail ............................................................................................................................ 11-14
11.9.7
Indexes Not Always Created During Schema Creation ........................................... 11-14
11.9.8
OpenJPA throws an exception when @Id fields are also annotated as @Unique . 11-14
11.9.9
Cache Hit and Miss Counts May Rise Unexpectedly................................................ 11-14
11.9.10
Open JPA Tries to Create a Table Even if the Table Exists ....................................... 11-14
11.9.11
EJB Applications Fail During Serialization ................................................................. 11-15
11.9.12
Non-Transactional Message-Driven Bean Container Can Fail to Provide Reproducible
Behavior For Foreign Topics ......................................................................................... 11-15
11.10 Examples Issues and Workarounds .................................................................................... 11-15
11.10.1
Security Configuration in medrec.wls.config ............................................................. 11-15
11.10.2
HTML File not Created for StreamParser.java File.................................................... 11-16
11.10.3
Warning Message Appears When Starting Medrec or Samples Domain .............. 11-16
11.11 HTTP Publish/Subscribe Server Issues and Workarounds ............................................ 11-16
11.11.1
Authentication and Authorization of the Local Client is not Supported ............... 11-16
11.11.2
Event Messages Published by Local Clients Cannot Be Received........................... 11-17
11.11.3
Event Messages Published By Local Clients Do Not Go Through Filters.............. 11-17
11.12 Installation Issues and Workarounds ................................................................................. 11-17
11.12.1
Sybase JDBC Drivers Not Downloaded with Upgrade Installation ....................... 11-17
11.12.2
Improper Rollback to Previous Installation May Occur After Exiting an Upgrade
Installation Prematurely ................................................................................................ 11-17
11.12.3
Unable to Upgrade to WebLogic Server 10.3.4 Using Smart Update ..................... 11-18
11.12.4
Documentation Link in QuickStart Points to an Older Library............................... 11-18
11.12.5
WebLogic Server Installer Fails With Insufficient Disk Space Error....................... 11-18
11.12.6
Installation Fails with Fatal Error................................................................................. 11-18
11.12.7
Installation of Oracle WebLogic Server 10.3.5 on HP-UX PA-RISC 11.31 Fails in GUI
Mode ................................................................................................................................. 11-19
11.13 Java EE Issues and Workarounds........................................................................................ 11-19
11.13.1
FastSwap May Relax the Access Modifiers of Fields and Methods ........................ 11-19
11.13.2
FastSwap Does Not Support Redefinition of the Entity Bean and ejbClass ......... 11-19
11.7.8
xiii
Classpath Order Is Not Guaranteed When There Are Multiple JARs in an
EAR File............................................................................................................................ 11-20
11.14 JDBC Issues and Workarounds............................................................................................ 11-20
11.14.1
Queries Can Take Longer When Using Data Direct 4.0 MSSQL Driver................. 11-20
11.14.2
An Attempt to Access a Remote 10.3.2 or Later WLS Data Source Fails................ 11-21
11.14.3
BLOB Data Is Not Updating in the Database ............................................................. 11-22
11.14.4
ORA-01591 Errors Occur on SOA Servers Configured to Use Multiple Oracle RAC
Nodes................................................................................................................................ 11-22
11.15 JMS Issues and Workarounds .............................................................................................. 11-22
11.15.1
Deployment Descriptor Validation Fails..................................................................... 11-22
11.15.2
Exception When Multiple Producers Use the Same Client SAF Instance .............. 11-23
11.15.3
Multi-byte Characters are not Supported in Store File and Directory Names ...... 11-23
11.15.4
Generation of the Default UOO Name Has Changed ............................................... 11-23
11.15.5
Testing Abrupt Failures of WebLogic Server When Using File Stores on NFS..... 11-23
11.15.6
JMS Message Consumers Will Not Always Reconnect After a Service Migration 11-23
11.15.7
Forcing Unicast Messages To Be Processed in Order ............................................... 11-23
11.16 JNDI Issues and Workarounds ............................................................................................ 11-24
11.17 JSP and Servlet Issues and Workarounds .......................................................................... 11-24
11.17.1
Deployment Plans Cannot Be Used To Override Two Descriptors ........................ 11-24
11.17.2
Spring Dependency Injection Not Supported on JSP Tag Handlers....................... 11-24
11.17.3
503 Error When Accessing an Application With a Valid sessionid......................... 11-24
11.18 JTA Issues and Workarounds .............................................................................................. 11-24
11.19 Java Virtual Machine (JVM) Issues and Workarounds .................................................... 11-24
11.19.1
1.4 Thin Client Applet Cannot Contact WebLogic Server ........................................ 11-25
11.19.2
Using AWT libraries May Cause a JVM Crash .......................................................... 11-25
11.20 Monitoring Issues and Workarounds ................................................................................. 11-25
11.20.1
MBean Attributes Not Explicitly Marked as @unharvestable Appear as
Harvestable ...................................................................................................................... 11-25
11.20.2
The BEA Prefix in Message IDs Will Be Changed in a Future Release................... 11-25
11.20.3
Events Generated By the JVM Level Are Not Generated at Low Volume............. 11-26
11.20.4
WLDF Performance Issues Can Occur When JVM Events Are Enabled................ 11-26
11.21 Node Manager Issues and Workarounds........................................................................... 11-26
11.22 Operations, Administration, and Management Issues and Workarounds ................... 11-26
11.23 Oracle Kodo Issues and Workarounds ............................................................................... 11-26
11.24 Protocols Issues and Workarounds..................................................................................... 11-27
11.25 RMI-IIOP Issues and Workarounds .................................................................................... 11-27
11.25.1
Ant 1.7 rmic Task Incompatibility................................................................................ 11-27
11.26 Security Issues and Workarounds....................................................................................... 11-27
11.26.1
StoreBootIdentity Works Only if the Appropriate Server Security Directory
Exists ................................................................................................................................. 11-27
11.26.2
Boot Time Failure Occurs With SecurityServiceException....................................... 11-28
11.26.3
Authentication Failure After Upgrading a Domain From WLS 6.1 ........................ 11-28
11.26.4
InvalidParameterException Message Generated and Displayed ............................ 11-28
11.26.5
Enabling Both the Authentication and Passive Attributes In SML 2.0 Service Provider
Services Is an Invalid Configuration............................................................................ 11-28
11.26.6
Running the WebLogic Full Client in a Non-Forked VM......................................... 11-29
11.27 SNMP Issues and Workarounds.......................................................................................... 11-29
11.28 Spring Framework on WebLogic Server Issues and Workarounds ............................... 11-29
11.13.3
xiv
11.28.1
OpenJPA ClassFileTranformer Does Not Work When Running on JRockit ......... 11-29
11.28.2
petclinic.ear Does Not Deploy on WebLogic Server ................................................. 11-30
11.29 System Component Architecture (SCA) Issues and Workarounds................................ 11-30
11.30 Upgrade Issues and Workarounds...................................................................................... 11-30
11.30.1
Domains Created on WebLogic Server 10.3.1 Cannot Be Run on WebLogic
Server 10.3 ........................................................................................................................ 11-30
11.31 Web Applications Issues and Workarounds ..................................................................... 11-30
11.31.1
Administration Console Fails to Implement session-timeout Changes ................. 11-30
11.31.2
Connection Pool Connection Reserve Timeout Seconds Value is Overridden ..... 11-30
11.31.3
Database Connections Become Unstable When a PoolLimitSQLException
Occurs ............................................................................................................................... 11-31
11.31.4
Web Page Fails to Open When Accessing It Using the SSL Port ............................. 11-31
11.31.5
Unable to View the Output of SVG files in Internet Explorer 7............................... 11-31
11.32 WebLogic Server Scripting Tool (WLST) Issues and Workarounds .............................. 11-32
11.32.1
Property Names Containing '.' Characters Are Not Supported by
loadProperties.................................................................................................................. 11-32
11.32.2
Invalid cachedir Created by Jython Causes WLST to Error Out ............................. 11-33
11.32.3
WLST returnType='a' Option Returns Child Management Objects ....................... 11-33
11.33 Web Server Plug-Ins Issues and Workarounds ................................................................. 11-33
11.33.1
MOD_WLS_OHS Does Not Fail Over ......................................................................... 11-33
11.34 Web Services and XML Issues and Workarounds ............................................................ 11-34
11.34.1
weblogic.wsee.jaxws.mdb.DispatchPolicy WorkManager Cannot Be Found....... 11-35
11.34.2
Multiple Resize Buffer Calls Occur .............................................................................. 11-35
11.34.3
Troubleshooting Problems When Applying the WebLogic Advanced Web Services for
JAX-WS Extension Template......................................................................................... 11-36
11.34.4
Sparse Arrays and Partially Transmitted Arrays Are Not Supported.................... 11-36
11.34.5
WSDL Compiler Does Not Generate Serializable Data Types................................. 11-36
11.34.6
Use of Custom Exception on a Callback...................................................................... 11-36
11.34.7
Cannot Use JMS Transport in an Environment That Also Uses a Proxy Server ... 11-36
11.34.8
clientgen Fails When Processing a WSDL................................................................... 11-36
11.34.9
JAX RPC Handlers in Callback Web Services Are Not Supported ......................... 11-36
11.34.10
Message-level Security in Callback Web Services Is Not Supported...................... 11-37
11.34.11
Handling of Java Method Arguments or Return Parameters That Are JAX-RPC-style
JavaBeans ......................................................................................................................... 11-37
11.34.12
IllegalArgumentException When Using a Two-Dimensional XML Object in a JWS
Callback............................................................................................................................ 11-37
11.34.13
Using SoapElement[] Results in Empty Array ........................................................... 11-37
11.34.14
FileNotFound Exception When a Web Service Invokes Another Web Service..... 11-38
11.34.15
Client Side Fails to Validate the Signature on the Server Response Message ....... 11-38
11.34.16
xmlcatalog Element Entity Cannot Be a Remote File or a File in an Archive ........ 11-40
11.34.17
Catalog File's public Element Is Not Supported When Using XML Catalogs....... 11-40
11.34.18
Local xmlcatalog Element Does Not Work Well........................................................ 11-40
11.34.19
JAXRPC Client Does Not Encode the HTTP SOAPAction Header With Multi-byte
Characters ........................................................................................................................ 11-40
11.34.20
External Catalog File Cannot Be Used in the xmlcatalog Element of clientgen .... 11-40
11.34.21
Exceptions When Running Reliable Messaging Under Heavy Load...................... 11-41
11.34.22
ClassNotFound Exception Occurs When Using wseeclient.jar ............................... 11-42
xv
Incomplete Configuration When Adding Advanced Web Services Component to SOA
Domain ............................................................................................................................. 11-42
11.34.24
Exception Occurs During Invocation of Clientside Policy Applied to a Service .. 11-43
11.34.25
WS-AT Interoperation Issues With WebSphere and WebLogic Server.................. 11-43
11.34.26
First Response From an SCA Application Takes a Long Time ................................ 11-43
11.34.27
WsrmClient.getMostRecentMessageNumber() Always Returns Zero................... 11-43
11.34.28
WsrmClient.reset() Fails to Reset All Necessary States............................................. 11-44
11.35 WebLogic Tuxedo Connector Issues and Workarounds ................................................. 11-44
11.35.1
View Classes are not Set on a Per Connection Basis.................................................. 11-44
11.36 Documentation Errata ........................................................................................................... 11-44
11.36.1
Coherence Option Is Not Supported ........................................................................... 11-44
11.36.2
Japanese Text Displays in Some Search Results Topics Avitek Medical Records. 11-44
11.36.3
HTML Pages For Downloaded Libraries Do Not Display Properly....................... 11-45
11.36.4
Evaluation Database Component Is Not Listed For silent.xml................................ 11-45
11.36.5
Online Documentation URL Displays Earlier Version ............................................. 11-45
11.34.23
Part V Oracle WebCenter
12 Oracle WebCenter
12.1
General Issues and Workarounds ......................................................................................... 12-1
12.1.1
Using Oracle WebLogic Communications Server ....................................................... 12-2
12.1.2
Using Jive Forums Documentation ................................................................................ 12-2
12.1.3
Troubleshooting Service Provisioning Issues............................................................... 12-2
12.1.4
Application Role Names Cannot Include Thai Characters......................................... 12-3
12.1.5
Pagelet Producer Failover Support ................................................................................ 12-3
12.1.6
Configuring a Client Security Policy for Oracle Content Server Connections ........ 12-3
12.1.7
Importing Space Templates with Public Access .......................................................... 12-4
12.1.8
Option to Create a Portal Resource Displayed for Design-Time Task Flows .......... 12-4
12.1.9
Connections Network Task Flow on System Pages Not Supported ......................... 12-4
12.1.10
Cannot Log In to WebCenter Spaces if Oracle BPM is Down.................................... 12-4
12.1.11
SQL Query with NCHAR Data Type Throws Exception ........................................... 12-4
12.1.12
Modifying Default Resource Strings for Language Support...................................... 12-4
12.1.13
Setting Up WNA-Based SSO Using JDK 1.6.22 Produces an Error........................... 12-5
12.1.14
Cannot Navigate to the Current Page Using Out-of-the-Box Navigation Task Flows in
WebCenter Portal Applications ...................................................................................... 12-5
12.1.15
Login Outcome Fails to Navigate to Privileged Pages................................................ 12-5
12.1.16
Space Language Does Not Take Effect .......................................................................... 12-7
12.1.17
Performing Security-Related Operations on Business Role Pages ............................ 12-7
12.1.18
Unable to Access SSL-Protected WebCenter Endpoints ............................................. 12-8
12.1.19
Unable to Export Content to Excel by using a Custom ADF Taskflow .................... 12-8
12.1.20
Errors for Activity Graph Queries When the Activity Graph Engines are
Running .............................................................................................................................. 12-8
12.1.21
Page Not Found Error When Clicking Back to Portal Link........................................ 12-8
12.1.22
Turning Off Automatic Event Listening in WebCenter Spaces ................................. 12-8
12.1.23
Cannot Add Certain Task Flows on a Space Page with the Default Page Template
Catalog................................................................................................................................ 12-9
12.1.24
Search Limitations with Special Characters.................................................................. 12-9
xvi
12.1.25
12.1.26
12.1.27
12.1.28
Configuring the REST Server Post-Installation ..........................................................
Resources in WebCenter Portal Application Disappear after Redeployment of
Application ......................................................................................................................
Configuring a Proxy Server for External Links in Activity Stream ........................
Installing Oracle SES 11.1.2.2 ........................................................................................
12-10
12-10
12-11
12-11
Part VI Oracle SOA Suite and Business Process Management Suite
13 Oracle SOA Suite, Oracle BPM Suite, and Common Functionality
14 Web Services Security and Administration
14.1
14.2
14.3
14.4
14.5
14.6
14.7
14.8
14.9
14.10
14.11
14.12
14.13
14.14
14.15
14.16
14.17
14.18
14.19
14.20
14.21
14.22
Part VII
Using Multibyte User Credentials with wss_http_token_* Policy ................................... 14-2
Importing Custom Policies Before Attaching and Deploying to a Service Application 14-2
Performing a Bulk Upload of Policies................................................................................... 14-2
Reviewing Policy Configuration Override Values After Detaching a Client Policy ..... 14-2
Removing Post-deployment Customizations ...................................................................... 14-2
Reviewing Localization Limitations ..................................................................................... 14-3
When Using WLST to Import a Security Policy, the Same Policy May Be Repeatedly
Imported.................................................................................................................................... 14-3
Identity in WSDLs Is Not Used for Enforcement with ADF DC Applications............... 14-3
JVM limitation for Kerberos Token Policy with Message Protection Policy................... 14-3
Fusion Middleware Control Does Not List Policies When Two Servers Are SSL Enabled
(Two-way SSL) ......................................................................................................................... 14-4
Web Service Test Page Cannot Test Input Arguments Bound to SOAP Headers.......... 14-4
Possible Build Label Version and Date Discrepancy On the Policy Validation Page.... 14-4
When Adding SAML Issuer From Fusion Middleware Control the jps-config.xml File Is
Incorrectly Updated................................................................................................................. 14-4
Patching of Patch Set 1 WebLogic Server Web Services Attached to Custom Polices With
Patch Set 3 Oracle WSM Policy Manager ............................................................................. 14-4
Custom Policy Fails When an Empty Subject Is Passed..................................................... 14-5
Possible Limitation When Using Custom Exactly-one Policies ........................................ 14-5
Ignore "Services Compatibility" Error for Security Policies Used Between Oracle WSM and
WebLogic Server ...................................................................................................................... 14-5
Compatible Policies Not Returned When Using JDeveloper Wizard to Attach Oracle WSM
Policies to Web Service Client ................................................................................................ 14-6
SAML Bearer Token Policies Now Signed by Default ....................................................... 14-6
Policyset Containing Invalid PolicyRef Causes Application to Fail ................................ 14-7
Security Policies do not Work on Subscriber Mediator Component................................ 14-7
Policy Table Might not Show Attached Policies For Some Locales.................................. 14-7
Communication Services
15 Oracle User Messaging Service
15.1
General Issues and Workarounds .........................................................................................
15.1.1
UMS Schema Purge Script Now Available...................................................................
15.1.2
Permission Grants for Upgraded Domains ..................................................................
15.1.3
XML File Handle Left Open after Upload Fails ...........................................................
15-1
15-1
15-1
15-2
xvii
15.1.4
15.1.5
15.1.6
15.2
15.2.1
15.2.2
15.2.3
15.2.4
15.2.5
15.2.6
15.2.7
15.2.8
Messages Metrics Rendered as Unavailable in the Performance Page for User
Messaging Server..............................................................................................................
User Messaging Service URLs Unavailable After Restart ..........................................
User Preferences User Interface Renders Improperly .................................................
Configuration Issues and Workarounds ..............................................................................
Enable Extension Driver after Upgrade ........................................................................
Preseeded Channel for Worklist and Pop-up Drivers Cannot be Removed ...........
Worklist Driver Configuration .......................................................................................
Configure Email Alerts ....................................................................................................
Migrate Custom Business Terms After PS3 Patch .......................................................
Use Correct SSL Trust Store When Configuring Drivers............................................
User Messaging Service Driver Configuration Changes Not Immediately
Effective ..............................................................................................................................
Email Notifications Sent Even if You Do Not Change Default Parameters in
driverconfig.xml................................................................................................................
15-2
15-2
15-2
15-3
15-3
15-4
15-4
15-4
15-4
15-5
15-5
15-5
16 Oracle WebLogic Communication Services
16.1
General Issues and Workarounds .........................................................................................
16.1.1
Active SIP Session and APP Session Count Show as -1 in Clustered
Configuration ....................................................................................................................
16.1.2
Oracle WebLogic Server Pack/Unpack Tool Does Not Function in OWLCS .........
16.1.3
Oracle WebLogic Server Cloning Tool Does Not Function in OWLCS....................
16.1.4
Messages Metrics Rendered as Unavailable in the Performance Page for User
Messaging Server ..............................................................................................................
16.2
Configuration Issues and Workarounds ..............................................................................
16.2.1
Launch_sash Option Error ..............................................................................................
16.2.2
Same User Who Installed WLS/WLSS Product Must Perform Uninstall ...............
16.2.3
Uppercase Usernames Cause Reregistration and Presence Subscription Failures .
16.2.4
Running the uninstall.sh Script in Text Mode Does Not Uninstall the Product .....
16.2.5
SIP Monitor in F5 Networks BigIP Does Not Work in UDP Mode...........................
16.2.6
SIP Container Does Not Bind to IPV6 Interfaces for Listening on Windows ..........
16.2.7
JAWS Unable to Read Some Install Screens .................................................................
16.2.8
Configure VoiceXML Driver Receive URLs Correctly................................................
16.3
Documentation Errata .............................................................................................................
16.3.1
Create a Basic SIP Domain ..............................................................................................
16.3.2
Create a Custom AUID with OCP (Presence) ..............................................................
16.3.3
Cannot Create a SIP Server Domain Using Default WebLogic Platform
Components.......................................................................................................................
16.3.4
Broken Documentation Links in Some (SIP Server) Translated Files .......................
16.3.5
Missing (SIP Server) Online Help Regarding Security Providers .............................
16-1
16-1
16-1
16-1
16-2
16-2
16-2
16-2
16-2
16-3
16-3
16-3
16-3
16-4
16-4
16-4
16-4
16-5
16-5
16-5
Part VIII Oracle Identity Management
17 Oracle Access Manager
17.1
Patch Requirements ................................................................................................................. 17-1
17.1.1
Plain Text Credentials Exposed in Diagnostic Logs when Creating an Identity
Store .................................................................................................................................... 17-1
xviii
17.2
General Issues and Workarounds ......................................................................................... 17-2
17.2.1
Replacing oamreg Scripts with Remote Registration Home ...................................... 17-3
17.2.2
Incorrect SSO Agent Date/Time Shown to User ......................................................... 17-4
17.2.3
The oamreg.sh File Missing Execute Permission After Configuring ........................ 17-4
17.2.4
Initial Messages After Webgate Registration Are Not Shown in the User's
Locale ................................................................................................................................. 17-4
17.2.5
Error While Browsing Resources Table in the Resource Type Tab ........................... 17-4
17.2.6
Single-Click to Open Child Node is Not Supported in the Navigation Tree .......... 17-4
17.2.7
User Credential for Registration Tool Does Not Support Non-ASCII Characters on
Native Server Locale ........................................................................................................ 17-4
17.2.8
Turkish and Greek Character Issues on Oracle Access Manager Authentication
Page ................................................................................................................................... 17-5
17.2.9
Oracle Access Manager Authentication Does Not Support Non-ASCII Passwords on
Locales Other than UTF8 ................................................................................................. 17-5
17.2.10
Error Message of Create Agent Shows as Server Locale ............................................ 17-5
17.2.11
Referrals in LDAP Searches............................................................................................. 17-5
17.2.12
Diagnostic Information Is Not Being Displayed on the Administration Console .. 17-5
17.2.13
Non-ASCII Resources Require OHS To Restart To Make Protection Take Effect... 17-5
17.2.14
Non-ASCII Characters on Success/Failure URL Results in Garbled Redirect URL 17-6
17.2.15
Resource with Non-ASCII Characters Cannot Be Protected by an OSSO Agent.... 17-6
17.2.16
Error in Administration Server Log from Console Logins ......................................... 17-6
17.2.17
Translation Packages Use the Term, Agents, Instead of WebGates............................. 17-6
17.2.18
Application Domain Subtree in the Navigation Tree Is Not Rendered and Does Not
Respond to User Actions ................................................................................................. 17-6
17.2.19
Error in the "Evaluate Single Sign-On Requirements" Help Topic ........................... 17-6
17.2.20
editWebgateAgent Command Does Not Give An Error If Invalid Value is
Entered................................................................................................................................ 17-7
17.2.21
WLST Command displayWebgate11gAgent In Offline Mode Displays the Webgate
Agent Entry Twice............................................................................................................ 17-7
17.2.22
Message Logged at Error Level Instead of at INFO When Servers in Cluster Start 17-7
17.2.23
Help Is Not Available for WLST Command registeroifdappartner ......................... 17-7
17.2.24
User Must Click Continue to Advance in Authentication Flow................................ 17-8
17.2.25
After Remote Registration: Click Refresh Domain Twice to Display Changes....... 17-8
17.2.26
OCSP-Related Fields are Not Mandatory ..................................................................... 17-8
17.2.27
Database Node is Absent in the Console ...................................................................... 17-8
17.2.28
Online Help Provided Might Not Be Up To Date........................................................ 17-9
17.2.29
Agent Key Password Should Be Mandatory for Both the Console and Remote
Registration Tool in Cert Mode ...................................................................................... 17-9
17.2.30
Oracle Access Manager Audit Report AUTHENTICATIONFROMIPBYUSER Throws a
FROM Keyword Not Found Where Expected Error ................................................... 17-9
17.2.31
Disabled: Custom Resource Types Cannot be Created............................................... 17-9
17.2.32
Oracle Access Manager IAMSuiteAgent Provides SSO to Most IDM
domain consoles................................................................................................................ 17-9
17.2.33
Use of a Non-ASCII Name for a Webgate Might Impact SSO Redirection Flows 17-10
17.2.34
Authentication Module Lists Non-Primary Identity Stores ..................................... 17-10
17.2.35
Unable to Stop and Start OAM Server Through Identity and Access Node in Fusion
Middleware Control ...................................................................................................... 17-10
17.2.36
ADF Applications Using ADF Security Fail to Work in Oracle Access
xix
Manager 11g .................................................................................................................... 17-10
17.2.37
Changing UserIdentityStore1 Type Can Lock Out Administrators........................ 17-10
17.2.38
Page Layouts and Locales ............................................................................................. 17-11
17.2.39
Some Pages Are Not Correctly Localized ................................................................... 17-11
17.2.40
Non-ASCII Query String Issues with Internet Explorer v 7, 8, 9............................. 17-11
17.2.41
Oracle Virtual Directory with SSL Enabled ................................................................ 17-11
17.2.42
Query String Not Properly Encoded ........................................................................... 17-11
17.3
Configuration Issues and Workarounds ............................................................................ 17-12
17.3.1
For mod-osso Value for RedirectMethod Should be "POST" ................................... 17-12
17.3.2
User Wrongly Directed to the Self-User Login after Logging Out of the Oracle Identity
Manager Administration Console................................................................................ 17-13
17.3.3
11g Webgate Fails to Install with Compact Configuration....................................... 17-13
17.3.4
Auditing Does Not Capture the Information Related to Authentication Failures if a
Resource is Protected Using Basic Authentication Scheme...................................... 17-15
17.3.5
Incompatible Msvcirt.dll Files ...................................................................................... 17-15
17.3.6
IPv6 Support.................................................................................................................... 17-16
17.3.7
What to Avoid or Note in Oracle Access Manager Configuration.......................... 17-16
17.3.7.1
Unsupported Operations for WLST Scripts ........................................................ 17-16
17.3.7.2
Unsupported Operations for Oracle Access Manager Console and WLST .... 17-16
17.3.8
Install Guides Do Not Include Centralized Logout Configuration Steps .............. 17-19
17.3.9
NULL Pointer Exception Shown in Administration Server Console During
Upgrade........................................................................................................................... 17-19
17.3.10
Using Access SDK Version 10.1.4.3.0 with Oracle Access Manager 11g Servers .. 17-19
17.3.11
Finding and Deleting Sessions Using the Console .................................................... 17-19
17.3.12
Non-ASCII Users with Resource Protected by Kerberos Authentication Scheme 17-20
17.4
Oracle Security Token Service Issues and Workarounds ................................................ 17-20
17.4.1
No Warnings Given If Required Details are Omitted ............................................... 17-20
17.4.2
New Requester Pages, Internet Explorer v7, and Japanese Locale ......................... 17-20
17.4.3
Delete Button Not Disabled When Tables Have No Rows....................................... 17-21
17.4.4
Copying an Issuance Template Does Not Copy All Child Elements...................... 17-21
17.4.5
Apply and Revert Buttons are Enabled....................................................................... 17-21
17.4.6
Only Generic Fault Errors Written to Oracle WSM Agent Logs.............................. 17-21
17.4.7
Server and Client Key Tab Files Must be the Same Version .................................... 17-22
17.4.8
Default Partner Profile Required for WS-Security..................................................... 17-22
17.4.9
SAML Token Issued When NameID is Not Found ................................................... 17-22
17.5
Integration and Inter-operability Issues and Workarounds............................................ 17-22
17.5.1
WNA Authentication Does Not Function on Windows 2008 .................................. 17-23
17.5.2
JVM Plug-in Ignores Cookies Marked 'httponly' ...................................................... 17-23
17.6
Oracle Access Manager with Impersonation Workarounds ........................................... 17-23
17.6.1
Impersonation Can Fail on Internet Explorer v 7, 8, 9 .............................................. 17-23
17.6.2
With Oracle Access Manager 11g ORA_FUSION_PREFS Cookie Domain is
Three Dots ........................................................................................................................ 17-23
17.7
Documentation Errata ........................................................................................................... 17-24
17.7.1
Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with
Oracle Security Token Service ...................................................................................... 17-24
17.7.2
Oracle Fusion Middleware Developer's Guide for Oracle Access Manager and Oracle
Security Token Service ................................................................................................... 17-24
17.7.3
Oracle Fusion Middleware Integration Guide for Oracle Access Manager........... 17-25
xx
18 Oracle Adaptive Access Manager
18.1
General User Interface.............................................................................................................
18.1.1
A Few Conditions in the Base Snapshot Are Not Translated ....................................
18.1.2
Alert Trigger Sources Are Not Being Displayed in Session Details Page ................
18.2
Scheduler...................................................................................................................................
18.2.1
Job Queue Does Not Display Next Recurrence For Canceled Jobs ...........................
18.2.2
Pause and Cancel Job Status Is Not Displayed in the Job Instance Tab ...................
18.2.3
Job Queue Process Start and End Time Does Not Follow the Browser Language
Setting .................................................................................................................................
18.2.4
Changing the Schedule Parameters Does Not Affect Next Recurrence ...................
18.2.5
When Searching for an Online Job a Warning Might Appear in the Log ...............
18.2.6
When the Create Job Dialog is Clicked an Error Might Display ...............................
18.2.7
Errors Are Seen When Creating a New Job ..................................................................
18.3
Policy Management .................................................................................................................
18.3.1
Some Attributes of Returned Rules Result Not Set ....................................................
18.3.2
Search with Rule Notes Keyword is Not Working Properly .....................................
18.3.3
Database Error Occurs When Deleting an Action or Alert Group in a Policy
Override ............................................................................................................................
18.3.4
Exclude IP List Parameter Was Added to the User and Device Velocity Rule
Conditions..........................................................................................................................
18.4
Transactions ..............................................................................................................................
18.4.1
NullPointerException Occurs for UpdateTransaction and createTransaction APIs
When Transaction is Null ...............................................................................................
18.5
OTP ............................................................................................................................................
18.5.1
java.lang.NullPointerException Occurs When GETOTPCODE Returns Error
Response..............................................................................................................................
18.6
Proxy ..........................................................................................................................................
18.6.1
UIO ISA Proxy: Certain Filters Are Note Evaluating the Variable in Value ...........
18.6.2
UIO ISA Proxy: the Send-to-Server in Response Interceptor Fails Without Error
Message .............................................................................................................................
18.6.3
Warnings are Displayed in Memcached Environment During User Login ............
18.7
Integration.................................................................................................................................
18.7.1
NameValueProfile APIs Return Empty Values ...........................................................
18.8
Reports.......................................................................................................................................
18.8.1
OAAM BI Publisher Reports Are Not Working in BI Publisher 11g ........................
18.8.2
Session Details Checkpoint Panel Order Sometimes Randomized...........................
18.8.3
Alert Message Link in Session Details Page Does Not Open the Alert Details.......
18.9
Export ........................................................................................................................................
18.9.1
Export Session Is Not Exporting All Records ...............................................................
18.10 Globalization.............................................................................................................................
18.10.1
Localization Limitations ..................................................................................................
18.10.2
Policy, Rule, and Action in the OAAM Dashboard Do Not Pick Up110N Value ...
18.10.3
NLS: Descriptions in Non-ASCII Characters Fails to Save Maximum Length .......
18.10.4
XMLDOMException Occurs When Saving Searches .................................................
18.10.5
Date Format May Not Follow the Browser Language Setting in User Details .......
18.10.6
Sort for NLS String Might Not Work Properly for Out-of-the-Box Objects.............
18.10.7
A Few Objects from the OAAM_BASE_SNAPSHOT.ZIP Appear in English Only
18-1
18-1
18-2
18-2
18-2
18-2
18-2
18-3
18-3
18-3
18-3
18-3
18-3
18-3
18-4
18-4
18-4
18-4
18-4
18-4
18-4
18-5
18-5
18-5
18-5
18-5
18-5
18-5
18-6
18-6
18-6
18-6
18-6
18-6
18-6
18-7
18-7
18-7
18-7
18-7
xxi
18.11 Configuration Issues and Workarounds ..............................................................................
18.11.1
Specifying Timeout Session Option in WebLogic Does Not Work for OAAM.......
18.12 Documentation Errata .............................................................................................................
18.12.1
Incorrect File Location for sample.bharosa_location.properties................................
18.12.2
A Separate Step to Import KBA Questions Is Redundant in OAAM Setup ............
18.12.3
Rules Logging Property Setting for OAAM Offline Is Not Correct ..........................
18-7
18-8
18-8
18-9
18-9
18-9
19 Oracle Authentication Services for Operating Systems
19.1
19.2
What is New with Oracle Authentication Services for Operating Systems 11.1.1.3 ? ... 19-1
General Issues and Workarounds ......................................................................................... 19-1
20 Oracle Directory Integration Platform
20.1
General Issues and Workarounds ......................................................................................... 20-1
20.1.1
LDIF Files That Contain Non-ASCII Characters Will Cause the testProfile
Command Option to Fail if the LDIF File has Native Encoding ............................... 20-1
20.1.2
Some Changes May Not Get Synchronized Due to Race Condition in Heavily-Loaded
Source Directory ............................................................................................................... 20-2
20.1.3
Synchronization Continues After Stopping Oracle Directory Integration
Platform .............................................................................................................................. 20-2
20.2
Configuration Issues and Workarounds .............................................................................. 20-2
20.2.1
Do Not Use localhost as Oracle Internet Directory Hostname When Configuring
Oracle Directory Integration Platform........................................................................... 20-2
20.3
Documentation Errata ............................................................................................................. 20-2
21 Oracle Entitlements Server
21.1
General Issues and Workarounds .........................................................................................
21.1.1
Using Backslash on Oracle Internet Directory Policy Store .......................................
21.1.2
Performance Tuning the Oracle Database Policy Store ..............................................
21.1.3
Action Bar Disappears When Using Internet Explorer 7 ............................................
21.1.4
Re-created Application May Not Be Distributed in Controlled Mode .....................
21.1.5
Enterprise Manager Doesn't Pick Up Newly Added Audit Events ..........................
21.1.6
Attributes Passed to Authorization Request Are Treated as Case Sensitive ...........
21.1.7
Audit Schema Definitions are Incomplete ....................................................................
21.1.8
Java Security Module on IPv6 Client Not Supported on Windows..........................
21.1.9
Validating Attribute Names in Custom Functions ......................................................
21.2
Configuration Issues and Workarounds ..............................................................................
21.3
Documentation Errata .............................................................................................................
22
Oracle Identity Federation
22.1
General Issues and Workarounds .........................................................................................
22.1.1
Database Table for Authentication Engine must be in Base64 Format.....................
22.1.2
Considerations for Oracle Identity Federation HA in SSL mode ..............................
22.1.3
Database Column Too Short error for IDPPROVIDEDNAMEIDVALUE ...............
22.2
Configuration Issues and Workarounds ..............................................................................
22.2.1
WLST Environment Setup when SOA and OIF are in Same Domain ......................
22.2.2
Oracle Virtual Directory Requires LSA Adapter .........................................................
xxii
21-1
21-1
21-1
21-3
21-3
21-3
21-4
21-4
21-4
21-4
21-5
21-5
22-1
22-1
22-1
22-2
22-2
22-2
22-3
22.2.3
22.2.4
22.2.5
22.2.6
22.2.7
22.3
22.3.1
22.3.2
22.3.3
22.3.4
22.3.5
22.3.6
22.3.7
22.3.8
22.3.9
Settings for Remote WS-Fed SP Must be Changed Dynamically ..............................
Required Property when Creating a WS-Fed Trusted Service Provider ..................
Federated Identities Table not Refreshed After Record Deletion..............................
Default Authentication Scheme is not Saved ...............................................................
Configuring 10g to Work with 11g Oracle Identity Federation using Artifact
Profile..................................................................................................................................
Documentation Errata .............................................................................................................
Different Passwords for Keystore and Private Key not Supported ..........................
Documentation Erratum for Deploying Oracle Identity Federation ........................
Documentation Erratum for Configuring Security and Trust ...................................
Additional Steps for SSL Configuration........................................................................
ParseException Message in Diagnostic Log..................................................................
Forcing Re-authentication when Integrated with Oracle Access Manager..............
Supported Version of Oracle Access Manager 10g......................................................
Additional Steps for OpenID Configuration ................................................................
Documentation Erratum for Oracle Identity Federation MBeans .............................
22-3
22-3
22-3
22-4
22-4
22-5
22-5
22-5
22-6
22-6
22-7
22-8
22-8
22-8
22-9
23 Oracle Identity Manager
23.1
Patch Requirements ................................................................................................................. 23-1
23.1.1
Obtaining Patches From My Oracle Support (Formerly OracleMetaLink).............. 23-1
23.1.2
Patch Requirements for Oracle Database 11g (11.1.0.7) .............................................. 23-1
23.1.3
Patch Requirements for Oracle Database 11g (11.2.0.2.0) ........................................... 23-2
23.1.4
Patch Requirements for Segregation of Duties (SoD).................................................. 23-3
23.1.5
Patch Upgrade Requirement........................................................................................... 23-3
23.2
General Issues and Workarounds ......................................................................................... 23-3
23.2.1
Do Not Use Platform Archival Utility ........................................................................... 23-7
23.2.2
SPML-DSML Service is Unsupported ........................................................................... 23-7
23.2.3
Resource Object Names Longer than 100 Characters Cause Import Failure ........... 23-7
23.2.4
Status of Users Created Through the Create and Modify User APIs........................ 23-7
23.2.5
Status of Locked Users in Oracle Access Manager Integrations................................ 23-8
23.2.6
Generating an Audit Snapshot after Bulk-Loading Users or Accounts ................... 23-8
23.2.7
Browser Timezone Not Displayed ................................................................................. 23-8
23.2.8
Date Format Change in the SoD Timestamp Field Not Supported........................... 23-8
23.2.9
Bulk Loading CSV Files with UTF-8 BOM Encoding Not Supported ...................... 23-9
23.2.10
Date Type Attributes are Not Supported for the Default Scheduler Job, "Job History
Archival" ............................................................................................................................ 23-9
23.2.11
Low File Limits Prevent Adapters from Compiling.................................................... 23-9
23.2.12
Reconciliation Engine Requires Matching Rules ......................................................... 23-9
23.2.13
SPML Requests Do Not Report When Any Date is Specified in Wrong Format .... 23-9
23.2.14
Logs Populated with SoD Exceptions When the SoD Message Fails and Gets Stuck in
the Queue ......................................................................................................................... 23-10
23.2.15
A Backslash (\) Cannot Be Used in a weblogic.properties File ............................... 23-10
23.2.16
Underscore Character Cannot Be Used When Searching for Resources ................ 23-11
23.2.17
Assign to Administrator Action Rule is Not Supported by Reconciliation ........... 23-11
23.2.18
Some Buttons on Attestation Screens Do Not Work in Mozilla Firefox ................. 23-11
23.2.19
The maxloginattempts System Property Causes Autologin to Fail When User Tries to
Unlock .............................................................................................................................. 23-11
xxiii
23.2.20
23.2.21
23.2.22
23.2.23
23.2.24
23.2.25
23.2.26
23.2.27
23.2.28
23.2.29
23.2.30
23.2.31
23.2.32
23.2.33
23.2.34
23.2.35
23.2.36
23.2.37
23.2.38
23.2.39
23.2.40
23.2.41
23.2.42
23.2.43
23.2.44
23.2.45
23.2.46
23.2.47
23.2.48
23.2.49
23.2.50
23.2.51
23.2.52
23.2.53
23.2.54
xxiv
"<User not found>" Error Message Appears in AdminServer Console While
Setting-Up an Oracle Identity Manager-Oracle Access Manager Integration ....... 23-11
Do Not Use Single Quote Character in Reconciliation Matching Rule................... 23-12
Do Not Use Special Characters When Reconciling Roles from LDAP .................. 23-12
SoD Check During Request Provisioning Fails While Using SAML Token Client Policy
When Default SoD Composite is Used........................................................................ 23-12
SoD Check Fails While Using Client-Side Policy in Callback Invocation During
Request Provisioning ..................................................................................................... 23-12
Error May Appear During Provisioning when Generic Technology Connector
Framework Uses SPML.................................................................................................. 23-13
Cannot Click Buttons in TransUI When Using Mozilla Firefox .............................. 23-13
LDAP Handler May Cause Invalid Exception While Creating, Deleting, or Modifying a
Role ................................................................................................................................... 23-13
Cannot Reset User Password Comprised of Non-ASCII Characters ...................... 23-13
Benign Exception and Error Message May Appear While Patching Authorization
Policies.............................................................................................................................. 23-14
The DateTime Pick in the Trans UI Does Not Work Correctly in the Thai Locale 23-14
User Without Access Policy Administrators Role Cannot View Data in Access Policy
Reports .............................................................................................................................. 23-14
Archival Utility Throws an Error for Empty Date..................................................... 23-14
TransUI Closes with Direct Provisioning of a Resource ........................................... 23-14
Scheduler Throws "ParameterValueTypeNotSupportedException" Instead of
"RequiredParameterNotSetException" ........................................................................ 23-15
All New User Attributes Are Not Supported for Attestation in Oracle Identity
Manager 11g .................................................................................................................... 23-15
LDAP GUID Mapping to Any Field of Trusted Resource Not Supported ............ 23-15
User Details for Design Console Access Field Must Be Mapped to Correct Values
When Reading Modify Request Results...................................................................... 23-15
Cannot Create a User Containing Asterisks if a Similar User Exists ...................... 23-15
Blank Status Column Displayed for Past Proxies ...................................................... 23-16
Mapping the Password Field in a Reconciliation Profile Prevents Users from Being
Created ............................................................................................................................. 23-16
UID Displayed as User Login in User Search Results ............................................... 23-16
Roles/Organizations Browse Trees Disappear .......................................................... 23-16
Entitlement Selection Is Not Optional for Data Gathering....................................... 23-16
Oracle Identity Manager Server Throws Generic Exception While Deploying a
Connector......................................................................................................................... 23-16
Create User API Allows Any Value for the "Users.Password Never Expires",
"Users.Password Cannot Change", and "Users.Password Must Change" Fields 23-16
Incorrect Label in JGraph Screen for the GTC ............................................................ 23-17
Running the Workflow Registration Utility Generates an Error............................. 23-17
Native Performance Pack is Not Enabled On Solaris 64-bit JVM Install................ 23-17
Error in the Create Generic Technology Connector Wizard .................................... 23-17
DSML Profile for the SPML Web Service is Not Deployed With Oracle Identity
Manager ........................................................................................................................... 23-17
New Human Tasks Must Be Copied in SOA Composites........................................ 23-18
Modify Provisioned Resource Request Does Not Support Service Account Flag 23-18
Erroneous "Query by Example" Icon in Identity Administration Console ............ 23-18
The XL.ForcePasswordChangeAtFirstLogin System Property Is No Longer
23.2.55
23.2.56
23.2.57
23.2.58
23.2.59
23.2.60
23.2.61
23.2.62
23.2.63
23.2.64
23.2.65
23.2.66
23.2.67
23.2.68
23.2.69
23.2.70
23.2.71
23.2.72
23.2.73
23.2.74
23.2.75
23.2.76
23.2.77
23.2.78
23.2.79
23.2.80
23.2.81
23.2.82
23.2.83
23.2.84
Used .................................................................................................................................. 23-18
The tcExportOperationsIntf.findObjects(type,name) API Does Not Accept the Asterisk
(*) Wilcard Character in Both Parameters ................................................................... 23-18
Disabled Links on the Access Policy Summary Page Opened in Mozilla FireFox 23-18
Benign Error is Generated on Editing the IT Resource Form in Advanced
Administration ................................................................................................................ 23-19
User Account is Not Locked in iPlanet Directory Server After it is Locked in Oracle
Identity Manager ............................................................................................................ 23-19
Oracle Identity Manager Does Not Support Autologin With JavaAgent .............. 23-19
Benign Error Logged on Opening Access Policies, Resources, or Attestation
Processes........................................................................................................................... 23-19
User Locked in Oracle Identity Manager But Not in LDAP..................................... 23-19
Reconciliation Profile Must Not Be Regenerated Via Design Console for Xellerate
Organization Resource Object ...................................................................................... 23-20
Benign Error Logged on Clicking Administration After Upgrade ......................... 23-20
Provisioning Fails Through Access Policy for Provisioned User ............................ 23-20
Benign Warning Messages Displayed During Oracle Identity Manager Managed
Server Startup.................................................................................................................. 23-21
Benign Message Displayed When Running the Deployment Manager ................. 23-21
Deployment Manager Export Fails When Started Using Microsoft Internet Explorer 7
With JRE Plugin 1.6_23 .................................................................................................. 23-21
User Creation Fails in Microsoft Active Directory When Value of Country Attribute
Exceeds Two Characters ................................................................................................ 23-21
Deployment Manager Import Fails if Scheduled Job Entries Are Present Prior To
Scheduled Task Entries in the XML File...................................................................... 23-21
Permission on Target User Required to Revoke Resource ....................................... 23-22
Reconciliation Event Fails for Trusted Source Reconciliation Because of Missing
Reconciliation Rule in Upgraded Version of Oracle Identity Manager.................. 23-22
XML Validation Error on Oracle Identity Manager Managed Server Startup ...... 23-22
Cannot View or Edit Adapter Mapping in the Data Object Manager Form of the
Design Console................................................................................................................ 23-23
Role Memberships for Assign or Revoke Operations Not Updated on Enabling or
Disabling Referential Integrity Plug-in ....................................................................... 23-23
Deployment Manager Import Fails if Data Level for Rules is Set to 1.................... 23-23
Reconciliation Data Displays Attributes That Are Not Modified ........................... 23-23
Benign Errors Displayed on Starting the Scheduler Service When There are Scheduled
Jobs to be Recovered....................................................................................................... 23-24
Trusted Source GTC Reconciliation Mapping Cannot Display Complete Attribute
Names............................................................................................................................... 23-24
Benign Error Logged for Database Connectivity Test............................................... 23-25
MDS Validation Error When Importing GTC Provider Through the Deployment
Manager ........................................................................................................................... 23-25
Encrypted User-Defined Field (UDF) Cannot be Stored with Size of 4000 Characters or
More.................................................................................................................................. 23-29
Request Approval Fails With Callback Service Failure ............................................ 23-30
Localized Display Name is Not Reconciled Via User/Role Incremental Reconciliation
with iPlanet Directory Server........................................................................................ 23-30
LDAP Role Hierarchy and Role Membership Reconciliation With Non-ASCII
Characters Does Not Reconcile Changes in Oracle Identity Manager ................... 23-31
xxv
Import of Objects Fails When All Objects Are Selected for Export ......................... 23-31
Benign Audit Errors Logged After Upgrade .............................................................. 23-31
Connector Upgrade Fails if Existing Data is Bigger in Size Than New Column
Length ............................................................................................................................... 23-31
23.2.88
Connector Artifacts Count Increases in the Deployment Manager When File is Not
Imported ........................................................................................................................... 23-32
23.2.89
Uploading JAR Files By Using the Upload JAR Utility Fails ................................... 23-32
23.2.90
Oracle Identity Manager Data and MT Upgrade Fails Because Change of Database
User Password................................................................................................................. 23-32
23.2.91
Reverting Unsaved UDFs Are Not Supported in the Administration Details Page for
Roles and Organizations................................................................................................ 23-33
23.2.92
Resources Provisioned to User Without Checking Changes in User Status After
Request is Submitted...................................................................................................... 23-33
23.2.93
Config.sh Command Fails When JRockit is Installed With Data Samples and
Source................................................................................................................................ 23-33
23.2.94
Unexpected Memory Usage in Oracle Identity Manager 11g Release 1(11.1.1) .... 23-33
23.2.95
Reports Link No Longer Exists in the Administrative and User Console ............. 23-33
23.2.96
Not Allowing to Delete a Role Whose Assigned User Members are Deleted ....... 23-34
23.2.97
Roles and Organizations Do Not Support String UDFs of Password Type........... 23-34
23.2.98
Manage Localizations Dialog Box Does Not Open After Modifying Roles........... 23-34
23.2.99
Not Allowing to Create User With Language-Specific Display Name Values...... 23-34
23.2.100
SoD Check Results Not Displayed for Requests Created by Users for the PeopleSoft
Resource ........................................................................................................................... 23-34
23.2.101
The XL.UnlockAfter System Property and the Automatically Unlock User Scheduled
Job Do Not Take Effect................................................................................................... 23-35
23.2.102
Resetting Password on Account Lockout Does Not Unlock User........................... 23-35
23.2.103
Incremental and Full Reconciliation Jobs Cannot Be Run Together ....................... 23-35
23.2.104
Incorrect Content in the ScheduleTask Jars Loaded and Third Party Jars Tables in the
MT Upgrade Report ....................................................................................................... 23-35
23.2.105
Scroll Bar Not Available on the Select Connector Objects to Be Upgraded Page of the
Connector Management - Upgrading Wizard............................................................ 23-36
23.3
Configuration Issues and Workarounds ............................................................................ 23-36
23.3.1
Configuring UDFs to be Searchable for Microsoft Active Directory Connectors . 23-36
23.3.2
Creating or Modifying Role Names When LDAP Synchronization is Enabled.... 23-37
23.3.3
ADF Issue Causes Oracle Identity Manager to Fail on the Sun JDK ...................... 23-37
23.3.4
Nexaweb Applet Does Not Load In an Oracle Identity Manager and Oracle Access
Manager Integrated Environment................................................................................ 23-37
23.3.5
Packing a Domain With managed=false Option........................................................ 23-39
23.3.6
Option Not Available to Specify if Design Console is SSL-Enabled ....................... 23-39
23.3.7
Nexaweb Applet Does Not Load in JDK 1.6.0_20...................................................... 23-39
23.3.8
Oracle Identity Manager and Design Console Must be Installed in Different Directory
Paths.................................................................................................................................. 23-40
23.4
Multi-Language Support Issues and Limitations.............................................................. 23-40
23.4.1
Multi-language Valued Attributes in SPML and Oracle Identity Manager Do Not
Match ................................................................................................................................ 23-41
23.4.2
Login Names with Some Special Characters May Fail to Register.......................... 23-41
23.4.3
The Create Role, Modify Role, and Delete Role Request Templates are Not Available
for Selection in the Request Templates List ................................................................ 23-41
23.4.4
Parameter Names and Values for Scheduled Jobs are Not Translated .................. 23-41
23.2.85
23.2.86
23.2.87
xxvi
Bidirectional Issues for Legacy User Interface ........................................................... 23-42
Localization of Role Names, Role Categories, and Role Descriptions Not
Supported......................................................................................................................... 23-42
23.4.7
Localization of Task Names in Provisioning Task Table Not Supported .............. 23-42
23.4.8
Localization of Search Results of Scheduled Tasks Not Supported........................ 23-42
23.4.9
Searching for User Login Names Containing Certain Turkish Characters Causes an
Error.................................................................................................................................. 23-42
23.4.10
Localization of Notification Template List Values for Available Data Not
Supported......................................................................................................................... 23-42
23.4.11
Searching for Entity Names Containing German "ß" (Beta) Character Fails in Some
Features ............................................................................................................................ 23-42
23.4.12
Special Asterisk (*) Character Not Supported ............................................................ 23-43
23.4.13
Translated Error Messages Are Not Displayed in UI................................................ 23-43
23.4.14
Reconciliation Table Data Strings are Hard-coded on Reconciliation Event
Detail Page ....................................................................................................................... 23-43
23.4.15
Translated Password Policy Strings May Exceed the Limit in the
Background Pane ........................................................................................................... 23-43
23.4.16
Date Format Validation Error in Bi-Directional Languages..................................... 23-43
23.4.17
Mistranslation on the Create Job page......................................................................... 23-43
23.4.18
E-mail Notification for Password Expiration Cannot Be Created With Arabic Language
Setting ............................................................................................................................... 23-44
23.4.19
Translated Justification is Not Displayed in Access Policy-Based Resource
Provisioning Request Detail.......................................................................................... 23-44
23.4.20
Additional Single Quotes Displayed in GTC Reconciliation Mapping Page for French
UI....................................................................................................................................... 23-44
23.4.21
Not Allowing to Enter Design Console Password When Server Locale is Set to Simple
Chinese, Traditional Chinese, Japanese, or Korean................................................... 23-44
23.4.22
Bidirectional Text Not Supported in Nexaweb Pages............................................... 23-45
23.4.23
Do Not Modify Oracle Identity Manager Predefined System Properties in Non-English
Locale................................................................................................................................ 23-45
23.4.24
Error Generated When Translated String for System Property Name Exceeds
Maximum Allowed Length in PTY_NAME Column................................................ 23-45
23.4.25
Password Notification is Not Sent if User Login Contains Special Characters..... 23-45
23.4.26
Reset Password Fails if User Login Contains Lowercase Special Characters........ 23-45
23.5
Documentation Errata ........................................................................................................... 23-45
23.4.5
23.4.6
24 Oracle Identity Navigator
24.1
General Issues and Workarounds .........................................................................................
24.1.1
Avoid Selecting Reset Page in Dashboard Edit Mode ................................................
24.1.2
How to Navigate Product Registration Using the Keyboard.....................................
24.1.3
How to Navigate Product Discovery When Using the Keyboard.............................
24.1.4
Color Contrast is Inadequate for Some Labels in Edit Mode.....................................
24.1.5
No Help Topic in Dashboard Edit Mode ......................................................................
24.1.6
Customization Problem in Internet Explorer 7 ...........................................................
24.1.7
Discovery Problem in Internet Explorer 7.....................................................................
24.1.8
How to Navigate BI Publisher Configuration When Using the Keyboard ..............
24.1.9
User Missing From Common Admin Role Search Results.........................................
24-1
24-1
24-1
24-2
24-2
24-2
24-2
24-2
24-2
24-2
xxvii
Unable to View Users After Log in Or Log In Fails In Oracle Identity Manager
Environment ......................................................................................................................
24.1.11
Horizontal Scroll-bar Missing in Discovery Wizard ...................................................
24.2
Configuration Issues and Workarounds ..............................................................................
24.2.1
No Oracle Icon is Visible in HTML Reports .................................................................
24.2.2
Problems with Administration Screen When Using JAWS Screen Reader..............
24.2.3
SSO-Protected Consoles Must Be Configured by Name and Domain .....................
24.3
Documentation Errata .............................................................................................................
24.3.1
IPv4/IPv6 Translation Issues..........................................................................................
24.1.10
24-3
24-3
24-3
24-4
24-4
24-4
24-4
24-4
25 Oracle Internet Directory
25.1
General Issues and Workarounds ......................................................................................... 25-1
25.1.1
ODSM Browser Window Becomes Unusable............................................................... 25-1
25.1.2
In ldapdelete Command -V Should Be The Last Parameter ...................................... 25-2
25.1.3
Bulkmodify Might Generate Errors ............................................................................... 25-2
25.1.4
Turkish Dotted I Character is Not Handled Correctly................................................ 25-2
25.1.5
OIDCMPREC Might Modify Operational Attributes.................................................. 25-2
25.1.6
OIDREALM Does Not Support Realm Removal ......................................................... 25-2
25.1.7
Apply Patch to Oracle Database 11.2.0.1.0 to Fix Purge Job Problem....................... 25-2
25.1.8
SQL of OPSS ldapsearch Might Take High %CPU...................................................... 25-2
25.1.9
If you Start the Replication Server by Using the Command Line, Stop it Using the
Command Line.................................................................................................................. 25-3
25.1.10
Users with Non-ASCII Names Might Encounter Problems when Using ODSM with
SSO ...................................................................................................................................... 25-3
25.2
Configuration Issues and Workarounds .............................................................................. 25-3
25.2.1
Re-Create Wallet After Moving Oracle Internet Directory from Test to
Production.......................................................................................................................... 25-3
25.2.2
oracleRoot.sh Fails with Syntax Error During Oracle Internet Directory
Configuration ................................................................................................................... 25-4
25.3
Documentation Errata ............................................................................................................. 25-4
25.3.1
Bulkdelete Deletes Entries, not Attributes .................................................................... 25-4
25.3.2
ODSM Section Should Refer to Oracle Internet Directory ......................................... 25-5
25.3.3
Incorrect Bug Numbers in Prerequisites for Rolling Upgrade................................... 25-5
25.3.4
Default orclcryptoscheme Value is SSHA..................................................................... 25-5
25.3.5
Setting Up Oracle Internet Directory SSL Mutual Authentication............................ 25-5
25.3.6
ODSM Schema Tab is Available to Non-Super User................................................... 25-5
25.3.7
Wrong Command and Path in Appendix P of Oracle Fusion Middleware
Administrator's Guide for Oracle Internet Directory.................................................. 25-5
25.3.8
Missing Option to opmnctl updatecomponentregistration in Oracle Fusion
Middleware Administrator's Guide for Oracle Internet Directory ........................... 25-6
25.3.9
Update Component Registration Whenever You Change Certain Instance-Specific
Attributes ........................................................................................................................... 25-6
26 Oracle Platform Security Services
26.1
Configuration Issues and Workarounds .............................................................................. 26-1
26.1.1
Oracle Fusion Middleware Audit Framework ............................................................. 26-1
26.1.1.1
Configuring Auditing for Oracle Access Manager............................................... 26-2
xxviii
26.1.1.2
Audit Reports do not Display Translated Text in Certain Locales ....................
26.1.1.3
Audit Reports Always Display in English.............................................................
26.1.1.4
Creating a New Audit Schema ................................................................................
26.1.1.5
Upgrading the Audit Schema ..................................................................................
26.1.2
Trailing '\n' Character in Bootstrap Key.......................................................................
26.1.3
Users with Same Name in Multiple Identity Stores ....................................................
26.1.4
Script listAppRoles Outputs Wrong Characters ..........................................................
26.2
Authorization Policy Manager Issues...................................................................................
26.2.1
Error Message While Searching Application Roles .....................................................
26.2.2
Some Errors/Warnings in Authorization Policy Manager Display Server Locale.
26.2.3
Support for Internet Protocols ........................................................................................
26.2.4
Authorization Policy Manager Patch Installation Fails on 64-bit Operating
Systems ...............................................................................................................................
26.3
Documentation Errata .............................................................................................................
26.3.1
Parameters for the Identity Store Service......................................................................
26-2
26-2
26-2
26-3
26-4
26-4
26-4
26-4
26-5
26-5
26-5
26-5
26-6
26-6
27 SSL Configuration in Oracle Fusion Middleware
27.1
General Issues and Workarounds .........................................................................................
27.1.1
Replacement User Certificates for Oracle Wallets .......................................................
27.1.2
Incorrect Message or Error when Importing a Wallet.................................................
27.2
Configuration Issues and Workarounds ..............................................................................
27.2.1
Tools for Importing DER-encoded Certificates............................................................
27.2.2
Using a Keystore Not Created with WLST or Fusion Middleware Control ............
27.2.3
Components May Enable All Supported Ciphers .......................................................
27-1
27-1
27-1
27-2
27-2
27-2
27-3
28 Oracle Virtual Directory
28.1
General Issues and Workarounds ......................................................................................... 28-1
28.1.1
Oracle Directory Services Manager Browser Window is Not Usable....................... 28-1
28.1.2
Exceptions May Occur in Oracle Directory Services Manager When Managing
Multiple Oracle Virtual Directory Components and One is Stopped ....................... 28-2
28.1.3
Identifying the DN Associated with an Access Control Point in Oracle Directory
Services Manager .............................................................................................................. 28-2
28.1.4
Issues With Oracle Virtual Directory Metrics in Fusion Middleware Control........ 28-2
28.1.4.1
Configuring Operation-Specific Plug-Ins to Allow Performance Metric Reporting
in Fusion Middleware Control After Upgrading to 11g Release 1 (11.1.1) ....... 28-2
28.1.5
Using a Wildcard when Performing an LDAPSEARCH on a TimesTen Database
Causes an Operational Error........................................................................................... 28-4
28.1.6
ODSM Version 11.1.1.4.0 Does Not Support OVD Versions 11.1.1.2.0 or
11.1.1.3.0 ............................................................................................................................ 28-4
28.1.7
ODSM Version 11.1.1.5.0 Does Not Support OVD Versions 11.1.1.2.0, 11.1.1.3.0, or
11.1.1.4.0 ............................................................................................................................ 28-5
28.1.8
Problem Running CRUD Operations on Windows Platforms Using JDK 6............ 28-5
28.1.9
Users with Non-ASCII Names Might Encounter Problems when Using ODSM with
SSO ...................................................................................................................................... 28-5
28.1.10
Creating an Attribute/Object Class Throws NPE Error ............................................. 28-6
28.1.11
Patch Required to Enable Account Lockout Feature................................................... 28-6
28.2
Documentation Errata ............................................................................................................. 28-6
xxix
28.2.1
28.2.2
28.2.3
Additional Step for Editing the Oracle Virtual Directory Administrative Listener
Settings Using Fusion Middleware Control ................................................................. 28-6
Wrong Command and Path in Appendix B of Oracle Fusion Middleware
Administrator's Guide for Oracle Virtual Directory ................................................... 28-7
Code Example Does Not Close Connection to LDAP Server..................................... 28-7
Part IX Oracle Portal, Forms, Reports and Discoverer
29 Oracle Business Intelligence Discoverer
29.1
General Issues........................................................................................................................... 29-1
29.1.1
Issues with Metadata Repository and Oracle Database 10g Release 1 ..................... 29-2
29.1.2
Compatibility Issues with Required Support Files...................................................... 29-3
29.1.3
Serif Font Issue in Worksheets........................................................................................ 29-3
29.1.4
Additional Fonts Required for Non-ASCII Data When Exporting to PDF .............. 29-3
29.1.5
Query Prediction Requires the Majority of the Query Time ...................................... 29-4
29.1.6
Word Wrapping Behavior with Oracle BI Discoverer Plus and Oracle BI Discoverer
Viewer ................................................................................................................................ 29-4
29.1.7
Applet Appears Behind Browser Window ................................................................... 29-4
29.1.8
Issues with Mac OS X Browser and Oracle BI Discoverer Plus ................................. 29-5
29.1.9
Issues with Turkish Regional Settings........................................................................... 29-5
29.1.10
Multibyte Characters Rendered as Square Boxes in Exported PDF and Other
Formats ............................................................................................................................... 29-5
29.1.11
Java Plug-in Not Downloaded Automatically on Firefox .......................................... 29-6
29.1.12
HTTP 404 Error While Accessing Discoverer on a Remote Machine ....................... 29-6
29.1.13
Error While Launching Discoverer Plus Applet on an IPv6 Environment .............. 29-6
29.1.14
Error While Updating the Discoverer Web Services Configuration Parameter...... 29-6
29.1.15
Exception Logged for Discoverer Web-Based Applications in an Extended
Domain ............................................................................................................................... 29-6
29.1.16
Issue with Discoverer Application URL in Fusion Middleware Control after a Backup
Recovery............................................................................................................................. 29-8
29.1.17
Incorrect Version Number for Discoverer in Fusion Middleware Control 11g....... 29-8
29.1.18
Oracle BI Discoverer Startup Fails after Shutdown..................................................... 29-8
29.1.19
The Database Export and Import Utility does not Work with Applications
Mode EUL .......................................................................................................................... 29-8
29.1.20
Install-level Scripts are not Updated in Existing Instances after Patching .............. 29-8
29.2
Issues Specific to Oracle BI Discoverer Plus Relational ..................................................... 29-9
29.2.1
Text Appearing Truncated or Clipped .......................................................................... 29-9
29.2.2
Non-ASCII Characters Not Saved Correctly in Title or Text Area............................ 29-9
29.2.3
Canceling Query Causes Discoverer to Hang .............................................................. 29-9
29.2.4
Nonaggregable Values Not Displayed for Scheduled Workbooks ........................... 29-9
29.2.5
Migrating Oracle BI Discoverer Plus Relational Worksheets from Oracle BI Discoverer
Desktop ............................................................................................................................ 29-10
29.3
Issues Specific to Oracle BI Discoverer Plus OLAP .......................................................... 29-10
29.3.1
Issues with Applet Download ...................................................................................... 29-10
29.3.2
Disabled Netscape and Mozilla Browsers................................................................... 29-11
29.3.3
Tabbing Fails to Synchronize Menus........................................................................... 29-11
29.3.4
Esc Key Fails to Close Certain Dialogs ........................................................................ 29-11
29.3.5
Link Tool Works Incorrectly in Some Locales............................................................ 29-11
xxx
29.3.6
Memory Issues when Exporting Extremely Large Graphs ...................................... 29-11
29.3.7
Issue While Printing Worksheets with Large Data Values ...................................... 29-11
29.3.8
Issues with Titles and Text Areas................................................................................. 29-11
29.3.9
Errors with JAWS and Format Dialogs ....................................................................... 29-12
29.4
Issues Specific to Oracle BI Discoverer Portlet Provider.................................................. 29-12
29.4.1
Inability to Turn Off Display of Range Min and Max as Labels.............................. 29-12
29.4.2
Using Oracle BI Discoverer Portlet Provider with Oracle Single Sign-On and Secure
Sockets Layer (SSL) Modes............................................................................................ 29-12
29.4.3
Issues with Discoverer Portlets in WebCenter ........................................................... 29-13
29.4.4
Issue while Publishing Discoverer WSRP Portlets in Portals Other than Oracle Portal
and Oracle WebCenter ................................................................................................... 29-13
29.4.5
Issue with Portlet Titles in Discoverer WSRP Portlets Published on IBM
WebSphere ....................................................................................................................... 29-13
29.4.6
Issue with Color and Date Pickers in Discoverer WSRP Portlets............................ 29-13
29.4.7
Worksheet Parameter LOV is not Displayed in Discoverer WSRP Portlets on IBM
WebSphere Portal ........................................................................................................... 29-14
29.4.8
Issue with Worksheet Parameter LOV Pop-Up Window in Discoverer WSRP
Portlets .............................................................................................................................. 29-14
29.5
Issues Specific to Oracle BI Discoverer Viewer ................................................................. 29-14
29.5.1
Drill Icons Cannot Be Hidden in Oracle BI Discoverer Viewer ............................... 29-14
29.5.2
Error Displaying Page for Multiple SSO Users .......................................................... 29-15
29.5.3
Inability to Disable the Display of Row Numbers ..................................................... 29-15
29.5.4
Issues with Oracle BI Discoverer Viewer Embedded in Frames ............................. 29-15
29.5.5
Issue Exporting to PDF Under Certain Circumstances............................................. 29-15
29.5.6
Issue When Changing Colors for Oracle BI Discoverer Viewer in Fusion Middleware
Control on Mac OS X...................................................................................................... 29-16
29.5.7
Discoverer Catalog Items Not Visible From UNIX Servers...................................... 29-16
29.5.8
Known Bug with JAWS Prevents Drilling Using the Enter Key ............................. 29-17
29.5.9
JAWS Does Not Read Asterisks that Precede Fields ................................................. 29-17
29.5.10
Oracle BI Discoverer Viewer Pages are not Cached by Oracle Web Cache ........... 29-17
29.6
Issues Specific to Oracle BI Discoverer EUL Command Line for Java........................... 29-18
29.6.1
Issue with Exported Non-ASCII Data ......................................................................... 29-18
29.7
Issues Specific to Oracle BI Discoverer Administrator..................................................... 29-18
29.7.1
Issue with Installation of Video Stores Tutorial ......................................................... 29-19
30 Oracle Forms
30.1
General Issues and Workarounds .........................................................................................
30.1.1
Backwards Compatibility with Earlier Releases ..........................................................
30.1.2
Linux/UNIX Issues and Workarounds.........................................................................
30.1.2.1
LD_PRELOAD Setting Required for Signal Chaining Facility ..........................
30.1.2.2
Check the Reports Engine Logs for FRM-41214....................................................
30.1.2.3
Forms Builder Does not Launch on Linux RHEL5 ...............................................
30.1.2.4
Changing User Permissions .....................................................................................
30.2
Configuration Issues and Workarounds ..............................................................................
30.2.1
Non-Internet Explorer Browser Proxy Settings when Using One-Button-Run.......
30.2.2
WebUtil Client Files Allow Configuration of Destination Directory........................
30.2.3
webutil.properties Files Renamed for Different Libraries..........................................
30-1
30-1
30-1
30-2
30-2
30-2
30-2
30-2
30-2
30-3
30-3
xxxi
30.2.4
Forms does not Work with JDK 1.6.0_12 on Client with WinRunner ......................
30.2.5
JavaScript Communication Does not Work in IE for Framed HTML File ...............
30.2.6
JavaScript Events Calling Forms Applications in a Safari 5 Browser Do not Work
30.3
Documentation Errata .............................................................................................................
30.3.1
Support for Common SQL Parser ..................................................................................
30.3.2
Passing userid in Secure Mode ......................................................................................
30.3.3
JDAPI Programming Example........................................................................................
30-3
30-3
30-4
30-4
30-4
30-4
30-5
31 Oracle Portal
31.1
Before You Begin...................................................................................................................... 31-1
31.2
General Issues and Workarounds ......................................................................................... 31-1
31.2.1
Editing a Database Link Requires Password................................................................ 31-2
31.2.2
Moving Content When Approval Is Enabled Does Not Require Approval ............ 31-2
31.2.3
Firefox and Safari Browsers Do Not Display Tooltips on Oracle Portal Screens .... 31-2
31.2.4
Non-ASCII URLs Cannot be Decoded in Some Scenarios.......................................... 31-2
31.2.5
Adding a Zip File with a Non-ASCII Character Name .............................................. 31-2
31.2.6
Manual Changes to Oracle Portal Default Schema Objects........................................ 31-2
31.2.7
Portal Throws Discoverer Provider is Busy Error Message ....................................... 31-3
31.2.8
Error When Creating RCU Portal Schema .................................................................... 31-3
31.2.9
Error When Adding Sample RSS Portlets to a Page .................................................... 31-3
31.2.10
Internal Error when Using Portal Search With Oracle Text Enabled to Search for
Pages ................................................................................................................................... 31-3
31.2.11
Issue After Creating a Oracle Portal Schema................................................................ 31-4
31.2.12
Updating Database Tables............................................................................................... 31-4
31.3
Upgrade Issues and Workarounds........................................................................................ 31-4
31.3.1
Upgrading Portal 10g SSL Environment to Oracle Portal 11g Release 1 (11.1.1) .... 31-4
31.4
Interoperability Issues and Workarounds............................................................................ 31-5
31.4.1
Interoperability Between Oracle Portal 11g Release 1 (11.1.1) with Secured Enterprise
Search (SES) 10.1.8.3 ......................................................................................................... 31-5
31.4.2
Interoperability Between Oracle Portal 11g Release 1 (11.1.1) with Secured Enterprise
Search (SES) 10.1.8.4 ......................................................................................................... 31-5
31.4.3
Creating Webproviders in the Oracle Portal 11g Release 1 (11.1.1) Midtier
Interoperability with Oracle Portal Repository 10g Release....................................... 31-5
31.5
User Interface Issue and Workaround.................................................................................. 31-5
31.6
Export and Import Issues and Workarounds ...................................................................... 31-5
31.6.1
Export and Import Does Not Support Reports Server Components ........................ 31-6
31.6.2
Saving the Transport Set.................................................................................................. 31-6
31.6.3
Error when importing a page group ............................................................................. 31-6
31.7
Portlet and Provider Issues and Workarounds ................................................................... 31-6
31.7.1
Issue When Accessing Page Portlet Using Federated Portal Adapter...................... 31-6
31.7.2
Error in JPS Portlet After Redeployment ...................................................................... 31-7
31.7.3
SSL Support for Oracle Portal Integration Solutions (Microsoft Exchange) ............ 31-7
31.8
PDK Issue and Workaround .................................................................................................. 31-7
31.9
Globalization Support Issues and Workarounds ................................................................ 31-7
31.9.1
Text Entry Always Right to Left in BiDi Languages ................................................... 31-7
31.9.2
Non-ASCII Character Limitations in Oracle Portal ..................................................... 31-8
31.9.3
Multibyte Characters in Log Files .................................................................................. 31-8
xxxii
31.10 Documentation Errata ............................................................................................................. 31-8
31.10.1
Limit for Parameters Per Portal Page............................................................................. 31-8
32 Oracle Reports
32.1
General Issues and Workarounds .........................................................................................
32.1.1
Mapping Users and Roles to Reports Application ......................................................
32.2
Documentation Errata .............................................................................................................
32.2.1
Restriction on Horizontal Panels Per Page in a Matrix Report Produced in the
ENHANCEDSPREADSHEET Format ...........................................................................
32.2.2
Errors in the Oracle Fusion Middleware Oracle Reports User's Guide to Building
Reports................................................................................................................................
32-1
32-1
32-1
32-1
32-2
Part X Oracle Enterprise Content Management Suite
33 Oracle ECM Application Adapters
33.1
General Issues and Workarounds ......................................................................................... 33-1
33.2
Configuration Issues and Workarounds .............................................................................. 33-1
33.2.1
Enabling Folders_g Component With Managed Attachments Solution May Override
Solution Deletion Settings ............................................................................................... 33-1
33.2.2
Adapter Can Target Single Conversation With Multiple Instances of Oracle E-Business
Suite Screen Displayed..................................................................................................... 33-2
33.2.3
Can Hide the Bottom Panel in the Task Viewer........................................................... 33-2
33.2.4
Enhancement Allows Authenticated Oracle WebLogic Server User to Perform Tasks
Rather Than User Passed From LOB Application ....................................................... 33-2
33.2.5
Number of Tasks Displayed in Task List Now Configurable .................................... 33-3
33.2.6
Siebel Adapter: AllowContentServerInAnyDomains Setting Resolves Login
Issue .................................................................................................................................... 33-3
33.3
Documentation Errata ............................................................................................................. 33-4
33.3.1
Adapter Localization........................................................................................................ 33-4
33.3.2
SOAP Security Required for the Oracle E-Business Suite Adapter........................... 33-4
33.3.3
Updated Information For UpdateTaskFromProcedure Command .......................... 33-4
33.3.3.1
Update Task From Procedure Command Parameters ......................................... 33-5
33.3.3.2
Example Implementation ......................................................................................... 33-5
33.3.3.3
Example PL/SQL Procedure For Updating the Task Payload ........................... 33-6
33.3.4
Siebel Adapter: Amended Symbolic URL Example in iFrame URL Configuration 33-7
34 Oracle Enterprise Content Management Suite Installation and Configuration
34.1
34.2
34.3
34.4
34.5
34.6
File Formats Wizard Might Display Error First Time After Upgrade .............................
Configuring the Java Object Cache for AXF in Distributed Oracle I/PM Managed
Servers .......................................................................................................................................
Preventing a Service Exception After Upgrading Oracle UCM 10g to Oracle
ECM 11.1.1.4.0 ...........................................................................................................................
Upgrading the File Store Provider Before Upgrading Oracle UCM to Oracle
ECM 11.1.1.4.0 .........................................................................................................................
Patch 12369706 for Oracle Information Rights Management ............................................
Using Node Manager with Oracle ECM .............................................................................
34-1
34-1
34-3
34-3
34-4
34-4
xxxiii
34.6.1
34.6.2
34.6.3
Configuring a Machine .................................................................................................... 34-5
Assigning Servers to a Machine...................................................................................... 34-5
Enabling the Use of Startup Scripts Before Starting Node Manager ........................ 34-6
35 Oracle Imaging and Process Management
35.1
General Issues........................................................................................................................... 35-1
35.1.1
I/PM Session Time Out When Using OSSO Requires Browser Refresh .................. 35-2
35.1.2
Mixed Translations On Page ........................................................................................... 35-2
35.1.3
Deleting More Than 100 Documents Can Cause Http 404 Errors ............................. 35-2
35.1.4
Time Zone Based on Time Zone of I/PM Server ......................................................... 35-2
35.1.5
I/PM Documents May Be Visible Natively Within WebCenter................................ 35-3
35.1.6
Removing Full-Text Search Capabilities From Defined Applications...................... 35-3
35.1.7
Application Field Limitations When Using Oracle Text Search ................................ 35-3
35.1.8
Oracle URM Records Missing from Oracle I/PM Searches ....................................... 35-3
35.1.9
WebLogic Server Listening Address and AXF Driver Page URL Must Reference the
Same Domain .................................................................................................................... 35-4
35.1.10
WebLogic Scripting Tool Doesn't Recognize Multibyte Characters in Export File
Path .................................................................................................................................... 35-4
35.1.11
Invalid Skin Preference Displays Generic User Interface ........................................... 35-4
35.1.12
Problem Displaying Second Page of Microsoft PowerPoint 2007 Document.......... 35-4
35.1.13
Must Start NFS Locking Service When Input Agent Used with Linux Shares ....... 35-5
35.1.14
DefaultSecurityGroup MBean Allows For Assigning Administrator Rights to Security
Group at First Log In........................................................................................................ 35-5
35.1.15
Input Mapping Error When Input Definition File Includes Blank Line................... 35-5
35.1.16
Work Manager Functionality Not Compatible with AQ JMS.................................... 35-5
35.1.17
Differing Behavior of Decimals When Ingested Into Number or Decimal Fields .. 35-5
35.1.18
Additional MBean Configuration Settings Allow Purging of Ingested Images...... 35-6
35.1.19
Additional MBean Configuration Setting Returns Server Up Time ......................... 35-6
35.1.20
Configuring Oracle Access Manager 11g for Use With Oracle I/PM....................... 35-6
35.1.21
Updating Client System Temp Directory With New Outside In Technology Files 35-6
35.1.22
Export to Excel Temporarily Unavailable ..................................................................... 35-7
35.1.23
Preview and Test Page Search Results Toolbar Partially Disabled ........................... 35-7
35.1.24
Change in Viewer Page Selection ................................................................................... 35-7
35.1.25
Using Browser Forward, Back, and Refresh Navigation Not Recommended......... 35-7
35.2
Browser Compatibility Issues ................................................................................................ 35-7
35.2.1
Safari: Unexpected Tab Order In Search Results Toolbar and Viewer Menus........ 35-8
35.2.2
Safari: Unable to Download Original or Download TIFF........................................... 35-8
35.2.3
Safari: Unable to Use Keyboard to Select Panels In Viewer ....................................... 35-8
35.2.4
IE: Non-ASCII Characters Not Supported in Internet Explorer for ExecuteSearch 35-8
35.2.5
Firefox 3.6: Version and Download Dialog Boxes Appear Behind Viewer in Advanced
Mode ................................................................................................................................... 35-8
35.2.6
Chrome: Version and Download Dialog Boxes Appear Behind Viewer in Advanced
Mode ................................................................................................................................... 35-9
35.2.7
Chrome: Unable to Download Original or Download TIFF ...................................... 35-9
35.3
Accessibility Issues .................................................................................................................. 35-9
35.3.1
Button Activation Behavior Different Depending on Viewer Mode ...................... 35-10
35.3.2
Limitations of Sticky Note Contents ............................................................................ 35-10
35.3.3
Skip to Content Link Added for Keyboard Navigation............................................ 35-10
xxxiv
Firefox: Skip to Applet Link Added for Keyboard Navigation in Advanced Viewer
Mode ................................................................................................................................. 35-10
35.3.5
Internet Explorer 7: Focus Issue on Upload Document and Preferences Pages.... 35-10
35.3.6
Name of File Selected For Import Not Displayed in Screen Reader Mode............ 35-10
35.3.7
Issues Selecting From Calendar Using Keyboard...................................................... 35-10
35.3.8
Focus Issue in Create Searches Wizard Using Keyboard ......................................... 35-11
35.3.9
Annotations Not Recognized By JAWS....................................................................... 35-11
35.3.10
403 Link Error Returned For Collapse Pane Link ...................................................... 35-11
35.3.11
Internet Explorer: Focus Issue During Search Using Keyboard .............................. 35-11
35.3.12
Date Selected From Calendar Lost Using Keyboard ................................................. 35-11
35.3.13
Some Annotation Buttons Incorrectly Read by JAWS .............................................. 35-11
35.3.14
Internet Explorer: Long Panels Not Visible In Screen Reader ................................. 35-11
35.3.15
Keyboard Keys To Open and Navigate Sticky Notes In Panel ................................ 35-11
35.3.16
Keyboard Keys To The Close Options In Search Form............................................. 35-12
35.3.17
Disable UI Animation Preference Does Not Disable Busy Indicator ...................... 35-12
35.3.18
Using JAWS and Selecting Expansion Arrow Causes Error .................................... 35-12
35.4
Documentation Errata ........................................................................................................... 35-12
35.4.1
Oracle I/PM Supports Basic and Username Token Authentication Without Oracle
Web Services Manager ................................................................................................... 35-12
35.3.4
36 Oracle Information Rights Management
36.1
General Issues and Workarounds ......................................................................................... 36-1
36.1.1
Some Functionality is Disabled or Restricted in Adobe Reader X and Adobe
Reader 9 .............................................................................................................................. 36-2
36.1.2
Limitations of Support for Microsoft SharePoint in this Release .............................. 36-3
36.1.3
Lotus Notes Email Message May be Lost if Context Selection Dialog is Canceled 36-4
36.1.4
Save As is Blocked in Microsoft Office 2000/XP for Sealed Files if the Destination is a
WebDAV Folder................................................................................................................ 36-4
36.1.5
No Prompt to Use Local Drafts Folder for Sealed Files in SharePoint 2010 ............ 36-4
36.1.6
Incorrect Initial Display of Oracle IRM Fields in Microsoft Excel Spreadsheets When
Used With SharePoint ...................................................................................................... 36-5
36.1.7
Behavior of Automatic Save and Automatic Recovery in Microsoft Office Applications
and SharePoint .................................................................................................................. 36-5
36.1.8
Support for Microsoft Windows 2000 Has Been Removed ........................................ 36-6
36.1.9
Unreadable Error Message Text When Client and Server Locales are Different .... 36-6
36.1.10
Changes Lost if Tab Changed Before Applying the Apply Button........................... 36-6
36.1.11
Some File Formats are Not Supported When Using the Microsoft Office 2007
Compatibility Pack with Microsoft Office 2003 ........................................................... 36-6
36.1.12
Microsoft Word May Hang if a Sealed Email is Open During Manual Rights
Check-In ............................................................................................................................ 36-6
36.1.13
Sealed Emails in Lotus Notes will Sometimes Show a Temporary File Name........ 36-6
36.1.14
No Support for Sealing Files of 2GB or Larger in Size in Oracle IRM Desktop ...... 36-7
36.1.15
Inappropriate Authentication Options After Failed Login on Legacy Servers When
Setting Up Search.............................................................................................................. 36-7
36.1.16
Opening Legacy Sealed Documents in Microsoft Office 2007 May Fail on First
Attempt............................................................................................................................... 36-7
36.1.17
Log Out Link Inoperative When Using OAM 11g for SSO ........................................ 36-7
36.1.18
Double-byte Languages Cannot be Used for Entering Data with Legacy Servers . 36-7
xxxv
36.1.19
Use of SPACE Key Instead of Return Key in Oracle IRM Server .............................. 36-7
36.1.20
Calendar Controls in Oracle IRM Server Not Accessible Via the Keyboard ........... 36-7
36.2
Configuration Issues and Workarounds .............................................................................. 36-7
36.2.1
Mandatory Patch Number 12369706 For Release 11.1.1.5.0 of Oracle IRM Server, To Fix
Role Edit Bug ..................................................................................................................... 36-8
36.2.2
Installing the 64-Bit Version of Oracle IRM Desktop .................................................. 36-8
36.2.3
Reboot Necessary to Obtain New Online Information Button .................................. 36-8
36.2.4
Deploying Oracle IRM Using Oracle Access Manager Version 10g.......................... 36-9
36.2.5
LDAP Reassociation Fails if User and Group Names are Identical .......................... 36-9
36.2.6
Upgrading Oracle IRM Desktop From Versions Earlier Than 5.5............................. 36-9
36.2.7
Synchronizing Servers After an Upgrade of Oracle IRM Desktop............................ 36-9
36.2.8
Reapplying Lost Settings After an Upgrade of Oracle IRM Desktop ....................... 36-9
36.2.9
Changing Oracle IRM Account When Authenticated Using Username and
Password .......................................................................................................................... 36-10
36.2.10
Post-Installation Steps Required for Oracle IRM Installation Against
Oracle RAC ...................................................................................................................... 36-10
36.2.11
Enabling the Oracle IRM Installation Help Page to Open in a Non-English
Server Locale.................................................................................................................... 36-10
36.3
Documentation Errata ........................................................................................................... 36-11
37 Oracle Universal Content Management
37.1
General Issues and Workarounds ......................................................................................... 37-1
37.1.1
Folio Items With Content IDs Containing Multibyte Characters Do Not Display
Correctly in Safari ............................................................................................................. 37-2
37.1.2
Site Studio Does Not Support Multibyte Characters in Site IDs, Directory Names, and
Page Names ....................................................................................................................... 37-2
37.1.3
Site Studio Publisher Does Not Support Multibyte Characters................................. 37-2
37.1.4
Transferring Folder Archives Between Content Servers Fails If Server System Locales
Do Not Match .................................................................................................................... 37-2
37.1.5
Importing Folder Archives Fails If User Locale Did Not Match Server System Locale
During Export ................................................................................................................... 37-3
37.1.6
Edit Environment Variable Before Using Outside in Technology Suite on HP-UX
PA-RISC (64-Bit)................................................................................................................ 37-3
37.1.7
New Folio Page Does Not Work in French and Italian Languages........................... 37-3
37.1.8
UCM Servers and IPv6 Support ..................................................................................... 37-3
37.1.9
Large File Check-ins May Cause Timeouts................................................................... 37-3
37.1.10
Content Categorizer Trace Log Settings Discontinued ............................................... 37-3
37.1.11
Using Oracle UCM with OAM Server Under Single Sign-on .................................... 37-4
37.1.12
Extra Lines Displayed Viewing Contribution Folders in Internet Explorer 8 ......... 37-4
37.1.13
WebDAV Connection Fails After Logout or Restart ................................................... 37-4
37.1.14
LDAP Users Not Receiving Some Administrator Privileges ..................................... 37-4
37.1.15
Detailed Oracle OpenOffice Configuration Settings ................................................... 37-4
37.1.16
Clarification When Setting Classpath to OpenOffice Class Files .............................. 37-5
37.1.17
Oracle Inbound Refinery PDF Conversion May Differ Visually from the Original
Content ............................................................................................................................... 37-5
37.1.18
Mismatching User and Server Locales Prevent Access to Oracle E-Business Suite and
PeopleSoft Managed Attachment Pages in Oracle UCM............................................ 37-5
37.1.19
Connection Issues with Windows to WebDAV ........................................................... 37-5
xxxvi
37.1.20
Manual Addition of xdoruntime.ear Library for Records Management.................. 37-5
37.1.21
Using HCSP Custom Elements with SSXA................................................................... 37-7
37.1.22
Using Link Wizard with FCKEditor and Chrome ....................................................... 37-7
37.1.23
Link Wizard Display Errors When Using Chrome...................................................... 37-7
37.1.24
Backing Up Site Studio Websites Using Chrome......................................................... 37-7
37.1.25
DAM Video Storyboard Errors With Chrome and Safari........................................... 37-7
37.1.26
Issues Applying Table Styles When Using FireFox and FCK Editor ........................ 37-8
37.1.27
Content Information Server Is Not Supported for 11g................................................ 37-8
37.1.28
Window Size Using Trays with FireFox ....................................................................... 37-8
37.1.29
Content Item Icon for Basket Item Appears Broken in Chrome ............................... 37-8
37.1.30
VB6 Component Dependency for Kofax 9 ................................................................... 37-8
37.2
Configuration Issues and Workarounds .............................................................................. 37-8
37.2.1
Minimum JDBC Driver Version Required for Oracle Text Search Component...... 37-8
37.2.2
Setting Security Privileges for Modifying Folders....................................................... 37-9
37.2.3
Site Studio for External Applications (SSXA) Port Values for Oracle Content Server
10gR3................................................................................................................................... 37-9
37.2.4
SSXA Required DC Version for Oracle Content Server 10gR3 .................................. 37-9
37.2.5
Content Portlet Suite (SCPS) WebCenter as Producer Targeting Libraries ............. 37-9
37.2.6
Logout URL for SSO Logout Integrating with Oracle Access Manager 11g.......... 37-10
37.2.7
Using the Custom Truststore with the JPS Connection to ActiveDirectory .......... 37-10
37.3
Documentation Errata ........................................................................................................... 37-10
37.3.1
"Save As" Option Not Available in PowerPoint for Desktop Integration Suite .... 37-10
37.3.2
EnableOptimizedLatestReleaseQuerying No Longer Valid in Idoc Script............ 37-10
37.3.3
Kofax Version Certification for Oracle UCM.............................................................. 37-11
37.3.4
Content Portlet Suite (CPS) WSRP URLs for WebCenter as Producer ................... 37-11
37.3.5
Custom Installation Options for Desktop Integration Suite 11gR1 ......................... 37-11
38 Oracle Universal Records Management
38.1
General Issues and Workarounds .........................................................................................
38.1.1
Role Report Output is Dependent on User Generating the Report...........................
38.1.2
Items Returned When Using Screening ........................................................................
38.1.3
Oracle Text Search and Report Configuration Options ..............................................
38.1.4
Upgrade from 10g Audit Trail Periods Missing ..........................................................
38.1.5
DB2 Databases and FOIA/PA Functionality................................................................
38.1.6
Sorting and Listing Retention Category Content.........................................................
38.2
Configuration Issues and Workarounds ..............................................................................
38.2.1
Import FOIA Archive Error Message ............................................................................
38.2.2
Restart Required: Performance Monitoring and Reports ...........................................
38.2.3
Audit Trail Sorting Results and Database Fulltext Search .........................................
38.2.4
Prefix Size Limitation When Using Offsite Storage.....................................................
38.2.5
Enabling Email Metadata Component ..........................................................................
38.2.6
Relative Web Root Must Be Changed............................................................................
38.2.7
Configuring 10g Adapters for 11g Oracle URM ..........................................................
38.3
Documentation Errata .............................................................................................................
38.3.1
Menu Name Changes Not Reflected in Documentation ............................................
38-1
38-1
38-1
38-2
38-2
38-2
38-2
38-2
38-2
38-3
38-3
38-3
38-3
38-3
38-3
38-4
38-4
Part XI Oracle Business Intelligence
xxxvii
39 Oracle Business Intelligence
39.1
Patch Requirements ................................................................................................................. 39-2
39.1.1
Obtaining Patches from My Oracle Support ................................................................ 39-2
39.2
Oracle Business Intelligence Issues and Workarounds Identified Since the Last
Revision ..................................................................................................................................... 39-2
39.3
Oracle Business Intelligence Issues and Workarounds that Apply to Release 11.1.1.3. 39-3
39.3.1
Oracle Business Intelligence Issues and Workarounds that Apply Only to Release
11.1.1.3 ................................................................................................................................ 39-3
39.3.1.1
Integrating with Essbase and Hyperion Financial Management Data Sources with
No Shared Connection Pool (applies only to Release 11.1.1.3)........................... 39-4
39.3.1.2
Oracle BI Publisher Requires Oracle WebLogic Server to Run in en_US Locale
(applies only to Release 11.1.1.3) ............................................................................. 39-5
39.3.1.3
Patch Available to Hide Selected Consistency Check Warnings (applies only to
Release 11.1.1.3) ......................................................................................................... 39-6
39.3.1.4
Clarification of CaseInsensitiveMode Element (doc erratum for Release
11.1.1.3) ........................................................................................................................ 39-6
39.3.1.5
Error in Section 22.3.2, "Specifying Defaults for Styles and Skins" (doc erratum for
Release 11.1.1.3) ......................................................................................................... 39-7
39.3.1.6
Updates of Information About the Catalog (doc erratum for Release 11.1.1.3) 39-7
39.3.1.7
Removal of Section 19.7.2.6, "Including Links with Analyses on Dashboards" (doc
erratum for Release 11.1.1.3) .................................................................................. 39-14
39.3.1.8
Issues with WebLogic LDAP User Passwords (applies only to Release
11.1.1.3) ...................................................................................................................... 39-14
39.3.1.9
Configuring the GUID Attribute in the Identity Store (applies only to Release
11.1.1.3)...................................................................................................................... 39-14
39.3.2
Other Oracle Business Intelligence Issues and Workarounds that also Apply to Release
11.1.1.3 .............................................................................................................................. 39-14
39.4
Oracle Business Intelligence General Issues and Workarounds..................................... 39-15
39.4.1
Oracle BI Disconnected Analytics Not Included in Oracle Business Intelligence 11g,
Release 11.1.1.5 ................................................................................................................ 39-16
39.4.2
Issue with JAR File Size When Moving from a Test to a Production
Environment .................................................................................................................... 39-16
39.4.3
Adobe Flash Player Version 10.1 or Later Required to View Graphs and
Scorecards ........................................................................................................................ 39-17
39.4.4
Siteminder Not Supported with Full-Text Catalog Search....................................... 39-17
39.4.5
Full-Text Search Not Finding BI Publisher Reports by Report Column ................ 39-17
39.4.6
Oracle BI Mobile: No Scrolling to View Offscreen Content If User Language is Arabic
or Hebrew ........................................................................................................................ 39-17
39.4.7
Oracle BI Mobile: Bi-directional Text Layout Not Supported by BI Mobile Client Shell
UI....................................................................................................................................... 39-17
39.4.8
Problems Installing in Thai and Turkish Locales....................................................... 39-17
39.4.9
Graph Subtypes Are Not Refreshed in BI Composer................................................ 39-17
39.4.10
Oracle BI Mobile: Mobile Device Accessibility Features May Not Work With Oracle BI
Mobile Application ......................................................................................................... 39-18
39.4.11
Oracle BI Mobile: Briefing Books Content Visible in User's Catalog Is Not Viewable in
the Mobile Application .................................................................................................. 39-18
39.4.12
Dashboards and Scorecards Whose Paths Contain Multibyte Characters Do Not
Display on ADF Pages ................................................................................................... 39-18
xxxviii
Characters Supported in Folder Names by BI Presentation Services Not Supported by
BI Publisher...................................................................................................................... 39-18
39.5
Oracle Business Intelligence Installation Issues and Workarounds............................... 39-18
39.5.1
Error When Installing Oracle Business Intelligence Against a SQL Server
Database ........................................................................................................................... 39-19
39.5.2
Scale-Out Scenarios Are Not Supported on OS with Different Patch Levels ........ 39-19
39.5.3
Need to Correctly Create the Oracle Central Inventory in a UNIX Environment 39-19
39.5.4
Oracle Business Intelligence Installer Stops at Administrator User Details
Screen................................................................................................................................ 39-19
39.5.5
Installing Oracle Business Intelligence on a Shared Drive Might Fail.................... 39-19
39.5.6
Configuring DB2 to Support Multibyte Data ............................................................. 39-20
39.5.7
Using Multibyte Data Causes Issues with Microsoft SQL Server 2005/2008 Driver in
Oracle BI Scheduler ........................................................................................................ 39-20
39.5.8
Missing Locale Causes Oracle Business Intelligence Installation to Fail on
UNIX ................................................................................................................................. 39-20
39.6
Oracle Business Intelligence Upgrade Issues and Workarounds ................................... 39-21
39.6.1
General Upgrade Issues and Workarounds ............................................................... 39-21
39.6.1.1
Conditional Formatting Might Not Work After Upgrading from Oracle Business
Intelligence Release 10g to Release 11g ................................................................ 39-21
39.6.2
Security-related Upgrade Issues and Workarounds ................................................. 39-21
39.6.2.1
Warnings Might Be Reported When Upgrading an RPD with Non-English User or
Group Names ........................................................................................................... 39-21
39.6.2.2
Users or Groups With Names Containing Invalid Characters Are Not
Upgraded ................................................................................................................. 39-22
39.6.2.3
RPD Upgrade Process Fails If the 10g Administrator UserID or Password Contains
any Non-Native Characters ................................................................................... 39-22
39.7
Oracle Business Intelligence Installation Guidelines for 64-Bit Platforms .................... 39-23
39.7.1
Prerequisites for Software Only Installation on 64-Bit Platforms............................ 39-23
39.7.2
Supported Installation Types for Oracle Business Intelligence on 64-Bit
Platforms .......................................................................................................................... 39-23
39.7.3
Considerations and Limitations of Enterprise Install Type for Scaling Out Existing
Installations...................................................................................................................... 39-24
39.8
Oracle Business Intelligence Analyses and Dashboards Issues and Workarounds..... 39-24
39.8.1
General Analyses and Dashboards Issues and Workarounds ................................. 39-24
39.8.1.1
Existing Dashboard Prompts Based on Columns Renamed in the Business Model
Do Not Work ............................................................................................................ 39-24
39.8.1.2
Gauge Views May Be Cut Off and Not Visible Under Certain Conditions.... 39-25
39.8.1.3
Numerical Units on a Dashboard Prompt Slider Might Not Be Translated
Correctly ................................................................................................................... 39-25
39.8.1.4
After Printing a Dashboard Page Using the Safari Browser on Windows, the Page
No Longer Responds to Certain Left Clicks ........................................................ 39-25
39.8.1.5
Scorecard Diagrams on Dashboard Pages May Print as Tables ....................... 39-25
39.8.1.6
Some Total Rows in Table View Display Incorrect Totals for Level-Based
Measures ................................................................................................................... 39-25
39.8.1.7
Using Maps with Column Selectors ..................................................................... 39-26
39.8.1.8
Support for Rendering Small Form-Factor Graphs ............................................ 39-26
39.8.1.9
Analyses Whose Paths Contain Latin Supplement Characters Fail to Open on
Dashboard Pages .................................................................................................... 39-27
39.4.13
xxxix
Actions Issues and Workarounds................................................................................. 39-27
EJBs in Action Framework Must Be Deployed to the WebLogic Managed
Server ......................................................................................................................... 39-27
39.8.3
Scorecards and KPI Issues and Workarounds............................................................ 39-27
39.8.3.1
No Results Returned When Searching in the Related Documents of Scorecards or
Scorecard Components ........................................................................................... 39-28
39.8.3.2
Item Stale Error When Editing a Shared Scorecard in Parallel......................... 39-28
39.8.4
Agents Issues and Workarounds.................................................................................. 39-28
39.8.4.1
Agent Deliveries Fail with Microsoft Active Directory and Oracle Virtual
Directory ................................................................................................................... 39-28
39.8.4.2
Agent Incorrectly Delivers Content to Active Delivery Profile When Only the
Home Page and Dashboard Option Is Selected .................................................. 39-28
39.8.5
Microsoft Office Integration Issues and Workarounds............................................. 39-29
39.8.5.1
Using Microsoft Office 2007 with Oracle BI Add-in for Microsoft Office....... 39-29
39.8.5.2
Server Connections Are Not Automatically Shared by Microsoft Excel and
PowerPoint ............................................................................................................... 39-29
39.8.5.3
Previous Installation of Oracle BI Add-in for Microsoft Office Must Be Manually
Uninstalled ............................................................................................................... 39-29
39.8.5.4
Errors in the Online Help for Oracle BI Add-In for Microsoft Office.............. 39-30
39.8.5.5
Refreshing Table or Pivot Table Views with Double Columns in Page Edge Might
Result in Error .......................................................................................................... 39-30
39.8.5.6
Double Column Cascading Results in Incorrect Display Values .................... 39-30
39.8.5.7
Intermittent Timeout Errors................................................................................... 39-30
39.8.5.8
Lack of Support for Vary Color By Target Area ................................................. 39-30
39.9
Oracle BI Publisher Reporting and Publishing Issues and Workarounds .................... 39-30
39.9.1
General Oracle BI Publisher Issues and Workarounds ............................................. 39-31
39.9.1.1
JDBC Driver Throws Unsupported Function for setBigDecimal ..................... 39-31
39.9.1.2
Searching the Catalog from the Oracle BI Publisher User Interface Does Not Work
When BI Publisher Is Integrated with Oracle BI Enterprise Edition................ 39-31
39.9.1.3
Data Source List in BI Publisher Administration Page Includes Data Sources That
Are Not Supported.................................................................................................. 39-32
39.9.1.4
Menu Items Do Not Display When Using Internet Explorer 7 with a Bidirectional
Language Preference............................................................................................... 39-32
39.9.1.5
Data Source Definition for Microsoft SQL Server 2008 Analysis Services Does Not
Get Saved .................................................................................................................. 39-32
39.9.1.6
Issues with Viewing Some Report Formats on Apple iPad .............................. 39-32
39.9.1.7
BI Publisher Objects Exhibit Unexpected Behavior When Located Inside a Folder
Named with a Single Quote Character................................................................. 39-33
39.9.1.8
Components Folder Missing from SampleApp Lite Web Catalog .................. 39-33
39.9.1.9
Local Policy Attachments (LPAs) Removed from Web Services in Release
11.1.1.5 ....................................................................................................................... 39-33
39.9.2
Oracle BI Publisher Security Issues and Workarounds ............................................ 39-34
39.9.3
Oracle BI Publisher Delivery Manager Issues and Workarounds........................... 39-34
39.9.4
Oracle BI Publisher Scheduler Issues and Workarounds ......................................... 39-34
39.9.4.1
Scheduler Does Not Support Multibyte Characters When Schema Installed on
Microsoft SQL Server .............................................................................................. 39-34
39.9.5
Oracle BI Publisher RTF Template Issues and Workarounds.................................. 39-34
39.9.6
Oracle BI Publisher Excel Template Issues and Workarounds................................ 39-34
39.9.6.1
Limitations for Excel Template Output on Apple iPad ..................................... 39-35
39.8.2
39.8.2.1
xl
Oracle BI Publisher Desktop Tools Issues and Workarounds ................................. 39-35
Oracle BI Publisher's Template Builder for Microsoft Word Is Not Compatible
with Microsoft Office Live Add-in........................................................................ 39-35
39.9.8
Oracle BI Publisher Layout Editor Issues and Workarounds .................................. 39-35
39.9.8.1
Editing an XPT Layout and Clicking Return in Layout Editor Results in
Exception................................................................................................................... 39-35
39.9.9
Oracle BI Publisher Data Model Issues and Workarounds ...................................... 39-36
39.9.9.1
Data Model Is Not Editable When Created by Upgrade Assistant ................. 39-36
39.9.9.2
After Editing a View Object Data Set, the Elements Are Duplicated .............. 39-36
39.9.10
Oracle BI Publisher Report Building Issues and Workarounds .............................. 39-36
39.9.10.1
No Direct Conversion Between Oracle Reports and Oracle BI Publisher 11g 39-37
39.9.11
Oracle BI Publisher Documentation Errata................................................................. 39-37
39.9.11.1
Oracle Fusion Middleware Report Designer's Guide for Oracle Business Intelligence
Publisher..................................................................................................................... 39-37
39.9.11.2
Oracle Fusion Middleware Administrator's Guide for Oracle Business Intelligence
Publisher..................................................................................................................... 39-37
39.10 Oracle Business Intelligence Metadata Repository Development Issues and
Workarounds.......................................................................................................................... 39-37
39.10.1
General Metadata Repository Development Issues and Workarounds ................. 39-38
39.10.1.1
Use of NQClient (BI ODBC Client) Utility Is Deprecated ................................. 39-38
39.10.1.2
Update Logical Table Source Modeling when Using paint.rpd for Testing... 39-38
39.10.1.3
FIRST and LAST Aggregation Rules Cause Inconsistent Sorting for Time
Dimensions ............................................................................................................... 39-39
39.10.1.4
Oracle OLAP Jars on JavaHost Computer Must Be Updated When Using Oracle
OLAP 11.2.x ............................................................................................................. 39-39
39.10.1.5
Must Use JDBC Connection String When Importing from Oracle OLAP ...... 39-39
39.10.2
Oracle BI Server Issues and Workarounds ................................................................. 39-39
39.10.2.1
Oracle Call Interface (OCI) Issue Causes Oracle BI Server Crash on Windows
when Under Heavy Load and Connecting to Oracle Database 11g ................ 39-40
39.10.3
Oracle BI Administration Tool Issues and Workarounds ........................................ 39-40
39.10.3.1
Administration Tool Incorrectly Displays Option for Generate Deployment
File ............................................................................................................................. 39-40
39.10.3.2
Issue with Online Import Object Checkout ......................................................... 39-40
39.10.3.3
MUD History Must Be Manually Upgraded in Oracle Business Intelligence Release
11g (11.1.1.5) ............................................................................................................. 39-40
39.10.3.4
Ignore RPD Consistency Warnings Related to Required Database Feature Changes
for Oracle OLAP ...................................................................................................... 39-41
39.11 Oracle Business Intelligence System Administration Issues and Workarounds.......... 39-42
39.11.1
General System Administration Issues and Workarounds ...................................... 39-42
39.11.2
Configuration Issues and Workarounds ..................................................................... 39-42
39.11.2.1
Removal of DefaultImageType and HardenXSS Elements ............................... 39-42
39.11.3
Deployment, Availability, and Capacity Issues and Workarounds........................ 39-42
39.11.4
Sign-in and Security Issues and Workarounds .......................................................... 39-43
39.11.4.1
Permission Required to Open Catalog Manager in Online Mode ................... 39-43
39.11.5
Oracle BI Scheduler Issues and Workarounds ........................................................... 39-43
39.12 Oracle Business Intelligence Integration and API Issues and Workarounds ............... 39-43
39.12.1
General Integration Issues and Workarounds ........................................................... 39-43
39.12.2
Oracle Business Intelligence API Issues and Workarounds..................................... 39-43
39.9.7
39.9.7.1
xli
39.13 Oracle Business Intelligence Localization Issues and Workarounds ............................. 39-43
39.13.1
Product Localization Issues and Workarounds ......................................................... 39-44
39.13.1.1
Unable to Save Strings with Multibyte Characters to an External File Using ANSI
Encoding ................................................................................................................... 39-44
39.13.1.2
BI Publisher User Interface Components Do Not Support Supplementary
Characters ................................................................................................................. 39-44
39.13.1.3
Non-English Log Files Displayed Incorrectly in Fusion Middleware
Control ...................................................................................................................... 39-44
39.13.1.4
Error Messages in BI Publisher Data Model Editor Honor Server Locale
Setting ....................................................................................................................... 39-45
39.13.1.5
Incorrect Layout in Tables and Pivot Tables in PDF Files and PowerPoint
Presentations When Locale for BI Server Is Arabic or Hebrew ........................ 39-45
39.13.1.6
Excel2007 Output in BI Publisher Does Not Honor Locale Settings for Number and
Date Format ............................................................................................................. 39-45
39.13.2
Help System Localization Issues and Workarounds................................................. 39-45
39.13.2.1
Oracle Business Intelligence Help Systems Are Not Translated in Release
11.1.1.5 ....................................................................................................................... 39-45
39.14 Oracle Business Intelligence Documentation Errata......................................................... 39-46
39.14.1
General Oracle Business Intelligence Documentation Errata .................................. 39-46
39.14.2
Oracle Fusion Middleware Quick Installation Guide for Oracle Business Intelligence... 39-46
39.14.3
Oracle Fusion Middleware Installation Guide for Oracle Business Intelligence ............. 39-46
39.14.3.1
Installation Guide Contains Misinformation About Installing the
Client Tools ............................................................................................................... 39-47
39.14.4
Oracle Fusion Middleware Upgrade Guide for Oracle Business Intelligence Enterprise
Edition ............................................................................................................................... 39-47
39.14.5
Oracle Fusion Middleware User's Guide for Oracle Business Intelligence Enterprise
Edition ............................................................................................................................... 39-47
39.14.5.1
Oracle BI Mobile: Embedding a Dashboard or Answers Report Link in an
E-mail ........................................................................................................................ 39-48
39.14.5.2
Oracle BI Mobile: Easy Access to Dashboards .................................................... 39-48
39.14.5.3
Content Missing from Appendix E, "User Interface Reference," "Edit Page Settings
dialog" Topic, Prompt Buttons Field ................................................................... 39-48
39.14.5.4
Incorrect Default Pixel Value Specified in Chapter 6, "Prompting in Dashboards
and Analyses" and Appendix E, "User Interface Reference" ........................... 39-48
39.14.5.5
Error in the "How Will Prompts Created in Previous Versions Be Upgraded?"
Topic in Chapter 6, "Prompting in Dashboards and Analyses" ...................... 39-49
39.14.5.6
Columns from Multiple Subject Areas Included in a Single Query Must Be
Compatible ............................................................................................................... 39-49
39.14.5.7
Error in the "Actions that Invoke Operations, Functions or Processes in External
Systems" Topic in Chapter 10, "Working with Actions" ................................... 39-49
39.14.5.8
Error in the "Show More Columns dialog" Topic in Appendix E, "User Interface
Reference" ................................................................................................................. 39-49
39.14.6
Oracle Fusion Middleware Metadata Repository Builder's Guide for Oracle Business
Intelligence Enterprise Edition.......................................................................................... 39-50
39.14.6.1
Important Changes to Essbase Preconfiguration Instructions.......................... 39-50
39.14.6.2
Updates to Text for Consistency Check Warnings 39009 and 39059 ............... 39-51
39.14.6.3
Other Changes to List of New Consistency Check Warnings .......................... 39-51
39.14.6.4
Select the Virtual Private Database Option when Authenticating Against Essbase
or Hyperion Financial Management Using a Shared Token............................. 39-52
xlii
Manually Updating the Master MUD Repository.............................................. 39-52
Configuration Required for Client Installations of the Administration Tool to
Perform Offline Imports from Oracle OLAP and Hyperion Financial Management
Data Sources ............................................................................................................. 39-52
39.14.6.7
Database Client Installation Required for Client Installations of the Administration
Tool when Importing from Oracle Database and Oracle OLAP Sources
39-53
39.14.6.8
Initialization Block Failure at Server Start-Up Causes Connection Pool to be
Blacklisted
39-53
39.14.7
Oracle Fusion Middleware System Administrator's Guide for Oracle Business Intelligence
Enterprise Edition ............................................................................................................. 39-53
39.14.7.1
Error for Configuring the Data Source for the Full-Text Catalog Search........ 39-54
39.14.7.2
Event Polling Tables Must Be Created Using the Repository Creation
Utility (RCU)............................................................................................................ 39-54
39.14.8
Oracle Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise
Edition ............................................................................................................................... 39-54
39.14.8.1
SASchInvoke Always Prompts for the Password in 11.1.1.5 ............................ 39-54
39.14.8.2
Setup Multiple Authentication Providers............................................................ 39-54
39.14.9
Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Business
Intelligence......................................................................................................................... 39-54
39.14.10
Oracle Fusion Middleware Developer's Guide for Oracle Business Intelligence Enterprise
Edition ............................................................................................................................... 39-55
39.14.10.1
Error in the "Passing Business Intelligence Content with the Oracle BI EE
Contextual Event Action" Topic in Chapter 1, "Embedding Business Intelligence
Objects in ADF Applications" ............................................................................... 39-55
39.14.11
Oracle Fusion Middleware Integrator's Guide for Oracle Business Intelligence Enterprise
Edition ............................................................................................................................... 39-55
39.14.12
Oracle Business Intelligence Help System Errata ...................................................... 39-55
39.14.6.5
39.14.6.6
40 Oracle Business Intelligence Applications and Data Warehouse
Administration Console
40.1
Oracle Business Intelligence Applications Release Notes.................................................. 40-1
40.1.1
Oracle Business Intelligence Issues and Workarounds Identified Since the Previous
Revision.............................................................................................................................. 40-2
40.1.2
General Issues and Workarounds for Oracle Business Intelligence.......................... 40-2
40.1.2.1
About Issues For Both Oracle Fusion Transactional Business Intelligence and
Oracle Business Intelligence Applications ............................................................. 40-2
40.1.3
Installation Issues and Workarounds for Oracle Business Intelligence.................... 40-2
40.1.4
Upgrade Issues and Workarounds for Oracle Business Intelligence........................ 40-2
40.1.5
Oracle Business Intelligence Offering/Module-specific Issues ................................. 40-2
40.1.5.1
Issues for Oracle Customer Data Management Analytics Offering................... 40-3
40.1.5.2
Issues for Oracle Financial Analytics Offering...................................................... 40-3
40.1.5.3
Issues for Oracle Human Resources Analytics Offering ..................................... 40-3
40.1.5.4
Issues for Oracle Marketing Analytics Offering ................................................... 40-3
40.1.5.5
Issues for Oracle Partner Analytics Offering......................................................... 40-3
40.1.5.6
Issues for Oracle Product Information Management Analytics Offering ......... 40-3
40.1.5.7
Issues for Oracle Procurement and Spend Analytics Offering ........................... 40-4
40.1.5.8
Issues for Oracle Project Analytics Offering.......................................................... 40-4
40.1.5.9
Issues for Oracle Sales Analytics Offering ............................................................. 40-4
xliii
Issues for Oracle Supply Chain and Order Management Analytics Offering.. 40-4
Oracle Business Intelligence Configuration Manager Issues ..................................... 40-4
Security-related Issues for Oracle Business Intelligence Applications ..................... 40-4
Oracle Business Intelligence Documentation Errata ................................................... 40-4
General Oracle Business Intelligence Documentation Errata ............................. 40-4
Oracle Fusion Middleware Configuration Guide for Oracle Business Intelligence
Applications.................................................................................................................. 40-5
40.1.8.3
Oracle BI Applications Configuration Manager Help System .................................... 40-5
40.1.8.4
Oracle Fusion Middleware Reference Guide for Oracle Business Intelligence
Applications ................................................................................................................. 40-5
40.1.8.5
Oracle Business Intelligence Applications Installation Guide for Evaluation
Environments ............................................................................................................... 40-5
40.2
Oracle Business Intelligence Data Warehouse Administration Console (DAC)
Platform Release Notes ........................................................................................................... 40-5
40.2.1
DAC Issues and Workarounds Identified Since the Previous Revision................... 40-5
40.2.2
DAC General Issues and Workarounds ........................................................................ 40-5
40.2.3
DAC Installation Issues and Workarounds .................................................................. 40-6
40.2.4
DAC Upgrade Issues and Workarounds ...................................................................... 40-6
40.2.5
DAC Documentation Errata............................................................................................ 40-6
40.2.5.1
Oracle Fusion Middleware User's Guide for Oracle Business Intelligence Data Warehouse
Administration Console ............................................................................................... 40-6
40.2.5.2
DAC Client Help System............................................................................................. 40-6
40.3
Patch Requirements for Oracle Business Intelligence Applications and DAC............... 40-6
40.3.1
Obtaining Patches from My Oracle Support ................................................................ 40-6
40.3.2
Patches for Oracle Business Intelligence Applications................................................ 40-7
40.3.3
Patches for DAC................................................................................................................ 40-7
40.1.5.10
40.1.6
40.1.7
40.1.8
40.1.8.1
40.1.8.2
41 Oracle Real-Time Decisions
41.1
Oracle RTD General Issues and Workarounds.................................................................... 41-1
41.1.1
Oracle RTD Server Used for Decision Center Reports Must Have Learning Service
Running.............................................................................................................................. 41-2
41.1.2
Transient Likelihood Problems....................................................................................... 41-2
41.1.3
DC_Demo Deployment Helper Possible Errors When Changing Rule Scope ........ 41-2
41.1.4
DC_Demo Deployment Helper Name Change for SQL Server WebOffers Table . 41-2
41.1.5
Infrequent Errors When Processing Concurrent Integration Point Requests ......... 41-2
41.1.6
Save Choice IDs in Inline Services Rather Than Choices............................................ 41-3
41.1.7
Use Development Deployment State Only ................................................................... 41-3
41.1.8
Model Snapshot Values for Correlation and Predictiveness Incorrect for Completed
Time Windows .................................................................................................................. 41-3
41.1.9
Error Deploying Inline Services from Command Line if Inline Service Uses Certain
Functions............................................................................................................................ 41-3
41.1.10
Model Corruption Occurs When the Aggregate Number of Choice Events Exceeds
Maximum Range............................................................................................................... 41-3
41.2
Oracle RTD Installation Issues and Workarounds.............................................................. 41-3
41.2.1
Update Test Table Name for SQL Server Data Source rtd_datasource .................... 41-4
41.3
Oracle RTD Upgrade Issues and Workarounds.................................................................. 41-4
41.4
Oracle RTD Configuration Issues and Workarounds ........................................................ 41-4
41.4.1
Edit DB2 Setup Script for DC_Demo ............................................................................. 41-4
xliv
41.5
Oracle RTD Security Issues and Workarounds ................................................................... 41-4
41.5.1
Decision Center Logout Not Redirected Correctly for Oracle Access Manager (OAM)
11g Form-Based Authentication ..................................................................................... 41-4
41.6
Oracle RTD Administration Issues and Workarounds ...................................................... 41-5
41.6.1
Restarting Oracle RTD Deployment Causes Unexpected Behaviors ........................ 41-5
41.6.2
Oracle RTD JDBC Data Source Disruptions Cause Unexpected Behaviors............. 41-5
41.7
Oracle RTD Integration Issues and Workarounds.............................................................. 41-5
41.7.1
Java Smart Client Run Configuration Changes Required for Different Properties
Files ..................................................................................................................................... 41-5
41.8
Oracle RTD Decision Studio Issues and Workarounds...................................................... 41-6
41.8.1
Mapping Array Attributes in a Multi-Level Entity Hierarchy .................................. 41-6
41.8.2
Decision Studio Help Cannot be Opened After Particular Operation Sequence ... 41-7
41.8.3
Issues When Trying to Enable Caching for Some Entities.......................................... 41-7
41.9
Oracle RTD Decision Center Issues and Workarounds ..................................................... 41-7
41.10 Oracle RTD Performance Monitoring Issues and Workarounds...................................... 41-7
41.10.1
Access Performance Counts Directly from ds_perf.csv .............................................. 41-7
41.11 Oracle RTD Externalized Objects Management Issues and Workarounds..................... 41-7
41.12 Oracle RTD Localization Issues and Workarounds............................................................ 41-7
41.13 Oracle RTD Documentation Errata ....................................................................................... 41-8
41.13.1
Oracle Fusion Middleware Administrator's Guide for Oracle Real-Time Decisions......... 41-8
41.13.1.1
CSV File Contents...................................................................................................... 41-8
41.13.1.2
XLS File Contents ...................................................................................................... 41-8
41.13.2
Oracle Fusion Middleware Platform Developer's Guide for Oracle Real-Time Decisions 41-8
41.13.2.1
External Rules Development Helper Mismatch between Code and Manual
Description ................................................................................................................. 41-9
41.14 Oracle RTD Third-Party Software Information................................................................... 41-9
41.14.1
Displaytag Download Location...................................................................................... 41-9
xlv
xlvi
Preface
This preface includes the following sections:
■
Audience
■
Documentation Accessibility
■
Related Documents
■
Conventions
Audience
This document is intended for users of Oracle Fusion Middleware 11g.
Documentation Accessibility
For information about Oracle's commitment to accessibility, visit the Oracle
Accessibility Program website at
http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.
Access to Oracle Support
Oracle customers have access to electronic support through My Oracle Support. For
information, visit
http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit
http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are
hearing impaired.
Related Documents
For more information, see these Oracle resources:
■
Oracle Fusion Middleware Documentation on Oracle Fusion Middleware Disk 1
■
Oracle Fusion Middleware Documentation Library 11g Release 1 (11.1.1)
■
Oracle Technology Network at
http://www.oracle.com/technetwork/index.html.
Conventions
The following text conventions are used in this document:
xlvii
xlviii
Convention
Meaning
boldface
Boldface type indicates graphical user interface elements associated
with an action, or terms defined in text or the glossary.
italic
Italic type indicates book titles, emphasis, or placeholder variables for
which you supply particular values.
monospace
Monospace type indicates commands within a paragraph, URLs, code
in examples, text that appears on the screen, or text that you enter.
Part I
Part I
Oracle Fusion Middleware
Part I contains the following chapters:
■
Chapter 1, "Introduction"
■
Chapter 2, "Installation, Patching, and Configuration"
■
Chapter 3, "Upgrade"
■
Chapter 4, "Oracle Fusion Middleware Administration"
■
Chapter 5, "Oracle Enterprise Manager Fusion Middleware Control"
■
Chapter 6, "Oracle Fusion Middleware High Availability and Enterprise
Deployment"
1
1
Introduction
This chapter introduces Oracle Fusion Middleware Release Notes, 11g Release 1
(11.1.1). It includes the following topics:
■
Section 1.1, "Latest Release Information"
■
Section 1.2, "Purpose of this Document"
■
Section 1.3, "System Requirements and Specifications"
■
Section 1.4, "Memory Requirements"
■
Section 1.5, "Certification Information"
■
Section 1.6, "Downloading and Applying Required Patches"
■
Section 1.7, "Licensing Information"
1.1 Latest Release Information
This document is accurate at the time of publication. Oracle will update the release
notes periodically after the software release. You can access the latest information and
additions to these release notes on the Oracle Technology Network at:
http://www.oracle.com/technetwork/indexes/documentation/index.ht
ml
1.2 Purpose of this Document
This document contains the release information for Oracle Fusion Middleware 11g
Release 1 (11.1.1). It describes differences between Oracle Fusion Middleware and its
documented functionality.
Oracle recommends you review its contents before installing, or working with the
product.
1.3 System Requirements and Specifications
Oracle Fusion Middleware installation and configuration will not complete
successfully unless users meet the hardware and software pre-requisite requirements
before installation.
For more information, see "Review System Requirements and Specifications" in the
Oracle Fusion Middleware Installation Planning Guide
Introduction 1-1
Memory Requirements
1.4 Memory Requirements
Oracle Fusion Middleware memory requirements for installation, configuration, and
runtime are as follows:
1.
Without a Database on the same server: Minimum 4 GB physical memory and 4
GB swap.
2.
With a Database on the same server: Minimum 6 GB physical memory and 6 GB
swap.
Note: These minimum memory values are with the assumption that
no user or operating system process is consuming any unusually high
amount of memory. If such a condition exists, corresponding amount
of additional physical memory will be required.
1.5 Certification Information
This section contains the following:
■
Section 1.5.1, "Where to Find Oracle Fusion Middleware Certification Information"
■
Section 1.5.2, "Certification Exceptions"
■
Section 1.5.3, "Upgrading Sun JDK From 1.6.0_07 to 1.6.0_11"
■
Section 1.5.4, "JMSDELIVERYCOUNT Is Not Set Properly"
■
Section 1.5.5, "Viewer Plugin Required On Safari 4 To View Raw XML Source"
1.5.1 Where to Find Oracle Fusion Middleware Certification Information
The latest certification information for Oracle Fusion Middleware 11g Release 1
(11.1.1) is available at the Oracle Fusion Middleware Supported System
Configurations Central Hub:
http://www.oracle.com/technetwork/middleware/ias/downloads/fusio
n-certification-100350.html
1.5.2 Certification Exceptions
This section describes known issues (exceptions) and their workarounds that are
associated with Oracle Fusion Middleware 11g certifications. For a list of known issues
that are associated with specific Oracle Fusion Middleware 11g Release 1 (11.1.1)
components, see the Release Notes for the specific Oracle Fusion Middleware 11g
Release 1 (11.1.1) component.
This section contains the following topics:
■
■
■
■
Section 1.5.2.1, "Certification Information for Oracle Fusion Middleware 11g R1
with Oracle Database 11.2.0.1"
Section 1.5.2.2, "Restrictions on Specific Browsers"
Section 1.5.2.3, "Process to Install and Configure WebCenter With 32-bit JDK on
Supported 64-Bit Platform"
Section 1.5.2.4, "Support for GridLink Data Sources in Oracle Fusion Middleware
11g"
1-2 Oracle Fusion Middleware Release Notes
Certification Information
1.5.2.1 Certification Information for Oracle Fusion Middleware 11g R1 with Oracle
Database 11.2.0.1
If you choose to configure Oracle Internet Directory with Database vault, do the
following:
1.
Apply patch 8897382 to fix bug 8897382.
the following workaround is required only if the Oracle
Fusion Middleware version is 11.1.1.1.0 (11gR1). This issue will be
fixed in 11.1.1.2.0.
Note:
2.
Apply the workaround for bug 8987186 by editing
<OH>/ldap/datasecurity/dbv_oid_command_rules.sql file and find the
following declaration:
/declare
begin
dvsys.dbms_macadm.CREATE_COMMAND_RULE(
command => 'CONNECT'
,rule_set_name => 'OID App Access'
,object_owner => 'ODS'
,object_name => '%'
,enabled => 'Y');
commit;
end;/
and change the line that is indicated in bold:
/declare
begin
dvsys.dbms_macadm.CREATE_COMMAND_RULE(
command => 'CONNECT'
,rule_set_name => 'OID App Access'
,object_owner => '%'
,object_name => '%'
,enabled => 'Y');
commit;
end;/
1.5.2.2 Restrictions on Specific Browsers
1.5.2.2.1 Java Plugin for Discoverer Plus Not Downloaded Automatically on Firefox When you
attempt to connect to Discoverer Plus by using the Mozilla Firefox browser on a
computer that does not have Java 1.6 installed, Firefox does not download the JRE 1.6
plug-in automatically. Instead, Firefox displays the following message: "Additional
plugins are required to display this page..."
The workaround is to download the JRE 1.6 plug-in by clicking the Install Missing
Plugin link to install it manually.
1.5.2.3 Process to Install and Configure WebCenter With 32-bit JDK on Supported
64-Bit Platform
For WebCenter 11g Release 1, the following platform has been verified with 32-bit
JDK:
HP Itanium and HP PA-RISC:
Introduction 1-3
Certification Information
32-bit HP JDK 1.6.0.02+
To install and configure WebLogic Server with 32-bit JDK perform the following steps:
1.
Install the supported 32-bit JDK
2.
Export the 32-bit JDK environment. For example:
export JAVA_HOME=/scratch/aime/jdk1.6.0_11
export PATH=/scratch/aime/jdk1.6.0_11/bin:$PATH
3.
Run the WebLogic Server generic installer to install WebLogic Server with 32-bit
JDK:
java -jar
4.
wls1031_generic.jar
Install WebCenter with the required 64-bit JDK. Unzip the shiphome and go to
Disk1, then invoke runInstaller command with -jreLoc pointing to the 64-bit
JDK. For example:
./runInstaller -jreLoc /scratch/aime/jdk1.6.0_11/jre
5.
Run the configuration script to create the WebCenter Domain:
$ORACLE_HOME/common/bin/config.sh
6.
Provide the 32-bit JDK location while running the configuration script. After the
domain is configured with 32-bit JDK, no further updates are required.
1.5.2.4 Support for GridLink Data Sources in Oracle Fusion Middleware 11g
Active GridLink for Oracle RAC allows you to create GridLink data sources. GridLink
data sources provide connectivity between Oracle WebLogic Server and an Oracle
Database service targeted to an Oracle RAC cluster. You can also use GridLink data
sources when configuring Oracle Exalogic with an Oracle RAC cluster.
However, GridLink data sources are currently supported for use only with custom
Java EE applications running on Oracle WebLogic Server and Oracle Exalogic. They
are not supported for use with the other Oracle Fusion Middleware products, such as
Oracle SOA Suite, Oracle WebCenter, and Oracle Enterprise Content Management. For
products other than Oracle WebLogic Server and Oracle Exalogic, Oracle recommends
using JDBC Multi Data Sources to connect to an Oracle RAC service.
For more information about using GridLink data sources, see "Using Grid Link Data
Sources" in Configuring and Managing JDBC Data Sources for Oracle WebLogic.
1.5.3 Upgrading Sun JDK From 1.6.0_07 to 1.6.0_11
For information, see "Section 2.1.5.2, "Upgrading Sun JDK in the Oracle Home
Directory."
1.5.4 JMSDELIVERYCOUNT Is Not Set Properly
When using AQ JMS with Oracle Database 11.2.0.1, JMXDELIVERYCOUNT is not set
correctly.
The workaround is to apply patch 9932143 to Oracle Database 11.2.0.1. For more
information, contact Oracle Support.
1-4 Oracle Fusion Middleware Release Notes
Licensing Information
1.5.5 Viewer Plugin Required On Safari 4 To View Raw XML Source
You need a Safari plugin to view raw XML. If there is no plugin installed, you will see
unformatted XML which will be difficult to read. This is because Safari applies a
default stylesheet, which only displays the text nodes in the XML document.
As a workaround, go to View > View Source in the Safari menu bar to see the full
XML of the metadata document. Also, selecting File > Save and choosing XML Files
as the file type, will correctly save the XML metadata file with all the markup intact.
1.6 Downloading and Applying Required Patches
After you install and configure Oracle Fusion Middleware 11g Release 1 (11.1.1.4.0),
there might be cases where additional patches are required to address specific known
issues.
Patches for Oracle Fusion Middleware 11g are available from My Oracle Support:
https://myoraclesupport.com/
Table 1–1 lists some of the specific Oracle Fusion Middleware patches that were
available at the time these release notes were published.
For additional patching information, see Section 3.1.1, "Patches Required to Address
Specific Upgrade and Compatibility Requirements".
Table 1–1
Patches Required to Fix Specific Issues with Oracle Fusion Middleware 11g
Oracle Fusion Middleware
Product or Component
Bug/Patch
Number
Oracle SOA Suite - Oracle
BPM Worklist application
9901600
Unless you apply this patch, errors appear in
the log files when you access the Event Driven
page in the Oracle Business Process
Management Worklist application.
Oracle XDK for Java
10337609
This patch fixes the following issue.
Description
If you use the XSU utility to insert some data
into the database, and the database connection
had the connection property called
oracle.jdbc.J2EE13Compliant set to
"true", and the target column was some kind of
numeric column, then it is possible for the
insert to fail with a the following error:
java.lang.NumberFormatException
1.7 Licensing Information
Licensing information for Oracle Fusion Middleware is available at:
http://oraclestore.oracle.com
Detailed information regarding license compliance for Oracle Fusion Middleware is
available at:
http://www.oracle.com/technetwork/middleware/ias/overview/index.
html
Introduction 1-5
Licensing Information
1-6 Oracle Fusion Middleware Release Notes
2
Installation, Patching, and Configuration
2
This chapter describes issues associated with Oracle Fusion Middleware installation,
patching, and configuration. It includes the following topics:
■
Section 2.1, "Installation Issues and Workarounds"
■
Section 2.2, "Patching Issues and Workarounds"
■
Section 2.3, "Configuration Issues and Workarounds"
■
Section 2.4, "Known Issues"
■
Section 2.5, "Documentation Errata"
This chapter contains issues you might encounter while
installing, patching, or configuring any of the Oracle Fusion
Middleware products.
Note:
Be sure to review the product-specific release note chapters elsewhere
in this document for any additional issues specific to the products you
are using.
2.1 Installation Issues and Workarounds
This section describes installation issue and workarounds. It includes the following
topics:
■
Section 2.1.1, "Oracle SOA Suite Installation Issues"
■
Section 2.1.2, "Oracle Portal, Forms, Reports and Discoverer Installation Issues"
■
Section 2.1.3, "Oracle Web Tier Installation Issues"
■
Section 2.1.4, "Oracle Identity Management Installation Issues"
■
Section 2.1.5, "JDK and JRE Installation Issues"
■
Section 2.1.6, "Oracle Universal Installer Issues"
■
Section 2.1.7, "Database and Schema Installation Issues"
■
Section 2.1.8, "Error Messages and Exceptions Seen During Installation"
■
Section 2.1.9, "Deinstallation Issues"
■
■
Section 2.1.10, "Installing Oracle Service Registry in the Same Domain as Oracle
SOA Suite"
Section 2.1.11, "Problems Installing in Thai and Turkish Locales"
Installation, Patching, and Configuration
2-1
Installation Issues and Workarounds
■
Section 2.1.12, "Enterprise Manager Configuration Fails with Timezone Error
Message"
2.1.1 Oracle SOA Suite Installation Issues
This section contains installation issues pertaining to Oracle SOA Suite:
■
■
Section 2.1.1.1, "Installing Oracle SOA Suite on a Dual Stack Host with IPv4"
Section 2.1.1.2, "Installing Oracle SOA Suite Release 11.1.1.3.0 in a Turkish
Environment"
2.1.1.1 Installing Oracle SOA Suite on a Dual Stack Host with IPv4
If you install Oracle SOA Suite on a dual stack host and the SOA front end URL is only
set to IPv4, Oracle BPM Worklist or asynchronous callbacks from IPv6-only clients
may have problems resolving IPv4 callback URLs (and vice-versa).
The work around is to use either a split Domain Name System (DNS) or another
forward proxy configuration. This enables the IPv6-only client to connect to a dual
stack box through its IPv6 interface.
2.1.1.2 Installing Oracle SOA Suite Release 11.1.1.3.0 in a Turkish Environment
If you are installing Oracle SOA Suite Release 11.1.1.3.0 in a Turkish environment,
there will be some functionality loss for Oracle Enterprise Manager Fusion
Middleware Control.
There is no work around for this issue. Oracle recommends that you avoid installing in
a Turkish environment and install in an English environment instead.
2.1.2 Oracle Portal, Forms, Reports and Discoverer Installation Issues
This section contains installation issues pertaining to Oracle Portal, Reports, Forms
and Discoverer:
■
Section 2.1.2.1, "Prerequisite Warnings During Installation"
2.1.2.1 Prerequisite Warnings During Installation
Vendor release updates cummulative patches and/or packages that may superseed
our listed Oracle Fusion Middleware 11g Release 1 prerequisites for platforms. As
long as vendor approved patches and/or packages are installed, the prerequisite
warnings could be ignored and the installation completed.
Another option is to use -ignoreSysPreReqs command line additional argument to
the runInstaller as:
$
Mount_Point/runInstaller -ignoreSysPreReqs other required install options
2.1.3 Oracle Web Tier Installation Issues
This section contains installation issues pertaining to Oracle Web Tier:
■
■
■
Section 2.1.3.1, "Oracle SOA Suite and Oracle Application Developer Must Be
Installed Before Oracle Web Tier"
Section 2.1.3.2, "Oracle Web Tier Silent Install Requires Oracle Web Cache
Component Name"
Section 2.1.3.3, "Oracle Web Tier Sample Response File is Missing the
MIDDLEWARE_HOME Entry"
2-2 Oracle Fusion Middleware Release Notes
Installation Issues and Workarounds
■
Section 2.1.3.4, "Ignore Error Message CheckPatchApplicableOnCurrentPlatform
Failed"
2.1.3.1 Oracle SOA Suite and Oracle Application Developer Must Be Installed
Before Oracle Web Tier
To ensure that the oracle_common/soa/modules/commons-cli-1.1.jar (on
UNIX operating systems) or oracle_
common\soa\modules\commons-cli-1.1.jar (on Windows operating systems)
file is installed properly, if you plan to associate Oracle Web Tier with an existing
domain, you must install Oracle Web Tier after all other products are installed.
2.1.3.2 Oracle Web Tier Silent Install Requires Oracle Web Cache Component
Name
If you are performing a silent Oracle Web Tier installation for Oracle HTTP Server, an
Oracle Web Cache component name (WEBCACHE_COMPONENT_NAME parameter) must
also be mentioned in the response file, even though Oracle Web Cache is not required
for Oracle HTTP Server installation. Even though both component names are
provided, as long as CONFIGURE_WEBCACHE is set to false then only Oracle HTTP
Server will be installed and configured.
There is no work around for this issue.
2.1.3.3 Oracle Web Tier Sample Response File is Missing the MIDDLEWARE_HOME
Entry
When installing Oracle Web Tier, the sample response files that are provided in the
Disk1/stage/Response (on UNIX operating systems) or
Disk1\stage\Response (on Windows operating systems) directories are missing
an entry for specifying the Middleware home directory.
If you plan on using these response files for silent installation, you must add the
MIDDLEWARE_HOME entry to the file. For example:
MIDDLEWARE_HOME=/home/Oracle/Middleware
2.1.3.4 Ignore Error Message CheckPatchApplicableOnCurrentPlatform Failed
On applying OPatch during Web Tier installation, the following error messages are
seen in OraInventory log file:
Prerequisite check "CheckPatchApplicableOnCurrentPlatform" failed.
OPatch failed with error code 74
This error occurs as HP-UX PA-RISC and HP-UX Itanium patches are available in the
same folder, and the OPatch executes all the patches in that folder to overcome a bug
that returns the platform name.
The workaround is to ignore the error messages.
2.1.4 Oracle Identity Management Installation Issues
This section contains installation issues pertaining to Oracle Identity Management:
■
■
Section 2.1.4.2, "WebLogic Administration Server Must Be Running When
Extending Oracle Identity Management Domains"
Section 2.1.4.5, "Do Not Install Patch 9824531 During the Setup of OIM and OAM
Integration"
Installation, Patching, and Configuration
2-3
Installation Issues and Workarounds
■
■
■
Section 2.1.4.6, "JDK Installed in ORACLE_COMMON During WebTier and IDM
Installation"
Section 2.1.4.7, "Welcome Screen of Oracle Entitlements Server Installer Not
Translated"
Section 2.1.4.8, "Additional Information When Using a Java Security Module with
Oracle Entitlements Server"
2.1.4.1 "Null" Dialog Box Appears When Installing Oracle Identity Management to
FAT32 File System on Windows
Included per bug 9104511.
If you install the Oracle Home directory to a File Allocation Table 32 (FAT32) file
system during Oracle Identity Management installation, a pop-up dialog box
containing the following text appears on the Specify Installation Location screen:
null
null
null
The following is the dialog box text that is hidden by the erroneous "null null null"
message:
The Windows FAT file system allows any user to create, modify and delete all files
on the file system. Oracle recommends use of NTFS on windows operating systems
because it preserves permission restrictions on files. Do you want to Continue?
To work around this issue, click Yes on the dialog box to continue the installation, or
click No to cancel the installation.
2.1.4.2 WebLogic Administration Server Must Be Running When Extending Oracle
Identity Management Domains
Included per bug 9051784.
When you install Oracle Identity Management, you have several options for choosing
how the Oracle Identity Management components are installed in relation to an Oracle
WebLogic Server administration domain. If you select the Extend Existing Domain
option on the installer's Select Domain screen, Oracle Identity Management
components are installed in an existing Oracle WebLogic Server administration
domain.
To install Oracle Identity Management components in an existing administration
domain using the Extend Existing Domain option, the Oracle WebLogic
Administration Server instance must be running.
2.1.4.3 Ignore Syntax Error Message While Installing Classic, IDM, and WebTier
Shiphomes
Included per bug 9116464
While starting the installation of Classic, Oracle Identity Management (IDM), or
WebTier shiphomes, the following syntax error may be seen:
Please wait ..../runInstaller: syntax error at line 299: `count1=$' unexpected
2-4 Oracle Fusion Middleware Release Notes
Installation Issues and Workarounds
This syntax error message can be safely ignored as this issue is seen on a few Solaris
systems and the installation completes with no functionality impact.
2.1.4.4 Commands for Determining if Shared GCC Libraries for 11g WebGate Are
Correct Versions
The Oracle Access Manager 11g WebGates require operating system-specific GCC
libraries on Linux and Solaris platforms. During the installation process of the 11g
Webgates, the installer will verify the required GCC library versions. To verify that
you have the correct GCC library versions before installation, run the following
commands on your respective operating system. The output of each command should
be greater than zero. If the output of any command is zero, install the correct GCC
libraries as outlined in Oracle Fusion Middleware Installation Guide for Oracle
Identity Management (Chapter 23 Installing and Configuring Oracle HTTP Server 11g
Webgate for OAM).
In Linux32/i386 environments:
1.
strings -a libgcc_s.so.1 | grep -c "GCC_3.0"
2.
strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c
"GCC_3.3"
3.
file libgcc_s.so.1 | grep "32-bit" | grep -c "80386"
4.
file libstdc++.so.5 | grep "32-bit" | grep -c "80386"
In Linux64/x86-64 environments:
1.
strings -a libgcc_s.so.1 | grep -c "GCC_3.0"
2.
strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c
"GCC_3.3"
3.
strings -a libgcc_s.so.1 | grep -c "GCC_4.2.0"
4.
file libgcc_s.so.1 | grep "64-bit" | grep -c "x86-64"
5.
file libstdc++.so.6 | grep "64-bit" | grep -c "x86-64"
In Solaris64/SPARC environments:
1.
strings -a libgcc_s.so.1 | grep -c "GCC_3.0"
2.
strings -a libgcc_s.so.1 | grep -v "GCC_3.3.1" | grep -c
"GCC_3.3"
3.
file libgcc_s.so.1 | grep "64-bit" | grep -c "SPARC"
4.
file libgcc_s.so.1 | grep "64-bit" | grep -c "x86-64"
5.
file libstdc++.so.5 | grep "64-bit" | grep -c "SPARC"
2.1.4.5 Do Not Install Patch 9824531 During the Setup of OIM and OAM Integration
In the Oracle Fusion Middleware Installation Guide for Oracle Identity Management, Step 10
in the section titled "Setting Up Integration Between OIM and OAM Using the Domain
Agent" instructs users about installing Patch 9824531.
Do not install this patch.
Installation, Patching, and Configuration
2-5
Installation Issues and Workarounds
Note that you must download and install the following patches instead of Patch
9824531:
■
Patch 9674375
■
Patch 9817469
■
Patch 9882205
You can download these patches from My Oracle Support.
2.1.4.6 JDK Installed in ORACLE_COMMON During WebTier and IDM Installation
Included per bug 11074455
In 11.1.1.2 release, while installing WebTier or IDM on Linux x86-64, AIX and HP-UX
platforms, JDK gets installed in both ORACLE_HOME and ORACLE_COMMON. JDK
version installed in ORACLE_COMMON is lower in version than that of ORACLE_HOME.
Hence should not be used. PS3 patching fails to resolve the JDK issue. However, this
issue does not affect the successful installation of Webtier or IDM.
To work around this issue, use the JDK in ORACLE_HOME and avoid using the JDK
installed in ORACLE_COMMON.
2.1.4.7 Welcome Screen of Oracle Entitlements Server Installer Not Translated
Bug 12387240 - note entered by Peter LaQuerre for 11.1.1.5.0
When you are installing Oracle Entitlements Server in a non-English environment, the
text on the Welcome screen does not appear in the selected language. This is a known
problem that will be addressed in a future release.
2.1.4.8 Additional Information When Using a Java Security Module with Oracle
Entitlements Server
Email thread from writer, Michael Teger; dev contact is Sirish Vepa.
The section, "Using the Java Security Module" in the Oracle Fusion Middleware
Installation Guide for Oracle Identity Management, describes how to configure and use a
Java security module with Oracle Entitlements Server.
In addition to the information provided in the installation guide, consider the
following additional information when configuring the security module:
When a Security Module is configured as a proxy client, set the
authentic.identity.cache.enabled system property to true. The configuration
is based on the type of Security Module being used and is done for the JVM in which
the Web Services or RMI Security Module remote proxy is executing.
Specifically:
■
■
If the Security Module is a WebLogic Server Security Module, the system property
-Dauthentic.identity.cache.enabled=true should be appended to the
JAVA_OPTIONS environment variable in the setDomainEnv.sh script on Unix or
the setDomainEnv.cmd script on Windows.
If the Security Module is a Java Security Module, the system property
-Dauthentic.identity.cache.enabled=true should be added to the
program being protected by the Java Security Module.
2-6 Oracle Fusion Middleware Release Notes
Installation Issues and Workarounds
2.1.5 JDK and JRE Installation Issues
This section contains installation issues pertaining to JDKs and JREs during
installation:
■
Section 2.1.5.1, "Specifying the JRE Location if Installing with Automatic Updates"
■
Section 2.1.5.2, "Upgrading Sun JDK in the Oracle Home Directory"
■
Section 2.1.5.3, "Installation Fails on 64-bit Operating Systems with 32-bit JDKs"
■
Section 2.1.5.4, "Out of Memory Errors When Using JDK 6 Update 23"
2.1.5.1 Specifying the JRE Location if Installing with Automatic Updates
If you are installing one of the following Oracle Fusion Middleware products:
■
Oracle SOA Suite
■
Oracle WebCenter
■
Oracle Service Bus
■
Oracle Enterprise Content Management Suite
■
Oracle Data Integrator
■
Oracle Identity and Access Management
And you will choose to configure automatic updates on the Install Software Updates
screen by selecting Download and install updates from My Oracle Support you must
specify the location of a JRE on your system by using the -jreLoc parameter from the
command line when you start the installer.
If you do not use the -jreLoc parameter and instead wait for the installer to prompt
you for a JRE location, an exception will be seen during the installation.
2.1.5.2 Upgrading Sun JDK in the Oracle Home Directory
Certain installations, including Oracle Identity Management, Oracle Portal, Forms,
Reports and Discoverer, and Oracle Web Tier will install Sun JDK version 1.6.0_07 in
the Oracle home directory. This version of the Sun JDK may be lower in version than
what is specified in the Oracle Fusion Middleware Certification Document:
http://www.oracle.com/technology/software/products/ias/files/fusion_
certification.html
This JDK is used internally and should not be used to deploy Oracle SOA, Oracle
WebCenter, or any custom J2EE applications.
If you want a single JDK version deployed for all types of applications, you can
upgrade Sun JDK 1.6.0_07 to Sun JDK 1.6.0_11 or higher as specified in the Oracle
Fusion Middleware Certification document using the following steps:
1.
Shut down all processes.
2.
Back up your existing JDK (for example, Sun JDK 1.6.0_07).
3.
Install the new JDK (for example, Sun JDK 1.6.0_11) in the same location as your
existing JDK.
4.
Restart all processes.
If you are installing Oracle SOA Suite, Oracle WebCenter, or Application Developer on
a 64-bit platform with a 32-bit JDK, you must run the installer by specifying the JRE
location at the command line, as shown below:
Installation, Patching, and Configuration
2-7
Installation Issues and Workarounds
On UNIX operating systems:
> ./runInstaller -jreLoc JRE_LOCATION
On Windows operating systems:
D:\ setup.exe -jreLoc JRE_LOCATION
Specify the absolute path to your JRE_LOCATION; relative
paths are not supported.
Note:
2.1.5.3 Installation Fails on 64-bit Operating Systems with 32-bit JDKs
To work around this issue:
Append -jreLoc and the 32-bit JDK path to the install command.
In UNIX/Linux environments:
INSTALL_PATH/runInstaller -jreLoc 32BIT_JAVA_HOME
In Windows environments:
INSTALL_PATH\setup.exe -jreLoc 32BIT_JAVA_HOME
2.1.5.4 Out of Memory Errors When Using JDK 6 Update 23
If you are experiencing out-of-memory errors when using JDK 6 Update 23, consider
the following.
In JDK 6 Update 23, the escape analysis feature was enabled by default. Escape
analysis is used when optimizing the code run inside the JVM. Due to a bug in escape
analysis the memory footprint increased which could lead to OutOfMemoryErrors
being thrown when the application runs out of memory.
The workaround for this issue is to add the following JVM argument when you start
your application:
-XX:-DoEscapeAnalysis
A fix for this issue is being prepared and will be rolled into the next scheduled regular
update release of the Oracle JDK.
You can identify JDK 6 Update 23 by using the java -version command, as
follows:
java -version
java version "1.6.0_24"
Java(TM) SE Runtime Environment (build 1.6.0_24-b50)
Java HotSpot(TM) Server VM (build 19.1-b02, mixed mode)
2.1.6 Oracle Universal Installer Issues
This section contains installation issues pertaining to the product installers:
■
■
Section 2.1.6.1, "Installer is Checking for the Wrong System Patches on Solaris
x86-64"
Section 2.1.6.2, "Entering the Administrator Password for a Simple Oracle Business
Intelligence Installation on Linux Operating Systems"
2-8 Oracle Fusion Middleware Release Notes
Installation Issues and Workarounds
2.1.6.1 Installer is Checking for the Wrong System Patches on Solaris x86-64
The installer for Fusion Middleware products is looking for following operating
system patches on Solaris x86-64 operating systems:
■
127111-02
■
137111-04
These are incorrect; the correct operating system patches required for Solaris x86-64
operating systems are:
■
127112
■
137112
More information about these patches can be found in notes 1000642.1 and 1019395.1
on My Oracle Support.
2.1.6.2 Entering the Administrator Password for a Simple Oracle Business
Intelligence Installation on Linux Operating Systems
If you are installing Oracle Business Intelligence on a Linux operating system, and you
select Simple Install on the Select Installation Type screen, the "Password" field is
inactive when you navigate to the Administrator Details screen.
To work around this issue, right-click on the "Password" field and select Paste. The
"Password" field becomes active and you can enter an Administrator password.
2.1.7 Database and Schema Installation Issues
This section contains installation issues pertaining to databases and schemas:
■
Section 2.1.7.1, "Setting the nls_length_semantics Parameter in your Database"
■
Section 2.1.7.2, "Installing the SOAINFRA Schema with DBA Permissions"
■
Section 2.1.7.3, "Database Connection Failure During Schema Creation When
Installing Oracle Internet Directory"
2.1.7.1 Setting the nls_length_semantics Parameter in your Database
Oracle Fusion Middleware only supports schemas in a byte-mode database. The nls_
length_semantics initialization parameter on the database where the schemas
reside must be set to BYTE; setting this parameter to CHAR is not supported.
To check the values of this parameter using SQL*Plus, you can use the show
parameters command:
prompt> sqlplus "sys/password as sysdba"SQL> show parameters nls_length_semantics
Replace password with the actual password for the SYS user.
Alternatively, you can check the values by querying the V$PARAMETER view:
prompt> sqlplus "sys/password as sysdba"SQL> select name,value from v$parameter;
2.1.7.2 Installing the SOAINFRA Schema with DBA Permissions
If you need to install the SOAINFRA schema and you are using a user with only DBA
permissions, run the following commands on your database prior to running RCU:
GRANT ALL ON dbms_aqadm TO user WITH GRANT OPTION;
GRANT ALL ON dbms_aq TO user WITH GRANT OPTION;
Installation, Patching, and Configuration
2-9
Installation Issues and Workarounds
Replace user in the command with the name of your database user.
2.1.7.3 Database Connection Failure During Schema Creation When Installing
Oracle Internet Directory
If the installation of Oracle Internet Directory fails due to timeout or connection failure
when connecting to a database for schema creation, you can try to reset the timeout
parameter in the rcu.properties file. This file is located in the IDM_
Home/rcu/config directory on UNIX operating systems. On Windows operating
systems, this file is located in the IDM_Home\rcu\config directory.
Open the rcu.properties file in a text editor, search for the property JDBC_
LOGIN_TIMEOUT, and set its value to 30.
2.1.8 Error Messages and Exceptions Seen During Installation
This section contains installation issues pertaining to error messages and exceptions
seen during installation:
■
■
Section 2.1.8.1, "JRF Startup Class Exceptions May Appear in Oracle WebLogic
Managed Server Logs After Extending Oracle Identity Management Domain"
Section 2.1.8.2, "Sun JDK and Oracle Configuration Manager Failures in the
Installation Log File"
2.1.8.1 JRF Startup Class Exceptions May Appear in Oracle WebLogic Managed
Server Logs After Extending Oracle Identity Management Domain
After extending an Oracle Identity Management domain, you may see exception
messages related to JRF Startup Class in the managed server log files. For example:
Failed to invoke startup class "JRF Startup Class",
oracle.jrf.PortabilityLayerException: Fail to retrieve the property for the Common
Components Home.
oracle.jrf.PortabilityLayerException: Fail to retrieve the property for the Common
Components Home.
You can safely ignore these exception messages—there is no loss in functionality.
2.1.8.2 Sun JDK and Oracle Configuration Manager Failures in the Installation Log
File
Upon completing of an Oracle Web Tier, Oracle Identity Management, or Oracle
Portal, Forms, Reports and Discoverer installation, the following errors may be seen in
the installtime_and_date.log file:
[2009-11-04T21:15:13.959-06:00] [OUI] [NOTIFICATION] [] [OUI] [tid: 16]
[ecid: 0000IJ2LeAeFs1ALJa5Eif1Aw^9l000007,0] OUI-10080:The pre-requisite for
the component Sun JDK 1.6.0.14.08 has failed.
[2009-11-04T21:15:13.960-06:00] [OUI] [NOTIFICATION] [] [OUI] [tid: 16]
[ecid: 0000IJ2LeAeFs1ALJa5Eif1Aw^9l000007,0] OUI-10080:The pre-requisite for
the component Oracle Configuration Manager 10.3.1.2.0 has failed.
These messages occur because the Sun JDK and Oracle Configuration Manager are not
installed in the oracle_common directory. You can safely ignore these messages.
2.1.9 Deinstallation Issues
This section contains issues pertaining to product deinstallation:
2-10 Oracle Fusion Middleware Release Notes
Installation Issues and Workarounds
■
■
Section 2.1.9.1, "Proper Deinstallation for Reinstallation in the Event of a Failed
Installation"
Section 2.1.9.2, "Deinstallation Does Not Remove WebLogic Domains"
2.1.9.1 Proper Deinstallation for Reinstallation in the Event of a Failed Installation
In the event that an installation fails, and you want to deinstall the failed installation
and then reinstall the software to the same location, you must do the following:
1.
Make sure that all the managed servers in the failed installation are shut down.
You must verify this in the Administration Console; the word "SHUTDOWN"
must appear next to the managed server name.
2.
Deinstall the binaries in the Oracle home directory using the deinstaller in the
ORACLE_HOME/oui/bin directory.
3.
Delete all the managed servers from the failed installation in the config.xml file
by using the Administration Console or WLST.
4.
Delete all directories in the DOMAIN_HOME/servers directory:
This procedure will enable you to reinstall the software to the same location, using the
same managed server names.
2.1.9.2 Deinstallation Does Not Remove WebLogic Domains
There may be certain scenarios where you will need to remove WebLogic Domains
that you have created. The Oracle Universal Installer is used to remove Oracle
Instances and Oracle home directories only; it does not remove WebLogic Domains.
If you need to remove a WebLogic Domain, you must do so manually. Please refer to
your Oracle WebLogic Server documentation for more information.
2.1.10 Installing Oracle Service Registry in the Same Domain as Oracle SOA Suite
When installing Oracle Service Registry 11g in the same Weblogic Domain as Oracle
SOA Suite 11g Release 11.1.1.2.0 or Release 11.1.1.3.0, you may see the following error
message on the WebLogic Server console when Oracle Service Registry is starting up:
java.lang.LinkageError: loader constraint violation in interface itable
initialization:....
To work around this issue:
1.
Make sure Oracle Service Registry is installed on a different Managed Server from
Oracle SOA Suite.
2.
Download patch 9499508 and follow the instructions in the README file included
with the patch:
a.
Go to My Oracle Support.
http://support.oracle.com
3.
b.
Click on the Patches & Updates tab.
c.
In the Patch Search area, search for patch 9499508.
d.
Download the patch.
Edit the setDomainEnv.sh file and, for Oracle Service Registry Server, remove
fabric.jar from classpath:
if [ "${SERVER_NAME}" != "osr_server1" ] ; then
Installation, Patching, and Configuration 2-11
Installation Issues and Workarounds
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.fabric_
11.1.1/oracle.soa.fabric.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
else
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
fi
When installing Oracle Service Registry 11g in the same Weblogic Domain as Oracle
SOA Suite 11g Release 11.1.1.3.0, you may see the following error message when
accessing the Oracle Service Registry console:
ClassCastException
java.lang.ClassCastException:org.systinet.uddi.client.serialization.UDDIFaultSeria
lizer
To work around this error, edit the setDomainEnv.sh file and remove
oracle.soa.fabric.jar from the classpath when running the Oracle Service
Registry Managed Server. To do this:
1.
Make a backup of the MW_HOME/user_projects/domains/soa_domain_
name/bin/setDomainEnv.sh file.
2.
Edit the setDomainEnv.sh file and replace the following line:
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.fabric_
11.1.1/oracle.soa.fabric.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
with the following:
if [ "${SERVER_NAME}" != "<your_osr_server_name>" ] ;
then
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.fabric_
11.1.1/oracle.soa.fabric.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
else
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
fi
3.
Restart the Oracle Service Registry Managed Server.
2-12 Oracle Fusion Middleware Release Notes
Installation Issues and Workarounds
If you have multiple Oracle Service Registry Managed Servers in the domain, each
Managed Server must be added to the condition. For example, if you have two Oracle
Service Registry Managed Servers named WLS_OSR1 and WLS_OSR2:
case "$SERVER_NAME" in
.
'WLS_OSR1')
.
echo "Setting WLS_OSR1 CLASSPATH..."
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
exit;;
.
'WLS_OSR2')
.
echo "Setting WLS_OSR2 CLASSPATH..."
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
exit;;
.
*)
.
echo "Setting default SOA CLASSPATH..."
POST_CLASSPATH="${SOA_ORACLE_HOME}/soa/modules/oracle.soa.fabric_
11.1.1/oracle.soa.fabric.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.adapter_
11.1.1/oracle.soa.adapter.jar
${CLASSPATHSEP}${SOA_ORACLE_HOME}/soa/modules/oracle.soa.b2b_
11.1.1/oracle.soa.b2b.jar
${CLASSPATHSEP}${POST_CLASSPATH}"
exit;;
.
esac
2.1.11 Problems Installing in Thai and Turkish Locales
Turkish and Thai users are recommended to install and run Oracle Fusion Middleware
using the English locale. Oracle Fusion Middleware does support Turkish and Thai
locales as clients.
2.1.12 Enterprise Manager Configuration Fails with Timezone Error Message
There is a problem with the timezone detection algorithm on some versions of
Windows. When the database is installed on some systems that have a fresh
installation of Windows, the configuration of Enterprise Manager fails with a message
that indicates that an "America/Rio_Branco" timezone has been detected.
The work around is to reset the timezone to the desired value, then re-install your
Oracle Fusion Middleware product.
Installation, Patching, and Configuration 2-13
Patching Issues and Workarounds
2.2 Patching Issues and Workarounds
This section describes patching issues and their workarounds. It includes the
following topics:
■
Section 2.2.1, "Oracle SOA Suite Patching Issues"
■
Section 2.2.2, "Oracle WebCenter Patching Issues"
■
Section 2.2.3, "Oracle Identity Management Patching Issues"
■
Section 2.2.4, "System Component Patching Issues"
■
Section 2.2.5, "MDS Schema Version Number is Incorrect"
■
Section 2.2.6, "Oracle BI Components Show Incorrect Version Number After
Patching"
■
Section 2.2.7, "Warnings When Running upgradeOpss()"
■
Section 2.2.8, ""Patch Already Installed" Warning Message in Log File"
■
■
Section 2.2.9, "Manual Step for ODI-BAM Users After Installing 11.1.1.4.0 Patch
Set"
Section 2.2.10, "Applications Generate javax.xml.bind.JAXBException Runtime
Errors After Installing 11.1.1.4.0 Patch Set"
2.2.1 Oracle SOA Suite Patching Issues
This section contains patching issues pertaining to Oracle SOA Suite products:
■
■
■
■
■
■
Section 2.2.1.1, "Exception Seen When Extending Your Existing Oracle SOA Suite
Domain with Oracle Business Process Management Suite"
Section 2.2.1.2, "Exception Seen When Undeploying any SOA Composite with
Range-Based Dimension Business Indicators"
Section 2.2.1.3, "Running Oracle Business Process Management Suite with
Microsoft SQL Server 2008 Database"
Section 2.2.1.4, "Update to Oracle SOA Suite Release 11.1.1.3.0 Does Not Remove
the b2b.r1ps1 Property"
Section 2.2.1.5, "Manual Steps for Migrating Oracle UMS and Oracle MDS"
Section 2.2.1.6, "Monitored BPEL Processes Generate Warning Messages in Log
File After Applying 11g Release 1 (11.1.1.4.0) Patch Set"
2.2.1.1 Exception Seen When Extending Your Existing Oracle SOA Suite Domain
with Oracle Business Process Management Suite
The following intermittent exception may be seen in cases where you have upgraded
your Oracle SOA Suite software to release 11.1.1.3.0 with the Patch Set Installer, and
are extending your existing domain to include Oracle Business Process Management
Suite:
javax.ejb.EJBTransactionRolledbackException: EJB Exception: ; nested exception
is: javax.persistence.PersistenceException: Exception
[EclipseLink-4002] (Eclipse Persistence Services - 2.0.2.v20100323-r6872):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException:
ORA-02292: integrity constraint (DB9128_SOAINFRA.BPM_CUBE_ROLE_FK1) violated child record found.
Error Code: 2292
2-14 Oracle Fusion Middleware Release Notes
Patching Issues and Workarounds
Call: DELETE FROM BPM_CUBE_PROCESS WHERE (PROCESSID = ?)
bind => [247]
Query: DeleteObjectQuery(CubeProcess(domain:default, composite:counter_extended,
revision:1.0, name:Process, hasNametab:true));
nested exception is: javax.persistence.PersistenceException: Exception
[EclipseLink-4002] (Eclipse Persistence Services - 2.0.2.v20100323-r6872):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException:
ORA-02292: integrity constraint (DB9128_SOAINFRA.BPM_CUBE_ROLE_FK1) violated child record found
This is a harmless exception. To avoid seeing this exception, do the following:
1.
Connect to your databsae as the SOA schema user.
2.
Drop the BPM_CUBE_ROLE_FK1 constraint by executing the following:
ALTER TABLE BPM_CUBE_ROLE DROP CONSTRAINT BPM_CUBE_ROLE_FK1;
3.
Recreate the BPM_CUBE_ROLE_FK1 constraint by executing the following:
ALTER TABLE BPM_CUBE_ROLE ADD CONSTRAINT BPM_CUBE_ROLE_FK1 FOREIGN KEY @
(ProcessId) REFERENCES BPM_CUBE_PROCESS(ProcessId) ON DELETE CASCADE;
4.
Restart the Oracle SOA Managed Server.
2.2.1.2 Exception Seen When Undeploying any SOA Composite with Range-Based
Dimension Business Indicators
The following intermittent exception may be seen in cases where you have upgraded
your Oracle SOA Suite software to release 11.1.1.3.0 with the Patch Set Installer, and
have undeployed SOA composites that have range-based dimension business
indicators:
javax.ejb.EJBTransactionRolledbackException: EJB Exception: ; nested
exception is: javax.persistence.PersistenceException: Exception
[EclipseLink-4002] (Eclipse Persistence Services - 2.0.2.v20100323-r6872):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException:
ORA-02292: integrity constraint (DB9967_SOAINFRA.BPM_CUBE_NAMETAB_RANGE_FK1)
violated - child record found
Error Code: 2292
Call: DELETE FROM BPM_CUBE_NAMETAB WHERE ((EXTENSIONID = ?) AND (NAMETABID =
?))
bind => [0, 603]
Query:
DeleteObjectQuery(oracle.bpm.analytics.cube.persistence.model.CubeNametab@b7b8
2a); nested exception is: javax.persistence.PersistenceException: Exception
[EclipseLink-4002] (Eclipse Persistence Services - 2.0.2.v20100323-r6872):
org.eclipse.persistence.exceptions.DatabaseException
Internal Exception: java.sql.SQLIntegrityConstraintViolationException:
ORA-02292: integrity constraint (DB9967_SOAINFRA.BPM_CUBE_NAMETAB_RANGE_FK1)
violated - child record found
This exception is harmless and can be safely ignored. To avoid seeing this exception,
do the following:
1.
Connect to your databsae as the SOA schema user.
2.
Drop the BPM_CUBE_NAMETAB_RANGE_FK1 constraint by executing the
following:
Installation, Patching, and Configuration 2-15
Patching Issues and Workarounds
ALTER TABLE BPM_CUBE_NAMETAB_RANGE
3.
DROP CONSTRAINT BPM_CUBE_NAMETAB_RANGE_FK1;
Recreate the BPM_CUBE_NAMETAB_RANGE_FK1 constraint by executing the
following:
ALTER TABLE BPM_CUBE_NAMETAB_RANGE ADD CONSTRAINT BPM_CUBE_NAMETAB_RANGE_FK1
FOREIGN KEY @ (ProcessId, NametabId, ExtensionId) REFERENCES
BPM_CUBE_NAMETAB (ProcessId, NametabId, ExtensionId) ON DELETE CASCADE;
4.
Restart the Oracle SOA Managed Server.
2.2.1.3 Running Oracle Business Process Management Suite with Microsoft SQL
Server 2008 Database
If you have patched your existing Oracle SOA Suite installation with the Patch Set
Installer to include Oracle Business Process Management Suite and you are using a
Microsoft SQL Server 2008 database, the following procedure is required after you
have patched your software:
1.
Login to the Administration Console.
2.
In the "Connection Pools" tab, add the following property in the "Properties"
section for the mds-owsm and mds-soa data sources:
ReportDateTimeTypes=false
2.2.1.4 Update to Oracle SOA Suite Release 11.1.1.3.0 Does Not Remove the
b2b.r1ps1 Property
After you update your Release 11.1.1.2.0 software to Release 11.1.1.3.0, and login to the
Oracle Enterprise Manager Console and navigate to the b2b Properties screen, the
b2b.r1ps1 property (used to enable Release 11.1.1.2.0 features such as
DocProvisioning and TransportCallout) is still visible. This property is removed for
Release 11.1.1.3.0.
To remove this property, use the MBean browser remove property operation in Fusion
Middleware Control. For more information, see "Configuring B2B Operations" in
Oracle Fusion Middleware Administrator's Guide for Oracle SOA Suite and Oracle BPM
Suite.
2.2.1.5 Manual Steps for Migrating Oracle UMS and Oracle MDS
If you migrate your database schemas from Release 11.1.1.1.0 to Release 11.1.1.2.0 with
the BAM Alone option:
ant master-patch-schema -DpatchMaster.Componentlist=BAM
The Oracle BAM server will not start and you will receive UMS and MDS exceptions.
After executing above command, if no errors are seen in the log files and if the version
in schema_version_registry is changed to 11.1.1.2.0 for Oracle BAM, then the
following commands must be executed to manually migrate Oracle UMS and MDS:
ant master-patch-schema -DpatchMaster.Componentlist=MDS
ant master-patch-schema -DpatchMaster.Componentlist=UMS
Then, start the Oracle BAM server after running these commands.
2-16 Oracle Fusion Middleware Release Notes
Patching Issues and Workarounds
2.2.1.6 Monitored BPEL Processes Generate Warning Messages in Log File After
Applying 11g Release 1 (11.1.1.4.0) Patch Set
If you deployed BPEL processes that are instrumented with monitors, then Oracle
BAM might generate warning messages in the SOA diagnotic log file after you apply
the 11g Release 1 (11.1.1.4.0) patch set.
This is because a new business indicator data object field ("LATEST") was added for
Oracle Fusion Middleware 11g Release 1 (11.1.1.4.0).
To avoid the warning message and to take advantage of the new data object field,
redeploy the BPEL process after you apply the 11g Release 1 (11.1.1.4.0) patch set.
For more information about the LATEST data object field, see "Understanding
Business Indicator Data Objects" in the Oracle Fusion Middleware Developer's Guide for
Oracle SOA Suite.
2.2.2 Oracle WebCenter Patching Issues
This section contains patching issues pertaining to Oracle WebCenter products:
■
■
■
■
Section 2.2.2.1, "Deploying WebCenterWorklistDetailApp.ear for WebCenter
Spaces Workflows"
Section 2.2.2.2, "Some WebCenter Applications Show Old Version Number"
Section 2.2.2.3, "Problem Using WebCenter Spaces Customizations with .jsp Pages
After Installing the 11.1.1.4.0 Patch Set"
Section 2.2.2.4, "Errors When Updating Oracle WebCenter Using WLST
Commands"
2.2.2.1 Deploying WebCenterWorklistDetailApp.ear for WebCenter Spaces
Workflows
If you are patching from Oracle Fusion Middleware 11.1.1.2.0, then after running the
Patch Set Installer, you must redeploy WebCenterWorklistDetailApp.ear. This
file is located at the following path in your Oracle SOA Suite 11.1.1.2.0 installation
path: SOA_ORACLE_
HOME/webcenter/applications/WebCenterWorklistDetailApp.ear.
2.2.2.2 Some WebCenter Applications Show Old Version Number
After applying the patch for Oracle WebCenter, some applications still show the
version number from previous releases.
There is no work around for this issue.
2.2.2.3 Problem Using WebCenter Spaces Customizations with .jsp Pages After
Installing the 11.1.1.4.0 Patch Set
If you extended WebCenter Spaces 11g Release 1 (11.1.1.2.0) or Release 1 (11.1.1.3.0)
with your own customizations, then before you upgrade, you must ensure that the
customization shared library uses .jspx pages and not .jsp pages.
After you upgrade to WebCenter Spaces 11.1.1.4.0, custom site templates will not
render if they use .jsp pages.
Note that if you followed the white paper Customizing Site Templates in WebCenter
Spaces to develop your custom site templates, then your pages should already be
.jspx pages.
Installation, Patching, and Configuration 2-17
Patching Issues and Workarounds
2.2.2.4 Errors When Updating Oracle WebCenter Using WLST Commands
If you are updating Oracle WebCenter using WLST commands, you may see some
error messages as described in this section. These errors can be safely ignored
provided that when the command completes there is some text indicating the
successful completion of the command.
When running the upgradeWebCenterDomain WLST command, you may see the
following error message:
Error: addTemplate() failed. Do dumpStack() to see details.
When running the upgradeWebCenterPermissions command, you may see the
following error message:
Command FAILED, Reason: JPS-04204: Cannot revoke permissions.
2.2.3 Oracle Identity Management Patching Issues
This section contains patching issues pertaining to Oracle Identity Management
products:
■
Section 2.2.3.1, "Uploading Third Party JAR Files to the Database"
■
Section 2.2.3.2, "Access Policy With Approval Does Not Work After Patch"
■
■
■
■
■
■
Section 2.2.3.3, "OID and OVD Saved Connections Not Available After Patch From
Release 11.1.1.2.0 or 11.1.1.3.0"
Section 2.2.3.5, "Errors in the Log Files After Patching Oracle Identity Management
to Release 11.1.1.4.0"
Section 2.2.3.4, "Error When Running the upgradeOpss() Command When
Upgrading Oracle Identity Management"
Section 2.2.3.6, "Warning Message When Migrating Oracle Identity Federation
from Release 11.1.1.1.0 to Release 11.1.1.2.0"
Section 2.2.3.7, "Benign Errors Logged When Patching Oracle Identity
Management 11.1.1.2.0 Installation to 11.1.1.3.0"
Section 2.2.3.8, "Exception Seen When Starting Oracle Identity Management
Server"
2.2.3.1 Uploading Third Party JAR Files to the Database
During the update of Oracle Identity and Access Management to Release 11.1.1.5.0,
third party JAR files (for example, ldapbp.jar which is required for connector
functionality) that are present in the file system are not uploaded to database by the
upgrade process. You must manually upload these JAR files to the database using the
UploadJars.sh (on UNIX operating systems) or UploadJars.bat (on Windows
operating systems) utility.
For more information, see the "Upload JAR and Resource Bundle Utilities" chapter in
Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager.
2.2.3.2 Access Policy With Approval Does Not Work After Patch
In Release 11.1.1.5.0, the following new policies are introduced for Oracle Entitlements
Server (OES):
■
SelfServiceUserManagementPolicies.xml
■
UserManagementPolicies.xml
2-18 Oracle Fusion Middleware Release Notes
Patching Issues and Workarounds
Because of this change, a request for approval is not generated when a new policy
with approval is added.
To work around this issue, add the "Request Administrator" role to the "Access Policy
Based Provisioning" request template:
1.
Login to "Advance Console."
2.
Go to Request Templates on the Configuration tab.
3.
Search for and and open the "Access Policy Based Provisioning" request template.
4.
Go to the Template User Roles tab on the Template Details page.
5.
From the left pane in "Available Roles," search for and assign the "Request
Administrators" role.
The assigned role will appear in the right pane under "Selected Roles."
6.
Save the request template.
2.2.3.3 OID and OVD Saved Connections Not Available After Patch From Release
11.1.1.2.0 or 11.1.1.3.0
If you are patching Oracle Internet Directory (OID) or Oracle Virtual Directory (OVD)
from Releases 11.1.1.2.0 or 11.1.1.3.0 to Release 11.1.1.4.0 or later, your saved
connection in Releases 11.1.1.2.0 or 11.1.1.3.0 will not be available after the patch.
If you are patching from Release 11.1.1.3.0 or later, then your saved connections in
OID and OVD will be available.
There is no work around for this issue.
2.2.3.4 Error When Running the upgradeOpss() Command When Upgrading Oracle
Identity Management
During the upgrade of Oracle Identity Manager 11.1.1.3.0 to 11.1.1.5.0, you are asked
to run the upgradeOpss WLST (online) command to update Oracle Platform Security
Services (OPSS).
The following message will be visible on the console when you run the upgradeOpss
command:
WLS ManagedService is not up running. Fall back to use system properties for
configuration.
date_and_time
oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy
<init>
WARNING: No identity store associate with policy store found.
Upgrade of jps configuration and security stores is done.
This message is harmless and can be safely ignored.
2.2.3.5 Errors in the Log Files After Patching Oracle Identity Management to
Release 11.1.1.4.0
After patching and configuring Oracle Identtiy Management to Release 11.1.1.4.0, the
following errors are seen in the wls_oif1-diagnostics.log file when Single
Sign-On is used for Oracle Identity Federation:
[2010-08-05T13:05:30.754-07:00] [wls_oif1] [INCIDENT_ERROR] [FED-10174]
[oracle.security.fed.model.config.Configuration] [tid:
[ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default
(self-tuning)'] [userId: <anonymous>] [ecid:
Installation, Patching, and Configuration 2-19
Patching Issues and Workarounds
42ef6c66fe18f3ad:291f353a:12a43da27c1:-8000-0000000000000021,0] [APP:
OIF#11.1.1.2.0] [arg: certvalidationtimeout] Property was not found:
certvalidationtimeout.
.
[2010-08-05T13:05:37.174-07:00] [wls_oif1] [INCIDENT_ERROR] [FED-10174]
[oracle.security.fed.model.config.Configuration] [tid:
[ACTIVE].ExecuteThread: '2' for queue: 'weblogic.kernel.Default
(self-tuning)'] [userId: <anonymous>] [ecid:
42ef6c66fe18f3ad:291f353a:12a43da27c1:-8000-0000000000000021,0] [APP:
OIF#11.1.1.2.0] [arg: schemavalidationenabled] Property was not found:
schemavalidationenabled
[2010-08-06T17:09:23.861-07:00] [wls_oif1] [INCIDENT_ERROR] [FED-10174]
[oracle.security.fed.model.config.Configuration] [tid:
[ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default
(self-tuning)'] [userId: <anonymous>] [ecid:
f6d9b81289e40cee:42d4f595:12a49b7af7a:-8000-000000000000086f,0] [APP:
OIF#11.1.1.2.0] [arg: certpathvalidationenabled] Property was not found:
certpathvalidationenabled.
[2010-08-06T17:11:27.173-07:00] [wls_oif1] [INCIDENT_ERROR] [FED-10174]
[oracle.security.fed.model.config.Configuration] [tid:
[ACTIVE].ExecuteThread: '3' for queue: 'weblogic.kernel.Default
(self-tuning)'] [userId: <anonymous>] [ecid:
f6d9b81289e40cee:42d4f595:12a49b7af7a:-8000-00000000000009a0,0] [APP:
OIF#11.1.1.2.0] [arg: httpheaderattrcollector] Property was not found:
httpheaderattrcollector.
There errors are harmless and can be safely ignored.
To avoid seeing these errors, run the oif-upgrade-11.1.1.2.0-11.1.1.4.0.py
script after you have patched your software to 11.1.1.4.0 as described in "Updating
Configuration Properties in Oracle Identity Federation" in the Oracle Fusion Middleware
Patching Guide.
2.2.3.6 Warning Message When Migrating Oracle Identity Federation from Release
11.1.1.1.0 to Release 11.1.1.2.0
When you are using the Patch Assistant migration scripts to migrate Oracle Identity
Federation from Release 11.1.1.1.0 to Release 11.1.1.2.0, you may see the following
error message:
WLSTException: Error occured while performing addHelpCommandGroup : Error
getting resource bundle: : Can't find bundle for base name
oifWLSTResourceBundle, locale en_US
This message is harmless and can be safely ignored.
2.2.3.7 Benign Errors Logged When Patching Oracle Identity Management
11.1.1.2.0 Installation to 11.1.1.3.0
You may see some benign error messages in installation log files, such as the
following, after you patch an Oracle Identity Management 11.1.1.2.0 installation to
11.1.1.3.0:
External name..INVALID_ORACLE_DIRECTORY_MSG_STRING
In doFinish method checking for inventory
lock...InstallProgressPage
Next page is a progress page and the inventory lock is false
2-20 Oracle Fusion Middleware Release Notes
Patching Issues and Workarounds
/bin/chmod: changing permissions of
/scratch/aime1/Oracle/Middleware/oracle_ps2/install/root.log':
Operation not permitted
/bin/chmod: changing permissions of
/scratch/aime1/Oracle/Middleware/oracle_ps2/bin/nmb': Operation
not permitted
/bin/chmod: changing permissions of
/scratch/aime1/Oracle/Middleware/oracle_ps2/bin/nmhs': Operation
not permitted
/bin/chmod: changing permissions of
/scratch/aime1/Oracle/Middleware/oracle_ps2/bin/nmo': Operation
not permitted
inventoryLocation: /scratch/aime1/oraInventory
Mode:init
Such messages can be ignored.
2.2.3.8 Exception Seen When Starting Oracle Identity Management Server
After updating Oracle Identity Management to Release 11.1.1.5.0, the following
exception may be seen when starting Oracle Identity Management Server:
java.lang.ClassNotFoundException: ADP ClassLoader failed to load:
com.thortech.xl.schedule.tasks.tcTskScheduledProvision
This error is harmless and can be safely ignored.
2.2.4 System Component Patching Issues
This section contains patching issues pertaining to Oracle Fusion Middleware system
components:
■
■
Section 2.2.4.1, "Redeploy System Components to Ensure Proper Deinstallation"
Section 2.2.4.2, "Setting Execute Permissions for emctl When Migrating System
Components"
2.2.4.1 Redeploy System Components to Ensure Proper Deinstallation
After you have patched your system component software (Oracle Portal, Forms,
Reports and Discoverer, Oracle Identity Management, or Oracle Web Tier) and started
all services, you must manually redeploy your system components if you are
extending your existing domain. To do so, follow the instructions in "Redeploying
System Components for Extend Domain Scenarios" in the Oracle Fusion Middleware
Patching Guide.
If you do not redeploy your system components, you will encounter problems when
you attempt to remove them.
2.2.4.2 Setting Execute Permissions for emctl When Migrating System
Components
When you migrate any Release 11.1.1.1.0 system component to Release 11.1.1.2.0, the
following error message can be seen on the console window:
Process (index=1,uid=1270434032,pid=0)
Executable file does not have execute permission.
Installation, Patching, and Configuration 2-21
Patching Issues and Workarounds
INSTANCE_HOME/EMAGENT/EMAGENT/bin/emctl
failed to start a managed process after the maximum retry limit
Executable file does not have execute permission.
The work around is to manually change the permissions of the emctl executable. For
example:
chmod +x INSTANCE_HOME/EMAGENT/EMAGENT/bin/emctl
After changing the permissions, restart all the opmnctl processes.
2.2.5 MDS Schema Version Number is Incorrect
If you are running Fusion Middleware products that use the Metadata Services
schema (MDS) and your Fusion Middleware products are older than Release 11.1.1.4.0,
the schema version number for the MDS schema in Enterprise Manager will be the
previous release number, even if you have updated the MDS schema to Release
11.1.1.4.0.
In order for the MDS schema version number to appear correctly, both the schema and
the Fusion Middleware product software must be up to date with the most recent
version.
2.2.6 Oracle BI Components Show Incorrect Version Number After Patching
After you patch your existing Oracle Business Intelligence (BI) software to Release
11.1.1.4.0, some Oracle BI components (for example, Oracle BI Publisher or Oracle
RTD) will still show the version number from your previous release when viewed
using Oracle Enterprise Manager.
There is no work around for this issue.
2.2.7 Warnings When Running upgradeOpss()
When running the upgradeOpss() WLST command to upgrade configurations and
stores to Release 11.1.1.4.0, the following error messages may be seen:
oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy
migrateData
WARNING: cannot migrate a global grant. Reason
oracle.security.jps.service.policystore.PolicyStoreException: Found 2 permissions
in the store matching: ([PermissionEntry:class=java.util.PropertyPermission
target=weblogic.Name resourceType=null actions=read,PERMISSION, name=null,
uniqueName=null, guid=null]
[jaznGranteeDn=orclguid=AC171BF0E72711DEBF9CCF0B93FB22A1,cn=Grantees,
cn=JAASPolicy,cn=systempolicy,cn=webcenter,cn=JPSContext,cn=jpsroot_webcenter_
IR14_prod}),
[PermissionEntry: class=java.util.PropertyPermission target=weblogic.Name
resourceType=null actions=read,PERMISSION, name=8228FD8036F711DEAF24DB7D80B2D07C,
uniqueName=orclguid=8228FD8036F711DEAF24DB7D80B2D07C,cn=Permissions,cn=JAASPolicy,
cn=systempolicy,cn=webcenter,cn=JPSContext,cn=jpsroot_webcenter_IR14_prod,
guid=8228FD8036F711DEAF24DB7D80B2D07C]
[jaznGranteeDn=orclguid=822505e036f711deaf24db7d80b2d07c,cn=grantees,cn=jaas
policy,cn=systempolicy,cn=webcenter,cn=jpscontext,cn=jpsroot_webcenter_ir14_prod}1
[PermissionEntry: class=java.util.PropertyPermission target=weblogic.Name
resourceType=null actions=read,PERMISSION, name=8228FD8036F711DEAF24DB7D80B2D07C,
uniqueName=orclguid=8228FD8036F711DEAF24DB7D80B2D07C,cn=Permissions,cn=JAASPolicy,
cn=systempolicy,cn=webcenter,cn=JPSContext,cn=jpsroot_webcenter_IR14_prod,
guid=8228FD8036F711DEAF24DB7D80B2D07C]
2-22 Oracle Fusion Middleware Release Notes
Patching Issues and Workarounds
[jaznGranteeDn=orclguid=822505e036f711deaf24db7d80b2d07c,cn=grantees,cn=jaaspolicy
,cn=systempolicy,cn=webcenter,cn=jpscontext,cn=jpsroot_webcenter_ir14_prod}
[PermissionEntry: class=java.util.PropertyPermission target=weblogic.Name
resourceType=null actions=read,PERMISSION, name=AC198CF0E72711DEBF9CCF0B93FB22A1,
uniqueName=orclguid=AC198CF0E72711DEBF9CCF0B93FB22A1,cn=Permissions,cn=JAASPolicy,
cn=systempolicy,cn=webcenter,cn=JPSContext,cn=jpsroot_webcenter_IR14_prod,
guid=AC198CF0E72711DEBF9CCF0B93FB22A1]
[jaznGranteeDn=orclguid=822505e036f711deaf24db7d80b2d07c,cn=grantees,cn=jaaspolicy
,cn=systempolicy,cn=webcenter,cn=jpscontext,cn=jpsroot_webcenter_ir14_prod}
[jaznGranteeDn=orclguid=ac171bf0e72711debf9ccf0b93fb22a1,cn=grantees,cn=jaaspolicy
,cn=systempolicy,cn=webcenter,cn=jpscontext,cn=jpsroot_webcenter_ir14_prod}2
[PermissionEntry: class=java.util.PropertyPermission target=weblogic.Name
resourceType=null actions=read,PERMISSION, name=AC198CF0E72711DEBF9CCF0B93FB22A1,
uniqueName=orclguid=AC198CF0E72711DEBF9CCF0B93FB22A1,cn=Permissions,cn=JAASPolicy,
cn=systempolicy,cn=webcenter,cn=JPSContext,cn=jpsroot_webcenter_IR14_prod,
guid=AC198CF0E72711DEBF9CCF0B93FB22A1]
[jaznGranteeDn=orclguid=822505e036f711deaf24db7d80b2d07c,cn=grantees,cn=jaaspolicy
,cn=systempolicy,cn=webcenter,cn=jpscontext,cn=jpsroot_webcenter_ir14_
prod}[jaznGranteeDn=orclguid=ac171bf0e72711debf9ccf0b93fb22a1,cn=grantees,cn=jaas
policy,cn=systempolicy,cn=webcenter,cn=jpscontext,cn=jpsroot_webcenter_ir14_prod}
These messages are harmless and can be safely ignored.
2.2.8 "Patch Already Installed" Warning Message in Log File
In a scenario where you have a product that is already patched to version 11.1.1.3.0 in
a Middleware home, and then you attempt to patch a second product to the same
version in the same Middleware home, a warning message similar to the following
will appear in the installtimestamp.out file:
Attempting to install 1 patches
Mar 3, 2010 1:00:07 PM [THREAD: Thread-1]
com.bea.cie.paf.internal.attach.PatchManagerImpl install
WARNING: Warning: Patch already installed: PBY8
Patch installation success
Patch installation success
Success..
[SOARootService.getRootActions] autoPortsDetect =null
[SOARootService.getRootActions] privilegedPorts =null
This warning message can be safely ignored.
2.2.9 Manual Step for ODI-BAM Users After Installing 11.1.1.4.0 Patch Set
If you are integrating Oracle Data Integrator (ODI) with Oracle Business Activity
Monitoring, you should import a new version of the following knowledge module
after you install the Oracle Fusion Middleware 11g Release 1 (11.1.1.4.0) patch set:
BAM_ORACLE_HOME/bam/ODI/knowledge modules/KM_RKM Oracle BAM.xml
For more information, see "Importing and Replacing Knowledge Modules" in the
Oracle Fusion Middleware Developer's Guide for Oracle Data Integrator.
This new module includes bugs fixes and improvements made for the Oracle Fusion
Middleware 11g Release 1 (11.1.1.4.0) .
Installation, Patching, and Configuration 2-23
Configuration Issues and Workarounds
2.2.10 Applications Generate javax.xml.bind.JAXBException Runtime Errors After
Installing 11.1.1.4.0 Patch Set
If any of the applications you deployed on Oracle Fusion Middleware 11g Release 1
(11.1.1.2.0) or Release 1 (11.1.1.3.0) include EclipseLink-JAXB classes that have no-arg
constructors missing, then after you install Release 1 (11.1.1.4.0), the application might
generate the following exceptions during runtime:
javax.xml.bind.JAXBException
To avoid this error:
1.
Modify the classes and add default no-arg constructors where necessary.
2.
Compile and redeploy your project to the newly patched Oracle Fusion
Middleware 11g Release 1 (11.1.1.4.0) domain.
Example 2–1 shows an example of typical no-arg constructor.
Example 2–1 Typical Java Class with a no-arg constructor
public class PriceQuote implements Serializable
{
//Make sure you have constructor with no arguments
public PriceQuote() {
}
}
2.3 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
Section 2.3.7, "Changing the Listen Address of a Managed Server"
■
Section 2.3.8, "Domain Extension Overwrites JDBC Data Source Name"
■
Section 2.3.9, "Rerouting to Original URL After SSO Authentication in Firefox and
Safari Browsers"
2.3.1 Oracle SOA Suite Configuration Issues
This section contains information pertaining to Oracle SOA Suite configuration:
■
Section 2.3.1.1, "Exception Seen for Oracle SOA Suite with WebSphere Application
Server"
2.3.1.1 Exception Seen for Oracle SOA Suite with WebSphere Application Server
When running Oracle SOA Suite on IBM WebSphere application server, the following
exception is seen after logging in to Fusion Middleware Control, expanding
Application Deployments on the left side and then clicking on any of the applications
under it:
[date_and_time] 0000003f OHWHelpProvid E
configuration
[date_and_time] 00000044 OHWHelpProvid E
configuration
unable to create global
critical error in OHW
oracle.help.web.config.parser.ConfigParseException: error finding
configuration file at:
at oracle.help.web.config.parser.OHWParser._openConnection(Unknown
2-24 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
Source)
at oracle.help.web.config.parser.OHWParser.getGlobalConfiguration(Unknown
Source)
at oracle.help.web.rich.helpProvider.OHWHelpProvider.getHelpTopic(Unknown
Source)
.
.
.
This exception is harmless and can be safely ignored.
2.3.2 Oracle Identity Management Configuration Issues
This section contains information pertaining to Oracle Identity Management
configuration:
■
■
■
■
■
■
Section 2.3.2.1, "Errors Logged to Managed Server Log Files When Extending a
11.1.1.3.0 Oracle Identity Management Domain on a Remote System"
Section 2.3.2.2, "Log Messages Appearing on Console During Oracle Identity
Management Schema Creation"
Section 2.3.2.3, "Configuring Oracle Identity Management When WebLogic Node
Manager is Running"
Section 2.3.2.4, "Configuring OID with Oracle Data Vault"
Section 2.3.2.5, "Password Requirements for Oracle Internet Directory
Administrator"
Section 2.3.2.6, "Error Message When Configuring Oracle Identity Federation"
2.3.2.1 Errors Logged to Managed Server Log Files When Extending a 11.1.1.3.0
Oracle Identity Management Domain on a Remote System
When extending a 11.1.1.3.0 (patched) domain on a remote system, you may see a Null
Pointer exception message, such as the following, in the Managed Server log files after
installation:
0000IW5hUxgDc_Y5HrDCif1Bm1sl000000,0] [APP: DMS Application#11.1.1.1.0]
initialization error[[java.lang.NullPointerException
at java.io.File.<init>(File.java:222)
at oracle.dms.impl.util.AdmlLocator.<init>(AdmlLocator.java:59)
at oracle.dms.app.DmsSpy.init(DmsSpy.java:86)
at
weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(StubSecurityHel
per.java:283)
To work around this issue, do the following:
1.
Stop the instance running on the second system.
2.
Stop the Managed Server on the second system.
3.
Stop the instance running on the first system.
4.
Stop Managed Servers on the first system.
5.
Stop the Administration Server on the first system.
6.
Start the instance, the Administration Server, and then Managed Servers on the
first system manually from the command line.
Installation, Patching, and Configuration 2-25
Configuration Issues and Workarounds
7.
Start the instance and then Managed Servers on the second system manually from
the command line.
For information about starting and stopping Oracle Fusion Middleware, see the
"Starting and Stopping Oracle Fusion Middleware" chapter in the Oracle Fusion
Middleware Administrator's Guide.
2.3.2.2 Log Messages Appearing on Console During Oracle Identity Management
Schema Creation
During the creation of the Oracle Identity Management (OIM) schema, some log
messages will appear in the RCU console window. These log messages are specific to
Quartz, which is used by Oracle Identity Management, and can be safely ignored.
If there are any errors encoutered during the loading of this Quartz-specific data, the
errors will be written to the RCU log files. Refer to Oracle Fusion Middleware Repository
Creation Utility User's Guide for more informaiton about the RCU log files.
2.3.2.3 Configuring Oracle Identity Management When WebLogic Node Manager is
Running
To configure Oracle Identity Management, using either the Install and Configure
option or the Configuration Wizard, when the WebLogic Node Manager utility is
running from the same Middleware home directory where Oracle Identity
Management is installed, the StartScriptEnabled parameter in the
nodemanager.properties file must be set to true. For example:
StartScriptEnabled=true
To configure Oracle Identity Management when the StartScriptEnabled
parameter is set to false, you must:
1.
Set the StartScriptEnabled parameter to true.
2.
Stop, then restart the Node Manager utility.
3.
Configure Oracle Identity Management using either the Install and Configure
option or the Configuration Wizard.
The nodemanager.properties file is located in the WL_
HOME/common/nodemanager/ directory.
Note:
2.3.2.4 Configuring OID with Oracle Data Vault
If you choose to configure Oracle Internet Directory (OID) with Oracle Data Vault:
1.
Apply patch 8897382 (see the README file in the patch for instructions).
2.
In the ORACLE_HOME/ldap/datasecurity/dbv_oid_command_rules.sql
(on UNIX operating systems) or ORACLE_HOME\ldap\datasecurity\dbv_
oid_command_rules.sql (on Windows operating systems) file, find the
following code:
/declare
.
begin
.
dvsys.dbms_macadm.CREATE_COMMAND_RULE(
command => 'CONNECT'
,rule_set_name => 'OID App Access'
,object_owner => 'ODS'
,object_name => '%'
2-26 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
,enabled => 'Y');
.
commit;
.
end;/
3.
Change the following line:
,object_owner => 'ODS'
to:
,object_owner => '%'
2.3.2.5 Password Requirements for Oracle Internet Directory Administrator
When configuring Oracle Internet Directory, using either the installer's Install and
Configure option or the Configuration Wizard, you must enter and confirm the
Administrator Password.
The following is a list of the requirements for the Oracle Internet Directory
Administrator Password. The password must contain:
■
At least 5 characters
■
No more than 30 characters
■
At least one number
■
Only alpha-numeric characters, underscore ( _ ), dollar sign ( $ ), and pound/hash
(#)
If the password you enter does not satisfy these requirements,
the following error message appears:
Note:
INST-07037: Administrator Password field value contains one or more
invalid characters or the value is not in proper format.
2.3.2.6 Error Message When Configuring Oracle Identity Federation
During the configuration of Oracle Identity Federation (OIF), the following error
message regarding key store and password may be seen in the configuration log file:
[app:OIF module:/fed path:/fed spec-version:2.5
version:11.1.1.1.0]: Failed while destroying servlet: usermanager.
java.lang.RuntimeException: The server could not initialize properly:
oracle.security.fed.sec.util.KeySourceException: Invalid/unsupported
key store or incorrect password. Please verify that the password is correct
and the store is a valid PKCS#12 PFX wallet or Java KeyStore file.
This error message can be safely ignored if OIF is running properly.
2.3.3 Configuration Wizard Issues
This section contains issues pertaining to the Oracle Fusion Middleware Configuration
Wizard:
■
■
Section 2.3.3.1, "Starting the Configuration Wizard From a New Window"
Section 2.3.3.2, "Specify Security Updates Screen Does Not Appear in the
Configuration Wizard"
Installation, Patching, and Configuration 2-27
Configuration Issues and Workarounds
■
Section 2.3.3.3, "Some Text Truncated on the "Server Start Mode and JDK
Configuration" Screen"
2.3.3.1 Starting the Configuration Wizard From a New Window
When you start the Configuration Wizard from a terminal window, make sure that it
is a new terminal window to ensure that there are no environment variables set to
incorrect locations from a previous configuration or installation session.
2.3.3.2 Specify Security Updates Screen Does Not Appear in the Configuration
Wizard
If you use silent installation (response file) to configure Oracle Identity Management,
security updates (through Oracle Configuration Manager) are not configured.
However, the ocm.rsp file is created in the Oracle home directory. If you run the
Configuration Wizard GUI from the Oracle home, you will not see the Specify Security
Updates Screen because of the presence of the ocm.rsp file.
To work around this issue, delete the ocm.rsp file from the Oracle home and run the
Configuration Wizard to see the Specify Security Updates screen.
2.3.3.3 Some Text Truncated on the "Server Start Mode and JDK Configuration"
Screen
If you run the Oracle Fusion Middleware Configuration Wizard on an AIX 64-bit
system, the Graphics Manager on that system will cause some text to be truncated on
the "Server Start Mode and JDK Configuration" screen.
There is no work around for this issue.
2.3.4 Repository Creation Utility Issues
This section contains issues pertaining to Repository Creation Utility:
■
■
Section 2.3.4.1, "Schemas Are Not Visible After Upgrade of Oracle Identity
Management"
Section 2.3.4.2, "RCU Summary Screen Issues"
2.3.4.1 Schemas Are Not Visible After Upgrade of Oracle Identity Management
After upgrading Oracle Identity Management from Release 10g (10.1.4.3) to 11g
Release 1 (11.1.1), the Oracle Directory Service schemas (ODS and ODSSM) are not
visible in the Repository Creation Utility (RCU).
The reason for this is because RCU is not used during the upgrade process, and RCU
only recognizes schemas that are created by RCU. Refer to Oracle Fusion Middleware
Repository Creation Utility User's Guide for more information.
2.3.4.2 RCU Summary Screen Issues
If you are dropping the Identity Management schemas and you select both Oracle
Internet Directory (ODS) and Oracle Identity Federation (OIF) to be dropped, the RCU
summary screen may not be displayed and an exception may be thrown in the
console.
To work around this issue, select and drop one component at a time instead of
selecting them both and dropping them together.
When other components are selected for a drop schema operation, the summary
screen may display inaccurate information. However, the selected schemas will be
2-28 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
successfully dropped from the database in spite of the erroneous information on the
summary screen.
To work around this issue, select and drop only one component at a time.
2.3.5 Pack and Unpack Issues
This section contains issues pertaining to packing and unpacking a domain:
■
■
■
Section 2.3.5.1, "Ensure There Are No Missing Products When Using unpack.sh or
unpack.cmd"
Section 2.3.5.2, "Running unpack.sh or unpack.cmd on a Different Host"
Section 2.3.5.3, "Starting Managed Servers on Remote System After Packing and
Unpacking Domain"
2.3.5.1 Ensure There Are No Missing Products When Using unpack.sh or
unpack.cmd
Oracle SOA Suite, Oracle WebCenter, and Application Developer all contain the
pack.sh and unpack.sh (on UNIX systems) or pack.cmd and unpack.cmd (on
Window systems) commands in their respective ORACLE_HOME/common/bin (on
UNIX systems) or ORACLE_HOME\common\bin (on Windows systems) directories.
The pack.sh and pack.cmd scripts are used to create a template archive (.jar) file
that contains a snapshot of either an entire domain or a subset of a domain. The
unpack.sh and unpack.cmd scripts are used to create a full domain or a subset of a
domain used for a Managed Server domain directory on a remote system.
The unpack.sh and unpack.cmd commands will fail if any installed products are
missing from the system where you are running the unpack.sh or unpack.cmd
command.
2.3.5.2 Running unpack.sh or unpack.cmd on a Different Host
If you are running the unpack.sh (on UNIX) or unpack.cmd (on Windows)
command to unpack a domain on a remote host, the Oracle home location and the
Middleware home location on the remote host should match the locations on the host
where the pack was performed.
Below is a valid example:
Host 1:
MW_HOME = /user/home/Middleware
ORACLE_HOME =/user/home/Middleware/Oracle_SOA1
@ Host 2:
MW_HOME = /user/home/Middleware
ORACLE_HOME =/user/home/Middleware/Oracle_SOA1
The example below is NOT valid because the Oracle homes do not match:
Host 1:
MW_HOME = /user/home/Middleware
ORACLE_HOME =/user/home/Middleware/Oracle_SOA1
@ Host 2:
MW_HOME = /user/home/Middleware
ORACLE_HOME =/user/home/Middleware/SOA_Home
The example below is NOT valid because the Middleware homes do not match:
Installation, Patching, and Configuration 2-29
Configuration Issues and Workarounds
Host 1:
MW_HOME = /user/home/Middleware
ORACLE_HOME =/user/home/Middleware/Oracle_SOA1
@ Host 2:
MW_HOME = /user/home/MWHome
ORACLE_HOME =/user/home/Middleware/Oracle_SOA1
Host 1:
MW_HOME = C:\Oracle\Middleware
ORACLE_HOME = C:\Oracle\Middleware\Oracle_SOA1
@ Host 2:
MW_HOME = C:\Oracle\Middleware
ORACLE_HOME = C:\Oracle\Middleware\Oracle_SOA1
The example below is NOT valid because the Oracle homes do not match:
Host 1:
MW_HOME = C:\Oracle\Middleware
ORACLE_HOME = C:\Oracle\Middleware\Oracle_SOA1
@ Host 2:
MW_HOME = C:\Oracle\Middleware
ORACLE_HOME = C:\Oracle\Middleware\SOA_Home
The example below is NOT valid because the Middleware homes do not match:
Host 1:
MW_HOME = C:\Oracle\Middleware
ORACLE_HOME = C:\Oracle\Middleware\Oracle_SOA1
@ Host 2:
MW_HOME = C:\Oracle\MWHome
ORACLE_HOME = C:\Oracle\Middleware\Oracle_SOA1
2.3.5.3 Starting Managed Servers on Remote System After Packing and Unpacking
Domain
After you unpack a domain on a remote system using the unpack command,
complete the following steps:
1.
Start Node Manager on the remote system. This action creates a
nodemanager.properties file on your system in the MW_HOME/wlserver_
10.3/common/nodemanager directory (on UNIX). On Windows, this file is
created in the MW_HOME\wlserver_10.3\common\nodemanager directory.
2.
Stop Node Manager.
3.
Open the nodemanager.properties file in a text editor and set the
StartScriptEnabled property to true.
4.
Start the Node Manager on the remote system before starting the Managed Server
on the remote system through the Oracle WebLogic Administration Console.
2.3.6 Configuration Issues Working With Clusters
This section contains issues pertaining to clusters and your WebLogic Server domain:
■
Section 2.3.6.1, "Extend Domain and Expand Cluster Scenarios with Remote
Systems"
2-30 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
■
■
Section 2.3.6.2, "Unable to Extend an Existing Domain by Selecting Only Oracle
Directory Integration Platform Without Cluster"
Section 2.3.6.3, "Expand Cluster Requires Changes to the emd.properties File"
2.3.6.1 Extend Domain and Expand Cluster Scenarios with Remote Systems
In scenarios where you are using the Fusion Middleware Configuration Wizard to
extend a domain or expand a cluster with remote systems, you must make sure that
both the source and destination Middleware home and Oracle home directories are
identical.
2.3.6.2 Unable to Extend an Existing Domain by Selecting Only Oracle Directory
Integration Platform Without Cluster
Selecting only Oracle Directory Integration Platform without cluster in a session
followed by creating cluster and extending domain on the same system fails.
In this domain configuration scenario, ensure that you install and configure Oracle
Directory Services Manager on the same system where you extending the domain to
configure Oracle Directory Integration Platform.
2.3.6.3 Expand Cluster Requires Changes to the emd.properties File
After running the Oracle Fusion Middleware Configuration Wizard to expand a
cluster, the EMD_URL parameter in the INSTANCE_
HOME/EMAGENT/EMAGENT/sysman/config/emd.properties (on UNIX) or
INSTANCE_HOME\EMAGENT\EMAGENT\sysman\config\emd.properties (on
Windows) file contains the values shown below:
EMD_URL=http://localhost.localdomain:port/emd/main
You must edit this parameter and replace localhost and localdomain with the
actual host and domain information of your environment. For example, using 5160 as
the port number:
EMD_URL=http://examplehost.exampledomain.com:5160/emd/main
2.3.7 Changing the Listen Address of a Managed Server
When you run the Configuration Wizard after installing Oracle Identity Management
or Oracle Portal, Forms, Reports and Discoverer, the listen address for WebLogic
Managed Servers is left blank by default (to listen to all network interfaces). If you
change the listen address to the actual host name, the Managed Server stops listening
from outside the system.
It is recommended that you either leave the listen address blank, or specify the IP
address of the host rather than using the host name.
2.3.8 Domain Extension Overwrites JDBC Data Source Name
When a WebLogic Domain with JDBC resources is extended to either Oracle SOA
Suite or Oracle WebCenter, the JDBC data source name will be changed. This behavior
is commonly observed in cases where WebLogic Server version lower than 9.x is
upgraded to a version higher than 9.x and then extended to Oracle SOA Suite or
Oracle WebCenter.
To work around this issue, you must manually edit the JDBC data source names.
Installation, Patching, and Configuration 2-31
Known Issues
2.3.9 Rerouting to Original URL After SSO Authentication in Firefox and Safari
Browsers
When configuring Oracle Portal, Forms, Reports and Discoverer, when both Oracle
HTTP Server and Oracle Web Cache are selected for configuration, re-routing (back to
the original URL) after Single Sign-On (SSO) authentication does not work in Firefox
and Safari browsers when the initial request comes from Oracle HTTP Server.
The work arounds are to either use the Internet Explorer browser, or manually modify
the INSTANCE_HOME/config/OHS/instance_name/httpd.conf file and change
the ServerName entry to include the port number. For example:
ServerName examplehost.exampledomain.com
should be changed to:
ServerName examplehost.exampledomain.com:port
Replace port with the actual port number.
2.4 Known Issues
This section describes known issues. It includes the following topics:
■
Section 2.4.1, "Forms and Reports Builder Not Supported"
2.4.1 Forms and Reports Builder Not Supported
Forms and Reports Builder is not suported on Linux x86-64, Solaris Operating System
(SPARC 64-Bit), AIX Based Systems (64-Bit), HP-UX PA-RISC (64-Bit), HP-UX Itanium,
and Microsoft Windows x64 (64-Bit) platforms. It is supported on Linux x86 and
Microsoft Windows (32-Bit) platforms only.
2.5 Documentation Errata
This section describes documentation errata. It includes the following topics:
■
■
Section 2.5.1, "Updating OIM Configuration to Use Oracle HTTP Server 10g
WebGate"
Section 2.5.2, "Missing Logout Configuration Steps in the Oracle Identity
Management Installation Guide"
2.5.1 Updating OIM Configuration to Use Oracle HTTP Server 10g WebGate
Step 4 in the Section 22.8 "Optional: Updating Oracle Identity Manager Configuration"
in the chapter "Migrating from Domain Agent to Oracle HTTP Server 10g Webgate for
OAM" requires you to update the OIM Configuration when the OAM URL or agent
profile changes. This section is in the Oracle Fusion Middleware Installation Guide for
Oracle Identity Management.
To update Oracle Identity Manager configuration, complete the following steps:
1.
Export the oim-config.xml file from metadata by running <IDM_
Home>/server/bin/weblogicExportMetadata.sh (on UNIX), and export
the file - /db/oim-config.xml. On Windows operating systems, you can use
the weblogicExportMetadata.bat file located in the same directory.
2.
Update the file to use Oracle HTTP Server 10g Webgate by updating following
element under the <ssoConfig> tag:
2-32 Oracle Fusion Middleware Release Notes
Documentation Errata
<webgateType>javaWebgate</webgateType> to
<webgateType>ohsWebgate10g</webgateType>
3.
Import oim-config.xml back to metadata by running <IDM_
Home>/server/bin/weblogicImportMetadata.sh on UNIX. On Windows,
use the weblogicImportMetadata.bat located in the same directory.
4.
Log in to Oracle Enterprise Manager using your WebLogic Server administrator
credentials.
5.
Click Identity and access > oim > oim(version). Right-click and select System
MBean Browser. The System MBean Browser page is displayed.
6.
Under Application Defined MBeans, select oracle.iam > Server:oim_
server1 > Application: oim > XMLConfig > config.
7.
Replace the front-end URL with the URL of Oracle HTTP Server. This should be
the same Oracle HTTP Server that was used before installing Oracle HTTP Server
10g Webgate for Oracle Access Manager. Complete the following steps:
8.
a.
Under XMLConfig MBean, move to XMLConfig.DiscoveryConfig.
b.
Update OimFrontEndURL with the URL of Oracle HTTP Server.
c.
Click Apply.
Restart the OIM server.
2.5.2 Missing Logout Configuration Steps in the Oracle Identity Management
Installation Guide
Steps to perform logout configuration after updating the OIM Server Configuration
are missing from the Oracle Fusion Middleware Installation Guide for Oracle Identity
Management.
You must perform logout configuration after updating the OIM Server configuration,
as described in the Section 22.6 "Updating OIM Server Configuration" in the chapter
"Migrating from Domain Agent to Oracle HTTP Server 10g Webgate for OAM".
Ensure that you have set up integration between Oracle
Identity Manager and Oracle Access Manager, as described in the
topic "Integration Between OIM and OAM" in the Oracle Fusion
Middleware Installation Guide for Oracle Identity Management.
Note:
After updating OIM Server configuration, you must perform logout configuration as
follows:
1.
Copy the logout.html file from the <IDM_HOME>/oam/server/oamsso
directory to the <10gWebgateInstallation>/access/oamsso directory.
2.
Edit the SERVER_LOGOUTURL variable in the logout.html file to point to the
host and port of the Oracle Access Manager Server. Follow the instructions in the
logout.html file.
3.
If the http.conf file of the web server includes the following entries, remove the
entries from the http.conf file:
<LocationMatch "/oamsso/*">
Satisfy any
</LocationMatch>
Installation, Patching, and Configuration 2-33
Documentation Errata
2-34 Oracle Fusion Middleware Release Notes
3
Upgrade
3
This chapter describes issues associated with upgrading your environment and your
applications to Oracle Fusion Middleware 11g. It includes the following topics:
■
Section 3.1, "General Issues and Workarounds"
■
Section 3.2, "General Issues and Workarounds for Migrating from 11.1.1.1.0"
■
Section 3.3, "Documentation Errata for Upgrade"
This chapter contains issues you might encounter while
upgrading any of the Oracle Fusion Middleware products.
Note:
Be sure to review the product-specific release note chapters elsewhere
in this document for any additional issues specific to the products you
are using.
3.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topics:
■
■
■
■
■
■
Section 3.1.1, "Patches Required to Address Specific Upgrade and Compatibility
Requirements"
Section 3.1.2, "Unable to Read Composite Model Error During SOA Application
Upgrade"
Section 3.1.3, "Oracle BAM Upgrade Issues"
Section 3.1.4, "Error When Upgrading Oracle Internet Directory Due to Invalid
ODS Schema"
Section 3.1.5, "Restore From Backup Required If Upgrade Fails During a Colocated
Oracle Internet Directory and Oracle Directory Integration Platform Upgrade"
Section 3.1.6, "Cannot Verify Oracle Forms Services Upgrade When Oracle HTTP
Server is Running On a Separate Host"
■
Section 3.1.7, "WebCenter Security Upgrade Release Notes"
■
Section 3.1.8, "Oracle B2B Upgrade Release Notes"
■
■
Section 3.1.9, "Problem Accessing the Welcome Pages in Oracle HTTP Server After
Upgrade"
Section 3.1.10, "Misleading Error Message When Upgrading Oracle Internet
Directory"
Upgrade 3-1
General Issues and Workarounds
■
■
■
■
■
■
Section 3.1.11, "Additional Steps Required When Redeploying the SOA Order
Booking Sample Application on Oracle Fusion Middleware 11g"
Section 3.1.12, "Additional Steps Required When Upgrading Human Taskflow
Projects"
Section 3.1.13, "Stopping Oracle Virtual Directory Processes During Upgrade"
Section 3.1.14, "Providing Input to Upgrade Assistant Screens When Oracle
Internet Directory Upgrade Fails"
Section 3.1.15, "Upgrading Oracle Access Manager Middle Tier"
Section 3.1.16, "Inaccurate Results When Running the Upgrade Assistant Verify
Feature"
■
Section 3.1.17, "Missing jdk_version.log File When Launching Upgrade Assistant"
■
Section 3.1.18, "Test Suites in Oracle SOA Suite 10g Projects Not Upgraded to 11g"
3.1.1 Patches Required to Address Specific Upgrade and Compatibility Requirements
In general, Oracle assumes that you are running the latest Oracle Application Server
10g patch sets before you begin the upgrade to Oracle Fusion Middleware 11g.
In addition, in some specific cases, you must apply an additional software patches to
your Oracle Application Server 10g components before you start the upgrade process.
These patches are designed to address specific interoperability issues that you might
encounter while upgrading your Oracle Application Server 10g environment to Oracle
Fusion Middleware 11g.
Table 3–1 lists the specific patch sets required to address specific upgrade and
compatibility requirements for Oracle Fusion Middleware 11g.
For more information, refer to the following sections:
■
■
Section 3.1.1.1, "Obtaining Patches and Support Documents From My Oracle
Support (Formerly OracleMetaLink)"
Section 3.1.1.2, "Upgrading the Oracle BAM Schema on Oracle Database 11g on
Microsoft Windows"
3-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
Table 3–1
Patches Required to Address Specific Upgrade and Compatibility Requirements
Patch Set Number
Description and Purpose
Additional Information
8404955
Before you can perform the Oracle B2B schema
upgrade, you must apply this required patch to
the Oracle Application Server Integration B2B
10g Release 2 (10.1.2) middle tier.
"Task 6b: If Necessary, Upgrade the
B2B Schema" in the Oracle Fusion
Middleware Upgrade Guide for Oracle
SOA Suite, WebCenter, and ADF
This patch set is required in order to enable the
Java command that you use to export the
trading partner agreements, as described in the
following step.
5746866
If the database that hosts your Oracle
Application Server 10g schemas is an
Oracle Database 10g (10.1.0.x) database, then
make sure that this database patch (or database
patch 5126270) has been applied to the 10g
(10.1.0.x) database before you upgrade the
database to the required Oracle Database 10g
(10.2.0.4).
"Upgrading to Oracle Database 10g
Release 2 (10.2.0.4)" in the Oracle
Fusion Middleware Upgrade Planning
Guide
Note that database patch 5746866 includes
patch 5126270.
7685124
8372141
Apply this patch against Oracle Secure
Enterprise Search (10.1.8.3.0) before you
attempt to use Oracle Secure Enterprise Search
with Oracle Portal 11g.
"Oracle Secure Enterprise Search" in
the Oracle Fusion Middleware
Administrator's Guide for Oracle Portal
Apply this patch on your Oracle Application
Server 10g Release 3 (10.1.3.4) environment to
enable interoperability between Oracle SOA
Suite 10g Release 3 (10.1.3.4) and Oracle BPEL
Process Manager 11g.
"Applying Patch Sets to Address
Specific Upgrade Interoperability
Issues" in the Oracle Fusion Middleware
Upgrade Planning Guide
This patch is also referred to as the Oracle SOA
Suite 10g Release 3 (10.1.3.4) Cumulative MLR
#7.
6522654
Apply this patch to your Oracle Database
before you attempt to upgrade your Oracle
BAM schema.
If you do not apply this patch to your Oracle
Database 10g (10.2.0.3), 10g (10.2.0.4), or
Oracle Database 11g (11.1.0.7) before
performing the schema upgrade, you will
likely see the following error:
Section 31.4, "Interoperability Issues
and Workarounds."
"Upgrading Oracle SOA Suite Client
Applications" in the Oracle Fusion
Middleware Upgrade Guide for Oracle
SOA Suite, WebCenter, and ADF
"Task 6c: If Necessary, Upgrade the
BAM Schema" in the Oracle Fusion
Middleware Upgrade Guide for Oracle
SOA Suite, WebCenter, and ADF
Section 3.1.3.1, "Datapump Export for
Oracle BAM Upgrade Plug-in Fails in
Oracle Database 10g (10.2.0.3), 10g
(10.1.2.0.4), and Oracle Database 11g
(11.1.0.7)"
BAM MRUA: SCHEMA UPGRADE FAILED
SQLException: ORA-39002: invalid
operation
The description for this patch on My Oracle
Support is "USING DATA PUMP THROUGH
DBLINK CAUSED DATA CORRUPTION FOR
CLOB VALUES".
Upgrade 3-3
General Issues and Workarounds
Table 3–1 (Cont.) Patches Required to Address Specific Upgrade and Compatibility Requirements
Patch Set Number
Description and Purpose
Additional Information
7675269
Apply this patch to prevent the occurrence of
an ORA-01591 error in an Oracle Real
Application Clusters (Oracle RAC) 11g
(11.1.0.7) database.
"Upgrading and Preparing Your
Databases" in the Oracle Fusion
Middleware Upgrade Planning Guide
This error can occur for rows locked by
transactions which were in the middle of
two-phase commit.
The description of this patch on My Oracle
Support is "ODAC 2008:RAC NODE
AFFINITY: DISTRIBUTED TXN ABORTS
WITH ORA-01591."
8291981
Apply this patch to correct a problem where
Metadata Repository (MDS) queries against an
Oracle Database 11g (11.1.0.7) database do not
find all of the results (documents or elements)
that they should.
"Managing the MDS Repository" in
the Oracle Fusion Middleware
Administrator's Guide
The description of this patch on My Oracle
Support is: "SELECT INCORRECT RESULTS:
SOME RESULTS NOT FOUND".
9007079
Apply this bundled patch to your Oracle
Database 11g (11.1.0.7) Real Application
Clusters (Oracle RAC) environment to address
three known issues while using the Oracle
RAC database with Oracle Fusion Middleware
Oracle SOA Suite components.
"Oracle Real Application Clusters and
Fusion Middleware" in the Oracle
Fusion Middleware High Availability
Guide.
See the Readme file for the patch for a list of
the bugs addressed by the patch.
The description of this patch on My Oracle
Support is: "MERGE REQUEST FOR 8886255
AND 7675269".
8607693
Apply this patch to your Oracle Real
Application Clusters (Oracle RAC) 11g
(11.1.0.7) database to prevent an error that can
occur if an XA transaction branch was being
asynchronously rolled back by two or more
sessions.
"Oracle Real Application Clusters and
Fusion Middleware" in the Oracle
Fusion Middleware High Availability
Guide.
The description of this patch on My Oracle
Support is: "STRESS SOA - ORA-00600:
INTERNAL ERROR CODE, ARGUMENTS:
[504] (Oracle AC)".
7682186
Apply this patch to your Oracle Real
Application Clusters (Oracle RAC) 11g
(11.1.0.7) database to prevent an issue that
results in an ORA-600 error.
Behavior includes CR-inconsistencies between
index and the block, or incorrect results in an
Oracle RAC multi-node global transaction
environment.
The description of this patch on My Oracle
Support is: "ORA-600[KDSGRP1] SIGNALLED
DURING BUGOLTP-XA WORKLOAD".
3-4 Oracle Fusion Middleware Release Notes
"Oracle Real Application Clusters and
Fusion Middleware" in the Oracle
Fusion Middleware High Availability
Guide.
General Issues and Workarounds
3.1.1.1 Obtaining Patches and Support Documents From My Oracle Support
(Formerly OracleMetaLink)
To obtain a patch, log in to My Oracle Support (formerly OracleMetaLink), click
Patches and Updates, and search for the patch number:
http://support.oracle.com/
To obtain a support note or document, log in to My Oracle Support and enter the
support note number in the Quick Find search field at the top of the My Oracle
Support window and search the Knowledge Base for the note number.
3.1.1.2 Upgrading the Oracle BAM Schema on Oracle Database 11g on Microsoft
Windows
If the Oracle Database you use to host your Oracle BAM schema is an Oracle Database
11g database, then you must apply the required patches to upgrade your database to
Oracle Database 11g (10.1.0.7).
In addition, if the database is running on a Microsoft Windows 32-bit computer, then
you must also apply patch 8451592 to the Oracle Database 11g (10.1.0.7) database
before you can run the Upgrade Assistant to upgrade the Oracle BAM schema to 11g.
Patch 8451592 is also referred to as Oracle Database Server Version 11.1.0.7 Patch 11.
You must perform the steps described in Section 3.3.5,
"Post Installation Instructions" of the Oracle Database Server Version
11.1.0.7 Patch 11 Bundle Patch Update Note, which explain in detail how
to run the catcpu.sql script.
Important:
If you do not run the catcpu.sql script after applying the database
patch, then the Oracle BAM schema upgrade will fail.
The patch update note is available by clicking the View Readme
button when you locate the patch in My Oracle Support. It is also
included in the downloaded ZIP file that contains the patch files.
For more information about upgrading the Oracle BAM schema, see the Oracle Fusion
Middleware Upgrade Guide for Oracle SOA Suite, WebCenter, and ADF.
3.1.2 Unable to Read Composite Model Error During SOA Application Upgrade
The Oracle Fusion Middleware Upgrade Guide for Oracle SOA Suite, WebCenter, and ADF
describes how Oracle JDeveloper 11g will automatically upgrade specific features of
your Oracle SOA Suite 10g applications to 11g.
However, if you see the following error while upgrading your application in
JDeveloper 11g, then you can safely ignore the error. Your application will be
upgraded, but you will need to create a new SOA-SAR deployment profile after the
application upgrade. And use this newly created profile for deploying SOA composite:
SEVERE: Unable to read composite model for project project_name
For more information, see 43.2, "Deploying a Single SOA Composite in Oracle
JDeveloper," in the Oracle Fusion Middleware Developer's Guide for Oracle SOA Suite.
Upgrade 3-5
General Issues and Workarounds
3.1.3 Oracle BAM Upgrade Issues
The following sections provide information about specific issues related to upgrading
Oracle BAM 10g to Oracle BAM 11g:
■
Section 3.1.3.1, "Datapump Export for Oracle BAM Upgrade Plug-in Fails in Oracle
Database 10g (10.2.0.3), 10g (10.1.2.0.4), and Oracle Database 11g (11.1.0.7)"
■
Section 3.1.3.2, "Dependent Alerts Do Not Upgrade Correctly"
■
Section 3.1.3.3, "Problem Upgrading a Report that Contains Calculated Fields"
■
■
Section 3.1.3.4, "Calculated Fields Reference the Field ID Rather Than Field Names
After Upgrade to Oracle BAM 11g"
Section 3.1.3.5, "Using the Oracle BAM 11g Samples After Upgrade from Oracle
BAM 10g"
3.1.3.1 Datapump Export for Oracle BAM Upgrade Plug-in Fails in Oracle Database
10g (10.2.0.3), 10g (10.1.2.0.4), and Oracle Database 11g (11.1.0.7)
Before you upgrade the Oracle BAM 11g schema to 11g, you must first apply patch
6522654 to your Oracle Database 10g (10.2.0.3), 10g (10.1.2.0.4), and Oracle Database
11g (11.1.0.7).
If you do not apply this patch, then you will likely experience the following error
during Oracle BAM schema upgrade:
BAM MRUA: SCHEMA UPGRADE FAILED SQLException: ORA-39002: invalid operation
For more information, see Section 3.1.1, "Patches Required to Address Specific
Upgrade and Compatibility Requirements".
3.1.3.2 Dependent Alerts Do Not Upgrade Correctly
When an alert in Oracle BAM 10g is dependent upon another alert, the dependent
alert keeps a reference to the parent alert with a GUID reference. When such an alert is
exported from 10g it will contain a GUID reference to the parent alert, and import to
an Oracle BAM 11g system is not successful.
The following modification to the exported alert definition file can be used as a
workaround for import to an Oracle BAM 11g system.
Edit the exported file contents of the dependent alert from the Oracle BAM 10g
system, and modify the following element containing reference to parent alert.
Change this:
&lt;param name=&quot;RuleID&quot; order=&quot;0&quot;&gt;
//private:weblogic/Rule/624567ffe84de34c-6e6bdbaa120eb7f6ea6-8000
&lt;/param&gt;
To this:
&lt;param name=&quot;RuleID&quot; order=&quot;0&quot;&gt;
ParentAlertName
&lt;/param&gt;
In other words, the GUID reference for parent alert must be replaced by the parent
alert's name.
3-6 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
3.1.3.3 Problem Upgrading a Report that Contains Calculated Fields
If you created a report in Oracle BAM 10g or in Oracle BAM 11g Release 1 (11.1.1.1.0)
and the report contains calculated fields that use using datetime type fields, then the
Calculations tab displays this error in Oracle BAM 11g Release 1 (11.1.1.2.0):
BAM-01610: INVALID FILTER EXPRESSION
More specifically, this error occurs when the calculation is an expression for equality
check against a datetime field in String format. For example, for a datetime field such
as Last Modified, the following calculation does not work:
If {Last Modified}=="7/18/2002 1:33:10 PM"
Before you can upgrade the report, you must remove the calculated fields.
3.1.3.4 Calculated Fields Reference the Field ID Rather Than Field Names After
Upgrade to Oracle BAM 11g
After upgrading to Oracle BAM 11g Release 1 (11.1.1.2.0), any calculated fields in your
reports will reference fields by the field ID, rather than the field name.
Specifically, after upgrade, the field name referenced in the expression will be
converted to use the field id (for example, _Num_Sold).
For example, the field reference might appear as follows after the upgrade:
If({_Num_Sold}==5000)
Then("met")
Else("notmet")
Note that the calculated fields will continue to work after the upgrade and after this
automatic conversion.
3.1.3.5 Using the Oracle BAM 11g Samples After Upgrade from Oracle BAM 10g
When you install Oracle BAM 11g, the installer copies a set of sample applications to
the Oracle SOA Suite Oracle home. Refer to the following sections for more
information about using these samples after upgrading to Oracle BAM 11g from
Oracle BAM 10g:
■
■
Section 3.1.3.5.1, "General Information About the Oracle BAM Samples"
Section 3.1.3.5.2, "Removing Any 10g Sample Applications Before Configuring the
Oracle BAM 11g Samples"
For information about using the Oracle BAM 11g after migrating from Oracle Fusion
Middleware 11g Release 1 (11.1.1.1.0), see Section 3.2.7, "Using the Oracle BAM 11g
Prepackaged Samples After Migrating from 11.1.1.1.0".
3.1.3.5.1 General Information About the Oracle BAM Samples The Oracle Fusion
Middleware installer copies the Oracle BAM samples to the following location in the
Oracle SOA Suite Oracle home:
SOA_ORACLE_HOME/bam/samples/bam/
Instructions for configuring and using the samples, as well as updated samples, can be
found at the following URL on the Oracle Technology Network (OTN):
http://www.oracle.com/technology/products/integration/bam/collateral/samples11g.html
Upgrade 3-7
General Issues and Workarounds
The instructions explain how to use the propert setup script to configure the demos in
your Oracle BAM 11g environment. You can also find individual readme file for each
demo within each sample directory.
3.1.3.5.2 Removing Any 10g Sample Applications Before Configuring the Oracle BAM 11g
Samples Before you use the instructions on OTN to set up the Oracle BAM 11g
samples, remove any data objects, reports, or alerts associated with any existing 10g
samples.
For example, be sure to remove any artifacts associated with the Oracle BAM 10g Call
Center and Atherton demos before you run the setup scripts.
3.1.4 Error When Upgrading Oracle Internet Directory Due to Invalid ODS Schema
If you receive an error when using the Upgrade Assistant to upgrade the Oracle
Internet Directory schema from 10g Release 2 (10.1.2.3) to 11g, then verify that the ODS
10g schema is valid.
To view the status of the Oracle Application Server 10g schemas in your database, use
the following SQL command:
SELECT comp_id, version, status FROM app_registry;
If the output from this command shows that the ODS schema is INVALID, then use
the instructions in the following My Oracle Support document to install and configure
Referential Integrity:
730360.1, "Referential Integrity in Oracle Internet Directory Version 10.1.2.3"
After performing the instructions in the support document, then retry the Oracle
Internet Directory schema upgrade.
3.1.5 Restore From Backup Required If Upgrade Fails During a Colocated Oracle
Internet Directory and Oracle Directory Integration Platform Upgrade
If you are using the Upgrade Assistant to upgrade both Oracle Internet Directory and
Oracle Directory Integration Platform, consider the following.
If the Oracle Internet Directory upgrade fails, then before you can run the Upgrade
Assistant again, you must restore your Oracle Internet Directory 10g backup before
you can run the Upgrade Assistant again. Otherwise, the Upgrade Assistant will not
attempt to upgrade Oracle Directory Integration Platform.
3.1.6 Cannot Verify Oracle Forms Services Upgrade When Oracle HTTP Server is
Running On a Separate Host
If you use the Upgrade Assistant to upgrade an Oracle Forms Services instance that
does not include a local instance of Oracle HTTP Server, then the Verify feature of the
Upgrade Assistant cannot verify that the upgrade was successful. Instead of reporting
that the upgrade was successful, the Verify feature will report that the server is
unavailable. This verification error may not be valid if the Oracle HTTP Server is
installed and configured on a different host than the Oracle Forms Services instance.
3.1.7 WebCenter Security Upgrade Release Notes
The following bugs/release notes relate to security changes for Custom WebCenter
applications upgrading from 10.1.3.x:
3-8 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
■
■
■
Section 3.1.7.1, "RowSetPermission check fails with compatibility flag set"
Section 3.1.7.2, "Grants not migrated properly if application contains grants
without permissions"
Section 3.1.7.3, "Shared/public credentials not found after external application
deployed"
3.1.7.1 RowSetPermission check fails with compatibility flag set
In 10.1.3, the ADF framework performed rowset, attribute, and method permission
checks in addition to page permission checks. If a 10.1.3 application grants 'read'
permission on the rowset and attribute and 'invoke' permission on the method for all
users, then the application will behave as expected in 11R1 without any additional
setup.
However, if the 10.1.3 application was designed to allow only certain users to view the
rowset, attribute, or invoke method, then a special flag needs to be set to support this
style of security. If this flag is not set, then anyone who has page access can view
attributes and rowsets and invoke methods since in 11R1 the permission check is
performed only on pages and taskflows. The flag must be set for each application in
the adf-config.xml file.
<sec:adf-security-child xmlns="http://xmlns.oracle.com/adf/security/config">
<JaasSecurityContext
initialContextFactoryClass=
"oracle.adf.share.security.JAASInitialContextFactory"
jaasProviderClass=
"oracle.adf.share.security.providers.jps.JpsSecurityContext"
authorizationEnforce="true"/>
<contextEnv name="oracle.adf.security.metadata" value="false"/>
<CredentialStoreContext
credentialStoreClass=
"oracle.adf.share.security.providers.jps.CSFCredentialStore"
credentialStoreLocation="../../src/META-INF/jps-config.xml"/>
</sec:adf-security-child>
3.1.7.2 Grants not migrated properly if application contains grants without
permissions
Grants are not migrated properly if a 10.1.3 application contains grants without any
permissions. Developers should inspect the app-jazn-data.xml file in the 10.1.3
workspace and remove any grants that have empty permission set prior to performing
the migration.
3.1.7.3 Shared/public credentials not found after external application deployed
If you have secured your 10.1.3 application, ensure there are no duplicate
JaasSecurityContext and CredentialStoreContext elements in the
application's adf-config.xml file prior to migration.In the following example, the
first JaasSecurityContext element is empty and should be removed (see "Remove
entry" in the XML snippet below).
<adf-config-child xmlns="http://xmlns.oracle.com/adf/security/config">
<CredentialStoreContext
credentialStoreClass=
"oracle.adf.share.security.providers.jazn.JAZNCredentialStore"
credentialStoreDefaultUser="anonymous"
credentialStoreLocation="./credential-store.xml"/>
<JaasSecurityContext/> <!--Remove entry-->
<JaasSecurityContext
Upgrade 3-9
General Issues and Workarounds
initialContextFactoryClass=
"oracle.adf.share.security.JAASInitialContextFactory"
jaasProviderClass=
"oracle.adf.share.security.providers.jazn.JAZNSecurityContext"
authorizationEnforce="true"/>
</adf-config-child>
3.1.8 Oracle B2B Upgrade Release Notes
The following release notes apply when you are upgrading Oracle B2B 10g to Oracle
B2B 11g:
■
Section 3.1.8.1, "Service Name Is Required When Using ebMS with Oracle B2B"
■
Section 3.1.8.2, "Converting Wallets to Keystores for Oracle B2B 11g"
■
Section 3.1.8.3, "Oracle B2B UCCnet Documents Not Upgraded to 11g"
■
Section 3.1.8.4, "Errors in the Upgrade Log Files Even When Oracle B2B Schema
Upgrade is Successful"
3.1.8.1 Service Name Is Required When Using ebMS with Oracle B2B
Because the Service Name parameter is required when using the ebMS protocol in
Oracle B2B 11g, you may need to provide a value for this field after importing 10g
data.
With the agreement in the draft state, update the field on the Partners > Documents
tab. When you select a document definition that uses the ebMS protocol, the
Document Type > ebMS tab appears in the Document Details area. The Service Name
field is on this tab.
3.1.8.2 Converting Wallets to Keystores for Oracle B2B 11g
After upgrading to Oracle B2B 11g, use the orapki pkcs12_to_jks option to
replace the entire keystore. Convert the wallet to a keystore as follows:
1.
Back up the original keystore.
2.
Use the orapki wallet pkcs12_to_jks option to convert to the keystore.
3.
Use keytool -list to list the aliases and verify.
4.
Use keytool -importkeystore to import the converted keystore to the
backup of the original keystore (as done in Step 1)
3.1.8.3 Oracle B2B UCCnet Documents Not Upgraded to 11g
OracleAS Integration B2B provides support for UCCnet under the Custom Document
option. UCCnet is a service that enables trading partners to exchange
standards-compliant data in the retail and consumer goods industries.
Note, however, that UCCnet documents are not upgraded automatically to Oracle B2B
11g. For information about using UCCnet documents in Oracle B2B 11g, see "Using the
UCCnet Document Protocol" in the Oracle Fusion Middleware User's Guide for Oracle
B2B.
3-10 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
3.1.8.4 Errors in the Upgrade Log Files Even When Oracle B2B Schema Upgrade is
Successful
When you use Oracle Fusion MiddlewareUpgrade Assistant upgrade the Oracle B2B
schema, some errors might appear in the upgrade log files even if the Oracle B2B
schema upgrade is successful.
For example, you might see an error, such as the following:
oracle.jrf.UnknownPlatformException: JRF is unable to determine the current
application server platform
As long as the Upgrade Assistant reports that the upgrade was sucessful, these errors
can be safely ignored. They will be addressed in a future release.
For more information about troubleshooting upgrade issues, including how to use the
upgrade log files, see "General Troubleshooting Guidelines" in the Oracle Fusion
Middleware Upgrade Planning Guide.
For more information about the Oracle B2B schema upgrade, see "If Necessary,
Upgrade the B2B Schema," in the Oracle Fusion Middleware Upgrade Guide for
Oracle SOA Suite, WebCenter, and ADF.
3.1.9 Problem Accessing the Welcome Pages in Oracle HTTP Server After Upgrade
After you upgrade to Oracle HTTP Server 11g, the DirectoryIndex directive in the
httpd.conf set to index.html. As a result, if you go to the recommended URL to
view the Oracle Fusion Middleware Welcome pages you instead see the "hello world"
sample application page.
To address this issue:
1.
Edit the httpd.conf file in the following location:
ORACLE_INSTANCE/config/OHS/ohs_component_name/
2.
Locate the DirectoryIndex directive in the httpd.conf file and change
index.html to welcome-index.html.
3.
Restart the Oracle HTTP Server instance.
3.1.10 Misleading Error Message When Upgrading Oracle Internet Directory
When upgrading to Oracle Internet Directory 11g, you might notice an error message
in the Upgrade Assistant (Example 3–1). This error message indicates that some
managed processes failed to start.
You can safely ignore this message, as long as the Upgrade Assistant messages also
indicates that all components were upgraded successfully. This error occurs when the
Upgrade Assistant attempts to start the Oracle Enterprise Manager agent and the
agent is already running.
Example 3–1 Error Message When Upgrading Oracle Internet Directory
----------------------------------------------------------Starting Destination Components
Starting OPMN and managed processes in the destination Oracle instance.
->UPGAST-00141: startup of 11g OPMN managed processes failed.
Starting WebLogic managed server wls_ods1
Clicked OK to continue
Upgrade Progress 100%
All components were upgraded successfully.
Upgrade 3-11
General Issues and Workarounds
------------------------------------------------------------
3.1.11 Additional Steps Required When Redeploying the SOA Order Booking Sample
Application on Oracle Fusion Middleware 11g
Appendix A of the Oracle Fusion Middleware Upgrade Guide for Oracle SOA Suite,
WebCenter, and ADF provides an example of how to use Oracle JDeveloper 11g
upgrade and redeploy a complex application on Oracle Fusion Middleware 11g.
However, after you install Oracle Fusion Middleware 11g (11.1.1.3.0), you must
perform the following additional tasks before you can successfully compile and
deploy the application with Oracle JDeveloper 11g:
1.
Before you open and upgrade the application with Oracle JDeveloper 11g, edit the
original web.xml and replace the <web-app> element with the following:
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5" xmlns="http://java.sun.com/xml/ns/javaee">
2.
Follow the steps in Appendix A of the Oracle Fusion Middleware Upgrade Guide for
Oracle SOA Suite, WebCenter, and ADF to open the SOA Order Booking application
in Oracle JDeveloper 11g and to upgrade the projects within the application.
3.
When you get to Section A.8.10, "ApproveOrderTaskForm," open the web.xml
and verify that it contains a <servlet> element and <servlet_mapping>
element for the WFTTaskUpdate servlet.
If such an element does not exist in the web.xml file, then edit the web.xml file
and add the elements shown in Example 3–2.
4.
Continue with the rest of the instructions for deploying the project.
Example 3–2 Servlet Elements to Add to the SOA Order Booking web.xml File
<servlet>
<servlet-name>
WFTaskUpdate
</servlet-name>
<servlet-class>
oracle.bpel.services.workflow.worklist.servlet.WFTaskUpdate
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>
WFTaskUpdate
</servlet-name>
<url-pattern>
/WFTaskUpdate
</url-pattern>
</servlet-mapping>
3.1.12 Additional Steps Required When Upgrading Human Taskflow Projects
By default, if you deploy an upgraded Oracle SOA Suite 10g Release 3 (10.1.3)
application that includes a Human Taskflow project on Oracle Fusion Middleware 11g
(11.1.1.3.0), you will not be able to view the taskflow details.
To work around this problem, perform the following additional steps when you are
deploying an application with a Human Taskflow project:
3-12 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
1.
Before you open and upgrade the application with Oracle JDeveloper 11g, edit the
original web.xml and replace the <web-app> element with the following:
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5" xmlns="http://java.sun.com/xml/ns/javaee">
2.
After you open and upgrade the application in Oracle JDeveloper 11g, do the
following:
a.
In Oracle JDeveloper 11g, deploy the application to an EAR file.
b.
Expand the EAR file on disk, and then expand the packaged WAR file on disk.
For example:
jar -xvf ear_file_name.ear
jar -xvf war_file_name.war
c.
Open the web.xml file in the WEB-INF directory of the WAR file and
comment out the following entry:
<!--servlet-mapping>
<servlet-name>jsp</servlet-name>
<url-pattern>*.jsp</url-pattern>
</servlet-mapping-->
d.
Repackage WAR and subsequently the EAR.
For example:
jar -cvf war_file_name.war *
jar -cvf ear_file_name.ear *
e.
Deploy the EAR using the WebLogic Administration Console.
Note that is important that you use the Oracle WebLogic Server
Administration Console to deploy the application and not Oracle JDeveloper
11g. This is because Oracle JDeveloper forces a rebuild of the applciation and
your changes will be overwritten.
3.1.13 Stopping Oracle Virtual Directory Processes During Upgrade
When upgrading Oracle Virtual Directory to 11g, you must manually stop Oracle
Virtual Directory processes if multiple Oracle Virtual Directory processes are running.
When you attempt to stop Oracle Virtual Directory, only the last process that started
will stop. If multiple Oracle Virtual Directory processes are running, you must use the
kill -9 command to stop the processes before upgrading to Oracle Virtual Directory
11g.
3.1.14 Providing Input to Upgrade Assistant Screens When Oracle Internet Directory
Upgrade Fails
If Oracle Internet Directory upgrade fails during the Examine phase in the upgrade
process, do not modify the input you entered in the screens. Instead, dismiss the
Upgrade Assistant wizard and the upgrade process again.
Upgrade 3-13
General Issues and Workarounds for Migrating from 11.1.1.1.0
3.1.15 Upgrading Oracle Access Manager Middle Tier
When running the Upgrade Assistant to upgrade the Oracle Single Sign-On 10g to
Oracle Access Manager 11g, you must run the Upgrade Assistant from the same
machine where your Oracle Access Manager Managed Server is running.
3.1.16 Inaccurate Results When Running the Upgrade Assistant Verify Feature
For some upgrade scenarios, the Oracle Fusion Middleware Upgrade Assistant
provides a Verify feature that attempts to analyze the upgraded 11g environment.
When you run the Verify feature, the Upgrade Assistant automatically reports any
problems it finds with the upgraded environment.
However, there are cases where the Verify feature incorrectly identifies a problem. For
example, when single sign-on is enabled, the Verify feature might report that it cannot
access specific URLs for the upgraded components.
In these cases, you should enter the URL directly into a Web browser to verify the
URL. In those cases, the URL might indeed be valid and you can ignore the errors
generated by the Verify feature.
3.1.17 Missing jdk_version.log File When Launching Upgrade Assistant
When you start the Oracle Fusion Middleware Upgrade Assistant to begin an upgrade
of the Oracle Identity and Access Management products, the Upgrade Assistant might
display an error message in the terminal window that indicates that the following file
is missing:
temp\jdk_version.log
If you see this error, quit the Upgrade Assistant and manually create the following
directory before running the Upgrade Assistant:
ORACLE_HOME/upgrade/temp
In this example, ORACLE_HOME is the directory where Oracle Identity and Access
Manager product is installed.
3.1.18 Test Suites in Oracle SOA Suite 10g Projects Not Upgraded to 11g
When you upgrade your Oracle SOA Suite 10g projects to Oracle SOA Suite 11g, test
suites defined in your Oracle JDeveloper projects will not be upgraded to 11g. In most
cases, you will have to modify or recreate your test suites in Oracle JDeveloper 11g.
For more information, refer to the following:
■
■
"Correcting Problems With Oracle BPEL Process Manager Test Suites" in the
Oracle Fusion Middleware Upgrade Guide for Oracle SOA Suite, WebCenter, and ADF
"Automating Testing of SOA Composite Applications" in the Oracle Fusion
Middleware Developer's Guide for Oracle SOA Suite
3.2 General Issues and Workarounds for Migrating from 11.1.1.1.0
This section describes general issue and workarounds that apply only if you are
starting with Oracle Fusion Middleware 11g Release 1 (11.1.1.1.0) and you are using
the instructions in Appendix B, "Using Patch Assistant to Migrate from 11g Release 1
(11.1.1.1.0) to Release 1 (11.1.1.2.0)" in the Oracle Fusion Middleware Patching Guide.
This section includes the following topics:
3-14 Oracle Fusion Middleware Release Notes
General Issues and Workarounds for Migrating from 11.1.1.1.0
■
Section 3.2.1, "Stopping the 11.1.1.2.0 Domain"
■
Section 3.2.2, "Patching the Schema for Oracle Internet Directory"
■
Section 3.2.3, "Changing the patchmaster.ValidationErrorContinue Property"
■
Section 3.2.4, "Changing the Default Setting for Validation Tasks"
■
Section 3.2.5, "Severe Error When Running the execute-sql-rcu Macro"
■
■
Section 3.2.6, "Machine Names Do Not Appear in the Oracle WebLogic Server
Administration Console"
Section 3.2.7, "Using the Oracle BAM 11g Prepackaged Samples After Migrating
from 11.1.1.1.0"
3.2.1 Stopping the 11.1.1.2.0 Domain
While stopping the 11.1.1.2.0 domain by using the ant master-stop-domain-new
command, you may see the following exceptions if the Administration Server and the
Managed Servers are down:
java.net.ConnectException: Connection refused: connect; No available router to
destination.
The admin server and the managed servers should be up while running the command.
3.2.2 Patching the Schema for Oracle Internet Directory
While patching the schema for Oracle Internet Directory, ensure that you specify only
OID as the parameter for the patchMaster.Componentlist property in the
patchMaster.properties file.
3.2.3 Changing the patchmaster.ValidationErrorContinue Property
By default, the patchMaster.ValidationErrorContinue file appears as
patchmaster.ValidationErrorContinue. When you run this property, an error
occurs.
Therefore, if you are using this property, replace the default property with
patchMaster.ValidationErrorContinue before running Patch Assistant.
3.2.4 Changing the Default Setting for Validation Tasks
Patch Assistant validates the properties specified in the patchMaster.properties
file. Additionally it performs the following validation tasks:
■
Verify whether the potential source, target home, and instance paths exist.
■
Verify locations to discover it they are an instance, home, and so on.
■
■
Validate individual migration task. For example, if you are migrating a domain,
then schema-based properties are not required. If the schema-based properties are
specified, be sure to set the complete and proper set of schema-based properties.
Attempts to recognize exceptions to specific components. For example, if Oracle
Internet Directory is solely specified as the component being patched, then the
property patchMaster.Schemaprefix is not necessary. However, if other
components are being patched, then it is assumed that
patchMaster.Schemaprefix is a necessary part of schema property validation.
Upgrade 3-15
General Issues and Workarounds for Migrating from 11.1.1.1.0
If you want to continue with the Patch Assistant task after a validation error occurs,
then you can open the patchMaster.properties file (Located in your
patchMaster directory) in a text editor, and change the value to true for the
patchMaster.ValidationErrorContinue property (The default value is false).
Alternatively, you can use the Ant command-line utility to override the properties set
in the patchMaster.properties file. You must specify the required property on
the command line as follows:
ant-DpatchMaster.ValidationErrorContinue
3.2.5 Severe Error When Running the execute-sql-rcu Macro
When running the execute-sql-rcu macro, you may see the following error
message, while the SQL script is still running:
[java] SEVERE: Error while registering Oracle JDBC Diagnosability MBean.
[java] java.security.AccessControlException: access denied
(javax.management.MBeanTrustPermission register)
To resolve this error, you must grant the register permission by adding the following
syntax to the java.policy file (Located at JAVA_HOME/jre/lib/security in
UNIX and JAVA_HOME\jre\lib\security in Windows):
.
grant codeBase "file:${PATCH-MASTER-HOME}/lib/*.jar" {
permission javax.management.MBeanTrustPermission "register";
};
Ensure that you replace {PATCH-MASTER-HOME} with your
home path.
Note:
3.2.6 Machine Names Do Not Appear in the Oracle WebLogic Server Administration
Console
After running Patch Assistant, you cannot see the list of machines (Machine-0 and
Machine-1) configured during 11.1.1.1.0 and 11.1.1.2.0, in the Oracle WebLogic Server
Administration Console. After migrating to 11.1.1.2.0, you must re-enter the machine
names using the Oracle WebLogic Server Administration Console. For more
information, see Create and configure machines topic in the Oracle Fusion Middleware
Oracle WebLogic Server Administration Console Online Help.
3.2.7 Using the Oracle BAM 11g Prepackaged Samples After Migrating from 11.1.1.1.0
If you are using the Oracle BAM 11g sample applications, refer to the following
sections for information about using the samples after migrating from Oracle Fusion
Middleware 11g Release 1 (11.1.1.1.0) to Release 1 (11.1.1.2.0):
■
■
Section 3.2.7.1, "Configuring the Oracle BAM 11g Samples After Migrating from
11.1.1.1.0"
Section 3.2.7.2, "Using the Foreign Exchange Sample After Migrating from
11.1.1.1.0"
For more information about the Oracle BAM 11g samples, see Section 3.1.3.5.1,
"General Information About the Oracle BAM Samples".
3-16 Oracle Fusion Middleware Release Notes
Documentation Errata for Upgrade
3.2.7.1 Configuring the Oracle BAM 11g Samples After Migrating from 11.1.1.1.0
After you migrate from Oracle Fusion Middleware 11g Release 1 (11.1.1.1.0) to 11g
Release 1 (11.1.1.2.0), be sure to run the proper setup script for setting up samples.
Specifically, you must run the recreate script instead of the setup script.
For more information, see the readme file for each of the Oracle BAM 11g samples.
3.2.7.2 Using the Foreign Exchange Sample After Migrating from 11.1.1.1.0
After you run the recreate script to set up the Foreign Exchange sample after migrating
from 11.1.1.1.0, you might experience the following error when you open the report
(Shared Reports/Demos/Foreign Exchange):
The "Trade Volume" has an error:
CACHEEXCEPTION_NULL_NULL_NULL
Message:BAM-01274: The field ID 1 is not recognized.
To fix this problem, perform the following steps:
1.
Open Active Studio.
2.
Open the report:
Shared Reports/Demos/Foreign Exchange/SLAViolation Report
3.
Click Edit.
4.
Select the Trade Volume view and click Edit View.
5.
In the Fields tab under Group By, select the field GroupBy.
6.
Go to the Surface Prompts tab.
7.
From the Display in drop-down menu, in select View Title.
8.
Click Apply and save the report.
Visit the Oracle BAM samples page on OTN regularly to obtain updated samples and
more information about the Oracle BAM sample applications.
3.3 Documentation Errata for Upgrade
This section provides documentation errata for the following guides:
■
■
■
Section 3.3.1, "Documentation Errata for the Upgrade Guide for Oracle SOA Suite,
WebCenter, and ADF"
Section 3.3.2, "Documentation Errata for the Oracle Fusion Middleware Upgrade
Guide for Oracle Identity Management"
Section 3.3.3.1, "Clarification of Post-Upgrade Tasks for SSL-Enabled Oracle HTTP
Server"
3.3.1 Documentation Errata for the Upgrade Guide for Oracle SOA Suite, WebCenter,
and ADF
This section contains documentation errata for the Oracle Fusion Middleware Upgrade
Guide for Oracle SOA Suite, WebCenter, and ADF:
■
Section 3.3.1.1, "Errors in Additional Steps for Upgrading Technology Adapter
Headers"
Upgrade 3-17
Documentation Errata for Upgrade
3.3.1.1 Errors in Additional Steps for Upgrading Technology Adapter Headers
In the section, "Additional Steps When Upgrading Technology Adapter Headers" in
the Oracle Fusion Middleware Upgrade Guide for Oracle SOA Suite, WebCenter, and ADF,
note the following:
■
In the subsection, "Example Steps to Perform After Upgrading to Oracle
Mediator," the example shown should appear as follows:
<copy target="$out.property.jca.aq.HeaderDocument" expression="'&lt;?xml
version = &quot;1.0&quot; standalone= &quot;yes&quot;?>&lt;tns:Header
xmlns:tns=&quot;http://xmlns.oracle.com/pcbpel/adapter/aq/outbound/">
<tns:PayloadHeader>&lt;MSG_ID>&lt;
/MSG_ID>&lt;INREPLYTO_MSG_ID>&lt;
/INREPLYTO_MSG_ID>&lt;FROM_PARTY>GlobalChips&lt;
/FROM_PARTY>&lt;TOPARTY>Acme&lt;
/TO_PARTY>&lt;ACTION_NAME>&lt;/ACTION_NAME>&lt;DOCTYPE_NAME>ORDERS&lt;
/DOCTYPE_NAME>&lt;DOCTYPE_REVISION>D98A&lt;
/DOCTYPE_REVISION>&lt;MSG_TYPE>1&lt;
/MSG_TYPE>&lt;PAYLOAD>&lt;
/PAYLOAD>&lt;/tns:PayloadHeader>&lt;/tns:Header>'"/>
■
In the subsection, "Example Steps to Perform After Upgrading to Oracle BPEL
Process Manager," Example 14-1, "Assign Block When Upgrading Adapter
Headings" should appear as follows:
<assign name="assign header">
<copy>
<from expression="'&lt;?xml version = &quot;1.0&quot;standalone =
&quot;yes&quot;?>&lt;tns:Header
xmlns:tns=&quot;http://xmlns.oracle.com/pcbpel/adapter/aq/Inbound/">
<tns:PayloadHeader>&lt;MSG_ID>12345&lt;
/MSG_ID>&lt;INREPLYTO_MSG_ID>54321&lt;
/INREPLYTO_MSG_ID>&lt;FROM_PARTY>Acme&lt;
/FROM_PARTY>&lt;TO_PARTY>GlobalChips&lt;
/TO_PARTY>&lt;ACTION_NAME>contentType:application/octet-stream;
filename:abc.xml&lt;
/ACTION_NAME>&lt;DOCTYPE_NAME>850&lt;
/DOCTYPE_NAME>&lt;DOCTYPE_REVISION>4010&lt;
/DOCTYPE_REVISION>&lt;MSG_TYPE>1&lt;/MSG_TYPE>&lt;PAYLOAD>&lt;
/PAYLOAD>&lt;/tns:PayloadHeader>&lt;/tns:Header>'"/>
<to variable="headerVariable"/>
</copy>
</assign>
3.3.2 Documentation Errata for the Oracle Fusion Middleware Upgrade Guide for
Oracle Identity Management
This section describes documentation errata. It includes the following topics:
■
■
Section 3.3.2.1, "Error in Procedure for Identifying Additional Oracle Internet
Directory Instances"
Section 3.3.2.2, "Error in Oracle Virtual Directory Releases Supported"
3.3.2.1 Error in Procedure for Identifying Additional Oracle Internet Directory
Instances
In the section, "Recreating Any Non-Default Oracle Internet Directory Instances," in
the Oracle Fusion Middleware Upgrade Guide for Oracle Identity Management, step 1
3-18 Oracle Fusion Middleware Release Notes
Documentation Errata for Upgrade
describes how to identify any additional, non-default Oracle Internet Directory
instances you have created.
However, the procedure fails to indicate that the command provided will display a list
of the default instances, as well as any non-default instances. Be sure to review the
output of the command in Step 1 and identify only the Oracle Internet Directory
instances that were not created by default, during the Oracle Internet Directory
installation procedure.
If you have not created any non-default Oracle Internet Directory instances, then there
is no need to perform the steps in the section, "Recreating Any Non-Default Oracle
Internet Directory Instances."
3.3.2.2 Error in Oracle Virtual Directory Releases Supported
In Table 2-2, "Oracle Virtual Directory Releases Supported By This Guide," the
"Description or Notes" section states:
This version of Oracle Identity Federation was available as part of Oracle Application
Server 10g (10.1.4.0.1). It was installed using a separate installation procedure and
installation guide.
It should say:
This version of Oracle Virtual Directory was available as part of Oracle Application
Server 10g (10.1.4.0.1). It was installed using a separate installation procedure and
installation guide.
3.3.3 Documentation Errata for the Oracle Fusion Middleware Upgrade Guide for Java
EE
This section contains documentation errata for the Oracle Fusion Middleware Upgrade
Guide for Java EE. It contains the following sections:
■
Section 3.3.3.1, "Clarification of Post-Upgrade Tasks for SSL-Enabled Oracle HTTP
Server"
3.3.3.1 Clarification of Post-Upgrade Tasks for SSL-Enabled Oracle HTTP Server
Section 7.5.2, "Verifying and Updating the Oracle HTTP Server and Oracle Web Cache
Ports After Upgrade" in the Oracle Fusion Middleware Upgrade Guide for Java EE
provides information about additional post-upgrade steps you must perform for
Oracle HTTP Server in some situations.
Specifically, if you decide to use the new ports defined for your Oracle Fusion
Middleware 11g installation, rather than ports used for your Oracle Application Server
10g installation, then you should verify the listening ports, origin servers, site
definitions, and site-to-server mapping settings, and make changes if appropriate.
This section fails to mention that you should perform this task even if the Oracle HTTP
Server instance and Oracle Web Cache instance reside in the same Oracle home and
you upgrade them together.
For example, if you have enabled end-to-end SSL in your 10g environment, then you
must edit the ssl.conf file in the upgraded Oracle home to ensure that the
ServerName entry in the Oracle HTTP Server 11g ssl.conf file is correct. Locate the
ssl.conf file in the Oracle Fusion Middleware 11g Oracle home, and verify that the
ServerName directive is set to the 11g Oracle Web Cache host and listening port:
For example:
Upgrade 3-19
Documentation Errata for Upgrade
ServerName staeb56.us.oracle.com:443
3-20 Oracle Fusion Middleware Release Notes
4
Oracle Fusion Middleware Administration
4
This chapter describes issues associated with Oracle Fusion Middleware
administration. It includes the following topics:
■
Section 4.1, "General Issues and Workarounds"
■
Section 4.2, "Configuration Issues and Workarounds"
This chapter contains issues you might encounter while
administering any of the Oracle Fusion Middleware products.
Note:
Be sure to review the product-specific release note chapters elsewhere
in this document for any additional issues specific to the products you
are using.
4.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topics:
■
■
Section 4.1.1, "Clarification About Path for OPMN"
Section 4.1.2, "Fusion Middleware Control May Return Error in Mixed IPv6 and
IPv4 Environment"
■
Section 4.1.3, "Deploying JSF Applications"
■
Section 4.1.4, "Limitations in Moving from Test to Production"
■
Section 4.1.5, "Limitations in Moving Oracle Business Process Management from
Test to Production Environment"
■
Section 4.1.6, "Message Returned with Incorrect Error Message Level"
■
Section 4.1.7, "Recovering from Loss of Host for Oracle Essbase Not Supported"
4.1.1 Clarification About Path for OPMN
OPMN provides the opmnctl command. The executable file is located in the
following directories:
■
ORACLE_HOME/opmn/bin/opmnctl: The opmnctl command from this location
should be used only to create an Oracle instance or a component for an Oracle
instance on the local system. Any opmnctl commands generated from this location
should not be used to manage system processes or to start OPMN.
On Windows, if you start OPMN using the opmnctl start command from this
location, OPMN and its processes will terminate when the Windows user has
logged out.
Oracle Fusion Middleware Administration
4-1
General Issues and Workarounds
■
ORACLE_INSTANCE/bin/opmnctl: The opmnctl command from this location
provides a per Oracle instance instantiation of opmnctl. Use opmnctl commands
from this location to manage processes for this Oracle instance. You can also use
this opmnctl to create components for the Oracle instance.
On Windows, if you start OPMN using the opmnctl start command from this
location, it starts OPMN as a Windows service. As a result, the OPMN parent
process, and the processes which it manages, persist after the MS Windows user
has logged out.
4.1.2 Fusion Middleware Control May Return Error in Mixed IPv6 and IPv4 Environment
If your environment contains both IPv6 and IPv4 network protocols, Fusion
Middleware Control may return an error in certain circumstances.
If the browser that is accessing Fusion Middleware Control is on a host using the IPv4
protocol, and selects a control that accesses a host using the IPv6 protocol, Fusion
Middleware Control will return an error. Similarly, if the browser that is accessing
Fusion Middleware Control is on a host using the IPv6 protocol, and selects a control
that accesses a host using the IPv4 protocol, Fusion Middleware Control will return an
error.
For example, if you are using a browser that is on a host using the IPv4 protocol and
you are using Fusion Middleware Control, Fusion Middleware Control returns an
error when you navigate to an entity that is running on a host using the IPv6 protocol,
such as in the following situations:
■
■
From the Oracle Internet Directory home page, you select Directory Services
Manager from the Oracle Internet Directory menu. Oracle Directory Services
Manager is running on a host using the IPv6 protocol.
From a Managed Server home page, you click the link for Oracle WebLogic Server
Administration Console, which is running on IPv6.
■
You test Web Services endpoints, which are on a host using IPv6.
■
You click an application URL or Java application which is on a host using IPv6.
To work around this issue, you can add the following entry to the /etc/hosts file:
nnn.nn.nn.nn
myserver-ipv6 myserver-ipv6.example.com
In the example, nnn.nn.nn.nn is the IPv4 address of the Administration Server host,
myserver.example.com.
4.1.3 Deploying JSF Applications
Some JSF applications may experience a memory leak due to incorrect Abstract
Window Toolkit (AWT) application context classloader initialization in the Java class
library. Setting the oracle.jrf.EnableAppContextInit system property to true
will attempt eager initialization of the AWT application context classloader to prevent
this leak from occurring. By default, this property is set to false.
4.1.4 Limitations in Moving from Test to Production
Note the following limitations in moving from test to production:
■
When you execute the pasteBinary command, the -executesysprereqs option is set
to true by default. If you set it to false, the operation fails. To work around this
4-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
problem, either do not pass the option to the pasteBinary command, or set it to
true.
■
If your environment includes Oracle WebLogic Server which you have upgraded
from one release to another (for example from 10.3.4 to 10.3.5), the pasteConfig
scripts fails with the following error:
Oracle_common_home/bin/unpack.sh line29:
WL_home/common/bin/unpack.sh No such file or directory
To work around this issue, edit the following file:
MW_HOME/utils/uninstall/WebLogic_Platform_10.3.5.0/WebLogic_Server_10.3.5.0_
Core_Application_Server.txt file
Add the following entries:
/wlserver_10.3/server/lib/unix/nodemanager.sh
/wlserver_10.3/common/quickstart/quickstart.cmd
/wlserver_10.3/common/quickstart/quickstart.sh
/wlserver_10.3/uninstall/uninstall.cmd
/wlserver_10.3/uninstall/uninstall.sh
/utils/config/10.3/setHomeDirs.cmd
/utils/config/10.3/setHomeDirs.sh
■
■
When you are cloning Oracle Virtual Directory, the Oracle instance name in the
source environment cannot be the same as the Oracle instance name in the target
environment. The Oracle instance name in the target must be different than the
name in the source.
After you clone Oracle Virtual Directory from one host to another, you must add a
self-signed certificate to the Oracle Virtual Directory keystore and EM Agent
wallet on Host B. Take the following steps:
a.
Set the ORACLE_HOME and JAVA_HOME environment variables.
b.
Delete the existing self-signed certificate:
$JAVA_HOME/bin/keytool -delete -alias serverselfsigned
-keystore ORACLE_INSTANCE/config/OVD/ovd_component_
name/keystores/keys.jks
-storepass OVD_Admin_password
c.
Generate a key pair:
$JAVA_HOME/bin/keytool -genkeypair
-keystore ORACLE_INSTANCE/config/OVD/ovd_component_
name/keystores/keys.jks
-storepass OVD_Admin_password -keypass OVD_Admin_password -alias
serverselfsigned
-keyalg rsa -dname "CN=Fully_qualified_hostname,O=test"
d.
Export the certificate:
$JAVA_HOME/bin/keytool -exportcert
-keystore ORACLE_INSTANCE/config/OVD/ovd_component_
name/keystores/keys.jks
-storepass OVD_Admin_password -rfc -alias serverselfsigned
-file ORACLE_INSTANCE/config/OVD/ovd_component_name/keystores/ovdcert.txt
e.
Add a wallet to the EM Agent:
ORACLE_HOME/../oracle_common/bin/orapki wallet add
-wallet ORACLE_INSTANCE/EMAGENT/EMAGENT/sysman/config/monwallet
Oracle Fusion Middleware Administration
4-3
General Issues and Workarounds
-pwd EM_Agent_Wallet_password -trusted_cert
-cert ORACLE_INSTANCE/config/OVD/ovd_component_name/keystores/ovdcert.txt
■
f.
Stop and start the Oracle Virtual Directory server.
g.
Stop and start the EM Agent.
The copyConfig operation fails if you are using IPv6 and the Managed Server
listen address is not set.
To work around this problem, set the Listen Address for the Managed Server in
the Oracle WebLogic Server Administration Console. Navigate to the server. Then,
on the Settings for server page, enter the Listen Address. Restart the Managed
Servers.
4.1.5 Limitations in Moving Oracle Business Process Management from Test to
Production Environment
Note the following limitations when moving Oracle Business Process Management
from a test environment to a production environment:
■
When you move Oracle Business Process Management from a test environment to
a production environment as described in the Task "Move Oracle Business Process
Management to the New Production Environment" in the Oracle Fusion Middleware
Administrator's Guide, Oracle Business Process Management Organization Units
are not imported.
To work around this issue, you must re-create the Organization Units in the
production environment. In addition, if any Organization associations with the
Calendar rule for the Role exist in the test environment, you must re-create them,
using the Roles screen.
For information, see "Working with Organizations" in the Oracle Fusion Middleware
Modeling and Implementation Guide for Oracle Business Process Management.
■
■
Oracle recommends that you move artifacts and data into a new, empty
production environment. If the same artifacts are present or some data has been
updated on the production environment, the procedure does not update those
artifacts.
If Oracle Service Bus is part of the same domain as Oracle SOA Suite, you cannot
use the test-to-production procedures described in "Moving Oracle SOA Suite to a
Production Environment" in the Oracle Fusion Middleware Administrator's Guide.
you can either install Oracle Service Bus in a different domain, or manually create
the production environment.
4.1.6 Message Returned with Incorrect Error Message Level
In Fusion Middleware Control, when you select a metadata repository, the following
error messages are logged:
Partitions is NULL
Partitions size is 0
These messages are logged at the Error level, which is incorrect. They should be
logged at the debug level, to provide information.
4-4 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
4.1.7 Recovering from Loss of Host for Oracle Essbase Not Supported
In this release, recovering from loss of host for Oracle Essbase is not supported. You
can recover from other failures, such as media failure.
4.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
■
■
■
Section 4.2.1, "Must Stop Oracle SOA Suite Managed Server Before Stopping
soa-infra"
Section 4.2.2, "Configuring Fusion Middleware Control for Windows Native
Authentication"
Section 4.2.3, "Fusion Middleware Control Does Not Keep Column Preferences in
Log Viewer Pages"
Section 4.2.4, "Topology Viewer Does Not Display Applications Deployed to a
Cluster"
■
Section 4.2.5, "Changing Log File Format"
■
Section 4.2.6, "SSL Automation Tool Configuration Issues"
4.2.1 Must Stop Oracle SOA Suite Managed Server Before Stopping soa-infra
Using Fusion Middleware Control, if you stop a Oracle SOA Suite Managed Server
before you stop soa-infra, then you start the Managed Server, the soa-infra application
is not restarted automatically. If you try to restart the soa-infra, you will received an
error. When you encounter the problem, you cannot close the dialog box in the
browser, so you cannot take any further actions in Fusion Middleware Control.
To avoid this situation, you should stop the Managed Server, which stops all
applications, including the soa-infra application. To start the Managed Server and the
soa-infra, start the Managed Server.
To close the browser dialog box, enter the following URL in your browser:
http://host:port/em
4.2.2 Configuring Fusion Middleware Control for Windows Native Authentication
To use Windows Native Authentication (WNA) as the single sign-on mechanism
between Fusion Middleware Control and Oracle WebLogic Server Administration
Console, you must make changes to the following files:
■
web.xml
■
weblogic.xml
These files are located in the em.ear file. You must explode the em.ear file, edit the
files, then rearchive the em.ear file. Take the following steps (which assume that while
the front end is on Windows, the em.ear file is on UNIX):
1.
Set the JAVA_HOME environment variable. For example:
setenv JAVA_HOME /scratch/Oracle/Middleware/jrockit_160_05_R27.6.2-20
2.
Change to the directory containing the em.ear, and explode the file. For example:
cd /scratch/Oracle/Middleware/user_projects/applications/domain_name
Oracle Fusion Middleware Administration
4-5
Configuration Issues and Workarounds
JAVA_HOME/bin/jar xvf em.ear em.war
JAVA_HOME/bin/jar xvf em.war WEB-INF/web.xml
JAVA_HOME/bin/jar xvf em.war WEB-INF/weblogic.xml
3.
Edit web.xml, commenting out the first login-config block and uncommenting the
login-config block for WNA. (The file contains information about which block to
comment and uncomment.) When you have done this, the portion of the file will
appear as in the following example:
<!--<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
-->
<!-the following block is for Windows Native Authentication, if you are using
WNA, do the following:
1. uncomment the following block
2. comment out the previous <login-config> section.
3. you also need to uncomment a block in weblogic.xml
-->
<login-config>
<auth-method>CLIENT-CERT,FORM</auth-method>
<form-login-config>
<form-login-page>/faces/targetauth/emasLogin</form-login-page>
<form-error-page>/login/LoginError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
.
.
.
<security-role>
<role-name>Monitor</role-name>
</security-role>
4.
Edit weblogic.xml, uncommenting the following block. (The file contains
information about which block to uncomment.) When you have done this, the
portion of the file will appear as in the following example:
<!-the following block is for Windows Native Authentication, if you are using
WNA, uncomment the following block.
-->
<security-role-assignment>
<role-name>Admin</role-name>
<externally-defined/>
</security-role-assignment>
.
.
.
<security-role-assignment>
<role-name>Deployer</role-name>
<externally-defined/>
</security-role-assignment>
5.
Rearchive the em.ear file. For example:
JAVA_HOME/bin/jar uvf em.war WEB-INF/web.xml
JAVA_HOME/bin/jar uvf em.war WEB-INF/weblogic.xml
JAVA_HOME/bin/jar uvf em.ear em.war
4-6 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
4.2.3 Fusion Middleware Control Does Not Keep Column Preferences in Log Viewer
Pages
In Fusion Middleware Control, you can reorder the columns in the pages that display
log files and log file messages. However, if you navigate away from the page and then
back to it, the columns are set to their original order.
4.2.4 Topology Viewer Does Not Display Applications Deployed to a Cluster
In Fusion Middleware Control, the Topology Viewer does not display applications
that are deployed to a cluster.
4.2.5 Changing Log File Format
When you change the log file format note the following:
■
■
When you change the log file format from text to xml, specify the path, but omit
the file name. The new file will be named log. xml.
When you change the log file format from xml to text, specify both the path and
the file name.
4.2.6 SSL Automation Tool Configuration Issues
The following issues have been observed when using the SSL Automation tool:
■
■
■
■
The script creates intermediate files that contain passwords in clear text. If the
script fails, these files might not be removed. After a script failure, delete all files
under the rootCA directory.
If Oracle Internet Directory password policy is enabled, passwords entered for
wallet or keystore fail if they violate the policy.
Before you run the script, you must have JDK 1.6 installed and you must have
JAVA_HOME set in your environment.
If the Oracle Virtual Directory configuration script fails, check the run log or
enable debug for the shell script to view specific errors. If the error message looks
similar to this, rerun the script with a new keystore name:
WLSTException: Error occured while performing cd : Attribute
oracle.as.ovd:type=component.listenersconfig.sslconfig,name=LDAP SSL
Endpoint,instance=%OVD_INSTANCE%,component=ovd1 not found
Oracle Fusion Middleware Administration
4-7
Configuration Issues and Workarounds
4-8 Oracle Fusion Middleware Release Notes
5
Oracle Enterprise Manager Fusion
Middleware Control
5
This chapter describes issues associated with Fusion Middleware Control. It includes
the following topics:
■
Section 5.1, "General Issues and Workarounds"
■
Section 5.2, "Documentation Errata"
This chapter contains issues you might encounter while using
Fusion Middleware Control to manage any of the Oracle Fusion
Middleware products.
Note:
Be sure to review the product-specific release note chapters elsewhere
in this document for any additional issues specific to the products you
are using.
5.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topic:
■
■
■
■
■
■
■
Section 5.1.1, "Product Behavior After a Session Timeout"
Section 5.1.2, "Fixing Errors Displayed When Selecting the TopLink Sessions
Command in Fusion Middleware Control"
Section 5.1.3, "Verifying the DISPLAY Variable to Correct Problems Displaying
Graphics"
Section 5.1.4, "Incomplete Information Available on the MDS Configuration Page"
Section 5.1.5, "Exceptions When Starting Oracle Web Cache After Accessing
Configuration Pages from Oracle Enterprise Manager Fusion Middleware
Control"
Section 5.1.6, "Table Display Problems When Using Some Language Variants"
Section 5.1.7, "Problems When Internet Explorer 7 is Configured to Open Pop-Up
Windows in a New Tab."
■
Section 5.1.8, "Additional Fusion Middleware Control Release Notes"
■
Section 5.1.9, "Problem with Performance Charts After Moving a Chart Region"
■
Section 5.1.10, "Display Problems When Running JDK 160_18 on Intel Systems that
Support the SSE4.2 Instruction Set"
Oracle Enterprise Manager Fusion Middleware Control 5-1
General Issues and Workarounds
■
■
■
Section 5.1.11, "Adobe Flash Plugin Required When Displaying Fusion
Middleware Control in the Apple Safari Browser"
Section 5.1.12, "Unable to Access Fusion Middleware Control After Installing the
Oracle Identity Management 11.1.1.4.0 Patch Set"
Section 5.1.13, "Disk Space Considerations When Using Fusion Middleware
Control to Scale Out Oracle BI EE"
5.1.1 Product Behavior After a Session Timeout
For security purposes, your sessions with the Fusion Middleware Control will time
out after a predefined period of inactivity, and you will be asked to log in to the
console again. In most cases, you are returned to the page you had displayed before
the session timed out.
However, in some circumstances, such as when you are using the Fusion Middleware
Control deployment wizards, you will not be returned the same location in the
product after you log in. In those cases, you will have to navigate to the specific Fusion
Middleware Control page you were using before the session timed out.
5.1.2 Fixing Errors Displayed When Selecting the TopLink Sessions Command in
Fusion Middleware Control
In Fusion Middleware Control, you can view the Oracle TopLink management pages
by selecting TopLink Sessions from the Application Deployment menu.
However, if you receive an error message when you select this command, you can
remedy the problem by adding one or both of the following MBean system properties,
as follows
On Windows operating systems:
rem set JAVA_OPTIONS=%JAVA_OPTIONS% -Declipselink.register.dev.mbean=true
rem set JAVA_OPTIONS=%JAVA_OPTIONS% -Declipselink.register.run.mbean=true
On UNIX operating systems:
JAVA_OPTIONS="${JAVA_OPTIONS} -Declipselink.register.dev.mbean=true"
JAVA_OPTIONS="${JAVA_OPTIONS} -Declipselink.register.run.mbean=true"
For more information, see the following URL on the Eclipse WIKI Web site:
http://wiki.eclipse.org/Integrating_EclipseLink_with_an_Application_Server_
(ELUG)#How_to_Integrate_JMX
5.1.3 Verifying the DISPLAY Variable to Correct Problems Displaying Graphics
The graphics subsystem for the Fusion Middleware Control generates some of its
graphics on demand, and if the DISPLAY environment variable is set, Fusion
Middleware Control tries to open the specified DISPLAY environment.
If Fusion Middleware Control fails to start due to graphics errors, check to see whether
the DISPLAY environment variable is set to a proper DISPLAY environment.
If the DISPLAY environment variable is set incorrectly, unset the DISPLAY
environment variable. Then restart Fusion Middleware Control.
5-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
5.1.4 Incomplete Information Available on the MDS Configuration Page
After deploying a Oracle SOA Suite application that requires Oracle Metadata Services
(MDS), in some rare circumstances, you may find that the MDS configuration page for
the application does not contain complete information about the MDS repository.
To address this problem, use the Metadata Repositories page to register the repository
again. For more information, see "Create and Register an MDS Repository" in the
Fusion Middleware Control online help.
5.1.5 Exceptions When Starting Oracle Web Cache After Accessing Configuration
Pages from Oracle Enterprise Manager Fusion Middleware Control
To start, stop, or restart Oracle Web Cache from Fusion Middleware Control, from the
Web Cache menu, you can choose Control, and then Start Up, Shut Down, or Restart.
If you select Shut Down, and then Start Up on a configuration page, Fusion
Middleware Control may return exception errors. If these errors occur in your
environment, perform the operations from Web Cache Home page.
5.1.6 Table Display Problems When Using Some Language Variants
When you use Fusion Middleware Control in some non-English language
environments, some of the tables on the component home pages display incorrectly.
For example, some rows of the table appear to be merged and without content.
These issues can be safely ignored, since no data on the pages is hidden. The table cells
that appear incorrectly do not contain performance data or other information.
5.1.7 Problems When Internet Explorer 7 is Configured to Open Pop-Up Windows in a
New Tab
If you configure Microsoft Internet Explorer 7 so it always displays pop-up windows
in a new browser tab, then you may experience problems using Fusion Middleware
Control. For example, in some cases, Enteprise Manager content displays in a new tab
as expected, but Fusion Middleware Control stops responding to mouse clicks. The
only way to continue working is to close the tab.
To avoid this problem, use the Internet Options dialog box in Internet Explorer to
disable the option for displaying pop-up windows in a new tab.
5.1.8 Additional Fusion Middleware Control Release Notes
Refer to Chapter 4, "Oracle Fusion Middleware Administration" for additional Fusion
Middleware Control release notes.
Additional Fusion Middleware Control release notes are also included in the
component chapters of the Release Notes.
5.1.9 Problem with Performance Charts After Moving a Chart Region
Oracle Enterprise Manager Fusion Middleware Control provides performance charts
on many of the component home pages. For example, it provides charts that display
the current response and load metrics, as well as the CPU and memory usage.
If you move one of these charts to a new location on the home page, then sometimes
the Table View link (which provides a tabular view of the data) does not work
properly and the chart might stop refreshing automatically.
Oracle Enterprise Manager Fusion Middleware Control 5-3
General Issues and Workarounds
To fix this problem, click the refresh icon at the top, right corner of the page to refresh
the page.
5.1.10 Display Problems When Running JDK 160_18 on Intel Systems that Support the
SSE4.2 Instruction Set
Some of the newer Intel-based computers support the SSE4.2 instruction set. If you are
using the 160_18 version of the Java Development Kit (JDK) on one of these
computers, then you might see some display issues in the Oracle Enterprise Manager
Fusion Middleware Control.
This is related to the following issue on the Sun Developer Network (SDN):
http://bugs.sun.com/view_bug.do?bug_id=6875866
In particular, when using Fusion Middleware Control, you might experience some
font size and alignment issues, and an error similar to the following appears in the
server log file:
Servlet failed with Exception
java.lang.StringIndexOutOfBoundsException: String index out of range
To remedy this problem:
1.
Locate and open the setDomainEnv configuration file in your Oracle WebLogic
Server domain home.
For example:
DOMAIN_HOME/bin/setDomainEnv.sh
2.
Add the following to the JAVA_OPTIONS entry in the setDomainEnv file and
save your changes:
-XX:-UseSSE42Intrinsics
For example:
JAVA_OPTIONS="${JAVA_OPTIONS} ${JAVA_PROPERTIES}
-Dwlw.iterativeDev=${iterativeDevFlag} -Dwlw.testConsole=${testConsoleFlag}
-Dwlw.logErrorsToConsole=${logErrorsToConsoleFlag} -XX:-UseSSE42Intrinsics"
3.
Locate the following directory in your Oracle WebLogic Server domain home:
DOMAIN_HOME/servers/AdminServer/tmp/_WL_user/em/jmb4hf/public/adf/styles/cache/
4.
Delete the style sheets (.css) files from the directory.
5.
Restart the Oracle WebLogic Server domain.
6.
Clear the cache in your Web browser.
5.1.11 Adobe Flash Plugin Required When Displaying Fusion Middleware Control in the
Apple Safari Browser
To use the Apple Safari browser to display Fusion Middleware Control, you must
have the Adobe Flash browser plugin installed.
If you experience problems displaying graphics or other Fusion Middleware Control
elements, download and install a newer version of the plugin from the Adobe Web
site.
5-4 Oracle Fusion Middleware Release Notes
Documentation Errata
5.1.12 Unable to Access Fusion Middleware Control After Installing the Oracle Identity
Management 11.1.1.4.0 Patch Set
After you install the Oracle Fusion Middleware 11g Release 1 (11.1.1.4.0) patch set, you
might experience problems when accessing the Fusion Middleware Control pages
used to manage the Oracle Identity Management components.
Specifically, an error similar to the following appears in the Administration Server log
files:
[ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default
(self-tuning)'] [userId: <anonymous>] [ecid:
0000In^zrbUF8DQ6ubU4UH1D1qXF00000s,0] [APP: em] [[
oracle.adf.controller.ControllerException: ADFC-00025: The ADF controller has
not been successfully initalized.
If you experience this problem, restart the Administration Server. After the restart, you
should be able to log in and access the Fusion Middleware Control pages.
5.1.13 Disk Space Considerations When Using Fusion Middleware Control to Scale Out
Oracle BI EE
The section "Using Fusion Middleware Control to Scale System Components," in the
Oracle Fusion Middleware System Administrator's Guide for Oracle Business Intelligence
Enterprise Edition, explains how to how to manage the capacity of your Oracle BI EE
deployment using Fusion Middleware Control.
When you use the features described in this section, note that the number of servers
and hosts you define will have an impact on the amount of disk space required for
your Oracle BI EE installation. Be sure to monitor the disk space on your systems
when scaling out your environment. Keep in mind that additional log file activity will
also result when you scale out your environment.
5.2 Documentation Errata
This section describes documentation errata. It includes the following topics:
■
■
Section 5.2.1, "Search Unavailable for Some Embedded Administrator's Guides"
Section 5.2.2, "Patching Section in the Fusion Middleware Control Online Help is
Not Supported"
5.2.1 Search Unavailable for Some Embedded Administrator's Guides
Search is unavailable for the following embedded administrator's guides in the Fusion
Middleware Control help system:
■
■
Oracle Fusion Middleware Administrator's Guide for Oracle Identity Federation
Oracle Fusion Middleware System Administrator's Guide for Content Server for
installations with Oracle Enterprise Content Management Suite
5.2.2 Patching Section in the Fusion Middleware Control Online Help is Not Supported
The Fusion Middleware Control online help system includes the contents of the Oracle
Fusion Middleware System Administrator's Guide for Oracle Business Intelligence Enterprise
Edition. In the Fusion Middleware Control online help, this guide includes Section
17.11, which describes patching the Oracle BI Presentation Catalog. This functionality
is not supported in Release 11.1.1.5. The section is not included in the version of the
Oracle Enterprise Manager Fusion Middleware Control 5-5
Documentation Errata
guide that ships with Oracle BI EE or that is posted on the Oracle Technology
Network.
5-6 Oracle Fusion Middleware Release Notes
6
Oracle Fusion Middleware High Availability
and Enterprise Deployment
6
This chapter describes issues associated with Oracle Fusion Middleware high
availability and enterprise deployment. It includes the following topics:
■
Section 6.1, "General Issues and Workarounds"
■
Section 6.2, "Configuration Issues and Workarounds"
■
■
Section 6.3, "Testing Abrupt Failures of WebLogic Server When Using File Stores
on NFS"
Section 6.4, "Documentation Errata"
This chapter contains issues you might encounter while
configuring any of the any of the Oracle Fusion Middleware products
for high availability or an enterprise deployment.
Note:
Be sure to review the product-specific release note chapters elsewhere
in this document for any additional issues specific to the products you
are using.
6.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topics:
■
■
Section 6.1.1, "Secure Resources in Application Tier"
Section 6.1.2, "mod_wl Not Supported for OHS Routing to Managed Server
Cluster"
■
Section 6.1.3, "Only Documented Procedures Supported"
■
Section 6.1.4, "SOA Composer Generates Error During Failover"
■
■
■
■
■
Section 6.1.5, "Accessing Web Services Policies Page in Cold Failover
Environment"
Section 6.1.6, "Considerations for Oracle Identity Federation HA in SSL Mode"
Section 6.1.7, "Online Help Context May be Lost When Failover Occurs in High
Availability Environment"
Section 6.1.8, "ASCRS Cannot be Used to Create a Database Resource for the
Oracle Database Console Service on Windows"
Section 6.1.9, "Changes to Rulesets May Not be Persisted During an Oracle RAC
Instance Failover"
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-1
General Issues and Workarounds
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
Section 6.1.10, "Manual Retries May be Necessary When Redeploying Tasks
During an Oracle RAC Failover"
Section 6.1.11, "Timeout Settings for SOA Request-Response Operations are Not
Propagated in a Node Failure"
Section 6.1.12, "Scale Out and Scale Up Operations Fail"
Section 6.1.13, "Harmless SQLIntegrityConstraintViolationException Can be
Received in a SOA Cluster"
Section 6.1.14, "WebLogic Cluster WS-AT Recovery Can Put a Server into a
'Warning' State"
Section 6.1.15, "Very Intensive Uploads from I/PM to UCM May Require Use of
IP-Based Filters in UCM Instead of Hostname-Based Filters"
Section 6.1.16, "Worklist Application May Throw Exception if Action Dropdown
Menu is Used During a Failover"
Section 6.1.17, "ClassCastExceptions in a SOA Cluster for the SOA Worklist
Application"
Section 6.1.18, "Use srvctl in 11.2 Oracle RAC Databases to Set Up AQ Notification
and Server-side TAF"
Section 6.1.19, "Oracle I/PM Input Files May Not be Processed Correctly During
an Oracle RAC Failover"
Section 6.1.20, "Failover Is Not Seamless When Creating Reports in Oracle BI
Publisher"
Section 6.1.21, "Failed to Load Error Appears in Layout View When Oracle BI
Publisher Managed Server is Failed Over"
Section 6.1.22, "When Scheduling an Oracle BI Publisher Job, a Popup Window
Appears After Managed Server Failover"
Section 6.1.23, "Cannot Save Agent When Oracle Business Intelligence Managed
Server Fails Over"
Section 6.1.24, "Patch 10094106 Required for SSO Configuration in an Enterprise
Deployment"
Section 6.1.25, "Installing Additional Oracle Portal, Forms, Reports, and Discoverer
Instances After Upgrading Oracle Single Sign-On 10g to Oracle Access Manager
11g"
Section 6.1.26, "JMS Instance Fails In a BI Publisher Cluster"
Section 6.1.27, "Null Pointer Exception Error Window Opens during Approving
Task When Failover Occurs"
6.1.1 Secure Resources in Application Tier
It is highly recommended that the application tier in the SOA Enterprise Deployment
topology and the WebCenter Enterprise Deployment topology is protected against
anonymous RMI connections. To prevent RMI access to the middle tier from outside
the subset configured, follow the steps in "Configure connection filtering" in the Oracle
WebLogic Server Administration Console Online Help. Execute all of the steps, except
as noted in the following:
1.
Do not execute the substep for configuring the default connection filter. Execute
the substep for configuring a custom connection filter.
6-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
2.
In the Connection Filter Rules field, add the rules that will allow all protocol
access to servers from the middle tier subnet while allowing only http(s) access
from outside the subnet, as shown in the following example:
nnn.nnn.0.0/nnn.nnn.0.0 * * allow
0.0.0.0/0 * * allow t3 t3s
6.1.2 mod_wl Not Supported for OHS Routing to Managed Server Cluster
Oracle Fusion Middleware supports only mod_wls_ohs and does not support mod_
wl for Oracle HTTP Server routing to a cluster of managed servers.
6.1.3 Only Documented Procedures Supported
For Oracle Fusion Middleware high availability deployments, Oracle strongly
recommends following only the configuration procedures documented in the Oracle
Fusion Middleware High Availability Guide and the Oracle Fusion Middleware Enterprise
Deployment Guides.
6.1.4 SOA Composer Generates Error During Failover
During failover, if you are in a SOA Composer dialog box and the connected server is
down, you will receive an error, such as Target Unreachable, 'messageData'
returned null.
To continue working in the SOA Composer, open a new browser window and
navigate to the SOA Composer.
6.1.5 Accessing Web Services Policies Page in Cold Failover Environment
In a Cold Failover Cluster (CFC) environment, the following exception is displayed
when Web Services policies page is accessed in Fusion Middleware Control:
Unable to connect to Oracle WSM Policy Manager.
Cannot locate policy manager query/update service. Policy manager service
look up did not find a valid service.
To avoid this, implement one the following options:
■
■
Create virtual hostname aliased SSL certificate and add to the key store.
Add "-Dweblogic.security.SSL.ignoreHostnameVerification=true" to the JAVA_
OPTIONS parameter in the startWeblogic.sh or startWeblogic.cmd files
6.1.6 Considerations for Oracle Identity Federation HA in SSL Mode
In a high availability environment with two (or more) Oracle Identity Federation
servers mirroring one another and a load balancer at the front-end, there are two ways
to set up SSL:
■
Configure SSL on the load balancer, so that the SSL connection is between the user
and the load balancer. In that case, the keystore/certificate used by the load
balancer has a CN referencing the address of the load balancer.
The communication between the load balancer and the WLS/Oracle Identity
Federation can be clear or SSL (and in the latter case, Oracle WebLogic Server can
use any keystore/certificates, as long as these are trusted by the load balancer).
■
SSL is configured on the Oracle Identity Federation servers, so that the SSL
connection is between the user and the Oracle Identity Federation server. In this
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-3
General Issues and Workarounds
case, the CN of the keystore/certificate from the Oracle WebLogic Server/Oracle
Identity Federation installation needs to reference the address of the load balancer,
as the user will connect using the hostname of the load balancer, and the
Certificate CN needs to match the load balancer's address.
In short, the keystore/certificate of the SSL endpoint connected to the user (load
balancer or Oracle WebLogic Server/Oracle Identity Federation) needs to have its
CN set to the hostname of the load balancer, since it is the address that the user
will use to connect to Oracle Identity Federation.
6.1.7 Online Help Context May be Lost When Failover Occurs in High Availability
Environment
In a high availability environment, if you are using online help and a failover occurs
on one of the machines in your environment, your context in online help may be lost
when the application is failed over.
For example, the online help table of contents may not remember the topic that was
selected prior to the failover, or the last online help search results may be lost.
No data is lost, and your next online help request after the failover will be handled
properly.
6.1.8 ASCRS Cannot be Used to Create a Database Resource for the Oracle Database
Console Service on Windows
In Patch Set 2 of the Oracle Fusion Middleware 11g Release 1 (11.1.1) release, a new
feature was added to Application Server Cluster Ready Services (ASCRS) to enable
users to create an ASCRS database resource for the Oracle Database Console service.
Using ASCRS to create an ASCRS database resource is described in the "Creating an
Oracle Database Resource" section of the "Using Cluster Ready Services" chapter in the
Oracle Fusion Middleware High Availability Guide.
This feature works on UNIX, because the Oracle Database Console can be CFC
enabled on UNIX.
However, on Windows, there is no CFC support for the Oracle Database Console
service. Therefore, you cannot use ASCRS to create a database resource for the Oracle
Database Console service on Windows.
6.1.9 Changes to Rulesets May Not be Persisted During an Oracle RAC Instance
Failover
When you update rulesets (used in Human Workflow or BPEL) through the Worklist
configuration UI or the SOA Composer application during an Oracle RAC instance
failover, the new rule metadata may not get persisted to the database. In this case, you
will need to perform a manual retry. However, you can continue to use the older
version of metadata without any errors.
6.1.10 Manual Retries May be Necessary When Redeploying Tasks During an Oracle
RAC Failover
When redeploying tasks with large number of rules during an Oracle RAC instance
failover, a manual retry may be needed by the end user occasionally.
6-4 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
6.1.11 Timeout Settings for SOA Request-Response Operations are Not Propagated in
a Node Failure
In an active-active Oracle SOA cluster, when a node failure occurs, the timeout
settings for request-response operations in receive activities are not propagated from
one node to the other node or nodes. If a failure occurs in the server that scheduled
these activities, they must be rescheduled with the scheduler upon server restart.
6.1.12 Scale Out and Scale Up Operations Fail
The scale out and scale up operations performed on your environment after
re-associating the local file based WLS LDAP store with an external LDAP store will
fail. To avoid this failure, follow the steps below before performing a scale up or scale
out operation.
1.
Edit the setDomainEnv.sh file located under the DOMAIN_HOME/bin
directory and add the "-Dcommon.components.home=${COMMON_
COMPONENTS_HOME}" and "-Djrf.version=11.1.1" variables to the the file.
2.
These variables should be added to the "EXTRA_JAVA_PROPERTIES". For
example:
EXTRA_JAVA_PROPERTIES="-Ddomain.home=${DOMAIN_HOME}
-Dcommon.components.home=${COMMON_COMPONENTS_HOME} -Djrf.version=11.1.1
.
.
.
3.
Save the file and proceed with the scale out or scale up operation.
6.1.13 Harmless SQLIntegrityConstraintViolationException Can be Received in a SOA
Cluster
The following SQLIntegrityConstraintViolationException can be received in a SOA
cluster:
[TopLink Warning]: 2010.04.11 14:26:53.941--UnitOfWork(275924841)--Exception
[TOPLINK-4002] (Oracle TopLink - 11g Release 1 (11.1.1.3.0):
Internal Exception: java.sql.SQLIntegrityConstraintViolationException:
ORA-00001: unique constraint (JYIPS2RC4B49_SOAINFRA.SYS_C0035333) violated
.
.
.
This is not a bug. In a cluster environment, when the messages for the same group
arrive on both the nodes, one node is bound to experience this exception for the first
message. The application is aware of this exception and handles it properly. It does not
break any functionality.
This exception can also come on a single node after you restart the server and send the
message for the existing group. Again, this exception will be experienced on the very
first message.
In summary, this exception is within the application design and does not impact any
functionality. It is for this reason that you do not see this exception logged as severe in
the soa-diagnostic logs.
Toplink does, however, log it in its server logs.
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-5
General Issues and Workarounds
6.1.14 WebLogic Cluster WS-AT Recovery Can Put a Server into a 'Warning' State
In certain WebLogic cluster process crash scenarios, WS-AT recovery will result in
stuck threads that put the server into a "warning" state. WS-AT data recovery is
successful in these cases despite the fact that the logs display "failed state" messages,
due to the fact that commit acks are not being processed correctly for this scenario (this
issue does not occur when the scenario involves the rollback of the transaction). While
the server may continue to function in this "warning" state, the threads will continue to
be stuck until the transaction abandonment timeout (which defaults to 24 hours) is
reached. The workaround is to restart the server, which removes the stuck threads and
"warning" state. A patch for this issue can be obtained from Oracle Support.
6.1.15 Very Intensive Uploads from I/PM to UCM May Require Use of IP-Based Filters in
UCM Instead of Hostname-Based Filters
The "Adding the I/PM Server Listen Addresses to the List of Allowed Hosts in UCM"
section in the Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Enterprise
Content Management Suite and the "Adding the I/PM Server Listen Addresses to the
List of Allowed Hosts in UCM" section in the Oracle Fusion Middleware High Availability
Guide describe how to add hostname-based filters for Oracle I/PM managed server
listen addresses to the list of allowed hosts in Oracle UCM.
When using hostname-based filters in Oracle UCM (config.cfg file) a high
latency/performance impact may be observed in the system for very intensive
uploads of documents from Oracle I/PM to Oracle UCM. This is caused by the reverse
DNS lookup that is required in Oracle UCM to allow the connections from Oracle
I/PM servers. Using hostname-based filters is recommended in preparation for
configuring the system for Disaster Protection and to restore to a different host (since
the configuration used is IP-agnostic when using hostname-based filters). However if
the performance of the uploads needs to be improved, users can use instead IP-based
filters. To do this:
1.
Edit the file /u01/app/oracle/admin/domainName/ucm_
cluster/config/config.cfg and remove or comment out:
SocketHostNameSecurityFilter=localhost|localhost.mydomain.com|ecmhost1vhn1|ecmh
ost2vhn1
AlwaysReverseLookupForHost=Yes
2.
Add the IP addresses (listen address) of the WLS_IPM1 and WLS_IPM2 managed
servers (ECMHOST1VHN1 and ECMHOST2VHN1, respectively) to the
SocketHostAddressSecurityFilter parameter list as follows:
SocketHostAddressSecurityFilter=127.0.0.1|0:0:0:0:0:0:0:1|X.X.X.X|Y.Y.Y.
where X.X.X.X and Y.Y.Y.Y are the listen addresses of WLS_IPM1 and WLS_IPM2
respectively. Notice that 127.0.0.1 also needs to be added as shown above.
3.
Restart the UCM servers.
6.1.16 Worklist Application May Throw Exception if Action Dropdown Menu is Used
During a Failover
If you use the Oracle Business Process Management Suite Worklist application
Actions dropdown menu to take action on a task while a failover is in progress, an
exception similar to the following may be thrown:
<oracle.adf.view.rich.component.fragment.UIXInclude> <ADF_FACES-10020> <Tear
6-6 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
down of include component context failed due to an unhandled e
xception.
java.util.NoSuchElementException
at java.util.ArrayDeque.removeFirst(ArrayDeque.java:251)
at java.util.ArrayDeque.pop(ArrayDeque.java:480)
at
oracle.adfinternal.view.faces.context.ApplicationContextManagerImpl.popContext
Change(ApplicationContextManagerImpl.java:66)
.
.
.
In this case, the approval or rejection of the task does not go through.
To work around this problem, use either of these approaches:
■
■
Instead of using the Actions dropdown menu to take action on the task, use the
TaskForm to take action.
Do a refresh after the error message. Then take the action again using the Actions
dropdown menu.
6.1.17 ClassCastExceptions in a SOA Cluster for the SOA Worklist Application
ClassCastExceptions may arise in a SOA cluster for the Oracle SOA Worklist
application (java.lang.ClassCastException:
oracle.adf.model.dcframe.DataControlFrameImpl is reported in the logs).
As a result, the Worklist application state may not be replicated to other managed
servers in the cluster. The Worklist application and the corresponding user sessions
will be usable after the exception is thrown, but any failovers to other servers in the
cluster will not succeed.
There is no workaround to this problem.
To solve this problem, download the patch for bug 9561444, which solves the problem.
Follow these steps:
1.
To obtain the patch, log into My Oracle Support (formerly OracleMetaLink) at the
following URL:
http://support.oracle.com
2.
Click the Patches & Updates tab.
3.
In the Patch Search section, enter 9561444 in the Patch ID or number is field, and
enter your platform in the field after the and Platform is field.
4.
Click Search.
5.
On the Patch Search page, click the patch number in the Patch ID column. This
causes the page content to change to display detailed information about the patch.
6.
Click Download to download the patch.
6.1.18 Use srvctl in 11.2 Oracle RAC Databases to Set Up AQ Notification and
Server-side TAF
Because of a known issue in 11.2 Oracle RAC databases, it is required to use srvctl
to set up AQ notification and server-side TAF. Using DBMS_SQL packages will not
work as expected.
Here is an example use of srvctl:
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-7
General Issues and Workarounds
srvctl modify service -d orcl -s orclSVC -e SELECT -m BASIC -w 5 -z 5 -q TRUE
In the example:
orcl - Database Name
orclSVC - Service Name used by middleware component
SELECT - Failover type
BASIC - Failover method
5 - Failover delay
5 - Failover retry
TRUE - AQ HA notifications set to TRUE
Please refer to the Oracle 11.2 Oracle database documentation for detailed information
about this command usage.
6.1.19 Oracle I/PM Input Files May Not be Processed Correctly During an Oracle RAC
Failover
With Oracle I/PM and Oracle UCM file processing, some files may not get loaded in
UCM properly during an Oracle RAC instance failover.
The incoming files to be processed by Oracle I/PM are put into an input folder. Oracle
I/PM processes the files in the input folder and then puts them into Oracle UCM,
which is backed by an Oracle RAC database. Sometimes when an Oracle RAC instance
failure occurs, the retry may not happen correctly and the incoming files do not get
processed. These unprocessed files show up in an error folder. These unprocessed files
can manually be put back into the input folder and processed.
6.1.20 Failover Is Not Seamless When Creating Reports in Oracle BI Publisher
If you create a report in Oracle BI Publisher, and a Managed Server is failed over
before the report is saved, the failover might not be seamless. For example, when you
attempt to save the report, the system might not be responsive.
If this occurs, click one of the header links, such as Home or Catalog, to be redirected
to the Oracle BI Publisher login page. Then, log in and create and save the report
again.
6.1.21 Failed to Load Error Appears in Layout View When Oracle BI Publisher Managed
Server is Failed Over
In the Oracle BI Publisher layout editor, when a Managed Server is failed over,
opening or creating a Web-based layout can cause the following error to appear:
Failed to load: object_name
Please contact the system administrator.
To work around this issue, close the message and click one of the header links, such as
Home or Catalog, to be redirected to the login page.
6-8 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
6.1.22 When Scheduling an Oracle BI Publisher Job, a Popup Window Appears After
Managed Server Failover
When scheduling a job in Oracle BI Publisher, after a Managed Server fails over, a
large popup window appears when you click Submit that shows the HTML source for
the login page.
To work around this issue, close the message window and click one of the header
links, such as Home or Catalog, to be redirected to the login page. You will need to
re-create the report job again.
6.1.23 Cannot Save Agent When Oracle Business Intelligence Managed Server Fails
Over
If you create an agent in the Oracle Business Intelligence Web interface, and a
Managed Server fails over before you save the agent, an error occurs when you try to
save the agent.
To work around this issue, log out, then log back in to Oracle Business Intelligence and
create the agent again.
6.1.24 Patch 10094106 Required for SSO Configuration in an Enterprise Deployment
Before you configure SSO using Oracle Access Manager 11g, as described in the
chapter "Configuring Single Sign-on for Administration Consoles" in the Oracle Fusion
Middleware Enterprise Deployment Guide for Oracle Identity Management, you must apply
Patch 10094106.
If you do not apply this patch, you might get a "404 Not Found" error when you
attempt to access a protected application deployed on Oracle WebLogic Server with
valid credentials.
6.1.25 Installing Additional Oracle Portal, Forms, Reports, and Discoverer Instances
After Upgrading Oracle Single Sign-On 10g to Oracle Access Manager 11g
This issue occurs with Oracle Portal, Forms, Reports, and Discoverer 11g
environments that have been upgraded from using Oracle Single-Sign On 10g to
Oracle Access Manager 11g for authentication.
When performing subsequent Oracle Portal, Forms, Reports, and Discoverer 11g
installations against the same environment where the initial Oracle Portal, Forms,
Reports, and Discoverer 10g installation was upgraded to Oracle Access Manager,
there are some requirements that must be met.
■
For each subsequent Oracle Portal, Forms, Reports, and Discoverer 11g
installation, you must maintain the original Oracle Single Sign-On 10g instance
and keep it actively running--in addition to new Oracle Access Manager 11g
instance--while the additional Oracle Portal, Forms, Reports, and Discoverer 11g
installations are performed.
This is necessary because Oracle Portal, Forms, Reports, and Discoverer 11g
cannot be installed directly against Oracle Access Manager 11g.
■
After the subsequent classic installs are completed, the Oracle Single Sign-On 10g
to Oracle Access Manager 11g upgrade procedure must be performed again. For
more information, see "Upgrading Your Oracle Single Sign-On Environment" in
the Oracle Fusion Middleware Upgrade Guide for Oracle Identity Management.
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-9
Configuration Issues and Workarounds
This procedure upgrades the new Oracle Portal, Forms, Reports, and Discoverer
11g instance to Oracle Access Manager 11g.
Note that these considerations apply only in an environment with Multiple Oracle
Portal, Forms, Reports, and Discoverer 11g middle tiers that are installed or added to a
your environment after the initial upgrade from Oracle Single Sign-On 10g to Oracle
Access Manager 11g.
6.1.26 JMS Instance Fails In a BI Publisher Cluster
On rare occasions, a JMS instance is missing from a BI Publisher Scheduler cluster.
To resolve this issue, restart the BI Publisher application from the WebLogic Server
Administration Console.
To restart your BI Publisher application:
1.
Log in to the Administration Console.
2.
Click Deployments in the Domain Structure window.
3.
Select bipublisher(11.1.1).
4.
Click Stop.
5.
After the application stops, click Start.
6.1.27 Null Pointer Exception Error Window Opens during Approving Task When
Failover Occurs
When failover occurs, a Null Pointer Exception error window may open the second
time you click Approve task during the operational approval task. (The Null Pointer
Exception error window always opens during failover.) The Null Pointer Exception
window does not interrupt any processes and approval succeeds.
6.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
Section 6.2.1, "jca.retry.count Doubled in a Clustered Environment"
■
Section 6.2.2, "Cluster Time Zones Must Be the Same"
■
Section 6.2.3, "Fusion Middleware Control May Display Incorrect Status"
■
Section 6.2.4, "Accumulated BPEL Instances Cause Performance Decrease"
■
■
■
■
■
■
Section 6.2.5, "Extra Message Enqueue when One a Cluster Server is Brought
Down and Back Up"
Section 6.2.6, "Duplicate Unrecoverable Human Workflow Instance Created with
Oracle RAC Failover"
Section 6.2.7, "Configuration Files Missing after Planned Administration Server
Node Shutdown or Reboot"
Section 6.2.8, "No High Availability Support for SOA B2B TCP/IP"
Section 6.2.9, "WebLogic Administration Server on Machines with Multiple
Network Cards"
Section 6.2.10, "Additional Parameters for SOA and Oracle RAC Data Sources"
6-10 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
■
Section 6.2.11, "Message Sequencing and MLLP Not Supported in Oracle B2B HA
Environments"
■
Section 6.2.12, "Credentials not Propagated for Transport Protocols in B2B"
■
Section 6.2.13, "Create a Protected Resource for Oracle Identity Navigator"
■
■
■
■
■
■
Section 6.2.14, "Use Fully-Qualified Hostnames when Configuring Front-end
Hosts in High Availability Configurations"
Section 6.2.15, "Managed Server goes into Suspended Status After Oracle RAC
Failover"
Section 6.2.16, "Primary/Secondary Configuration Section of the Availability Tab
is Not Visible"
Section 6.2.17, "Permission Denied Error appears and Oracle Identity Manager
Fails to Configure"
Section 6.2.18, "Limitation in the Command Line Options for the OAM
Configuration Tool"
Section 6.2.19, "Server Start Parameters Not Getting Set After Scaling Out the
Oracle Business Intelligence Managed Server"
■
Section 6.2.20, "Ensuring the Oracle HTTP Server Lock File is on a Local Drive"
■
Section 6.2.21, "Enabling High Availability for Oracle JMS Adapter"
■
Section 6.2.22, "Oracle Access Manager Servers Fail to Start"
6.2.1 jca.retry.count Doubled in a Clustered Environment
In a clustered environment, each node maintains its own in-memory Hasmap for
inbound retry. The jca.retry.count property is specified as 3 for the inbound retry
feature. However, each node tries three times. As a result, the total retry count
becomes 6 if the clustered environment has two nodes.
6.2.2 Cluster Time Zones Must Be the Same
All the machines in a cluster must be in the same time zone. WAN clusters are not
supported by Oracle Fusion Middleware high availability. Even machines in the same
time zone may have issues when started by command line. Oracle recommends using
Node Manager to start the servers.
6.2.3 Fusion Middleware Control May Display Incorrect Status
In some instances, Oracle WebLogic Fusion Middleware Control may display the
incorrect status of a component immediately after the component has been restarted or
failed over.
6.2.4 Accumulated BPEL Instances Cause Performance Decrease
In a scaled out clustered environment, if a large number of BPEL instances are
accumulated in the database, it causes the database's performance to decrease, and the
following error is generated: MANY THREADS STUCK FOR 600+ SECONDS.
To avoid this error, remove old BPEL instances from the database.
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-11
Configuration Issues and Workarounds
6.2.5 Extra Message Enqueue when One a Cluster Server is Brought Down and Back
Up
In a non-XA environment, MQSeries Adapters do not guarantee the only once delivery
of the messages from inbound adapters to the endpoint in case of local transaction. In
this scenario, if an inbound message is published to the endpoint, and before
committing the transaction, the SOA server is brought down, inbound message are
rolled back and the same message is again dequeued and published to the endpoint.
This creates an extra message in outbound queue.
In an XA environment, MQ Messages are actually not lost but held by Queue Manager
due to an inconsistent state. To retrieve the held messages, restart the Queue Manager.
6.2.6 Duplicate Unrecoverable Human Workflow Instance Created with Oracle RAC
Failover
As soon as Oracle Human Workflow commits its transaction, the control passes back
to BPEL, which almost instantaneously commits its transaction. Between this window,
if the Oracle RAC instance goes down, on failover, the message is retried and can
cause duplicate tasks. The duplicate task can show up in two ways - either a duplicate
task appears in worklistapp, or an unrecoverable BPEL instance is created. This BPEL
instance appears in BPEL Recovery. It is not possible to recover this BPEL instance as
consumer, because this task has already completed.
6.2.7 Configuration Files Missing after Planned Administration Server Node Shutdown
or Reboot
The following information refers to Chapter 10, "Managing the Topology," of the
Oracle Fusion Middleware Enterprise Deployment Guide for Oracle SOA Suite.
When performing a planned stop of the Administration Server's node (rebooting or
shutting down the Admin Server's machine), it may occur that the OS NFS service is
disabled before the Administration Server itself is stopped. This (depending on the
configuration of services at the OS level) can cause the detection of missing files in the
Administration Server's domain directory and trigger their deletion in the domain
directories in other nodes. This can result in the framework deleting some of the files
under domain_dir/fmwconfig/. This behavior is typically not observed for
unplanned downtimes, such as machine panic, power loss, or machine crash. To avoid
this behavior, shutdown the Administration Server before performing reboots or,
alternatively, use the appropriate OS configuration to set the order of services in such
a way that NFS service is disabled with later precedence than the Administration
Server's process. See your OS administration documentation for the corresponding
required configuration for the services' order.
6.2.8 No High Availability Support for SOA B2B TCP/IP
High availability failover support is not available for SOA B2B TCP/IP protocol. This
effects primarily deployments using HL7 over MLLP. For inbound communication in
a clustered environment, all B2B servers are active and the address exposed for
inbound traffic is a load balancer virtual server. Also, in an outage scenario where an
active managed server is no longer available, the persistent TCP/IP connection is lost
and the client is expected to reestablish the connection.
6-12 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
6.2.9 WebLogic Administration Server on Machines with Multiple Network Cards
When installing Oracle WebLogic Server on a server with multiple network cards,
always specify a Listen Address for the Administration Server. The address used
should be the DNS Name/IP Address of the network card you wish to use for
Administration Server communication.
To set the Listen Address:
1.
In the Oracle WebLogic Server Administration Console, select Environment, and
then Servers from the domain structure menu.
2.
Click the Administration Server.
3.
Click Lock and Edit from the Change Center to allow editing.
4.
Enter a Listen Address.
5.
Click Save.
6.
Click Activate Changes in the Change Center.
6.2.10 Additional Parameters for SOA and Oracle RAC Data Sources
In some deployments of SOA with Oracle RAC, you may need to set additional
parameters in addition to the out of the box configuration of the individual data
sources in an Oracle RAC configuration. The additional parameters are:
1.
Add property oracle.jdbc.ReadTimeout=300000 (300000 milliseconds) for
each data source.
The actual value of the ReadTimeout parameter may differ based on additional
considerations.
2.
If the network is not reliable, then it is difficult for a client to detect the frequent
disconnections when the server is abruptly disconnected. By default, a client
running on Linux takes 7200 seconds (2 hours) to sense the abrupt disconnections.
This value is equal to the value of the tcp_keepalive_time property. To
configure the application to detect the disconnections faster, set the value of the
tcp_keepalive_time, tcp_keepalive_interval, and tcp_keepalive_
probes properties to a lower value at the operating system level.
Setting a low value for the tcp_keepalive_interval
property leads to frequent probe packets on the network, which can
make the system slower. Therefore, the value of this property should
be set appropriately based on system requirements.
Note:
For example, set tcp_keepalive_time=600 at the system running the WebLogic
Server managed server.
Also, you must specify the ENABLE=BROKEN parameter in the DESCRIPTION clause in
the connection descriptor. For example:
dbc:oracle:thin:@(DESCRIPTION=(enable=broken)(ADDRESS_LIST=(ADDRESS=(PRO
TOCOL=TCP)(HOST=node1-vip.mycompany.com)(PORT=1521)))(CONNECT_DATA=(SERVICE_
NAME=orcl.us.oracle.com)(INSTANCE_NAME=orcl1)))
As a result, the data source configuration appears as follows:
<url>jdbc:oracle:thin:@(DESCRIPTION=(enable=broken)(ADDRESS_LIST=(ADDRESS=(PRO
TOCOL=TCP)(HOST=node1-vip.us.oracle.com)(PORT=1521)))(CONNECT_DATA=(SERVICE_
NAME=orcl.us.oracle.com)(INSTANCE_NAME=orcl1)))</url>
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-13
Configuration Issues and Workarounds
<driver-name>oracle.jdbc.xa.client.OracleXADataSource</driver-name>
<properties>
<property>
<name>oracle.jdbc.ReadTimeout</name>
<value>300000</value>
</property>
<property>
<name>user</name>
<value>jmsuser</value>
</property>
<property>
<name>oracle.net.CONNECT_TIMEOUT</name>
<value>10000</value>
</property>
</properties>
6.2.11 Message Sequencing and MLLP Not Supported in Oracle B2B HA Environments
Message sequencing and MLLP are not supported in Oracle B2B high availability (HA)
environments.
6.2.12 Credentials not Propagated for Transport Protocols in B2B
The Oracle FMW credential store maintains usernames and passwords that you define
for Transport protocols. If you use the default file store for these credentials, changes
you make to usernames and passwords do not propagate across nodes. You must use
a central LDAP for these credentials to be synchronized across nodes in a cluster, as
described in, and required by, the Oracle Fusion Middleware High Availability Guide
and Enterprise Deployment Guides.
6.2.13 Create a Protected Resource for Oracle Identity Navigator
To create a protected resource for Oracle Identity Navigator, log in to the Oracle
Access Manager console at http://admin.mycompany.com/oamconsole using
the oamadmin account. Then proceed as follows:
1.
From the Navigation window expand: Application Domains >
IDMDomainAgent.
2.
Click Resources.
3.
Click Create on the tool bar below the Browse tab).
Enter the following information:
■
Type: http
■
Host Identifier: IDMDomain
■
Resource URL: /oinav
4.
Click Apply.
5.
From the Navigation window expand: Application Domains >
IDMDomainAgent >Authentication Policies.
6.
Click Protected HigherLevel Policy.
7.
Click Edit on the tool bar below the Browse tab.
8.
In the Resources box, click +.
6-14 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
9.
From the list, select the resource /oinav.
10. Click Apply.
11. From the Navigation window expand: Application Domains >
IDMDomainAgent >Authorization Policies.
12. Click Protected Resource Policy.
13. Click Edit on the tool bar below the Browse tab.
14. In the Resources box, click +.
15. From the list, select the resource /oinav
16. Click Apply.
6.2.14 Use Fully-Qualified Hostnames when Configuring Front-end Hosts in High
Availability Configurations
Oracle recommends using the full name of the host, including the domain name, when
configuring front-end hosts in Oracle Fusion Middleware high availability
configurations. Use the host's full name instead of using only the host name.
For example, if myhost is the name of a frontend host in a high availability
configuration, set the frontend host URL to the fully-qualified hostname, such as
myhost.mycompany.com as DNS or local host name resolution files (for example,
/etc/hosts) define.
6.2.15 Managed Server goes into Suspended Status After Oracle RAC Failover
The Managed Server wls_ods(x) can enter a suspended status in the following
situations:
■
A database connection in the data source is wrong or not complete.
■
The host is not a fully-qualified host for the database.
To correct the status of the Managed Server wls_ods(x):
1.
Under the data source, verify that the database connection is correct and complete
with the domain.
2.
Under the data source, verify that the host name for the database is a fullyqualified hostname with the domain.
3.
Verify the connection by selecting the Test button.
6.2.16 Primary/Secondary Configuration Section of the Availability Tab is Not Visible
During the system component scale out process, the Primary/Secondary
Configuration section in the Availability tab of the Capacity Management page in
Fusion Middleware Control may not be visible in the browser. This issue occurs when
you perform the scale out process using Microsoft Internet Explorer version
7.0.5730.11.
To avoid this issue, do not use the browser Microsoft Internet Explorer version
7.0.5730.11 to scale out; use another browser such as Google Chrome.
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-15
Configuration Issues and Workarounds
6.2.17 Permission Denied Error appears and Oracle Identity Manager Fails to Configure
When you run Oracle Identity Manager configuration, the error
java.io.FileNotFoundException: soaconfigplan.xml (Permission
denied may appear and Oracle Identity Manager configuration might fail.
To workaround this issue:
1.
Delete the file /tmp/oaconfigplan.xml.
2.
Start the configuration again (OH/bin/config.sh).
6.2.18 Limitation in the Command Line Options for the OAM Configuration Tool
Oracle Access Manager configuration does not support the use of complex resource
definitions, such as /.../* in the command line. Instead, complex resources must be
included in a uri_file, which is in turn specified in the command line.
6.2.19 Server Start Parameters Not Getting Set After Scaling Out the Oracle Business
Intelligence Managed Server
After scaling out Oracle Business Intelligence, Server Start parameters are not getting
set correctly. To work around this issue, update the Server Start parameters for the
scaled out BI Managed Server to include the following:
-Dserver.group=obi arguments
6.2.20 Ensuring the Oracle HTTP Server Lock File is on a Local Drive
If you configure an Oracle instance for Oracle HTTP Server 11g on shared storage,
such as NAS, NFS, or SAN storage, you must ensure that the lock file is created on a
local drive instead of the shared drive. If you do not do this, Oracle HTTP Server
might experience performance problems. Perform these steps to point the LockFile
directive at a local file system:
1.
Stop the OHS instances on WEBHOST1 and WEBHOST2.
2.
Open the file ORACLE_INSTANCE/config/OHS/ohs_name/httpd.conf in a
text editor.
3.
Find the LockFile directive, configured under both the prefork and worker
MPM configuration blocks in the httpd.conf file. It looks like this:
LockFile ORACLE_INSTANCE/diagnostics/logs/COMPONENT_TYPE/COMPONENT_NAME/http_
lock
4.
Change the LockFile directive under the appropriate MPM configuration to
point to a local file system, for example:
LockFile /local_disk/path/http_lock
5.
Restart Oracle HTTP Server.
6.
Verify that the http_lock file exists in the directory specified by the LockFile
directive.
6.2.21 Enabling High Availability for Oracle JMS Adapter
When the Oracle JMS adapter communicates with multiple servers in a cluster, the
adapter's connection factory property FactoryProperties must list available
6-16 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
servers. If it does not list servers, the connection establishes to only one random server.
If that particular server goes down, no further messages are processed.
To verify that the adapter's JCA connection factory that you use, for example
eis/wls/Queue, contains the required properties:
1.
Log into your Oracle WebLogic Server console. To access the console, navigate to
http://servername:portnumber/console.
2.
Click Deployments in the left pane for Domain Structure.
3.
Click JMSAdapter under Summary of Deployments on the right pane.
4.
Click the Configuration tab.
5.
Click the Outbound Connection Pools tab and expand
oracle.tip.adapter.jms.IJmsConnectionFactory to see the configured
connection factories.
6.
Click the specific instance you are using (for example, eis/wls/Queue). The
Outbound Connection Properties for the connection factory opens.
7.
Click Lock and Edit.
8.
In the FactoryProperties field (click on the corresponding cell under Property
value), enter the following:
java.naming.factory.initial=weblogic.jndi.WLInitialContextFactory;
java.naming.provider.url=t3://soahostvhn1:8001,soahos2tvhn1:8001;java.naming.se
curity.principal=weblogic;java.naming.security.credentials=weblogic1
9.
Click Enter, save the changes, and then activate them.
Update the deployment in the console:
1.
Click Deployments and select the JMS Adapter.
2.
Click Lock and Edit then Update.
3.
Select Update this application in place with new deployment plan changes (A
deployment plan must be specified for this option.) and select the deployment
plan saved in a shared storage location; all servers in the cluster must be able to
access the plan).
4.
Click Finish and activate the changes.
6.2.22 Oracle Access Manager Servers Fail to Start
In an Identity Management deployment, if you have configured your Administration
Server to listen on a virtual host, then in hardware configurations with multiple
network cards, Oracle Access Manager managed servers might not start. You might
see an error in the log files pertaining to not being able to join the coherence cluster. If
this occurs, change the coherence host for Oracle Access Manager from the virtual IP
address to the local host where the Administration Server is running.
To do this:
1.
Locate the file DOMAIN_HOME/config/fmwconfig/oam-config.xml on the
Administration Server host. (Make a backup copy of this file.)
2.
Search for the entry:
<Setting Name="Instance" Type="htf:map">
<Setting Name="AdminServer" Type="htf:map">
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-17
Testing Abrupt Failures of WebLogic Server When Using File Stores on NFS
In this definition block, find an entry that looks like this:
<Setting Name="CoherenceConfiguration" Type="htf:map">
<Setting Name="LocalHost" Type="htf:map">
<Setting Name="Key"
Type="xsd:string">oam.coherence.localhost</Setting>
<Setting Name="Value"
Type="xsd:string">ADMINVHN.mycompany.com</Setting>
</Setting>
3.
Update ADMINVHN to the local host name, for example:
<Setting Name="CoherenceConfiguration" Type="htf:map">
<Setting Name="LocalHost" Type="htf:map">
<Setting Name="Key"
Type="xsd:string">oam.coherence.localhost</Setting>
<Setting Name="Value"
Type="xsd:string">IDMHOST1.mycompany.com</Setting>
</Setting>
4.
Save the file and restart the Administration Server and OAM managed servers.
If you later fail over the Administration Server to another host, update this entry to the
host where the server is now located. Then shut down all OAM managed servers and
restart the Administration Server and OAM managed servers.
6.3 Testing Abrupt Failures of WebLogic Server When Using File Stores
on NFS
If JMS messages and transaction logs are stored on an NFS mounted directory, Oracle
strongly recommends that you verify the behavior of a server restart after abrupt
machine failures. Depending on the NFS implementation, different issues can arise
post failover/restart. You can verify the behavior by abruptly shutting down the node
hosting the WebLogic servers while they are running. If the server is configured for
server migration, it should start automatically in the failover node after the
corresponding failover period. If not, you can manually restart the WebLogic Server
on the same host after the node completely reboots. If Oracle WebLogic Server does
not restart after abrupt machine failure, the following errors may appear in the server
log files:
<MMM dd, yyyy hh:mm:ss a z> <Error> <Store> <BEA-280061> <The persistent
store "_WLS_server_soa1" could not be deployed:
weblogic.store.PersistentStoreException: java.io.IOException:
[Store:280021]There was an error while opening the file store file
"_WLS_SERVER_SOA1000000.DAT"
weblogic.store.PersistentStoreException: java.io.IOException:
[Store:280021]There was an error while opening the file store file
"_WLS_SERVER_SOA1000000.DAT"
at weblogic.store.io.file.Heap.open(Heap.java:168)
at weblogic.store.io.file.FileStoreIO.open(FileStoreIO.java:88)
...
java.io.IOException: Error from fcntl() for file locking, Resource
temporarily unavailable, errno=11
This error occurs because the NFS system does not release the lock on the stores.
WebLogic Server maintains locks on files that store JMS data and transaction logs to
protect from potential data corruption if you accidentally start two instances of the
same WebLogic Server. Because the NFS storage device does not become aware of
machine failure in a timely manner, the storage device does not release the locks. As a
6-18 Oracle Fusion Middleware Release Notes
Testing Abrupt Failures of WebLogic Server When Using File Stores on NFS
result, after abrupt machine failure followed by a restart, any subsequent attempt by
WebLogic Server to acquire locks on the previously locked files may fail. See your
storage vendor documentation for additional information on the locking of files stored
in NFS mounted directories on the storage device.
If it is not reasonably possible to tune locking behavior in your NFS environment, use
one of the following two solutions to unlock the logs and data files:
Solution 1
Manually unlock the logs and JMS data files and start the servers by creating a copy of
the locked persistence store file and using the copy for subsequent operations. To
create a copy of the locked persistence store file, rename the file then copy it back to its
original name. The following sample steps assume that transaction logs are stored in
the /shared/tlogs directory and JMS data is stored in the /shared/jms directory.
cd
mv
cp
cd
mv
cp
mv
cp
/shared/tlogs
_WLS_SOA_SERVER1000000.DAT _WLS_SOA_SERVER1000000.DAT.old
_WLS_SOA_SERVER1000000.DAT.old _WLS_SOA_SERVER1000000.DAT
/shared/jms
SOAJMSFILESTORE_AUTO_1000000.DAT SOAJMSFILESTORE_AUTO_1000000.DAT.old
SOAJMSFILESTORE_AUTO_1000000.DAT.old SOAJMSFILESTORE_AUTO_1000000.DAT
UMSJMSFILESTORE_AUTO_1000000.DAT UMSJMSFILESTORE_AUTO_1000000.DAT.old
UMSJMSFILESTORE_AUTO_1000000.DAT.old UMSJMSFILESTORE_AUTO_1000000.DAT
With this solution, the WebLogic file locking mechanism continues to protect against
accidental data corruption if multiple instances of the same servers are accidently
started. However, you must restart the servers manually after abrupt machine failures.
File stores create multiple consecutively numbered.DAT files when they store large
amounts of data. You may need to copy and rename all files when this occurs.
Solution 2
You can also use the WebLogic Server Administration Console to disable WebLogic
file locking mechanisms for the default file store, a custom file store, a JMS paging file
store, and a Diagnostics file store, as described in the following sections.
WARNING: With this solution, since the WebLogic locking is
disabled, automated server restarts and failovers should succeed. Be
cautious, however, when using this option. The WebLogic file
locking feature is designed to help prevent severe file corruptions
that can occur in undesired concurrency scenarios. If the server
using the file store is configured for server migration, always
configure the database based leasing option. This enforces
additional locking mechanisms using database tables, and prevents
automated restart of more than one instance of the same WebLogic
Server. Additional procedural precautions must be implemented to
avoid any human error and to ensure that one and only one instance
of a server is manually started at any give point in time. Similarly,
extra precautions must be taken to ensure that no two domains have
a store with the same name that references the same directory.
Disabling File Locking for the Default File Store
To disable file locking for the default file store using the WebLogic Server
Administration Console:
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-19
Testing Abrupt Failures of WebLogic Server When Using File Stores on NFS
1.
If necessary, click Lock & Edit in the Change Center (upper left corner) of the
Administration Console to get an Edit lock for the domain.
2.
In the Domain Structure tree, expand the Environment node and select Servers.
3.
In the Summary of Servers list, select the server you want to modify.
4.
Select the Configuration > Services tab.
5.
Scroll down to the Default Store section and click Advanced.
6.
Scroll down and deselect the Enable File Locking check box.
7.
Click Save. If necessary, click Activate Changes in the Change Center.
8.
Restart the server you modified for the changes to take effect.
The resulting config.xml entry will look like the following:
<server>
<name>examplesServer</name>
...
<default-file-store>
<synchronous-write-policy>Direct-Write</synchronous-write-policy>
<io-buffer-size>-1</io-buffer-size>
<max-file-size>1342177280</max-file-size>
<block-size>-1</block-size>
<initial-size>0</initial-size>
<file-locking-enabled>false</file-locking-enabled>
</default-file-store>
</server>
Disabling File Locking for a Custom File Store
To disable file locking for a custom file store using the WebLogic Server
Administration Console:
1.
If necessary, click Lock & Edit in the Change Center (upper left corner) of the
Administration Console to get an Edit lock for the domain.
2.
In the Domain Structure tree, expand the Services node and select Persistent
Stores.
3.
In the Summary of Persistent Stores list, select the custom file store you want to
modify.
4.
On the Configuration tab for the custom file store, click Advanced to display
advanced store settings.
5.
Scroll down and deselect the Enable File Locking check box.
6.
Click Save. If necessary, click Activate Changes in the Change Center.
7.
If the custom file store was in use, you must restart the server for the changes to
take effect.
The resulting config.xml entry will look like the following:
<file-store>
<name>CustomFileStore-0</name>
<directory>C:\custom-file-store</directory>
<synchronous-write-policy>Direct-Write</synchronous-write-policy>
<io-buffer-size>-1</io-buffer-size>
<max-file-size>1342177280</max-file-size>
<block-size>-1</block-size>
<initial-size>0</initial-size>
6-20 Oracle Fusion Middleware Release Notes
Testing Abrupt Failures of WebLogic Server When Using File Stores on NFS
<file-locking-enabled>false</file-locking-enabled>
<target>examplesServer</target>
</file-store>
Disabling File Locking for a JMS Paging File Store
Follow these steps to disable file locking for a JMS paging file store using the
WebLogic Server Administration Console:
1.
If necessary, click Lock & Edit in the Change Center (upper left corner) of the
Administration Console to get an Edit lock for the domain.
2.
In the Domain Structure tree, expand the Services node, expand the Messaging
node, and select JMS Servers.
3.
In the Summary of JMS Servers list, select the JMS server you want to modify.
4.
On the Configuration > General tab for the JMS Server, scroll down and deselect
the Paging File Locking Enabled check box.
5.
Click Save. If necessary, click Activate Changes in the Change Center.
6.
Restart the server you modified for the changes to take effect.
The resulting config.xml file entry will look like the following:
<jms-server>
<name>examplesJMSServer</name>
<target>examplesServer</target>
<persistent-store>exampleJDBCStore</persistent-store>
...
<paging-file-locking-enabled>false</paging-file-locking-enabled>
...
</jms-server>
Disabling File Locking for a Diagnostics File Store
To disable file locking for a Diagnostics file store using the WebLogic Server
Administration Console:
1.
If necessary, click Lock & Edit in the Change Center (upper left corner) of the
Administration Console to get an Edit lock for the domain.
2.
In the Domain Structure tree, expand the Diagnostics node and select Archives.
3.
In the Summary of Diagnostic Archives list, select the server name of the archive
that you want to modify.
4.
On the Settings for [server_name] page, deselect the Diagnostic Store File
Locking Enabled check box.
5.
Click Save. If necessary, click Activate Changes in the Change Center.
6.
Restart the server you modified for the changes to take effect.
The resulting config.xml file will look like this:
<server>
<name>examplesServer</name>
...
<server-diagnostic-config>
<diagnostic-store-dir>data/store/diagnostics</diagnostic-store-dir>
<diagnostic-store-file-locking-enabled>false</diagnostic-store-file-lockingenabled>
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-21
Documentation Errata
<diagnostic-data-archive-type>FileStoreArchive</diagnostic-data-archive-type>
<data-retirement-enabled>true</data-retirement-enabled>
<preferred-store-size-limit>100</preferred-store-size-limit>
<store-size-check-period>1</store-size-check-period>
</server-diagnostic-config>
</server>
6.4 Documentation Errata
This section describes documentation errata. It includes the following topics:
■
■
■
■
■
Section 6.4.1, "Documentation Errata for the Fusion Middleware High Availability
Guide"
Section 6.4.2, "Documentation Errata for the Fusion Middleware Enterprise
Deployment Guide for Oracle WebCenter"
Section 6.4.3, "Documentation Errata for the Fusion Middleware Enterprise
Deployment Guide for Oracle Identity Management"
Section 6.4.4, "Documentation Errata for the Oracle Fusion Middleware Enterprise
Deployment Guide for Oracle Business Intelligence"
Section 6.4.5, "Documentation Errata Affecting Multiple Enterprise Deployment
Guides"
6.4.1 Documentation Errata for the Fusion Middleware High Availability Guide
This section contains Documentation Errata for Oracle Fusion Middleware High
Availability Guide.
It includes the following topic:
■
Section 6.4.1.1, "Latest Requirements and Certification Information"
6.4.1.1 Latest Requirements and Certification Information
Several manuals in the Oracle Fusion Middleware 11g documentation set have
information on Oracle Fusion Middleware system requirements, prerequisites,
specifications, and certification information.
■
The latest information on Oracle Fusion Middleware system requirements,
prerequisites, specifications, and certification information can be found in the
following documents on Oracle Technology Network:
http://www.oracle.com/technology/software/products/ias/files/
fusion_certification.html
This document contains information related to hardware and software
requirements, minimum disk space and memory requirements, and required
system libraries, packages, or patches.
■
Oracle Fusion Middleware Certification information at:
http://www.oracle.com/technology/software/products/ias/files/
fusion_certification.html
This document contains information related to supported installation types,
platforms, operating systems, databases, JDKs, and third-party products.
6-22 Oracle Fusion Middleware Release Notes
Documentation Errata
6.4.2 Documentation Errata for the Fusion Middleware Enterprise Deployment Guide
for Oracle WebCenter
This section contains Documentation Errata for Oracle Fusion Middleware Enterprise
Deployment Guide for Oracle WebCenter.
It includes the following topics:
■
■
■
Section 6.4.2.1, "Link to Section 8.1.3 is Missing"
Section 6.4.2.2, "Additional Information for Discussions Forum Mulitcast to
Unicast Conversion"
Section 6.4.2.3, "Additional Discussion Connection Properties Explained in
Administration Guide"
6.4.2.1 Link to Section 8.1.3 is Missing
In Section 8.1, "Configuring the Discussion Forum Connection" of the Oracle Fusion
Middleware Enterprise Deployment Guide for Oracle WebCenter, the link to section 8.1.3,
"Creating a Discussions Server Connection for WebCenter From EM" is missing.
6.4.2.2 Additional Information for Discussions Forum Mulitcast to Unicast
Conversion
In section 6.14, "Converting Discussions Forum from Multicast to Unicast" of the
Oracle Fusion Middleware Enterprise Deployment Guide for Oracle WebCenter, the
following information is missing from Step 3:
Step 3: Repeat steps 1 and 2 for WLS_Services2, swapping WCHost1 for WCHost2,
and WCHost2 for WCHost1 as follows:
-Dtangosol.coherence.wka1=WCHost2 -Dtangosol.coherence.wka2=WCHost1
-Dtangosol.coherence.localhost=WCHost2 -Dtangosol.coherence.wka1.port=8089
-Dtangosol.coherence.wka2.port=8089
6.4.2.3 Additional Discussion Connection Properties Explained in Administration
Guide
For additional Discussions Server connection properties associated with the procedure
in Section 8.1.3 "Creating a Discussions Server Connection for WebCenter From EM" of
the Oracle Fusion Middleware Enterprise Deployment Guide for Oracle WebCenter, refer to
section 12.3.1, "Registering Discussions Servers Using Fusion Middleware Control," in
the Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter.
6.4.3 Documentation Errata for the Fusion Middleware Enterprise Deployment Guide
for Oracle Identity Management
This section contains documentation errata for Oracle Fusion Middleware Enterprise
Deployment Guide for Oracle Identity Management.
It includes the following topics:
■
■
Section 6.4.3.1, "Set -DDomainRegistrationEnabled=true when Starting Node
Manager"
Section 6.4.3.2, "Ignore Empty Section in the Oracle Virtual Directory Chapter"
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-23
Documentation Errata
6.4.3.1 Set -DDomainRegistrationEnabled=true when Starting Node Manager
The November 2010 edition of Oracle Fusion Middleware Enterprise Deployment Guide for
Oracle Identity Management failed to mention that, prior to starting the Node Manager
that controls the WebLogic Administration Server, you must set
-DDomainRegistrationEnabled=true. For example:
export JAVA_OPTIONS=-DDomainRegistrationEnabled=true
6.4.3.2 Ignore Empty Section in the Oracle Virtual Directory Chapter
In the November 2010 edition of Oracle Fusion Middleware Enterprise Deployment Guide
for Oracle Identity Management, Section 8.1.1 in Chapter 11, "Extending the Domain
with Oracle Virtual Directory is an empty section." Please ignore it.
6.4.4 Documentation Errata for the Oracle Fusion Middleware Enterprise Deployment
Guide for Oracle Business Intelligence
This section contains documentation errata for Oracle Fusion Middleware Enterprise
Deployment Guide for Oracle Business Intelligence.
It includes the following topics:
Section 6.4.4.1, "Additional Step Must be Performed After Setting the Location of the
BI Publisher Configuration Folder"
Section 6.4.4.2, "Corrections to the Setting the Location of the Shared Oracle BI
Presentation Catalog Section"
6.4.4.1 Additional Step Must be Performed After Setting the Location of the BI
Publisher Configuration Folder
After restarting Oracle BI Publisher when specifying the location of the configuration
folder, as described in Section 6.5.3.1, "Setting the Location of the Shared Oracle BI
Publisher Configuration Folder," you must copy the XML configuration file for Oracle
BI Publisher from the Managed Server to the Administration Server location. Oracle BI
Publisher reads its configuration from the Administration Server central location
rather than from the Managed Server's configuration directory when the Managed
Servers are restarted.
To do this, on APPHOST1, copy the file xmlp-server-config.xml from:
ORACLE_BASE/admin/domain_name/mserver/domain_name/config/bipublisher
to:
ORACLE_BASE/admin/domain_name/aserver/domain_name/config/bipublisher
6.4.4.2 Corrections to the Setting the Location of the Shared Oracle BI
Presentation Catalog Section
The "Setting the Location of the Shared Oracle BI Presentation Catalog" section of the
Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Business Intelligence
should be replaced by the following section:
Each Presentation Services instance loads the Oracle BI Presentation Catalog from the
catalog location specified in Fusion Middleware Control.
Perform the following steps:
1.
Copy your existing (locally published) Oracle BI Presentation Catalog to the
shared location. An example of a locally published catalog is:
6-24 Oracle Fusion Middleware Release Notes
Documentation Errata
ORACLE_INSTANCE/bifoundation/OracleBIPresentationServicesComponent/
coreapplication_obipsn/catalog/SampleAppLite
You must perform this step before designating the Catalog Location from Fusion
Middleware Control.
If you plan to use the SampleAppLite catalog mentioned as an example in this
section as the shared catalog, make sure to copy it from APPHOST1.
2.
Log in to Fusion Middleware Control.
3.
Expand the Business Intelligence node in the Farm_domain_name window.
4.
Click coreapplication.
5.
Click Deployment, then click Repository.
6.
Click Lock and Edit Configuration.
7.
Specify the Catalog Location for the shared Oracle BI Presentation Catalog.
In a Windows environment, specify a UNC path name.
8.
Click Apply.
9.
Click Activate Changes.
6.4.5 Documentation Errata Affecting Multiple Enterprise Deployment Guides
This section describes documentation errata that affects multiple Enterprise
Deployment Guides. Any Enterprise Deployment Guide that have the documentation
errata issue discussed in the release notes below should be updated as specified in that
release note.
It includes these topics:
■
■
■
■
■
■
Section 6.4.5.1, "Sections on Configuring Oracle Coherence for SOA Composites
Need Fixes"
Section 6.4.5.2, "Updates are Needed to Steps for Testing Server Migration"
Section 6.4.5.3, "Steps for Updating Data Sources for Server Migration Need
Updates"
Section 6.4.5.4, "Clarification of the Procedure for Configuring the Analytics
Collectors"
Section 6.4.5.5, "Correction to Table 2-2, "Ports Used""
Section 6.4.5.6, "WebLogic Versions May Not Be Current in Enterprise
Deployment Guides"
6.4.5.1 Sections on Configuring Oracle Coherence for SOA Composites Need Fixes
Several Enterprise Deployment Guide manuals have a "Configuring Oracle Coherence
for Deploying Composites" section that includes a Note like the following:
Note: The Coherence cluster used for deployment uses port 8088 by
default. This port can be changed by specifying the
-Dtangosol.coherence.wkan.port startup parameter.
This Note should read as follows:
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-25
Documentation Errata
Note: The Coherence cluster used for deployment uses port 8088 by
default. This port can be changed by specifying a different port (for
example, 8089) with the -Dtangosol.coherence.wkan.port and
-Dtangosol.coherence.localport startup parameters. For
example:
WLS_SOA1 (enter the following into the Arguments field on a single
line, without a carriage return):
-Dtangosol.coherence.wka1=soahost1vhn1
-Dtangosol.coherence.wka2=soahost2vhn1
-Dtangosol.coherence.localhost=soahost1vhn1
-Dtangosol.coherence.localport=8089
-Dtangosol.coherence.wka1.port=8089
-Dtangosol.coherence.wka2.port=8089
WLS_SOA2 (enter the following into the Arguments field on a single
line, without a carriage return):
-Dtangosol.coherence.wka1=soahost1vhn1
-Dtangosol.coherence.wka2=soahost2vhn1
-Dtangosol.coherence.localhost=soahost2vhn1
-Dtangosol.coherence.localport=8089
-Dtangosol.coherence.wka1.port=8089
-Dtangosol.coherence.wka2.port=8089
6.4.5.2 Updates are Needed to Steps for Testing Server Migration
Several Enterprise Deployment Guide manuals have one or more subsections that
describe how to test server migration.
The following Note should appear at the end of every section on testing server
migration:
After a server is migrated, to fail it back to its original
node/machine, stop the managed server from the Oracle WebLogic
Administration Console and then start it again. The appropriate Node
Manager will start the managed server on the machine to which it was
originally assigned.
Note:
6.4.5.3 Steps for Updating Data Sources for Server Migration Need Updates
Several Enterprise Deployment Guide manuals have one or more subsections that
describe how to update the data sources used for leasing when you configure server
migration.
The following text appears in the instructions on how to update data sources for
leasing as part of server migration configuration:
Use Supports Global Transactions, One-Phase Commit, and specify a service name for
your database
That text should appear as follows:
Data sources do not require support for global transactions. Therefore, do not use any
type of distributed transaction emulation/participation algorithm for the data source
(do not choose the Supports Global Transactions option, or the Logging Last
6-26 Oracle Fusion Middleware Release Notes
Documentation Errata
Resource, Emulate Two-Phase Commit, or One-Phase Commit options of the
Supports Global Transactions option), and specify a service name for your database.
6.4.5.4 Clarification of the Procedure for Configuring the Analytics Collectors
Section 6.4.16, "Configuring the Analytics" in the Oracle Fusion Middleware High
Availability Guide contains content that indicates that you must configure an analytic
collector cluster. In fact, there is no need to configure the collectors themselves.
Instead, the procedure in this section explains how to configure the Oracle WebCenter
Spaces servers to communicate with the analytic collectors.
Further, for Oracle Fusion Middleware 11g Release 1 (11.1.1.4.0), clustered analytics
collectors are not supported for collecting WebCenter events.
6.4.5.5 Correction to Table 2-2, "Ports Used"
In Oracle Fusion Middleware Enterprise Deployment Guide for Oracle Business Intelligence,
Chapter 2, "Database and Environment Preconfiguration," Table 2-2 lists the ports
used in the Oracle Business Intelligence topology. The following additional
information should be included in the table above the row containing "Database
Access:"
■
Type: Database access for BI Server and BI Publisher JDBC Data Sources
■
Firewall: FW1
■
Port and Port Range: Listening port for client connections to the listener.
■
Protocol/Application: SQL*Net
■
Inbound/Outbound: Both
■
Other Considerations and Timeout Guidelines: Timeout depends on all database
content and on the type of process model used for BI.
This issue was fixed in the E15722-03 revision of Oracle Fusion
Middleware Enterprise Deployment Guide for Oracle Business
Intelligence.
Note:
6.4.5.6 WebLogic Versions May Not Be Current in Enterprise Deployment Guides
The version numbers for Oracle WebLogic Server that appear in some of the
Enterprise Deployment Guides may not be updated. The correct WebLogic version for
Oracle Fusion Middleware 11.1.1.5.0 is 10.3.5.0.
Oracle Fusion Middleware High Availability and Enterprise Deployment
6-27
Documentation Errata
6-28 Oracle Fusion Middleware Release Notes
Part II
Part II
Oracle Development Tools
Part II contains the following chapters:
■
■
Chapter 7, "Oracle JDeveloper and Oracle Application Development Framework
(ADF)"
Chapter 8, "Oracle TopLink"
7
Oracle JDeveloper and Oracle Application
Development Framework (ADF)
7
The latest known issues associated with Oracle JDeveloper and Application Developer
Framework (ADF) are available on the Oracle Technology Network (OTN) at:
http://www.oracle.com/technetwork/developer-tools/jdev/index-101
256.html.
For more information and technical resources for Oracle JDeveloper and Application
Developer Framework (ADF), visit the product center on the Oracle Technology
Network at:
http://www.oracle.com/technetwork/developer-tools/jdev/overview/
index.html.
Oracle JDeveloper and Oracle Application Development Framework (ADF)
7-1
7-2 Oracle Fusion Middleware Release Notes
8
Oracle TopLink
8
This chapter describes issues associated with Oracle TopLink. It includes the following
topics:
■
Section 8.1, "General Issues and Workarounds"
8.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topic:
■
Section 8.1.1, "TopLink Object-Relational Issues"
■
Section 8.1.2, "TopLink Workbench Issues"
■
Section 8.1.3, "Oracle Database Extensions with TopLink"
■
Section 8.1.4, "Allowing Zero Value Primary Keys"
■
Section 8.1.5, "Managed Servers on Sybase with JCA Oracle Database Service"
■
■
Section 8.1.6, "Logging Configuration with EclipseLink Using Container Managed
JPA"
Section 8.1.7, "Grid Cache requires CacheLoader"
8.1.1 TopLink Object-Relational Issues
This section contains information on the following issues:
■
■
Section 8.1.1.1, "Incorrect outer join SQL on SQLServer2005"
Section 8.1.1.2, "UnitOfWork.release() not Supported with External Transaction
Control"
■
Section 8.1.1.3, "Returning Policy for UPDATE with Optimistic Locking"
■
Section 8.1.1.4, "JDBC Drivers returning Timestamps as Strings"
■
■
Section 8.1.1.5, "Proxy Authentication with Oracle Containers for Java EE (OC4J)
Managed Data Sources"
Section 8.1.1.6, "Unit of Work does not add Deleted Objects to Change Set"
8.1.1.1 Incorrect outer join SQL on SQLServer2005
TopLink generates incorrect outer join for SQL Server v2005. The outer join syntax
generated is correct for earlier versions of this database. To work around this
limitation, reconfigure the database compatibility (refer to the SQLServer
documentation for details). Alternatively, you can use a custom TopLink database
platform.
Oracle TopLink 8-1
General Issues and Workarounds
8.1.1.2 UnitOfWork.release() not Supported with External Transaction Control
A unit of work synchronized with a Java Transaction API (JTA) will throw an
exception if it is released. If the current transaction requires its changes to not be
persisted, the JTA transaction must be rolled back.
When in a container-demarcated transaction, call setRollbackOnly() on the
EJB/session context:
@Stateless
public class MySessionBean
{
@Resource
SessionContext sc;
public void someMethod()
{
...
sc.setRollbackOnly();
}
}
When in a bean-demarcated transaction then you call rollback() on the
UserTransaction obtained from the EJB/session context:
@Stateless
@TransactionManagement(TransactionManagementType.BEAN)
public class MySessionBean implements SomeInterface
{
@Resource
SessionContext sc;
public void someMethod()
{
sc.getUserTransaction().begin();
...
sc.getUserTransaction().rollback();
}
}
8.1.1.3 Returning Policy for UPDATE with Optimistic Locking
The returning policy, which allows values modified during INSERT and UPDATE to be
returned and populated in cached objects, does not work in conjunction with numeric
version optimistic locking for UPDATE. The value returned for all UPDATE operations
is 1 and does not provide meaningful locking protection.
Do not use a returning policy for UPDATE in conjunction with numeric optimistic
locking.
The use of returning policy for INSERT when using optimistic locking works correctly.
8.1.1.4 JDBC Drivers returning Timestamps as Strings
TopLink assumes that date and time information returned from the server will use
Timestamp. If the JDBC driver returns a String for the current date, TopLink will
throw an exception. This is the case when using a DB2 JDBC driver.
To work around this issue, consider using a driver that returns Timestamp (such as
COM.ibm.db2.jdbc.app.DB2Driver) or change the policy to use local time
instead of server time.
8-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
Another option is to use a query re-director on the ValueReadQuery used by the
platform:
ValueReadQuery vrq = new ValueReadQuery(
"SELECT to_char(sysdate, 'YYYY-MM-DD HH:MM:SS.SSSSS') FROM DUAL"
);
vrq.setRedirector(new TSQueryRedirector());
...
class TSQueryRedirector implements QueryRedirector
{
public Object invokeQuery(DatabaseQuery query, Record arguments, Session session)
{
String value = (String)session.executeQuery(query);
return ConversionManager.getDefaultManager().convertObject(
value, java.sql.Timestamp.class
);
}
}
8.1.1.5 Proxy Authentication with Oracle Containers for Java EE (OC4J) Managed
Data Sources
Proxy authentication does not work with OC4J managed data sources. Instead of using
the data source provided by the application server, you must create a data source
yourself.
Refer to the "Configuring Oracle Database Proxy Authentication" in the Oracle Fusion
Middleware Developer's Guide for Oracle TopLink for more information.
For example, replace this code:
login.setConnector(
new OracleJDBC10_1_0_2ProxyConnector(
((JNDIConnectorlogin.getConnector()).getName()
)
);
with the following:
oracle.jdbc.pool.OracleDataSource ds = new oracle.jdbc.pool.OracleDataSource();
ds.setUser("MyMainUser");
ds.setPassword("MyPassword");
ds.setUrl("jdbc:oracle:thin:@MyServer:1521:MyDb");
login.setConnector(new OracleJDBC10_1_0_2ProxyConnector(ds));
8.1.1.6 Unit of Work does not add Deleted Objects to Change Set
When accessing the change set of a Unit of Work to determine what has changed,
objects that are pending deletion (such as uow.deleteObject( ) and
uow.deleteAllObjects( )) will not be returned from the result set.
The objects pending deletion are only available through the Unit of Work
getDeletedObjects call.
8.1.2 TopLink Workbench Issues
This section contains information on the following issues:
■
Section 8.1.2.1, "Accessibility"
■
Section 8.1.2.2, "Running the TopLink Workbench on Windows OS"
Oracle TopLink 8-3
General Issues and Workarounds
8.1.2.1 Accessibility
Due to an issue with HP-UX JDK 1.6, if NullPointExecption error dialog is generated
when saving a file, the error dialog window is not in focus.
8.1.2.2 Running the TopLink Workbench on Windows OS
Due to an issue with certain configurations and versions of Windows operating
systems, users that launch the TopLink Workbench with the workbench.cmd file
may receive a dialog that states: Could not find the main class. This occurs because the
classpath specified contains a directory path which has periods in it. The workaround
is to rename the offending directory or change the classpath to use directory paths
which do not contain periods.
8.1.3 Oracle Database Extensions with TopLink
This section contains information on the following issue:
Section 8.1.3.1, "Template JAR for Spatial and XDB Support in Oracle WebLogic
Server"
■
8.1.3.1 Template JAR for Spatial and XDB Support in Oracle WebLogic Server
To fully support Oracle Spatial and Oracle XDB mapping capabilities (in both
standalone Oracle WebLogic Server and the Oracle JDeveloper integrated WebLogic
Server), you must use the toplink-spatial-template.jar and
toplink-xdb-template.jar to extend the WebLogic Server domain to support
Oracle Spatial and XDB, respectively.
To extend your WebLogic Server domain:
1.
2.
Download the toplink-spatial-template.jar (to support Oracle Spatial)
and toplink-xdb-template.jar (to support Oracle XDB) files from:
■
http://download.oracle.com/otn/java/toplink/111110/toplink-s
patial-template.jar
■
http://download.oracle.com/otn/java/toplink/111110/toplink-x
db-template.jar
Use Table 8–1, " To Support Oracle Spatial" or Table 8–2, " To Support Oracle XDB"
to determine which files to copy.
Table 8–1
To Support Oracle Spatial
Copy this file
sdoapi.jar
1
2
From...1
To...2
<ORACLE_DATABASE_
HOME>/md/jlib
<WEBLOGIC_
HOME>/server/lib
These are the default locations. Your actual location may vary depending on your specific environment,
installed options, and version.
When using Oracle JDeveloper integrated WebLogic Server, the <WEBLOGIC_HOME> is located within the
<JDEVELOPER_HOME> directory.
Table 8–2
To Support Oracle XDB
From...1
To...2
xdb.jar
<ORACLE_DATABASE_
HOME>/rdbms/jlib
<WEBLOGIC_HOME>/server/lib
xml.jar
<ORACLE_DATABASE_HOME>/lib <WEBLOGIC_HOME>/server/lib
Copy this file
8-4 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
Table 8–2 (Cont.) To Support Oracle XDB
Copy this file
xmlparserv2.jar
3
From...1
<ORACLE_DATABASE_HOME>/lib <WEBLOGIC_HOME>/server/lib
ori18n-mapping.jar <ORACLE_DATABASE_
HOME>/jlib
1
2
3
To...2
<WEBLOGIC_HOME>/server/lib
These are the default locations. Your actual location may vary depending on your specific environment,
installed options, and version.
When using Oracle JDeveloper integrated WebLogic Server, the <WEBLOGIC_HOME> is located within the
<JDEVELOPER_HOME> directory.
Use orai18n-mapping.jar for Oracle Database 11.2 and higher.
Although the actual JAR file may be named differently in your
From directory, the file must be named as shown, when copied to the
To directory.
Note:
3.
Launch the Config Wizard (<WEBLOGIC_HOME>/common/bin/config.sh
(or .bat).
4.
Select Extend an existing WebLogic domain.
5.
Browse and select your WebLogic Server domain.
When using JDeveloper with integrated WebLogic Server, the typical WebLogic
Server domain location may be similar to:
■
In Windows environments:
%APPDATA%\JDeveloper\systemXX.XX.XX.XX\DefaultDomain
where XX.XX.XX.XX is the unique number of the product build.
For Windows platforms, you must enable the Show hidden files and folders
folder option.
■
In non-Windows environments, the default location is under the current user's
default home directory: <$Home>/DefaultDomain
Refer to the Oracle JDeveloper documentation for details.
6.
Select Extend my domain using an existing extension template.
7.
Browse and select the required template JAR (toplink-spatial-template.jar for
Oracle Spatial, toplink-xdb-template.jar for Oracle XDB).
8.
Complete the remaining pages of the wizard.
8.1.4 Allowing Zero Value Primary Keys
By default, EclipseLink interprets zero as null for primitive types that cannot be null
(such as int and long) causing zero to be an invalid value for primary keys. You can
modify this setting by using the allow-zero-id property in the persistence.xml
file. Valid values are:
■
■
true – EclipseLink interprets zero values as zero. This permits primary keys to use
a value of zero.
false (default) – EclipseLink interprets zero as null.
Refer the EclipseLink User's Guide at
http://wiki.eclipse.org/EclipseLink/UserGuide for more information.
Oracle TopLink 8-5
General Issues and Workarounds
8.1.5 Managed Servers on Sybase with JCA Oracle Database Service
When using a JCA service with the Oracle Database adapter in a cluster to perform
database operations on a Sybase database, the managed nodes in the cluster process
the messages and may attempt to perform duplicate operations.
Because supported versions of Sybase do not support Oracle TopLink record locking,
Sybase allows the duplicate operation attempts.
8.1.6 Logging Configuration with EclipseLink Using Container Managed JPA
By default, EclipseLink users in container managed JPA will use the Oracle WebLogic
Server logging options to report all log messages generated by EclipseLink. Refer to
"Configuring WebLogic Logging Services" in Oracle® Fusion Middleware Configuring
Log Files and Filtering Log Messages for Oracle WebLogic Server.
To use the EclipseLink native logging configuration, add the following property to
your persistence.xml file:
<property name="eclipselink.logging.logger" value="DefaultLogger"/>
8.1.7 Grid Cache requires CacheLoader
An
oracle.eclipselink.coherence.integrated.EclipseLinkJPACacheLoade
r must be configured for entities configured as Grid Cache to ensure the necessary
TopLink Grid wrapper class is generated.
8-6 Oracle Fusion Middleware Release Notes
Part III
Part III
Part III contains the following chapters:
■
Chapter 9, "Oracle HTTP Server"
■
Chapter 10, "Oracle Web Cache"
Web Tier
9
Oracle HTTP Server
9
This chapter describes issues associated with Oracle HTTP Server. However, there are
no known issues at this time.
Oracle HTTP Server 9-1
9-2 Oracle Fusion Middleware Release Notes
10
Oracle Web Cache
10
This chapter describes issues associated with Oracle Web Cache. It includes the
following topics:
■
Section 10.1, "Configuration Issues and Workarounds"
10.1 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
■
Section 10.1.1, "Reset the Random Password Generated When Installing Oracle
Portal, Forms, Reports, and Discoverer"
Section 10.1.2, "Running Oracle Web Cache Processes as a Different User Is Not
Supported"
10.1.1 Reset the Random Password Generated When Installing Oracle Portal, Forms,
Reports, and Discoverer
For enhanced security, no default hard-coded passwords are used for managing
Oracle Web Cache.
When you install the Oracle Web Tier installation type, the Oracle Universal Installer
prompts you to choose a password. The Web Cache Administrator page of the Oracle
Universal Installer prompts you to enter a password for the administrator account.
The administrator account is the Oracle Web Cache administrator authorized to
log in to Oracle Web Cache Manager and make configuration changes through that
interface.
When you install Oracle Portal, Forms, Reports, and Discoverer, the prompt for the
administrator password is missing. Instead, the Oracle Portal, Forms, Reports and
Discoverer install type uses a random value chosen at install time.
Regardless of the installation type, before you begin configuration, change the
passwords for these accounts to a secure password. If you are configuring a cache
cluster, all members of the cluster must use the same password for the
administrator account.
To change the password, use the Passwords page of Fusion Middleware Control, as
described in "Configuring Password Security" in the Oracle Fusion Middleware
Administrator's Guide for Oracle Web Cache.
Oracle Web Cache 10-1
Configuration Issues and Workarounds
10.1.2 Running Oracle Web Cache Processes as a Different User Is Not Supported
Running Oracle Web Cache as a user other than the installed user through the use of
the webcache_setuser.sh setidentity command is not supported.
Specifically, you cannot change the user ID with the following sequence:
1.
Change the process identity of the Oracle Web Cache processes in the Process
Identity page using Oracle Web Cache Manager (Properties > Process Identity).
2.
Use the webcache_setuser.sh script as follows to change file and directory
ownership:
webcache_setuser.sh setidentity user_ID
user_ID is the user you specified in the User ID field of the Process Identity
page.
3.
Restart Oracle Web Cache using opmnctl.
Oracle Web Cache will start and then immediately shut down.
In addition, messages similar to the following are displayed in the event log:
[2009-06-02T21:22:46+00:00] [webcache] [ERROR:1] [WXE-13212] [logging] [ecid: ]
Access log file
/scratch/webtier/home/instances/instance1/diagnostics/logs/WebCache/webcache1/a
ccess_log could not be opened.
[2009-06-02T21:22:46+00:00] [webcache] [WARNING:1] [WXE-13310] [io] [ecid: ]
Problem opening file
/scratch/webtier/home/instances/instance1/config/WebCache/webcache1/webcache.pi
d (Access Denied).
[2009-06-02T21:22:46+00:00] [webcache] [ERROR:1] [WXE-11985] [esi] [ecid: ]
Oracle Web Cache is unable to obtain the size of the default ESI fragment page
/scratch/webtier/home/instances/instance1/config/WebCache/webcache1/files/esi_
fragment_error.txt.
[2009-06-02T21:22:46+00:00] [webcache] [WARNING:1] [WXE-11905] [security]
[ecid: ] SSL additional information: The system could not open the specified
file.
For more information about the webcache_setuser.sh script, see "Running
webcached with Root Privilege" in the Oracle Fusion Middleware Administrator's Guide
for Oracle Web Cache.
10-2 Oracle Fusion Middleware Release Notes
Part IV
Part IV
Oracle WebLogic Server
Part IV contains the following chapters:
■
Chapter 11, "Oracle WebLogic Server"
11
Oracle WebLogic Server
11
This chapter describes issues associated with Oracle WebLogic Server. It includes the
following topics:
■
Section 11.1, "General Issues and Workarounds"
■
Section 11.2, "Administration Console Issues and Workarounds"
■
Section 11.3, "Apache Beehive Support Issues and Workarounds"
■
Section 11.4, "Configuration Issues and Workarounds"
■
Section 11.5, "Connector (Resource Adapter) Issues and Workarounds"
■
Section 11.6, "Console Extensions Issues and Workarounds"
■
Section 11.7, "Core Server and Core Work Manager Issues and Workarounds"
■
Section 11.8, "Deployment Issues and Workarounds"
■
Section 11.9, "EJB Issues and Workarounds"
■
Section 11.10, "Examples Issues and Workarounds"
■
Section 11.11, "HTTP Publish/Subscribe Server Issues and Workarounds"
■
Section 11.12, "Installation Issues and Workarounds"
■
Section 11.13, "Java EE Issues and Workarounds"
■
Section 11.14, "JDBC Issues and Workarounds"
■
Section 11.15, "JMS Issues and Workarounds"
■
Section 11.16, "JNDI Issues and Workarounds"
■
Section 11.17, "JSP and Servlet Issues and Workarounds"
■
Section 11.18, "JTA Issues and Workarounds"
■
Section 11.19, "Java Virtual Machine (JVM) Issues and Workarounds"
■
Section 11.20, "Monitoring Issues and Workarounds"
■
Section 11.21, "Node Manager Issues and Workarounds"
■
Section 11.22, "Operations, Administration, and Management Issues and
Workarounds"
■
Section 11.23, "Oracle Kodo Issues and Workarounds"
■
Section 11.24, "Protocols Issues and Workarounds"
■
Section 11.25, "RMI-IIOP Issues and Workarounds"
■
Section 11.26, "Security Issues and Workarounds"
Oracle WebLogic Server 11-1
General Issues and Workarounds
■
Section 11.27, "SNMP Issues and Workarounds"
■
Section 11.28, "Spring Framework on WebLogic Server Issues and Workarounds"
■
Section 11.29, "System Component Architecture (SCA) Issues and Workarounds"
■
Section 11.30, "Upgrade Issues and Workarounds"
■
Section 11.31, "Web Applications Issues and Workarounds"
■
Section 11.32, "WebLogic Server Scripting Tool (WLST) Issues and Workarounds"
■
Section 11.33, "Web Server Plug-Ins Issues and Workarounds"
■
Section 11.34, "Web Services and XML Issues and Workarounds"
■
Section 11.35, "WebLogic Tuxedo Connector Issues and Workarounds"
■
Section 11.36, "Documentation Errata"
For a list of bugs that are fixed in WebLogic Server 11g Release
1 (10.3.5), enter the following document ID in the Search Knowledge
Base field. You must enter the entire document ID.
Note:
1302753.1
11.1 General Issues and Workarounds
This section describes the following issues and workarounds:
■
Section 11.1.1, "Oracle WebLogic Server Version Number"
■
Section 11.1.2, "Oracle ojdbc14.jar File Has Been Changed to ojdbc6.jar"
■
■
■
Section 11.1.3, "Strong Password Enforcement May Cause Issues With WLST
Offline Scripts"
Section 11.1.4, "In Turkish Locale, MDS Initialization Fails"
Section 11.1.5, "Administration Server Reports a 'Too Many Open Files' Message
on the EM Console"
11.1.1 Oracle WebLogic Server Version Number
Oracle Fusion Middleware 11g contains Oracle WebLogic Server 11g. The version
number of Oracle WebLogic Server is 10.3.5.
11.1.2 Oracle ojdbc14.jar File Has Been Changed to ojdbc6.jar
The Oracle ojdbc14.jar file has been changed to ojdbc6.jar, for use with JDK 5
or 6. As a result, any explicit references you make to ojdbc14.jar must be changed
to ojdbc6.jar.
11.1.3 Strong Password Enforcement May Cause Issues With WLST Offline Scripts
With the implementation of strong password enforcement (8 character minimum with
one numeric or special character) in this release of WebLogic Server, existing scripts
could potentially encounter issues.
Workaround
Use either of the following workarounds to bypass the new password restrictions.
11-2 Oracle Fusion Middleware Release Notes
Administration Console Issues and Workarounds
■
■
Set the BACKWARD_COMPAT_PW_CHECK environment variable to true.
Include the -Dbackward.compat.pw.check=true option when invoking
WLST.
Oracle recommends that you change passwords to comply with the new password
requirements, as this variable and option will be removed in a future release of
WebLogic Server.
11.1.4 In Turkish Locale, MDS Initialization Fails
Any applications that use an MDS repository cannot be deployed or run with the
JAXB version bundled with WebLogic Server as null values are returned for attributes
named id.
Workaround
Start the server in English locale.
11.1.5 Administration Server Reports a 'Too Many Open Files' Message on the EM
Console
The WebLogic Server Administration Server reports a Too Many Open Files
message on the Enterprise Manager (EM) console when the maximum number of file
descriptors configured for the Administration Server is less than 65535.
Workaround
Increase the number of file descriptors within the shell and restart the WLS
Administration Server within that shell. The command to increase the number of file
descriptors (nofiles) differs across Operating Systems and shells but it's usually done
with the ulimit command on UNIX platforms so consult the man pages for ulimit.
For example:
$ ulimit -n 65535
11.2 Administration Console Issues and Workarounds
This section describes the following issues and workarounds:
■
Section 11.2.1, "Console Help Viewer Does Not Display Help Table of Contents or
Search"
■
Section 11.2.2, "Cached JDBC Information is not Displayed"
■
Section 11.2.3, "Pressing Browser Back Button Discards Context"
■
Section 11.2.4, "Unsupported Work Manager Configurations Can Be Created"
■
Section 11.2.5, "Server Status Table Reflects Inconsistent Information"
■
Section 11.2.6, "Exceptions When Defining a Security Policy for an EJB"
■
Section 11.2.7, "Administration Console Does Not Always Reflect External
Changes Made in a Deployment Plan"
■
Section 11.2.8, "Oracle OCI Driver Support"
■
Section 11.2.9, "Data Takes a Long Time to Display on the Metric Browser Tab"
Oracle WebLogic Server 11-3
Administration Console Issues and Workarounds
11.2.1 Console Help Viewer Does Not Display Help Table of Contents or Search
The WebLogic Server Administration Console help is displayed without the Help
Contents appearing in the left pane or a functional search.
Workaround
Disabling the SIP and WTC l10n console extensions resolves this issue. In the banner
toolbar region at the top of the right pane of the Console, select Preferences >
Extensions. Select the check box next to sipserver-console-ext-l10n and wtc-l10n, click
Disable and restart the Administration Server.
11.2.2 Cached JDBC Information is not Displayed
Information about cached JDBC statements is not displayed on the JDBC Monitoring
pages.
11.2.3 Pressing Browser Back Button Discards Context
After a page flow completes in the Administration Console, it forwards to a different
page, typically a table.
Pressing the browser Back button at this point results in an attempt to load the last JSP
file in the completed assistant. At this point, all of the context for this assistant is
discarded.
Workaround
Oracle recommends that you do not use the browser Back button to step back into an
assistant once changes are cancelled or finished, and that you do not go back to a
previous step in an assistant. Instead, use the navigation links and buttons in the
Administration Console.
11.2.4 Unsupported Work Manager Configurations Can Be Created
The Administration Console permits the creation of Work Manager configurations that
are not supported and do not function as intended. Incorrect Work Manager
configurations may result in a number of exceptions being recorded in the server logs,
most commonly 'Validation problems were found' exceptions while parsing
deployment descriptors.
Workaround
Follow the guidelines described in the online help for Work Manager configurations.
Specifically, you can only assign one request class to any given Work Manager, and
that request class must be of the same or a broader scope than the Work Manager. You
should not assign an application-scoped request class to a global Work Manager, and
you should not create more than one application-scoped request class for an
application-scoped Work Manager.
Correcting the Work Manager configurations to match the documented constraints
resolves these issues.
11.2.5 Server Status Table Reflects Inconsistent Information
The Server Status table on the Cluster: Monitoring: Summary page includes two
default columns: Primary and Secondary Distribution Names. These fields do not
always reflect all of the replication statistics that are collected and displayed on the
Cluster: Monitoring: Failover page, depending on the replication scenario.
11-4 Oracle Fusion Middleware Release Notes
Administration Console Issues and Workarounds
Please refer to the Cluster: Monitoring: Failover page for definitive information.
11.2.6 Exceptions When Defining a Security Policy for an EJB
When defining security policies in the Administration Console for an EJB deployment
that references types defined in a separate library deployment, exceptions can be
observed if that library deployment is not available to the Console.
Workaround
All library deployments should be targeted at the WebLogic Server Administration
Server as well as any Managed Servers needed to support referencing applications.
This will ensure that when defining policies, the Console will have access to those
library deployments so that referenced types can be class-loaded as needed.
11.2.7 Administration Console Does Not Always Reflect External Changes Made in a
Deployment Plan
The Administration Console does not always reflect external changes made in a
deployment plan. If a change is made in a deployment plan outside of the Console (for
example, using Workshop, editing the plan text files directly, or updating a
deployment with a new plan using WLST or webLogic.Deployer) while a Console user
is also viewing that deployment plan, the Console user will not see those changes.
Workaround
Navigate to a configuration page for a different deployment, then navigate back to the
original deployment again.
11.2.8 Oracle OCI Driver Support
The Oracle OCI driver is no longer explicitly listed as a preconfigured driver type in
the Administration Console.
Workaround
The Oracle OCI driver remains a supported driver for application data connectivity,
consistent with prior releases of Oracle WebLogic Server. However, users must now
specify all required configuration properties manually, including the data base
username.
11.2.9 Data Takes a Long Time to Display on the Metric Browser Tab
When using Internet Explorer 7 (IE 7) to display data on the Metric Browser tab of the
Monitoring Dashboard, it takes an unusually long time for the data to display, and
during this time, the page is unresponsive. The amount of time it takes to display data
on this tab depends on the size of the domain.
Workaround
If you need to display data on the Monitoring Dashboard > Metric Browser tab, open
the Administration Console in a supported web browser other than IE 7, such as
Internet Explorer 8 or greater, Firefox 3 or greater, or Safari 4 or greater.
Oracle WebLogic Server 11-5
Apache Beehive Support Issues and Workarounds
11.3 Apache Beehive Support Issues and Workarounds
There are no known Apache Beehive Support issues in this release of WebLogic
Server.
11.4 Configuration Issues and Workarounds
This section describes the following issues and workarounds:
■
■
Section 11.4.1, "Directory For a Non-Existent Server Name Is Created"
Section 11.4.2, "Abnormal Behavior in Terminal Window After Entering WebLogic
Password"
■
Section 11.4.3, "Creating and Updating Domains Takes Too Long"
■
Section 11.4.4, "Password Field Is Not Editable When Configuring a New Domain"
11.4.1 Directory For a Non-Existent Server Name Is Created
If you attempt to connect to the WebLogic Server Administration Server with a
non-existent server name, a directory for the non-existent server name is created under
the domain_name/servers directory.
Workaround
Specify a valid server name when connecting to the Administration Server.
11.4.2 Abnormal Behavior in Terminal Window After Entering WebLogic Password
After pressing Ctrl-C to terminate the startManagedWebLogic.sh process
immediately after entering the WebLogic password, abnormal behavior may be
experienced in the terminal window. For example, when pressing Return, the prompt
is tabbed instead of going to the next line, and any characters that are entered at the
prompt are not displayed in the terminal.
Workaround
Either close the current xterm and start a new one, or enter stty echo into the xterm.
11.4.3 Creating and Updating Domains Takes Too Long
It can take a long time to create or update WebLogic Server domains when:
■
Installing WebLogic Server on UNIX or Linux operating systems if the Server
Examples are included in the installation.
■
Using the WebLogic Server Configuration Wizard to create or update a domain.
■
Using WLST to create or update a domain.
Workaround
Set the CONFIG_JVM_ARGS environment variable to the following value:
-Djava.security.egd=file:/dev/./urandom
11-6 Oracle Fusion Middleware Release Notes
Core Server and Core Work Manager Issues and Workarounds
11.4.4 Password Field Is Not Editable When Configuring a New Domain
On Linux systems, when creating a new domain in the Oracle Fusion Middleware
Configuration Wizard, the Password and Confirm Password fields are sometimes not
editable, and you cannot enter a password to create a domain.
Workaround
There are two ways to work around this issue:
■
■
To work around the issue each time it happens, click the Close Window X button
in the upper right corner of the Configuration Wizard. In the confirmation dialog
that appears, click No to return to the Configuration Wizard. You can then enter
and confirm the password for the domain.
To fix this issue permanently:
1.
Kill all scim processes. For example:
kill `pgrep scim`
2.
Modify (or create) the file ~/.scim/config to include the following line
(case-sensitive):
/FrontEnd/X11/Dynamic = true
3.
If you are running VNC, restart the VNC server.
4.
Run the Configuration Wizard again.
11.5 Connector (Resource Adapter) Issues and Workarounds
There are no known Connector (Resource Adapter) issues in this release of WebLogic
Server.
11.6 Console Extensions Issues and Workarounds
There are no known Extensions issues in this release of WebLogic Server.
11.7 Core Server and Core Work Manager Issues and Workarounds
This section describes the following issues and workarounds:
■
Section 11.7.1, "Threads Become Stuck While Waiting to Get a Connection"
■
Section 11.7.2, "Using IPv6-Formatted Addresses"
■
Section 11.7.3, "Server Cannot Be Started After a Whole Server Migration"
■
Section 11.7.4, "Object State is not Retained After Renaming Field"
■
Section 11.7.5, "Forcing Unicast Messages To Be Processed in Order"
■
■
■
Section 11.7.6, "Servers Configured to Listen on a Host Name Are Listening on a
Different Host Name After Startup"
Section 11.7.7, "Administration Server or Node Manager Cannot Track the Status
of a Managed Server"
Section 11.7.8, "Multicast Traffic Observed to be Unreliable During or After a
Network Partition"
Oracle WebLogic Server 11-7
Core Server and Core Work Manager Issues and Workarounds
11.7.1 Threads Become Stuck While Waiting to Get a Connection
When a machine that is hosting one of the Managed Servers is abruptly shut down, a
network cable is pulled, or its network interface card has issues, and any server
attempts communication with that managed server, threads become stuck waiting to
get a connection.
Workaround
This can currently be resolved by using a private flag:
-Dweblogic.client.SocketConnectTimeoutInSecs
and setting an appropriate timeout value that will release the thread attempting to
make the connection and allow the request to fail quickly.
11.7.2 Using IPv6-Formatted Addresses
When using an IPv6-formatted address for WebLogic Server, the URL should include
square brackets ('[' and ']') for the host address. Otherwise, WLST may fail to connect
to the running server.
Workaround
Add square brackets to the host address. For example:
t3://[fe80:0:0:0:203:baff:fe2f:59e5]:9991
11.7.3 Server Cannot Be Started After a Whole Server Migration
If the WebLogic Server Administration Server is down when a Whole Server
Migration occurs for a clustered server, and the server migrates to a machine on which
it was never run before, the server cannot be started on the new machine.
Workaround
Use one of the following workarounds for this issue:
■
■
Ensure that the Administration Server is up when the server migration is being
performed.
Use a shared disk/NFS for all the migratable servers in the cluster.
11.7.4 Object State is not Retained After Renaming Field
When FastSwap is enabled in a J2EE application, you can make certain types of
changes to Java classes during development and expect to see the change without
re-deploying, with all instance states of the Java object being retained.
One type of change that does NOT retain the object state is that when a field name is
changed, it is treated as follows:
■
the field with old name is deleted
■
the field with new name is added
Thus, in this case, any state in the old field is not carried over to the renamed field.
Using the Workshop or FastSwap ant task, you may see a FastSwap operation
completed successfully message, even when an instance field name change
causes a value reset.
11-8 Oracle Fusion Middleware Release Notes
Core Server and Core Work Manager Issues and Workarounds
Workaround
You should expect an instance value to be reset when you change a field name.
11.7.5 Forcing Unicast Messages To Be Processed in Order
The following conditions can cause very frequent JNDI updates, and as a result, JMS
subscribers may encounter a java.naming.NameNotFoundException:
1.
Unicast messaging is being used for cluster communication.
2.
The JMS topic connection is set with setReconnectPolicy("all").
3.
JMS durable subscribers on topic are created and removed very frequently.
Workaround
To fix this issue, a new property, MessageOrderingEnabled, has been added to the
ClusterMBean. This property forces unicast messages to be processed in strict order.
By default, this property is not enabled. To enable the property, add the following line
manually to the <cluster> element in config.xml.
<message-ordering-enabled>true</message-ordering-enabled>
11.7.6 Servers Configured to Listen on a Host Name Are Listening on a Different Host
Name After Startup
When using a host name to specify configuring the listen address on the WebLogic
Server Administration Server or a Managed Server, machines that are configured with
multiple Ethernet cards may listen on a different host name after startup. For example:
■
The machine has 3 Ethernet cards
■
Card 1 is mapped to hostname1-s (DNS registered host name)
■
Card 2 is mapped to hostname1-i (DNS registered host name)
■
Card 3 is mapped to hostname1 (actual node's host name)
■
You configure the server to listen on hostname1
■
After starting the server, it is listening on hostname1-s because Windows
resolves the actual node's host name to the first enabled Ethernet card address
Workaround
Use one of the following three workarounds for this issue:
1.
Use the IP address, instead of the host name, as the listen address of the WebLogic
Server Administration Server. On Managed Servers, use the IP address as the
listen address, or configure the actual physical host name to the first Ethernet card
in the machine.
2.
Add the following entry to the C:\Windows\system32\drivers\etc\hosts file on
the machine:
<ip_address> <hostname>
3.
Change the order of the network cards in the machine so that the card with the
actual node's host name is Card 1.
Oracle WebLogic Server 11-9
Deployment Issues and Workarounds
11.7.7 Administration Server or Node Manager Cannot Track the Status of a Managed
Server
If you start a managed server by providing an incorrect WebLogic Server
Administration Server URL from the command line (that is, the Administration Server
cannot be reachable at the provided URL), the managed server will start in Managed
Server Independence (MSI) mode.
In this case, neither the Administration Server nor Node Manager can track the status
of the managed server. The Administration Console will show the status of the
managed server as UNKNOWN, but the server will actually be RUNNING in MSI
mode.
11.7.8 Multicast Traffic Observed to be Unreliable During or After a Network Partition
During or after a network partition that causes a server migration to take place,
multicast traffic has been observed to be unreliable. For example, one node may be
receiving multicast traffic, but traffic originating from this node is not received on
other nodes in the network. As a result, the migrated servers are not added to the
cluster because their heartbeats were not received.
Workaround
Currently, the only known workaround is to use unicast cluster messaging.
11.8 Deployment Issues and Workarounds
This section describes the following issues and workarounds:
■
Section 11.8.1, "security-permission Element is not Available in
weblogic-application.xml"
■
Section 11.8.2, "Extraneous String Values Interpreted as File Specification"
■
Section 11.8.3, "java.lang.NoClassDefFoundError is Displayed"
■
■
■
■
■
Section 11.8.4, "The restore Method Does Not Update the DConfig Bean With Plan
Overrides"
Section 11.8.5, "config-root <directory> not found Warning Is Displayed When
Applying a Plan"
Section 11.8.6, "Deployment Task Fails When a Large Application File Is
Deployed"
Section 11.8.7, "Application State Is Not Updated If the Server Starts in MSI Mode"
Section 11.8.8, "Attempting to Redeploy an Application Fails if the Application is
Already Deployed Using a Different Source File Location"
11.8.1 security-permission Element is not Available in weblogic-application.xml
The security-permission element is available in the weblogic.xml and
weblogic-ejb-jar.xml deployment descriptors, but is not available in the
weblogic-application.xml descriptor. Therefore, in an Enterprise application,
you can only apply security policies to JAR files that are EJBs or Web applications.
11-10 Oracle Fusion Middleware Release Notes
Deployment Issues and Workarounds
11.8.2 Extraneous String Values Interpreted as File Specification
The weblogic.Deployer tool interprets any extraneous string values between
command-line arguments as a file specification. For example, if you enter the
command:
java weblogic.Deployer -activate -nostage true -name myname
-source c:\myapp\mymodule
the tool attempts to activate a file specification named true, because the -nostage
option takes no arguments and true is an extraneous string value.
11.8.3 java.lang.NoClassDefFoundError is Displayed
While using the WebLogic Server Administration Console with applications or EJBs
deployed on a Managed Server that depend on a deployed library, you may encounter
a java.lang.NoClassDefFoundError.
Workaround
The WebLogic Server Administration Console needs access to any shared library
deployments so that Java data types and annotations can be processed. Therefore, all
shared library deployments should always be targeted to the WebLogic Server
Administration Server in addition to any Managed Servers or clusters.
11.8.4 The restore Method Does Not Update the DConfig Bean With Plan Overrides
The restore method does not correctly update the DConfig Bean with the plan
overrides. For example, given the following steps:
DeployableObject dObject =
WebLogicDeployableObject.createDeployableObject(new File(appName));
DeploymentConfiguration dConfig =
WebLogicDeploymentManager.createConfiguration(dObject);
dConfig.restore(new FileInputStream(new File(plan)));
the plan does not correctly override the DConfig Bean.
Workaround
Specify the plan when initializing the configuration for the application. For example:
helper = SessionHelper.getInstance(
SessionHelper.getDisconnectedDeploymentManager());
helper.setApplication(app);
helper.setPlan(new File(plan));
helper.initializeConfiguration();
11.8.5 config-root <directory> not found Warning Is Displayed When Applying a Plan
If you use the Administration Console to make configuration changes to an
application, a deployment plan will be generated. If external descriptors are generated
as part of the deployment plan, they are placed in the config root plan directory. This
directory will be set in the deployment plan 'config-root' attribute.
If no external descriptors are required, the config root directory will not be created,
and a warning is displayed when you apply the deployment plan. This results in the
following warning in the server output:
<Warning <WWebLogicDescriptorWL> <BEA-2156000><"config-root" C:\deployments\plan
was not found>.
Oracle WebLogic Server
11-11
EJB Issues and Workarounds
Workaround
Create the plan directory manually.
11.8.6 Deployment Task Fails When a Large Application File Is Deployed
When a large application file is deployed using the upload option, the deployment
task fails with the following error:
java.lang.OutOfMemoryError: Java heap space
To resolve this issue, a new system property,
weblogic.deploy.UploadLargeFile, has been added. If you see this issue,
include this flag in the java command you use to launch a deployment client.
If you are using the WebLogic Server patch releases 9.2 MP2, 9.2 MP3,10.0 MP1, 10.0
M2, 10.3, 10.3.1, 10.3.2, or 10.3.3, this flag is not needed.
11.8.7 Application State Is Not Updated If the Server Starts in MSI Mode
A managed server will start in MSI mode if the WebLogic Server Administration
Server is not available when the managed server starts. If you start the Administration
Server later, the managed server will connect to the Administration Server. However,
the state of each application deployed to the managed server is not updated to reflect
the state of the applications on the managed server. Each application's state is
displayed as NEW or PREPARED in the WebLogic Server Administration Console.
Workaround
There are two workarounds for this issue:
■
Start the Administration Server before starting the managed server, or
■
Redeploy the application after starting the Administration Server.
11.8.8 Attempting to Redeploy an Application Fails if the Application is Already
Deployed Using a Different Source File Location
If you initially deployed an application using one source file location, then attempt to
redeploy the application using a new location for the source file, the deployment fails
with the following exception:
New source location <new_source_file_path> cannot be configured deployed to
configured application, <application_name>. The application source is at
original_source_file_path. Changing the source location is not allowed for a
previously attempted deployment. Try deploying without specifying the source.
This is due to a WebLogic Server deployment restriction. Once you specify the source
file for a deployment, you cannot change it on a redeployment.
Workaround
Undeploy the application before attempting to redeploy it using a new source file
location.
11.9 EJB Issues and Workarounds
This section describes the following issues and workarounds:
■
Section 11.9.1, "Primary Key in Oracle Table is CHAR"
11-12 Oracle Fusion Middleware Release Notes
EJB Issues and Workarounds
■
■
■
■
■
■
■
Section 11.9.2, "No Available Annotation That Enables Creation of a Clusterable
Timer"
Section 11.9.3, "Kodo's MappingTool Cannot Generate Schemas"
Section 11.9.4, "Extensions to the JPA Metadata Model Can Only Be Specified Via
Annotations"
Section 11.9.5, "Lookup Method Injection Not Supported by Spring"
Section 11.9.6, "Deserializing a JDO PersistenceManagerFactory in a Managed
Environment May Fail"
Section 11.9.7, "Indexes Not Always Created During Schema Creation"
Section 11.9.8, "OpenJPA throws an exception when @Id fields are also annotated
as @Unique"
■
Section 11.9.9, "Cache Hit and Miss Counts May Rise Unexpectedly"
■
Section 11.9.10, "Open JPA Tries to Create a Table Even if the Table Exists"
■
Section 11.9.11, "EJB Applications Fail During Serialization"
■
Section 11.9.12, "Non-Transactional Message-Driven Bean Container Can Fail to
Provide Reproducible Behavior For Foreign Topics"
11.9.1 Primary Key in Oracle Table is CHAR
The primary key in an Oracle table is a CHAR but the query field in the SQL table is a
VARCHAR2.
Workaround
Change the database schema from CHAR to VARCHAR2. Using CHAR as a primary
key is not recommended for the Oracle database.
11.9.2 No Available Annotation That Enables Creation of a Clusterable Timer
There is no annotation for EJB3 beans or Ejbgen that enables creation of a clusterable
timer.
Workaround
Create a weblogic-ejb-jar.xml file and put the <timer-implementation> element
and corresponding values into the file.
11.9.3 Kodo's MappingTool Cannot Generate Schemas
Kodo's MappingTool cannot generate schemas for classes that use BLOBs in their
primary key. BLOBs can be used in a primary key, but the schema must be defined
manually. Note that support for BLOB columns in primary keys is not mandated by
either the JDO or JPA specifications.
11.9.4 Extensions to the JPA Metadata Model Can Only Be Specified Via Annotations
Extensions to the JPA metadata model can only be specified via annotations, and not
via a structure similar to the orm.xml file defined by the specification.
Workaround
To specify Kodo-specific metadata for your object model, either:
Oracle WebLogic Server
11-13
EJB Issues and Workarounds
■
■
use the Kodo-specific annotations, or
convert your XML-based metadata to the JDO metadata format, which does
support XML specification of extensions.
11.9.5 Lookup Method Injection Not Supported by Spring
The Weblogic Spring injection extension model doesn't support lookup method
injection.
11.9.6 Deserializing a JDO PersistenceManagerFactory in a Managed Environment May
Fail
Deserializing a JDO PersistenceManagerFactory in a managed environment may
fail. The exception states that the
javax.jdo.PersistenceManagerFactoryClass property is missing. Note that
serializing a PersistenceManagerFactory should not generally be necessary in a
managed environment.
11.9.7 Indexes Not Always Created During Schema Creation
Indexes declared at the class level are not always created during schema creation.
Workaround
Create the indexes manually after running the schema generation tools.
11.9.8 OpenJPA throws an exception when @Id fields are also annotated as @Unique
OpenJPA throws an exception when @Id fields are also annotated as @Unique in
some databases. Database primary keys are unique by definition. Some databases
implement this by creating a unique index on the column.
Workaround
Do not specify both @Id and @Unique on a single field.
11.9.9 Cache Hit and Miss Counts May Rise Unexpectedly
The cache hit and miss counts may rise unexpectedly when manipulating entities
without version data. The extra cache access occurs when the EntityManager closes
and all contained entities are detached. Entities without version fields appear to the
system to be missing their version data, and the system responds by checking their
version in the cache before detachment.
Workaround
Entities with version fields or other version strategies do not cause extra cache access.
11.9.10 Open JPA Tries to Create a Table Even if the Table Exists
When using the MySQL database, and OpenJPA is configured to automatically run the
mapping tool at runtime and create tables within the default schema (for example):
<property name='openjpa.jdbc.SynchronizeMappings' value='buildSchema'/>
<property name='openjpa.jdbc.Schema' value='MySQL database name' />
11-14 Oracle Fusion Middleware Release Notes
Examples Issues and Workarounds
OpenJPA will try to create the table even if the table already exists in the database. A
PersistenceException will be thrown to indicate that the table already exists and the
table creation statement fails.
Workaround
To avoid this problem, if you are using the MySQL database, don't configure OpenJPA
to automatically run the mapping tool at runtime and specify the default schema at the
same time.
11.9.11 EJB Applications Fail During Serialization
EJB applications that use IIOP and send JPA entities from the server to the client will
fail during deserialization if the entities are Serializable (but not Externalizable) and do
not declare a writeObject() method.
Workaround
Add a writeObject() method to such entity classes. The write object can be trivial:
private void
writeObject(java.io.ObjectOutputStream out)
throws IOException {
out.defaultWriteObject();
}
11.9.12 Non-Transactional Message-Driven Bean Container Can Fail to Provide
Reproducible Behavior For Foreign Topics
When using multi-threaded processing for non-transactional topic Message-Driven
Beans (MDBs) that specify a foreign topic (non-WebLogic) JMS, the MDB container can
fail to provide reproducible behavior. For example, if a runtimeException is
thrown in the onmessage() method, the container may still acknowledge the
message.
Workaround
Set the max-beans-in-free-pool attribute to 1 in the deployment descriptor.
11.10 Examples Issues and Workarounds
This section describes the following issues and workarounds:
■
Section 11.10.1, "Security Configuration in medrec.wls.config"
■
Section 11.10.2, "HTML File not Created for StreamParser.java File"
■
Section 11.10.3, "Warning Message Appears When Starting Medrec or Samples
Domain"
11.10.1 Security Configuration in medrec.wls.config
The medrec.wls.config target in SAMPLES_
HOME/server/medrec/setup/build.xml has a known issue with respect to
security configuration.
Oracle WebLogic Server
11-15
HTTP Publish/Subscribe Server Issues and Workarounds
11.10.2 HTML File not Created for StreamParser.java File
The ../xml/stax example contains two files with the same root but different
extensions: StreamParser.java and StreamParser.jsp. The samples viewer
build, however, creates just one corresponding HTML file, rather than two for each
type of file. In this case only the StreamParser.jsp file has an equivalent HTML
file; the StreamParser.java file does not.
The problem occurs because of a setting in the build.xml file that controls the behavior
of java2html to generate the files for the documentation.
When using java2html, the useShortFileName="true" parameter crops off the
file extensions for the source files to create the file names for the HTML output files. If
two files have the same name and different file extensions, whichever HTML file is
generated last will overwrite previous ones.
Workaround
Set the useShortFileName parameter to "false". This setting generates HTML files
with the file extensions included in the name. The drawback to this solution is that
every link that points to the HTML output file needs to be revised, regardless of
whether the files in question were affected by the bug.
11.10.3 Warning Message Appears When Starting Medrec or Samples Domain
When you start the medrec or samples domains, you may see a warning message
similar to this:
<Warning> <WorkManager> <BEA-002919> <Unable to find a WorkManager with name
weblogic.wsee.mdb.DispatchPolicy. Dispatch policy
weblogic.wsee.mdb.DispatchPolicy will map to the default WorkManager for the
application bea_wls_async_response>
This warning message appears in the standard output of the Console while starting a
WebLogic Server sample application with an asynchronous Web Service deployed.
Workaround
The warning is harmless and can be ignored.
11.11 HTTP Publish/Subscribe Server Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
Section 11.11.1, "Authentication and Authorization of the Local Client is not
Supported"
Section 11.11.2, "Event Messages Published by Local Clients Cannot Be Received"
Section 11.11.3, "Event Messages Published By Local Clients Do Not Go Through
Filters"
11.11.1 Authentication and Authorization of the Local Client is not Supported
The HTTP Publish/Subscribe server does not support authentication and
authorization of the local client. The local client has full permissions to operate on
channels of the HTTP Publish/Subscribe server, which means the local client can
create/delete channels and publish/subscribe events from channels.
11-16 Oracle Fusion Middleware Release Notes
Installation Issues and Workarounds
11.11.2 Event Messages Published by Local Clients Cannot Be Received
In a clustering environment, event messages published by a local client on a server can
be received only by subscribed clients connected to the same server. These messages
cannot be received by subscribed clients connected to other servers in the cluster.
11.11.3 Event Messages Published By Local Clients Do Not Go Through Filters
Event messages published to a channel by a local client will not go through the
Message Filters configured to that channel.
11.12 Installation Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
■
■
■
■
Section 11.12.1, "Sybase JDBC Drivers Not Downloaded with Upgrade
Installation"
Section 11.12.2, "Improper Rollback to Previous Installation May Occur After
Exiting an Upgrade Installation Prematurely"
Section 11.12.3, "Unable to Upgrade to WebLogic Server 10.3.4 Using Smart
Update"
Section 11.12.4, "Documentation Link in QuickStart Points to an Older Library"
Section 11.12.5, "WebLogic Server Installer Fails With Insufficient Disk Space
Error"
Section 11.12.6, "Installation Fails with Fatal Error"
Section 11.12.7, "Installation of Oracle WebLogic Server 10.3.5 on HP-UX PA-RISC
11.31 Fails in GUI Mode"
11.12.1 Sybase JDBC Drivers Not Downloaded with Upgrade Installation
The Oracle WebLogic Server 11g Release 1 installer does not download the Sybase
JDBC drivers. When you try to upgrade an existing WebLogic Server 10.3 installation
using the latest installer, it does not remove the Sybase JAR files from the original
installation. The installer upgrades only the weblogic.jar file.
The Sybase JAR files (jconn2.jar, jconn3.jar, and jConnect.jar) in the /server/lib or
/server/ext/jdbc/sybase directories are removed from the manifest classpath in the
upgraded weblogic.jar file. Therefore, if the classpath of a WebLogic Server
application does not include Sybase JAR files and only includes weblogic.jar then after
the upgrade installation, the application will throw a ClassNotFoundException.
To work around this issue, explicitly add Sybase JAR files in the WebLogic Server
application classpath.
11.12.2 Improper Rollback to Previous Installation May Occur After Exiting an Upgrade
Installation Prematurely
When using an Upgrade installer or Smart Update to upgrade an existing WebLogic
Server 10.3.x installation to WebLogic Server 10.3.4, if you abort the upgrade before
completion, the installation should automatically roll back to the prior installation.
This may not always occur, resulting in an unusable installation.
Oracle WebLogic Server
11-17
Installation Issues and Workarounds
11.12.3 Unable to Upgrade to WebLogic Server 10.3.4 Using Smart Update
You cannot use Smart Update to download and install the WebLogic 10.3.4 release
over an existing WebLogic Server 10.3.x release. Instead, you must download the
appropriate WebLogic Server Upgrade installer from My Oracle Support. Search Refer
to the following patch numbers:
■
11060985—WebLogic Server 10.3.4 Generic Upgrade Installer
11060966—WebLogic Server 10.3.4 Upgrade Installer for Linux 32-bit systems
11060958—WebLogic Server 10.3.4 Upgrade Installer for Windows 32-bit systems
11060943—WebLogic Server 10.3.4 Upgrade Installer for Solaris 32-bit systems
You can still use Smart Update to download and install a patch set or maintenance
pack for any supported release prior to WebLogic Server 10.3.4. You can also still use
Smart Update to download individual patches for any supported release, including
patches for WebLogic Server 10.3.4.
11.12.4 Documentation Link in QuickStart Points to an Older Library
When you click "Access documentation online" on the QuickStart window (accessible
from the Start Menu), you are taken to the Oracle Fusion Middleware 11g Release 1
(11.1.1.4) documentation library. The link should take you to the Oracle Fusion
Middleware 11g Release 1 (11.1.1.5) documentation library, which is available at:
http://download.oracle.com/docs/cd/E21764_01/wls.htm
11.12.5 WebLogic Server Installer Fails With Insufficient Disk Space Error
The WebLogic Server installer can fail with an insufficient disk space error, even when
there is a large amount of available disk space on the file system or disk.
Workaround
Use the -Dspace.detection property in the installation command to disable the
available space check. For example:
java -Xmx1024M -Dspace.detection=false -jar installer_file_name
-mode=silent -silent_xml=silent.xml
or
wls1034_linux.bin -Dspace.detection=false
11.12.6 Installation Fails with Fatal Error
The installer does not verify whether sufficient disk space is available on the machine
prior to completing the installation. As a result, if an installation cannot be completed
due to insufficient space, the installer displays the following error message and exits:
Fatal error encountered during file installation. The installer will now
cleanup and exit!
Workaround
If this problem occurs, restart the installer using the following command:
server103_linux32.bin -log=log.out -log_priority=debug
11-18 Oracle Fusion Middleware Release Notes
Java EE Issues and Workarounds
The preceding command generates a log of the installation procedure, providing
details about the exact cause of the failure. If the cause is indeed insufficient space, the
log file indicates it explicitly.
11.12.7 Installation of Oracle WebLogic Server 10.3.5 on HP-UX PA-RISC 11.31 Fails in
GUI Mode
If the installer for Oracle WebLogic Server 10.3.5 is started by java -jar wls1035_
generic.jar command in GUI mode with 32-bit JDK, the installation fails at the end
of the installation process. This issue occurs on HP-UX PA-RISC 11.31 only.
The installer shows the following error:
# A fatal error has been detected by the Java Runtime Environment:
#
SIGSEGV (11) at pc=ca19ffa8, pid=20644, tid=21
# JRE version: 6.0
# Java VM: Java HotSpot(TM) Server VM (17.1-b03-jre1.6.0.09-rc1 PA2.0
(aCC_AP) mixed mode hp-ux-pa-risc )
# Problematic frame:
# V [libjvm.sl+0x521b7848]
#
Please report this error to HP customer support.
Workaround
Use java -Dspace.detection=false -jar wls1035_generic.jar
command to install Oracle WebLogic Server 10.3.5 in GUI mode.
Or
Use java -jar wls1035_generic.jar -mode=console command to install
Oracle WebLogic Server 10.3.5 in console mode.
11.13 Java EE Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
Section 11.13.1, "FastSwap May Relax the Access Modifiers of Fields and Methods"
Section 11.13.2, "FastSwap Does Not Support Redefinition of the Entity Bean and
ejbClass"
Section 11.13.3, "Classpath Order Is Not Guaranteed When There Are Multiple
JARs in an EAR File"
11.13.1 FastSwap May Relax the Access Modifiers of Fields and Methods
FastSwap may relax the access modifiers of fields and methods. Private and protected
members may be made public at runtime. This changes the behavior of reflection and
may affect reflection-based frameworks such as Struts.
11.13.2 FastSwap Does Not Support Redefinition of the Entity Bean and ejbClass
FastSwap does not support redefinition of the Entity bean and ejbClass
(Session/MDB). Therefore, any updates to entity classes will cause redefinition errors.
Oracle WebLogic Server
11-19
JDBC Issues and Workarounds
Workaround
After updating an entity class, redeploy the application.
11.13.3 Classpath Order Is Not Guaranteed When There Are Multiple JARs in an EAR
File
When you have an EAR file containing separate JAR files, and two or more of those
JAR files have a class with the same name, it is not possible to predict from which of
those JAR files WebLogic Server will instantiate the class. This is not an issue if the
classes are the same, but if they are different implementations, the results are
unpredictable.
Workaround
Currently there is no known workaround for this issue.
11.14 JDBC Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
■
Section 11.14.1, "Queries Can Take Longer When Using Data Direct 4.0 MSSQL
Driver"
Section 11.14.2, "An Attempt to Access a Remote 10.3.2 or Later WLS Data Source
Fails"
Section 11.14.3, "BLOB Data Is Not Updating in the Database"
Section 11.14.4, "ORA-01591 Errors Occur on SOA Servers Configured to Use
Multiple Oracle RAC Nodes"
11.14.1 Queries Can Take Longer When Using Data Direct 4.0 MSSQL Driver
In WebLogic Server Release 10.3.2, our OEM DataDirect drivers were upgraded to 4.0.
In order for the SQLServer driver to fully handle new DBMS data types, when running
in it's default configuration, queries will take longer. If application access to new data
types can be limited to getString(), the following configuration workarounds will
restore the performance.
Workaround
Add the following driver property to the list of driver properties for the WebLogic
data source's connection pool. From the Administration Console, select the
Configuration>Connection Pool tab for the data source.
For a non-XA connection pool, add:
ReportDateTimeTypes=false
For an XA connection pool, add:
ExtendedOptions=ReportDateTimeTypes=false
Alternatively, you can accomplish the same result by adding the property to the data
source's XML configuration file.
For non-XA:
<jdbc-driver-params>
<properties>
<property>
<name>ReportDateTimeTypes</name>
11-20 Oracle Fusion Middleware Release Notes
JDBC Issues and Workarounds
<value>false</value>
</property>
For XA:
<jdbc-driver-params>
<properties>
<property>
<name>ExtendedOptions</name>
<value>ReportDateTimeTypes=false</value>
</property>
11.14.2 An Attempt to Access a Remote 10.3.2 or Later WLS Data Source Fails
A new system property, -Dweblogic.jdbc.remoteEnabled, has been added to
JDBC in Oracle WebLogic Server 10.3.2. For compatibility with prior releases of
WebLogic Server, the default setting of this property is true. When this property is
set to false, remote JDBC access is turned off, and such access results in an exception.
Remote access may occur explicitly in an application, or implicitly during a global
(XA/JTA) transaction with a participating non-XA data source that is configured with
the LLR, 1PC or Emulate XA global transaction option. The following enumerates the
cases when an exception will be thrown, and work-arounds for each case (if any).
An exception occurs in the following cases. A workaround (if any) for a given case is
provided.
■
■
■
■
When a stand-alone client application uses any type of data source.
When an application that is hosted on WebLogic Server uses any type of data
source, and the data source is not configured (targeted) locally. A potential
workaround is to target the data source locally.
When accessing a same named non-XA data source with a transaction option of
LLR, 1PC or Emulate XA on multiple WebLogic Server instances in the same
global transaction. In this case, there are two potential work-arounds:
–
Change data sources to use XA instead (this may lower performance), or
–
For the 1PC/emulateXA types, change the application to ensure the data
source is accessed from a single server.
When accessing a non-XA data source with the LLR transaction option on a server
that is different than the transaction coordinator. For server-initiated transactions,
the coordinator location is chosen based on the first participating resource in the
transaction. In this case, there are two potential work-arounds: (a) change the data
source to use XA instead (this may lower performance); or (b) change the
application to ensure data source access on the transaction coordinator, as
described in "Optimizing Performance with LLR" in Oracle Fusion Middleware
Programming JTA for OracleWebLogic Server. The latter may not be possible in
some cases; for example, when an MDB application receives messages from a
remote WebLogic JMS server, the transaction coordinator will always be the
WebLogic server that's hosting the JMS server, but it may not be possible to move
the MDB application to the same WebLogic server.
–
Change the data source to use XA instead (this may lower performance), or
–
Change the application to ensure data source access on the transaction
coordinator, as described in "Optimizing Performance with LLR" in Oracle
Fusion Middleware Programming JTA for Oracle WebLogic Server. This
workaround may not be possible in some cases. For example, when an MDB
Oracle WebLogic Server
11-21
JMS Issues and Workarounds
application receives messages from a remote WebLogic JMS server, the
transaction coordinator will always be the WebLogic Server instance that is
hosting the JMS server, but it may not be possible to move the MDB
application to the same WebLogic Server instance.
11.14.3 BLOB Data Is Not Updating in the Database
When using a Data Direct MSSQL driver, and using the updateBlob() and
updateBinaryStream() methods to update BLOB data in RowSet objects, the data
is not being updated in the database.
11.14.4 ORA-01591 Errors Occur on SOA Servers Configured to Use Multiple Oracle
RAC Nodes
On SOA servers using multiple Oracle RAC database nodes, when WebLogic Server
multi data sources are configured for XA and load balancing, ORA-10591 errors can
occur.
Workaround
Download and apply Oracle RAC database patch 7675269 for Linux x86, Oracle
Release 11.1.0.7.0. You can download this patch from My Oracle Support.
Alternatively, you can download and apply patch set 9007079 for Linux x86, Oracle
Release 11.1.0.7.0, which includes the patch 7675269.
11.15 JMS Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
■
■
■
■
Section 11.15.1, "Deployment Descriptor Validation Fails"
Section 11.15.2, "Exception When Multiple Producers Use the Same Client SAF
Instance"
Section 11.15.3, "Multi-byte Characters are not Supported in Store File and
Directory Names"
Section 11.15.4, "Generation of the Default UOO Name Has Changed"
Section 11.15.5, "Testing Abrupt Failures of WebLogic Server When Using File
Stores on NFS"
Section 11.15.6, "JMS Message Consumers Will Not Always Reconnect After a
Service Migration"
Section 11.15.7, "Forcing Unicast Messages To Be Processed in Order"
11.15.1 Deployment Descriptor Validation Fails
Deployment descriptor validation fails when descriptor validation is enabled, and an
EAR file contains only JMS modules.
Workaround
Make sure that there is at least one J2EE specification-compliant module in the EAR.
11-22 Oracle Fusion Middleware Release Notes
JMS Issues and Workarounds
11.15.2 Exception When Multiple Producers Use the Same Client SAF Instance
When multiple JMS producers use the same JMS Client SAF instance (within a single
JVM), depending on the timing of the JMS SAF client creation, you might receive the
following exception:
Error getting GXA resource [Root exception is weblogic.jms.common.JMSException:
weblogic.messaging.kernel.KernelException: Error getting GXA resource]
Workaround
When using multiple JMS SAF client producers, try introducing a small delay between
the creation of each new client.
11.15.3 Multi-byte Characters are not Supported in Store File and Directory Names
There is no support for multi-byte characters in WebLogic Store file and directory
names. For instance, when the WebLogic Server name has multi-byte characters, the
default store cannot be created, and WebLogic Server will not boot.
Workaround
Create WebLogic Server instances without multi-byte characters in the path name and
use that path name for the default store configuration. Do not use multi-byte
characters in the Weblogic Server name.
11.15.4 Generation of the Default UOO Name Has Changed
WebLogic Server 10.3.4 contains a fix for configurations that set a default unit-of-order
(UOO) on a JMS regular destination, distributed destination, or template. This fix
ensures that the default unit-of-order name stays the same even after a restart of the
destination's host JMS server. The default UOO name is now based on the domain,
JMS server, and destination names.
11.15.5 Testing Abrupt Failures of WebLogic Server When Using File Stores on NFS
Oracle strongly recommends verifying the behavior of a server restart after abrupt
machine failures when the JMS messages and transaction logs are stored on an NFS
mounted directory. Depending on the NFS implementation, different issues can arise
post failover/restart. For more information, see Section 6.3, "Testing Abrupt Failures
of WebLogic Server When Using File Stores on NFS."
11.15.6 JMS Message Consumers Will Not Always Reconnect After a Service Migration
JMS message consumers will not always reconnect after a service migration when an
application's WLConnection.getReconnectPolicy() attribute is set to all. If the
consumers do not get migrated, either an exception is thrown or onException will
occur to inform the application that the consumer is no longer valid.
Workaround
The application can refresh the consumer either in the exception handler or through
onException.
11.15.7 Forcing Unicast Messages To Be Processed in Order
Certain conditions can cause very frequent JNDI updates, and as a result, JMS
subscribers may encounter a java.naming.NameNotFoundException. For more
information, see Section 11.7.5, "Forcing Unicast Messages To Be Processed in Order."
Oracle WebLogic Server
11-23
JNDI Issues and Workarounds
11.16 JNDI Issues and Workarounds
There are no known JNDI issues in this release of WebLogic Server.
11.17 JSP and Servlet Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
Section 11.17.1, "Deployment Plans Cannot Be Used To Override Two Descriptors"
Section 11.17.2, "Spring Dependency Injection Not Supported on JSP Tag
Handlers"
Section 11.17.3, "503 Error When Accessing an Application With a Valid sessionid"
11.17.1 Deployment Plans Cannot Be Used To Override Two Descriptors
Deployment plans cannot be used to override the following two descriptors during
deployment of a Web application or a Web module:
WEB-INF/classes/META-INF/persistence.xml and
WEB-INF/classes/META-INF/persistence-configuration.xml. Deployment plans can
otherwise be used to override any descriptor.
Workaround
Package WEB-INF/classes/META-INF/persistence.xml and
WEB-INF/classes/META-INF/persistence-configuration.xml (if present) along with
related class files into a JAR file. The JAR file must then be placed in the WEB-INF/lib
directory of the Web application or Web module. A deployment plan can be used to
override the two descriptors in such a JAR file.
11.17.2 Spring Dependency Injection Not Supported on JSP Tag Handlers
With the Spring extension model enabled, WebLogic Server 10.3 or later does not
support Spring Dependency Injection (DI) on JSP tag handlers for performance
reasons.
Currently, WebLogic Server supports Spring DI on most Web components, for
example, servlets, filters and listeners. Spring DI is not, however, presently supported
on JSP tag handlers for performance reasons.
11.17.3 503 Error When Accessing an Application With a Valid sessionid
When a session is persistent and an older version of a servlet context is retired,
accessing the application with a valid sessionid will cause a 503 error.
For example, the session-persistent type of a versioned Web application is 'file'. A user
can access the application successfully. Later, version 2 of the application is
redeployed and version 1 is retired. If the same user accesses the application, they will
get a 503 error.
11.18 JTA Issues and Workarounds
There are no known JTA issues in this release of WebLogic Server.
11.19 Java Virtual Machine (JVM) Issues and Workarounds
This section describes the following issues and workarounds:
11-24 Oracle Fusion Middleware Release Notes
Monitoring Issues and Workarounds
■
Section 11.19.1, "1.4 Thin Client Applet Cannot Contact WebLogic Server"
■
Section 11.19.2, "Using AWT libraries May Cause a JVM Crash"
11.19.1 1.4 Thin Client Applet Cannot Contact WebLogic Server
Due to a known Sun Microsystems VM bug (513552), a 1.4 Thin Client Applet cannot
contact WebLogic Server 9.0 or later. This is because the VM does not distinguish
correctly between a client and a server connection. The VM creates a server-type
connection and caches it. It then attempts to make a client-type connection, finds the
cached connection and tries to use that, but then encounters an error because clients
are not allowed to use server connections.
11.19.2 Using AWT libraries May Cause a JVM Crash
You might encounter a JVM crash when using GUI libraries such as AWT or
javax.swing (which often delegates to AWT).
Workaround
Start the server using the following flag:
-Djava.awt.headless=true
11.20 Monitoring Issues and Workarounds
This section describes the following issue and workaround:
■
■
■
■
Section 11.20.1, "MBean Attributes Not Explicitly Marked as @unharvestable
Appear as Harvestable"
Section 11.20.2, "The BEA Prefix in Message IDs Will Be Changed in a Future
Release"
Section 11.20.3, "Events Generated By the JVM Level Are Not Generated at Low
Volume"
Section 11.20.4, "WLDF Performance Issues Can Occur When JVM Events Are
Enabled"
11.20.1 MBean Attributes Not Explicitly Marked as @unharvestable Appear as
Harvestable
The @unharvestable tag is not being honored at the interface level. If MBean
attributes are not explicitly marked as @unharvestable, they are considered to be
harvestable and will appear as harvestable in the WebLogic Administration Console.
Workaround
You can explicitly mark MBean attributes as @unharvestable.
11.20.2 The BEA Prefix in Message IDs Will Be Changed in a Future Release
In an upcoming release of WebLogic Server, the current default prefix for catalog and
non-catalog Message IDs will be changed from the current BEA prefix to WL.
Workaround
You should be prepared for this future change. In the interim, here are some
guidelines to consider:
Oracle WebLogic Server
11-25
Node Manager Issues and Workarounds
■
Avoid depending on BEA for Message ID prefixes in scripts, filter expressions, etc.
■
For log messages such as the following:
<Jan 30, 2009 12:51:49 AM CST> <Notice> <WebLogicServer> <BEA-000365>
<Server state changed to STARTING>
it is better for you to filter on 000365 and not on the BEA prefix itself.
■
Your log parsing scripts should be updated to look for both BEA and WL, instead
of filtering only on BEA.
11.20.3 Events Generated By the JVM Level Are Not Generated at Low Volume
In WebLogic Server 10.3.3, the default WLDF diagnostic volume setting was Off. As of
WebLogic Server 10.3.4, the default diagnostic volume setting is Low Volume, and
events generated by the JVM level are not being generated at the Low Volume setting
in WebLogic Server 10.3.4 (JVM-level events were generated at the Low Volume
setting in WebLogic Server 10.3.3). The JVM-level events are still generated at the High
Volume and Medium Volume settings in WebLogic Server 10.3.4.
Workaround
Use one of the following workarounds to cause the JVM-level events to be generated:
■
■
Increase the WLDF diagnostic volume to the Medium or High level.
Use JRMC, JRCMD, or the JRockit command line settings to activate a separate
flight recording in the WebLogic Server instance. By doing so, JVM will cause JVM
events to be present at all WLDF diagnostic volume settings (Off, Low, Medium,
and High).
11.20.4 WLDF Performance Issues Can Occur When JVM Events Are Enabled
When JVM events are enabled, WLDF performances issues may occur in the following
situations:
■
■
If there are no other JRockit flight recordings enabled, performance can degrade
when the WLDF diagnostic volume is set to Medium or High level.
If other JRockit flight recordings are enabled, performance can degrade at all
WLDF diagnostic volume levels (Off, Low, Medium, and High).
11.21 Node Manager Issues and Workarounds
There are no known Node Manager issues in this release of WebLogic Server.
11.22 Operations, Administration, and Management Issues and
Workarounds
There are no known Operations, Administration, and Management issues in this
release of WebLogic Server.
11.23 Oracle Kodo Issues and Workarounds
There are no known Oracle Kodo issues in this release of WebLogic Server.
11-26 Oracle Fusion Middleware Release Notes
Security Issues and Workarounds
11.24 Protocols Issues and Workarounds
There are no known Protocols issues in this release of WebLogic Server.
11.25 RMI-IIOP Issues and Workarounds
This section describes the following issue and workaround:
■
Section 11.25.1, "Ant 1.7 rmic Task Incompatibility"
11.25.1 Ant 1.7 rmic Task Incompatibility
Calls to the Ant version 1.7 rmic task automatically add a -vcompat flag, which is
not compatible with rmic for Oracle WebLogic Server.
Workaround
Use either of the following workarounds if your rmic call is of the form:
rmic classname="com.bea.crmsimulation.legacyra.LegacyAdapter"
base="${module_location}/core-legacy-ra/classes"
classpath="${core.classes}" compiler="weblogic" />
■
Add a stubversion
<rmic classname="com.bea.crmsimulation.legacyra.LegacyAdapter"
base="${module_location}/core-legacy-ra/classes"
classpath="${core.classes}" compiler="weblogic"
stubversion="1.2"/>
■
Remove the compiler flag
<rmic classname="com.bea.crmsimulation.legacyra.LegacyAdapter"
base="${module_location}/core-legacy-ra/classes"
classpath="${core.classes}"
11.26 Security Issues and Workarounds
This section describes the following issues and workarounds:
■
Section 11.26.1, "StoreBootIdentity Works Only if the Appropriate Server Security
Directory Exists"
■
Section 11.26.2, "Boot Time Failure Occurs With SecurityServiceException"
■
Section 11.26.3, "Authentication Failure After Upgrading a Domain From WLS 6.1"
■
Section 11.26.4, "InvalidParameterException Message Generated and Displayed"
■
■
Section 11.26.5, "Enabling Both the Authentication and Passive Attributes In SML
2.0 Service Provider Services Is an Invalid Configuration"
Section 11.26.6, "Running the WebLogic Full Client in a Non-Forked VM"
11.26.1 StoreBootIdentity Works Only if the Appropriate Server Security Directory
Exists
The option -Dweblogic.system.StoreBootIdentity works only if the
appropriate server security directory exists. This directory is usually created by the
Configuration Wizard or upgrade tool.
Oracle WebLogic Server
11-27
Security Issues and Workarounds
However, the appropriate server security directory could be absent in domains
checked into source-control systems.
11.26.2 Boot Time Failure Occurs With SecurityServiceException
A WebLogic Server instance can experience a boot time failure with a
SecurityServiceException when the RDBMS Security Data Store is configured
for a DB2 database using the DB2 driver supplied with WebLogic Server.
Workaround
When RDBMS Security Data Store is using the AlternateId connection property for
a DB2 database, you must also set the additional property
BatchPerformanceWorkaround as true when using the DB2 driver supplied with
WebLogic Server.
11.26.3 Authentication Failure After Upgrading a Domain From WLS 6.1
After upgrading a domain from WLS 6.1, the WebLogic Server instance will not boot
due to an authentication failure.
Workaround
A system user password must be set up in the WLS 6.1 domain before or after the
upgrade process in order for the WebLogic Server instance to boot properly.
11.26.4 InvalidParameterException Message Generated and Displayed
After you configure either the Identity Provider or Service Provider services for SAML
2.0 and attempt to publish the SAML 2.0 services metadata file, an
InvalidParameterException message may be generated and displayed in the
Administration Console.
Workaround
When configuring the SAML 2.0 federation services for a WebLogic Server instance, be
sure to enable all binding types that are available for the SAML role being configured.
For example, when configuring SAML 2.0 Identity Provider services, you should
enable the POST, Redirect, and Artifact bindings. When configuring SAML 2.0 Service
Provider services, enable the POST and Artifact bindings. Optionally, you may choose
a preferred binding.
11.26.5 Enabling Both the Authentication and Passive Attributes In SML 2.0 Service
Provider Services Is an Invalid Configuration
When configuring SAML 2.0 Service Provider services, enabling both the Force
Authentication and Passive attributes is an invalid configuration that WebLogic Server
is unable to detect. If both these attributes are enabled, and an unauthenticated user
attempts to access a resource that is hosted at the Service Provider site, an exception is
generated and the single sign-on session fails.
Note that the Force Authentication attribute has no effect because SAML logout is not
supported in WebLogic Server. So even if the user is already authenticated at the
Identity Provider site and Force Authentication is enabled, the user is not forced to
authenticate again at the Identity Provider site.
Avoid enabling both these attributes.
11-28 Oracle Fusion Middleware Release Notes
Spring Framework on WebLogic Server Issues and Workarounds
11.26.6 Running the WebLogic Full Client in a Non-Forked VM
If the WebLogic Full Client is running in a non-forked VM, for example by means of a
<java> task invoked from an Ant script without the fork=true attribute, the
following error might be generated:
java.lang.SecurityException: The provider self-integrity check
failed.
This error is caused by the self-integrity check that is automatically performed when
the RSA Crypto-J library is loaded. (The Crypto-J library, cryptoj.jar, is in the
wlfullclient.jar manifest classpath.)
This self-integrity check failure occurs when the client is started in a non-forked VM
and it uses the Crypto-J API, either directly or indirectly, as in the following situations:
■
■
The client invokes the Crypto-J library directly.
The client attempts to make a T3S connection, which triggers the underlying client
SSL implementation to invoke the Crypto-J API.
When the self-integrity check fails, further invocations of the Crypto-J API fail.
Workaround
When running the full client in a <java> task that is invoked from an Ant script,
always set the fork attribute to true.
For more information about the self-integrity check, see "How a Provider Can Do
Self-Integrity Checking" in How to Implement a Provider in the Java™ Cryptography
Architecture, available at the following URL:
http://download.oracle.com/javase/6/docs/technotes/guides/securi
ty/crypto/HowToImplAProvider.html#integritycheck
11.27 SNMP Issues and Workarounds
There are no known SNMP issues in this release of WebLogic Server.
11.28 Spring Framework on WebLogic Server Issues and Workarounds
This section describes the following issues and workarounds:
■
■
Section 11.28.1, "OpenJPA ClassFileTranformer Does Not Work When Running on
JRockit"
Section 11.28.2, "petclinic.ear Does Not Deploy on WebLogic Server"
11.28.1 OpenJPA ClassFileTranformer Does Not Work When Running on JRockit
The OpenJPA ClassFileTranformer does not work when running WebLogic
Server on JRockit.
Workaround
Use an alternative method of applying enhancements at build time through an
OpenJPA enhancer compiler; do not use the LoadTimeWeaver.
Oracle WebLogic Server
11-29
System Component Architecture (SCA) Issues and Workarounds
11.28.2 petclinic.ear Does Not Deploy on WebLogic Server
For the SpringSource petclinic sample, the petclinic.war deploys without any
problems. The petclinic.ear will not deploy on WebLogic Server because it is not
packaged correctly. A request has been sent to SpringSource to fix the
petclinic.ear packaging.
11.29 System Component Architecture (SCA) Issues and Workarounds
There are no known SCA issues in this release of WebLogic Server.
11.30 Upgrade Issues and Workarounds
This section describes the following issue:
■
Section 11.30.1, "Domains Created on WebLogic Server 10.3.1 Cannot Be Run on
WebLogic Server 10.3"
11.30.1 Domains Created on WebLogic Server 10.3.1 Cannot Be Run on WebLogic
Server 10.3
If you create a domain using WebLogic Server 10.3.1, then roll back to WebLogic
Server 10.3, you will not be able to start the servers that you created in that domain.
This is a known restriction, as the config.xml file contains references to newer
schema definitions (xmlns.oracle.com) that did not exist in WebLogic Server 10.3.
11.31 Web Applications Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
■
Section 11.31.1, "Administration Console Fails to Implement session-timeout
Changes"
Section 11.31.2, "Connection Pool Connection Reserve Timeout Seconds Value is
Overridden"
Section 11.31.3, "Database Connections Become Unstable When a
PoolLimitSQLException Occurs"
Section 11.31.4, "Web Page Fails to Open When Accessing It Using the SSL Port"
11.31.1 Administration Console Fails to Implement session-timeout Changes
If the session-timeout is configured in the web.xml file, any changes made to
change the session-timeout using the Administration Console do not take effect.
Workaround
Use a deployment plan to override the session-timeout setting.
11.31.2 Connection Pool Connection Reserve Timeout Seconds Value is Overridden
When using a JDBC session, the value of Connection Reserve Timeout Seconds for a
connection pool is changed to be one of the following:
■
■
the JDBC connection timeout seconds, which is defined in the session descriptor
(either in weblogic.xml or weblogic-application.xml)
the default value of 120 seconds
11-30 Oracle Fusion Middleware Release Notes
Web Applications Issues and Workarounds
Workaround
Configure jdbc-connection-timeout-secs in the session descriptor.
11.31.3 Database Connections Become Unstable When a PoolLimitSQLException
Occurs
When a PoolLimitSQLException occurs during a JDBC persistence session,
connections to the database become unstable, and may fail with recovery or fail
without recovery. This results in the loss of session data. Either an older session or null
is returned.
11.31.4 Web Page Fails to Open When Accessing It Using the SSL Port
When accessing a Web page using the SSL port, the page fails to open and the
following error is reported:
Secure Connection Failed
An error occurred during a connection to <hostname>.
You have received an invalid certificate. Please contact the server
administrator or email correspondent and give them the following information:
Your certificate contains the same serial number as another certificate
issued by the certificate authority. Please get a new certificate containing a
unique serial number.
Workaround
The following workaround can be used for Firefox.
If you have received this error and are trying to access a web page that has a
self-signed certificate, perform the following steps in Firefox:
1.
Go to Tools > Options >Advanced > Encryption tab > View Certificates.
2.
On the Servers tab, remove the certificates.
3.
On the Authorities tab, find the Certificate Authority (CA) for the security device
that is causing the issue, and then delete it.
If you are using Internet Explorer or other web browsers, you can ignore the Warning
page that appears and continue to the web page.
11.31.5 Unable to View the Output of SVG files in Internet Explorer 7
When a page using Scalar Vector Graphics is deployed and is then accessed using
Internet Explorer 7 (IE7), the source is displayed instead of the page's graphic contents.
This occurs in both normal and osjp.next modes.
Workaround
Application developers should avoid using SVG graphics in their applications, as it is
not natively supported in IE7. If used, a warning similar to the following should be
added:
All current browsers, with the exception of Internet Explorer, support SVG
files. Internet Explorer requires a plug-in to display SVG files. The plug-ins
are available for free, for example, the Adobe SVG Viewer at
http://www.adobe.com/svg/viewer/install/.
Oracle WebLogic Server
11-31
WebLogic Server Scripting Tool (WLST) Issues and Workarounds
11.32 WebLogic Server Scripting Tool (WLST) Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
Section 11.32.1, "Property Names Containing '.' Characters Are Not Supported by
loadProperties"
Section 11.32.2, "Invalid cachedir Created by Jython Causes WLST to Error Out"
Section 11.32.3, "WLST returnType='a' Option Returns Child Management
Objects"
11.32.1 Property Names Containing '.' Characters Are Not Supported by loadProperties
The WLST loadProperties command does not support loading a property with a
name that contains "." characters. For example, if the property myapp.db.default is
present in the property file, WLST throws a name exception:
Problem invoking WLST - Traceback (innermost last):
File "<iostream>", line 7, in ?
File "<iostream>", line 4, in readCustomProperty
NameError: myapp
This is a system limitation of Python and the loadProperties command. WLST
reads the variable names and values and sets them as variables in the Python
interpreter. The Python interpreter uses "." as a delimiter to indicate module scoping
for the namespace, or package naming, or both. Therefore, the properties file fails
because myapp.db.default.version=9i is expected to be in the
myapp.db.default package. This package does not exist.
Workaround
Use variable names that do not have periods. This will allow you to load the variables
from the property file and refer to them in WLST scripts. You could use another
character such as "_" or lowercase/uppercase character to delimit the namespace.
As an alternative, you can set variables from a properties files. When you use the
variables in your script, during execution, the variables are replaced with the actual
values from the properties file. For example:
myapp.py
var1=10
var2=20
import myapp
print myapp.var1
10
print myapp.var2
20
This will work for one level of namespaces (myapp.var1, myapp.var2). It will not
work for top level variables that share the same name as the namespace (for example,
myapp=oracle and myapp.var1=10). Setting the myapp variable will override the
myapp namespace.
If you need multiple levels, then you can define a package namespace using
directories. Create a myapp/db/default directory with a vars.py file as follows:
var1=10
var2=20
Then import:
11-32 Oracle Fusion Middleware Release Notes
Web Server Plug-Ins Issues and Workarounds
import myapp.db.default.vars
print myapp.db.default.vars.var1
10
You may need to add __init__.py files to the subdirectories. Refer to the Python
documentation for more information on packages:
http://docs.python.org/tut/node8.html
11.32.2 Invalid cachedir Created by Jython Causes WLST to Error Out
The default cachedir created by Jython 2.2 is not a valid directory. If you are using
Jython directly from weblogic.jar, this causes WLST to error out.
Workaround
There are two workarounds for this issue:
■
■
When invoking WLST, specify the -Dpython.cachedir=<valid_directory>
parameter, or
Install Jython 2.2.1 separately instead of using the partial Jython that is included in
weblogic.jar.
11.32.3 WLST returnType='a' Option Returns Child Management Objects
The WLST returnType='a' option should only return attributes from the specified
directory. Instead it also returns child management objects. For example:
ls('Server')
drwAdminServer
drwworker01
ls('Server', returnMap='true', returnType='a')
drwAdminServer
drwworker01
ls('Server', returnMap='true',returnType='c')
drwAdminServer
drwworker01
The ls with returnType='a' should not list any child management objects, but
AdminServer and worker01 are children.
Workaround
When processing the output from ls(returnType='a'), check to see if the returned
entry is a directory.
11.33 Web Server Plug-Ins Issues and Workarounds
This section describes the following issue:
■
Section 11.33.1, "MOD_WLS_OHS Does Not Fail Over"
11.33.1 MOD_WLS_OHS Does Not Fail Over
Currently, mod_wl and mod_wl_ohs only support container level failover and not
application level failover. mod_wl_ohs continues to route requests to a down
application as long as the managed server is up and running. In the clustered case,
Oracle WebLogic Server
11-33
Web Services and XML Issues and Workarounds
requests continue to go to the container where the original session started even when
the application is shutdown, typically resulting in the http error 404.
11.34 Web Services and XML Issues and Workarounds
This section describes the following issues and workarounds:
■
■
■
■
Section 11.34.1, "weblogic.wsee.jaxws.mdb.DispatchPolicy WorkManager Cannot
Be Found"
Section 11.34.2, "Multiple Resize Buffer Calls Occur"
Section 11.34.3, "Troubleshooting Problems When Applying the WebLogic
Advanced Web Services for JAX-WS Extension Template"
Section 11.34.4, "Sparse Arrays and Partially Transmitted Arrays Are Not
Supported"
■
Section 11.34.5, "WSDL Compiler Does Not Generate Serializable Data Types"
■
Section 11.34.6, "Use of Custom Exception on a Callback"
■
Section 11.34.7, "Cannot Use JMS Transport in an Environment That Also Uses a
Proxy Server"
■
Section 11.34.8, "clientgen Fails When Processing a WSDL"
■
Section 11.34.9, "JAX RPC Handlers in Callback Web Services Are Not Supported"
■
■
■
■
■
■
■
■
■
■
■
■
■
Section 11.34.10, "Message-level Security in Callback Web Services Is Not
Supported"
Section 11.34.11, "Handling of Java Method Arguments or Return Parameters That
Are JAX-RPC-style JavaBeans"
Section 11.34.12, "IllegalArgumentException When Using a Two-Dimensional
XML Object in a JWS Callback"
Section 11.34.13, "Using SoapElement[] Results in Empty Array"
Section 11.34.14, "FileNotFound Exception When a Web Service Invokes Another
Web Service"
Section 11.34.15, "Client Side Fails to Validate the Signature on the Server
Response Message"
Section 11.34.16, "xmlcatalog Element Entity Cannot Be a Remote File or a File in
an Archive"
Section 11.34.17, "Catalog File's public Element Is Not Supported When Using
XML Catalogs"
Section 11.34.18, "Local xmlcatalog Element Does Not Work Well"
Section 11.34.19, "JAXRPC Client Does Not Encode the HTTP SOAPAction Header
With Multi-byte Characters"
Section 11.34.20, "External Catalog File Cannot Be Used in the xmlcatalog Element
of clientgen"
Section 11.34.21, "Exceptions When Running Reliable Messaging Under Heavy
Load"
Section 11.34.22, "ClassNotFound Exception Occurs When Using wseeclient.jar"
11-34 Oracle Fusion Middleware Release Notes
Web Services and XML Issues and Workarounds
■
■
■
■
■
■
Section 11.34.23, "Incomplete Configuration When Adding Advanced Web
Services Component to SOA Domain"
Section 11.34.24, "Exception Occurs During Invocation of Clientside Policy
Applied to a Service"
Section 11.34.25, "WS-AT Interoperation Issues With WebSphere and WebLogic
Server"
Section 11.34.26, "First Response From an SCA Application Takes a Long Time"
Section 11.34.27, "WsrmClient.getMostRecentMessageNumber() Always Returns
Zero"
Section 11.34.28, "WsrmClient.reset() Fails to Reset All Necessary States"
11.34.1 weblogic.wsee.jaxws.mdb.DispatchPolicy WorkManager Cannot Be Found
In some situations, warning messages are logged indicating that the
weblogic.wsee.jaxws.mdb.DispatchPolicy WorkManager cannot be found, although
this WorkManager is targeted to one or more of the Managed Servers in the domain.
Workaround
Use one of the following workarounds to resolve this issue.
■
■
To prevent these warning messages, start the WebLogic Server instance with the
-Dweblogic.wsee.skip.async.response=true flag. See Programming
Advanced Features of JAX-RPC Web Services for Oracle WebLogic Server for more
information on this flag.
Manually target the weblogic.wsee.jaxws.mdb.DispatchPolicy
WorkManager to the Administration Server.
11.34.2 Multiple Resize Buffer Calls Occur
When executing Web services client calls where Message Transmission Optimization
Mechanism (MTOM) attachments are processed for send, multiple resize buffer calls
occur..
Workaround
There is a patch available to resolve this issue. This patch can be applied only to
WebLogic Server 10.3.4. It provides the system property
jaxws.transport.streaming, which enables or disables streaming at the
transport layer for a Web services client. Set this property to true for CPU-intensive
applications that are running on a WebLogic Server instance that is participating in
Web services interactions as a client, and is sending out large messages.
To obtain the patch, do one of the following:
■
■
Contact My Oracle Support and request the patch for bug 9956275, or
Download the patch from My Oracle Support and install it using Smart Update
per the instructions in the following My Oracle Support document:
1302053.1
Search for Oracle patch number 9956275 or Smart Update patch 7Z5H.
Oracle WebLogic Server
11-35
Web Services and XML Issues and Workarounds
11.34.3 Troubleshooting Problems When Applying the WebLogic Advanced Web
Services for JAX-WS Extension Template
After upgrading from WebLogic Server 10.3.4 to 10.3.5, when creating or extending a
domain using the WebLogic Advanced Web Services for JAX-WS Extension template
(wls_webservices_jaxws.jar), you may encounter an exception during the
execution of the final.py script. For complete details and a workaround, see
"Troubleshooting Problems When Applying the WebLogic Advanced Services for
JAX-WS Extension Template" in Getting Started With JAX-WS Web Services for Oracle
WebLogic Server.
11.34.4 Sparse Arrays and Partially Transmitted Arrays Are Not Supported
WebLogic Server does not support Sparse Arrays and Partially Transmitted Arrays as
required by the JAX-RPC 1.1 Spec.
11.34.5 WSDL Compiler Does Not Generate Serializable Data Types
The Web Service Description Language (WSDL) compiler does not generate
serializable data types, so data cannot be passed to remote EJBs or stored in a JMS
destination.
11.34.6 Use of Custom Exception on a Callback
WebLogic Server does not support using a custom exception on a callback that has a
package that does not match the target namespace of the parent Web Service.
Workaround
Make sure that any custom exceptions that are used in callbacks are in a package that
matches the target namespace of the parent Web service.
11.34.7 Cannot Use JMS Transport in an Environment That Also Uses a Proxy Server
You cannot use JMS transport in an environment that also uses a proxy server. This is
because, in the case of JMS transport, the Web Service client always uses the t3
protocol to connect to the Web Service, and proxy servers accept only HTTP/HTTPS.
11.34.8 clientgen Fails When Processing a WSDL
clientgen fails when processing a WSDL that uses the complex type
http://www.w3.org/2001/XMLSchema{schema} as a Web Service parameter.
11.34.9 JAX RPC Handlers in Callback Web Services Are Not Supported
WebLogic Server 9.2 and later does not support JAX RPC handlers in callback Web
Services.
Workaround
If JAX RPC handlers were used with Web Services created with WebLogic Workshop
8.1, then such applications must be redesigned so that they do not use callback handler
functionality.
11-36 Oracle Fusion Middleware Release Notes
Web Services and XML Issues and Workarounds
11.34.10 Message-level Security in Callback Web Services Is Not Supported
WebLogic Server 9.2 and later does not support message-level security in callback
Web Services.
Workaround
Web Services created with WebLogic Workshop 8.1 that used WS-Security must be
redesigned to not use message-level security in callbacks.
11.34.11 Handling of Java Method Arguments or Return Parameters That Are
JAX-RPC-style JavaBeans
WebLogic Server does not support handling of Java method arguments or return
parameters that are JAX-RPC-style JavaBeans that contain an XmlBean property. For
example, applications cannot have a method with a signature like this:
void myMethod(myJavaBean bean);
where myJavaBean class is like:
public class MyJavaBean {
private String stringProperty;
private XmlObject xmlObjectProperty;
public MyJavaBean() {}
String getStringProperty() {
return stringProperty;
}
void
setStringProperty(String s) {
stringProperty = s;
}
XmlObject getXmlObjectProperty() {
return xmlObjectProperty;
}
void
getXmlObjectProperty(XmlObject x) {
xmlObjectProperty = x;
}
}
Workaround
Currently there is no known workaround for this issue.
11.34.12 IllegalArgumentException When Using a Two-Dimensional XML Object in a
JWS Callback
Using a two dimensional XmlObject parameter (XmlObject[][]) in a JWS callback
produces an IllegalArgumentException.
Workaround
Currently there is no known workaround for this issue.
11.34.13 Using SoapElement[] Results in Empty Array
Using SoapElement[] as a Web Service parameter with
@WildcardBinding(className="javax.xml.soap.SOAPElement[]",
binding=WildcardParticle.ANYTYPE) will always result in an empty array on
the client.
Oracle WebLogic Server
11-37
Web Services and XML Issues and Workarounds
Workaround
Do not use the @WildcardBinding annotation to change the default binding of
SOAPElement[] to WildcardParticle.ANYTYPE. The SOAPElement[] default
binding is set to WildcardParticle.ANY.
11.34.14 FileNotFound Exception When a Web Service Invokes Another Web Service
When Web Service A wants to invoke Web Service B, Web Service A should use the
@ServiceClient annotation to do this. If Web Service B needs a custom policy file
that is not attached to the WSDL for Web Service B, then Web Service A will fail to
run. Web Service A will look for the policy file at
/Web-Inf/classes/policies/filename.xml. Since no policy file exists at that
location, WebLogic Server will throw a 'file not found' exception.
Workaround
Attach the custom policy file to Web Service B, as in this example:
@Policy(uri="CustomPolicy.xml",
attachToWsdl=true)
public class B {
...
}
11.34.15 Client Side Fails to Validate the Signature on the Server Response Message
When the security policy has one of these Token Assertions, the client side may fail to
validate the signature on the server response message.
<sp:WssX509PkiPathV1Token11/>
<sp:WssX509Pkcs7Token11/>
<sp:WssX509PkiPathV1Token10/>
<sp:WssX509Pkcs7Token10/>
In addition, when there are more than two certifications in the chain for X509
certification for <sp:WssX509Pkcs7Token11/> or <sp:WssX509Pkcs7Token10/> Token
Assertion, the server side may fail to validate the signature on the incoming message.
A policy such as the following policy is not supported, unless the entire certificate
chain remains on the client side.
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken='. . ./IncludeToken/AlwaysToRecipient'>
<wsp:Policy>
<sp:WssX509Pkcs7Token11/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='. . ./IncludeToken/Never'>
<wsp:Policy>
<sp:WssX509Pkcs7Token11/>
</wsp:Policy>
11-38 Oracle Fusion Middleware Release Notes
Web Services and XML Issues and Workarounds
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
. . .
</wsp:Policy>
</sp:AsymmetricBinding>
Workaround
Use either of the following two solutions:
1.
Configure the response with the <sp:WssX509V3Token10/> Token Assertion,
instead of WssX509PkiPathV1Token11/>. The policy will look like this:
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='. . ./IncludeToken/AlwaysToRecipient'>
<wsp:Policy>
WssX509PkiPathV1Token11/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy> sp:IncludeToken='. . ./IncludeToken/Never'>
<sp:X509Token
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
. . .
</wsp:Policy>
</sp:AsymmetricBinding>
2.
Configure the response with the WssX509PkiPathV1Token11/> token
assertion, but include it in the message. The policy will look like this:
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='. . ./IncludeToken/AlwaysToRecipient'>
<wsp:Policy>
WssX509PkiPathV1Token11/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='. . ./IncludeToken/AlwaysToInitiator'>
<wsp:Policy>
WssX509PkiPathV1Token11/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
. . .
Oracle WebLogic Server
11-39
Web Services and XML Issues and Workarounds
</wsp:Policy>
</sp:AsymmetricBinding>
When there are multiple certifications in the X509 Certificate chain,
WssX509PkiPathV1Token11/> or <sp:WssX509PkiPathV1Token10/> should
be used, instead of <sp:WssX509Pkcs7Token11/> or
<sp:WssX509Pkcs7Token10/>.
11.34.16 xmlcatalog Element Entity Cannot Be a Remote File or a File in an Archive
For the xmlcatalog element in build.xml, the location of an entity must be a file on
the local file system. It cannot be a remote file (for example, http:) or a file in an
archive (for example, jar:).
Workaround
If necessary, define the remote element as an entity in a catalog file instead.
11.34.17 Catalog File's public Element Is Not Supported When Using XML Catalogs
The public element in a catalog file is not supported when using the XML Catalogs
feature. It is not supported to be consistent with JAX-WS EntityResolver
implementation. WebLogic Server only supports defining the system element in a
catalog file.
11.34.18 Local xmlcatalog Element Does Not Work Well
The local xmlcatalog element does not work well due to an Ant limitation.
Workaround
In the ant build.xml file, you have to define a local element above a
clientgen(wsdlc) task when you are in the same target, or define the element out
of any targets.
11.34.19 JAXRPC Client Does Not Encode the HTTP SOAPAction Header With
Multi-byte Characters
The WebLogic Server Web Service JAXRPC client doesn't encode the HTTP
SOAPAction header with multi-byte characters, but WebLogic Server only supports
ASCII for HTTP headers.
Workaround
Change the SOAP action to ASCII in the WSDL.
11.34.20 External Catalog File Cannot Be Used in the xmlcatalog Element of clientgen
An external catalog file cannot be used in the xmlcatalog element of a clientgen
task. For example, this snippet of an ant build file will not work:
<clientgen ...
<xmlcatalog>
<catalogpath>
<pathelement location='wsdlcatalog.xml'/>
</catalogpath>
</xmlcatalog>
11-40 Oracle Fusion Middleware Release Notes
Web Services and XML Issues and Workarounds
This is a limitation of the Ant XML Catalog.
Workaround
Resource locations can be specified either in-line or in an external catalog file(s), or
both. In order to use an external catalog file, the xml-commons resolver library
(resolver.jar) must be in your classpath. External catalog files may be either plain
text format or XML format. If the xml-commons resolver library is not found in the
classpath, external catalog files, specified in <catalogpath> paths, will be ignored
and a warning will be logged. In this case, however, processing of inline entries will
proceed normally.
Currently, only <dtd> and <entity> elements may be specified inline. These
correspond to the OASIS catalog entry types PUBLIC and URI respectively.
11.34.21 Exceptions When Running Reliable Messaging Under Heavy Load
When running a Web services reliable messaging scenario under heavy load with file
based storage that has the Direct-Write synchronous write policy setting, you may
encounter IO exceptions similar to the following in the WebLogic Server log:
weblogic.store.PersistentStoreRuntimeException: [Store:280029]The
persistent store record <number> could not be found
or
Could not load conversation with id uuid:<some ID> -> Conversation read
failed:
...
weblogic.wsee.jws.conversation.StoreException:
Conversation read failed: id=uuid:<some ID>
weblogic.store.PersistentStoreException: [Store:280052]The
persistent store was not able to read a record.
java.io.OptionalDataException
These exceptions are known to occur only when using Web Services reliable
messaging. They indicate a failure to read a record from the file store and are
considered 'fatal' data access errors.
The underlying issue causing these errors will be addressed in a future release.
Workaround
The following workarounds are available for this issue:
■
Change the file store synchronous write policy to Direct-Write-With-Cache
or
■
Change the file store synchronous write policy to Cache-Flush.
or
■
Keep the Direct-Write synchronous write policy and add the following Java
system property to your WebLogic server startup scripts:
-Dweblogic.store.AvoidDirectIO=true
Oracle WebLogic Server
11-41
Web Services and XML Issues and Workarounds
Note: The -Dweblogic.store.AvoidDirectIO system property
has been deprecated in WebLogic Server 10.3.4. Oracle recommends
configuring the store synchronous write policy to
Direct-Write-With-Cache instead.
The Direct-Write-With-Cache option may improve performance; it creates
additional files in the operating system's temporary directory by default.
The Cache-Flush and AvoidDirectIO workarounds may lead to some
performance degradation; it may be possible to reduce or eliminate the degradation by
configuring a different block-size for the file store.
For important information about these settings and additional options, see "Tuning
File Stores" in Oracle Fusion Middleware Performance and Tuning for Oracle WebLogic
Server.
11.34.22 ClassNotFound Exception Occurs When Using wseeclient.jar
Stand-alone JAX-WS clients are not supported in this release.
Workaround
Use the client-side JAX-WS 2.1 that is integrated with the Java Standard Edition
Release 6 (JDK 1.6), Update 4 and later. This requires using the JAX-WS API instead of
any WebLogic Server specific APIS.
Current releases of JDK 1.6 are available for download at
http://java.sun.com/javase/downloads/index.jsp. For information about
writing a standalone JAX WS 2.1 client application, see the JAX-WS Users Guide on the
JAX-WS 2.1 Reference Implementation Web site at
https://jax-ws.dev.java.net/.
11.34.23 Incomplete Configuration When Adding Advanced Web Services Component
to SOA Domain
An incomplete configuration can result when you use the Configuration Wizard to
add the WebLogic Server Advanced Web Services component to a newly created SOA
domain. If you create a cluster that contains only the default 'out-of-the-box' soa_
server1 server definition, the resulting cluster does not include the resources needed to
run WebLogic Server Web Services in that cluster.
Workaround
Use either of the following workarounds for this issue:
1.
2.
While running Configuration Wizard, create a second server in the cluster:
a.
On the Select Optional Configuration screen, select Managed Servers,
Clusters, and Machines.
b.
On the Configure Managed Servers screen, add a managed server.
c.
On the Assign Servers to Clusters screen, add this server to the cluster in
which the default soa_server1 server resides.
On the Configuration Wizard Target Services to Servers or Clusters screen,
target Web Services resources (for example, WseeJmsServer, WseeJmsModule) to
the cluster.
11-42 Oracle Fusion Middleware Release Notes
Web Services and XML Issues and Workarounds
Either of these workarounds will cause the Configuration Wizard to apply the
resources for the WebLogic Server Advanced Web Services component to the cluster.
11.34.24 Exception Occurs During Invocation of Clientside Policy Applied to a Service
After upgrading from WebLogic Server 10.3.1 to WebLogic Server 10.3.2 or later, if the
value of the name attribute of @WebParam(header=true) is different from the Java
parameter name in the JWS method, a WSDL part name exception may occur.
Workaround
Run clientgen against the service to rebuild the client artifacts.
11.34.25 WS-AT Interoperation Issues With WebSphere and WebLogic Server
Web Services Atomic Transactions (WS-AT) 1.1 interoperation using WebSphere as the
client and either WebLogic Server or JRF as the service does not work.
WS-AT 1.1 interoperation does work when WebSphere is the service and either
WebLogic Server or JRF is the client. In this case, interoperation works only if you
have WebSphere 7 with Fix/Feature Pack 7.
11.34.26 First Response From an SCA Application Takes a Long Time
When a WebLogic Server SCA service and reference are packaged in the same SCA
application, and the very first request to the deployed application arrives together
with a large number of simultaneous requests, the very first response is delayed
significantly, sometimes for up to 10 minutes (depending on the actual volume).
Workaround
Use one of the following two workarounds to resolve this issue:
■
When SCA services and references are packaged in the same application, use local
wiring whenever possible. This can be done by specifying the default property
on the sca:reference, with a value equal to the name of the SCA service
declared in the same Spring context file. For example:
<sca:reference name="scareference" ...
default="scaservice">
You can use this workaround only when the service is in the
same composite (that is, same Spring context file) as the reference.
Note:
■
Package the services and references in different applications, and use
application-level Work Managers.
11.34.27 WsrmClient.getMostRecentMessageNumber() Always Returns Zero
The
weblogic.wsee.reliability2.api.WsrmClient.getMostRecentMessageNu
mber() method is intended to return the message number associated with the most
recent invocation on an RM-enabled client instance. This number should initially be 0,
after the first invocation should be 1, followed by 2, and so on.
Oracle WebLogic Server
11-43
WebLogic Tuxedo Connector Issues and Workarounds
11.34.28 WsrmClient.reset() Fails to Reset All Necessary States
The weblogic.wsee.reliability2.api.WsrmClient.reset() method, which
should clear any sequence context from a client instance (port or Dispatch) so that the
client instance can be reused without fear of referencing the old sequence, does not
clear the CLIENT_CURRENT_SEQUENCE_ID_PROP_NAME property from the client
instance's request context.
11.35 WebLogic Tuxedo Connector Issues and Workarounds
This section describes the following issue and workaround:
■
Section 11.35.1, "View Classes are not Set on a Per Connection Basis"
11.35.1 View Classes are not Set on a Per Connection Basis
View classes are not set on a per connection basis.
A shared WebLogic Tuxedo Connector hash table can cause unexpected behavior in
the server if two applications point to the same VIEW name with different definitions.
There should be a hash table for the view classes on the connection as well as for the
Resource section.
Workaround
Ensure that all VIEW classes defined across all your WebLogic Workshop applications
are consistent, meaning that you have the same VIEW name representing the same
VIEW class.
11.36 Documentation Errata
This section describes documentation errata:
■
■
■
Section 11.36.1, "Coherence Option Is Not Supported"
Section 11.36.2, "Japanese Text Displays in Some Search Results Topics Avitek
Medical Records"
Section 11.36.3, "HTML Pages For Downloaded Libraries Do Not Display
Properly"
■
Section 11.36.4, "Evaluation Database Component Is Not Listed For silent.xml"
■
Section 11.36.5, "Online Documentation URL Displays Earlier Version"
11.36.1 Coherence Option Is Not Supported
In the WebLogic Scripting Tool Command Reference, the nmKill, nmServerLog,
nmServerStatus, and nmstart commands list Coherence as a valid option for the
serverType argument. This serverType option is not supported for these
commands.
11.36.2 Japanese Text Displays in Some Search Results Topics Avitek Medical
Records
The samples viewer Search function may sometimes return topics that display the
Japanese and English versions of some Avitek Medical Records topics simultaneously.
11-44 Oracle Fusion Middleware Release Notes
Documentation Errata
11.36.3 HTML Pages For Downloaded Libraries Do Not Display Properly
After extracting the WebLogic Server documentation library ZIP files that are available
from
http://www.oracle.com/technetwork/middleware/weblogic/documentat
ion/index.html, the HTML pages may not display properly in some cases for the
following libraries:
■
E12840_01 (WebLogic Server 10.3.0 documentation library)
■
E12839_01 (Weblogic Server 10.3.1 documentation library)
■
E14571_01 (WebLogic Server 10.3.3 documentation library)
Workarounds
For library E12840-01, after extracting the E12840_01.zip library file, if the HTML
pages are not formatting correctly, perform the following steps:
1.
Go to the directory in which you extracted the zip file.
2.
Locate the /global_resources directory in the directory structure.
3.
Copy the /global_resources directory to the root directory of the same drive.
For libraries E12839-01 and E14571-01, this issue occurs only on Windows operating
systems. If the HTML pages of the extracted library are not formatting correctly, try
extracting the ZIP file using another extraction option in your unzip utility. For
example, if you are using 7-Zip to extract the files, select the Full pathnames option.
Note that you cannot use the Windows decompression utility to extract the library ZIP
file.
11.36.4 Evaluation Database Component Is Not Listed For silent.xml
In the WebLogic Server Installation Guides for WebLogic Server 10.3.3 and 10.3.4, the
Evaluation Database is not listed as an installable component in Table 5-1 of Chapter 5,
"Running the Installation Program in Silent Mode.:" The following entry should be
included in the Component Paths row:
WebLogic Server/Evaluation Database
The Evaluation Database component is automatically installed if the Server Examples
component is included in silent.xml. Therefore, it does not have to be explicitly
included in silent.xml. If, however, you do not install the Server Examples, but you
want to install the Evaluation Database, you must include WebLogic
Server/Evaluation Database in silent.xml.
11.36.5 Online Documentation URL Displays Earlier Version
In WebLogic Server 10.3.5, links to the online documentation from the Quick Start
menu, Start menu, Code Examples, and Sample Applications go to the WebLogic
Server 10.3.4 documentation library, http://download.oracle.com/docs/cd/E17904_
01/wls.htm.
Workaround
When accessing the online documentation, use this URL for the WebLogic Server
10.3.5 documentation library, http://download.oracle.com/docs/cd/E21764_
01/wls.htm.
Oracle WebLogic Server
11-45
Documentation Errata
11-46 Oracle Fusion Middleware Release Notes
Part V
Part V
Part V contains the following chapter:
■
Chapter 12, "Oracle WebCenter"
Oracle WebCenter
12
Oracle WebCenter
12
This chapter describes issues associated with Oracle WebCenter. It includes the
following topic:
■
Section 12.1, "General Issues and Workarounds"
12.1 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following
topics:
■
Section 12.1.1, "Using Oracle WebLogic Communications Server"
■
Section 12.1.2, "Using Jive Forums Documentation"
■
Section 12.1.4, "Application Role Names Cannot Include Thai Characters"
■
Section 12.1.3, "Troubleshooting Service Provisioning Issues"
■
Section 12.1.5, "Pagelet Producer Failover Support"
■
■
■
Section 12.1.6, "Configuring a Client Security Policy for Oracle Content Server
Connections"
Section 12.1.7, "Importing Space Templates with Public Access"
Section 12.1.8, "Option to Create a Portal Resource Displayed for Design-Time
Task Flows"
■
Section 12.1.9, "Connections Network Task Flow on System Pages Not Supported"
■
Section 12.1.10, "Cannot Log In to WebCenter Spaces if Oracle BPM is Down"
■
Section 12.1.11, "SQL Query with NCHAR Data Type Throws Exception"
■
Section 12.1.12, "Modifying Default Resource Strings for Language Support"
■
Section 12.1.13, "Setting Up WNA-Based SSO Using JDK 1.6.22 Produces an Error"
■
Section 12.1.14, "Cannot Navigate to the Current Page Using Out-of-the-Box
Navigation Task Flows in WebCenter Portal Applications"
■
Section 12.1.15, "Login Outcome Fails to Navigate to Privileged Pages"
■
Section 12.1.16, "Space Language Does Not Take Effect"
■
Section 12.1.17, "Performing Security-Related Operations on Business Role Pages"
■
Section 12.1.18, "Unable to Access SSL-Protected WebCenter Endpoints"
■
Section 12.1.19, "Unable to Export Content to Excel by using a Custom ADF
Taskflow"
Oracle WebCenter 12-1
General Issues and Workarounds
■
Section 12.1.20, "Errors for Activity Graph Queries When the Activity Graph
Engines are Running"
■
Section 12.1.21, "Page Not Found Error When Clicking Back to Portal Link"
■
Section 12.1.22, "Turning Off Automatic Event Listening in WebCenter Spaces"
■
Section 12.1.23, "Cannot Add Certain Task Flows on a Space Page with the Default
Page Template Catalog"
■
Section 12.1.24, "Search Limitations with Special Characters"
■
Section 12.1.25, "Configuring the REST Server Post-Installation"
■
Section 12.1.26, "Resources in WebCenter Portal Application Disappear after
Redeployment of Application"
■
Section 12.1.27, "Configuring a Proxy Server for External Links in Activity Stream"
■
Section 12.1.28, "Installing Oracle SES 11.1.2.2"
12.1.1 Using Oracle WebLogic Communications Server
Oracle WebLogic Communications Server (OWLCS) is provided as a sample for
development only. It should not be used for production deployments.
12.1.2 Using Jive Forums Documentation
Oracle WebCenter Discussions (Jive Forums) is an optional component of Oracle
WebCenter. Complete documentation for Jive Forums is included for reference.
However, Jive software installations and upgrades outside of the WebCenter product
installation are not supported.
12.1.3 Troubleshooting Service Provisioning Issues
When you create a group space, an error similar to the following might be seen if
provisioning a service exceeds the time allowed:
Group space created with the following warnings:
Issues were faced while provisioning the services.
Errors were encountered for the following services - Discussions and
Announcements. Check if these services have been configured correctly.
When a group space is created, services are provisioned in parallel in multiple threads.
If provisioning a service exceeds the specified timeout, the thread is interrupted. The
timeout may be exceeded due to time needed to copy the metadata when the latency
between the midtier and the database is too high, network issues, database
performance issues, and so on.
To check if the issue is due to exceeding the timeout, search the log file for a message
similar to the following:
<Nov 3, 2009 4:44:06 PM GMT> <Warning> <oracle.webcenter.webcenterapp>
<BEA-000000> <Concurr: The thread is timed out in 10000 milisec.
for oracle.webcenter.collab.forum:Execution timedout
queued :
12 ms
suspended :
0 ms
running : 5842 ms
timeout : 5000 ms
service : oracle.webcenter.community
resource : oracle.webcenter.collab.forum
12-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
source : oracle.webcenter.concurrent.RunnableTask@23268a92
(oracle.webcenter.concurrent.RunnableTask) submission : 15>
<Nov 3, 2009 4:44:06 PM GMT> <Warning> <oracle.webcenter.webcenterapp>
<BEA-000000> <Concurr: The thread is timed out in 5000 milisec.
for oracle.webcenter.collab.announcement:Execution timedout
queued :
37 ms
suspended :
0 ms
running : 5875 ms
timeout : 5000 ms
service : oracle.webcenter.community
resource : oracle.webcenter.collab.announcement
source : oracle.webcenter.concurrent.RunnableTask@37538945
(oracle.webcenter.concurrent.RunnableTask) submission : 18>
<Nov 3, 2009 4:44:06 PM GMT> <Warning>
<oracle.webcenter.collab.forum.internal.jive.CategoryTaxanomyCreator> <BEA-000000>
<java.io.InterruptedIOException: Operation interrupted
In this case, the running time of 5875 ms exceeded the timeout of 5000 ms. The root
cause of the timeout should be addressed; for example, resolve networking or
database performance issues.
The networking issues could be resolved by incresing the TCP/IP timeout value.To
change the timeout values, log in as a root user and execute the following command:
ndd -set /dev/tcp tcp_time_wait_interval 480000 (default value is
60000)
Restart the Administration and Managed Servers. Once this is done, the group space
can be created again and the error will not be encountered. If the performance cannot
be improved and the error persists, the timeout value may be increased for the service
encountering the error. For more information, see Section A.5.5, "Configuring
Concurrency Management."
12.1.4 Application Role Names Cannot Include Thai Characters
In this release, application role names cannot contain Thai characters.
12.1.5 Pagelet Producer Failover Support
Oracle WebCenter Pagelet Producer supports failover in a clustered configuration.
However, the in-flight data (unsaved or pending changes) is not preserved. On
failover, administrators must reestablish their administrative session. End users may
also need to reestablish the session if the proxy is required to have a state. If SSO is
configured, credentials are automatically provided, and the session is reestablished.
12.1.6 Configuring a Client Security Policy for Oracle Content Server Connections
If your environment supports Global Policy Attachments (GPA), leave the Client
Security Policy property blank when you configure the Oracle Content Server
connection. The hint text and online help indicates that you must enter the value 'GPA'
but this information is not correct. See also, the table "Oracle Content Server
Connection Parameters" in Oracle Fusion Middleware Administrator's Guide for Oracle
WebCenter.
Oracle WebCenter 12-3
General Issues and Workarounds
12.1.7 Importing Space Templates with Public Access
When a Space template with public access is imported into another instance of
WebCenter Spaces, the template appears as public but the grants are not imported
properly. Creating a Space based on this template by using the UI works fine, but
creating a Space by using the WebService call fails with an exception.
As a workaround, in the Spaces UI, revoke the public access from the template, and
then grant the public access again.
12.1.8 Option to Create a Portal Resource Displayed for Design-Time Task Flows
You can bring runtime task flows into JDeveloper, edit them, and export them back to
the deployed application. However, Oracle recommends that you not expose task
flows created in JDeveloper as portal resources. When you create an ADF task flow
inside the /oracle/webcenter/portalapp folder, the context menu on the task
flow definition file displays the Create Portal Resource option. Do not use this option
to expose a design-time task flow as a portal resource. Task flows typically involve
multiple files. When you export a new task flow from JDeveloper, all files may not be
exported properly, and this may result in the task flow being broken post deployment.
12.1.9 Connections Network Task Flow on System Pages Not Supported
If you include the Connections Network task flow in a custom Resource Catalog and
use that catalog in your application, and then try to add this task flow to a system
page, you get an error. This error prevents you from editing any other task flow on the
page. To work around this issue, click the Restore Default link on the system page to
undo all changes made to the page, including removal of the Connections Network
task flow.
12.1.10 Cannot Log In to WebCenter Spaces if Oracle BPM is Down
If the WebCenter domain has been extended using the Oracle BPM Spaces template,
and Process Spaces has been installed, any attempt to log in to WebCenter Spaces
throws exceptions if the Oracle BPM server is down.
12.1.11 SQL Query with NCHAR Data Type Throws Exception
When using a SQL data control, you may encounter an error if the query contains a
column with the NCHAR data type. As a workaround, you can use the to_
char(NCHAR_COLUMN NAME) function.
12.1.12 Modifying Default Resource Strings for Language Support
In a WebCenter Portal application, to provide language support for component
properties edited at runtime, Oracle Composer enables users to edit resource strings
for properties that take String values. At runtime, when you try to override the default
content in the resource bundle by directly entering values in the Select Text Resource
dialog, the changes do not take effect and the page may appear blank.
The workaround is to create a new resource string instead of directly entering values
in the Select Text Resource dialog. To create a new resource string, use the Create link
in the Select Text Resource dialog and enter the required values in the search results
table. Clicking the Use button in the last column selects this string for use as the
current property value. For information, see the "Edit Resource Strings" section in
Oracle Fusion Middleware Developer's Guide for Oracle WebCenter."
12-4 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
12.1.13 Setting Up WNA-Based SSO Using JDK 1.6.22 Produces an Error
Setting up Windows Native Authentication-based single sign-on using SUN JDK
1.6.22 produces an error. Use the jrockit JDK instead of the Sun JDK, or contact Oracle
Support to get a backport request for bug 10631797.
12.1.14 Cannot Navigate to the Current Page Using Out-of-the-Box Navigation Task
Flows in WebCenter Portal Applications
Navigating to the same page as the current page with the out-of-the-box navigation
task flows fails in WebCenter Portal applications.
The workaround for this issue is to extend the CustomPortalNavigation class and
register it in web.xml.
1.
Create a new Java class in your Portal project that extends
oracle.webcenter.portalframework.sitestructure.PreferencesBea
n.
For example:
package portal;
import oracle.webcenter.portalframework.sitestructure.PreferencesBean;
public class CustomPortalNavigation extends PreferencesBean {
public CustomPortalNavigation () {
super();
}
}
2.
Register this new Java class in web.xml with the navigation framework as a
CustomPortalNavigation as follows:
<context-param>
<param-name>
Oracle.webcenter.portalframework.sitestructure.CustomPortalNavigationImpl
</param-name>
<param-value>portal.CustomPortalNavigation</param-value>
</context-param>
12.1.15 Login Outcome Fails to Navigate to Privileged Pages
If an application is configured to automatically navigate to a page that is accessible
only to authenticated users, login to the application fails to navigate to the target page.
The browser either shows an empty popup or 404 error.
The workaround for this issue is as follows:
1.
Create a Java class in the application that extends the framework's
CustomViewHandler and overload the getActionURL method, for example:
package portal;
import
import
import
import
import
import
import
java.beans.Beans;
javax.faces.application.ViewHandler;
javax.faces.context.FacesContext;
oracle.webcenter.portalframework.sitestructure.SiteStructure;
oracle.webcenter.portalframework.sitestructure.SiteStructureContext;
oracle.webcenter.portalframework.sitestructure.SiteStructureResource;
oracle.webcenter.portalframework.sitestructure.SiteStructureUtils;
Oracle WebCenter 12-5
General Issues and Workarounds
import
oracle.webcenter.portalframework.sitestructure.handler.CustomViewHandler;
public class ApplicationViewHandler extends CustomViewHandler {
public ApplicationViewHandler(ViewHandler viewHandler) {
super(viewHandler);
}
/*
* Extend to address issue with bug 11076967 involving login
*/
@Override
public String getActionURL(FacesContext fctx, String viewId) {
String urlStr = viewId;
if (Beans.isDesignTime()) {
return m_baseHandler.getActionURL(fctx, urlStr);
}
// Only perform the pretty url lookup if the request was from our
// navigation processAction
if (isRequestDrivenByNavigation(fctx)) {
SiteStructure model =
SiteStructureContext.getInstance().getCurrentModel();
if (model != null) {
SiteStructureResource resource = model.getCurrentSelection();
if (resource != null) {
// Bug 11076967
// Only translate to pretty URL if the viewId is that of the
// resource.
// There is a usecase (bug 11076967) where the viewId is
// the login_success outcome in which case, we shouldn't touch it
String resourceViewId = findTargetViewId(fctx, resource);
if (resourceViewId != null &&
resourceViewId.equals(viewId))
urlStr = "/" +
SiteStructureUtils.encodeUrl(resource.getPrettyUrl());
}
}
}
// Get the base handler to tag on anything else that might be needed
// which includes the _adf.ctrl-state
String ret = m_baseHandler.getActionURL(fctx, urlStr);
return ret;
}
}
2.
Register the above view handler with JSF in faces-config.xml, replacing the
existing
oracle.webcenter.portalframework.sitestructure.handler.Custom
ViewHandler entry:
<faces-config version="1.2" xmlns="http://java.sun.com/xml/ns/javaee">
<application>
<default-render-kit-id>oracle.adf.rich</default-render-kit-id>
<view-handler>portal.ApplicationViewHandler</view-handler>
12-6 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
</application>
...
12.1.16 Space Language Does Not Take Effect
If users change their language preference, it overrides the language selected for the
Space. To display the language selected for the Space, users must clear the browser
cookies and reload the Space.
12.1.17 Performing Security-Related Operations on Business Role Pages
Seeded business role pages, such as Activities and Spaces, are available to all users by
default. Currently, the WebCenter Spaces UI does not provide a means of performing
security-related operations on seeded business role pages. This means you cannot hide
seeded business role pages from all users through the WebCenter Spaces UI. However,
there is a workaround:
1.
Export the pages.xml files for anonymous-role and authenticated-role
from MDS.
exportMetadata(application='webcenter',server='WC_
Spaces',toLocation='/scratch/mdsdump',
docs='/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_
296c916a23ed/role/anonymous-role/pages.xml')
exportMetadata(application='webcenter',server='WC_
Spaces',toLocation='/scratch/mdsdump',
docs='/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_
296c916a23ed/role/authenticated-role/pages.xml')
2.
Go through these pages.xml files and, based on your requirement, mark
business role pages hidden or shown:
<!-- Business Role Pages -->
<pageDef
id="Page_2eb852ac_10f5902cb2f__7ff7"
contentMRef="/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_
beee_296c916a23ed/businessRolePages/ActivityStreamMainView.jspx"
shared="false"
hidden="false"
/>...
3.
■
Set hidden="true" for the pages that should not be shown.
■
Set hidden="false" for pages that should be shown.
Upload the changed files back to the repository.
importMetadata(application='webcenter',server='WC_
Spaces',fromLocation='/scratch/mdsdump',
docs='/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_
296c916a23ed/role/anonymous-role/pages.xml')
importMetadata(application='webcenter',server='WC_
Spaces',fromLocation='/scratch/mdsdump',
docs='/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_
296c916a23ed/role/authenticated-role/pages.xml')
Oracle WebCenter 12-7
General Issues and Workarounds
12.1.18 Unable to Access SSL-Protected WebCenter Endpoints
An Oracle WebCenter Source (for searching WebCenter Spaces objects, such as lists,
pages, Spaces, and people connections profiles) currently cannot access SSL-protected
WebCenter endpoints. Oracle is working on a patch for this.
12.1.19 Unable to Export Content to Excel by using a Custom ADF Taskflow
In a WebCenter Portal application that contains a custom ADF taskflow that enables
you to generate a downloadable Excel spreadsheet, the export operation may fail
when you click the Export to Excel button for the first time. If you encounter this
problem, try to export the content to Excel again.
12.1.20 Errors for Activity Graph Queries When the Activity Graph Engines are
Running
The process of building and storing similarity scores for Activity Graph can consume a
large amount of temporary and undo table space when the size of the graph grows
large. To prevent errors, ensure that the temporary and undo tablespaces assigned to
the Activities schema are configured to auto-extend.
12.1.21 Page Not Found Error When Clicking Back to Portal Link
The Back to Portal link redirects to http://server:port/contextroot. The
default value in web.xml for this is /index.html and the default value in
index.html redirects to ./faces/pages_home. If there is no pages_home node in
the selected default navigation model for the application, this results in a page not
found error. To resolve this issue, update web.xml and index.html to reflect the
structure of your application.
If your application uses dynamically created navigations at runtime, it is advisable to
change the landing page to be a .jsp page. This enables you to drive the actual node
to redirect to within the navigation from a backing bean. The bean can either choose to
go to the first navigable page, or can navigate to a node based on an external ID. In the
latter case, you must set the external ID in the navigation model.
12.1.22 Turning Off Automatic Event Listening in WebCenter Spaces
In WebCenter Spaces, when a portlet is added to a page, the portlet binding is
configured to automatically listen for parameters and events generated on the page.
Currently, there is no way to turn off this automatic parameter and event listening in
the WebCenter Spaces UI.
To turn off automatic parameter and event listening:
1.
Export the Space.
2.
In JDeveloper, open the page definition for the page containing the portlet.
3.
Edit the portlet binding to set the listenForAutoDeliveredPortletEvents
and listenForAutoDeliveredParameterChanges attributes to false:
<portlet id="p2_1"
...
listenForAutoDeliveredPortletEvents="false"
listenForAutoDeliveredParamtersChange="false"
...
/>
12-8 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
4.
Import the Space back into WebCenter Spaces.
12.1.23 Cannot Add Certain Task Flows on a Space Page with the Default Page
Template Catalog
When using the Default Page Template Catalog (for example, when editing page
templates), users are unable to add the following task flows to a Space page:
■
All Saved Searches
■
Similarly Tagged Items
■
Tags
■
Tag Cloud
■
Tag Cloud Related Items
■
Publisher
This is due to a missing single quote in the attr.text attribute, which causes a parse
exception when the task flow is added to a page.
The workaround is to edit the Default Page Template Catalog to add the missing
quotes. For example:
1.
Log on as an administrator.
2.
Navigate to the Administration - Resources - Resource Catalogs page.
3.
With the Default Page Template Catalog selected, click Edit - Copy.
4.
With this new (copied) catalog selected, select Edit, and for each of these entries
(under either the Tagging and Searching group or the Social and Communications
group), do the following:
a.
Select the entry and click Edit (pencil).
b.
Click the Options tab, and add the missing single quote in the attr.text
attribute; for example, ['TAGS.TITLE'].
5.
Click OK, then OK again to save and close the catalog.
6.
Back on the Administration - Resources - Resource Catalogs page, select this new
catalog, and click Edit - Show to make it available.
7.
Navigate to the Administration – Configuration page.
8.
In the Resources section, select this new catalog for the following:
9.
■
Resource Catalog for Page Templates in Spaces
■
Resource Catalog for Page Templates in Home Space
Click Apply to save these changes.
12.1.24 Search Limitations with Special Characters
Several special characters are filtered out in WebCenter search. For example, when
you search for the keyword Q2$Total, WebCenter does not return the wiki page
named Q2$Total in search results.
With Oracle SES, the following special characters are not recognized:
!@#$%^&()+=[]{}|;'\",<>/?`~
Oracle WebCenter 12-9
General Issues and Workarounds
With WebCenter live search, the hyphen [-] and wildcard [*] characters additionally
are not recognized.
12.1.25 Configuring the REST Server Post-Installation
For certain features of the WebCenter REST server to work correctly when using a
REST client like the Oracle WebCenter iPhone application, the flag
WLForwardUriUnparsed must be set to ON for the Oracle Weblogic Server Plugin
that you are using.
■
■
If you are running Apache in front of Weblogic Server, add this flag to
weblogic.conf.
If you are running Oracle HTTP Server (OHS) in front of Weblogic Server, add this
flag to mod_wl_ohs.conf.
The examples below illustrate the possible configurations for both of these cases.
For more information about how to configure Weblogic Server Plugins, see Oracle
Fusion Middleware Using Web Server 1.1 Plug-Ins with Oracle WebLogic Server.
Example 1: Using <location /rest> to apply the flag only for /rest URIs
(recommended)
<Location /rest>
# the flag below MUST BE set to "On"
WLForwardUriUnparsed
On
# other settings, example: WebLogicCluster or WebLogicHost & WebLogicPort
# set the handler to be weblogic
SetHandler weblogic-handler
</Location>
Example 2: Applying the flag to all URIs served by Oracle Weblogic Server
<IfModule mod_weblogic.c>
# the flag below MUST BE set to "On"
WLForwardUriUnparsed
On
# other settings, example: WebLogicCluster or WebLogicHost & WebLogicPort
WebLogicCluster johndoe02:8005,johndoe:8006
Debug ON
WLLogFile
c:/tmp/global_proxy.log
WLTempDir
"c:/myTemp"
DebugConfigInfo
On
KeepAliveEnabled ON
KeepAliveSecs 15
</IfModule>
12.1.26 Resources in WebCenter Portal Application Disappear after Redeployment of
Application
If a WebCenter Portal application has been customized at runtime to add new
resources through the Resource Manager, those new resources are lost after a new
deployment or a redeployment of the same application.
Any new pages created at runtime that use the lost resources are still available even
though the resources themselves are no longer available in the Resource Manager.
12-10 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
This issue happens when the application version or the redeployment version is
changed during the redeployment of the application, either using Fusion Middleware
Control or WLST. It can also happen on redeployment when the
generic-site-resources.xml file has been changed at design time (for example,
by creating new resources).
This issue occurs because the generic-site-resources.xml file is overwritten on
redeployment.
To work around this issue, you must manually add the mds-transfer-config.xml
file to the application.
Any resources created at design time must be manually added
to the runtime application before redeploying the application.
Note:
1.
Download the mds-transfer-config.xml file from the following location:
https://support.oracle.com/oip/faces/secure/km/DownloadAttach
ment.jspx?attachid=1343209.1:mdstransferconfig
2.
Extract the MAR file (for example AutoGeneratedMar.mar) from the EAR file.
3.
In the extracted MAR file directory, create a new directory, called META-INF, and
copy the mds-transfer-config.xml file to the new directory.
4.
Update the MAR file with META-INF\mds-transfer-config.xml, for
example:
jar -uvf AutoGeneratedMar.mar META-INF\mds-transfer-config.xml
5.
Update the EAR file with the updated MAR file:
jar -uvf YourApp.ear AutoGeneratedMar.mar
6.
Redeploy YourApp.mar.
12.1.27 Configuring a Proxy Server for External Links in Activity Stream
You must configure a proxy server if you want to display external links in Activity
Stream task flows. Both the RSS service and the Activity Stream
service share the same proxy server settings. For information, see "Setting Up a Proxy
Server for External RSS News Feeds" in Oracle Fusion Middleware Administrator's Guide
for Oracle WebCenter.
12.1.28 Installing Oracle SES 11.1.2.2
Oracle Secure Enterprise Search (SES) release 11.1.2.2 now is available and is
recommended as the Oracle SES release to use with WebCenter release 11.1.1.5.
Download Oracle SES from
http://www.oracle.com/technetwork/search/oses/downloads/index.ht
ml. No additional Oracle patches are required with Oracle SES release 11.1.2.2.
Oracle WebCenter
12-11
General Issues and Workarounds
Note: Oracle Fusion Middleware Administrator's Guide for Oracle
WebCenter describes required steps for installing Oracle SES that
involve unzipping the webcenter_search_ses_plugins.zip file
to add several WebCenter jar files to Oracle SES. This zip file is not
necessary with Oracle SES release 11.1.2.2.
For more information, refer to the Oracle SES Online Documentation Library 11g
Release 1 (11.1.2.2) available here on OTN:
http://www.oracle.com/technetwork/search/oses/documentation/ses096384.html
12-12 Oracle Fusion Middleware Release Notes
Part VI
Part VI
Oracle SOA Suite and Business Process
Management Suite
Part VI contains the following chapters:
■
Chapter 13, "Oracle SOA Suite, Oracle BPM Suite, and Common Functionality"
■
Chapter 14, "Web Services Security and Administration"
13
Oracle SOA Suite, Oracle BPM Suite, and
Common Functionality
13
To view the latest known issues associated with Oracle SOA Suite, BPM Suite, and
related SOA technologies, go to Oracle Technology Network (OTN) at
http://www.oracle.com/technetwork/middleware/docs/soa-aiafp-know
nissuesindex-364630.html. These known issues documents include the
following products:
■
Oracle Adapter for Oracle Applications (Oracle E-Business Suite Adapter)
■
Oracle AIA Foundation Pack
■
Oracle Application Adapters for Oracle WebLogic Server
■
Oracle Application Server Legacy Adapters
■
Oracle B2B
■
Oracle BPEL Process Manager
■
Oracle Business Activity Monitoring
■
Oracle Business Process Management
■
Oracle Business Rules
■
Oracle Complex Event Processing
■
Oracle Enterprise Repository
■
Oracle Human Workflow
■
Oracle Mediator
■
Oracle Service Bus
■
Oracle SOA Suite and Oracle BPM Suite Common Functionality
■
Oracle Technology Adapters
Oracle SOA Suite, Oracle BPM Suite, and Common Functionality 13-1
13-2 Oracle Fusion Middleware Release Notes
14
Web Services Security and Administration
14
This chapter describes issues associated with Web services security and
administration, including Oracle Web Services Manager. It includes the following
topics:
■
■
■
■
Section 14.1, "Using Multibyte User Credentials with wss_http_token_* Policy"
Section 14.2, "Importing Custom Policies Before Attaching and Deploying to a
Service Application"
Section 14.3, "Performing a Bulk Upload of Policies"
Section 14.4, "Reviewing Policy Configuration Override Values After Detaching a
Client Policy"
■
Section 14.5, "Removing Post-deployment Customizations"
■
Section 14.6, "Reviewing Localization Limitations"
■
■
■
■
■
■
■
■
Section 14.7, "When Using WLST to Import a Security Policy, the Same Policy May
Be Repeatedly Imported"
Section 14.8, "Identity in WSDLs Is Not Used for Enforcement with ADF DC
Applications"
Section 14.9, "JVM limitation for Kerberos Token Policy with Message Protection
Policy"
Section 14.10, "Fusion Middleware Control Does Not List Policies When Two
Servers Are SSL Enabled (Two-way SSL)"
Section 14.11, "Web Service Test Page Cannot Test Input Arguments Bound to
SOAP Headers"
Section 14.12, "Possible Build Label Version and Date Discrepancy On the Policy
Validation Page"
Section 14.13, "When Adding SAML Issuer From Fusion Middleware Control the
jps-config.xml File Is Incorrectly Updated"
Section 14.14, "Patching of Patch Set 1 WebLogic Server Web Services Attached to
Custom Polices With Patch Set 3 Oracle WSM Policy Manager"
■
Section 14.15, "Custom Policy Fails When an Empty Subject Is Passed"
■
Section 14.16, "Possible Limitation When Using Custom Exactly-one Policies"
■
■
Section 14.17, "Ignore "Services Compatibility" Error for Security Policies Used
Between Oracle WSM and WebLogic Server"
Section 14.18, "Compatible Policies Not Returned When Using JDeveloper Wizard
to Attach Oracle WSM Policies to Web Service Client"
Web Services Security and Administration 14-1
Using Multibyte User Credentials with wss_http_token_* Policy
■
Section 14.19, "SAML Bearer Token Policies Now Signed by Default"
■
Section 14.20, "Policyset Containing Invalid PolicyRef Causes Application to Fail"
■
Section 14.21, "Security Policies do not Work on Subscriber Mediator Component"
■
Section 14.22, "Policy Table Might not Show Attached Policies For Some Locales"
Note: See also Section 11.34, "Web Services and XML Issues and
Workarounds."
14.1 Using Multibyte User Credentials with wss_http_token_* Policy
In this release, multibyte user credentials are not supported for the wss_http_token_*
policies. If multibyte user credentials are required, use a different policy, such as wss_
username_token_* policy. For more information about the available policies, see
Appendix B "Predefined Policies" in the Oracle Fusion Middleware Security and
Administrator's Guide for Web Services.
14.2 Importing Custom Policies Before Attaching and Deploying to a
Service Application
It is recommended that you import custom policies before attaching and deploying
them to a service application.
If you deploy an application with policies that do not exist in the Metadata Store
(MDS), and subsequently import the policies, you need to restart the server for the
policy attachment count to be updated.
14.3 Performing a Bulk Upload of Policies
When performing a bulk import of policies to the MDS repository, if the operation
does not succeed initially, retry the operation until the bulk import succeeds.
For the most part, this can occur for an Oracle RAC database when the database is
switched during the metadata upload. If there are n databases in the Oracle RAC
database, then you may need to retry this operation n times.
For more information about bulk import of policies, see "Migrating Policies" in the
Oracle Fusion Middleware Security and Administrator's Guide for Web Services.
14.4 Reviewing Policy Configuration Override Values After Detaching a
Client Policy
If you attach a policy to a client, override policy configuration values, and
subsequently detach the policy, the policy configuration override values are not
deleted. When attaching new policies to this client, ensure that you review the policy
configuration override values and update them appropriately.
14.5 Removing Post-deployment Customizations
When the connections.xml file is changed after deployment using the AdfConnection
MBean, the complete connection is saved as a customization. This means that changes
to the connection in a redeployed application are overwritten by the customization.
14-2 Oracle Fusion Middleware Release Notes
JVM limitation for Kerberos Token Policy with Message Protection Policy
When you use Fusion Middleware Control to make changes to an application's
connections.xml file after deployment, a new connections.xml file is created as a
customization and stored in the MDS repository. This customization persists for the
life of the application. Therefore, if you redeploy the application, the customized
connections.xml file continues to be applied as a customization on the application.
To allow the redeployed application's connections.xml file to be applied without the
prior customization (from Fusion Middleware Control), you must explicitly remove
the connections.xml customizations from the MDS repository.
For example, if you deploy an application with a Web services data control, then use
Fusion Middleware Control to attach the 'username token client policy', and
subsequently detach the policy. Then, you return to JDeveloper to edit the application
and attach the 'http token client policy', and redeploy the application. When you view
the application using Fusion Middleware Control, you see that it is not using the 'http
token client policy' that you attached. That is because it is using the customized
connections.xml file that you previously created using Fusion Middleware Control.
If you remove the connections.xml customizations from the MDS repository, the
application will use the its own connections.xml file.
14.6 Reviewing Localization Limitations
The following information is supported in English only in this release of Oracle
Enterprise Manager:
■
■
■
All fields in the policy and assertion template except the orawsp:displayName
field.
If using the ?orawsdl browser address, the orawsp:description field.
In the System MBean browser, the Description field in the
oracle.wsm.upgrade Mbean.
14.7 When Using WLST to Import a Security Policy, the Same Policy May
Be Repeatedly Imported
When WLST is used to import a security policy, be aware that the same policy may be
repeatedly imported.
14.8 Identity in WSDLs Is Not Used for Enforcement with ADF DC
Applications
For ADF DC applications, the identity extension in a WSDL (for example, the
certificate published in the WSDL), cannot be used as a recipient certificate for
message protection policies. Instead, either the recipient key alias (declarative
configuration override) or the default recipient key alias specified in the policy are
used.
14.9 JVM limitation for Kerberos Token Policy with Message Protection
Policy
Within a JVM, the Kerberos acquire key works fine when there is only a single Web
service principal. If there are additional Web service principals within the same JVM,
the acquire key returns null. When a Web service and client exist in different JVMs,
this is no longer an issue.
Web Services Security and Administration 14-3
Fusion Middleware Control Does Not List Policies When Two Servers Are SSL Enabled (Two-way SSL)
14.10 Fusion Middleware Control Does Not List Policies When Two
Servers Are SSL Enabled (Two-way SSL)
When a Managed Server is Two-way enabled SSL (for example, a SOA server hosting
Oracle WSM Policy Manager over Two-way SSL) and the Administration Server
hosting Fusion Middleware Control is correctly configured to access the Two-way
SSL-enabled Managed Server, Fusion Middleware Control still does not list the Oracle
WSM policies.
14.11 Web Service Test Page Cannot Test Input Arguments Bound to
SOAP Headers
For Web services that have any input arguments bound to SOAP headers, the Test
Web Service page in the Fusion Middleware Control console cannot show the
message. Therefore, such operations cannot be tested with the Test Web Service page.
For example, if the input for a multi-part WSDL is viewed through Fusion Middleware
Control, and one input argument is bound to a SOAP header, the composite instance
fails with the following exception because the other part of the message was missing in
the input:
ORAMED-01203:[No Part]No part exist with name "request1" in source message
To resolve such an issue, select XML View for Input Arguments and edit the payload
to pass input for both parts of the WSDL.
14.12 Possible Build Label Version and Date Discrepancy On the Policy
Validation Page
The build label and date information on the Policy Manager Validation page represent
the repository information and the version of the Policy Manager. The build label
represents the Policy Manager build that populated the repository and the date is the
date that the repository was last refreshed. If the repository is not refreshed during a
sparse installation of Oracle Fusion Middleware 11gR1 PS2, the information will not
change. Note that a typical installation of Oracle Fusion Middleware 11gR1 PS2 does
not refresh the repository either.
14.13 When Adding SAML Issuer From Fusion Middleware Control the
jps-config.xml File Is Incorrectly Updated
In release 11g R1 (11.1.1.1.0), when you try to add or edit a trusted issuer from the
Fusion Middleware Control console, then the jps-config.xml file is incorrectly
updated. As a workaround for this issue, Oracle recommends upgrading to 11g R1
Patch Set 2 (11.1.1.3.0).
14.14 Patching of Patch Set 1 WebLogic Server Web Services Attached
to Custom Polices With Patch Set 3 Oracle WSM Policy Manager
Due to a new feature in 11g R1 Patch Set 2 (11.1.1.3.0), the "Shared policy store for
Oracle Infrastructure Web services and WebLogic Server Web services", WebLogic
Server Web services now utilize the Policy Manager by default to retrieve policies
from the MDS repository. In Patch Set 1, WebLogic Server Web services used classpath
mode by default.
14-4 Oracle Fusion Middleware Release Notes
Ignore "Services Compatibility" Error for Security Policies Used Between Oracle WSM and WebLogic Server
After patching your Oracle Fusion Middleware 11g R1 software installation to Patch
Set 2, if you have attached a custom Oracle WSM policy to a WebLogic Server Web
service, you need to make sure your custom policy is stored in the MDS repository.
Note that only custom policies in use need to be migrated. All seed policies will be
available in the MDS repository out-of-the-box.
To migrate policies to the Metadata Services (MDS) repository, see "Maintaining the
MDS Repository" in the Security and Administrator's Guide for Web Services.
14.15 Custom Policy Fails When an Empty Subject Is Passed
If an empty subject is passed to a custom policy, it fails with a generic error. To work
around this issue, you can create and set an anonymousSubject inside the execute
method of the custom step. For example:
javax.security.auth.Subject subject =
oracle.security.jps.util.SubjectUtil.getAnonymousSubject();
context.setProperty(oracle.wsm.common.sdk.IMessageContext.SECURITY_
SUBJECT,subject)
Note that in this example the context is of Type
oracle.wsm.common.sdk.IContext
14.16 Possible Limitation When Using Custom Exactly-one Policies
In some cases, there can be a limitation when using custom Exactly-one policies. For a
set of assertions within the exactly-one policy, if a request message satisfies the first
assertion, then the first assertion gets executed and a response is sent accordingly.
However, this may not be the desired behavior in some cases because the request may
be intended for the subsequent assertions.
For example, you may have a client policy that has Timestamp=ON and a service
exactly-one policy that has a wss11 username token with message protection
assertions: the first has Timestamp=OFF; the second has Timestamp=ON. Therefore,
the first assertion in the service exactly-one policy is not expecting the Timestamp in
the request, yet the second assertion does expect it. In this case, the first assertion gets
executed and the response is sent with no Timestamp. However, the client-side
processing then fails because it expects the Timestamp that was sent in the request.
This limitation can exist with any cases where a client policy expects a greater number
of elements to be signed and a service policy does not.
14.17 Ignore "Services Compatibility" Error for Security Policies Used
Between Oracle WSM and WebLogic Server
Fusion Middleware Control may display a false error message when verifying
compatibility of service policies. This incompatibility message is shown when using
Enterprise Manager to attach an Oracle WSM Security client policy. Upon clicking the
Check Services Compatibility, a message states that policies are incompatible despite
the fact that these might be compatible.
Workaround:
If WSM policies are attached at the Web service endpoint, use the corresponding client
policy. For example, if the service has wss11_saml_or_username_token_with_
message_protection_service_policy, wss11_saml_token_with_message_protection_
client_policy or wss11_username_token_with_message_protection_client_policy will
Web Services Security and Administration 14-5
Compatible Policies Not Returned When Using JDeveloper Wizard to Attach Oracle WSM Policies to Web Service Client
work at the client side. If non-WSM policies are attached to the Web Service, see the
Interoperability Guide for Oracle Web Services Manager for information about the
corresponding client policy and attach it.
14.18 Compatible Policies Not Returned When Using JDeveloper Wizard
to Attach Oracle WSM Policies to Web Service Client
During design time, the JDeveloper Wizard's option for Attaching Oracle WSM
Policies to Web Service Clients might not return any compatible policies. This can
occur due to one of the following reasons:
■
■
There are no compatible client policies corresponding to the service policies
published in the WSDL.
In some cases, when you are trying to determine the compatible client policies in
version 11.1.1.4 of JDeveloper running with Fusion Middleware Control
Enterprise Manager that correspond to the service policies published in the WSDL
of the Web service in version 11.1.1.3 or earlier.
Workaround:
Disable the Show only the compatible client policies for selection option in the
JDeveloper Wizard. This will list all the client policies.
If Oracle WSM policies are attached to the Webs service, use the corresponding client
policy. For example, if the service has the policy wss11_saml_or_username_token_
with_message_protection_service_policy, it is safe to assume that wss11_saml_token_
with_message_protection_client_policy or wss11_username_token_with_message_
protection_client_policy will work at the client side.
If WSM policies are not attached to the Web service, refer to the Interoperability Guide for
Oracle Web Services Manager for instructions on determinant the corresponding client
policy and attaching it.
14.19 SAML Bearer Token Policies Now Signed by Default
A new property, saml.enveloped.signature.required, is available when
configuring wss_saml_token_bearer_over_ssl policies (both client and service). In
previous releases, the SAML bearer token was unsigned by default. In the current
release, the SAML bearer token is signed because the default value for the
saml.enveloped.signature.required property is true.
To retain the behavior of the previous release, set the
saml.enveloped.signature.required property to false in both the client and
service policies. The SAML bearer token is signed using the domain sign key, but it
can be overridden using the keystore.sig.csf.key property set in the bearer
client policy.
The affected policies are:
■
wss_saml20_token_bearer_over_ssl_client_policy
■
wss_saml_token_bearer_over_ssl_client_policy
■
wss_saml20_token_bearer_over_ssl_service_policy
■
wss_saml_token_bearer_over_ssl_service_policy
14-6 Oracle Fusion Middleware Release Notes
Policy Table Might not Show Attached Policies For Some Locales
14.20 Policyset Containing Invalid PolicyRef Causes Application to Fail
A policy set containing a policy reference referring to a non-existent policy causes
failure of the application startup.
To start up the application, perform either of the following steps:
1.
Delete the policy set containing invalid policy reference.
2.
Remove the non-existing policy reference by modifying the policy set. Explicitly
enable the policy set, which is disabled when a referenced policy is not found.
14.21 Security Policies do not Work on Subscriber Mediator Component
Component Authorization denyall policy does not work at subscriber mediator
component. Authorization policy works for other normal mediator component cases.
14.22 Policy Table Might not Show Attached Policies For Some Locales
Select the Web service application in Fusion Middleware Control and navigate to the
Web service endpoint. Attach a policy to the endpoint in the Attach/Detach page.
Sometimes the Directly Attached Polices table might not display the attached policies
for the following locales: zh-cn, zh-tw, ja, pt-br, es, fr, ko.
As a workaround, enlarge the columns.
Web Services Security and Administration 14-7
Policy Table Might not Show Attached Policies For Some Locales
14-8 Oracle Fusion Middleware Release Notes
Part VII
Part VII
Communication Services
Part VII contains the following chapters:
■
Chapter 15, "Oracle User Messaging Service"
■
Chapter 16, "Oracle WebLogic Communication Services"
15
Oracle User Messaging Service
15
This chapter describes issues associated with Oracle User Messaging Service. It
includes the following topics:
■
Section 15.1, "General Issues and Workarounds"
■
Section 15.2, "Configuration Issues and Workarounds"
15.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topic:
■
Section 15.1.1, "UMS Schema Purge Script Now Available"
■
Section 15.1.2, "Permission Grants for Upgraded Domains"
■
Section 15.1.3, "XML File Handle Left Open after Upload Fails"
■
Section 15.1.4, "Messages Metrics Rendered as Unavailable in the Performance
Page for User Messaging Server"
■
Section 15.1.5, "User Messaging Service URLs Unavailable After Restart"
■
Section 15.1.6, "User Preferences User Interface Renders Improperly"
15.1.1 UMS Schema Purge Script Now Available
A UMS schema purge script is available for your download and use. You can access
the script and instructions for its use by contacting Oracle Suppotr.
15.1.2 Permission Grants for Upgraded Domains
In order for Oracle User Messaging Service to run as a specific user, a code-based
permission grant is required. This grant is pre-seeded in WebLogic domains that are
created after the Fusion Middleware 11gR1 Patch Set 2 upgrade.
If you created a WebLogic domain prior to the Patch Set 2 upgrade, you must
manually add this grant by running the following Oracle Platform Security Services
(OPSS) WLST commands in online (connected) mode:
wls:/mydomain/serverConfig>
grantPermission(codeBaseURL="file:${ums.oracle.home}/communications/modules/oracle.sdp.client_
11.1.1/-",
permClass="oracle.security.jps.JpsPermission",permTarget="IdentityAssertion",
permActions="execute")
wls:/mydomain/serverConfig>
Oracle User Messaging Service 15-1
General Issues and Workarounds
grantPermission(codeBaseURL="file:${ums.oracle.home}/communications/modules/oracle.sdp.messaging_
11.1.1/-",
permClass="oracle.security.jps.JpsPermission",permTarget="IdentityAssertion",
permActions="execute")
See Oracle WebLogic Fusion Middleware Scripting Tool Command Reference for information
regarding grantPermission
15.1.3 XML File Handle Left Open after Upload Fails
If an error occurs when uploading a user messaging preferences XML file using the
WLST manageUserMessagingPrefs command, the XML file handle is left open. On
the Microsoft Windows platform, this file cannot be deleted until you exit the WLST
shell.
15.1.4 Messages Metrics Rendered as Unavailable in the Performance Page for User
Messaging Server
When no metric data is found (for example when no messages have been sent or
received after server setup), the Metrics Performance page will display Unavailable.
This is not a problem with the software, and the Performance reporting is operating
properly. As soon as Send and Receive traffic exists, the Performance page will display
results normally.
15.1.5 User Messaging Service URLs Unavailable After Restart
Upon restarting the User Messaging Service server (usermessagingserver) from Oracle
Enterprise Manager Fusion Middleware Control or through Oracle WebLogic Console,
you may get an error: Error 503--Service Unavailable when attempting to
access any URLs served by the User Messaging Service server, such as the User
Preferences UI (/sdpmessaging/userprefs-ui) or the various Web Services endpoints. This
error occurs intermittently in cases when the Oracle WebLogic Server is heavily
loaded (such as with a SOA instance). To work around this issue:
■
■
Restart the User Messaging Service server again (two or more restarts may be
required).
If multiple User Messaging Service server restarts are not sufficient, then restart
the entire Oracle WebLogic Server instance.
15.1.6 User Preferences User Interface Renders Improperly
Intermittent UI rendering errors have been reported in some languages, due to the
generation of a corrupted .css file. If you experience problems, follow these steps to
work around the issue:
1.
Delete the cached, auto-generated .css file for the affected locale (or simply, all
locales) on the server located at DOMAIN_HOME/servers/<server_
name>/tmp/_WL_user/usermessagingserver/<random_
name>/public/adf/styles/cache and restart the usermessagingserver
application using Oracle Enterprise Manager Fusion Middleware Control. Have
all users clear their browser caches.
The next time the UI is accessed from a browser, a new .css file will be generated
for the desired locale, and it is very likely that it will be a valid .css file. If not,
repeat this process a couple of times.
15-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
2.
If the previous solution does not work, disable content compression in the
web.xml file of the User Preferences Web Module located at DOMAIN_
HOME/servers/<server_name>/tmp/_WL_
user/usermessagingserver/<random_
name>/sdpmessaginguserprefs-ui-web.war. In particular, extract
web.xml, add the following <context-param/> to it:
<context-param>
<param-name>org.apache.myfaces.trinidad.DISABLE_CONTENT_
COMPRESSION</param-name>
<param-value>true</param-value>
</context-param>
Then, re-archive it to the war module.
Finally, restart the usermessagingserver application using Oracle Enterprise
Manager Fusion Middleware Control.
15.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
■
Section 15.2.1, "Enable Extension Driver after Upgrade"
Section 15.2.2, "Preseeded Channel for Worklist and Pop-up Drivers Cannot be
Removed"
■
Section 15.2.3, "Worklist Driver Configuration"
■
Section 15.2.4, "Configure Email Alerts"
■
Section 15.2.5, "Migrate Custom Business Terms After PS3 Patch"
■
Section 15.2.6, "Use Correct SSL Trust Store When Configuring Drivers"
■
■
Section 15.2.7, "User Messaging Service Driver Configuration Changes Not
Immediately Effective"
Section 15.2.8, "Email Notifications Sent Even if You Do Not Change Default
Parameters in driverconfig.xml"
15.2.1 Enable Extension Driver after Upgrade
When you upgrade to the current release, you must complete the following manual
configuration steps in order to enable use of the Extension driver:
1.
Stop all servers it the domain.
2.
Add this .jar file to the classpath of the domain:
$UMS_ORACLE_HOME/communications/modules/usermessaging-config_11.1.1.jar
This can be done by modifying the setDomainEnv.sh/setDomainEnv.cmd in
the domain's bin folder. That is, the POST_CLASSPATH variable is updated like
this:
POST_CLASSPATH="${UMS_ORACLE_HOME}/communications/modules/usermessaging-config_
11.1.1.jar${CLASSPATHSEP}${POST_CLASSPATH}"export POST_CLASSPATH
3.
From the template .jar file at $UMS_ORACLE_
HOME/common/templates/applications/oracle.ums_template_
11.1.1.jar extract the .xml files:
Oracle User Messaging Service 15-3
Configuration Issues and Workarounds
/config/fmwconfig/usermessagingconfig.xml
/config/fmwconfig/mbeans/ums-mbeans.xml
4.
Copy these two .xml files into the domain's config and fmwconfig folders:
$DOMAIN_HOME/config/fmwconfig/usermessagingconfig.xml
$DOMAIN_HOME/config/fmwconfig/mbeans/ums-mbeans.xml
5.
Start the servers.
6.
Deploy the UMS Extension Driver by executing the WLST driver deployment
command. For example:
wls:/emsoa/serverConfig>
deployUserMessagingDriver(baseDriver='extension',appName='extension',
targets='soa_server1')
The UMS Extension Driver is now enabled.
15.2.2 Preseeded Channel for Worklist and Pop-up Drivers Cannot be Removed
If you deinstall the Worklist or Pop-up driver, the preseeded channel for these drivers
cannot be removed. The preseeded channel will remain available in your preference
list.
15.2.3 Worklist Driver Configuration
While following the Worklist Driver configuration instructions, you may see that
Oracle User Messaging Service for SOA in the Configuration Wizard is not selected,
leading you to think that it is not configured and that you must select and configure it.
This is not the case. The basic Oracle User Messaging Service is already configured,
along with a few UMS drivers.
Continue to follow the documented instructions, and disregard the fact that the Oracle
User Messaging Service for SOA option is unselected.
15.2.4 Configure Email Alerts
There is an issue with the default environment settings on Windows related to
keystore which prevents UMS from connecting securely to Beehive. To fix this issue:
1.
Modify setDomainEnv.sh to remove SSL config.
2.
Restart the env.
15.2.5 Migrate Custom Business Terms After PS3 Patch
After installing the PS3 patch, you must re-create any custom-built business terms
using Oracle Enterprise Manager Fusion Middleware Control. A copy of the
custom-built business terms is available at: $DOMAIN_
HOME/config/fmwconfig/servers/<ServerName>/applications/usermess
agingserver/configuration/businessterms.xml.bak
Restart your servers after making any changes!
New, pre-seeded business terms have been introduced in this
release. Do not overwrite the upgraded (PS3) file with a PS1 backup
(the new terms will be lost, otherwise).
Note:
15-4 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
15.2.6 Use Correct SSL Trust Store When Configuring Drivers
Before configuring any User Messaging Service Driver (such as the Email Driver) to
connect to a remote gateway using SSL, ensure that the correct SSL Trust Store is used:
Update the value of the JVM system property (javax.net.ssl.trustStore) set in $DOMAIN_
HOME/bin/setDomainEnv.sh (or Windows equivalent).
15.2.7 User Messaging Service Driver Configuration Changes Not Immediately
Effective
When you change a driver's configuration and then restart the driver, the changes will
not take effect until all managed connections in the pool are destroyed (900 seconds
[15 minutes] by default). Take one of these actions to ensure that the connections are
destroyed:
■
When performing driver configuration changes, stop the driver application and
wait for 15 minutes. Then re-start the driver application.
If you follow this recommendation and the wait time of 900
seconds (15 minutes) is too long, you can reduce the time using the
Oracle WebLogic Server Administration Console as follows:
Note:
1.
Click Deployments.
2.
Select the desired User Messaging Service Driver deployment.
3.
Click the Resource Adapter Type module.
4.
Click Configuration > Outbound Connection Pools.
5.
Click the DriverConnectionFactory group.
6.
Click Connection Pool.
7.
Edit the value of Shrink Frequency Seconds (for example, set to 120 seconds).
8.
Click Save, and save the changes to a deployment plan file when
prompted.
9.
Restart the User Messaging Service driver deployment to include the new
plan.
Remember that if Shrink Frequency is reduced to a short interval, it
may eventually have a negative impact on the performance of the
driver as idle connections will be recycled frequently.
OR
■
Restart the entire Oracle WebLogic Server after performing driver configuration
changes. The new changes will take effect immediately upon server re-start.
15.2.8 Email Notifications Sent Even if You Do Not Change Default Parameters in
driverconfig.xml
Instructions for notification configuration include setting your outgoing server
parameters. Please note that if you do not change the parameters (that is, if you leave
the default setting unchanged), notifications may still be sent. This is expected
behavior, but you should not rely on the default settings without verifying them. You
should set your parameters to ensure that they are correct.
Oracle User Messaging Service 15-5
Configuration Issues and Workarounds
15-6 Oracle Fusion Middleware Release Notes
16
Oracle WebLogic Communication Services
16
This chapter describes issues associated with Oracle WebLogic Communication
Services (OWLCS). It includes the following topics:
■
Section 16.1, "General Issues and Workarounds"
■
Section 16.2, "Configuration Issues and Workarounds"
■
Section 16.3, "Documentation Errata"
16.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topics:
■
■
■
■
Section 16.1.1, "Active SIP Session and APP Session Count Show as -1 in Clustered
Configuration"
Section 16.1.2, "Oracle WebLogic Server Pack/Unpack Tool Does Not Function in
OWLCS"
Section 16.1.3, "Oracle WebLogic Server Cloning Tool Does Not Function in
OWLCS"
Section 16.1.4, "Messages Metrics Rendered as Unavailable in the Performance
Page for User Messaging Server"
16.1.1 Active SIP Session and APP Session Count Show as -1 in Clustered
Configuration
In the Administration Console, the Monitoring -> General tab displays Undefined for
the Active SIP Session Count and Active Application Session Count attributes when
monitoring a replicated WebLogic SIP Server deployment. There is currently no
workaround for this problem.
16.1.2 Oracle WebLogic Server Pack/Unpack Tool Does Not Function in OWLCS
The Pack/Unpack tool in Oracle WebLogic Server does not work in this OWLCS
release. There is no workaround currently available.
16.1.3 Oracle WebLogic Server Cloning Tool Does Not Function in OWLCS
The Cloning tool in Oracle WebLogic Server does not work in this OWLCS release.
There is no workaround currently available.
Oracle WebLogic Communication Services 16-1
Configuration Issues and Workarounds
16.1.4 Messages Metrics Rendered as Unavailable in the Performance Page for User
Messaging Server
When no metric data is found, for example when no messages have been sent or
received after server setup, the Metrics Performance page will display Unavailable. This
is not a problem with the software, and the Performance reporting is operating
properly. As soon as Send and Receive traffic exists, the Performance page will display
results normally.
16.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
■
■
■
■
■
Section 16.2.1, "Launch_sash Option Error"
Section 16.2.2, "Same User Who Installed WLS/WLSS Product Must Perform
Uninstall"
Section 16.2.3, "Uppercase Usernames Cause Reregistration and Presence
Subscription Failures"
Section 16.2.4, "Running the uninstall.sh Script in Text Mode Does Not Uninstall
the Product"
Section 16.2.5, "SIP Monitor in F5 Networks BigIP Does Not Work in UDP Mode"
Section 16.2.6, "SIP Container Does Not Bind to IPV6 Interfaces for Listening on
Windows"
■
Section 16.2.7, "JAWS Unable to Read Some Install Screens"
■
Section 16.2.8, "Configure VoiceXML Driver Receive URLs Correctly"
16.2.1 Launch_sash Option Error
An error has been reported when using the launch_sash command with the -e
option. For example:
MW_HOME/user_projects/domains/base_domain/bin/launch_sash.sh -p
8001 -n weblogic -w welcome1 -a presenceapplication -e "xcap
appusage list"
does not properly process the xcap appusage list argument because the double
quote (") is mishandled.
To work around this problem, issue the command at the sash prompt directly.
16.2.2 Same User Who Installed WLS/WLSS Product Must Perform Uninstall
In order to perform a clean uninstall, ensure that the same user (privileges) who
accomplished the install also accomplishes the uninstall.
16.2.3 Uppercase Usernames Cause Reregistration and Presence Subscription
Failures
When a user is created with an uppercase username, then the following occurs:
■
Initial registration progresses normally, resulting in successful registration with
Oracle Communicator.
16-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
■
■
■
Presence subscriptions fails.
After a few minutes, Oracle Communicator displays Server Refused
Registration (403).
User's account is locked and sign-in is blocked for 30 minutes.
To work around this issue, set Trusted Authentication Hosts for the SIP Container by
doing the following (from the Administration Console):
1.
Click SipServer in the left pane.
2.
Click the SIP Security tab.
3.
In Trusted Authentication Hosts, add the IP address of your server (that is
running OWLCS).
4.
Save and restart OWLCS.
Using this workaround, presence functionality will fail for
clients running on the same machine as the OWLCS server. Such cases
(both Oracle Communicator and server running on the same machine)
are mostly for demonstration and development environments. For
these cases, ensure you create users with lowercase usernames.
Note:
Reregistration and presence subscription failures can also occur when users are
created with privateId being different than the username part of the publicId.
For example, if privateId is test.user1 and publicId is sip:test.user1@example.com,
everything works because test.user1 is the username part of the publicId
sip:test.user1@example.com.
But if privateId is tuser1 and publicId is sip:test.user1@example.com, the username part
of the publicId is not the same as privateId. In this case, the first registration succeeds
with Oracle Communicator, but reregistrations and presence subscriptions fail. Apply
the same workaround (configure trusted host as described above) to resolve this issue.
16.2.4 Running the uninstall.sh Script in Text Mode Does Not Uninstall the Product
Perform uninstallation using the Administration Console to ensure that all
components are uninstalled. Ensure that you use the same user privilege as when you
installed.
16.2.5 SIP Monitor in F5 Networks BigIP Does Not Work in UDP Mode
When using the F5 Networks BigIP load balancer for a cluster of SIP engines and the
SIP monitor in BigIP is used for failure detection, it must be configured to operate
(sending OPTIONS requests) over TCP and not UDP. UDP mode will not work (the
pool will indicate that the servers are down).
16.2.6 SIP Container Does Not Bind to IPV6 Interfaces for Listening on Windows
Due to limitations in the Windows IPv6 stack, the SIP Container cannot bind to IPv6
sockets for listening.
16.2.7 JAWS Unable to Read Some Install Screens
Due to an issue with the OWLCS Core Platform CIE-based installer, the JAWS tool
cannot correctly read the installation screens. To work around this issue, you must run
Oracle WebLogic Communication Services 16-3
Documentation Errata
the installer in silent mode. For information on Silent Mode installation, see Oracle
WebLogic Communication Services Installation Guide.
16.2.8 Configure VoiceXML Driver Receive URLs Correctly
In a clustered (high-availability) environment with Oracle HTTP Server (OHS)
configured, do not use the OHS port to configure the VoiceXML Driver Receive URLs.
Using the OHS port to configure the VoiceXML Driver Receive URLs will cause a
conflict with the drivers.
Each Voice XML Driver must be configured with its own WLS server's port (as
described in the parameters' documentation).
16.3 Documentation Errata
This section details changes to the documentation since the last release. Topics include:
■
Section 16.3.1, "Create a Basic SIP Domain"
■
Section 16.3.2, "Create a Custom AUID with OCP (Presence)"
■
■
■
Section 16.3.3, "Cannot Create a SIP Server Domain Using Default WebLogic
Platform Components"
Section 16.3.4, "Broken Documentation Links in Some (SIP Server) Translated
Files"
Section 16.3.5, "Missing (SIP Server) Online Help Regarding Security Providers"
16.3.1 Create a Basic SIP Domain
Directions for creating a basic SIP Domain have changed slightly in this release. Please
ensure that you follow these steps:
1.
Start the configuration wizard located at WLS_HOME/wlserver_
10.3/common/bin/config.sh. This location has changed since the last release.
2.
Select Create a New WebLogic Domain, and click Next.
3.
Select Basic WebLogic SIP Server Domain, and click Next.
The rest of the process remains the same as before when creating a WLS Domain.
16.3.2 Create a Custom AUID with OCP (Presence)
Follow these steps to create custom AUIDs:
1.
View the XML file for presence rules (presrules_au.xml). It is found in one of
the following locations, depending on your installation:
$ORACLE_HOME/j2ee/ocms/config/sdp/xcap
$ORACLE_HOME/j2ee/home/config/sdp/xcap
The file contains the following:
2.
–
Name of the application (pres-rules)
–
Mime type
–
User Quota
–
List of schemas associated with the application's XML files
Create a similar file for the new application usage
16-4 Oracle Fusion Middleware Release Notes
Documentation Errata
3.
For all the XSD files listed in the XML file above, create the XSD files and copy
them to the XCAP config location mentioned in Step 1 above.
4.
cd $ORACLE_HOME/sdp/bin
5.
./launch_sash.sh -a presenceapplication
6.
Provide admin credentials. At the sash prompt enter:
xcap appusage create applicationUsage=<new application usage name>
configurationFilename=<name of application usage XML file>
For instance, this command was run to create the pres-rules application usage:
xcap appusage create applicationUsage=pres-rules
configurationFilename=presrules_au.xml
7.
To provision users for the new application usage, at the sash prompt enter:
xcap user add userName=<string> applicationUsage=<new application usage name>
.
<string> is of the form username@example.com (replace example.com with domain
for the deployment)
16.3.3 Cannot Create a SIP Server Domain Using Default WebLogic Platform
Components
When running config.sh for SIP Server domain configuration, you can choose
whether to use WebLogic Platform Components or a Custom Template. The default for
Select Domain Source is to use WebLogic Platform Components. In previous releases, this
selection worked, but does not in this release. You must select Custom Template in
order to create a SIP Server domain.
16.3.4 Broken Documentation Links in Some (SIP Server) Translated Files
Some links to additional documentation were removed in the English language
version, but broken links in translated (languages other than English) have been
reported. These broken links are being addressed.
16.3.5 Missing (SIP Server) Online Help Regarding Security Providers
Online Help regarding Security Providers is not included. Oracle SIP Server, including
information about security providers, is licensed and documented through OCCAS.
Please consult your OCCAS documentation for more information.
Oracle WebLogic Communication Services 16-5
Documentation Errata
16-6 Oracle Fusion Middleware Release Notes
Part VIII
Part VIII
Oracle Identity Management
Part VIII contains the following chapters:
■
Chapter 17, "Oracle Access Manager"
■
Chapter 18, "Oracle Adaptive Access Manager"
■
Chapter 19, "Oracle Authentication Services for Operating Systems"
■
Chapter 20, "Oracle Directory Integration Platform"
■
Chapter 21, "Oracle Entitlements Server"
■
Chapter 22, "Oracle Identity Federation"
■
Chapter 23, "Oracle Identity Manager"
■
Chapter 24, "Oracle Identity Navigator"
■
Chapter 25, "Oracle Internet Directory"
■
Chapter 26, "Oracle Platform Security Services"
■
Chapter 27, "SSL Configuration in Oracle Fusion Middleware"
■
Chapter 28, "Oracle Virtual Directory"
17
Oracle Access Manager
17
This chapter describes issues associated with Oracle Access Manager 11g Release 1
(11.1.1). It includes the following topics:
■
Section 17.1, "Patch Requirements"
■
Section 17.2, "General Issues and Workarounds"
■
Section 17.3, "Configuration Issues and Workarounds"
■
Section 17.4, "Oracle Security Token Service Issues and Workarounds"
■
Section 17.5, "Integration and Inter-operability Issues and Workarounds"
■
Section 17.6, "Oracle Access Manager with Impersonation Workarounds"
■
Section 17.7, "Documentation Errata"
17.1 Patch Requirements
This section describes patch requirements for Oracle Access Manager 11g Release 1
(11.1.1). It includes the following sections:
■
Section 17.1.1, "Plain Text Credentials Exposed in Diagnostic Logs when Creating
an Identity Store"
See Also:
■
Oracle Technology Network for details about the latest supported
versions and platforms:
http://www.oracle.com/technetwork/middleware/ias/downl
oads/fusion-certification-100350.html
■
■
Oracle Fusion Middleware Patching Guide for details about the latest
patch set
My Oracle Support at the following URL for the latest Oracle
Access Manager 11g Release 1 (11.1.1) bundle patches and related
release notes:
https://support.oracle.com/
17.1.1 Plain Text Credentials Exposed in Diagnostic Logs when Creating an Identity
Store
To work around this issue:
1.
Go to My Oracle Support at
Oracle Access Manager 17-1
General Issues and Workarounds
http://support.oracle.com
2.
Click the Patches & Updates tab, and search for bug 9824531.Download the
associated patch and install it by following the instructions in the README file
included with the patch.
3.
On the Patches & Updates tab, search for bug 9882205. Download the associated
patch and install it by following the instructions in the README file included with
the patch.
17.2 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topic:
■
Section 17.2.1, "Replacing oamreg Scripts with Remote Registration Home."
■
Section 17.2.2, "Incorrect SSO Agent Date/Time Shown to User"
■
Section 17.2.3, "The oamreg.sh File Missing Execute Permission After Configuring"
■
■
■
■
■
■
Section 17.2.4, "Initial Messages After Webgate Registration Are Not Shown in the
User's Locale"
Section 17.2.5, "Error While Browsing Resources Table in the Resource Type Tab"
Section 17.2.6, "Single-Click to Open Child Node is Not Supported in the
Navigation Tree"
Section 17.2.7, "User Credential for Registration Tool Does Not Support
Non-ASCII Characters on Native Server Locale"
Section 17.2.8, "Turkish and Greek Character Issues on Oracle Access Manager
Authentication Page"
Section 17.2.9, "Oracle Access Manager Authentication Does Not Support
Non-ASCII Passwords on Locales Other than UTF8"
■
Section 17.2.10, "Error Message of Create Agent Shows as Server Locale"
■
Section 17.2.11, "Referrals in LDAP Searches"
■
■
■
■
■
■
■
■
■
Section 17.2.12, "Diagnostic Information Is Not Being Displayed on the
Administration Console"
Section 17.2.13, "Non-ASCII Resources Require OHS To Restart To Make
Protection Take Effect"
Section 17.2.14, "Non-ASCII Characters on Success/Failure URL Results in
Garbled Redirect URL"
Section 17.2.15, "Resource with Non-ASCII Characters Cannot Be Protected by an
OSSO Agent"
Section 17.2.16, "Error in Administration Server Log from Console Logins"
Section 17.2.17, "Translation Packages Use the Term, Agents, Instead of
WebGates."
Section 17.2.18, "Application Domain Subtree in the Navigation Tree Is Not
Rendered and Does Not Respond to User Actions"
Section 17.2.19, "Error in the "Evaluate Single Sign-On Requirements" Help Topic"
Section 17.2.20, "editWebgateAgent Command Does Not Give An Error If Invalid
Value is Entered"
17-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
■
■
Section 17.2.21, "WLST Command displayWebgate11gAgent In Offline Mode
Displays the Webgate Agent Entry Twice"
Section 17.2.22, "Message Logged at Error Level Instead of at INFO When Servers
in Cluster Start"
■
Section 17.2.23, "Help Is Not Available for WLST Command registeroifdappartner"
■
Section 17.2.24, "User Must Click Continue to Advance in Authentication Flow"
■
Section 17.2.25, "After Remote Registration: Click Refresh Domain Twice to
Display Changes."
■
Section 17.2.26, "OCSP-Related Fields are Not Mandatory"
■
Section 17.2.27, "Database Node is Absent in the Console"
■
Section 17.2.28, "Online Help Provided Might Not Be Up To Date"
■
■
■
■
■
■
■
■
■
Section 17.2.29, "Agent Key Password Should Be Mandatory for Both the Console
and Remote Registration Tool in Cert Mode."
Section 17.2.30, "Oracle Access Manager Audit Report
AUTHENTICATIONFROMIPBYUSER Throws a FROM Keyword Not Found
Where Expected Error."
Section 17.2.31, "Disabled: Custom Resource Types Cannot be Created"
Section 17.2.32, "Oracle Access Manager IAMSuiteAgent Provides SSO to Most
IDM domain consoles."
Section 17.2.33, "Use of a Non-ASCII Name for a Webgate Might Impact SSO
Redirection Flows"
Section 17.2.34, "Authentication Module Lists Non-Primary Identity Stores"
Section 17.2.35, "Unable to Stop and Start OAM Server Through Identity and
Access Node in Fusion Middleware Control."
Section 17.2.36, "ADF Applications Using ADF Security Fail to Work in Oracle
Access Manager 11g."
Section 17.2.37, "Changing UserIdentityStore1 Type Can Lock Out
Administrators."
■
Section 17.2.38, "Page Layouts and Locales."
■
Section 17.2.39, "Some Pages Are Not Correctly Localized."
■
Section 17.2.40, "Non-ASCII Query String Issues with Internet Explorer v 7, 8, 9."
■
Section 17.2.41, "Oracle Virtual Directory with SSL Enabled."
■
Section 17.2.42, "Query String Not Properly Encoded."
17.2.1 Replacing oamreg Scripts with Remote Registration Home
IM_ORACLE_HOME/oam/server/rreg/bin contains the scripts (oamreg.bat and
oamreg.sh) for performing remote registration. Prior to execution, the scripts need to
be edited to point the attribute OAM_REG_HOME to the absolute file location for RREG
HOME.
RREG_HOME will be one directory above where the scripts exist.
For example,
If IM_ORACLE_HOME in a particular Linux environment is:
Oracle Access Manager 17-3
General Issues and Workarounds
MW_HOME/Oracle_IDM
The entry for the attribute OAM_REG_HOME in oamreg.sh will be:
export OAM_REG_HOME=MW_HOME/Oracle_IDM/oam/server/rreg
17.2.2 Incorrect SSO Agent Date/Time Shown to User
The default start date on the Create OAM Agent page is based on the Oracle Access
Manager server date/time. The date/time shown to the end user is based on the
Oracle Access Manager server time zone rather than on the user's machine.
17.2.3 The oamreg.sh File Missing Execute Permission After Configuring
Out of the box, execute permissions are not set for the oamreg.sh and oamreg.bat
files in the Oracle Access Manager install location. Before you perform remote
registration (rreg), you need to set the execute permissions on the scripts by using the
following commands:
chmod +x oamreg.sh
OR
chmod +x oamreg.bat
Then, you can proceed with the regular remote registration steps.
17.2.4 Initial Messages After Webgate Registration Are Not Shown in the User's Locale
After Webgate registration, the description fields in the initial messages for related
components are not shown in the user's locale.
The description field does not support Multilingual Support (MLS).
17.2.5 Error While Browsing Resources Table in the Resource Type Tab
While browsing across the Resources table in the Resource Type tab, the following
error message is displayed:
<Error> <oracle.adfinternal.view.faces.model.binding.CurrencyRowKeySet>
<BEA-000000> <ADFv: Rowkey does not have any primary key attributes. Rowkey:
oracle.jbo.Key[], table: model.ResTypeVOImpl@620289.>
This message is harmless and does not hinder any functionality.
17.2.6 Single-Click to Open Child Node is Not Supported in the Navigation Tree
Single-click to open a child node in the navigation tree is not supported, but
double-click is supported.
17.2.7 User Credential for Registration Tool Does Not Support Non-ASCII Characters
on Native Server Locale
The user credential for the Oracle Access Manager registration tool
oamreg.sh/oamreg.bat does not support non-ASCII characters on the Linux
Non-UTF8 server locale and the Windows native server.
17-4 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
17.2.8 Turkish and Greek Character Issues on Oracle Access Manager Authentication
Page
In some cases if a user has Turkish, German, or Greek special characters in the user
name and the login name only differs in the special characters, he might pass
authentication because of case mappings and case-insensitivity.
Some internationalization characters should have special capitalization rule so that
characters do not convert back to the lower case.
For example, there is the case with SS and ß in German, where ß only exists as a lower
case character. When performing "to Upper" against ß, ß will be changed to SS. And if
the upper case text is then converted back to lower case, the SS becomes ss and not the
original ß.
17.2.9 Oracle Access Manager Authentication Does Not Support Non-ASCII Passwords
on Locales Other than UTF8
When the server locale is not UTF-8 and using WebLogic Server embedded LDAP as
an identity store, the SSO Authentication page does not support Non-ASCII
passwords.
17.2.10 Error Message of Create Agent Shows as Server Locale
When an administrator creates an agent with the same name as one that already exists,
the language of the error message displayed is based on the server locale rather than
on the browser locale.
17.2.11 Referrals in LDAP Searches
Oracle Access Manager 11g Release 1 (11.1.1) cannot operate directly with LDAP
servers returning referrals.
The workaround is to use Oracle Virtual Directory.
17.2.12 Diagnostic Information Is Not Being Displayed on the Administration Console
Diagnostic information is not displayed in the Oracle Access Manager Console for
monitoring Agents when one or more nodes of the cluster are down.
This information can be retrieved using the Oracle Dynamic Monitoring Service
(DMS). The steps are as follows:
1.
Using WebLogic credentials, log in to the DMS application
http://<adminserver-host>:<adminserver-port>/dms
2.
On the navigation tree, click OAMS.OAM_Server.OAM_Agents under the DMS
Metrics node.
17.2.13 Non-ASCII Resources Require OHS To Restart To Make Protection Take Effect
When you add a resource with a non-ASCII name to the protected authentication
policy, it will require the 11g OHS Server to restart to make the protection take effect,
whereas in adding resources with English characters, protection takes effect in real
time without having to restarting the OHS Server.
Oracle Access Manager 17-5
General Issues and Workarounds
17.2.14 Non-ASCII Characters on Success/Failure URL Results in Garbled Redirect
URL
If an on success or on failure URL configured for an authentication policy contains
non-ASCII characters in the URL specified, then the URL specified will be garbled
when it is used during a user authentication. This will happen only when the
authentication scheme is Basic Authentication and the end user's browser is the
Simplified Chinese version of IE8 running on the Chinese version of Windows.
17.2.15 Resource with Non-ASCII Characters Cannot Be Protected by an OSSO Agent
The OSSO Agent cannot protect a resource because it does not encode the entire
resource URL to UTF-8 format.
To work around this issue, use the Webgate Agent instead of the SSO Agent.
Webgate is able to convert the entire resource URL to UTF-8 format.
17.2.16 Error in Administration Server Log from Console Logins
If you log in to the Oracle Access Manager Console as an administrator and then log in
to the Console as an administrator in a new browser tab, the following error appears
in the administration logs:
-----------------------------------------------------------<May 20, 2010 10:12:47 AM PDT> <Error>
<oracle.adfinternal.view.page.editor.utils.ReflectionUtility> <WCS-16178>
<Error instantiating class oracle.adfdtinternal.view.faces.portlet.PortletDefinitionDTFactory>
------------------------------------------------------------
The error message does not impact functionality.
17.2.17 Translation Packages Use the Term, Agents, Instead of WebGates
The term Agents has been changed to WebGates.
The issue is that because of this late change, the translation packages are not updated
and will continue to use the term, Agents, instead of the preferred term, WebGates.
17.2.18 Application Domain Subtree in the Navigation Tree Is Not Rendered and Does
Not Respond to User Actions
If the Application Domain subtree on the navigation tree does not render or respond
to user interface actions over a period of time, it may be the result of multiple
refreshes.
To work around these issues, restart the administration server and log in to the Oracle
Access Manager Console again.
17.2.19 Error in the "Evaluate Single Sign-On Requirements" Help Topic
In the help topic, "Evaluate Single Sign-On Requirements," "Configuring Single Logout
for 10g Webgate with OAM 11g Servers" was listed twice under "Review steps to
configure single sign-off."
The English version has been corrected to read:
"Step 7 Review steps to configure single sign-off
17-6 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
■
Configuring Single Logout for 10g Webgate with OAM 11g Servers. More.
■
Configuring Single Logout for 11g Webgate with OAM 11g Servers. More.
■
Configuring Single Logout for Oracle ADF Applications. More
The translated version will be fixed.
17.2.20 editWebgateAgent Command Does Not Give An Error If Invalid Value is Entered
The WLST command editWebgateAgent does not give an error when a invalid
value is entered for the state field in both online and offline mode. The Oracle Access
Manager Console does show the state field value as neither enabled nor disabled,
though it is a mandatory field.
17.2.21 WLST Command displayWebgate11gAgent In Offline Mode Displays the
Webgate Agent Entry Twice
In the offline mode, the WLST command, displayWebgate11gAgent, displays the
11g Webgate Agent entry in the System Configuration tab twice.
17.2.22 Message Logged at Error Level Instead of at INFO When Servers in Cluster
Start
When starting Oracle Access Manager servers in a cluster, the following message is
displayed:
<Jun 22, 2010 3:59:41 AM PDT> <Error> <oracle.jps.authorization.provider.pd>
<JPS-10774> <arme can not find state.chk file.>
The correct level of the message is INFO, rather than Error.
17.2.23 Help Is Not Available for WLST Command registeroifdappartner
The Help command is not available for the WLST command,
registeroifdappartner.
The online and offline command registers Oracle Identity Federation as a Delegated
Authentication Protocol (DAP) Partner.
For information, refer to "registerOIFDAPPartner" in the Oracle Fusion Middleware
WebLogic Scripting Tool Command Reference.
Syntax
registerOIFDAPPartner(keystoreLocation="/scratch/keystore"
logoutURL="http://<oifhost>:<oifport>/fed/user/sploosso?doneURL=
http://<oamhost>:< oam port>/ngam/server/pages/logout.jsp",
rolloverTime="526")
Parameter Name
Definition
keystoreLocation
Location of the Keystore file. The file generated at the OIF Server. (mandatory)
logoutURL
The OIF Server's logout URL. <mandatory>
rolloverInterval
The Rollover Interval for the keys used to enc/decrypt SASSO Tokens (optional)
Oracle Access Manager 17-7
General Issues and Workarounds
Example
The following invocation illustrates use of all parameters.
registerOIFDAPPartner(keystoreLocation="/scratch/keystore",
logoutURL="http://<oifhost>:<oifport>/fed/user/sploosso?doneURL=http://<oamhost>:
<oam port>/ngam/server/pages/logout.jsp", rolloverTime="526")
17.2.24 User Must Click Continue to Advance in Authentication Flow
In a native integration with Oracle Adaptive Access Manager, the resource is protected
by an Oracle Access Manager policy that uses the Basic Oracle Adaptive Access
Manager authentication scheme.
When a user tries to access a resource, he is presented with the username page.
After he enters his username, he must click Continue before he can proceed to the
password page. He is not taken to this page automatically.
The workaround is for the user to click Continue, which might allow him to proceed
to the password page.
17.2.25 After Remote Registration: Click Refresh Domain Twice to Display Changes
After performing rreg (through the console/rreg scripts), the user must click the
Refresh button twice on the Policy Configuration tab for any policy-related changes to
be visible.
17.2.26 OCSP-Related Fields are Not Mandatory
In the X509 authentication modules, the following OCSP-related fields are no longer
mandatory:
■
OCSP Server Alias
■
OCSP Responder URL
■
OCSP Responder Timeout
If OCSP is enabled
The OCSP-related fields should be filled in by the administrator. If they are not filled,
there will not be an error from the Console side.
It is the responsibility of the administrator to provide these values.
If OCSP is not enabled
The OCSP-related fields need not be filled in this case. If there are values for these
fields, they will be of no consequence/significance, as OCSP itself is not enabled.
In the default out of the box configuration, the OCSP responder URL is
http://ocspresponderhost:port. If you make changes to other fields and leave
this as is, you will see a validation error, since this value is still submitted to the back
end and at the Console, the layer port should be a numeric field. You can either
modify the field, with the port being a numeric field or delete the entire value.
17.2.27 Database Node is Absent in the Console
Under the Data Sources node of the System Configuration tab, Common
Configuration section, there is no Databases node in Oracle Access Manager 11g
(11.1.1.5).
17-8 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
17.2.28 Online Help Provided Might Not Be Up To Date
Online help is available in the Oracle Access Manager Console, but you should check
OTN to ensure you have the latest information.
17.2.29 Agent Key Password Should Be Mandatory for Both the Console and Remote
Registration Tool in Cert Mode
Providing the Agent Key Password during registration should be mandatory for both
the Oracle Access Manager Console and the Remote Registration tool. Currently it is
mandatory for one and not the other.
When registering the 11g Webgate in cert mode through the remote registration tool,
the Agent Key Password must be provided. If it is not, the password for cert
mode cannot be null. Please enter the valid password message is
shown.
The Agent Key Password is not mandatory when registering the 11g Webgate in cert
mode through the Oracle Access Manager Console. The password.xml is generated
regardless of whether the Agent Key Password is provided or not.
17.2.30 Oracle Access Manager Audit Report AUTHENTICATIONFROMIPBYUSER
Throws a FROM Keyword Not Found Where Expected Error
The Oracle Access Manager audit report AuthenticationFromIPByUser uses an Oracle
Database 11.2.0 feature and will not work with older versions of database. The
following error is displayed if an older version is used:
ORA-00923: FROM keyword not found where expected
17.2.31 Disabled: Custom Resource Types Cannot be Created
For Oracle Access Manager 11g, creating custom resource types should not be
attempted. In the initial release, the buttons to create/edit/delete resource types were
available.
With Oracle Access Manager 11g (11.1.1.5) these command buttons are disabled.
Oracle provided resource types include:
■
HTTP (includes HTTPS)
■
TokenServiceRP (Resources for representing Token Service Relying Party)
■
wl_authen (Resources for representing WebLogic Authentication schemes)
17.2.32 Oracle Access Manager IAMSuiteAgent Provides SSO to Most IDM domain
consoles
The Oracle Access Manager IAMSuiteAgent replaces IDM Domain Agent and IAM
Suite replaces IDMDomainAgent Application Domain.
IAMSuiteAgent provides Single-Sign On for the IDM domain consoles including the
Oracle Identity Manager, Oracle Adaptive Access Manager and other Identity
Management servers created during domain creation. It excludes Single-Sign On
protection for Fusion Middleware Control and the WebLogic Server Administration
Console.
Oracle Access Manager 17-9
General Issues and Workarounds
17.2.33 Use of a Non-ASCII Name for a Webgate Might Impact SSO Redirection Flows
When using the OAM Server with WebGates and when the Webgate ID is registered
with a non-ASCII name, the OAM Server may reject that authentication redirect as an
invalid request.
To work around this redirection issue, use an ASCII name for the Webgate.
Resources are protected and error messages do not occur
when the administration server and oracle access servers are started
on UTF-8 locales.
Note:
The redirection issue only occurs on native server locales (Windows
and Non-UTF8 Linux server locales)
17.2.34 Authentication Module Lists Non-Primary Identity Stores
In the user interface under the Authentication Module, only the primary identity store
should be selected in the list since only primary identity stores can be used for
authentication/authorization. Currently, the Oracle Access Manager Console allows
you to select identity stores that are not primary.
17.2.35 Unable to Stop and Start OAM Server Through Identity and Access Node in
Fusion Middleware Control
The following Oracle Access Manager operations are not supported through using the
oam_server node under Identity and Access in Fusion Middleware Control:
■
Start up
■
Shut down
■
View Log Messages
However, these operations are supported per the Oracle Access Manager managed
server instance through using the oam_server node (for the specific server) under
Application Deployments in Fusion Middleware Control.
17.2.36 ADF Applications Using ADF Security Fail to Work in Oracle Access Manager
11g
Due to a bug, when accessing a protected resource (protected by 11g Webgate) with
query parameters containing encoded URL strings, an error is displayed in browser:
Action failed. Please try again
17.2.37 Changing UserIdentityStore1 Type Can Lock Out Administrators
An Identity Store that is designated as the System Store should not be edited to change
the store type (from Embedded LDAP to OID, for instance) nor the connection URLs.
If you do need to change the Identity Store that is designated as the System Store
should not be edited to change the store type, Oracle recommends that you create a
new Identity Store and then edit that registration to mark it as your System Store.
17-10 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
17.2.38 Page Layouts and Locales
The layout of the single sign-on (SSO) Login Page, Impersonation Consent page,
Logout Page, Impersonation Error page, and Login Error Page do not change for
Arabic and Hebrew locales.
17.2.39 Some Pages Are Not Correctly Localized
The date formats of "Creation Instant" and "Last Access Time" on the Session
Management Search page are not correctly localized.
17.2.40 Non-ASCII Query String Issues with Internet Explorer v 7, 8, 9
Due to a limitation with the Internet Explorer browser, resources with Non-ASCII
query string when if you directly type or paste the resource URL.
17.2.41 Oracle Virtual Directory with SSL Enabled
With Oracle Virtual Directory as the user identity store, no errors are seen after
changing its registration to use the SSL port, checking the SSL box, and testing the
connection (Test Connection button). However, authentication fails (even though
non-SSL port is fine). The first time Test Connection goes through and any subsequent
time it results in Socket Timeout exception from the Oracle Virtual Directory side.
Workaround: Disable NIO for the SSL port as follows:
1.
Stop Oracle Virtual Directory. For example:
$ORACLE_INSTANCE/bin/opmnctl stopproc ias-component=ovd1
2.
Edit the a LDAP SSL listener section of listener.os_xml to add
<useNIO>false</useNIO>, as follows:
$ORACLE_INSTANCE/config/OVD/ovd1/listener.os_xml
<ldap version="20" id="LDAP SSL Endpoint">
<port>7501</port>
<host>0.0.0.0</host>
.........
.........
<tcpNoDelay>true</tcpNoDelay>
<readTimeout>180000</readTimeout>
</socketOptions>
<useNIO>false</useNIO>
</ldap>
3.
Save the file.
4.
Test the connection several times to confirm this is working.
17.2.42 Query String Not Properly Encoded
There is no encoding on the query string from Webgate when % is not followed by a
sequence of characters that form a valid URL escape sequence. In this case, Oracle
Access Manager etains % as % in the decoded string and the following error occurs:
No message for The Access Server has returned a status that is unknown to the
Access Gate .Contact your website administrator to remedy this problem.
Workaround:
Oracle Access Manager 17-11
Configuration Issues and Workarounds
11g Webgate: To specify the '%' character in a query string, you must specify '%25'
instead of '%'.
10g Webgate: The 11g Webgate workaround applies to only the anonymous scheme.
For other authentication schemes, there is currently no workaround.
17.3 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
■
■
■
Section 17.3.1, "For mod-osso Value for RedirectMethod Should be "POST""
Section 17.3.2, "User Wrongly Directed to the Self-User Login after Logging Out of
the Oracle Identity Manager Administration Console"
Section 17.3.3, "11g Webgate Fails to Install with Compact Configuration."
Section 17.3.4, "Auditing Does Not Capture the Information Related to
Authentication Failures if a Resource is Protected Using Basic Authentication
Scheme"
■
Section 17.3.5, "Incompatible Msvcirt.dll Files"
■
Section 17.3.6, "IPv6 Support"
■
Section 17.3.7, "What to Avoid or Note in Oracle Access Manager Configuration"
■
■
■
■
■
Section 17.3.8, "Install Guides Do Not Include Centralized Logout Configuration
Steps"
Section 17.3.9, "NULL Pointer Exception Shown in Administration Server Console
During Upgrade."
Section 17.3.10, "Using Access SDK Version 10.1.4.3.0 with Oracle Access Manager
11g Servers."
Section 17.3.11, "Finding and Deleting Sessions Using the Console."
Section 17.3.12, "Non-ASCII Users with Resource Protected by Kerberos
Authentication Scheme."
17.3.1 For mod-osso Value for RedirectMethod Should be "POST"
For Webgate to support long URLs, the following code sample was added under
oam-config.xml:
<Setting Name="AgentConfig" Type="htf:map">
<Setting Name="OSSO" Type="htf:map">
<Setting Name="RedirectMethod"Type="xsd:string">GET</Setting>
<Setting Name="Delimiter" Type="xsd:string">AND</Setting>
</Setting>
For mod-osso, the value for RedirectMethod should be POST, however, the values
shipped out of the box is GET. Follow these steps to perform the modification, as this
change needs to be performed manually and there is no user interface or WLST
commands available to do so.
1.
Stop the Oracle Access Manager Console and managed servers.
2.
Enter cd DOMAIN_HOME/config/fmwconfig
3.
Enter vi oam-config.xml
17-12 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
4.
Go to the following line in oam-config.xml:
<Setting Name="AgentConfig" Type="htf:map">
<Setting Name="OSSO" Type="htf:map">
<Setting Name="RedirectMethod"Type="xsd:string">GET</Setting>
Modify GET to POST as follows:
<Setting Name="RedirectMethod"Type="xsd:string">POST</Setting>
5.
Save the changes and start the AdminServer and managed servers.
17.3.2 User Wrongly Directed to the Self-User Login after Logging Out of the Oracle
Identity Manager Administration Console
The user is directed to the self-user login after logging out of the Oracle Identity
Manager Administration Console.
To be redirected correctly, the logout must work properly.
The workaround for logout with 10g Webgate is to:
1.
Copy logout.html (for example, from Oracle_
IDM1/oam/server/oamsso/logout.html) to webgate_install_
dir/oamsso.
2.
Update logout URL in the file to http://oam_server:oam_
server/ngam/server/logout.
3.
If redirection to specific page has to occur after logout, change the logout URL to
http://oam_server:oam_
server/ngam/server/logout?doneURL=http://host:port/specifipag
e.html.
17.3.3 11g Webgate Fails to Install with Compact Configuration
A compact configuration is an installation with all identity management components
on a machine with limited hardware capacity.
On trying to install the 11g Webgate with compact configuration, the following error
occurs during the configure step:
Configuring WebGate...
There is an error. Please try again.
Preparing to connect to Access Server. Please wait.
Client authentication failed, please verify your WebGate ID.
cp: cannot stat
`$ORACLE_HOME/ohs/conf/aaa_key.pem':
No such file or directory
cp: cannot stat
`$ORACLE_HOME/ohs/conf/aaa_cert.pem':
No such file or directory
cp: cannot stat
`$ORACLE_HOME/ohs/conf/aaa_chain.pem':
The error occurs because the following entries were not initialized in
oam-config.xml during the installation:
<Setting Name="oamproxy" Type="htf:map">
<Setting Name="sslGlobalPassphrase" Type="xsd:string">changeit</Setting>
<Setting Name="SharedSecret" Type="xsd:string">1234567812345678</Setting>
</Setting>
Oracle Access Manager 17-13
Configuration Issues and Workarounds
To initialize oam-config.xml properly:
1.
Delete the OAM entry from CSF repository by performing the following steps:
a.
Start the WebLogic Scripting Tool:
oracle_common/oracle_common/common/bin/wlst.sh
b.
In the WLST shell, enter the command to connect to the domain and then
enter the requested information.
A sample is given below.
wls:/offline> connect ()
Please enter your username [weblogic] :
Please enter your password [welcome1] :
Please enter your server URL [t3://localhost:7001] :
Connecting to t3://localhost:7001 with userid weblogic ...
Successfully connected to Admin Server 'AdminServer' that belongs to domain
'imdomain86'.
c.
Change to domainRuntime.
A sample is given below.
wls:/imdomain86/serverConfig> domainRuntime ()
Location changed to domainRuntime tree. This is a read-only tree with
DomainMBean as the root.
d.
Check whether an entry exists in the CSF repository with the map name as
OAM and key as jks.
A sample is given below.
wls:/imdomain86/domainRuntime> listCred(map="OAM_STORE",key="jks")
{map=OAM_STORE, key=jks}
Already in Domain Runtime Tree
.
[Name : jks, Description : null, expiry Date : null]
PASSWORD:1qaldrk3eoulhlcmfcqasufgj2
.
e.
Delete the OAM map entry from the CSF repository.
wls:/imdomain86/domainRuntime> deleteCred(map="OAM_STORE",key="jks")
{map=OAM_STORE, key=jks}
Already in Domain Runtime Tree
.
f.
Exit from wlst shell.
A sample is given below.
wls:/imdomain86/domainRuntime> exit ()
.
.
.
2.
Go to DOMAIN_HOME/config/fmwconfig and delete the file .oamkeystore.
A sample [on linux] is given below.
[aime@pdrac09-5 fmwconfig]$ rm .oamkeystore
.
3.
Stop the Managed Server and Admin Server.
4.
Start the AdminServer.
17-14 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
5.
Verify oam-config.xml.
6.
Start Managed Server.
Steps to verify oam-config.xml:
1.
Go to DOMAIN_HOME/config/fmwconfig/oam-config.xml.
2.
Verify that all the WebLogic Server server instances are configured under
DeployedComponent > Server > NGAMServer > Instance
3.
Verify that the OAM Managed Server protocol, host and port are available at:
DeployedComponent > Server > NGAMServer > Profile > OAMServerProfile >
OAMSERVER
4.
Verify that the SSO CipherKey is generated and available at:
DeployedComponent > Server > NGAMServer > Profile > ssoengine >
CipherKey
5.
Verify that the oamproxy entries for SharedSecret and
sslGlobalPassphrase is generated and available at:
DeployedComponent > Server > NGAMServer > Profile > oamproxy
SharedSecret should have a value different from 1234567812345678 and
sslGlobalPassphrase different from changeit.
17.3.4 Auditing Does Not Capture the Information Related to Authentication Failures if
a Resource is Protected Using Basic Authentication Scheme
Although a resource can be protected using the BASIC scheme, the WebLogic server
has a feature by which it first authenticates the user and then sends it to the server.
If you add the following flag under <security-configuration> in config.xml
and restart the server, you will be able to bypass WebLogic server's authentication
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic
-auth-credentials>. Once the credentials are submitted back to the OAM Server,
it will be audited.
The WebLogic Server Administration Console does not display or log the
enforce-valid-basic-auth-credentials setting. However, you can use WLST
to check the value in a running server. You must modify this value by setting this in
config.xml.
To do so, refer to the following documentation:
"Developing Secure Web Applications" at:
http://download.oracle.com/docs/cd/E13222_
01/wls/docs103/security/thin_client.html#wp1037337
17.3.5 Incompatible Msvcirt.dll Files
When you install the Oracle Access Manager 10g Webgate, do not replace the current
version of msvcirt.dll with a newer version when prompted. If you do so, there
may be incompatibility issues. Later, when you try to install OSSO 10g (10.1.4.3), the
opmn.exe command might fail to start and the OracleCSService might time out
because the required .dll file is missing.
Oracle Access Manager 17-15
Configuration Issues and Workarounds
17.3.6 IPv6 Support
The supported topology for Oracle Access Manager 11g is shown below.
Supported Topology
■
WebGate10g or Webgate 11g and protected applications on IPv4 (Internet Protocol
Version 4) protocol host
■
OHS (Oracle HTTP Server) reverse proxy on dual-stack host
■
Client on IPv6 (Internet Protocol Version 6) protocol host
Dual-stack is the presence of two Internet Protocol software implementations in an
operating system, one for IPv4 and another for IPv6.
The IPv6 client can access Webgate (10g or 11g) through the reverse proxy on
IPv4/IPv6 dual-stack.
17.3.7 What to Avoid or Note in Oracle Access Manager Configuration
This section contains scenarios and items to note in Oracle Access Manager
Configuration
17.3.7.1 Unsupported Operations for WLST Scripts
WLST scripts for Oracle Access Manager 10g and Oracle Access Manager 11g
WebGates do not support changing Agent security modes.
17.3.7.2 Unsupported Operations for Oracle Access Manager Console and WLST
Unsupported operations for the Oracle Access Manager Console and WLST are
described in the following subsections.
17.3.7.2.1
OAM Server
Use Case: Concurrent Deletion and Updating
Description
1.
Open an OAM Server instance in edit mode in Browser 1.
2.
Using the Oracle Access Manager Console in another browser (Browser 2) or using
a WLST script, delete this server instance.
3.
Return to Browser 1 where the server instance is opened in edit mode.
4.
In Browser 1, click the Apply button.
Current Behavior
The Oracle Access Manager Console displays the message, "Server instance server_
name might be in use, are you sure you want to edit it?" along with the confirmation
that the update succeeded.
On clicking Yes, the following error message pops up, as expected, and the OAM
Server instance page is closed (correct behavior):
"Error while reading your_server-name OAM Server Instance Configuration."
However, the navigation tree node might continue to display the OAM Server instance
until you click the Refresh command button for the navigation tree.
17-16 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
Use Case: Two OAM Server Instances with Same Host Cannot have the Same
Proxy Port.
Description
For this use case, there are two instances of the OAM Server: oam_server1 and oam_
server2.
1.
Open oam_server1 in edit mode and specify a host and OAM proxy port.
2.
Now open oam_server2 in edit mode and specify the same host and proxy port as
oam_server1.
The changes are saved without any error message.
Current Behavior
The Oracle Access Manager Console does not display any error and allows the update.
The behavior is incorrect.
Use Case: Log Statements Detailing the Server Instance Creation, Update and
Delete are not Present on the Oracle Access Manager Console
Description
If you create, edit, or delete an OAM Server instance from the Oracle Access Manager
Console, the log statements corresponding to create, edit and delete are not displayed
by the Console.
17.3.7.2.2
LDAP Authentication Module:
Use Case: Concurrent Deletion/Creation of User Identity Store does not Reflect
in the List of Identity Stores in the LDAP Authentication Module Create and Edit
Description
1.
Open create/ edit for the LDAP authentication module.
A list displays the identity stores present in the system.
2.
Now create a user identity store using another tab.
3.
Return to the create/edit tab for the LDAP authentication module and check the
list for user identity stores.
Current Behavior
The Oracle Access Manager Console displays the error message, as expected, and
closes the Authentication Module page (correct behavior):
"Error while reading module-name Authentication Module Configuration."
However, the navigation tree node might continue to display the Authentication
Module node until you click the Refresh command button for the navigation tree.
17.3.7.2.3
LDAP, Kerberos and X509 Authentication Module
Use Case: Concurrent deletion and updating
Description
1.
Open an LDAP/Kerberos/X509 authentication module in edit mode in Oracle
Access Manager Console in Browser 1.
Oracle Access Manager 17-17
Configuration Issues and Workarounds
2.
Using Oracle Access Manager Console in another browser (Browser 2) or using a
WLST script, delete this authentication module.
3.
Now return to Browser 1 where the authentication module is opened in edit mode.
4.
Click the Apply button.
Current Behavior
The Oracle Access Manager Console updates this authentication module configuration
and writes it to back end.
The behavior is incorrect.
Use Case: Log Statements Detailing the Server Instance Creation, Update and
Delete are Not present on Oracle Access Manager Console side.
Description
When you create, edit or delete an authentication module from Oracle Access Manager
Console, the log statements corresponding to create, edit and delete are not written by
the Console.
17.3.7.2.4
OAM 11G Webgate
Use Case: Concurrent Deletion and Update
Description
1.
Open an OAM 11g Webgate instance in edit mode in Oracle Access Manager
Console in Browser 1.
2.
Using the Oracle Access Manager Console in another browser (Browser 2) or using
a WLST script, delete this OAM 11g Webgate.
3.
Now return to the Browser1 where the server instance is opened in edit mode.
4.
Click on the Apply button.
Current Behavior
The Oracle Access Manager Console for edit OAM11g Webgate does not change and
the tab does not close.
A OAM11g Webgate configuration not found error dialog is displayed by the Oracle
Access Manager Console.
However, the navigation tree is blank and attempts to perform any operation results in
a javax.faces.model.NoRowAvailableException".
The behavior is incorrect.
17.3.7.2.5
OSSO Agent
Use Case: Concurrent Deletion and Update
Description
1.
Open an OSSO Agent instance in edit mode in the Oracle Access Manager Console
in Browser 1.
2.
Using the Oracle Access Manager Console in another browser (Browser 2) or using
a WLST script, delete this OSSO Agent.
3.
Now return to the Browser 1 where the OSSO Agent instance is opened in edit
mode.
17-18 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
4.
Click on Apply button.
Current Behavior
Editing the OSSO Agent in the Oracle Access Manager Console results in a null
pointer exception.
The behavior is incorrect.
17.3.8 Install Guides Do Not Include Centralized Logout Configuration Steps
Single-Sign On is enabled after Oracle Access Manager is installed; to complete
configuration of Single-Sign On out of the box, centralized log out must be configured
post-install. Configure centralized log out by following direction from these sections:
■
Configuring Centralized Logout for ADF-Coded Applications with Oracle Access
Manager 11g
In order for the ADF logout to work correctly, Single Sign-On Server Patch
9824531 is required. Install this patch, as described in the readme file that is
included in the patch.
■
Configuring Centralized Logout for the IDM Domain Agent (in the patch set this
is now the IAMSuiteAgent)
17.3.9 NULL Pointer Exception Shown in Administration Server Console During
Upgrade
A NULL pointer exception occurs because of the configuration events trigger when the
identity store shuts down. The upgrade is successful, however, and error messages are
seen in administration server console. There is no loss of service.
If the NULL pointer is seen during upgrade, there is no loss of service, you can ignore
the error.
If the NULL pointer is seen during WLST command execution, you must restart the
administration server.
17.3.10 Using Access SDK Version 10.1.4.3.0 with Oracle Access Manager 11g Servers
In general, the Sun Microsystems JDK 1.4.x compiler is the JDK version used with the
Java interfaces of Access SDK Version 10.1.4.3.0.
As an exception, the Java interfaces of the 64-bit Access SDK Version 10.1.4.3.0,
specifically for the Linux operating system platform, requires the use of Sun
Microsystems JDK 1.5.x compiler.
The new Session Management Engine capability within Oracle Access Manager 11g
will create a session for every Access SDK version 10.1.4.3.0 call for authentication.
This may cause issues for customers that use Access SDK to programmatically
authenticate an automated process. The issue is the number of sessions in the system
that is generated within Access SDK will increase dramatically and cause high
memory consumption.
17.3.11 Finding and Deleting Sessions Using the Console
When session search criteria is generic (using just a wild card (*), for example), there is
a limitation on deleting a session from a large list of sessions.
Oracle Access Manager 17-19
Oracle Security Token Service Issues and Workarounds
Oracle recommends that your session search criteria is fine-grained enough to obtain a
relatively small set of results (ideally 20 or less).
17.3.12 Non-ASCII Users with Resource Protected by Kerberos Authentication Scheme
Non-ASCII users fail to access a resource protected by a Kerberos authentication
scheme using WNA as a challenge method.
The exception occurs when trying to get user details to populate the subject with the
user DN and GUID attributes.
17.4 Oracle Security Token Service Issues and Workarounds
This section provides the following topics:
■
Section 17.4.1, "No Warnings Given If Required Details are Omitted"
■
Section 17.4.2, "New Requester Pages, Internet Explorer v7, and Japanese Locale"
■
Section 17.4.3, "Delete Button Not Disabled When Tables Have No Rows"
■
Section 17.4.4, "Copying an Issuance Template Does Not Copy All Child Elements"
■
Section 17.4.5, "Apply and Revert Buttons are Enabled"
■
Section 17.4.6, "Only Generic Fault Errors Written to Oracle WSM Agent Logs"
■
Section 17.4.7, "Server and Client Key Tab Files Must be the Same Version"
■
Section 17.4.8, "Default Partner Profile Required for WS-Security"
■
Section 17.4.9, "SAML Token Issued When NameID is Not Found"
17.4.1 No Warnings Given If Required Details are Omitted
On the Token Mapping page of a new Validation Template with the following
characteristics:
■
WS-Security
■
Token Type SAML 1.1
■
Default Partner Profile: requester profile
No warnings are given:
■
If you check the box to Enable Attribute Based User Mapping if you leave empty
the required User Attributes field
A new row is not saved if the User Attribute field is empty. However, it is saved if
both fields are filled. Removing the value of the User Attribute field in a
user-added row causes the row to be deleted when you Apply changes
■
If you attempt to delete built-in Name Identifier Mapping rows
Built-in Name Identifier Mapping rows cannot be deleted.
17.4.2 New Requester Pages, Internet Explorer v7, and Japanese Locale
When using the Japanese Locale with Internet Explorer v7, the title "New Requester" is
not displayed in one line on the page. The Partner, Name, Partner Type, and Partner
Profile fields might wrap on the page.
17-20 Oracle Fusion Middleware Release Notes
Oracle Security Token Service Issues and Workarounds
This can occur whether you are creating or modifying the Partner (Requester, Relying
Party, and Issuing Authority).
17.4.3 Delete Button Not Disabled When Tables Have No Rows
The Delete button is enabled even though there are no rows to be deleted in the
following tables:
■
■
The Attribute Name Mapping table (Token and Attributes page for Partner
Profiles (Requester, Relying Party, Issuing Authority Profiles).
The Value Mapping table in Issuing Authority Partner Profiles
When there are no rows in a table, the Delete button should be disabled by default.
17.4.4 Copying an Issuance Template Does Not Copy All Child Elements
Issuance Template Copy Like function does not copy nested tables (attribute mapping
and filtering tables, and the custom token attribute table).
Workaround: Navigate to the desired Issuance Template, click the name in the
navigation tree and click the Copy Like button. Manually enter missing information
from the original: Attribute Mappings or custom attribute tables.
17.4.5 Apply and Revert Buttons are Enabled
The Apply and Revert buttons are enabled on Oracle Security Token Service pages
even if there are no changes to apply or saved changes to revert to the previous
version.
17.4.6 Only Generic Fault Errors Written to Oracle WSM Agent Logs
No content is written logs for the Oracle WSM agent errors. There is only a generic
fault error.
Workaround: Enable message logging for the Oracle WSM agent on the host OAM
Server.
1.
Locate the logging.xml file in $DOMAIN/config/fmwconfig/server/oam_
server1/logging.xml file.
2.
Change the WSM block of the logging.xml file, to:
<logger name="oracle.wsm" level="TRACE:32" useParentHandlers="false">
<handler name="odl-handler"/>
</logger>
<logger name="oracle.wsm.msg.logging" level="TRACE:32"
useParentHandlers="false">
<handler name="owsm-message-handler"/>
<handler name="wls-domain"/>
</logger>
3.
OSTS Policies: When Oracle Security Token Service policies are used (instead of
Oracle-provided WSM policies) perform the following steps:
a.
Locate: Oracle_IDM1/oam/server/policy
b.
Unjar sts-policies.jar.
c.
Change all the polices to set Enforced to true: META-INF/polices/sts.
Oracle Access Manager 17-21
Integration and Inter-operability Issues and Workarounds
<oralgp:Logging orawsp:name="Log Message1" orawsp:Silent="true
orawsp:Enforced="true" orawsp:category="security/logging">
<oralgp:msg-log>
<oralgp:request>all</oralgp:request>
<oralgp:response>all</oralgp:response>
<oralgp:fault>all</oralgp:fault>
</oralgp:msg-log>
</oralgp:Logging>
4.
Re-jar the updated sts-policies.jar.
5.
Restart the AdminServer and managed servers.
17.4.7 Server and Client Key Tab Files Must be the Same Version
An exception to authenticate the Kerberos token occurs if WebLogic 10.3.5 is
configured with Sun JDK6 greater than u18.
When using the Kerberos token as an authentication token requesting the security
token from Oracle Security Token Service:
■
■
The keytab file configured in the validation template should always be the latest
version from the KDC server
The KVNO should always be the latest that is available on the server:
17.4.8 Default Partner Profile Required for WS-Security
The Oracle Access Manager Access Administration Guide states "When you toggle the
Token Protocol from WS-Trust to WS-Security, options in the Token Type list do not
change. However, the required "Default Partner Profile" list appears from which you
must choose one profile for WS-Security."
Correction: When you toggle the Token Protocol from WS-Trust to WS-Security a
required field "Default Partner Profile" will appear. You must choose a value for this
field. If you again toggle back to WS-Trust without choosing a value for this field The
options in the Token Type list are not updated correctly to have the WS-Trust Token
Type values.
17.4.9 SAML Token Issued When NameID is Not Found
Rather than returning an error response, an assertion issued with an empty
NameIdentifier field can be issued even when the NameIdentifier user attribute has a
null or empty value. For example:
<saml:NameIdentifier
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"/>
Workaround: The "Name Identifier User Attribute" Field in the Issuance Template
requires a value for the Userstore.
17.5 Integration and Inter-operability Issues and Workarounds
This section provides the following topics:
■
Section 17.5.1, "WNA Authentication Does Not Function on Windows 2008"
■
Section 17.5.2, "JVM Plug-in Ignores Cookies Marked 'httponly'"
17-22 Oracle Fusion Middleware Release Notes
Oracle Access Manager with Impersonation Workarounds
17.5.1 WNA Authentication Does Not Function on Windows 2008
The default Kerberos encryption supported by Windows 2008 Server and Windows
2007 machines are "AES256-CTS-HMAC-SHA1-96", "AES128-CTS-HMAC-SHA1-96"
and "RC4-HMAC".
If the clients are configured to use DES only encryption, users will not be able to access
protected resources with Kerberos authentication. The error message, An incorrect
username and password was specified might be displayed.
Because the initial Kerberos tokens are not present, the browser sends NTLM tokens,
which the OAM Server does not recognize; therefore, the user authentication fails.
The workaround is to enable the encryption mechanisms, and follow the procedure
mentioned in:
http://technet.microsoft.com/en-us/library/dd560670%28WS.10%29.a
spx
17.5.2 JVM Plug-in Ignores Cookies Marked 'httponly'
Cookies set with the httponly flag are not available to Browser Side Scripts and Java
Applets. The JVM plugin ignores cookies marked 'httponly.'
To resolve the issue
1. In mod_sso.conf, disable the OssoHTTPOnly off parameter.
2.
Add the required OSSO cookies to the list of possible applet parameters to pass for
authentication.
17.6 Oracle Access Manager with Impersonation Workarounds
This section provides the following topics:
■
■
Section 17.6.1, "Impersonation Can Fail on Internet Explorer v 7, 8, 9"
Section 17.6.2, "With Oracle Access Manager 11g ORA_FUSION_PREFS Cookie
Domain is Three Dots"
17.6.1 Impersonation Can Fail on Internet Explorer v 7, 8, 9
Due to a limitation with the Internet Explorer browser, Impersonation can fail to go to
the Consent page when the Impersonatee's userid contains Non-ASCII characters.
Impersonation goes instead to the failure_url if you directly type or paste the starting
impersonation URL in the browser.
17.6.2 With Oracle Access Manager 11g ORA_FUSION_PREFS Cookie Domain is Three
Dots
With Oracle Access Manager 10g the ORA_FUSION_PREFS cookie domain used the
following form (2 dots):
10g Form .oracle.com
However, Oracle Access Manager 11g localized login accepts only the following
format for the ORA_FUSION_PREFS cookie domain (3 dots):
11g Form .us.oracle.com
Oracle Access Manager 17-23
Documentation Errata
For example, if the host name is gcsptf.us.oracle.com, Oracle Access Manager
11g creates a cookie with the domain name .us.oracle.com.
However, the application session creates a cookie with the domain name
.oracle.com, which causes inter-operability failure between Fusion Middleware
and the application session using this cookie.
Workaround: Update the FACookieDomain parameter to correspond to 11g
requirements, and increment the Version xsd:integer in the oam-config.xml, as
shown in this example:
1.
Back up DOMAIN_HOME/config/fmwconfig/oam-config.xml.
2.
Open the file for editing and pay close attention to your changes.
3.
Set FACookieDomain to your domain (with 3 dot separators):
<Setting Name="FAAppsConfig" Type="htf:map">
<Setting Name="FACookieDomain" Type="xsd:string">.us.oracle.com</Setting>
<Setting Name="FAAuthnLevel" Type="xsd:integer">2</Setting>
<Setting Name="consentPage" Type="xsd:string">/oam/pages/impconsent.jsp
</Setting>
</Setting>
4.
Configuration Version: Increment the Version xsd:integer as shown in the
next to last line of this example (existing value (26, here) + 1):
Example:
<Setting Name="Version" Type="xsd:integer">
<Setting xmlns="http://www.w3.org/2001/XMLSchema"
Name="NGAMConfiguration" Type="htf:map:>
<Setting Name="ProductRelease" Type="xsd:string">11.1.1.3</Setting>
<Setting Name="Version" Type="xsd:integer">26</Setting>
</Setting>
5.
Save oam-config.xml.
17.7 Documentation Errata
This section provides documentation errata for the following guides:
■
■
■
Section 17.7.1, "Oracle Fusion Middleware Administrator's Guide for Oracle
Access Manager with Oracle Security Token Service"
Section 17.7.2, "Oracle Fusion Middleware Developer's Guide for Oracle Access
Manager and Oracle Security Token Service"
Section 17.7.3, "Oracle Fusion Middleware Integration Guide for Oracle Access
Manager"
17.7.1 Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager
with Oracle Security Token Service
There is no documentation errata for this guide.
17.7.2 Oracle Fusion Middleware Developer's Guide for Oracle Access Manager and
Oracle Security Token Service
There is no documentation errata for this guide.
17-24 Oracle Fusion Middleware Release Notes
Documentation Errata
17.7.3 Oracle Fusion Middleware Integration Guide for Oracle Access Manager
There is no documentation errata for this guide.
Oracle Access Manager 17-25
Documentation Errata
17-26 Oracle Fusion Middleware Release Notes
18
Oracle Adaptive Access Manager
18
This chapter describes issues associated with Oracle Adaptive Access Manager. It
includes the following topics:
■
Section 18.1, "General User Interface"
■
Section 18.2, "Scheduler"
■
Section 18.3, "Policy Management"
■
Section 18.4, "Transactions"
■
Section 18.5, "OTP"
■
Section 18.6, "Proxy"
■
Section 18.7, "Integration"
■
Section 18.8, "Reports"
■
Section 18.9, "Export"
■
Section 18.10, "Globalization"
■
Section 18.11, "Configuration Issues and Workarounds"
■
Section 18.12, "Documentation Errata"
18.1 General User Interface
This section describes general user interface issues. It includes the following topics:
■
■
Section 18.1.1, "A Few Conditions in the Base Snapshot Are Not Translated"
Section 18.1.2, "Alert Trigger Sources Are Not Being Displayed in Session Details
Page"
18.1.1 A Few Conditions in the Base Snapshot Are Not Translated
The following four conditions have not been translated for this release and display in
English in non-English browsers:
■
Check to see if the ASN for the current IP address is (or is not) in the ASN group
■
Compare Transaction Counts across two different durations
■
Checks if user's OTP failure counter value over a specified value
■
IP is valid, unknown or private
Oracle Adaptive Access Manager 18-1
Scheduler
18.1.2 Alert Trigger Sources Are Not Being Displayed in Session Details Page
In the Sessions Details page for sessions which contain alerts, the Trigger Source
column is empty.
By default, the Session Details page does not display the trigger sources if the
execution time for alerts is less than 2000 millisecond (2000 ms) since detailed logging
is dependent on the execution time.
The property that controls this threshold and logging is
# Int property determining minimum time required for detailed logging
vcrypt.tracker.rulelog.detailed.minMillis=2000
After changing the property, print
vcrypt.tracker.rulelog.detailed.minMillis=<value>.
Note: Changing the property influences only new sessions.
18.2 Scheduler
This section describes scheduler issues and workarounds. It includes the following
topics:
■
■
■
■
■
Section 18.2.1, "Job Queue Does Not Display Next Recurrence For Canceled Jobs"
Section 18.2.2, "Pause and Cancel Job Status Is Not Displayed in the Job Instance
Tab"
Section 18.2.3, "Job Queue Process Start and End Time Does Not Follow the
Browser Language Setting"
Section 18.2.4, "Changing the Schedule Parameters Does Not Affect Next
Recurrence"
Section 18.2.5, "When Searching for an Online Job a Warning Might Appear in the
Log"
■
Section 18.2.6, "When the Create Job Dialog is Clicked an Error Might Display"
■
Section 18.2.7, "Errors Are Seen When Creating a New Job"
18.2.1 Job Queue Does Not Display Next Recurrence For Canceled Jobs
If the job is canceled, its next recurrence does not appear in the Job Queue.
18.2.2 Pause and Cancel Job Status Is Not Displayed in the Job Instance Tab
Pause and Cancel Job statuses do not display in the Job Instance tab when a job is
canceled or paused. However, the Job Instance tab does show the status (record) at the
next scheduled job instance.
18.2.3 Job Queue Process Start and End Time Does Not Follow the Browser Language
Setting
In the Job Log tab of the Job Queue page, the Process Start Time and Process End
Time columns display in the yyyy-mm-dd format even if the browser is not set to
English.
18-2 Oracle Fusion Middleware Release Notes
Policy Management
18.2.4 Changing the Schedule Parameters Does Not Affect Next Recurrence
Changing the schedule parameters of a scheduled job does not affect the next
recurrence of the job if the start date and time have not been changed. If a
non-recurring job is changed to a recurring job, the scheduled recurrence does not
occur if there is no change to the start date and time.
18.2.5 When Searching for an Online Job a Warning Might Appear in the Log
When a user clicks the Search button in the online Jobs page, a warnings may appear
in the log. There is no loss of functionality.
18.2.6 When the Create Job Dialog is Clicked an Error Might Display
When the user clicks the Create Job dialog, an error may result occasionally. To work
around this issue, log out or close the browser and open a new browser to log back in.
18.2.7 Errors Are Seen When Creating a New Job
Errors occur when creating a new job in the OAAM Offline environment. The
workaround is to close the browser and start the application again.
18.3 Policy Management
This section describes policy management issues and workarounds. It includes the
following topics:
■
Section 18.3.1, "Some Attributes of Returned Rules Result Not Set"
■
Section 18.3.2, "Search with Rule Notes Keyword is Not Working Properly"
■
■
Section 18.3.3, "Database Error Occurs When Deleting an Action or Alert Group in
a Policy Override"
Section 18.3.4, "Exclude IP List Parameter Was Added to the User and Device
Velocity Rule Conditions"
18.3.1 Some Attributes of Returned Rules Result Not Set
When using the processRules OAAM Server API, users should be aware that the
rule result returned by the API call may have attributes empty or null.
The following attributes returned by processRules API are not set:
■
alertIdList
■
transactionLogId
■
runTimeType
■
session Id
18.3.2 Search with Rule Notes Keyword is Not Working Properly
In the rule listing, the search and sort may not work properly on the Notes column.
The search result may include rows that do not contain the search keyword.
Oracle Adaptive Access Manager 18-3
Transactions
18.3.3 Database Error Occurs When Deleting an Action or Alert Group in a Policy
Override
Groups used in Score Overrides and Action Overrides are deleted without a warning
message.
18.3.4 Exclude IP List Parameter Was Added to the User and Device Velocity Rule
Conditions
A parameter, Exclude IP List, was added to the following conditions:
■
Device: Velocity from last login
■
User: Velocity from last login
This parameter allows you to specify a list of IPs to ignore. If a user's IP is from that
list, then this condition always evaluates to false. If the user's IP is not in that list or if
the list is null or empty, then the condition evaluates the velocity of the user or the
device from the last login and evaluates to true if the velocity exceeds the configured
value.
18.4 Transactions
This section describes Transaction API issues.
18.4.1 NullPointerException Occurs for UpdateTransaction and createTransaction APIs
When Transaction is Null
A NullPointerException error on the client side occurs for the
updateTransactions and createTransactions APIs when one of the
transactions in the array is null. The server only returns success responses and the
failed one is ignored.
18.5 OTP
This section describes an OTP issue.
18.5.1 java.lang.NullPointerException Occurs When GETOTPCODE Returns Error
Response
A java.lang.NullPointerException occurs when a user tries to call toString
on the returned response that contains an error.
18.6 Proxy
This section describes UIO Proxy issues and workarounds. It includes the following
topics:
■
■
■
Section 18.6.1, "UIO ISA Proxy: Certain Filters Are Note Evaluating the Variable in
Value"
Section 18.6.2, "UIO ISA Proxy: the Send-to-Server in Response Interceptor Fails
Without Error Message"
Section 18.6.3, "Warnings are Displayed in Memcached Environment During User
Login"
18-4 Oracle Fusion Middleware Release Notes
Reports
18.6.1 UIO ISA Proxy: Certain Filters Are Note Evaluating the Variable in Value
Filters are used in the proxy to modify HTTP request/response contents or modify the
state information saved in the proxy (variables). The following filters are not
evaluating variables in the value:
■
SetVariable
■
AddHeader
■
AddResponseCookie
■
AddRequestCookie
■
ReplaceText
18.6.2 UIO ISA Proxy: the Send-to-Server in Response Interceptor Fails Without Error
Message
When the send-to-server action in the response interceptor is used without the
display-url, the UIO ISA Proxy redirects the user to an incorrect location and does
not display an error.
18.6.3 Warnings are Displayed in Memcached Environment During User Login
In an Apache Memcached environment, warnings are shown in the log during the
user login flow. The functionality is not impacted.
18.7 Integration
This section describes an integration issue.
18.7.1 NameValueProfile APIs Return Empty Values
The following namevalueprofile APIs return empty values:
■
getNameValueProfile
■
saveNameValueProfile
■
refreshNameValueProfile
18.8 Reports
This section describes OAAM BI Publisher reports and Sessions issues and
workarounds. It includes the following topics:
■
Section 18.8.1, "OAAM BI Publisher Reports Are Not Working in BI Publisher 11g"
■
Section 18.8.2, "Session Details Checkpoint Panel Order Sometimes Randomized"
■
Section 18.8.3, "Alert Message Link in Session Details Page Does Not Open the
Alert Details"
18.8.1 OAAM BI Publisher Reports Are Not Working in BI Publisher 11g
OAAM BI Publisher reports are not working on BI Publisher 11g.
Oracle Adaptive Access Manager 18-5
Export
18.8.2 Session Details Checkpoint Panel Order Sometimes Randomized
In the Session Details page, sometimes the checkpoint execution display order may not
be the same as the execution order.
18.8.3 Alert Message Link in Session Details Page Does Not Open the Alert Details
When the user tries to access an alert details page from an alert message link in the
Session Details page, the page fails to open.
To work around this issue, use the alert message link on the Session Search page.
18.9 Export
This section describes an issue with the Export function.
18.9.1 Export Session Is Not Exporting All Records
Export Sessions to Excel exports selected rows only in the current set of visible 25
rows.
18.10 Globalization
This section describes globalization issues and workarounds. It includes the following
topics:
■
■
■
■
■
■
■
Section 18.10.1, "Localization Limitations"
Section 18.10.2, "Policy, Rule, and Action in the OAAM Dashboard Do Not Pick
Up110N Value"
Section 18.10.3, "NLS: Descriptions in Non-ASCII Characters Fails to Save
Maximum Length"
Section 18.10.4, "XMLDOMException Occurs When Saving Searches"
Section 18.10.5, "Date Format May Not Follow the Browser Language Setting in
User Details"
Section 18.10.6, "Sort for NLS String Might Not Work Properly for Out-of-the-Box
Objects"
Section 18.10.7, "A Few Objects from the OAAM_BASE_SNAPSHOT.ZIP Appear
in English Only"
18.10.1 Localization Limitations
The following information is supported in English only in this release:
■
■
■
Alert messages in the standard policies packaged with Oracle Adaptive Access
Manager
Action values in the RulesBreakdown and RecentLogin OAAM BI Publisher
reports
Notes for Action Templates
18.10.2 Policy, Rule, and Action in the OAAM Dashboard Do Not Pick Up110N Value
Policy, rule, and action are not displayed in their translated values in the Dashboard
table. The issues are listed below:
18-6 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
■
■
■
Locations: The Actions table in the Location dashboard does not display the
translated value for actions when non-English content is viewed.
Security: The Rules table in the Security dashboard does not display the Policy
name, Rule name and Action in the browser's locale when non-English content is
viewed.
Performance: The Rules table in the Performance dashboard does not display the
translated value for policy names when non-English content is viewed.
18.10.3 NLS: Descriptions in Non-ASCII Characters Fails to Save Maximum Length
On a few OAAM Administration pages, for fields with tooltips that say "Enter
between 0 and 4000 characters", OAAM accepts input of up to 4000 non-ASCII
characters but cannot save the non-ASCII string (for example, Chinese) if it contains
more than 4000 bytes.
With UTF-8 encoding, one non-ASCII character uses 1, 2, 3 or 4 byte(s) to store in the
database, so 4000 non-ASCII characters require more than 4000 bytes, which is the
maximum size of the VARCHAR2 type field.
18.10.4 XMLDOMException Occurs When Saving Searches
An XMLDOMException may occur while saving the search criteria if certain
characters, such as fullwidth digits (Unicode U+FF10 through U+FF19) are used. To
work around this issue, substitute the characters with more ordinary equivalents (for
example, ASCII digits 0 through 9 instead of fullwidth digits).
18.10.5 Date Format May Not Follow the Browser Language Setting in User Details
The Date of Last Online Action field uses the date format yyyy-mm-dd rather than
the browser locale's date format. This occurs in the Registration Information panel on
the Summary tab of the User Details page.
18.10.6 Sort for NLS String Might Not Work Properly for Out-of-the-Box Objects
With a 11.1.1.5.0 refresh installation and restore of pre-defined data from the oaam_
base_snapshot.zip, sorting might not work properly for Group Name, Pattern
Name, Entity Name and Description, Action Templates Name, KBA Validation Name
and KBA Category Name in a non-English environment.
18.10.7 A Few Objects from the OAAM_BASE_SNAPSHOT.ZIP Appear in English Only
Some rules, groups, and other items are displayed in English when the 11.1.1.5.0 base
snapshot is imported into the system.
18.11 Configuration Issues and Workarounds
This section describes the following configuration issue and its workaround:
■
Section 18.11.1, "Specifying Timeout Session Option in WebLogic Does Not Work
for OAAM"
Oracle Adaptive Access Manager 18-7
Documentation Errata
18.11.1 Specifying Timeout Session Option in WebLogic Does Not Work for OAAM
The WebLogic Console provides an option to specify the session timeout for an
application but changing this value does not work for OAAM Admin. The session
timeout value should be configurable when OAAM is deployed.
The workaround to configure the session timeout value is to configure the
web.xml session timeout in the WebLogic application server using the
deployment plan feature. The steps are as follows:
1.
Generate deployment plan from the existing non-plan based deployment.
The URL for a WebLogic deployment plan example is:
http://www.slideshare.net/jambay/weblogic-deployment-plan-exa
mple
2.
Edit the plan.xml.
a.
Add a variable definition for the custom session timeout in minutes.
...
<variable-definition>
<variable>
<name>mySessionTimeOut</name>
<value>60</value>
</variable>
</variable-definition>
...
b.
Override the desired web application oaam_admin.war's web.xml as
follows:
<module-override>
<module-name>oaam_admin.war</module-name>
...
<module-descriptor external="false">
<root-element>web-app</root-element>
<uri>WEB-INF/web.xml</uri>
<variable-assignment>
<name>mySessionTimeOut</name>
<xpath>/web-app/session-config/session-timeout</xpath>
</variable-assignment>
</module-descriptor>
...
3.
Then, select the application oaam_admin.ear and click the Update button in the
deployment list
4.
Select the plan path and redeploy the application.
Ignore any shared library warnings.
5.
Make sure your config-root is the application ear directory.
6.
Restart all the servers.
18.12 Documentation Errata
This section describes documentation errata for the Oracle Fusion Middleware
Administrator's Guide for Oracle Adaptive Access Manager, part number E14568, the
Oracle Fusion Middleware Developer's Guide for Oracle Adaptive Access Manager, part
number E15480, and the OAAM sections of the Oracle Fusion Middleware Installation
18-8 Oracle Fusion Middleware Release Notes
Documentation Errata
Guide for Oracle Identity Management, part number E12002. It includes the following
topics:
■
■
■
Section 18.12.1, "Incorrect File Location for sample.bharosa_location.properties"
Section 18.12.2, "A Separate Step to Import KBA Questions Is Redundant in
OAAM Setup"
Section 18.12.3, "Rules Logging Property Setting for OAAM Offline Is Not Correct"
18.12.1 Incorrect File Location for sample.bharosa_location.properties
The procedure to load location data into the Oracle Adaptive Access Manager
database is not correct in the Oracle Fusion Middleware Installation Guide for Oracle
Identity Management. The location of the sample.bharosa_location.properties
file is documented as oaam/WEB-INF/classes. The correct location for
sample.bharosa_location.properties is <ORACLE_MW_HOME>/<IAM_
HOME>/oaam/cli.
The corrected text is provided below:
Load Location Data into the Oracle Adaptive Access Manager database as follows:
1.
Configure the IP Location Loader script, as described in the topics "OAAM
Command Line Interface Scripts" and "Importing IP Location Data" in the Oracle
Fusion Middleware Administrator's Guide for Oracle Adaptive Access Manager.
2.
Make a copy of the sample.bharosa_location.properties file, which is
located under the <ORACLE_MW_HOME>/<IAM_HOME>/oaam/cli directory.
Enter location data details in the location.data properties, as in the
following examples:
location.data.provider=quova
location.data.file=/tmp/quova/EDITION_Gold_2008-07-22_v374.dat.gz
location.data.ref.file=/tmp/quova/EDITION_Gold_2008-07-22_v374.ref.gz
location.data.anonymizer.file=/tmp/quova/anonymizers_2008-07-09.dat.gz
3.
Run the loader on the command line as follows:
On Windows: loadIPLocationData.bat
On UNIX: ./loadIPLocationData.sh
If you wish to generate CSF keys or passwords manually, see
the "Setting Up Encryption and Database Credentials for OAAM"
topic in the Oracle Fusion Middleware Administrator's Guide for Oracle
Adaptive Access Manager.
Note:
18.12.2 A Separate Step to Import KBA Questions Is Redundant in OAAM Setup
In the Oracle Fusion Middleware Installation Guide for Oracle Identity Management, a
separate step is given to import KBA questions after importing the snapshot.
Importing KBA questions is duplication and redundant since importing the snapshot
imports KBA questions by default.
18.12.3 Rules Logging Property Setting for OAAM Offline Is Not Correct
The property for setting up rules logging in OAAM Offline is incorrect in the Oracle
Fusion Middleware Administrator's Guide for Oracle Adaptive Access Manager. With
property vcrypt.tracker.rules.trace.policySet.min.ms = 100, rules logs
Oracle Adaptive Access Manager 18-9
Documentation Errata
are not processed. The value to
vcrypt.tracker.rules.trace.policySet.min.ms must be changed to -1.
Rule logging for detailed information can be turned on by setting:
vcrypt.tracker.rules.trace.policySet=true
vcrypt.tracker.rules.trace.policySet.min.ms=-1
18-10 Oracle Fusion Middleware Release Notes
19
Oracle Authentication Services for
Operating Systems
19
This chapter describes issues associated with Oracle Product. It includes the following
topics:
■
■
Section 19.1, "What is New with Oracle Authentication Services for Operating
Systems 11.1.1.3 ?"
Section 19.2, "General Issues and Workarounds"
19.1 What is New with Oracle Authentication Services for Operating
Systems 11.1.1.3 ?
Oracle Fusion Middleware Release 11g R1 patchset 2 (11.1.1.3) is the first 11g release to
include Oracle Authentication Services for Operating Systems. This product is also
available as a download from http://www.oracle.com/technology/.
The following features and capabilities have been added to Oracle Authentication
Services for Operating Systems since the 10g release:
■
■
■
■
Full integration with Fusion Middleware Release 11g R1 patchset 2 (11.1.1.3).
OAS4OS was not available with FMW 11g R1 or FMW 11g R1 patchset 1.
Extended client platform support. For a full list see:
http://www.oracle.com/technology/software/products/ias/files/
fusion_certification.html.
New configuration scripts to enable PAM proxy user-based access to Oracle
Internet Directory for enhanced security.
Easy configuration of Oracle Internet Directory SSL using customer provided
certificates for production deployments, or use of self signed certificates to test
OID SSL connections.
■
Restricting client access based on IP address.
■
Easy reset of client configuration to support testing.
19.2 General Issues and Workarounds
For up-to-date information about product bugs and updates, see Note 1064891.1:
Oracle Authentication Services for Operating Systems Documentation Addendum
(11.1.1.3). This document is available on My Oracle Support at
https://support.oracle.com/.
Oracle Authentication Services for Operating Systems 19-1
General Issues and Workarounds
19-2 Oracle Fusion Middleware Release Notes
20
Oracle Directory Integration Platform
20
This chapter describes issues associated with Oracle Directory Integration Platform. It
includes the following topics:
■
Section 20.1, "General Issues and Workarounds"
■
Section 20.2, "Configuration Issues and Workarounds"
■
Section 20.3, "Documentation Errata"
20.1 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following
topics:
■
■
■
LDIF Files That Contain Non-ASCII Characters Will Cause the testProfile
Command Option to Fail if the LDIF File has Native Encoding
Some Changes May Not Get Synchronized Due to Race Condition in
Heavily-Loaded Source Directory
Synchronization Continues After Stopping Oracle Directory Integration Platform
20.1.1 LDIF Files That Contain Non-ASCII Characters Will Cause the testProfile
Command Option to Fail if the LDIF File has Native Encoding
When running DIP Tester from a command-line, the manageSyncProfiles
testProfile command will fail if the -ldiffile option is specified and the LDIF
file contains non-ASCII characters.
Note that LDIF files with UTF-8 encoding are not impacted by this limitation. If an
LDIF file containing multibyte characters cannot be saved with UTF-8 encoding, then
use the following workaround:
1.
From a command-line, add the entry using the ldapadd command and include
the -E option to specify the locale. See the Oracle Fusion Middleware User Reference
for Oracle Identity Management for the required command syntax.
2.
Get the specific changeNumber for the last add operation.
3.
Execute the testProfile command using the changeNumber from the
previous step.
For more information, see "Section 7.1.5.2, Running DIP Tester From the WLST
Command-Line Interface" in the Administrator's Guide for Oracle Directory Integration
Platform.
Oracle Directory Integration Platform 20-1
Configuration Issues and Workarounds
20.1.2 Some Changes May Not Get Synchronized Due to Race Condition in
Heavily-Loaded Source Directory
If the source directory is heavily-loaded, a race condition may occur where database
commits cannot keep pace with updates to the lastchangenumber. If this race
condition occurs, Oracle Directory Integration Platform may not be able to
synchronize some of the changes.
To work around this issue, perform the following steps to enable database commits to
keep pace with the lastchangenumber:
1.
Increase the value of the synchronization profile's Scheduling Interval.
2.
Control the number of times the search is performed on the source directory
during a synchronization cycle by setting the searchDeltaSize parameter in
the profile. Oracle suggests starting with a value of 10, then adjusting the value as
needed.
20.1.3 Synchronization Continues After Stopping Oracle Directory Integration Platform
If you stop the Oracle Directory Integration Platform application during
synchronization, the synchronization process that the Quartz scheduler started will
continue to run.
To work around this issue, restart the Oracle WebLogic Managed Server hosting
Oracle Directory Integration Platform or redeploy the Oracle Directory Integration
Platform application.
20.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
Do Not Use localhost as Oracle Internet Directory Hostname When Configuring
Oracle Directory Integration Platform
20.2.1 Do Not Use localhost as Oracle Internet Directory Hostname When Configuring
Oracle Directory Integration Platform
When configuring Oracle Directory Integration Platform against an existing Oracle
Internet Directory—using either the installer's Install and Configure installation option
or the Oracle Identity Management 11g Release 1 (11.1.1) Configuration Wizard—you
must specify the hostname for Oracle Internet Directory using only its fully qualified
domain name (such as myhost.example.com). Do not use localhost as the Oracle
Internet Directory hostname even if Oracle Directory Integration Platform and Oracle
Internet Directory are collocated on the same host.
If you use localhost as the Oracle Internet Directory hostname, you will not be able
to start the Oracle WebLogic Managed Server hosting Oracle Directory Integration
Platform.
20.3 Documentation Errata
There are no known documentation issues at this time.
20-2 Oracle Fusion Middleware Release Notes
21
Oracle Entitlements Server
21
This chapter describes issues associated with Oracle Entitlements Server. It includes
the following topics:
■
Section 21.1, "General Issues and Workarounds"
■
Section 21.2, "Configuration Issues and Workarounds"
■
Section 21.3, "Documentation Errata"
21.1 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following topic:
■
Using Backslash on Oracle Internet Directory Policy Store
■
Performance Tuning the Oracle Database Policy Store
■
Action Bar Disappears When Using Internet Explorer 7
■
Re-created Application May Not Be Distributed in Controlled Mode
■
Enterprise Manager Doesn't Pick Up Newly Added Audit Events
■
Attributes Passed to Authorization Request Are Treated as Case Sensitive
■
Audit Schema Definitions are Incomplete
■
Java Security Module on IPv6 Client Not Supported on Windows
■
Validating Attribute Names in Custom Functions
21.1.1 Using Backslash on Oracle Internet Directory Policy Store
When a backslash (\) is used in a policy object name and the backslash is followed by
either a pound sign (#) or two hex characters ([a-fA-f_0-9][a-fA-f_0-9]),
searches for the object may not work as expected. The issue has been observed when
one of either a Resource Type name or a Resource name and action association has
such a value causing the query of permission sets by Resource Type, Resource name or
action to fail.
WORKAROUND:
Avoid using these values in policy object names.
21.1.2 Performance Tuning the Oracle Database Policy Store
The Oracle dbms_stats package can be used to improve data migration performance
on an Oracle database policy store. The exact SQL command to be executed is:
Oracle Entitlements Server 21-1
General Issues and Workarounds
*EXEC DBMS_STATS.gather_schema_stats
('DEV_OPSS',DBMS_STATS.AUTO_SAMPLE_SIZE,no_invalidate=>FALSE);*
where DEV_OPSS is the schema owner being used for the database policy store. You
can use the other two parameters as illustrated.
WORKAROUND:
You can run this DBMS_STATS call periodically using either of the options below:
■
Use DBMS_JOB.
1.
Copy and paste the following code to a SQL script.
In this example, the job will be executed every 10 minutes.
variable jobno number;
BEGIN
DBMS_JOB.submit
(job => :jobno,
what =>
'DBMS_STATS.gather_schema_stats(''DEV_OPSS'',DBMS_STATS.AUTO_SAMPLE_SIZE,
no_invalidate=>FALSE);',
interval => 'SYSDATE+(10/24/60)');
COMMIT;
END;
/
#end of sql script
2.
Login to sqlplus as the schema owner; for example, 'DEV_OPSS' not sys_
user.
3.
Run the SQL script.
To find the job ID from the script you ran, execute the following:
sqlplus '/as sysdba'
SELECT job FROM dba_jobs WHERE schema_user = 'DEV_OPSS' AND what =
'DBMS_STATS.gather_schema_stats(''DEV_OPSS'',DBMS_STATS.AUTO_SAMPLE_SIZE,
no_invalidate=>FALSE);';
To remove the job, login to sqlplus as the schema owner (for example, 'DEV_
OPSS' not sys_user) and run the following SQL command:
EXEC DBMS_JOB.remove(27);
■
Use cron job or shell script to execute the SQL command.
# run dbms_stats periodically
./runopssstats.sh
# runopssstats.sh content is below:
# In this example, we will execute the command in every 10 minutes
#!/bin/sh
i=1
while [ $i -le 1000 ]
do
echo $i
sqlplus dev_opss/welcome1@inst1 @opssstats.sql
sleep 600
i=`expr $i + 1`
done
# end of sh
21-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
# opssstats.sql
EXEC DBMS_STATS.gather_schema_stats('DEV_OPSS',
DBMS_STATS.AUTO_SAMPLE_SIZE,no_invalidate=>FALSE);
QUIT;
# end of sql
21.1.3 Action Bar Disappears When Using Internet Explorer 7
If you are using Internet Explorer 7 and select a role or user from an Administrator
Role under System Configuration -> System Administrators, the action bar disappears
thus, External Role Mappings and External User Mappings can not be deleted.
WORKAROUND:
This issue is specific to Internet Explorer 7. Use Firefox 3.
21.1.4 Re-created Application May Not Be Distributed in Controlled Mode
In some cases, when the PDP Service is running in controlled mode, if one Application
object is deleted from the policy store and re-created using the same name, the change
may not be distributed to the PDP Service. This is because the Application in the local
cache has a higher version than the one in the policy store.
WORKAROUND:
Remove the local cache files for the PDP service and restart the PDP Service instance.
The oracle.security.jps.runtime.pd.client.localpolicy.work_
folder configuration parameter defines the path to the cache. The default value is
<SM_INSTANCE>/config/work/.
21.1.5 Enterprise Manager Doesn't Pick Up Newly Added Audit Events
component_events.xml is the audit event definition file used by configuration
tools (like Enterprise Manager and WebLogic Scripting Tool) and by the audit runtime
and database loader. You need to modify the component_events.xml file to insure
that Enterprise Manager picks up all newly added events in the Low/Medium list.
WORKAROUND:
1. Log out of Enterprise Manager.
2.
Open the component_events.xml file.
This file is located in the $IDM_OPSS_ORACLE_
HOME/modules/oracle.iau_11.1.1/components/JPS/ directory.
3.
Search for <FilterPresetDefinition name="Low">.
4.
In the event list, change purgeDistributionStatus to PurgeDistributionStatus.
Note the capitalization.
5.
Search for <FilterPresetDefinition name="Medium">.
6.
In the event list, change purgeDistributionStatus to PurgeDistributionStatus.
Note the capitalization.
7.
Save the file and close it.
8.
Start Enterprise Manager.
Oracle Entitlements Server 21-3
General Issues and Workarounds
21.1.6 Attributes Passed to Authorization Request Are Treated as Case Sensitive
When using the PEP API names of passed attributes, they must be in the same case as
those mentioned in the policies.
21.1.7 Audit Schema Definitions are Incomplete
The IAUOES audit schema is not synchronized with Oracle Entitlements Server event
definitions, so it does not contain the necessary columns for this component.
Consequently, data cannot be stored in the appropriate columns and audit reports
cannot be run against Oracle Entitlements Server data.
WORKAROUND - Option 1
Use this option if RCU has not yet been run. The steps are:
1.
Locate JPS.sql at this location:
$RCU_HOME/rcu/integration/iauoes/scripts/JPS.sql
Modify the file permission, making the file writable.
2.
Copy over the file:
$IDM_OPSS_ORACLE_HOME/modules/oracle.iau_11.1.1/sql/scripts/JPS.sql
to:
$RCU_HOME/rcu/integration/iauoes/scripts/JPS.sql
3.
Run RCU to create the IAUOES schema.
WORKAROUND - Option 2
Use this option if RCU has already been run. The steps are:
1.
Copy over the file:
$IDM_OPSS_ORACLE_HOME/modules/oracle.iau_11.1.1/sql/scripts/JPS.sql
to the directory from which you run sqlplus.
2.
Connect to sqlplus as sysdba.
3.
Run the following commands at the SQL prompt:
a.
alter session set current_schema=audit_schema_user
b.
drop table JPS;
c.
@@JPS.sql audit_schema_user audit_schema_user_Append
audit_schema_user_Viewer;
21.1.8 Java Security Module on IPv6 Client Not Supported on Windows
Because of an issue with the JDK 1.6, the Java Security Module is not supported when
using a Windows IPv6 client. We are working with the JDK development team for a
resolution.
21.1.9 Validating Attribute Names in Custom Functions
When using custom function implementations, if the attribute name is invalid, the
result of the authorization request could be wrong. Thus, attribute names must be
validated before retrieving their values.
21-4 Oracle Fusion Middleware Release Notes
Documentation Errata
WORKAROUND:
Use the following code in custom function implementations to validate attribute
names.
boolean isValidAttributeName(String name) {
if (name == null) return false;
return name.matches("[A-Za-z_][A-Za-z0-9_]*");
}
21.2 Configuration Issues and Workarounds
There are no configuration issues at this time.
21.3 Documentation Errata
There are no documentation errata at this time.
Oracle Entitlements Server 21-5
Documentation Errata
21-6 Oracle Fusion Middleware Release Notes
22
22
Oracle Identity Federation
This chapter describes issues associated with Oracle Identity Federation. It includes
the following topics:
■
Section 22.1, "General Issues and Workarounds"
■
Section 22.2, "Configuration Issues and Workarounds"
■
Section 22.3, "Documentation Errata"
22.1 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following
topics:
■
■
■
Section 22.1.1, "Database Table for Authentication Engine must be in Base64
Format"
Section 22.1.2, "Considerations for Oracle Identity Federation HA in SSL mode"
Section 22.1.3, "Database Column Too Short error for
IDPPROVIDEDNAMEIDVALUE"
22.1.1 Database Table for Authentication Engine must be in Base64 Format
When using a database table as the authentication engine, and the password is stored
hashed as either MD5 or SHA, it must be in base64 format.
The hashed password can be either in the base64-encoded format or with a prefix of
{SHA} or {MD5}. For example:
{SHA}qUqP5cyxm6YcTAhz05Hph5gvu9M=
22.1.2 Considerations for Oracle Identity Federation HA in SSL mode
In a high availability environment with two (or more) Oracle Identity Federation
servers mirroring one another and a load balancer at the front-end, there are two ways
to set up SSL:
■
Configure SSL on the load balancer, so that the SSL connection is between the user
and the load balancer. In that case, the keystore/certificate used by the load
balancer has a CN referencing the address of the load balancer.
The communication between the load balancer and the WLS/Oracle Identity
Federation can be clear or SSL (and in the latter case, Oracle WebLogic Server can
use any keystore/certificates, as long as these are trusted by the load balancer).
Oracle Identity Federation 22-1
Configuration Issues and Workarounds
■
SSL is configured on the Oracle Identity Federation servers, so that the SSL
connection is between the user and the Oracle Identity Federation server. In this
case, the CN of the keystore/certificate from the Oracle WebLogic Server/Oracle
Identity Federation installation needs to reference the address of the load balancer,
as the user will connect using the hostname of the load balancer, and the
Certificate CN needs to match the load balancer's address.
In short, the keystore/certificate of the SSL endpoint connected to the user (load
balancer or Oracle WebLogic Server/Oracle Identity Federation) needs to have its
CN set to the hostname of the load balancer, since it is the address that the user
will use to connect to Oracle Identity Federation.
22.1.3 Database Column Too Short error for IDPPROVIDEDNAMEIDVALUE
Problem
When Oracle Identity Federation is configured to use a database store for session and
message data store, the following error is seen if data for IDPPROVIDEDNAMEID is
over 200 characters long:
ORA-12899: value too large for column
"WDO_OIF"."ORAFEDTMPPROVIDERFED"."IDPPROVIDEDNAMEIDVALUE" (actual: 240,
maximum: 200)\n]
Workaround
Alter table ORAFEDTMPPROVIDERFED to increase the column size for
"idpProvidedNameIDValue" to 240.
22.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
Section 22.2.1, "WLST Environment Setup when SOA and OIF are in Same
Domain"
■
Section 22.2.2, "Oracle Virtual Directory Requires LSA Adapter"
■
Section 22.2.3, "Settings for Remote WS-Fed SP Must be Changed Dynamically"
■
Section 22.2.4, "Required Property when Creating a WS-Fed Trusted Service
Provider"
■
Section 22.2.5, "Federated Identities Table not Refreshed After Record Deletion"
■
Section 22.2.6, "Default Authentication Scheme is not Saved"
■
Section 22.2.7, "Configuring 10g to Work with 11g Oracle Identity Federation
using Artifact Profile"
22.2.1 WLST Environment Setup when SOA and OIF are in Same Domain
If your site contains Oracle SOA Suite and Oracle Identity Federation in the same
domain, the WLST setup instructions in the Oracle Fusion Middleware Administrator's
Guide for Oracle Identity Federation are insufficient for WLST to correctly execute Oracle
Identity Federation commands.
This can happen if you install an IdM domain, then extend it with an Oracle SOA
install; the SOA installer changes the ORACLE_HOME environment variable. This breaks
22-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
the Oracle Identity Federation WLST environment, as it relies on the IdM value for
ORACLE_HOME.
Take these steps to enable the use of WLST commands:
1.
Execute the instructions described in Section 9.1.1, Setting up the WLST
Environment, in the Oracle Fusion Middleware Administrator's Guide for Oracle
Identity Federation.
2.
Copy OIF-ORACLE_HOME/fed/script/*.py to WL_HOME/common/wlst.
3.
Append the CLASSPATH environment variable with OIF-ORACLE_
HOME/fed/scripts.
22.2.2 Oracle Virtual Directory Requires LSA Adapter
To use Oracle Virtual Directory as an Oracle Identity Federation user store or an
authentication engine, you must configure a Local Storage Adapter, and the context
root must be created as required at installation or post-install configuration time.
For details about this task, see the chapter Creating and Configuring Oracle Virtual
Directory Adapters in the Oracle Fusion Middleware Administrator's Guide for Oracle
Virtual Directory.
22.2.3 Settings for Remote WS-Fed SP Must be Changed Dynamically
On the Edit Federations page, the Oracle Identity Federation (OIF) settings for remote
WS-Fed service provider contain a property called SSO Token Type; you can choose
to either inherit the value from the IdP Common Settings page or override it here. The
number of properties shown in 'OIF Settings' depends on the value of SSO Token
Type.
If you choose to override SSO Token Type with a different value (for example, by
changing from SAML2.0 to SAML1.1), the number of properties shown in 'OIF
Settings' does not change until you click the Apply button.
Also, if you have overridden the value for Default NameID Format to 'Persistent
Identifier' or 'Transient/One-Time Identifier', then changed the SSO Token Type
value from 'SAML2.0' to 'SAML1.1' or 'SAML1.0', you will notice that the value for
Default NameID Format is now blank. To proceed, you must reset this property to a
valid value from the list.
22.2.4 Required Property when Creating a WS-Fed Trusted Service Provider
When you create a WS-Fed Trusted Service Provider, you must set the value for the
'Use Microsoft Web Browser Federated Sign-On' property with these steps:
1.
In Fusion Middleware Control, navigate to Federations, then Edit Federations.
2.
Choose the newly create WS-Fed Trusted Service Provider and click Edit.
3.
In the 'Trusted Provider Settings' section, set the value for Use Microsoft Web
Browser Federated Sign-On by checking or unchecking the check-box.
4.
Click Apply.
22.2.5 Federated Identities Table not Refreshed After Record Deletion
When the federation store is XML-based, a record continues to be displayed in the
federated identities table after it is deleted.
Oracle Identity Federation 22-3
Configuration Issues and Workarounds
The following scenario illustrates the issue:
1.
The federation data store is XML.
2.
Perform federated SSO, using "map user via federated identity".
3.
In Fusion Middleware Control, locate the Oracle Identity Federation instance, and
navigate to Administration, then Identities, then Federated Identities.
4.
Click on the created federation record and delete it.
After deletion, the federated record is still in the table. Further attempts at deleting the
record result in an error.
The workaround is to manually refresh the table by clicking Search.
22.2.6 Default Authentication Scheme is not Saved
Problem
This problem is seen when you configure Oracle Access Manager in Fusion
Middleware Control as a Service Provider Integration Module. It is not possible to set
a default authentication scheme since the default is set to a certain scheme (say
OIF-password-protected) but the radio button is disabled.
Solution
Take these steps to set the preferred default authentication scheme:
1.
Check the Create check-box for the scheme that is currently set as the default but
disabled.
2.
Check the Create check-box(es) for the authentication scheme(s) that you would
like to create.
3.
Click the radio button of the scheme that you wish to set as the default.
4.
Uncheck the Create check-box of the scheme in Step 1 only if you do not want to
create the scheme.
5.
Provide all the required properties in the page.
6.
Click the Configure Oracle Access Manager button to apply the changes.
The default authentication scheme is now set to the one that you selected.
In addition, when trying to remove any authentication
scheme, ensure that you do not remove the default scheme; if you
must remove the scheme, change the default to another authentication
scheme before you remove the scheme.
Note:
22.2.7 Configuring 10g to Work with 11g Oracle Identity Federation using Artifact
Profile
In the SAML 1.x protocol, for a 10g Oracle Identity Federation server to work with an
11g Oracle Identity Federation server using the Artifact profile, you need to set up
either basic authentication or client cert authentication between the two servers.
For instructions, see:
■
Section 6.9 Protecting the SOAP Endpoint, in the Oracle Fusion Middleware
Administrator's Guide for Oracle Identity Federation, 11g Release 1 (11.1.1)
22-4 Oracle Fusion Middleware Release Notes
Documentation Errata
■
Section 6.5.13.2 When Oracle Identity Federation is an SP, in the Oracle Identity
Federation Administrator's Guide, 10g (10.1.4.0.1)
22.3 Documentation Errata
This section describes documentation errata for the Oracle Fusion Middleware
Administrator's Guide for Oracle Identity Federation, part number E13400-01. It includes
the following topics:
■
Section 22.3.1, "Different Passwords for Keystore and Private Key not Supported"
■
Section 22.3.2, "Documentation Erratum for Deploying Oracle Identity Federation"
■
Section 22.3.3, "Documentation Erratum for Configuring Security and Trust"
■
Section 22.3.4, "Additional Steps for SSL Configuration"
■
Section 22.3.5, "ParseException Message in Diagnostic Log"
■
Section 22.3.6, "Forcing Re-authentication when Integrated with Oracle Access
Manager"
■
Section 22.3.7, "Supported Version of Oracle Access Manager 10g"
■
Section 22.3.8, "Additional Steps for OpenID Configuration"
■
Section 22.3.9, "Documentation Erratum for Oracle Identity Federation MBeans"
For documentation errata and other release notes relating to
the integration of Oracle Identity Federation with Oracle Access
Manager 11g , see the chapter for "Oracle Access Manager."
Note:
22.3.1 Different Passwords for Keystore and Private Key not Supported
Oracle Identity Federation only supports configuring one password for signing and
encryption keystores, and uses that password to open both the keystore and the
private key. This means that if a keystore is configured with different store password
and key password, an error will occur when Oracle Identity Federation tries to access
the private key.
To avoid this error, ensure that the private key password for the configured key alias
is the same as the keystore password.
Note: In Oracle Identity Federation 11g Release 1 (11.1.1), if you
change the key password to match the keystore password, you must
remove the old keystore/wallet from the configuration.
22.3.2 Documentation Erratum for Deploying Oracle Identity Federation
In Section 3.2.2.2, "Integrate Oracle Single Sign-On with OHS", replace the following
set of instructions:
Copy $AS_INST/config/OHS/$OHS_NAME/disabled/mod_osso.conf to $AS_
INST/config/OHS/$OHS_NAME/moduleconf. All files in the moduleconf
directory are read when OHS is started.
Open the $AS_INST/config/OHS/$OHS_NAME/moduleconf/mod_osso.conf file
and set the OssoConfigFile directive to reference the Oracle Single Sign-On
configuration file that was created and then copied to the OHS config directory:
Oracle Identity Federation 22-5
Documentation Errata
OssoConfigFile ${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_
NAME}/oif.server.com.osso.conf
with the following text:
Copy $AS_INST/config/OHS/$OHS_NAME/disabled/mod_osso.conf to $AS_
INST/config/OHS/$OHS_NAME/moduleconf. All files in the moduleconf
directory are read when OHS is started.
Open the $AS_INST/config/OHS/$OHS_NAME/moduleconf/mod_osso.conf
file. Set the OssoConfigFile directive to reference the Oracle Single Sign-On
configuration file that was created and then copied to the OHS config directory:
OssoConfigFile ${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/ ${COMPONENT_
NAME}/oif.server.com.osso.conf
Add the /fed/user/authnosso URL to be protected by Oracle SSO Server, through
the Location element.
Then the mod_osso.conf example would look like this:
LoadModule osso_module ${ORACLE_HOME}/ohs/modules/mod_osso.so
<IfModule mod_osso.c>
OssoIpCheck off
OssoIdleTimeout off
OssoConfigFile ${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/
${COMPONENT_NAME}/oif.server.com.osso.conf
<Location /fed/user/authnosso>
require valid-user
AuthType Osso
</Location>
</IfModule>
22.3.3 Documentation Erratum for Configuring Security and Trust
In Section 5.10.3, "Security and Trust - Trusted CAs and CRLs", change the following
sentence:
"When the certificate validation store is enabled, Oracle Identity Federation uses it to
validate the certificates needed to verify the signatures on incoming messages."
to read:
"When the certificate validation store is enabled, Oracle Identity Federation uses it to
validate the certificates needed to verify the signatures on incoming
SAML/WS-Federation messages."
22.3.4 Additional Steps for SSL Configuration
In Section 8.2.2, "Configuring Oracle Identity Federation as an SSL Client," add the
following subsection, which shows the steps needed to ensure that Fusion Middleware
Control can continue to manage the Oracle Identity Federation server after SSL is
enabled for the Admin server and the managed server hosting Oracle Identity
Federation:
Ensuring that Fusion Middleware Control can Manage an Oracle Identity
Federation Target
Take these steps:
22-6 Oracle Fusion Middleware Release Notes
Documentation Errata
1.
Locate $INSTANCE_HOME/EMAGENT/EMAGENT/sysman/emd/targets.xml.
Change the protocol for the 'serviceURL' property to the correct protocol. If you
have more than one Oracle Identity Federation target (besides host and oracle_
emd), you need to modify the 'serviceURL' for each target.
2.
Locate $INSTANCE_
HOME/EMAGENT/EMAGENT/sysman/config/emd.properties.
If necessary, update the protocol for 'REPOSITORY_URL' to the correct protocol.
The EM Agent uses this property to connect to Fusion Middleware Control.
3.
Stop the EM Agent using the command:
$INSTANCE_HOME/bin/opmnctl stopproc ias-component=EMAGNET
4.
Secure the EM Agent using the command:
$INSTANCE_HOME/EMAGENT/EMAGENT/bin/emctl secure fmagent -admin_host
<host> -admin_port <port> -admin_user <username> [-admin_pwd <pwd>]
5.
Restart the EM Agent using the command:
$INSTANCE_HOME/bin/opmnctl startproc ias-component=EMAGNET
22.3.5 ParseException Message in Diagnostic Log
After installation, a configuration assistant performs a number of configuration
updates to the Oracle Identity Federation server using MBeans. Another task
periodically checks to see if the configuration files were changed so that the server can
be notified.
A parsing error during this procedure can result in the following type of message in
the diagnostic log file:
$DOMAIN_HOME/servers/wls_oif1/logs/wls_oif1-diagnostic.log
.
[org.xml.sax.SAXParseException: XML document structures must start and end
within the same entity.]
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.createUnmarshalExcept
ion(AbstractUnmarshallerImpl.java:315)
at
com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.createUnmar
shalException(UnmarshallerImpl.java:514)
at
com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(
UnmarshallerImpl.java:215)
at
com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(U
nmarshallerImpl.java:184)
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
arshallerImpl.java:137)
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnm
arshallerImpl.java:184)
at
oracle.as.config.persistence.jaxb.JAXBXmlPersistenceManagerImpl.load(
JAXBXmlPersistenceManagerImpl.java:156)
... 10 more
Caused by: org.xml.sax.SAXParseException: XML document structures must start
Oracle Identity Federation 22-7
Documentation Errata
and
end within the same entity.
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAX
ParseException(ErrorHandlerWrapper.java:195)
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalErro
r(ErrorHandlerWrapper.java:174)
.
Provided that the Oracle Identity Federation server is up and running
(/fed/idp/metadata can be accessed without any errors), the message is harmless
and has no effect on the stability of the server. The configuration change occurs as
intended, and all the servers are notified of the change.
22.3.6 Forcing Re-authentication when Integrated with Oracle Access Manager
Add the following note in Section 3.2.3, "Deploying Oracle Identity Federation with
Oracle Access Manager":
Oracle Identity Federation does not support the ability to force
re-challenging the user for credentials when integrated with the
Oracle Access Manager 10g authentication engine, so that Oracle
Identity Federation cannot support use cases where reauthentication
must be forced.
Note:
For example, if an SP sends an AuthnRequest with
ForceAuthn="true" to an Oracle Identity Federation IdP, and
Oracle Identity Federation is integrated with Oracle Access Manager,
the ForceAuthn flag is ignored.
22.3.7 Supported Version of Oracle Access Manager 10g
For integration with Oracle Access Manager 10g server, Oracle Identity Federation
supports Oracle Access Manager Version 10.1.4.3.
In Section 3.2.3.2 Integrate Oracle Access Manager as an Authentication Engine, under
the Verify Requirements heading, change the first step to verify component versions
to read:
1.
Verify that the Oracle Access Manager server is at Version 10.1.4.3.
22.3.8 Additional Steps for OpenID Configuration
Section 5.4.4 Configure OpenID IdP Properties describes how to enable the
out-of-the-box Oracle Identity Federation OpenID provider.
You can also configure an external OpenID provider so that Oracle Identity Federation
acts as the relying party (RP/SP) and an external resource acts as the OpenID provider
(OP). Google and Yahoo are examples of external OpenID providers.
The following steps describe how to configure an external OpenID provider:
1.
Log in to Oracle Enterprise Manager Fusion Middleware Control.
2.
Navigate to the Oracle Identity Federation instance.
3.
Select Administration, then Federations.
4.
Click Add to add a new OpenID provider.
22-8 Oracle Fusion Middleware Release Notes
Documentation Errata
5.
In the pop-up box, select "Add provider manually".
6.
Enter the provider ID using a URL in this format:
http://node123.us.example.com:7777/fed/idp
7.
For protocol version, select "OpenID2.0".
8.
For provider type, select "Identity Provider".
9.
Click OK to create the provider.
10. Edit the new provider. Enter the provider's discovery URL in this format:
http://node123.us.example.com:7777/fed/idp
or enter the provider's OpenID endpoint URL if the IdP does not support OpenID
discovery.
11. Click Apply to commit the edits.
22.3.9 Documentation Erratum for Oracle Identity Federation MBeans
In Section A.5.2 "Access Oracle Identity Federation MBeans", the MBean names are
stated in Table A-1 and the sample code as "Oracle Identity
FederationConfigMBean" which should be corrected to read "OIFConfigMBean"..
Oracle Identity Federation 22-9
Documentation Errata
22-10 Oracle Fusion Middleware Release Notes
23
Oracle Identity Manager
23
This chapter describes issues associated with Oracle Identity Manager. It includes the
following topics:
■
Section 23.1, "Patch Requirements"
■
Section 23.2, "General Issues and Workarounds"
■
Section 23.3, "Configuration Issues and Workarounds"
■
Section 23.4, "Multi-Language Support Issues and Limitations"
■
Section 23.5, "Documentation Errata"
23.1 Patch Requirements
This section describes patch requirements for Oracle Identity Manager 11g Release 1
(11.1.1). It includes the following sections:
■
Obtaining Patches From My Oracle Support (Formerly OracleMetaLink)
■
Patch Requirements for Oracle Database 11g (11.1.0.7)
■
Patch Requirements for Oracle Database 11g (11.2.0.2.0)
■
Patch Requirements for Segregation of Duties (SoD)
■
Patch Upgrade Requirement
23.1.1 Obtaining Patches From My Oracle Support (Formerly OracleMetaLink)
To obtain a patch from My Oracle Support (formerly OracleMetaLink), go to following
URL, click Patches and Updates, and search for the patch number:
https://support.oracle.com/
23.1.2 Patch Requirements for Oracle Database 11g (11.1.0.7)
Table 23–1 lists patches required for Oracle Identity Manager 11g Release 1 (11.1.1)
configurations that use Oracle Database 11g (11.1.0.7). Before you configure Oracle
Identity Manager 11g, be sure to apply the patches to your Oracle Database 11g
(11.1.0.7) database.
Table 23–1
Required Patches for Oracle Database 11g (11.1.0.7)
Platform
Patch Number and Description on My Oracle Support
UNIX / Linux
7614692: BULK FEATURE WITH 'SAVE EXCEPTIONS' DOES NOT
WORK IN ORACLE 11G
Oracle Identity Manager 23-1
Patch Requirements
Table 23–1 (Cont.) Required Patches for Oracle Database 11g (11.1.0.7)
Platform
Patch Number and Description on My Oracle Support
7000281: DIFFERENCE IN FORALL STATEMENT BEHAVIOR IN 11G
8327137: WRONG RESULTS WITH INLINE VIEW AND
AGGREGATION FUNCTION
8617824: MERGE LABEL REQUEST ON TOP OF 11.1.0.7 FOR BUGS
7628358 7598314
Windows 32 bit
8689191: ORACLE 11G 11.1.0.7 PATCH 16 BUG FOR WINDOWS 32 BIT
Windows 64 bit
8689199: ORACLE 11G 11.1.0.7 PATCH 16 BUG FOR WINDOWS (64-BIT
AMD64 AND INTEL EM64T)
23.1.3 Patch Requirements for Oracle Database 11g (11.2.0.2.0)
If you are using Oracle Database 11g (11.2.0.2.0), make sure that you download and
install the appropriate version (based on the platform) for the RDBMS Patch Number
10259620. This is a prerequisite for installing the Oracle Identity Manager schemas.
Table 23–2 lists the patches required for Oracle Identity Manager 11g Release 1 (11.1.1)
configurations that use Oracle Database 11g Release 2 (11.2.0.2.0). Make sure that you
download and install the following patches before creating Oracle Identity Manager
schemas.
Table 23–2
Required Patches for Oracle Database 11g (11.2.0.2.0)
Platform
Patch Number and Description on My Oracle Support
Linux x86 (32-bit)
RDBMS Interim Patch#10259620.
Linux x86 (64-bit)
Oracle Solaris on SPARC
(64-bit)
Oracle Solaris on x86-64 (64-bit)
Microsoft Windows x86 (32-bit)
Bundle Patch 2 [Patch#11669994] or later. The latest
Bundle Patch is 4 [Patch# 11896290].
Microsoft Windows x86 (64-bit)
Bundle Patch 2 [Patch# 11669995] or later. The latest
Bundle Patch is 4 [Patch# 11896292].
If this patch is not applied, then problems might occur in user and role search and
manager lookup. In addition, search results might return empty result.
Note:
■
■
Apply this patch in ONLINE mode. Refer to the readme.txt file
bundled with the patch for the steps to be followed.
In some environments, the RDBMS Interim Patch has been unable
to resolve the issue, but the published workaround works. Refer
to the metalink note "Wrong Results on 11.2.0.2 with
Function-Based Index and OR Expansion due to fix for
Bug:8352378 [Metalink Note ID 1264550.1]" for the workaround.
This note can be followed to set the parameters accordingly with
the only exception that they need to be altered at the Database
Instance level by using ALTER SYSTEM SET <param>=<value>
scope=<memory> or <both>.
23-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.1.4 Patch Requirements for Segregation of Duties (SoD)
Table 23–3 lists patches that resolve known issues with Segregation of Duties (SoD)
functionality:
Table 23–3
SoD Patches
Patch Number / ID
Description and Purpose
Patch number 9819201 on
My Oracle Support
Apply this patch on the SOA Server to resolve the known issue
described in "SoD Check During Request Provisioning Fails
While Using SAML Token Client Policy When Default SoD
Composite is Used".
The description of this patch on My Oracle Support is "ERROR
WHILE USING SAML TOKEN CLIENT POLICY FOR
CALLBACK."
Patch ID 3M68 using the
Oracle Smart Update utility.
Requires passcode:
6LUNDUC7.
Using the Oracle Smart Update utility, apply this patch on the
Oracle WebLogic Server to resolve the known issue described in
"SoD Check Fails While Using Client-Side Policy in Callback
Invocation During Request Provisioning".
The SoD patches are required to resolve the known issues in
Oracle Identity Manager 11g Release 1 (11.1.1.3), but these patches are
not required in 11g Release 1 (11.1.1.5).
Note:
23.1.5 Patch Upgrade Requirement
While applying the patch provided by Oracle Identity Manager, the following error is
generated:
ApplySession failed: ApplySession failed to prepare the system.
OPatch version 11.1.0.8.1 must be upgraded to version 11.1.0.8.2 to meet the version
requirement.
See "Obtaining Patches From My Oracle Support (Formerly OracleMetaLink)" on
page 23-1 for information about downloading OPatch from My Oracle Support.
23.2 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following
topics:
■
Do Not Use Platform Archival Utility
■
SPML-DSML Service is Unsupported
■
Resource Object Names Longer than 100 Characters Cause Import Failure
■
Status of Users Created Through the Create and Modify User APIs
■
Status of Locked Users in Oracle Access Manager Integrations
■
Generating an Audit Snapshot after Bulk-Loading Users or Accounts
■
Browser Timezone Not Displayed
■
Date Format Change in the SoD Timestamp Field Not Supported
■
Bulk Loading CSV Files with UTF-8 BOM Encoding Not Supported
Oracle Identity Manager 23-3
General Issues and Workarounds
■
Date Type Attributes are Not Supported for the Default Scheduler Job, "Job
History Archival"
■
Low File Limits Prevent Adapters from Compiling
■
Reconciliation Engine Requires Matching Rules
■
SPML Requests Do Not Report When Any Date is Specified in Wrong Format
■
Logs Populated with SoD Exceptions When the SoD Message Fails and Gets Stuck
in the Queue
■
Underscore Character Cannot Be Used When Searching for Resources
■
Assign to Administrator Action Rule is Not Supported by Reconciliation
■
Some Buttons on Attestation Screens Do Not Work in Mozilla Firefox
■
■
The maxloginattempts System Property Causes Autologin to Fail When User Tries
to Unlock
"<User not found>" Error Message Appears in AdminServer Console While
Setting-Up an Oracle Identity Manager-Oracle Access Manager Integration
■
Do Not Use Single Quote Character in Reconciliation Matching Rule
■
Do Not Use Special Characters When Reconciling Roles from LDAP
■
■
■
■
■
■
■
■
■
SoD Check During Request Provisioning Fails While Using SAML Token Client
Policy When Default SoD Composite is Used
SoD Check Fails While Using Client-Side Policy in Callback Invocation During
Request Provisioning
Error May Appear During Provisioning when Generic Technology Connector
Framework Uses SPML
Cannot Click Buttons in TransUI When Using Mozilla Firefox
LDAP Handler May Cause Invalid Exception While Creating, Deleting, or
Modifying a Role
Cannot Reset User Password Comprised of Non-ASCII Characters
Benign Exception and Error Message May Appear While Patching Authorization
Policies
The DateTime Pick in the Trans UI Does Not Work Correctly in the Thai Locale
User Without Access Policy Administrators Role Cannot View Data in Access
Policy Reports
■
Archival Utility Throws an Error for Empty Date
■
TransUI Closes with Direct Provisioning of a Resource
■
■
■
■
■
Scheduler Throws "ParameterValueTypeNotSupportedException" Instead of
"RequiredParameterNotSetException"
All New User Attributes Are Not Supported for Attestation in Oracle Identity
Manager 11g
LDAP GUID Mapping to Any Field of Trusted Resource Not Supported
User Details for Design Console Access Field Must Be Mapped to Correct Values
When Reading Modify Request Results
Cannot Create a User Containing Asterisks if a Similar User Exists
23-4 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
■
■
Blank Status Column Displayed for Past Proxies
Mapping the Password Field in a Reconciliation Profile Prevents Users from Being
Created
■
UID Displayed as User Login in User Search Results
■
Roles/Organizations Browse Trees Disappear
■
Entitlement Selection Is Not Optional for Data Gathering
■
■
Oracle Identity Manager Server Throws Generic Exception While Deploying a
Connector
Create User API Allows Any Value for the "Users.Password Never Expires",
"Users.Password Cannot Change", and "Users.Password Must Change" Fields
■
Incorrect Label in JGraph Screen for the GTC
■
Running the Workflow Registration Utility Generates an Error
■
Native Performance Pack is Not Enabled On Solaris 64-bit JVM Install
■
Error in the Create Generic Technology Connector Wizard
■
DSML Profile for the SPML Web Service is Not Deployed With Oracle Identity
Manager
■
New Human Tasks Must Be Copied in SOA Composites
■
Modify Provisioned Resource Request Does Not Support Service Account Flag
■
Erroneous "Query by Example" Icon in Identity Administration Console
■
The XL.ForcePasswordChangeAtFirstLogin System Property Is No Longer Used
■
■
■
■
■
■
■
■
The tcExportOperationsIntf.findObjects(type,name) API Does Not Accept the
Asterisk (*) Wilcard Character in Both Parameters
Disabled Links on the Access Policy Summary Page Opened in Mozilla FireFox
Benign Error is Generated on Editing the IT Resource Form in Advanced
Administration
User Account is Not Locked in iPlanet Directory Server After it is Locked in Oracle
Identity Manager
Oracle Identity Manager Does Not Support Autologin With JavaAgent
Benign Error Logged on Opening Access Policies, Resources, or Attestation
Processes
User Locked in Oracle Identity Manager But Not in LDAP
Reconciliation Profile Must Not Be Regenerated Via Design Console for Xellerate
Organization Resource Object
■
Benign Error Logged on Clicking Administration After Upgrade
■
Provisioning Fails Through Access Policy for Provisioned User
■
■
■
Benign Warning Messages Displayed During Oracle Identity Manager Managed
Server Startup
Benign Message Displayed When Running the Deployment Manager
Deployment Manager Export Fails When Started Using Microsoft Internet
Explorer 7 With JRE Plugin 1.6_23
Oracle Identity Manager 23-5
General Issues and Workarounds
■
■
■
■
■
■
■
■
■
■
■
■
■
■
■
User Creation Fails in Microsoft Active Directory When Value of Country
Attribute Exceeds Two Characters
Permission on Target User Required to Revoke Resource
Reconciliation Event Fails for Trusted Source Reconciliation Because of Missing
Reconciliation Rule in Upgraded Version of Oracle Identity Manager
XML Validation Error on Oracle Identity Manager Managed Server Startup
Cannot View or Edit Adapter Mapping in the Data Object Manager Form of the
Design Console
Role Memberships for Assign or Revoke Operations Not Updated on Enabling or
Disabling Referential Integrity Plug-in
Reconciliation Data Displays Attributes That Are Not Modified
Benign Errors Displayed on Starting the Scheduler Service When There are
Scheduled Jobs to be Recovered
Trusted Source GTC Reconciliation Mapping Cannot Display Complete Attribute
Names
Benign Error Logged for Database Connectivity Test
MDS Validation Error When Importing GTC Provider Through the Deployment
Manager
Encrypted User-Defined Field (UDF) Cannot be Stored with Size of 4000
Characters or More
Request Approval Fails With Callback Service Failure
Localized Display Name is Not Reconciled Via User/Role Incremental
Reconciliation with iPlanet Directory Server
LDAP Role Hierarchy and Role Membership Reconciliation With Non-ASCII
Characters Does Not Reconcile Changes in Oracle Identity Manager
■
Import of Objects Fails When All Objects Are Selected for Export
■
Benign Audit Errors Logged After Upgrade
■
■
■
■
■
■
■
Connector Upgrade Fails if Existing Data is Bigger in Size Than New Column
Length
Connector Artifacts Count Increases in the Deployment Manager When File is Not
Imported
Uploading JAR Files By Using the Upload JAR Utility Fails
Oracle Identity Manager Data and MT Upgrade Fails Because Change of Database
User Password
Reverting Unsaved UDFs Are Not Supported in the Administration Details Page
for Roles and Organizations
Resources Provisioned to User Without Checking Changes in User Status After
Request is Submitted
Config.sh Command Fails When JRockit is Installed With Data Samples and
Source
■
Unexpected Memory Usage in Oracle Identity Manager 11g Release 1(11.1.1)
■
Reports Link No Longer Exists in the Administrative and User Console
23-6 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
■
Not Allowing to Delete a Role Whose Assigned User Members are Deleted
■
Roles and Organizations Do Not Support String UDFs of Password Type
■
Manage Localizations Dialog Box Does Not Open After Modifying Roles
■
Not Allowing to Create User With Language-Specific Display Name Values
■
■
SoD Check Results Not Displayed for Requests Created by Users for the
PeopleSoft Resource
The XL.UnlockAfter System Property and the Automatically Unlock User
Scheduled Job Do Not Take Effect
■
Resetting Password on Account Lockout Does Not Unlock User
■
Incremental and Full Reconciliation Jobs Cannot Be Run Together
■
■
Incorrect Content in the ScheduleTask Jars Loaded and Third Party Jars Tables in
the MT Upgrade Report
Scroll Bar Not Available on the Select Connector Objects to Be Upgraded Page of
the Connector Management - Upgrading Wizard
23.2.1 Do Not Use Platform Archival Utility
Currently, the Platform Archival Utility is not supported and should not be used.
To work around this issue, use the predefined scheduled task named Orchestration
Process Cleanup Task to delete all completed orchestration processes and related
data.
23.2.2 SPML-DSML Service is Unsupported
Oracle Identity Manager's SPML-DSML Service is currently unsupported in 11g
Release 1 (11.1.1). However, you can manually deploy the spml-dsml.ear archive file
for Microsoft Active Directory password synchronization.
23.2.3 Resource Object Names Longer than 100 Characters Cause Import Failure
If a resource object name is more than 100 characters, an error occurs in the database
and the resource object is not imported. To work around this issue, change the
resource object's name in the XML file so the name is less than 100 characters.
23.2.4 Status of Users Created Through the Create and Modify User APIs
You cannot create users in Disabled State. Users are always created in Active State.
The Create and Modify User APIs do not honor the Users.Disable User attribute value.
If you pass a value to the Users.Disable User attribute when calling the Create API,
Oracle Identity Manager ignores this value and the USR table is always populated
with a value of 0, which indicates the user's state is Active.
Use the Disable API to disable a user.
Oracle Identity Manager 23-7
General Issues and Workarounds
23.2.5 Status of Locked Users in Oracle Access Manager Integrations
When Oracle Access Manager locks a user account in an Oracle Identity
Manager-Oracle Access Manager integration, it may take approximately five minutes,
or the amount of time defined by the incremental reconciliation scheduled interval, for
the status of the locked account to be reconciled and appear in Oracle Identity
Manager. However, if a user account is locked or unlocked in Oracle Identity
Manager, the status appears immediately.
23.2.6 Generating an Audit Snapshot after Bulk-Loading Users or Accounts
The GenerateSnapshot.[sh|bat] option does not work correctly when invoked from
the Bulk Load utility. To work around this issue and generate a snapshot of the initial
audit after bulk loading users or accounts, you must run GenerateSnapshot.[sh|bat]
from the $OIM_HOME/bin/ directory.
23.2.7 Browser Timezone Not Displayed
Due to an ADF limitation, the browser timezone is currently not accessible to Oracle
Identity Manager. Oracle Identity Manager bases the timezone information in all date
values on the server's timezone. Consequently, end users will see timezone
information in the date values, but the timezone value will display the server's
timezone.
23.2.8 Date Format Change in the SoD Timestamp Field Not Supported
The date-time value that end users see in the Segregation of Duties (SoD) Check
Timestamp field on the SoD Check page will always display as "YYYY-MM-DD
hh:mm:ss" and this format cannot be localized.
To work around this localization issue, perform the following steps:
1.
Open the "Oracle_eBusiness_User_Management_
9.1.0.1.0/xml/Oracle-eBusinessSuite-TCA-Main-ConnectorConfig.xml" file.
2.
In the EBS Connector import xml, locate the SoDCheckTimeStamp field for the
Process Form. Change <SDC_FIELD_TYPE> to 'DateFieldDlg' and change <SDC_
VARIANT_TYPE> to 'Date' as shown in the following example:
<FormField name = "UD_EBST_USR_SODCHECKTIMESTAMP">
<SDC_UPDATE>!Do not change this field!</SDC_UPDATE>
<SDC_LABEL>SoDCheckTimestamp</SDC_LABEL>
<SDC_VERSION>1</SDC_VERSION>
<SDC_ORDER>23</SDC_ORDER>
<SDC_FIELD_TYPE>DateFieldDlg</SDC_FIELD_TYPE>
<SDC_DEFAULT>0</SDC_DEFAULT>
<SDC_ENCRYPTED>0</SDC_ENCRYPTED>
<!--SDC_SQL_LENGTH>50</SDC_SQL_LENGTH-->
<SDC_VARIANT_TYPE>Date</SDC_VARIANT_TYPE>
</FormField>
3.
Import the Connector.
4.
Enable SoD Check.
5.
Provision the EBS Resource with entitlements to trigger an SoD Check.
6.
Check the SoDCheckTimeStamp field in Process Form to confirm it is localized
like the other date fields in the form.
23-8 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.2.9 Bulk Loading CSV Files with UTF-8 BOM Encoding Not Supported
Bulk loading a CSV file for which UTF-8 BOM (byte order mark) encoding is specified
causes an error. However, bulk-loading UTF-8 encoded CSV files works as expected if
you specify "no BOM" encoding.
To work around this issue,
■
■
If you want to load non-ASCII data, you must change your CSV file encoding to
"UTF-8 no BOM" before loading the CSV file.
If your data is stored in CSV files with "UTF-8 BOM" encoding, you must change
them to "UTF-8 no BOM" encoding before running the bulkload script.
23.2.10 Date Type Attributes are Not Supported for the Default Scheduler Job, "Job
History Archival"
The default Scheduler job, "Job History Archival," does not support date type
attributes.
The "Archival Date" attribute parameter in "Job History Archival" only accepts string
patterns such as "ddMMyyyy" and "MMM DD, yyyy."
When you run a Scheduler job, the code checks the date format. If you enter the wrong
format, an error similar to the following example, displays in the execution status list
and in the log console:
<IAM-1020063> <Incorrect format of Archival Date parameter. Archival Date is
expected in DDMMYYYY or UI Date format.>
The job cannot run successfully until you input the correct Archival Date information.
23.2.11 Low File Limits Prevent Adapters from Compiling
On machines where the file limits are set too low, trying to create and compile an
entity adapter causes a "Too many open files" error and the adapter will not compile.
To work around this issue, change the file limits on your machine to the following
(located in /etc/security/limits.conf) and then restart the machine:
■
softnofile 4096
■
hardnofile 4096
23.2.12 Reconciliation Engine Requires Matching Rules
Currently, Oracle Identity Manager's Reconciliation Engine in 11g Release 1 (11.1.1)
requires you to define a matching rule to identify the users for every connector in
reconciliation. Errors will occur during reconciliation if you do not define a matching
rule to identify users.
23.2.13 SPML Requests Do Not Report When Any Date is Specified in Wrong Format
Oracle Identity Manager 23-9
General Issues and Workarounds
When any date, such as activeStartDate, hireDate, and so on, is specified in an
incorrect format, the Web server does not pass those values to the SPML layer. Only
valid dates are parsed and made available to SPML. Consequently, when any SPML
request that contains an invalid date format, the invalid date format from the request
is ignored and is not available for that operation. For example, if you specify the
HireDate month as "8" instead of "08," the HireDate will not be populated after the
Create request is completed and no error message is displayed.
The supported date format is:
yyyy-MM-dd hh:mm:ss.fffffffff
No other date format is supported.
23.2.14 Logs Populated with SoD Exceptions When the SoD Message Fails and Gets
Stuck in the Queue
SoD functionality uses JMS-based processing. Oracle Identity Manager submits a
message to the oimSODQueue for each SoD request. If for some reason an SoD
message always results in an error, Oracle Identity Manager never processes the next
message in the oimSODQueue. Oracle Identity Manager always picks the same error
message for processing until you delete that message from the oimSODQueue.
To work around this issue, use the following steps to edit the queue properties and to
delete the SoD message in oimSODQueue:
1.
Log on to the WebLogic Admin Console at http://<hostname>:<port>/console
2.
From the Console, select Services, Messaging, JMS Modules.
3.
Click OIMJMSModule. All queues will be displayed.
4.
Click oimSODQueue.
5.
Select the Configurations, Delivery Failure tabs.
6.
Change the retry count so that the message can only be submitted a specified
number of times.
7.
Change the default Redelivery Limit value from -1 (which means infinite) to a
specific value. For example, if you specify 1, the message will be submitted only
once.
8.
To review and delete the SoD error message, go to the Monitoring tab, select the
message, and delete it.
23.2.15 A Backslash (\) Cannot Be Used in a weblogic.properties File
If you are using the WeblogicImportMetadata.cmd utility to import data to MDS, then
do not use a backslash (\) character in a path in the weblogic.properties file, or an
exception will occur.
To work around this issue, you must use a double backslash (\\) or a forward slash
(/) on Microsoft Windows. For example, change metadata_from_
loc=C:\metadata\file to metadata_from_loc=C:\\metadata\\file in the
weblogic.properties file.
23-10 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.2.16 Underscore Character Cannot Be Used When Searching for Resources
When you are searching for a resource object, do not use an underscore character (_) in
the resource name. The search feature ignores the underscore and consequently does
not return the expected results.
23.2.17 Assign to Administrator Action Rule is Not Supported by Reconciliation
Reconciliation does not support the Assign to Administrator Action rule.
To work around this issue, change the Assign to Administrator to None in the
connector XML before importing the connector. However, after changing the value to
None, you cannot revert to Assign to Administrator.
23.2.18 Some Buttons on Attestation Screens Do Not Work in Mozilla Firefox
If you are creating attestations in a Mozilla Firefox Web browser and you click certain
buttons, nothing happens.
To work around this issue, click the Refresh button to refresh the page.
23.2.19 The maxloginattempts System Property Causes Autologin to Fail When User
Tries to Unlock
WLS Security Realm has a default lock-out policy that locks out users for some time
after several unsuccessful login attempts. This policy can interfere with the locking
and unlocking functionality of Oracle Identity Manager.
To prevent the WLS Security Realm lock-out policy from affecting the lock/unlock
functionality of Oracle Identity Manager, you must set the 'Lockout Threshold' value
in the WLS 'User Lockout Policy' to at least 5 more than the value in Oracle Identity
Manager. For example, if the value in Oracle Identity Manager is set to 10, you must
set the WLS 'Lockout Threshold' value to 15.
To change the default values for the 'User lockout Policy,' perform the following steps:
1.
Open the WebLogic Server Administrative Console.
2.
Select Security Realms, REALM_NAME.
3.
Select the User Lockout tab.
4.
If configuration editing is not enabled, then click the Lock and Edit button to
enable configuration editing.
5.
Change the value of lockout threshold to the required value.
6.
Click Save to save the changes.
7.
Click Activate to activate your changes.
8.
Restart all the servers in the domain.
23.2.20 "<User not found>" Error Message Appears in AdminServer Console While
Setting-Up an Oracle Identity Manager-Oracle Access Manager Integration
When you set up Oracle Identity Manager-Oracle Access Manager Integration with a
JAVA agent and log into the Admin Server Console, a "<User not found>" error
message is displayed. This message displays even when the login is successful.
Oracle Identity Manager 23-11
General Issues and Workarounds
23.2.21 Do Not Use Single Quote Character in Reconciliation Matching Rule
If the single quote character (') is used in reconciliation data (for example, 'B'1USER1'),
then target reconciliation will fail with an exception.
23.2.22 Do Not Use Special Characters When Reconciling Roles from LDAP
Due to a limitation in the Oracle SOA Infrastructure, do not use special characters such
as commas (,) in role names, group names, or container descriptions when reconciling
roles from LDAP. Oracle Identity Manager's internal code uses special characters as
delimiters. For example, Oracle Identity Manager uses commas (,) as approver
delimiters and the SOA HWF-level global configuration uses commas as assignee
delimiters.
23.2.23 SoD Check During Request Provisioning Fails While Using SAML Token Client
Policy When Default SoD Composite is Used
SoD check fails and the following error is displayed on the SOA console when SoD
check is performed during request provisioning only when the Default SoD Check
composite is used:
SEVERE: FabricProviderServlet.handleException Error during retrieval of test page
or composite resourcejavax.servlet.ServletException:
java.lang.NullPointerException
This happens when Callback is made from Oracle Identity Manager to SOA with the
SoDCheck Results.
To resolve this issue, apply patch 9819201 on the SOA server. You can obtain patch
9819201 from My Oracle Support. The description of this patch on My Oracle Support
is "ERROR WHILE USING SAML TOKEN CLIENT POLICY FOR CALLBACK."
For more information, refer to:
■
Obtaining Patches From My Oracle Support (Formerly OracleMetaLink).
■
Patch Requirements for Segregation of Duties (SoD)
23.2.24 SoD Check Fails While Using Client-Side Policy in Callback Invocation During
Request Provisioning
SoD check fails and following error is displayed on the Oracle Identity Manager
Administrative and User Console when SoD check is performed during request
provisioning only when the Default SoD Check composite is used:
<Error> <oracle.wsm.resources.policymanager><WSM-02264> <"/base_domain/oim_
server1/oim/unknown/iam-ejb.jar/WEBSERVICECLIENTs/SoDCheckResultService/PORTs/Resu
ltPort" is not a recognized resource pattern.>
<Error> <oracle.iam.sod.impl> <IAM-4040002><Error getting Request Service :
java.lang.IllegalArgumentException: WSM-02264 "/base_domain/oim_
server1/oim/unknown/iam-ejb.jar/WEBSERVICECLIENTs/SoDCheckResultService/PORTs/Resu
ltPort" is not a recognized resource pattern.>
To resolve this issue, use the Oracle Smart Update utility to apply patch ID 3M68,
which requires passcode of 6LUNDUC7, on Oracle WebLogic Server. For more
information, refer to:
■
The Oracle Smart Update Installing Patches and Maintenance Packs documentation.
23-12 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
■
Patch Requirements for Segregation of Duties (SoD)
23.2.25 Error May Appear During Provisioning when Generic Technology Connector
Framework Uses SPML
When using the generic technology connector framework uses SPML, during
provisioning, the following error may appear:
<SPMLProvisioningFormatProvider.formatData :problem with Velocity Template Unable
to find resource 'com/thortech/xl/gc/impl/prov/SpmlRequest.vm'>
If the error occurs, it blocks provisioning by using the predefined SPML GTC
provisioning format provider. Restarting the Oracle Identity Manager server prevents
the error from appearing again.
23.2.26 Cannot Click Buttons in TransUI When Using Mozilla Firefox
When using the Mozilla Firefox browser, in certain situations, some buttons in the
legacy user interface, also known as TransUI, cannot be clicked. This issue occurs
intermittently and can be resolved by using Firefox's reload (refresh) function.
23.2.27 LDAP Handler May Cause Invalid Exception While Creating, Deleting, or
Modifying a Role
If an LDAP handler causes an exception when you create, modify, or delete a role, an
invalid error message, such as System Error or Role does not exist, may
appear.
To work around this issue, look in the log files, which will display the correct error
message.
23.2.28 Cannot Reset User Password Comprised of Non-ASCII Characters
If a user's password is comprised of non-ASCII characters, and that user tries to reset
the password from either the My Profile or initial login screens in the Oracle Identity
Manager Self Service interface, the reset will fail with the following error message:
Failed to change password during the validation of the old password
This error does not occur with user passwords comprised of
only ASCII characters.
Note:
To work around this issue, perform the following steps:
1.
Set the JVM file encoding to UTF8, for example: -Dfile.encoding=UTF-8
On Windows systems, this may cause the console output to
appear distorted, though output in the log files appear correctly.
Note:
2.
Restart the Oracle WebLogic Server.
Oracle Identity Manager 23-13
General Issues and Workarounds
23.2.29 Benign Exception and Error Message May Appear While Patching
Authorization Policies
When patches are applied to the Authorization Polices that are included with Oracle
Identity manager and the JavaSE environment registers the Oracle JDBC driver,
java.security.AccessControlException is reported and the following error
message appears:
Error while registering Oracle JDBC Diagnosability MBean
You can ignore this benign exception, as the Authorization Policies are seeded
successfully, despite the exception and error messages.
23.2.30 The DateTime Pick in the Trans UI Does Not Work Correctly in the Thai Locale
When locale is set to th_TH in Microsoft Windows Internet Explorer Web browser, the
datetime in Oracle Identity Manager follows the Thai Buddhist calendar. In the Create
Attestation page of the Administrative and User Console, when you select a date for
start time, the year is displayed according to the Thai Buddhist calendar, for example,
2553. After you click OK, the equivalent year according to the Gregorian calendar,
which is 2010, is displayed in the start time field. But when you click Next to continue
creating the attestation, an error message is displayed stating that the start time of the
process must not belong to the past.
To workaround this issue, perform any one of the following:
■
Specify the datetime manually.
■
Use Mozilla Firefox Web browser, which uses the Gregorian calendar.
23.2.31 User Without Access Policy Administrators Role Cannot View Data in Access
Policy Reports
OIM user without the ACCESS POLICY ADMINISTRATORS role cannot view data in
the following reports:
■
Access Policy Details
■
Access Policy List by Role
To workaround this issue:
1.
Assign the ACCESS POLICY ADMINISTRATORS role to an OIM user.
2.
Create a BI Publisher user with the same username in Step 1. Assign appropriated
BI Publisher role to view reports.
3.
Login as the BI Publisher user mentioned in step 2. View the Access Policy Details
and Access Policy List by Role reports. All access policies are displayed.
23.2.32 Archival Utility Throws an Error for Empty Date
In case of empty date, archival utility throws an error message, but proceeds to archive
data by mapping to the current date. Currently, no workaround exists for this issue.
23.2.33 TransUI Closes with Direct Provisioning of a Resource
23-14 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
TransUI closes while doing a direct provisioning if user defined field (UDF) is created
with the default values. To work around this issue, you need to create a Lookup Code
for the INTEGER/DOUBLE type UDF in the LKU/LKV table.
23.2.34 Scheduler Throws "ParameterValueTypeNotSupportedException" Instead of
"RequiredParameterNotSetException"
On AIX platform, when a required parameter is missing during the creation of a
scheduler job, instead of throwing "RequiredParameterNotSetException" with the
error message "The value is not set for required parameters of a scheduled task.", it
throws "ParameterValueTypeNotSupportedException" with the error message
"Parameter value is not set properly". Currently, no workaround exists for this issue.
23.2.35 All New User Attributes Are Not Supported for Attestation in Oracle Identity
Manager 11g
New user attributes are added in Oracle Identity Manager 11g. Not all of them are
available for Attestation while defining user-scope. However, Attestation has been
enhanced to include the following user attributes:
■
USR_COUNTRY
■
USR_LDAP_ORGANIZATION
■
USR_LDAP_ORGANIZATION_UNIT
■
USR_LDAP_GUID
Currently, no workaround exists for this issue.
23.2.36 LDAP GUID Mapping to Any Field of Trusted Resource Not Supported
Update fails in LDAP, if LDAP GUID is mapped to any field of trusted resource in
LDAP-SYNC enabled installation. To work around this issue, Oracle does not
recommend mapping for LDAP GUID field while creating reconciliation field
mapping for a trusted resource.
23.2.37 User Details for Design Console Access Field Must Be Mapped to Correct
Values When Reading Modify Request Results
When a Modify Request is raised, "End-User" and "End-User Administrator" values
are displayed for the "Design Console Access" field. These values must be mapped to
False/True while interpreting the user details.
23.2.38 Cannot Create a User Containing Asterisks if a Similar User Exists
If you try to create a user that contains an asterisk (*) after creating a user with a
similar name, the attempt will fail. For example, if you create user test1test, followed
by test*test, test*test will not be created.
It is recommended to not create users with asterisks in the User Login field.
Oracle Identity Manager 23-15
General Issues and Workarounds
23.2.39 Blank Status Column Displayed for Past Proxies
The Status field on the Post Proxies page is blank. However, active proxies are
displayed correctly on Current Proxies page.
Currently, no workaround exists for this issue.
23.2.40 Mapping the Password Field in a Reconciliation Profile Prevents Users from
Being Created
The Password field is available to be mapped with a reconciliation profile, but it
should not be used. Attempting to map this field will generate a reconciliation event
that will not create users. (The event ends in "No Match Found State".) In addition,
you will not be able to re-evaluate or manually link this event.
23.2.41 UID Displayed as User Login in User Search Results
Although you can select the UID attribute from the Search Results Table Configuration
list on the Search Configuration page of the Advanced Administration, the search
results table for advanced search for users displays the User Login field instead of the
UID field.
23.2.42 Roles/Organizations Browse Trees Disappear
After you delete an organization, the Browse trees for organizations and roles might
not be displayed.
To work around this issue, click the Search Results tab, then click the Browse tab. The
roles and organizations browse trees display correctly.
23.2.43 Entitlement Selection Is Not Optional for Data Gathering
Entitlement (Child Table) selection during data gathering on the process form, for the
"Depends On (Depended)" attribute is not optional. During data gathering, if
dependent lookups are configured, then the user has to select the parent lookup value
so that filtering happens on the child lookup and thus user gets a final list of
entitlements to select . Currently, no workaround exists to directly filter the values
based on the child lookup.
23.2.44 Oracle Identity Manager Server Throws Generic Exception While Deploying a
Connector
Generic exceptions are shown in server logs every time deployment manager import
happens or profile changes manually or profile changes via design console. This is
because "WLSINTERNAL" is not an authorized user of Oracle Identity Manager.
"WLSINTERNAL" is an internal user of WebLogic Server, and MDS uses it to invoke
MDS listeners if there is a change in XMLs stored in MDS. Currently, no workaround
exists for this issue.
23.2.45 Create User API Allows Any Value for the "Users.Password Never Expires",
"Users.Password Cannot Change", and "Users.Password Must Change" Fields
23-16 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
Create User API allows the user to set any value between 0 and 9 instead of 0 or 1 for
"Users.Password Never Expires", "Users.Password Cannot Change" and
"Users.Password Must Change" fields. However, any value other than 0 is considered
as TRUE and 0 is considered as FALSE, and the flag is set accordingly for the user
being created. Currently, no workaround exists for this issue.
23.2.46 Incorrect Label in JGraph Screen for the GTC
The User Type label on the JGraph screen is displayed incorrectly as Design Console
Access. To display User Type, add the line Xellerate_Type=User Type to the
OIM_HOME/server/customResources/customResources.properties file.
23.2.47 Running the Workflow Registration Utility Generates an Error
When the workflow registration utility is run in a clustered deployment of Oracle
Identity Manager, the following error is generated:
[java] oracle.iam.platform.utils.NoSuchServiceException:
java.lang.reflect.InvocationTargetException
Ignore the error message.
23.2.48 Native Performance Pack is Not Enabled On Solaris 64-bit JVM Install
For Oracle Identity Manager JVM install on a Solaris 64-bit computer, Oracle
WebLogic log displays the following error:
Unable to load performance pack. Using Java I/O instead. Please ensure that a
native performance library is in:
To workaround this issue, perform the following to ensure that JDK picks up the 64-bit
native performance:
1.
In a text editor, open the MIDDLEWARE_HOME/wlserver_
10.3/common/bin/commEnv.sh file.
2.
Replace the following:
SUN_ARCH_DATA_MODEL="32"
With:
SUN_ARCH_DATA_MODEL="64"
3.
Save and close the commEnv.sh file.
4.
Restart the application server.
23.2.49 Error in the Create Generic Technology Connector Wizard
If you enter incorrect credentials for the database on the Create Generic Technology
Connector wizard, a system error window is displayed. You must close this window
and run the wizard again.
23.2.50 DSML Profile for the SPML Web Service is Not Deployed With Oracle Identity
Manager
The DSML profile for the SPML Web service is not deployed by default with Oracle
Identity Manager 11g Release 1 (11.1.1). SPML-DSML binaries are bundled with the
Oracle Identity Manager 23-17
General Issues and Workarounds
Oracle Identity Manager installer to support Microsoft Active Directory Password
Synchronization. You must deploy the spml-dsml.ear file manually.
23.2.51 New Human Tasks Must Be Copied in SOA Composites
When you add a new human task to an existing SOA composite, you must ensure that
all the copy operations for the attributes in the original human task are added to the
new human task. Otherwise, an error could be displayed on the View Task Details
page.
23.2.52 Modify Provisioned Resource Request Does Not Support Service Account Flag
A regular account cannot be changed to a service account, and similarly, a service
account cannot be changed to a regular account through a Modify Provisioned
Resource request.
23.2.53 Erroneous "Query by Example" Icon in Identity Administration Console
In the Identity Administration console, when viewing role details from the Members
tab, an erroneous icon with the "tooltip" (mouse-over text) of "Query By Example"
appears. This "Query By Example" icon is non-functional and should be ignored.
23.2.54 The XL.ForcePasswordChangeAtFirstLogin System Property Is No Longer
Used
The XL.ForcePasswordChangeAtFirstLogin system property is no longer used in
Oracle Identity Manager 11g Release 1 (11.1.1.1). Therefore, forcing the user to change
the password at first login cannot be configured. By default, the user must change the
password:
■
■
When the new user, other than self-registered users, is logging in to Oracle
Identity Manager for the first time
When the user is logging in to Oracle Identity Manager for the first time after the
password has been reset
23.2.55 The tcExportOperationsIntf.findObjects(type,name) API Does Not Accept the
Asterisk (*) Wilcard Character in Both Parameters
The tcExportOperationsIntf.findObjects(type,name) API accepts the asterisk (*)
wildcard character only for the second parameter, which is name. For type, a category
must be specified. For example, findObjects("Resource","*") is a valid call, but
findObjects("*","*") is not valid.
23.2.56 Disabled Links on the Access Policy Summary Page Opened in Mozilla FireFox
In the Verify Information for this Access Policy page of the Create/Modify Access
Policy wizards opened in Mozilla Firefox Web browser, you click Change for resource
to be provisioned by the access policy, and then click Edit to edit the process form data
for the resources to be provisioned. If you click the Close button on the Edit form, then
the change links for any one of the access policy information sections, such as
resources to be provisioned by the access policy, resources to be denied by the access
policy, or roles for the access policy, do not work.
To workaround this issue, click Refresh. All the links in the Verify Information for this
Access Policy page are enabled.
23-18 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.2.57 Benign Error is Generated on Editing the IT Resource Form in Advanced
Administration
When you click the Edit link on the IT Resource form in the Advanced Administration,
the following error message is logged:
<Error> <XELLERATE.APIS> <BEA-000000>
<Class/Method: tcFormDefinitionOperationsBean/getFormFieldPropertyValue encounter
some problems: Property 'Column Names' has not defined for the form field '-82'>
The error message is benign and can be ignored because there is no loss of
functionality.
23.2.58 User Account is Not Locked in iPlanet Directory Server After it is Locked in
Oracle Identity Manager
After reaching the maximum login attempts, a user is locked in Oracle Identity
Manager. But in iPlanet DS/ODSEE, the user is not locked. The orclAccountLocked
feature is not supported because the backend iPlanet DS/ODSEE does not support
account unlock by setting the Operational attribute. Account is unlocked only with a
password reset. The nsaccountlock attribute is available for administrative lockout.
The password policies do not use this attribute, but you can use this attribute to
independently lock an account. If the password policy locks the account, then
nsaccountlock locks the user even after the password policy lockout is gone.
23.2.59 Oracle Identity Manager Does Not Support Autologin With JavaAgent
In an Oracle Access Manager (OAM) integrated deployment of Oracle Identity
Manager with JavaAgent, when a user created in Oracle Identity Manager tries to
login to the Oracle Identity Manager Administrative and User Console for the first
time, the user is forced to reset password and set challenge questions. After this, the
user is not logged in to Oracle Identity Manager automatically, but is redirected to the
OAM login page. This is because Oracle Identity Manager does not support autologin
when JavaAgent is used.
23.2.60 Benign Error Logged on Opening Access Policies, Resources, or Attestation
Processes
As a delegated administrator, when you open the page to display the details of an
access policy, resource, or attestation process, the following error is logged:
Error> <org.apache.struts.tiles.taglib.InsertTag> <BEA-000000>
<Can't insert page '/gc/EmptyTiles.jsp' : Write failed: Broken pipe
java.net.SocketException: Write failed: Broken pipe
The error is benign and can be ignored because there is no loss of functionality.
23.2.61 User Locked in Oracle Identity Manager But Not in LDAP
In a LDAP-enabled deployment of Oracle Identity Manager in which the directory
servers are Microsoft Active Directory (AD) or Oracle Internet Directory (OID), when
a user is manually locked in Oracle Identity Manager by the administrator, the user is
not locked in LDAP if a password policy is not configured in LDAP. The configurable
password policy in LDAP can either be the default password policy that is applicable
to all the LDAP users, or it can be a user-specific Password Setting Object (PSO).
Oracle Identity Manager 23-19
General Issues and Workarounds
23.2.62 Reconciliation Profile Must Not Be Regenerated Via Design Console for
Xellerate Organization Resource Object
By default, the Xellerate Organization resource object does not have reconciliation to
Oracle Identity Manager field mappings and any matching/action rule information.
As a result, when reconciliation profile for Xellerate Organization resource object is
updated via Design Console, it corrupts the existing reconciliation configuration for
that resource object, and reconciliation fails with empty status.
To workaround this issue, do not generate the reconciliation profile/configuration via
the Design Console. Instead, export the Xellerate Organization profile from Meta Data
Store (MDS) and edit it manually, and import it back into Oracle Identity Manager. If
the profile changes include modification of the reconciliation fields, then the
corresponding changes must be made in the horizontal table schema and its entity
definition as well.
23.2.63 Benign Error Logged on Clicking Administration After Upgrade
After upgrading Oracle Identity Manager from Release 9.1.0.1 to 11g Release 1 (11.1.1),
on clicking the Administration link on the Administrative and User Console, the
following error is logged:
<Error> <oracle.adfinternal.view.page.editor.utils.ReflectionUtility>
<WCS-16178> <Error instantiating class oracle.adfdtinternal.view.faces.portlet.PortletDefinitionDTFactory>
This error is benign and can be ignored because there is no loss of functionality.
23.2.64 Provisioning Fails Through Access Policy for Provisioned User
When a user is already provisioned and you try to assign a role to the user that
triggers provisioning to the target domain, the provisioning is not started. However, if
the user is not provisioned already and you assign a role to the user, then the
provisioning occurs successfully.
To workaround this issue:
1.
Open the connector-specific user form in the Design Console.
2.
Create a new version of the connector, and select Edit.
3.
Click the Properties tab, and then click server (ITResourceLookupField). Click
Add Property.
4.
Add Required for the property and specify true. Click Make Version Active, and
then click Save.
5.
Login to Oracle Identity Manager Administrative and User Console.
6.
Navigate to System Property. Search for the 'Allows access policy based
provisioning of multiple instances of a resource' system property. Change the
value of this property to TRUE.
7.
Restart Oracle Identity Manager.
Try provisioning a provisioned user to provision through access policy of the same IT
Resource Type, and the provisioning is successful.
23-20 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.2.65 Benign Warning Messages Displayed During Oracle Identity Manager Managed
Server Startup
Several messages resembling the following are logged during Oracle Identity Manager
managed server startup:
<Mar 30, 2011 6:51:01 PM PDT> <Warning> <oracle.iam.platform.kernel.impl>
<IAM-0080071>
<Preview stage is not supported in kernel and found an event handler with name
ProvisionAccountPreviewHandler implemented by the class
oracle.iam.accesspolicy.impl.handlers.provisioning.ProvisionAccountPreviewHandlerf
or this stage. It will be ignored.>
These warning messages are benign and can be ignored because there is no loss of
functionality.
23.2.66 Benign Message Displayed When Running the Deployment Manager
When running the Deployment Manager, a message with header ' XUL SYNTAX: ID
Conflict' is displayed.
This message is benign and can be ignored because there is no loss of functionality.
Close the message and continue.
23.2.67 Deployment Manager Export Fails When Started Using Microsoft Internet
Explorer 7 With JRE Plugin 1.6_23
After upgrading Oracle Identity Manager from an earlier release to 11g Release 1
(11.1.1), when you use the Microsoft Internet Explorer 7 Web browser with JRE plugin
1.6_23 to open the Administrative and User Console and try to export files by using
the Deployment Manager, an error is generated and you cannot proceed with the
export.
To workaround this issue, use a combination of the following Web browsers and
plugins:
■
Mozilla Firefox 3.6 and JRE version 1.6_23 on 64-bit computer
■
Microsoft Internet Explorer 7 and JRE version 1.5
■
Microsoft Internet Explorer 8 and JRE version 1.6_18
■
Microsoft Internet Explorer 7 and JRE version 1.6_24
23.2.68 User Creation Fails in Microsoft Active Directory When Value of Country
Attribute Exceeds Two Characters
In a LDAP-enabled deployment of Oracle Identity Manager, user creation fails in the
Microsoft Active Directory (AD) server if the value of the Country attribute exceeds
two characters. AD mandates two characters for the Country attribute, for example
US, based on the ISO 3166 standards.
23.2.69 Deployment Manager Import Fails if Scheduled Job Entries Are Present Prior
To Scheduled Task Entries in the XML File
In Oracle Identity Manager 11g Release 1 (11.1.1), schedules job has a dependency on
scheduled task. Therefore, scheduled task must be imported prior to scheduled job.
Oracle Identity Manager 23-21
General Issues and Workarounds
As a result, if a XML file has scheduled job entries prior to scheduled task entries, then
importing the XML file using Deployment Manager fails with the following error
message:
[exec] Caused By: oracle.iam.scheduler.exception.SchedulerException: Invalid
ScheduleTask definition
[exec] com.thortech.xl.ddm.exception.DDMException
To workaround this issue, open the XML file and move all scheduled task entries
above the scheduled job entries.
23.2.70 Permission on Target User Required to Revoke Resource
When you login to the Administrative and User Console with Identity User
Administrators and Resource Administrators roles, direct provision a resource to a
user, and attempt to revoke the resource from the user, an error message is displayed.
To workaround this issue, you (logged-in user) must have the write permission on the
target user (such as user1). To achieve this:
1.
Create a role, such as role1, and assign self to this role.
2.
Create an organization, such as org1, and assign role1 as administrative group.
3.
Modify the user user1 and change its organization to org1. You can now revoke
the resource from user1.
23.2.71 Reconciliation Event Fails for Trusted Source Reconciliation Because of
Missing Reconciliation Rule in Upgraded Version of Oracle Identity Manager
When Oracle Identity Manager is upgraded from an earlier release to 11g Release 1
(11.1.1), for trusted source reconciliation, such as trusted source reconciliation using
GTC, the reconciliation event fails with the following error message because of a
missing reconciliation rule:
<Mar 31, 2011 6:27:41 PM CDT> <Info> <oracle.iam.reconciliation.impl>
<IAM-5010006> <The following exception occurred: {0}
oracle.iam.platform.utils.SuperRuntimeException:
Error occurred in XL_SP_RECONEVALUATEUSER while processing Event No 3
Error occurred in XL_SP_RECONUSERMATCH while processing Event No 3
One or more input parameter passed as null
To workaround this issue:
1.
Create a reconciliation rule for the resource object.
2.
In the Resource Object form of the Design Console, click Create Reconciliation
Profile.
23.2.72 XML Validation Error on Oracle Identity Manager Managed Server Startup
The following error message is logged at the time of Oracle Identity Manager
Managed Server startup:
<Mar 29, 2011 2:49:31 PM PDT> <Error> <oracle.iam.platform.kernel.impl>
<IAM-0080075> <XML schema validation failed for
XML/metadata/iam-features-callbacks/event_configuration/EventHandlers.xml and it
will not be loaded by kernel. >
<Mar 29, 2011 2:49:32 PM PDT> <Error> <oracle.iam.platform.kernel.impl>
<IAM-0080075> <XML schema validation failed for
23-22 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
XML/metadata/iam-features-OIMMigration/EventHandlers.xml and it will not be loaded
by kernel. >
This error message is benign and can be ignored because there is no loss of
functionality.
23.2.73 Cannot View or Edit Adapter Mapping in the Data Object Manager Form of the
Design Console
When you click Map on the Map Adapters tab in the Data Object Manager form of the
Design Console, a dialog box is displayed that allows you to edit the individual entity
adapter mappings. But the list with fields on the user object to map is displayed as
empty. As a result, you cannot view or edit the individual entity adapter mappings.
Use of entity adapters is deprecated in Oracle Identity Manager 11g Release 1 (11.1.1),
although limited support is still provided for backward compatibility only. Event
handlers must be used for all new or changed scenarios.
23.2.74 Role Memberships for Assign or Revoke Operations Not Updated on Enabling
or Disabling Referential Integrity Plug-in
In a multi-directory deployment, the secondary server must be OID. The primary
server can be OID or AD. For example, users can be stored in the OID or AD primary
server, and roles can be stored in the OID secondary server. Enabling of disabling the
referential integrity plug-in does not update the role memberships for assign or revoke
operations.
23.2.75 Deployment Manager Import Fails if Data Level for Rules is Set to 1
An entry in the Oracle Identity Manager database cannot be updated if data level is set
to 1. When you try to import a Deployment Manager XML, the following error is
displayed:
Class/Method: tcTableDataObj/updateImplementation Error :The row cannot be
updated.
[2011-04-06T07:25:36.583-05:00] [oim_server1] [ERROR] []
[XELLERATE.DDM.IMPORT] [tid: [ACTIVE].ExecuteThread: '6' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: xelsysadm] [ecid:
cad00d8aeed4d8fc:-67a4db1a:12f2abbac4b:-8000-000000000000018e,0] [APP:
oim#11.1.1.3.0] The security level for this data item indicates that it cannot be
updated.
To workaround this issue, open the XML file and change the data level for rules from
1 to 0, as shown:
<RUL_DATA_LEVEL>0</RUL_DATA_LEVEL>
23.2.76 Reconciliation Data Displays Attributes That Are Not Modified
In an Oracle Identity Manager deployment with LDAP synchronization enabled and
Microsoft Active Directory (AD) as the directory server, the Reconciliation Data tab of
the Event Management page in the Administrative and User Console displays all the
attributes of the reconciled user instead of displaying only the modified attributes.
This is because of the way AD changelogs are processed, in which the entire entry is
marked as updated when any attribute is changed. Therefore, Oracle Virtual Directory
Oracle Identity Manager 23-23
General Issues and Workarounds
(OVD) returns the full entry. There is no way to figure out which attribute has been
modified as a result of reconciliation.
23.2.77 Benign Errors Displayed on Starting the Scheduler Service When There are
Scheduled Jobs to be Recovered
When the Scheduler service is started and there are some scheduled jobs that have not
been recovered, the following error might be logged in the oim_diagnostic log:
Caused by: java.lang.NullPointerException
at
org.quartz.SimpleTrigger.computeNumTimesFiredBetween(SimpleTrigger.java:800)
at org.quartz.SimpleTrigger.updateAfterMisfire(SimpleTrigger.java:514)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport.doUpdateOfMisfiredTrigger(JobStor
eSupport.java:944)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport.recoverMisfiredJobs(JobStoreSuppo
rt.java:898)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport.recoverJobs(JobStoreSupport.java:
780)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport$2.execute(JobStoreSupport.java:75
2)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport$40.execute(JobStoreSupport.java:3
628)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport.executeInNonManagedTXLock(JobStor
eSupport.java:3662)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport.executeInNonManagedTXLock(JobStor
eSupport.java:3624)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport.recoverJobs(JobStoreSupport.java:
748)
at
org.quartz.impl.jdbcjobstore.JobStoreSupport.schedulerStarted(JobStoreSupport.
java:573)
This error is benign and can be ignored because there is no loss of functionality.
In an upgrade environment, the next time when some scheduled jobs will be triggered
is not defined. This results in a null input for Quartz code, which is not handled
gracefully in earlier versions of Quartz. This has been fixed in Quartz version 1.6.3,
and therefore, this error is not generated when you upgrade to that version of Quartz.
23.2.78 Trusted Source GTC Reconciliation Mapping Cannot Display Complete
Attribute Names
When creating a trusted GTC (for example, flat file), the right-hand column under
OIM User is not wide enough to display the complete names for many attributes. For
example, two entries are displayed as 'LDAP Organizati', whereas the attribute names
are 'LDAP Organization' and 'LDAP Organization Unit'.
To workaround this issue, click the Mapping button for the attribute. The Provide
Field Information dialog box is displayed with the complete attribute name.
23-24 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.2.79 Benign Error Logged for Database Connectivity Test
When running the database connectivity test in XIMDD, the following error is logged
multiple times:
<Apr 10, 2011 7:45:20 PM PDT> <Error> <Default> <J2EE JMX-46335> <MBean attribute
access denied.
MBean: oracle.logging:type=LogRegistration
Getter for attribute Application
Detail: Access denied. Required roles: Admin, Operator, Monitor, executing
subject: principals=[REQUEST TEMPLATE ADMINISTRATORS, SYSTEM ADMINISTRATORS,
APPROVAL POLICY ADMINISTRATORS, oimusers, xelsysadm, PLUGIN ADMINISTRATORS]
java.lang.SecurityException: Access denied. Required roles: Admin, Operator,
Monitor, executing subject: principals=[REQUEST TEMPLATE ADMINISTRATORS, SYSTEM
ADMINISTRATORS, APPROVAL POLICY ADMINISTRATORS, oim users, xelsysadm, PLUGIN
ADMINISTRATORS]
Each time the error occurs in the log, the name of the bean is different, but the error is
same. In spite of these errors, the test passes. These errors are benign and can be
ignored because there is no loss of functionality.
23.2.80 MDS Validation Error When Importing GTC Provider Through the Deployment
Manager
An MDS validation error is generated when you import the GTC provider by using
the Deployment Manager.
To workaround this issue, do not import the GTC provider through the Deployment
Manager. If the Deployment Manager XML file contains tags for GTC provider, then
remove it and import the rest of the XML by using the Deployment Manager. Import
the XML file with the GTC provider tags separately by using the MDS import utility.
To do so:
1.
If the XML file being imported through the Deployment Manager contains
<GTCProvider> tags, then remove these tags along with everything under them.
The following is an example of the original XML file to be imported:
<?xml version = '1.0' encoding = 'UTF-8'?>
<xl-ddm-data version="2.0.1.0" user="XELSYSADM"
database="jdbc:oracle:thin:@localhost:5521:myps12"
exported-date="1302888552341" description="sampleGTC"><GTCProvider
repo-type="MDS" name="InsertIntoTargetList"
mds-path="/db/GTC/ProviderDefinitions"
mds-file="InsertIntoTargetListProvTransport.xml"><completeXml><Provider><Provi
der>
<Provisioning>
<ProvTransportProvider
class="provisioningTransportProvider.InsertIntoTargetList"
name="InsertIntoTargetList">
<Configuration>
<Parameter datatype="String" name="targetServerName"
type="Runtime" encrypted="NO" required="YES"/>
<Response code="FUNCTIONALITY_NOT_SUPPORTED"
description="Functionality not supported"/>
<Response code="TARGET_SERVER_NAME_MISSING" description="Target
server name is missing"/>
<Response code="TARGET_SERVER_NAME_STARTSWITH_A"
description="Target server name starts with A, from XML"/>
<Response code="PROBLEM_WHILE_INITIALIZAING" description="Problem
occured while intializing Provider instance"/>
Oracle Identity Manager 23-25
General Issues and Workarounds
</Configuration>
</ProvTransportProvider>
</Provisioning>
</Provider></Provider></completeXml></GTCProvider><GTCProvider
repo-type="MDS" name="PrepareDataHMap" mds-path="/db/GTC/ProviderDefinitions"
mds-file="PrepareDataHMapProvFormat.xml"><completeXml><Provider><Provider>
<Provisioning>
<ProvFormatProvider class="provisioningFormatProvider.PrepareDataHMap"
name="PrepareDataHMap">
<Configuration>
<DefaultAttribute datatype="String" name="testField" size="40"
encrypted="NO"/>
<Response code="INCORRECT_PROCESS_DATA" description="Incorrect
process data received from GTC provisioning framework"/>
<Response code="PROCESSING_ISSUE" description="Processing issue
in Preparing provisioning input, check logs"/>
</Configuration>
</ProvFormatProvider>
</Provisioning>
</Provider></Provider></completeXml></GTCProvider><GTCProvider
repo-type="MDS" name="IsValidOrgInOIM" mds-path="/db/GTC/ProviderDefinitions"
mds-file="IsValidOrgInOIM.xml"><completeXml><Provider><Provider>
<Validation>
<ValidationProvider class="validationProvider.IsValidOrgInOIM"
name="IsValidOrgInOIM">
<Configuration>
<Parameter datatype="String" name="maxOrgSize"/>
</Configuration>
</ValidationProvider>
</Validation>
</Provider></Provider></completeXml></GTCProvider><GTCProvider
repo-type="MDS" name="ConvertToUpperCase"
mds-path="/db/GTC/ProviderDefinitions"
mds-file="ConvertToUpperCase.xml"><completeXml><Provider><Provider>
<Transformation>
<TransformationProvider
class="transformationProvider.ConvertToUpperCase" name="ConvertToUpperCase">
<Configuration>
<Parameter type="Runtime" datatype="String" required="YES"
encrypted="NO" name="Input"/>
<Response code="errorRespNullInput" description="Input String is
Missing"/>
</Configuration>
</TransformationProvider>
</Transformation>
</Provider></Provider></completeXml></GTCProvider><Resource repo-type="RDBMS"
name="SAMPLEGTC_GTC">....</Resource><Process repo-type="RDBMS"
name="SAMPLEGTC_GTC">
...........
</Process><Form repo-type="RDBMS" name="UD_SAMPLEGT" subtype="Process
Form">.....
</Form>....</xl-ddm-data>
2.
Import the rest of the XML file through the Deployment Manager.
The following is the XML file after removing the <GTCProvider> tags from the
original XML file. Import this XML file by using the Deployment Manager.
<?xml version = '1.0' encoding = 'UTF-8'?>
<xl-ddm-data version="2.0.1.0" user="XELSYSADM"
database="jdbc:oracle:thin:@localhost:5521:myps12"
23-26 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
exported-date="1302888552341" description="sampleGTC"><Resource
repo-type="RDBMS" name="SAMPLEGTC_GTC">....</Resource><Process
repo-type="RDBMS" name="SAMPLEGTC_GTC">
...........
</Process><Form repo-type="RDBMS" name="UD_SAMPLEGT" subtype="Process
Form">.....
</Form>....</xl-ddm-data>
The following is the removed XML content:
<GTCProvider
repo-type="MDS" name="InsertIntoTargetList"
mds-path="/db/GTC/ProviderDefinitions"
mds-file="InsertIntoTargetListProvTransport.xml"><completeXml><Provider><Provid
er>
<Provisioning>
<ProvTransportProvider
class="provisioningTransportProvider.InsertIntoTargetList"
name="InsertIntoTargetList">
<Configuration>
<Parameter datatype="String" name="targetServerName"
type="Runtime" encrypted="NO" required="YES"/>
<Response code="FUNCTIONALITY_NOT_SUPPORTED"
description="Functionality not supported"/>
<Response code="TARGET_SERVER_NAME_MISSING" description="Target
server name is missing"/>
<Response code="TARGET_SERVER_NAME_STARTSWITH_A"
description="Target server name starts with A, from XML"/>
<Response code="PROBLEM_WHILE_INITIALIZAING" description="Problem
occured while intializing Provider instance"/>
</Configuration>
</ProvTransportProvider>
</Provisioning>
</Provider></Provider></completeXml></GTCProvider>
<GTCProvider
repo-type="MDS" name="PrepareDataHMap" mds-path="/db/GTC/ProviderDefinitions"
mds-file="PrepareDataHMapProvFormat.xml"><completeXml><Provider><Provider>
<Provisioning>
<ProvFormatProvider class="provisioningFormatProvider.PrepareDataHMap"
name="PrepareDataHMap">
<Configuration>
<DefaultAttribute datatype="String" name="testField" size="40"
encrypted="NO"/>
<Response code="INCORRECT_PROCESS_DATA" description="Incorrect
process data received from GTC provisioning framework"/>
<Response code="PROCESSING_ISSUE" description="Processing issue
in Preparing provisioning input, check logs"/>
</Configuration>
</ProvFormatProvider>
</Provisioning>
</Provider></Provider></completeXml></GTCProvider>
<GTCProvider
repo-type="MDS" name="IsValidOrgInOIM" mds-path="/db/GTC/ProviderDefinitions"
mds-file="IsValidOrgInOIM.xml"><completeXml><Provider><Provider>
<Validation>
<ValidationProvider class="validationProvider.IsValidOrgInOIM"
name="IsValidOrgInOIM">
<Configuration>
<Parameter datatype="String" name="maxOrgSize"/>
Oracle Identity Manager 23-27
General Issues and Workarounds
</Configuration>
</ValidationProvider>
</Validation>
</Provider></Provider></completeXml></GTCProvider>
<GTCProvider
repo-type="MDS" name="ConvertToUpperCase"
mds-path="/db/GTC/ProviderDefinitions"
mds-file="ConvertToUpperCase.xml"><completeXml><Provider><Provider>
<Transformation>
<TransformationProvider
class="transformationProvider.ConvertToUpperCase" name="ConvertToUpperCase">
<Configuration>
<Parameter type="Runtime" datatype="String" required="YES"
encrypted="NO" name="Input"/>
<Response code="errorRespNullInput" description="Input String is
Missing"/>
</Configuration>
</TransformationProvider>
</Transformation>
</Provider></Provider></completeXml></GTCProvider>
3.
Separate the removed XML content based on the <GTCProvier> tags. The
following is an example of the first <GTCProvider> tag:
<GTCProvider repo-type="MDS" name="InsertIntoTargetList"
mds-path="/db/GTC/ProviderDefinitions"
mds-file="InsertIntoTargetListProvTransport.xml"><completeXml><Provider><Provi
der>
<Provisioning>
<ProvTransportProvider
class="provisioningTransportProvider.InsertIntoTargetList"
name="InsertIntoTargetList">
<Configuration>
<Parameter datatype="String" name="targetServerName"
type="Runtime" encrypted="NO" required="YES"/>
<Response code="FUNCTIONALITY_NOT_SUPPORTED"
description="Functionality not supported"/>
<Response code="TARGET_SERVER_NAME_MISSING" description="Target
server name is missing"/>
<Response code="TARGET_SERVER_NAME_STARTSWITH_A"
description="Target server name starts with A, from XML"/>
<Response code="PROBLEM_WHILE_INITIALIZAING" description="Problem
occured while intializing Provider instance"/>
</Configuration>
</ProvTransportProvider>
</Provisioning>
</Provider></Provider></completeXml></GTCProvider>
Resultant xml after removal of tags surronding inner <Provider> tag:
<Provider>
<Provisioning>
<ProvTransportProvider
class="provisioningTransportProvider.InsertIntoTargetList"
name="InsertIntoTargetList">
<Configuration>
<Parameter datatype="String" name="targetServerName"
type="Runtime" encrypted="NO" required="YES"/>
<Response code="FUNCTIONALITY_NOT_SUPPORTED"
description="Functionality not supported"/>
<Response code="TARGET_SERVER_NAME_MISSING" description="Target
server name is missing"/>
23-28 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
<Response code="TARGET_SERVER_NAME_STARTSWITH_A"
description="Target server name starts with A, from XML"/>
<Response code="PROBLEM_WHILE_INITIALIZAING" description="Problem
occured while intializing Provider instance"/>
</Configuration>
</ProvTransportProvider>
</Provisioning>
</Provider>
4.
From the removed <GTCProvider> tags, remove everything surrounding the
inner <Provider> tag. In other words, keep the content inside the inner
<Provider> tag. For each <Provider> tag, create a separate XML file. This results
in multiple XML files with each <Provider> tag as the root element.
The following is the resultant XML content after removal of tags surrounding the
inner <Provider> tag:
<Provider>
<Provisioning>
<ProvTransportProvider
class="provisioningTransportProvider.InsertIntoTargetList"
name="InsertIntoTargetList">
<Configuration>
<Parameter datatype="String" name="targetServerName" type="Runtime"
encrypted="NO" required="YES"/>
<Response code="FUNCTIONALITY_NOT_SUPPORTED"
description="Functionality not supported"/>
<Response code="TARGET_SERVER_NAME_MISSING" description="Target
server name is missing"/>
<Response code="TARGET_SERVER_NAME_STARTSWITH_A"
description="Target server name starts with A, from XML"/>
<Response code="PROBLEM_WHILE_INITIALIZAING" description="Problem
occured while intializing Provider instance"/>
</Configuration>
</ProvTransportProvider>
</Provisioning>
</Provider>
5.
Name the resultant XML files, which have the <Provider> tag as the root element,
with the mds-file attribute value from the <GTCProvider> tag. For example, name
the first XML file with the first <GTCProvider> tag as
InsertIntoTargetListProvTransport.xml. The file name must be the value of the
mds-file attribute.
6.
Similarly, create other GTC provider XML files. There must be one XML file for
each <GTCProvider> tag.
7.
Import the GTC Provider XML files by using the MDS utility.
23.2.81 Encrypted User-Defined Field (UDF) Cannot be Stored with Size of 4000
Characters or More
An encrypted UDF cannot be stored with size of 4000 characters or more. This is
because encryption automatically increases the column width by 1.5 times
approximately, and the size of the attribute exceeds the maximum allowable width of
4000. As a result, the UDF is automatically type-promoted to a CLOB data type. Oracle
Identity Manager 11g Release 1 (11.1.1) does not intercept this as an exception and
might subsequently show errors. This is likely to be addressed in the next patch
release.
Oracle Identity Manager 23-29
General Issues and Workarounds
However, an encrypted attribute that does not exceed the final width of 4000
characters can be stored. The specified width must factor in the increment of 1.5 times,
which means that it must not exceed approximately 2500 characters.
23.2.82 Request Approval Fails With Callback Service Failure
In an environment where SSL is enabled in the OAAM server but not in Oracle
Identity Manager and SOA server, when you create a request, the request-level
approval is successful on the SOA side, but the operational-level approval is not
displayed anywhere in the UI. When the SOA composite that provides approval
workflow for the Oracle Identity Manager request tries to invoke the request callback
Web service to indicate whether the workflow is approved or rejected, the Web service
invocation fails with the following error:
Unable to dispatch request to
http://slc402354.us.oracle.com:14000/workflowservice/CallbackService due to
exception[[
javax.xml.ws.WebServiceException:
oracle.fabric.common.PolicyEnforcementException: PolicySet Invalid: WSM-06162
PolicyReference The policy referenced by URI
"oracle/wss11_saml_token_with_message_protection_client_policy" could not be
retrieved as connection to Policy Manager cannot be established at
"t3s://slc402354:14301" due to invalid configuration or inactive state.
The error indicates that OWSM is not able to connect to the Policy Manager on the
specified port. This port is for the OAAM server in SSL mode, which is shut down.
The issue occurs because SSL is enabled in the OAAM server but not on Oracle
Identity Manager and SOA server, and the Policy Manager is also targeted on that
server. If there is an SSL-enabled Policy Manager, then OWSM does not use the
non-SSL ports anymore. In this setup, SSL is enabled only for OAAM and not for
others. Therefore, the only usable WSM Policy Manager is on OAAM. Because the
OAAM server is down, the connection to the Policy Manager is not established, and as
a result, the call fails.
To workaround this issue, start the OAAM server and then create the request.
Note:
■
■
This issue does not occur if:
OAAM server is not SSL-enabled.
SSL is enabled on any other server that is up and running, such as
Oracle Identity Manager or SOA server.
23.2.83 Localized Display Name is Not Reconciled Via User/Role Incremental
Reconciliation with iPlanet Directory Server
In an Oracle Identity Manager deployment with LDAP synchronization enabled in
which iPlanet is the directory server, the following issues occur:
■
■
The localized Display Name is not reconciled into Oracle Identity Manager via
user/role incremental reconciliation.
The localized value of the Display Name attribute is returned to Oracle Identity
Manager, but the original base value of Display Name is lost and is replaced by
the localized value that is received from iPlanet.
23-30 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.2.84 LDAP Role Hierarchy and Role Membership Reconciliation With Non-ASCII
Characters Does Not Reconcile Changes in Oracle Identity Manager
LDAP role hierarchy and role membership reconciliation jobs with non-ASCII
characters do not bring in role hierarchy and role membership changes into Oracle
Identity Manager. This issue is applicable to incremental reconciliation only.
23.2.85 Import of Objects Fails When All Objects Are Selected for Export
In an upgraded environment of Oracle Identity Manager 11g Release 1 (11.1.1), the
import of objects can fail when you select the Select All option to export the objects.
When you select all the objects to be exported, the corresponding XML file grows in
size. If it exceeds 2.5 million records, then it does not remain valid. As a result, the
import fails. However, selecting all objects works if the data is small and the generated
XML file does not exceed 2.5 million records.
To workaround this issue, select the objects to be exported in smaller logical units. For
example, if there are 20 resource objects in the system, then select four or five resource
objects with all dependencies and children objects in a XML file, and export. Then
select another five resource objects into a new XML file. Similarly, for all other objects,
such as GTC or adapters, export in small logical units in separate XML files. Examples
of logical unit grouping are:
■
Resource objects, process definition forms, adapters, IT resources, lookup
definitions, and roles
■
Organizations, attestation, and password policies
■
Access policies and rules
■
GTC and resource objects
23.2.86 Benign Audit Errors Logged After Upgrade
After upgrading from Oracle Identity Manager Release 9.1.0 to 11g Release 1 (11.1.1),
audit errors are logged. An example of such an audit error is:
IAM-0050001
oracle.iam.platform.async.TaskExecutionException: java.lang.Exception: Audit
handler failed
at com.thortech.xl.audit.engine.jms.XLAuditMessage.execute(XLAuditMessage.java:59)
These errors are benign and can be ignored because there is no loss of functionality.
23.2.87 Connector Upgrade Fails if Existing Data is Bigger in Size Than New Column
Length
In the current release of some connectors, the sizes of some process form fields have
been reduced. For example, the length of the UD_ADUSER_MNAME field in the
Microsoft Active Directory connector release 9.1.1.5 has been reduced to 6 characters
from 80 characters in release 9.0.4.16 of the connector. The length of the existing data
in these columns or fields are already bigger in size than the new column length. As a
result, the connector upgrade fails, and the following error is logged:
<Apr 16, 2011 4:52:37 PM GMT+05:30> <Error> <XELLERATE.DATABASE> <BEA-000000>
<ALTER TABLE UD_ADUSER MODIFY UD_ADUSER_MNAME VARCHAR2(6) java.sql.SQLException:
ORA-01441: cannot decrease column length because some value is too big
To workaround this issue:
Oracle Identity Manager 23-31
General Issues and Workarounds
1.
Make sure that you create a backup of the database.
2.
Restore the backed up database.
3.
Check the logs to locate the 'ORA-01441: cannot decrease column length because
some value is too big' exception. Note the form field name, such as UD_ADUSER_
MNAME.
4.
Open the Deployment Manager XML file that you are using for upgrade. Search
for the form field in the <SDC_SQL_LENGTH> tag, and change the length to the
base version length. You can get the base version length in the Deployment
Manager XML of the base connector.
5.
Retry the upgrade.
23.2.88 Connector Artifacts Count Increases in the Deployment Manager When File is
Not Imported
When you upgrade a connector, map the connector artifacts between the base and
latest versions, select the connector objects to be upgraded, and exit the upgrade
without importing the objects by using the Deployment Manager, the connector
artifacts count in the left panel displays more than the actual count. When this process
is repeated, the artifacts count continues increasing. This is a known issue, and there is
no loss of functionality.
23.2.89 Uploading JAR Files By Using the Upload JAR Utility Fails
When SSL is enabled for Oracle Identity Manager, uploading the JAR files by using the
Upload JAR utility fails with the following error:
Error occurred in performing the operation:
Exception in thread "main" java.lang.NullPointerException at
oracle.iam.platformservice.utils.JarUploadUtility.main(JarUploadUtility.java:229)
With SSL enabled in Oracle Identity Manager, the server URL must contain the exact
host name or IP address. If localhost is used as the host name, then the error is
generated.
To workaround this issue, use the exact server URL.
23.2.90 Oracle Identity Manager Data and MT Upgrade Fails Because Change of
Database User Password
If you are NOT upgrading the original Oracle Identity Manager Release 9.x database,
but choose to export/import to a new database, then you must make sure that the
database connection setting, schema name, and password in the OIM_
HOME/xellerate/config/xlconfig.xml file used for the upgrade is correct.
To workaround this issue, change the Oracle Identity Manager database information
in the xlconfig.xml file. You must create a backup of this file before updating it. To
update the file with the new database information, modify the information of the
loaction where the database has been imported in the <URL>, <username>, and
<Password ...> tags, as shown:
<DirectDB>
<driver>oracle.jdbc.driver.OracleDriver</driver>
<url>jdbc:oracle:thin:@localhost:1522:oimdb</url>
<username>oimadm</username>
<password encrypted="false"><NEW_PASSWORD_FOR_OIM_DB_USER></password>
<maxconnections>5</maxconnections>
23-32 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
<idletimeout>360</idletimeout>
<checkouttimeout>1200</checkouttimeout>
<maxcheckout>1000</maxcheckout>
</DirectDB>
23.2.91 Reverting Unsaved UDFs Are Not Supported in the Administration Details Page
for Roles and Organizations
The Administration Details pages for roles and organizations in the Administrative
and User Console do not support reverting unsaved UDF attribute values. Therefore,
if you modify the UDF attribute values for a role or organization and then do not want
to save the changes to these attributes, then perform one of the following:
■
■
Close the tab with the modified role or organization. A warning message is
displayed asking if you want to continue. Clicking Yes cancels all unsaved
changes.
You can manually edit the modified attributes to their original state. Saving the
entity applies any other desired changes made.
23.2.92 Resources Provisioned to User Without Checking Changes in User Status After
Request is Submitted
After submission of a request, if the user associated with the request, such as
beneficiary, requester, or approver, is disabled or deleted, then the resources are
provisioned to the user without checking for user status, such as Disabled or Deleted,
after the request is approved.
23.2.93 Config.sh Command Fails When JRockit is Installed With Data Samples and
Source
When you install jrockit-jdk1.6.0_24-R28.1.3-4.0.1-linux-x64.bin with demo samples
and source, and install Oracle WebLogic Server using wls1035_generic.jar on a Linux
64-bit computer, and run Oracle Identity Manager configuration wizard by running
the config.sh command from the $ORACLE_HOME/bin/ directory, the Oracle
universal installer does not start and the following error message is displayed:
config.sh: line 162: 9855 Segmentation fault $INSTALLER_DIR/runInstaller
-weblogicConfig ORACLE_HOME="$ORACLE_HOME" -invPtrLoc
$ORACLE_HOME/oraInst.loc -oneclick $COMMANDLINE -Doracle.config.mode=true
23.2.94 Unexpected Memory Usage in Oracle Identity Manager 11g Release 1(11.1.1)
On running scheduled tasks that perform user orchestration in bulk, such as
EndDateSchedulerTask and StartDateSchedulerTask, Oracle Identity Manager 11g
Release 1 (11.1.1) might consume large memory space. This can cause Out of Memory
issues.
This is a known issue, and a workaround is not available for this in the current release.
23.2.95 Reports Link No Longer Exists in the Administrative and User Console
Under the Administration tab of the Advanced Administration in the Administrative
and User Console, the Reports link to generate BI Publisher Reports has been
removed, even though BIP has been selected while installing Oracle Identity Manager.
Oracle Identity Manager 23-33
General Issues and Workarounds
23.2.96 Not Allowing to Delete a Role Whose Assigned User Members are Deleted
If the user members of a role have been deleted before revoking the role memberships,
then the role cannot be deleted. Therefore, you must revoke the user role memberships
that have been explicitly assigned before deleting the user.
23.2.97 Roles and Organizations Do Not Support String UDFs of Password Type
Creating a String UDF of password type for roles and organizations is not supported.
If you try to create such a UDF, then the Administrative and User Console does not
allow you create roles and organizations.
23.2.98 Manage Localizations Dialog Box Does Not Open After Modifying Roles
After a role is modified, the Manage Localizations dialog box is not opening on
clicking the Manage Localizations button in the role details page.
To open the Manage Localizations dialog box after modifying a role, close the role
details page and open it again.
23.2.99 Not Allowing to Create User With Language-Specific Display Name Values
In an Oracle Identity Manager deployment with Microsoft Active Directory (AD) as
the LDAP server, localized display name values are supported when you specify the
oimLanguage parameter values in the UserManagement plugin adapter for AD via
OVD. However, a user cannot be created when a language-specific value for the
Display Name attribute is specified in Canadian French or Latin American Spanish,
even if these languages have been specified in oimLanguage. In addition, when you
create a user without language-specific Display Name, and then modify the user to
add Canadian French or Latin American Spanish Display Name values, the same issue
persists.
23.2.100 SoD Check Results Not Displayed for Requests Created by Users for the
PeopleSoft Resource
SoD check results are not displayed for the requests created by users for the PeopleSoft
(PSFT) resource.
To workaround this issue:
1.
Open the PSFT connector XML file.
2.
Under the <ITResource name = "PSFT Server"> tag, add the following:
<ITResourceAdministrator>
<SUG_READ>1</SUG_READ>
<SUG_UPDATE>1296129050000</SUG_UPDATE>
<UGP_KEY UserGroup = "ALL USERS"/>
</ITResourceAdministrator>
3.
Save the PSFT connector XML file.
4.
Manually add or assign the ALL USERS role with Read permission to the PSFT
Server IT resource.
23-34 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
23.2.101 The XL.UnlockAfter System Property and the Automatically Unlock User
Scheduled Job Do Not Take Effect
The XL.UnlockAfter system property determines the unlock time for the locked user
accounts after the specified time. If the user account is locked because of the maximum
login attempt failure with invalid credentials, then the account is automatically
unlocked after the time (in minutes) as configured in the XL.UnlockAfter system
property. By default, the value of this system property is 0, which implies that the
locked user is never unlocked automatically.
The Automatically Unlock User scheduled job is responsible for unlocking such users.
This scheduled job is configured to run after every 24 hours (1 day).
Therefore, even after the maximum time of Oracle WebLogic lockout threshold and
expiry of the time specified for the XL.UnlockAfter system property, the locked users
might not be able to login unless the Automatically Unlock User scheduled job is run.
If you are changing the default value of the XL.UnlockAfter system property, then it is
recommended to change the frequency of the Automatically Unlock User scheduled
task so that both the values are in sync. This ensures that the scheduled task gets
triggered at the appropriate interval, and the users are unlocked successfully and are
able to login in to Oracle Identity Manager.
23.2.102 Resetting Password on Account Lockout Does Not Unlock User
In a Oracle Identity Manager deployment with LDAP synchronization enabled and
integrated with Oracle Access Manager (OAM), a user is locked on entering incorrect
password more than the maximum allowed limit. However, the user is not allowed to
unlock by resetting the password until after reconciliation is run.
23.2.103 Incremental and Full Reconciliation Jobs Cannot Be Run Together
Both incremental and full reconciliation jobs cannot be run at the same time.
Incremental reconciliation jobs are enabled and run in periodic intervals of 5 minutes.
At the same time, when full reconciliation job is run, an error is generated.
To workaround this issue, if full reconciliation needs to be run, then disable the
incremental reconciliation jobs before running the full reconciliation jobs. After full
reconciliation completes successfully, re-enable the incremental reconciliation jobs.
23.2.104 Incorrect Content in the ScheduleTask Jars Loaded and Third Party Jars
Tables in the MT Upgrade Report
When Oracle Identity Manager release 9.1.x is upgraded to Oracle Identity Manager
11g Release 1 (11.1.1), the contents of the ScheduleTask Jars Loaded and Third Party
Jars tables in the CRBUpgradeReport.html page generated by MT upgrade are not
correct. The original scheduled task JARs are not displayed in the ScheduleTask Jars
Loaded table. Therefore, you must run the SQL query query to know the scheduled
task JARs. In addition, the third-party JARs are incorrectly placed in the ScheduleTask
Jars Loaded table.
However, this does not result in any loss of functionality.
Oracle Identity Manager 23-35
Configuration Issues and Workarounds
23.2.105 Scroll Bar Not Available on the Select Connector Objects to Be Upgraded
Page of the Connector Management - Upgrading Wizard
If the Connector Management - Upgrading wizard is opened by using Microsoft
Internet Explorer, then all the fields and buttons on the Step 13: Select Connector
Objects to Be Upgraded page might not be visible. There is no scroll bar available in
this page. Therefore, maximize the window to display all the controls in the page.
23.3 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
Configuring UDFs to be Searchable for Microsoft Active Directory Connectors
■
Creating or Modifying Role Names When LDAP Synchronization is Enabled
■
ADF Issue Causes Oracle Identity Manager to Fail on the Sun JDK
■
Nexaweb Applet Does Not Load In an Oracle Identity Manager and Oracle Access
Manager Integrated Environment
■
Packing a Domain With managed=false Option
■
Option Not Available to Specify if Design Console is SSL-Enabled
■
Nexaweb Applet Does Not Load in JDK 1.6.0_20
■
Oracle Identity Manager and Design Console Must be Installed in Different
Directory Paths
23.3.1 Configuring UDFs to be Searchable for Microsoft Active Directory Connectors
A Microsoft Active Directory connector installation automatically creates a UDF: USR_
UDF_OBGUID. When you add a new user-defined field (UDF), the "searchable"
property will be false by default unless you provide a value for that property. After
installing an Active Directory connector, you must perform the following steps to
make the user-defined field searchable:
1.
2.
Using the Advanced Administration console (user interface), change the
"searchable" UDF property to true by performing the following steps:
a.
Click the Advanced tab.
b.
Select User Configuration and then User Attributes.
c.
Modify the USR_UDF_OBGUID attribute in the Custom Attributes section by
changing the "searchable" property to true.
Using the Identity Administration console (user interface), create a new Oracle
Entitlement Server policy that allows searching the UDF by performing the
following steps:
a.
Click the Administration tab and open the Create Authorization policy.
b.
Enter a Policy Name, Description, and Entity Name as User Management.
c.
Select Permission, then View User Details, and then Search User.
d.
Edit the Attributes for View User Details and select all of the attributes.
e.
Select the SYSTEM ADMINSTRATOR role name.
f.
Click Finish.
23-36 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
23.3.2 Creating or Modifying Role Names When LDAP Synchronization is Enabled
When LDAP synchronization is enabled and you attempt to create or modify a role,
entering a role name comprised of approximately 1,000 characters prevents the role
from being created or modified and causes a Decoding Error to appear. To work
around this issue, use role names comprised of fewer characters.
23.3.3 ADF Issue Causes Oracle Identity Manager to Fail on the Sun JDK
Due to an ADF issue, using the Oracle Identity Manager application with the Sun JDK
causes a StringIndexOutOfBoundsException error. To work around this issue, add the
following option to the DOMAIN_HOME/bin/setSOADomainEnv.sh or the
setSOADomainEnv.cmd file:
1.
Open the DOMAIN_HOME/bin/setSOADomainEnv.sh or
setSOADomainEnv.cmd file.
2.
Add the -XX:-UseSSE42Intrinsics line to the JVM options.
3.
Save the setSOADomainEnv.sh or setSOADomainEnv.cmd file.
Note:
This error does not occur when you use JRockit.
23.3.4 Nexaweb Applet Does Not Load In an Oracle Identity Manager and Oracle
Access Manager Integrated Environment
In an Oracle Identity Manager and Oracle Access Manager (OAM) integrated
environment, when you login to the Oracle Identity Manager Administrative and User
Console and click a link that opens the Nexaweb applet, the applet does not load.
To workaround this issue, configure loading of the NexaWeb Applet in an Oracle
Identity Manager and OAM integrated environment. To do so:
1.
Login to the Oracle Access Manager Console.
2.
Create a new Webgate ID. To do so:
a.
Click the System Configuration tab.
b.
Click 10Webgates, and then click the Create icon.
c.
Specify values for the following attributes:
Name: NAME_OF_NEW_WEBGATE_ID
Access Client Password: PASSWORD_FOR_ACCESSING_CLIENT
Host Identifier: IDMDomain
d.
Click Apply.
e.
Edit the Webgate ID, as shown:
set 'Logout URL' = /oamsso/logout.html
f.
Deselect the Deny On Not Protected checkbox.
3.
Install a second Oracle HTTP Server (OHS) and Webgate. During Webgate
configurations, when prompted for Webgate ID and password, use the Webgate
ID name and password for the second Webgate that you provided in step 2c.
4.
Login to the Oracle Access Manager Console. In the Policy Configuration tab,
expand Application Domains, and open IdMDomainAgent.
Oracle Identity Manager 23-37
Configuration Issues and Workarounds
5.
Expand Authentication Policies, and open Public Policy. Remove the following
URLs in the Resources tab:
/xlWebApp/.../*
/xlWebApp
/Nexaweb/.../*
/Nexaweb
6.
Expand Authorization Policies, and open Protected Resource Policy. Remove the
following URLs in the Resources tab:
/xlWebApp/.../*
/xlWebApp
/Nexaweb/.../*
/Nexaweb
7.
Restart all the servers.
8.
Update the obAccessClient.xml file in the second Webgate. To do so:
a.
Create a backup of the SECOND_WEBGATE_
HOME/access/oblix/lib/ObAccessClient.xml file.
b.
Open the DOMAIN_HOME/output/WEBGATE_ID_FOR_SECOND_
WEBGATE/ObAccessClient.xml file.
Note:
c.
9.
Ensure that the DenyOnNotProtected parameter is set to 0.
Copy the DOMAIN_HOME/output/WEBGATE_ID_FOR_SECOND_
WEBGATE/ObAccessClient.xml file to the SECOND_WEBGATE_
HOME/access/oblix/lib/ directory.
Copy the mod_wls_ohs.conf from the FIRST_OHS_INSTANCE_
HOME/config/OHS_NAME/directory to the SECOND_OHS_INSTANCE_
HOME/config/OHS_NAME/ directory. Then, open the mod_wls_host.conf of the
second OHS to ensure the WebLogicHost and WeblogicPort are still pointing to
Oracle Identity Manager managed server host and port.
10. Remove or comment out the following lines in the SECOND_OHS_INSTANCE_
HOME/config/OHS_NAME/httpd.conf file:
<LocationMatch "/oamsso/*">
Satisfy any
</LocationMatch>
11. Copy the logout.html file from the FIRST_WEBGATE_HOME/access/oamsso/
directory to the SECOND_WEBGATE_HOME/access/oamsso/ directory. Then,
open the logout.html file of the second Webgate to ensure that the host and port
setting of the SERVER_LOGOUTURL variable are pointing to the correct OAM
host and port.
12. Login to Oracle Access Manager Console. In the Policy Configuration tab, expand
Host Identifiers, and open the host identifier that has the same name as the
second Webgate ID name. In the Operations section, verify that the host and port
for the second OHS are listed. If not, then click the add icon (+ sign) to add them.
Then, click Apply.
23-38 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
13. Use the second OHS host and port in the URL for the OAM login page for Oracle
Identity Manager. The URL must be in the following format:
http://SECOND_OHS_HOST:SECOND_OHS_
PORT/admin/faces/pages/Admin.jspx
23.3.5 Packing a Domain With managed=false Option
When a domain is packed with the managed=false option and unpacked on the
another computer, Oracle Identity Manager Authentication Provider is not recognized
by WebLogic and basic administrator authentication fails when the Oracle Identity
Manager managed server is started.
The following workaround can be applied for performing successful authentication
via Oracle Identity Manager Authentication Provider:
1.
Login in to the Oracle WebLogic Administrative Console by using the following
URL:
http://HOST_NAME:ADMIN_PORT/console
2.
Navigate to Security Realms, Realm(myrealm), and then to Providers.
3.
Delete OIMAuthenticationProvider.
Make sure that you note the provider-specific details, such as
the database URL, password, and driver, before deleting the provider.
Note:
4.
Restart the WebLogic Administrative Server.
5.
Navigate to Security Realms, Realm(myrealm), and then to Providers.
6.
Create a new Authentication Provider of type OIMAuthenticationProvider.
7.
Enter the provider specific details and mark the control flag as SUFFICIENT.
8.
Restart the WebLogic Administrative Server.
9.
Restart Oracle Identity Manager and other servers, if any.
23.3.6 Option Not Available to Specify if Design Console is SSL-Enabled
While configuring Oracle Identity Manager Design Console, you cannot specify if
Design Console is SSL-enabled.
To workaround this issue after installing Oracle Identity Manager Design Console,
edit the OIM_HOME/designconsole/config/xlconfig.xml file to change the protocol
in the Oracle Identity Manager URL from t3 to t3s.
23.3.7 Nexaweb Applet Does Not Load in JDK 1.6.0_20
Deployment Manager and Workflow Visualizer might not work if the client browser
has JDK/JRE installed on it whose version is 1.6.0_20. To workaround this issue,
uninstall the JDK/JRE version 1.6.0_20 from the client browser and reinstall the
JDK/JRE version 1.6.0_15.
Oracle Identity Manager 23-39
Multi-Language Support Issues and Limitations
23.3.8 Oracle Identity Manager and Design Console Must be Installed in Different
Directory Paths
Oracle recommends to install Oracle Identity Manager and the Design Console in
different directory paths.
23.4 Multi-Language Support Issues and Limitations
This section describes multi-language issues and limitations. It includes the following
topics:
■
■
■
Multi-language Valued Attributes in SPML and Oracle Identity Manager Do Not
Match
Login Names with Some Special Characters May Fail to Register
The Create Role, Modify Role, and Delete Role Request Templates are Not
Available for Selection in the Request Templates List
■
Parameter Names and Values for Scheduled Jobs are Not Translated
■
Bidirectional Issues for Legacy User Interface
■
Localization of Role Names, Role Categories, and Role Descriptions Not
Supported
■
Localization of Task Names in Provisioning Task Table Not Supported
■
Localization of Search Results of Scheduled Tasks Not Supported
■
■
■
Searching for User Login Names Containing Certain Turkish Characters Causes an
Error
Localization of Notification Template List Values for Available Data Not
Supported
Searching for Entity Names Containing German "ß" (Beta) Character Fails in Some
Features
■
Special Asterisk (*) Character Not Supported
■
Translated Error Messages Are Not Displayed in UI
■
Reconciliation Table Data Strings are Hard-coded on Reconciliation Event Detail
Page
■
Translated Password Policy Strings May Exceed the Limit in the Background Pane
■
Date Format Validation Error in Bi-Directional Languages
■
Mistranslation on the Create Job page
■
■
■
■
■
E-mail Notification for Password Expiration Cannot Be Created With Arabic
Language Setting
Translated Justification is Not Displayed in Access Policy-Based Resource
Provisioning Request Detail
Additional Single Quotes Displayed in GTC Reconciliation Mapping Page for
French UI
Not Allowing to Enter Design Console Password When Server Locale is Set to
Simple Chinese, Traditional Chinese, Japanese, or Korean
Bidirectional Text Not Supported in Nexaweb Pages
23-40 Oracle Fusion Middleware Release Notes
Multi-Language Support Issues and Limitations
■
■
Do Not Modify Oracle Identity Manager Predefined System Properties in
Non-English Locale
Error Generated When Translated String for System Property Name Exceeds
Maximum Allowed Length in PTY_NAME Column
■
Password Notification is Not Sent if User Login Contains Special Characters
■
Reset Password Fails if User Login Contains Lowercase Special Characters
23.4.1 Multi-language Valued Attributes in SPML and Oracle Identity Manager Do Not
Match
Oracle Identity Manager supports only the Display Name attribute for multi-language
values. SPML specifies additional attributes, such as commonName and surname, as
multi-language valued in the PSO schema. When multiple locale-values are specified
in an SPML request for one of these attributes, only a single value is picked and passed
to Oracle Identity Manager. The request will not fail and a warning message
identifying the attributes and the value that was passed to Oracle Identity Manager is
provided in the response.
23.4.2 Login Names with Some Special Characters May Fail to Register
In Oracle Identity Manager, the user login name is case-insensitive. When a user is
created, the login name is converted to upper case and saved in the database. But the
password is always case-sensitive. However, some special characters may encounter
an error while registering to Oracle Identity Manager:
■
Both the Greek characters &#963; (sigma) and &#962; (final sigma) maps to the
&#931; character.
■
Both English character i and Turkish character &#305; maps to the I character.
■
Both German character ß and English string SS maps to the SS string.
This means that two user login names containing these special characters when the
other characters in the login names are same cannot be created. For example, the user
login names Johnß and JohnSS maps to the same user login name. If Johnß already
exists, then creation of JohnSS is not allowed because both the ß character and the SS
string maps to the SS string.
23.4.3 The Create Role, Modify Role, and Delete Role Request Templates are Not
Available for Selection in the Request Templates List
The Create Role, Modify Role, and Delete Role request templates are not available in
the Request Templates list of the Create Request wizard. This is because request
creation by using any request template that are based on the Create Role, Modify Role,
and Delete Role request models are supported from the APIs, but not in the UI.
However, you can search for these request templates in the Request Templates tab. In
addition, the Create Role, Modify Role, and Delete Role request models can be used to
create approval policies and new request templates.
23.4.4 Parameter Names and Values for Scheduled Jobs are Not Translated
In the Create Job page of Oracle Identity Manager Advanced Administration, the
fields in the Parameter section and their values are not translated. The parameter field
names and values are available only in English.
Oracle Identity Manager 23-41
Multi-Language Support Issues and Limitations
23.4.5 Bidirectional Issues for Legacy User Interface
The following are known issues in the legacy user interface, also known as TransUI,
contained in the xlWebApp war file:
■
Hebrew bidirectional is not supported
■
Workflow designer bidirectional is not supported for Arabic and Hebrew
23.4.6 Localization of Role Names, Role Categories, and Role Descriptions Not
Supported
Localization of role names, categories, and descriptions is not supported in this
release.
23.4.7 Localization of Task Names in Provisioning Task Table Not Supported
All Task Name values in the Provisioning Task table list are hard-coded and these
pre-defined process task names are not localized.
23.4.8 Localization of Search Results of Scheduled Tasks Not Supported
When you search Scheduler Tasks using a Simple or Advanced search, the search
results are not localized.
23.4.9 Searching for User Login Names Containing Certain Turkish Characters Causes
an Error
On the Task Approval Search page, if you select "View Tasks Assigned To", then
"Users You Manage", and then choose a user whose login name contains a Turkish
Undotted "&#305" or a Turkish dotted "&#304" character, a User Not Found error will
result.
23.4.10 Localization of Notification Template List Values for Available Data Not
Supported
Localizing Notification Template Available Data list values is not supported in this
release. Oracle Identity Manager depends upon the Velocity framework to merge
tokens with actual values, and Velocity framework does not allow a space in token
names.
23.4.11 Searching for Entity Names Containing German "ß" (Beta) Character Fails in
Some Features
When you search for entity names containing the special German "ß" (beta) character
from the Admin Console, the search fails in the following features:
23-42 Oracle Fusion Middleware Release Notes
Multi-Language Support Issues and Limitations
■
System Configuration
■
Request Template
■
Approve Policy
■
Notification
In these features, the "ß" character matches to "ss" instead of itself. Consequently, the
Search function cannot find entity names that contain the German beta character.
23.4.12 Special Asterisk (*) Character Not Supported
Although special characters are supported in Oracle Identity Manager, using the
asterisk character (*) can cause some issues. You are advised not to use the asterisk
character when creating or modifying user roles and organizations.
23.4.13 Translated Error Messages Are Not Displayed in UI
Oracle Identity Manager does not support custom resource bundles for Error Message
display in user interfaces. Currently, there is no workaround for this issue.
23.4.14 Reconciliation Table Data Strings are Hard-coded on Reconciliation Event
Detail Page
Some of the table data strings on the Reconciliation Event Detail page are hard-coded,
customized field names. These strings are not localized.
23.4.15 Translated Password Policy Strings May Exceed the Limit in the Background
Pane
Included as per bug# 9539501
The password policy help description may run beyond the colored box in some
languages and when the string is too long. Currently, there is no workaround for this
issue.
23.4.16 Date Format Validation Error in Bi-Directional Languages
When Job Detail page is opened in bi-directional languages, you cannot navigate away
from this page because of "Date Format Validation Error". To work around this issue,
select a value for the "Start Date" using the date-time control and then move to another
page.
23.4.17 Mistranslation on the Create Job page
On the Japanese locale (LANG=ja_JP.UTF-8), "Fourth Wednesday" is mistranslated as
"Fourth Friday" on the Create Job page when "Cron" is selected as the Schedule Type
and "Monthly on given weekdays" is selected as the Recurring Interval.
Oracle Identity Manager 23-43
Multi-Language Support Issues and Limitations
23.4.18 E-mail Notification for Password Expiration Cannot Be Created With Arabic
Language Setting
When the server locale is set to ar_AE.utf8 and values for user.language and
user.region system properties are ar and AE respectively, if you create a password
expiration warning e-mail notification in the Design Console, the value AE is not
available for selection in the Region field. As a result, the email notification message
cannot be created.
To workaround this issue:
1.
Open the Lookup Definitions form in the Design Console.
2.
Search for 'Global.Lookup.Region'.
3.
Add an entry with Code key and Decode value as 'AE'. You can now create an
e-mail definition with language ar and region AE.
23.4.19 Translated Justification is Not Displayed in Access Policy-Based Resource
Provisioning Request Detail
When an access policy with approval is created, it generates a resource provisioning
request that is subject to approval. In the request details page in Self Service or
Advanced Administration, the translated request justification according to the locale
setting by the user is not displayed. The justification is displayed in the default server
locale.
23.4.20 Additional Single Quotes Displayed in GTC Reconciliation Mapping Page for
French UI
When you set the Oracle Identity Manager Administrative and User Console locale to
French, select the Provisioning and Reconciliation checkboxes while creating a Generic
Technology Connector (GTC), and map the reconciliation fields in the page for
modifying mapping fields, a message is displayed with two single quotes. You can
ignore the single quotes because this is benign and has no effect on functionality.
23.4.21 Not Allowing to Enter Design Console Password When Server Locale is Set to
Simple Chinese, Traditional Chinese, Japanese, or Korean
When you set the server locale to Simple Chinese, Traditional Chinese, Japanese, or
Korean, and start the Design Console, you are not allowed to enter the password to
login to the Design Console.
To workaround this issue:
1.
Kill all scim processes. To do so, run the following command:
kill `pgrep scim`
2.
Edit the scim config file. To do so:
a.
Search for the following line:
/FrontEnd/X11/Dynamic = ......
b.
Enter true as the value, as shown:
/FrontEnd/X11/Dynamic = true
23-44 Oracle Fusion Middleware Release Notes
Documentation Errata
Note:
If this line does not exist, then enter:
/Frontend/X11/Dynamic = true
c.
Save the file.
3.
Log out of the VNC viewer.
4.
Restart the VNC server and log in again. You can now enter the password for the
Design Console.
23.4.22 Bidirectional Text Not Supported in Nexaweb Pages
The Nexaweb pages that open from the Oracle Identity Manager Administrative and
User Console do not support bidirectional text. For example, when you select any of
the languages that are written from right to left, such as Arabic or Hebrew, and click
Install Connector on the Welcome page, search for a connector, click Upgrade, and
then proceed to step 13 of the Connector Upgrade wizard, the text in the page is not
displayed from right to left.
23.4.23 Do Not Modify Oracle Identity Manager Predefined System Properties in
Non-English Locale
When the user preference language for the Administrative and User Console is not
English, and you update the value of a predefined system property in Oracle Identity
Manager, translated property name and keyword are written in the PTY table.
Therefore, on searching for system properties in the Administrative and User Console,
this system property is not found.
23.4.24 Error Generated When Translated String for System Property Name Exceeds
Maximum Allowed Length in PTY_NAME Column
When you try to set the value of a system property in a Western language UI, such as
French, and if the translation string length exceeds the maximum allowed length,
which is 80 characters, in the PTY_NAME column of the PTY table, then an error is
generated.
23.4.25 Password Notification is Not Sent if User Login Contains Special Characters
For a user entity created with valid e-mail address in LDAP, if the User Login contains
the German beta character, then the notification message is not sent on running LDAP
user create/update full reconciliation.
23.4.26 Reset Password Fails if User Login Contains Lowercase Special Characters
In a Oracle Identity Manage deployment with LDAP synchronization enabled, if the
User Login contains special characters such as Turkis dotted I, dotless i, German beta,
and Greek sigma in lowercase format, then the reset password does not work.
To workaround this issue, use uppercase User Login to reset password because User
Login is not case-sensitive in Oracle Identity Manager.
23.5 Documentation Errata
Documentation Errata: Currently, there are no documentation issues to note.
Oracle Identity Manager 23-45
Documentation Errata
23-46 Oracle Fusion Middleware Release Notes
24
Oracle Identity Navigator
24
This chapter describes issues associated with Oracle Identity Navigator. It includes the
following topics:
■
Section 24.1, "General Issues and Workarounds"
■
Section 24.2, "Configuration Issues and Workarounds"
■
Section 24.3, "Documentation Errata"
24.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topics:
■
Section 24.1.1, "Avoid Selecting Reset Page in Dashboard Edit Mode"
■
Section 24.1.2, "How to Navigate Product Registration Using the Keyboard"
■
Section 24.1.3, "How to Navigate Product Discovery When Using the Keyboard"
■
Section 24.1.4, "Color Contrast is Inadequate for Some Labels in Edit Mode"
■
Section 24.1.5, "No Help Topic in Dashboard Edit Mode"
■
Section 24.1.6, "Customization Problem in Internet Explorer 7"
■
Section 24.1.7, "Discovery Problem in Internet Explorer 7"
■
■
■
■
Section 24.1.8, "How to Navigate BI Publisher Configuration When Using the
Keyboard"
Section 24.1.9, "User Missing From Common Admin Role Search Results"
Section 24.1.10, "Unable to View Users After Log in Or Log In Fails In Oracle
Identity Manager Environment"
Section 24.1.11, "Horizontal Scroll-bar Missing in Discovery Wizard"
24.1.1 Avoid Selecting Reset Page in Dashboard Edit Mode
If you select Customize to personalize the Dashboard, then click Reset Page, expect an
error message. Reload Oracle Identity Navigator to recover from this error.
24.1.2 How to Navigate Product Registration Using the Keyboard
In the Product Registration section of the Administration screen, after you enter data
into all the fields in the right pane, you must enter many Tab strokes to reach the Test,
Save, or Cancel button. As a workaround, you can use Shift-Tab to move in the
opposite direction.
Oracle Identity Navigator 24-1
General Issues and Workarounds
You cannot use the Tab key alone to navigate the left pane of the Product Registration
section. Use the Tab to move focus to the first category, then click the left or right
arrow keys to expand and collapse the tree. Use the up and down arrow keys to
navigate the nodes.
24.1.3 How to Navigate Product Discovery When Using the Keyboard
When you use Product Discovery to discover consoles, you enter a Host and Port,
then click Next. Then, in the Add Products pane, you enter a Display Name for each
of the products. If you want to change the display name, you must delete the entire
name to retype it. Alternatively, you can enter the F2 key to switch to insert mode,
then use left and right arrow keys to move around the display name characters.
You cannot use the arrow keys alone to navigate through the Category list on the Add
Products pane. Inside the editable table, use the F2 key to focus on a field, then use up
and down arrows to make a selection within the field.
24.1.4 Color Contrast is Inadequate for Some Labels in Edit Mode
After clicking Customize to change the layout of the Dashboard, some users might
find certain labels, such as + Add Content, difficult to read, due to poor contrast.
24.1.5 No Help Topic in Dashboard Edit Mode
If you select Customize to personalize the Dashboard, then click the? icon for Oracle
Composer Help, the help page displays Topic Not Found.
See "Personalizing Oracle Identity Navigator" in Oracle Fusion Middleware
Administrator's Guide for Oracle Identity Navigator for more information about
personalizing the Dashboard.
24.1.6 Customization Problem in Internet Explorer 7
If you enter Edit mode by clicking Customize in the global navigation links on the
Dashboard in IE7, you will not be able to edit the page because the toolbar is hidden.
As a workaround, use a different browser. If you use Internet Explorer 8, do not use
compatibility mode.
24.1.7 Discovery Problem in Internet Explorer 7
Intermittently, when you use product discovery in Internet Explorer 7, buttons might
disappear in the product discovery wizard. Refresh the browser to correct this
problem.
24.1.8 How to Navigate BI Publisher Configuration When Using the Keyboard
When you use keyboard navigation to configure BI Publisher, when the Component
Path dialogue box opens, use the Tab key along with the arrow keys to navigate in tree
structure.
24.1.9 User Missing From Common Admin Role Search Results
The last user assigned the Application Configuration role may not appear in the
Common Admin Roles search results list. This can occur if a search for Common
Admin Roles is performed in the Access Privileges page immediately after assigning
this role.
24-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
To workaround this issue, click another role type in the Role Name pane, then click
Application Configuration role. The user last assigned the Application Configuration
role displays in the Access Privileges list.
24.1.10 Unable to View Users After Log in Or Log In Fails In Oracle Identity Manager
Environment
This issue can affect environments configured to use both Oracle Identity Manager
and Oracle Identity Navigator. After log in to Oracle Identity Navigator using the
bootstrap administrator credentials, users may not be visible in Access Privileges page.
Or the log in attempt will fail. Issue is caused if the identity store entry in
jps-config.xml is changed from the default value, <serviceInstanceRef
ref="idstore.ldap"/>, to <serviceInstanceRef ref="idstore.oim"/>.
To verify this entry, check the value in <Extended_Domain_
Home>/config/fmwconfig/jps-config.xml as follows:
1.
Search for the jpscontexts section, with the name default, in the file. The section
looks like the following:
<jpsContext name="default">
<serviceInstanceRef
<serviceInstanceRef
<serviceInstanceRef
<serviceInstanceRef
<serviceInstanceRef
</jpsContext>
2.
ref="credstore"/>
ref="keystore"/>
ref="policystore.xml"/>
ref="audit"/>
ref="idstore.oim"/>
To change the entry, perform steps 1 through 11 as detailed in Chapter 20, 20.5.5
"Post-Configuration Steps", in Oracle Fusion Middleware Installation Guide for Oracle
Identity Management.
Oracle Authorization Policy Manager does not need to be installed in your
environment to perform this procedure.
24.1.11 Horizontal Scroll-bar Missing in Discovery Wizard
The full URL may not be viewable in the second page of the Discovery Wizard when
viewed in a browser window.
To workaround this issue, collapse the left pane to view the full URL.
24.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
■
■
Section 24.2.1, "No Oracle Icon is Visible in HTML Reports"
Section 24.2.2, "Problems with Administration Screen When Using JAWS Screen
Reader"
Section 24.2.3, "SSO-Protected Consoles Must Be Configured by Name and
Domain"
Oracle Identity Navigator 24-3
Documentation Errata
24.2.1 No Oracle Icon is Visible in HTML Reports
If you choose HTML as the format type when adding a report from the Dashboard
screen, when you view the report, the words An Image appear in the report in place of
the Oracle icon.
24.2.2 Problems with Administration Screen When Using JAWS Screen Reader
When you use a screen reader such as JAWS with the Administration screen in
accessibility mode, and you bring up the list of combo boxes using the INS+CTRL+C
JAWS keystroke, the combo boxes on the screen are listed as:
*Required Category(Required) Combo box
*Required Type(Required) Combo box
With this naming convention, keyboard shortcuts such as C for Category or T for Type
do not work. Use the up and down arrow keys to navigate to fields within and
between the two combo boxes.
24.2.3 SSO-Protected Consoles Must Be Configured by Name and Domain
Sometimes, when you use product discovery to find a console, even if you provide the
host by name, the discovered address that fills in contains an IP address instead of the
host and domain names.
If the console is protected by SSO, replace the IP address with the host.domain
address that is known to SSO. For example, use an address such as
http://myhost.mycompany.com:7005/odsm rather than
http://130.35.10.10:7005/odsm. If you do not replace the IP address with the
host and domain, single sign-on will not occur. That is, when users attempt to access
the console from Oracle Identity Navigator, they will be prompted for their login
name and password.
In some browsers, a redirection or connection error occurs.
24.3 Documentation Errata
This section describes documentation errata. It includes the following topic:
■
Section 24.3.1, "IPv4/IPv6 Translation Issues"
24.3.1 IPv4/IPv6 Translation Issues
The following statement appears in the Troubleshooting section in Chapter 2 and in a
note in Chapter 3 of Oracle Fusion Middleware Administrator's Guide for Oracle Identity
Navigator:
In a dual-stack, IPv4 and IPv6 environment, some URLs might be inaccessible from
your browser. Consult your network administrator for more information.
Actually, in a correctly configured dual-stack environment, all URLs are accessible.
For more information about IPv4/IPv6 Translation Issues, see Framework for IPv4/IPv6
Translation draft-ietf-behave-v6v4-framework-09 at: http://www.ietf.org/
24-4 Oracle Fusion Middleware Release Notes
25
Oracle Internet Directory
25
This chapter describes issues associated with Oracle Internet Directory. It includes the
following topics:
■
Section 25.1, "General Issues and Workarounds"
■
Section 25.2, "Configuration Issues and Workarounds"
■
Section 25.3, "Documentation Errata"
25.1 General Issues and Workarounds
This section describes general issue and workarounds. It includes the following topic:
■
Section 25.1.1, "ODSM Browser Window Becomes Unusable"
■
Section 25.1.2, "In ldapdelete Command -V Should Be The Last Parameter"
■
Section 25.1.3, "Bulkmodify Might Generate Errors"
■
Section 25.1.4, "Turkish Dotted I Character is Not Handled Correctly"
■
Section 25.1.5, "OIDCMPREC Might Modify Operational Attributes"
■
Section 25.1.6, "OIDREALM Does Not Support Realm Removal"
■
■
■
■
Section 25.1.7, "Apply Patch to Oracle Database 11.2.0.1.0 to Fix Purge Job
Problem"
Section 25.1.8, "SQL of OPSS ldapsearch Might Take High %CPU"
Section 25.1.9, "If you Start the Replication Server by Using the Command Line,
Stop it Using the Command Line"
Section 25.1.10, "Users with Non-ASCII Names Might Encounter Problems when
Using ODSM with SSO"
25.1.1 ODSM Browser Window Becomes Unusable
Under certain circumstances, after you launch ODSM from Fusion Middleware
Control, then select a new ODSM task, the browser window might become unusable.
For example, the window might refresh repeatedly, appear as a blank page, fail to
accept user input, or display a null pointer error.
As a workaround, go to the URL: http://host:port/odsm, where host and port
specify the location where ODSM is running, for example,
http://myserver.example.com:7005/odsm. You can then use the ODSM
window to log in to a server.
Oracle Internet Directory 25-1
General Issues and Workarounds
25.1.2 In ldapdelete Command -V Should Be The Last Parameter
For certain platforms command ldapdelete considers everything after -v, as
parameter. A typical ldapdelete command looks like this:
ldapdelete -h hostname
-p portname
-v 's' -D cn=orcladmin -w welcome1
For Linux x86-64 and Microsoft Windows x64 the command mentioned here works
fine. However, for Solaris Operating System (SPARC 64-Bit), AIX Based Systems
(64-Bit), HP-UX PA-RISC (64-Bit), HP-UX Itanium platforms the above command fails.
Workaround
Use the flag -v as the last parameter when running the ldapdelete command. For
example:
ldapdelete -h hostname
-p portname -D cn=orcladmin -w welcome1
-v 's'
25.1.3 Bulkmodify Might Generate Errors
If Oracle Internet Directory is using Oracle Database 11g Release 1 (11.1.0.7.0), you
might see ORA-600 errors while performing bulkmodify operations. To correct this
problem, apply the fixes for Bug 7019313 and Bug 7614692 to the Oracle Database.
25.1.4 Turkish Dotted I Character is Not Handled Correctly
Due to a bug, Oracle Internet Directory cannot handle the upper-case dotted I
character in the Turkish character set correctly. This can cause problems in Oracle
Directory Services Manager and in command-line utilities.
25.1.5 OIDCMPREC Might Modify Operational Attributes
By default, the oidcmprec tool excludes operational attributes during
comparison.That is, oidcmprec does not compare the operational attributes values in
source and destination directory entries. During reconciliation of user defined
attributes however, operational attributes might be changed.
25.1.6 OIDREALM Does Not Support Realm Removal
The oidrealm tool supports creation, but not deletion, of a realm. A procedure for
deleting a realm is provided in Note 604884.1, which is available on My Oracle
Support at https://support.oracle.com/.
25.1.7 Apply Patch to Oracle Database 11.2.0.1.0 to Fix Purge Job Problem
If you use Oracle Database 11.2.0.1.0 with Oracle Internet Directory, apply Patch
11.2.0.1.3 PSU to Oracle Database. Purge jobs do not function properly without this
patch.
25.1.8 SQL of OPSS ldapsearch Might Take High %CPU
The SQL of an OPSS one level ldapsearch operation, with filter
"orcljaznprincipal=value" and required attributes, might take unreasonably
high %DB CPU. If this search performance impacts the overall performance of the
machine and other processes, you can alleviate the issue by performing the following
steps in the Oracle Database:
25-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
1.
Log in to the Oracle Database as user ODS and execute the following SQL:
BEGIN
DBMS_STATS.GATHER_TABLE_STATS(OWNNAME=>'ODS',
TABNAME=>'CT_ORCLJAZNPRINCIPAL',
ESTIMATE_PERCENT=>DBMS_STATS.AUTO_SAMPLE_SIZE,
CASCADE=>TRUE);
END;
/
2.
Flush the sharedpool.
25.1.9 If you Start the Replication Server by Using the Command Line, Stop it Using the
Command Line
If you start the replication server by using the command line, stop it by using the
command line. If you attempt to stop it by using Oracle Enterprise Manager Fusion
Middleware Control, the attempt fails.
25.1.10 Users with Non-ASCII Names Might Encounter Problems when Using ODSM
with SSO
When ODSM is configured to use Oracle Access Manager 11g Release 1 (11.1.1.2) for
single sign-on, a user whose name contains non-ASCII characters might observe the
following issues after logging in:
■
■
The user name displayed on the Home page is garbled.
Single sign-on connections to Oracle Virtual Directory servers do not appear in the
list of connections.
25.2 Configuration Issues and Workarounds
This section describes configuration issues and workarounds. It includes the following
topics:.
■
■
Section 25.2.1, "Re-Create Wallet After Moving Oracle Internet Directory from Test
to Production"
Section 25.2.2, "oracleRoot.sh Fails with Syntax Error During Oracle Internet
Directory Configuration"
25.2.1 Re-Create Wallet After Moving Oracle Internet Directory from Test to Production
If you configure Oracle Internet Directory to use SSL in server authentication mode or
mutual authentication mode on your test machine, and then move Oracle Internet
Directory to a production machine, re-create the Oracle Internet Directory wallet on
the production machine.
The old wallet contains the hostname of the original machine as the DN in the
certificate. This host name in the DN is not changed during the test to production
move. Re-create the wallet on the production machine to avoid SSL communication
issues.
Oracle Internet Directory 25-3
Documentation Errata
25.2.2 oracleRoot.sh Fails with Syntax Error During Oracle Internet Directory
Configuration
When you configure Oracle Internet Directory (OID) for privileged ports as mentioned
in Section "Configure the First Oracle Internet Directory Instance" of Oracle Fusion
Middleware Enterprise Deployment Guide for Oracle Identity Management, the config
wizard prompts the following when you run oracleRoot.sh:
Do you want to run oidRoot.sh to configure OID for privileged ports? (yes/no)
If you select yes, the script execution fails with the following error:
/u01/app/fmw/idm/oracleRoot.sh: line 47: syntax error: unexpected end of file
To workaround this issue, modify oracleRoot.sh file located in the ORACLE_HOME
directory. Modify the following line:
fi# This command path is not already provided in the existing root.sh:
TO
fi
# This command path is not already provided in the existing root.sh:
Rerun oracleRoot.sh to continue configuring Oracle Internet Directory.
25.3 Documentation Errata
This section describes documentation errata. It includes the following topics:
■
Section 25.3.1, "Bulkdelete Deletes Entries, not Attributes"
■
Section 25.3.2, "ODSM Section Should Refer to Oracle Internet Directory"
■
Section 25.3.3, "Incorrect Bug Numbers in Prerequisites for Rolling Upgrade"
■
Section 25.3.4, "Default orclcryptoscheme Value is SSHA"
■
Section 25.3.5, "Setting Up Oracle Internet Directory SSL Mutual Authentication"
■
Section 25.3.6, "ODSM Schema Tab is Available to Non-Super User"
■
■
■
Section 25.3.7, "Wrong Command and Path in Appendix P of Oracle Fusion
Middleware Administrator's Guide for Oracle Internet Directory"
Section 25.3.8, "Missing Option to opmnctl updatecomponentregistration in Oracle
Fusion Middleware Administrator's Guide for Oracle Internet Directory"
Section 25.3.9, "Update Component Registration Whenever You Change Certain
Instance-Specific Attributes"
25.3.1 Bulkdelete Deletes Entries, not Attributes
The section on bulkdelete in the "Performing Bulk Operations" chapter of Oracle Fusion
Middleware Administrator's Guide for Oracle Internet Directory is entitled "Deleting
Entries or Attributes of Entries by Using bulkdelete." This title is misleading. You can
only use bulkdelete to delete entire entries or subtrees. The first sentence in that
section is also misleading and should be ignored.
25-4 Oracle Fusion Middleware Release Notes
Documentation Errata
25.3.2 ODSM Section Should Refer to Oracle Internet Directory
The Chapter 7 section of Oracle Fusion Middleware Administrators Guide for Oracle
Internet Directory entitled "Single Sign-On Integration with Oracle Directory Services
Manager" contains references to Oracle Virtual Directory. It should actually refer to
Oracle Internet Directory.
25.3.3 Incorrect Bug Numbers in Prerequisites for Rolling Upgrade
The bug fix numbers listed in the Prerequisites section of the "Performing Rolling
Upgrades" appendix to Oracle Fusion Middleware Administrator's Guide for Oracle
Internet Directory are incorrect. They should be as follows:
■
■
If you have Oracle Internet Directory Version 11.1.1.2.0, apply the fix for bug
number 10431688 on each Middleware Oracle home.
If you have Oracle Internet Directory Version 11.1.1.3.0, apply the fix for bug
number 10431664 on each Middleware Oracle home.
25.3.4 Default orclcryptoscheme Value is SSHA
In Oracle Internet Directory 11g (11.1.1.3) and (11.1.1.4), the default value of
orclcryptoscheme is SSHA. The documentation is incorrect in the following places:
■
■
■
Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory, Table
9-3, "Attributes of the DSE."
Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory, Chapter
30, "Managing Password Verifiers," in the section "Hashing Schemes for Creating
Userpassword Verifiers."
Oracle Fusion Middleware Reference for Oracle Identity Management, Chapter 8,
"LDAP Attribute Reference," entry for orclcryptoscheme.
25.3.5 Setting Up Oracle Internet Directory SSL Mutual Authentication
Neither Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory nor
Oracle Fusion Middleware Administrator's Guide describes how to set up Oracle Internet
Directory SSL Client and Server Authentication. This information is provided in Note
1311791.1, which is available on My Oracle Support at:
https://support.oracle.com/
25.3.6 ODSM Schema Tab is Available to Non-Super User
Section 7.4.1.2, "Non-Super User Access to Oracle Directory Services Manager," in
Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directory, states that if
you log in as a user other than the super user, you can access only the Home and Data
Browser tabs. Actually, you can access the Schema tab as well.
25.3.7 Wrong Command and Path in Appendix P of Oracle Fusion Middleware
Administrator's Guide for Oracle Internet Directory
Two errors have been noted in Appendix P, "Starting and Stopping the Oracle Stack."
In Step 2 of P.1 "Starting the Stack,"
MW_HOME/user_projects/domains/DOMAIN_NAME/bin/startManagedWebLogic.sh
should be
Oracle Internet Directory 25-5
Documentation Errata
MW_HOME/user_projects/domains/DOMAIN_NAME/bin/startWebLogic.sh
In Step 3 of P.1 "Starting the Stack,"
MW_HOME/user_projects/domains/DOMAIN_NAME/bin/startNodeManager.sh
should be
MW_HOME/wlserver_10.3/server/startNodeManager.sh
25.3.8 Missing Option to opmnctl updatecomponentregistration in Oracle Fusion
Middleware Administrator's Guide for Oracle Internet Directory
In Chapter 10, "Managing IP Addresses," the opmnctl
updatecomponentregistration command is missing the -Sport option. Both
-Port and -Sport are required for this command.
25.3.9 Update Component Registration Whenever You Change Certain
Instance-Specific Attributes
You must update the registration of an Oracle Internet Directory component in a
registered Oracle instance by running opmnctl updatecomponentregistration
whenever you change any of the following instance parameters:
Table 25–1
Attribute Changes Requiring Update of Component Registration
Attribute
Section of Oracle Fusion Middleware Administrator's
Guide for Oracle Internet Directory
orclhostname
"Attributes of the Instance-Specific Configuration Entry"
in Chapter 9
orclnonsslport
"Attributes of the Instance-Specific Configuration Entry"
in Chapter 9
orclsslport
"Attributes of the Instance-Specific Configuration Entry"
in Chapter 9
userpassword
"Changing the Password for the EMD Administrator
Account" in Chapter 12
In versions of Oracle Fusion Middleware Administrator's Guide for Oracle Internet
Directory released in January, 2011 or earlier, there are several statements to the effect
that you do not need to run opmnctl updatecomponentregistration if you use
Oracle Enterprise Manager Fusion Middleware Control or WLST to change the
parameter. This is not true. You must always run the command after changing any of
these parameters. See "Updating the Component Registration of an Oracle Instance by
Using opmnctl" in the "Managing Oracle Internet Directory Instances" chapter of
Oracle Fusion Middleware Administrator's Guide for Oracle Internet Directoryfor more
information.
25-6 Oracle Fusion Middleware Release Notes
26
Oracle Platform Security Services
26
This chapter describes notes on topics associated with Oracle Platform Security
Services (OPSS), in the following sections:
■
Section 26.1, "Configuration Issues and Workarounds"
■
Section 26.2, "Authorization Policy Manager Issues"
■
Section 26.3, "Documentation Errata"
The following documents are relevant to topics included in this chapter:
■
Oracle Fusion Middleware Security Guide
■
Oracle Fusion Middleware Security Overview
■
Oracle Fusion Middleware Administrator's Guide
■
Oracle Fusion Middleware Administrator's Guide for Authorization Policy Manager
26.1 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
Section 26.1.1, "Oracle Fusion Middleware Audit Framework"
■
Section 26.1.2, "Trailing '\n' Character in Bootstrap Key"
■
Section 26.1.3, "Users with Same Name in Multiple Identity Stores"
■
Section 26.1.4, "Script listAppRoles Outputs Wrong Characters"
26.1.1 Oracle Fusion Middleware Audit Framework
This section describes configuration issues for the Oracle Fusion Middleware Audit
Framework. It contains these topics:
■
Section 26.1.1.1, "Configuring Auditing for Oracle Access Manager"
■
Section 26.1.1.2, "Audit Reports do not Display Translated Text in Certain Locales"
■
Section 26.1.1.3, "Audit Reports Always Display in English"
■
Section 26.1.1.4, "Creating a New Audit Schema"
■
Section 26.1.1.5, "Upgrading the Audit Schema"
Oracle Platform Security Services 26-1
Configuration Issues and Workarounds
26.1.1.1 Configuring Auditing for Oracle Access Manager
Although Oracle Access Manager appears as a component in Oracle Enterprise
Manager Fusion Middleware Control, you cannot configure auditing for Oracle Access
Manager using Fusion Middleware Control.
26.1.1.2 Audit Reports do not Display Translated Text in Certain Locales
The standard audit reports packaged with Oracle Business Intelligence Publisher
support a number of languages for administrators. Oracle Business Intelligence
Publisher can start in different locales; at start-up, the administrator can specify the
language of choice by setting the preferred locale in Preferences.
Due to this bug, if Oracle Business Intelligence Publisher is started on any of these 3
locales:
■
zh_CN (simplified chinese)
■
zh_TW (traditional chinese)
■
pt_BR (portuguese brazilian)
then users cannot see the report in that locale (the entire report including labels,
headers, titles and so on appears in English), while the other locales display the
translated text as expected. For example, when Oracle Business Intelligence Publisher
is started in zh_CN, the text cannot be seen in zh_CN even though the preferred locale
is set to zh_CN; information is displayed in English.
This issue will be fixed in a future release of Oracle Business Intelligence Publisher.
26.1.1.3 Audit Reports Always Display in English
The standard audit reports packaged with Oracle Business Intelligence Publisher
support a number of languages.
Due to this bug, report titles and descriptions are displayed in English even when they
have been translated.
This issue will be fixed in a future release of Oracle Business Intelligence Publisher.
26.1.1.4 Creating a New Audit Schema
When RCU is run for PS3 it completes the creation of the audit schema and gives the
status of the creation as success. However, the STS table is not created because of a
typographical issue in the STS.sql script which is invoked by RCU.
Information indicating that the table did not get created can be found only if the
iau.log file is inspected or if you specifically look for the created tables.
Due to this issue, for a Release 11g PS3 full install, you must explicitly ensure the STS
table is created if you have chosen to create the audit schema and are planning to use
it.
You have two options to resolve the issue, depending on whether RCU has already
been run for PS3.
Option 1
Use this option if RCU has not yet been run for PS3. The steps are:
1.
Open the following file for editing:
$RCU_HOME/rcu/integration/iau/scripts/STS.sql
2.
Remove the comma on line number 48 in STS.sql.
26-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
3.
Save and close the file.
4.
Open the following file for editing:
$RCU_HOME/rcu/integration/iau/iau.xml
5.
Search for string 11.1.1.3.0 and replace it with the string 11.1.1.4.0
6.
Save and close the file.
7.
Run RCU.
Option 2
Use this option if RCU has already been run for PS3. The steps are:
1.
Open the following file for editing:
$COMMON_COMPONENTS_HOME/modules/oracle.iau_11.1.1/sql/scripts/STS.sql
2.
Remove the comma on line number 48 in STS.sql.
3.
Save and close the file.
4.
Copy STS.sql to the location from where it is going to be run.
5.
Connect as sysdba and run the following SQL commands:
sqlplus> connect /as sysdba;
sqlplus> alter session set current_schema=audit_schema_user;
sqlplus> @@STS.sql audit_schema_user audit_schema_user_Append
audit_schema_user_Viewer
replacing audit_schema_user with the name of your audit schema user.
26.1.1.5 Upgrading the Audit Schema
This note describes a required workaround that applies in case (and only in case) you
are upgrading your audit schema from PS1 or PS2 to PS3. The following workaround
must be executed before running the Patch Set Assistant (PSA).
To implement the workaround, proceed as follows:
1.
Copy
$COMMON_COMPONENTS_HOME/modules/oracle.iau_11.1.1/sql/scripts/STS.sql
to
$COMMON_COMPONENTS_HOME/common/sql/iau/upgrade/STS.sql
2.
Open the copied file for edit.
3.
Remove the comma in line number 48.
4.
Save and close the file.
5.
Open the following files for edit:
$COMMON_COMPONENTS_HOME/common/sql/iau/upgrade/ iau111134.sql
$COMMON_COMPONENTS_HOME/common/sql/iau/upgrade/ iau11114.sql
6.
In each of those files:
■
Remove the line ALTER TABLE OAM ADD IAU_ResourceTemplateName
VARCHAR(100);
Oracle Platform Security Services 26-3
Authorization Policy Manager Issues
■
Just before the line ALTER TABLE OAM ADD IAU_AdditionalInfo CLOB,
insert the following line before the line
RENAME COLUMN IAU_AdditionalInfo TO IAU_AdditionalInfo_OLD;
7.
Save and close both edited files.
8.
At this point you can use PSA.
26.1.2 Trailing '\n' Character in Bootstrap Key
In 11gR1, the process that reassociates XML to LDAP stores creates a bootstrap key
with the trailing new line character '\n', or its equivalent code '&#xA'. This key value
is written in the file jps-config.xml and stored in the wallet. In both places, the key
value contains the trailing character '\n'.
When reusing that same wallet in 11gR1 PS1, upon retrieving the bootstrap key, the
system trims out the trailing '\n' character; but the key value in the wallet, however,
still contains the trailing character, a situation that leads to errors since the requested
and stored key values no longer match.
To resolve this issue, proceed as follows:
1.
Use the WLST command modifyBootStrapCredential to reprovision wallet
credentials without trailing '\n'. For details on the command usage, see section
9.5.2.5 in the Oracle Fusion Middleware Security Guide.
2.
Manually edit the file jps-config.xml and remove the trailing characters
'&#xA' from any bootstrap key.
This problem arises only in the scenario above, namely, when an 11gR1 wallet is
reused in 11gR1 PS1; in particular, when reassociating in an 11gR1 PS1 environment,
the above trailing character is not an issue.
26.1.3 Users with Same Name in Multiple Identity Stores
If a user name is present in more than one LDAP repositories and the property
virtualize is set to use LibOVD, then the data in only one of those repositories is
returned by the User and Role API when that name is queried.
26.1.4 Script listAppRoles Outputs Wrong Characters
On Linux and Windows platforms, when the locale is set to non-UTF8 locales, such as
fr_FR_iso88591, the OPSS script listAppRoles may wrongly output the
character '?' instead of the expected character.
26.2 Authorization Policy Manager Issues
This section describes issues and workarounds with Authorization Policy Manager, in
the following sections:
■
■
■
■
Section 26.2.1, "Error Message While Searching Application Roles"
Section 26.2.2, "Some Errors/Warnings in Authorization Policy Manager Display
Server Locale"
Section 26.2.3, "Support for Internet Protocols"
Section 26.2.4, "Authorization Policy Manager Patch Installation Fails on 64-bit
Operating Systems"
26-4 Oracle Fusion Middleware Release Notes
Authorization Policy Manager Issues
26.2.1 Error Message While Searching Application Roles
If you encounter an error while performing an application role search that includes the
message:
An error has occurred. Please view the logs for details
and the error logged includes a PolicyStoreOperatioNotAllowedException
similar to the log illustrated in the following fragment (and found in the file apm_
server1-diagnostic.log):
[2010-03-02T22:06:29.998-08:00] [apm_server1] [ERROR] []
[oracle.security.apm] [tid: [ACTIVE].ExecuteThread: '4' for queue:
'weblogic.kernel.Default (self-tuning)'] [userId: weblogic] [ecid:
0000ISYcUY2B1FcpPg1Fid1BXsJn00006W,0] [APP: oracle.security.apm]
PolicyStoreException while calling searchAppRole[[
oracle.security.jps.service.policystore.PolicyStoreOperationNotAllowedExceptio
n: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Parent
entry not found in the directory.];...
then retry the operation, which should then run without errors.
26.2.2 Some Errors/Warnings in Authorization Policy Manager Display Server Locale
Errors and warnings in Authorization Policy Manager display the server locale and
not the browser locale. There is no workaround to this issue.
26.2.3 Support for Internet Protocols
Authorization Policy Manager components support the following Internet Protocol
versions:
■
Oracle database on IPv4 host
■
Authorization Policy Manager server on IPv4/IPv6 dual-stack host
■
Client (browser) on either IPv4 or IPv6 hosts
26.2.4 Authorization Policy Manager Patch Installation Fails on 64-bit Operating
Systems
To work around this issue, in Windows or UNIX/Linux 64-bit operating systems,
proceed as follows:
1.
Set the variables ORACLE_HOME and PATH as explained in the README.TXT
file included in the patch.
2.
Run OPatch as illustrated in either of the following invocations:
> OPatch -jre <64-bit java home location> lsinventory
> OPatch -jdk <64-bit java home location> lsinventory
A successful run returns Opatch succeeded; otherwise, verify that the passed
location is valid.
3.
Change directory to the patch location:
> cd <patch location>
4.
Run OPatch as illustrated in either of the following invocations:
> OPatch -jre <64-bit java home location> apply
Oracle Platform Security Services 26-5
Documentation Errata
> OPatch -jdk <64-bit java home location> apply
26.3 Documentation Errata
This section contains corrections for documentation errors. Topics include:
■
Section 26.3.1, "Parameters for the Identity Store Service"
26.3.1 Parameters for the Identity Store Service
In Section 7.3.1 "What is Configured?" of the Oracle Fusion Middleware Security Guide,
change the title of the discussion just below Table 7-1 from "Front-end Parameters" to
"Connection/Back-end Parameters".
26-6 Oracle Fusion Middleware Release Notes
27
SSL Configuration in Oracle Fusion
Middleware
27
This chapter describes issues associated with SSL configuration in Oracle Fusion
Middleware. It includes the following topics:
■
Section 27.1, "General Issues and Workarounds"
■
Section 27.2, "Configuration Issues and Workarounds"
27.1 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following
topics:
■
Section 27.1.1, "Replacement User Certificates for Oracle Wallets"
■
Section 27.1.2, "Incorrect Message or Error when Importing a Wallet"
27.1.1 Replacement User Certificates for Oracle Wallets
The Oracle wallets used by Oracle HTTP Server, Oracle Web Cache, and Oracle
Internet Directory, as well as the keystore used by Oracle Virtual Directory, include a
Verisign root key (Serial#: 02:ad:66:7e:4e:45:fe:5e:57:6f:3c:98:19:5e:dd:c0 ) that expires
Jan 07, 2010 15:59:59 PST.
Customers using the user certificate signed by this root key will need to obtain a
replacement user certificate signed by their Certificate Authority (CA), and import that
CA's root key into the Oracle wallet.
See "Common Certificate Operations" in the "Wallet Management" section of the Oracle
Fusion Middleware Administrator's Guide for steps to import a root key into an Oracle
wallet.
27.1.2 Incorrect Message or Error when Importing a Wallet
Problem 1
Fusion Middleware Control displays an incorrect message when you specify an
invalid wallet password while attempting to import a wallet. The issued message
"Cannot create p12 without password." is incorrect. Instead, it should notify the user
that the password is incorrect and request a valid password.
SSL Configuration in Oracle Fusion Middleware 27-1
Configuration Issues and Workarounds
Problem 2
Fusion Middleware Control displays an incorrect message when you attempt to
import a password-protected wallet as an autologin wallet. The issued message
"Cannot create p12 without password." does not provide complete information.
Instead, it should notify the user that importing a password-protected wallet requires
a password.
Problem 3
If you attempt to import an autologin wallet as a password-protected wallet using
either Fusion Middleware Control or WLST, a NullPointerException error is
displayed.
27.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
■
■
Section 27.2.1, "Tools for Importing DER-encoded Certificates"
Section 27.2.2, "Using a Keystore Not Created with WLST or Fusion Middleware
Control"
Section 27.2.3, "Components May Enable All Supported Ciphers"
27.2.1 Tools for Importing DER-encoded Certificates
You cannot use Oracle Enterprise Manager Fusion Middleware Control or the WLST
command-line tool to import DER-encoded certificates or trusted certificates into an
Oracle wallet or a JKS keystore.
Instead, use other tools that are available for this purpose.
■
■
To import DER-encoded certificates or trusted certificates into an Oracle wallet,
use:
–
Oracle Wallet Manager or
–
orapki command-line tool
To import DER-encoded certificates or trusted certificates into a JKS keystore, use
the keytool utility.
27.2.2 Using a Keystore Not Created with WLST or Fusion Middleware Control
If an Oracle wallet or JKS keystore was created with tools such as orapki or
keytool, it must be imported prior to use. Specifically:
■
■
For Oracle HTTP Server, Oracle Webcache, and Oracle Internet Directory, if a
wallet was created using orapki or Oracle Wallet Manager, in order to view or
manage it in Fusion Middleware Control you must first import it with either
Fusion Middleware Control or the WLST importWallet command.
For Oracle Virtual Directory, if a keystore was created using keytool, in order to
view or manage it in Fusion Middleware Control you must first import it with
either Fusion Middleware Control or the WLST importKeyStore command.
27-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
27.2.3 Components May Enable All Supported Ciphers
Customers should be aware that when no cipher is explicitly configured, some 11g
Release 1 (11.1.1) components enable all supported SSL ciphers including DH_Anon
(Diffie-Hellman Anonymous) ciphers.
At this time, Oracle HTTP Server is the only component known to set ciphers like this.
Configure the components with the desired cipher(s) if DH_Anon is not wanted.
SSL Configuration in Oracle Fusion Middleware 27-3
Configuration Issues and Workarounds
27-4 Oracle Fusion Middleware Release Notes
28
Oracle Virtual Directory
28
This chapter describes issues associated with Oracle Virtual Directory. It includes the
following topics:
■
Section 28.1, "General Issues and Workarounds"
■
Section 28.2, "Documentation Errata"
28.1 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following
topics:
■
■
■
■
■
■
■
■
■
■
Oracle Directory Services Manager Browser Window is Not Usable
Exceptions May Occur in Oracle Directory Services Manager When Managing
Multiple Oracle Virtual Directory Components and One is Stopped
Identifying the DN Associated with an Access Control Point in Oracle Directory
Services Manager
Issues With Oracle Virtual Directory Metrics in Fusion Middleware Control
Using a Wildcard when Performing an LDAPSEARCH on a TimesTen Database
Causes an Operational Error
ODSM Version 11.1.1.4.0 Does Not Support OVD Versions 11.1.1.2.0 or 11.1.1.3.0
ODSM Version 11.1.1.5.0 Does Not Support OVD Versions 11.1.1.2.0, 11.1.1.3.0, or
11.1.1.4.0
Problem Running CRUD Operations on Windows Platforms Using JDK 6
Users with Non-ASCII Names Might Encounter Problems when Using ODSM
with SSO
Creating an Attribute/Object Class Throws NPE Error
28.1.1 Oracle Directory Services Manager Browser Window is Not Usable
In some circumstances, after you launch Oracle Directory Services Manager from
Fusion Middleware Control, then select a new Oracle Directory Services Manager task,
the browser window might become unusable. For example, the window might refresh
repeatedly, appear as a blank page, fail to accept user input, or display a null pointer
error.
As a work around, go to the URL: http://host:port/odsm, where host and port specify
the location where Oracle Directory Services Manager is running, for example,
Oracle Virtual Directory 28-1
General Issues and Workarounds
http://myserver.example.com:7005/odsm. You can then use the Oracle Directory
Services Manager window to log in to a server.
28.1.2 Exceptions May Occur in Oracle Directory Services Manager When Managing
Multiple Oracle Virtual Directory Components and One is Stopped
Under certain circumstances, when managing multiple Oracle Virtual Directory
components from the same Oracle Directory Services Manager session, exception or
error messages may appear if you stop one of the Oracle Virtual Directory
components. For example, you are managing Oracle Virtual Directory components
named ovd1 and ovd2 from the same Oracle Directory Services Manager session. Both
ovd1 and ovd2 are configured and running. If you stop ovd1, an exception or Target
Unreachable message may appear when you try to navigate Oracle Directory Services
Manager.
To work around this issue, exit the current Oracle Directory Services Manager session,
close the web browser, and then reconnect to Oracle Virtual Directory components in a
new Oracle Directory Services Manager session.
28.1.3 Identifying the DN Associated with an Access Control Point in Oracle Directory
Services Manager
When you create an Access Control Point (ACP) using Oracle Directory Services
Manager, the Relative Distinguished Name (RDN) of the DN where you created the
ACP appears in the navigation tree on the left side of the screen. For example, if you
create an ACP at the DN of cn=ForExample,dc=us,dc=sales,dc=west, then
cn=ForExample appears in the navigation tree. After clicking an ACP in the
navigation tree, its settings appear in the right side of the screen and the RDN it is
associated with appears at the top of the page.
To identify the DN associated with an ACP, move the cursor over ("mouse-over") the
ACP entry in the navigation tree. The full DN associated with the ACP will be
displayed in a tool-tip dialog box.
Mousing-over ACPs in the navigation tree is useful when you have multiple ACPs
associated with DNs that have identical RDNs, such as:
ACP 1 = cn=ForExample,dc=us,dc=sales,dc=west
ACP 2 = cn=ForExample,dc=us,dc=sales,dc=east
28.1.4 Issues With Oracle Virtual Directory Metrics in Fusion Middleware Control
This topic describes issues with Oracle Virtual Directory metrics in Fusion
Middleware Control, including:
■
Configuring Operation-Specific Plug-Ins to Allow Performance Metric Reporting
in Fusion Middleware Control After Upgrading to 11g Release 1 (11.1.1)
28.1.4.1 Configuring Operation-Specific Plug-Ins to Allow Performance Metric
Reporting in Fusion Middleware Control After Upgrading to 11g Release 1 (11.1.1)
If you upgraded an Oracle Virtual Directory Release 10g installation with plug-ins
configured to execute on specific operations, such as add, bind, get, and so on, to 11g
Release 1 (11.1.1), you may have to update those operation-specific plug-ins before
you can use Fusion Middleware Control to view performance metrics.
After upgrading to 11g Release 1 (11.1.1) and performing some initial operations to
verify the upgrade was successful, check the Oracle Virtual Directory home page in
28-2 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
Fusion Middleware Control. You should see data for the Current Load and Average
Response Time and Operations metrics.
If you do not see any data for these metrics, you must update the plug-ins configured
to execute on specific operations. The work-around is to add the Performance Monitor
plug-in to the operation-specific plug-in's configuration chain.
Perform the following steps to add the Performance Monitor plug-in to the
operation-specific plug-in's configuration chain:
1.
If the operation-specific plug-in is a Global-level plug-in, edit the server.os_xml
file located in the ORACLE_INSTANCE/config/OVD/NAME_OF_OVD_
COMPONENT/ directory.
If the operation-specific plug-in is an adapter-level plug-in, edit the adapters.os_
xml file located in the ORACLE_INSTANCE/config/OVD/NAME_OF_OVD_
COMPONENT/ directory.
If multiple adapters are configured, you must perform steps 2
and 3 for every adapter configuration in the adapters.os_xml file.
Note:
2.
Locate the pluginChains element in the file. For example, if the Dump
Transactions plug-in is configured to execute on the get operation, you will see
something similar to the following:
Example 28–1
Dump Transactions Plug-In Configured for get Operation
<pluginChains xmlns="http://xmlns.oracle.com/iam/management/ovd/config/plugins">
<plugins>
<plugin>
<name>Dump Transactions</name>
<class>com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions</class>
<initParams>
<param name="loglevel" value="info"/>
</initParams>
</plugin>
<plugin>
<name>Performance Monitor</name>
<class>com.octetstring.vde.chain.plugins.performance.MonitorPerformance</class>
<initParams/>
</plugin>
</plugins>
<default>
<plugin name="Performance Monitor"/>
</default>
<get>
<plugin name="Dump Transactions">
<namespace>ou=DB,dc=oracle,dc=com </namespace>
</plugin>
</get>
</pluginChains>
3.
Add the following Performance Monitor plug-in element within the
operation-specific configuration chain:
<plugin name="Performance Monitor"/>
Oracle Virtual Directory 28-3
General Issues and Workarounds
For example:
Example 28–2 Adding the Performance Monitor to the Operation-Specific Plug-In
Configuration Chain
<pluginChains xmlns="http://xmlns.oracle.com/iam/management/ovd/config/plugins">
<plugins>
<plugin>
<name>Dump Transactions</name>
<class>com.octetstring.vde.chain.plugins.DumpTransactions.DumpTransactions</class>
<initParams>
<param name="loglevel" value="info"/>
</initParams>
</plugin>
<plugin>
<name>Performance Monitor</name>
<class>com.octetstring.vde.chain.plugins.performance.MonitorPerformance</class>
<initParams/>
</plugin>
</plugins>
<default>
<plugin name="Performance Monitor"/>
</default>
<get>
<plugin name="Dump Transactions">
<namespace>ou=DB,dc=oracle,dc=com </namespace>
</plugin>
<plugin name="Performance Monitor"/>
</get>
</pluginChains>
4.
Save the file.
5.
Restart Oracle Virtual Directory.
28.1.5 Using a Wildcard when Performing an LDAPSEARCH on a TimesTen Database
Causes an Operational Error
Currently, a TimesTen bug is preventing wildcard searches (such as "cn=t*") from
working in a Database adapter with TimesTen.
To work around this problem, enable the Case Insensitive Search option and create the
necessary linguistic indexes for any database columns used in the search.
For more information, see the related TimesTen Enhancement Request, Bug# 9885055
and Section 12.2.2 "Creating Database Adapters for Oracle TimesTen In-Memory
Database" in the Oracle® Fusion Middleware Administrator's Guide for Oracle Virtual
Directory.
28.1.6 ODSM Version 11.1.1.4.0 Does Not Support OVD Versions 11.1.1.2.0 or 11.1.1.3.0
Oracle Directory Services Manager Version 11.1.1.4.0 does not support Oracle Virtual
Directory Versions 11.1.1.2.0 or 11.1.1.3.0.
Changes introduced in Oracle Directory Services Manager Version 11.1.1.4.0 improve
configuration auditing, and these changes require that you use Oracle Virtual
Directory 11.1.1.4.0.
28-4 Oracle Fusion Middleware Release Notes
General Issues and Workarounds
28.1.7 ODSM Version 11.1.1.5.0 Does Not Support OVD Versions 11.1.1.2.0, 11.1.1.3.0,
or 11.1.1.4.0
Oracle Directory Services Manager Version 11.1.1.5.0 does not support Oracle Virtual
Directory Versions 11.1.1.2.0, 11.1.1.3.0, or 11.1.1.4.0.
Changes introduced in Oracle Directory Services Manager Version 11.1.1.5.0 improve
configuration auditing, and these changes require that you use Oracle Virtual
Directory 11.1.1.5.0.
28.1.8 Problem Running CRUD Operations on Windows Platforms Using JDK 6
Running CRUD operations on Windows platforms using JDK 6 causes an issue in NIO
(Non Input Output) mode because JDK 6 does not support IPv6 stack in Windows
Vista/2008.
Note:
Support for IPv6 stack was added in JDK 7 Build b36.
For more information, refer to JDK Bug IDs 6230761 (http://bugs.sun.com/view_
bug.do?bug_id=6230761) and 4640544 (http://bugs.sun.com/view_bug.do?bug_
id=4640544).
The Oracle Virtual Directory development team verified this use case with JDK 7 and
confirmed that it works in Oracle Virtual Directory NIO mode.
Workaround:
You must apply this workaround in the Oracle Virtual
Directory server.
Note:
Turn off NIO mode by adding the <useNIO>false</useNIO> XML element in
<OracleInstance>/config/OVD/ovd1/listeners.os_xml at the following location,
then stop and restart the Oracle Virtual Directory server:
<ldap id="LDAP Endpoint" version="0">
<port>6501</port>
...
<socketOptions>
...
</socketOptions>
<useNIO>false</useNIO>
</ldap>
28.1.9 Users with Non-ASCII Names Might Encounter Problems when Using ODSM with
SSO
When ODSM is configured to use Oracle Access Manager 11g Release 1 (11.1.1.2) for
single sign-on, a user whose name contains non-ASCII characters might observe the
following issues after logging in:
■
■
The user name displayed on the Home page is garbled.
Single sign-on connections to Oracle Virtual Directory servers do not appear in the
list of connections.
Oracle Virtual Directory 28-5
Documentation Errata
28.1.10 Creating an Attribute/Object Class Throws NPE Error
After upgrading Oracle Directory Services Manager, creating an attribute or an
objectclass causes an NPE error.
Workaround:
Refresh the entries by clicking Refresh every time the creation fails.
28.1.11 Patch Required to Enable Account Lockout Feature
An additional Patch 10365116 is required to enable the Account Lockout functionality.
In addition, Oracle Virtual Directory may not update the AD badpasswdcount until
the account is fully locked out, which means AD badpasswdcount shows the correct
number when it reaches the bad password count setting in AD.
28.2 Documentation Errata
This section describes documentation errata. It includes the following topics:
■
■
■
Additional Step for Editing the Oracle Virtual Directory Administrative Listener
Settings Using Fusion Middleware Control
Wrong Command and Path in Appendix B of Oracle Fusion Middleware
Administrator's Guide for Oracle Virtual Directory
Code Example Does Not Close Connection to LDAP Server
28.2.1 Additional Step for Editing the Oracle Virtual Directory Administrative Listener
Settings Using Fusion Middleware Control
Section 11.4.3.1.1 in the Administrator's Guide for Oracle Virtual Directory, which
describes "Editing the Oracle Virtual Directory Administrative Listener Settings" using
Oracle Enterprise Manager Fusion Middleware Control, is incomplete.
The following, additional step must be performed after completing the six steps that
are documented in section 11.4.3.1.1:
7. Use the opmnctl updatecomponentregistration command to update the
registration of the Oracle Virtual Directory component that contains the Admin
Listener you edited.
The syntax for opmnctl updatecomponentregistration is:
$ORACLE_INSTANCE/bin/opmnctl updatecomponentregistration
[-adminHost hostname]
[-adminPort weblogic_port]
[-adminUsername weblogic_admin]
[-adminPasswordFile 'FILE_WITH_WEBLOGIC_ADMIN_PASSWORD']
[-componentType OVD]
-componentName componentName
[-Host OVD_HOST_NAME]
28-6 Oracle Fusion Middleware Release Notes
Documentation Errata
Notes:
■
■
If you do not use the -Host option, the value in listeners.os_xml
will be used.
Both the componentName and componentType parameters are
required.
For example:
$ORACLE_INSTANCE/bin/opmnctl updatecomponentregistration -adminHost myhost \
-adminPort 7001 -adminUsername weblogic -componentType OVD -componentName ovd1
28.2.2 Wrong Command and Path in Appendix B of Oracle Fusion Middleware
Administrator's Guide for Oracle Virtual Directory
The following error has been noted in Appendix B, "Starting and Stopping the Oracle
Stack" of the Administrator's Guide for Oracle Virtual Directory.
In Step 3 of "Starting the Stack,"
MW_HOME/user_projects/domains/DOMAIN_NAME/bin/startNodeManager.sh
should be
MW_HOME/wlserver_10.3/server/startNodeManager.sh
28.2.3 Code Example Does Not Close Connection to LDAP Server
The code example currently provided in section 18.3.3.3, "Operation Plug-In
Implementation Point" of the Administrator's Guide for Oracle Virtual Directory does not
close the connection to the back-end LDAP server.
The example code uses chain.getVSI().get, which populates a
Vector<EntrySet> with one EntrySet for each adapter. Each EntrySet in get()
contains a live handle to the data source connection, which is used to retrieve entries.
To release this data source connection to the pool, you must provide a call to
EntrySet.cancelEntrySet()or Oracle Virtual Directory could be blocked.
Blocking occurs when the plug-in occupies all of the configured connections from the
pool and no connections are available to execute new requests.
The example code should be updated to implement a call to
entrySet.cancelEntrySet() as follows:
ChainVector results = new ChainVector();
try
{
chain.getVSI().get(...);
}
catch (...)
{
}
finally
{
for (EntrySet entrySet : results)
entrySet.cancelEntrySet();
}
Oracle Virtual Directory 28-7
Documentation Errata
28-8 Oracle Fusion Middleware Release Notes
Part IX
Part IX
Oracle Portal, Forms, Reports and
Discoverer
Part IX contains the following chapters:
■
Chapter 29, "Oracle Business Intelligence Discoverer"
■
Chapter 30, "Oracle Forms"
■
Chapter 31, "Oracle Portal"
■
Chapter 32, "Oracle Reports"
29
Oracle Business Intelligence Discoverer
29
This chapter describes issues associated with Oracle Business Intelligence Discoverer.
It includes the following topics:
■
Section 29.1, "General Issues"
■
Section 29.2, "Issues Specific to Oracle BI Discoverer Plus Relational"
■
Section 29.3, "Issues Specific to Oracle BI Discoverer Plus OLAP"
■
Section 29.4, "Issues Specific to Oracle BI Discoverer Portlet Provider"
■
Section 29.5, "Issues Specific to Oracle BI Discoverer Viewer"
■
Section 29.6, "Issues Specific to Oracle BI Discoverer EUL Command Line for Java"
■
Section 29.7, "Issues Specific to Oracle BI Discoverer Administrator"
29.1 General Issues
This section describes general issues that affect more than one Discoverer component.
It includes the following topics:
■
Section 29.1.1, "Issues with Metadata Repository and Oracle Database 10g Release
1"
■
Section 29.1.2, "Compatibility Issues with Required Support Files"
■
Section 29.1.3, "Serif Font Issue in Worksheets"
■
■
■
Section 29.1.4, "Additional Fonts Required for Non-ASCII Data When Exporting to
PDF"
Section 29.1.5, "Query Prediction Requires the Majority of the Query Time"
Section 29.1.6, "Word Wrapping Behavior with Oracle BI Discoverer Plus and
Oracle BI Discoverer Viewer"
■
Section 29.1.7, "Applet Appears Behind Browser Window"
■
Section 29.1.8, "Issues with Mac OS X Browser and Oracle BI Discoverer Plus"
■
Section 29.1.9, "Issues with Turkish Regional Settings"
■
■
■
Section 29.1.10, "Multibyte Characters Rendered as Square Boxes in Exported PDF
and Other Formats"
Section 29.1.10, "Multibyte Characters Rendered as Square Boxes in Exported PDF
and Other Formats"
Section 29.1.12, "HTTP 404 Error While Accessing Discoverer on a Remote
Machine"
Oracle Business Intelligence Discoverer 29-1
General Issues
■
■
■
■
■
■
■
■
Section 29.1.13, "Error While Launching Discoverer Plus Applet on an IPv6
Environment"
Section 29.1.14, "Error While Updating the Discoverer Web Services Configuration
Parameter"
Section 29.1.15, "Exception Logged for Discoverer Web-Based Applications in an
Extended Domain"
Section 29.1.16, "Issue with Discoverer Application URL in Fusion Middleware
Control after a Backup Recovery"
Section 29.1.17, "Incorrect Version Number for Discoverer in Fusion Middleware
Control 11g."
Section 29.1.18, "Oracle BI Discoverer Startup Fails after Shutdown."
Section 29.1.19, "The Database Export and Import Utility does not Work with
Applications Mode EUL."
Section 29.1.20, "Install-level Scripts are not Updated in Existing Instances after
Patching."
29.1.1 Issues with Metadata Repository and Oracle Database 10g Release 1
When using Oracle Database 10g Release 1 (10.1.x) for the Metadata Repository or
after upgrading the Metadata Repository to Oracle Database 10g Release 1, you might
see the following error on the Oracle BI Discoverer Plus Connection pages, the Oracle
BI Discoverer Viewer Connection pages, and the Public Connection definition page in
Fusion Middleware Control:
The connection list is currently unavailable.
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "ORASSO.WWSSO_API_PRIVATE," line 258
ORA-06510: PL/SQL: unhandled user-defined exception
ORA-06512: at "ORASSO.WWSSO_UTL" line 728
ORA-28231: no data passed to obfuscation toolkit
ORA-06512: at line 1 Unable to retrieve connection list
To resolve this issue, make the following changes in the Metadata Repository
database:
1.
Edit the init%ORACLE_SID%.ora file. This file exists either in the dbs folder or
the database folder. For example, in Windows, this file is located in the DB_
install_home/database/ folder.
2.
Add the following line to this file:
event="10946 trace name context forever, level 36"
3.
If an spfile%ORACLE_SID%.ora exists in either the dbs folder or the database
folder, rename the file to spfile%ORACLE_SID%.bak. Changes to
init%ORACLE_SID%.ora are not loaded if the database server finds an spfile.
4.
Log in as a sysadmin.
5.
At the SQL prompt, shut down then start up the database server.
6.
Restart the Oracle BI Discoverer server using the command opmnctl
restartall.
29-2 Oracle Fusion Middleware Release Notes
General Issues
29.1.2 Compatibility Issues with Required Support Files
The Oracle Database and other Oracle database client software (for example,
SQL*Plus, the database export utility) use Oracle Required Support Files (RSF).
Oracle BI Discoverer also uses Oracle Required Support Files (RSF), specifically RSF
version 11.1.0.7. This version of the Oracle Required Support Files is installed during
Oracle BI Discoverer installation.
Note that the Required Support Files version 11.1.0.7 is incompatible with earlier
versions of Oracle Database 10g. So if the machine on which you install Oracle BI
Discoverer already has a version of Oracle Database 10g or database client software
that is earlier than 11.1.0.7, there will be compatibility issues. For example, if you
install Oracle BI Discoverer and attempt to run a version of SQL*Plus earlier than
11.1.0.7, then the following error is displayed:
ORA-12557 TNS: protocol adapter not loadable
To avoid the compatibility issues, upgrade Oracle Database 10g or database client
software on the machine to the same version (11.1.0.7) as the version of the Required
Support Files that were installed with Oracle BI Discoverer.
This issue does not exist for Oracle9i Database Server.
29.1.3 Serif Font Issue in Worksheets
You might notice unsightly font issues when using a non-English locale such as Czech.
For example, when a worksheet uses a serif font, text in that worksheet might be
displayed incorrectly on the screen and in printouts.
To work around this issue, update the file that maps the serif fonts. The name of this
file differs depending on the locale in use. When you use Oracle BI Discoverer Plus
Relational or Plus OLAP in English, the file is named file.properties. If you use
Oracle BI Discoverer in a non-English locale, then the file name includes the code for
the locale, such as file.properties.cs for Czech.
Update the mapping file with the following information:
serif.0=Times New Roman,EASTEUROPE_CHARSET
serif.1=WingDings,SYMBOL_CHARSET,NEED_CONVERTED
serif.2=Symbol,SYMBOL_CHARSET,NEED_CONVERTED
Consult the following Sun Web site for additional information about fonts:
http://java.sun.com/j2se/1.3/docs/guide/intl/addingfonts.html
29.1.4 Additional Fonts Required for Non-ASCII Data When Exporting to PDF
If you are running Oracle BI Discoverer Plus Relational or Plus OLAP on a Macintosh
or Linux client machine, you must add the appropriate font files to your client
machine to allow exported PDF files to display non-ASCII data correctly.
These font files include Albany fonts with names such as ALBANWTJ.TTF and
ALBANWTK.TTF. The files are stored in the /utilities/fonts directory on the
CD-ROM or DVD for the Oracle Application Server Metadata Repository Upgrade
Assistant.
To install the additional required fonts:
1.
Navigate to the /utilities/fonts directory on the CD-ROM or DVD for the
OracleAS Metadata Repository Upgrade Assistant.
Oracle Business Intelligence Discoverer 29-3
General Issues
2.
Copy the appropriate Albany TTF file from the /utilities/fonts directory to
the plug-in directory in the $jdk/jre/lib/fonts directory on the Macintosh or
Linux client machine.
29.1.5 Query Prediction Requires the Majority of the Query Time
When using Oracle BI Discoverer with a relational data source, you can predict the
time that is required to retrieve information by setting the value of the QPPEnable
preference to 1. However, in some circumstances, the majority of the time taken to
retrieve information is consumed by the prediction activity itself.
To work around this issue, set the value of the QPPObtainCostMethod preference to
0 (use the EXPLAIN PLAN statement to predict query times) rather than to 1 (use
dynamic views to predict query times).
For more information about setting preferences, see the Oracle Fusion Middleware
Configuration Guide for Oracle Business Intelligence Discoverer.
29.1.6 Word Wrapping Behavior with Oracle BI Discoverer Plus and Oracle BI
Discoverer Viewer
To use word wrap settings correctly, you must understand how they are designed for
Oracle BI Discoverer:
■
■
Oracle BI Discoverer Plus: Word wrap settings that you make in Oracle BI
Discoverer Plus are saved in the worksheet and affect the display of worksheets in
Oracle BI Discoverer Plus and when printing to PDF.
Oracle BI Discoverer Viewer: Word wrap settings that you see in the Print
Settings dialog work as follows:
–
The word wrap settings do not affect the display of worksheets in Oracle BI
Discoverer Viewer.
–
For relational data:
–
*
The word wrap settings do affect the printing of worksheets to PDF.
*
If the Always wrap text when size exceeds column width box is checked,
then the print settings in Oracle BI Discoverer Viewer do override the
settings made in a worksheet in Oracle BI Discoverer Plus Relational for
printing to PDF.
*
If the Always wrap text when size exceeds column width box is not
checked, then the print settings in Oracle BI Discoverer Viewer do not
override the settings made in a worksheet in Oracle BI Discoverer Plus
Relational for printing to PDF.
For OLAP data:
*
The word wrap settings do not affect the printing of worksheets to PDF.
*
Regardless of whether the Always wrap text when size exceeds column
width check box is selected, the print settings in Oracle BI Discoverer
Viewer never override the settings made in a worksheet in Oracle BI
Discoverer Plus OLAP for printing to PDF.
29.1.7 Applet Appears Behind Browser Window
When you use Microsoft Internet Explorer, the Oracle BI Discoverer Plus Relational or
Plus OLAP applet initialization and download dialog appears behind the browser
29-4 Oracle Fusion Middleware Release Notes
General Issues
window from which it was launched. After the applet is downloaded and initialized, it
appears in front of the browser window from which it was launched.
To work around this issue:
■
■
Use a browser other than Internet Explorer, such as Netscape Navigator or Mozilla
Firefox.
Use the Oracle BI Discoverer Plus URL parameter _plus_popup=false, which
is documented in the Oracle Fusion Middleware Configuration Guide for Oracle
Business Intelligence Discoverer.
29.1.8 Issues with Mac OS X Browser and Oracle BI Discoverer Plus
The following are issues that you might encounter when you use the Safari browser on
Mac OS X with Oracle BI Discoverer Plus Relational or Plus OLAP:
■
■
If you resize the browser window in the applet, then some parts of the content
might be clipped. To work around this problem, always maximize the browser
window for the applet when working with Mac OS X.
Keyboard combinations (also known as mnemonics) do not work in Oracle BI
Discoverer Plus Relational and Plus OLAP.
For example, you cannot press Alt+F to access the File menu.
■
In the Share Workbooks dialog of Oracle BI Discoverer Plus Relational, the
leading characters of the "Shared:" list are clipped. In other words, the left edge of
the list is truncated. For example, if you shared a workbook with DISCODEV, then
you will only see SCODEV in the list. The title for the list is also truncated such that
you see only the vertical line of the "d" in "Shared" and the colon (that is, "l:").
The dialog continues to work as expected, but you might have difficulty reading
the names in the "Shared:" list.
This issue has no workaround.
29.1.9 Issues with Turkish Regional Settings
Because of Sun JRE 1.4 bug 4688797, you might encounter issues when connecting to a
database schema from a computer that has Turkish regional settings. You will
encounter the issue when you attempt to connect to a database schema with a user
name that contains certain letters, such as the letter 'I' or 'i', for example, in "bibdemo".
See the Sun JRE bug for information on the letters that are affected.
To work around this issue, either do not use Turkish regional settings or use a user
name that does not contain the affected letters.
29.1.10 Multibyte Characters Rendered as Square Boxes in Exported PDF and Other
Formats
When you export a workbook to PDF and other formats, multibyte characters (for
example, Korean, Japanese, and Chinese characters) appear as square boxes.
To work around this issue, copy the following Albany fonts from ORACLE_
HOME/jdk/jre/lib/fonts to the fonts folder of your JDK (Oracle JRockit or Sun)
within the MW_HOME directory. For example, if you are using HP-UX JDK, you must
copy the fonts to MW_HOME/jre/jdk160_11/lib/fonts.
■
AlbanWTJ.ttf
■
AlbanWTK.ttf
Oracle Business Intelligence Discoverer 29-5
General Issues
■
AlbanWTS.ttf
■
AlbanWTT.ttf
■
ALBANYWT.ttf
29.1.11 Java Plug-in Not Downloaded Automatically on Firefox
When you attempt to connect to Discoverer Plus by using the Mozilla Firefox browser
on a machine that does not have Java 1.6 installed, the browser does not download the
JRE 1.6 plug-in automatically. Instead, the browser displays the following message:
Additional plugins are required to display this page...
You must download the JRE 1.6 plug-in (by clicking the Install Missing Plugin link)
and install it manually.
29.1.12 HTTP 404 Error While Accessing Discoverer on a Remote Machine
When you attempt to connect to Discoverer Plus, occasionally, the browser returns an
HTTP 404 (File Not Found) error.
The page loads correctly when you refresh the browser a few times.
29.1.13 Error While Launching Discoverer Plus Applet on an IPv6 Environment
If the Web tier is on an IPv6 machine, when you start Discoverer Plus, the following
error message might be displayed:
Attempt1. RMI protocol over JRMP transport: Connection refused to host:
DiscoServerMahcineName;nested exception is:
@ java.net.ConnectionException: Connection timed out
To work around this issue, in the System MBean Browser of Fusion Middleware
Control, change the TransportProtocols attribute of the Plus Config MBean to
"jrmp,http" (or "jrmp,https" if Discoverer Plus is accessed by using secure HTTP).
29.1.14 Error While Updating the Discoverer Web Services Configuration Parameter
When you update the web services configuration parameter (Maximum Sessions)
using the Discoverer Web Services Configuration page of Fusion Middleware Control
and click Apply, the following error message is displayed:
Applying changes - Failed.
Exception caught:
You can ignore the error message because the changes are applied even if the
exception is thrown. Alternatively, you can update the MaxSessions attribute of the
WebServicesConfig MBean in the System MBean Browser of Fusion Middleware
Control.
29.1.15 Exception Logged for Discoverer Web-Based Applications in an Extended
Domain
When you extend a domain and add Discoverer application in a remote machine, you
may see the following exception in the WebLogic Server log:
java.lang.IllegalArgumentException: ODL-52057: The handler 'disco-server-handler'
is not defined.
29-6 Oracle Fusion Middleware Release Notes
General Issues
To work around this issue, modify the log_handlers and loggers elements in the
logging.xml file located in the DOMAIN_HOME/config/fmwconfig/servers/WLS_
DISCO folder of the machine where the domain exists.
In the log_handlers section, add the handlers as follows:
<log_handler name='discoverer-handler'
class='oracle.core.ojdl.logging.ODLHandlerFactory'>
<property name='path'
value='${domain.home}/servers/${weblogic.Name}/logs/discoverer/diagnostic.log'
/>
<property name='maxFileSize' value='1048576'/>
<property name='maxLogSize' value='10485760'/>
<property name='format' value='ODL-Text'/>
<property name='useSourceClassAndMethod' value='false'/>
</log_handler>
<log_handler name='disco-server-handler'
class='oracle.core.ojdl.logging.ODLHandlerFactory'>
<property name='path'
value='${domain.home}/servers/${weblogic.Name}/logs/discoverer/server/diagnost
ic.log'/>
<property name='maxFileSize' value='1048576'/>
<property name='maxLogSize' value='10485760'/>
<property name='format' value='ODL-Text'/>
</log_handler>
In the loggers sections, add the following elements:
<logger name='ORACLE.DISCOVERER.VIEWER' level='TRACE:32'
useParentHandlers='false'>
<handler name='discoverer-handler'/>
<handler name='odl-handler'/>
</logger>
<logger name='ORACLE.DISCOVERER.PORTLET_PROVIDER' level='TRACE:32'
useParentHandlers='false'>
<handler name='discoverer-handler'/>
<handler name='odl-handler'/>
</logger>
<logger name='ORACLE.DISCOVERER.MODEL' level='TRACE:32'
useParentHandlers='false'>
<handler name='discoverer-handler'/>
<handler name='odl-handler'/>
</logger>
<logger name='ORACLE.DISCOVERER.WEB_SERVICES' level='TRACE:32'
useParentHandlers='false'>
<handler name='discoverer-handler'/>
<handler name='odl-handler'/>
</logger>
<logger name='ORACLE.DISCOVERER.SERVER' level='TRACE:32'
useParentHandlers='false'>
<handler name='disco-server-handler'/>
<handler name='odl-handler'/>
</logger>
After adding these elements, save the logging.xml file, and restart the Administration
Server and Discoverer Managed Servers.
Oracle Business Intelligence Discoverer 29-7
General Issues
29.1.16 Issue with Discoverer Application URL in Fusion Middleware Control after a
Backup Recovery
When you recover the Oracle BI Discoverer middle tier from a backup, the Discoverer
application URL in the Discoverer Home page of Fusion Middleware Control point to
a wrong location.
You must configure the application URLs that appear on the Oracle BI Discoverer
Home page in Fusion Middleware Control after recovering the Oracle BI Discoverer
middle tier from a backup.
For more information, see "How to configure application URLs displayed on the
Fusion Middleware Control Discoverer Home page" in the Oracle Business
Intelligence Discoverer Configuration Guide.
29.1.17 Incorrect Version Number for Discoverer in Fusion Middleware Control 11g
In Fusion Middleware Control 11g, the Enterprise Manager Fusion Middleware
Control pages display wrong version number (11.1.1.2.0) for the Oracle BI Discoverer
application. The correct version number for Oracle BI Discoverer is 11.1.1.4.0.
29.1.18 Oracle BI Discoverer Startup Fails after Shutdown
When you first start up the Discoverer application from Oracle Enterprise Manager
Fusion Middleware Control or Oracle WebLogic Administration Console after
shutting down the application instance, the startup fails with error logs.
To work around this issue, start the Discoverer application again. The second time the
application starts without any error message.
29.1.19 The Database Export and Import Utility does not Work with Applications Mode
EUL
You cannot use the standard database export and import utilities to export or import
the database, EUL tables and database objects referenced by the Applications Mode
EUL definitions. The standard database export and import utility can be used only for
standard EUL definitions.
To work around this issue, use the Discoverer Export Wizard in Discoverer
Administrator to export EUL objects to an EUL export file (*.EEX). After exporting the
EUL objects, you can import the .EEX file using the Discoverer Import Wizard.For
more information, see "Creating and Maintaining End User Layers" in Oracle Fusion
Middleware Administrator's Guide for Oracle Business Intelligence Discoverer.
29.1.20 Install-level Scripts are not Updated in Existing Instances after Patching
When you upgrade Oracle Discoverer 11gR1 PS1 to 11gR1 PS2 or 11gR1 PS3, the patch
will be installed in the ORACLE_HOME folder. Therefore, script changes in the new
patch set will not be available for existing Oracle Discoverer instances, which are
located in the ORACLE_INSTANCE folder. However, new instances that are created
after the patch upgrade will be updated.
To work around this issue, after a patch upgrade manually copy the new scripts to the
existing ORACLE_INSTANCE folders. For example, copy the new discenv.sh script
file from ORACLE_HOME to the ORACLE_INSTANCE/Discoverer/Discoverer_
instance-name/util/ folder.
29-8 Oracle Fusion Middleware Release Notes
Issues Specific to Oracle BI Discoverer Plus Relational
For more information about Discoverer file locations, see "Oracle BI Discoverer
Configuration Files" in Oracle Fusion Middleware Configuration Guide for Oracle Business
Intelligence Discoverer.
29.2 Issues Specific to Oracle BI Discoverer Plus Relational
This section describes issues that are specific to Oracle BI Discoverer Plus Relational. It
includes the following topics:
■
Section 29.2.1, "Text Appearing Truncated or Clipped"
■
Section 29.2.2, "Non-ASCII Characters Not Saved Correctly in Title or Text Area"
■
Section 29.2.3, "Canceling Query Causes Discoverer to Hang"
■
Section 29.2.4, "Nonaggregable Values Not Displayed for Scheduled Workbooks"
■
Section 29.2.5, "Migrating Oracle BI Discoverer Plus Relational Worksheets from
Oracle BI Discoverer Desktop"
29.2.1 Text Appearing Truncated or Clipped
When you run Oracle BI Discoverer Plus Relational with Sun Java Plug-in 1.4.2_06, the
Browser Look and Feel, and an Asian language (such as Korean or Chinese), you
might notice that static text and text in buttons in the user interface appears truncated
or clipped. To work around this issue, do one of the following:
■
Change the Look and Feel to either Plastic or System.
■
Use JInitiator 1.3.1.17 instead of the Sun Java Plug-in.
■
Install Sun Java Plug-in version 1.4.2_10 or higher.
29.2.2 Non-ASCII Characters Not Saved Correctly in Title or Text Area
When you save a new workbook in Oracle BI Discoverer Plus, any text characters
beyond the standard ASCII characters are not saved correctly when all the conditions
that are described in the following list are met:
■
You are logged in as an Oracle e-Business Suite user.
■
The language for the computer is not English.
■
Oracle BI Discoverer Plus is running against an Oracle e-Business Suite database
that does not have that non-English language installed.
This issue has no workaround.
29.2.3 Canceling Query Causes Discoverer to Hang
If you cancel a query that is running in Oracle BI Discoverer Plus Relational, then you
are prompted to either choose YES to undo the changes or NO to show a blank sheet.
If you choose YES, then Oracle BI Discoverer Plus Relational hangs and you must close
the window and restart.
To work around this issue, choose NO to show a blank worksheet. You can then
refresh the sheet and continue working.
29.2.4 Nonaggregable Values Not Displayed for Scheduled Workbooks
Oracle BI Discoverer Plus Relational does not display nonaggregable values for
scheduled workbooks. In other words, Oracle BI Discoverer Plus Relational processes
Oracle Business Intelligence Discoverer 29-9
Issues Specific to Oracle BI Discoverer Plus OLAP
scheduled workbooks as if you selected the Show values that cannot be aggregated
as: <Non-aggregable label> option in the Worksheet Properties dialog: Aggregation
tab.
Nonaggregable values include those based on the following SQL functions:
■
A CASE SQL statement
■
A DECODE SQL statement
■
A PL/SQL function
■
A DISTINCT SQL statement
■
An analytic function
29.2.5 Migrating Oracle BI Discoverer Plus Relational Worksheets from Oracle BI
Discoverer Desktop
If you use Oracle BI Discoverer Plus Relational to open a worksheet that was created
using Oracle BI Discoverer Desktop Version 9.0.4 (or earlier), the size of the title area
for that worksheet defaults to two lines in height. A title height of two lines might be a
problem if a worksheet title requires more than or less than two lines. If you want to
change the size of the title area, you must resize the title area manually and save the
worksheet.
To resize the title area for a worksheet, open the worksheet and drag the bar at the
bottom of the title area pane up or down.
29.3 Issues Specific to Oracle BI Discoverer Plus OLAP
This section describes issues that are specific to Oracle BI Discoverer Plus OLAP. It
includes the following topics:
■
Section 29.3.1, "Issues with Applet Download"
■
Section 29.3.2, "Disabled Netscape and Mozilla Browsers"
■
Section 29.3.3, "Tabbing Fails to Synchronize Menus"
■
Section 29.3.4, "Esc Key Fails to Close Certain Dialogs"
■
Section 29.3.5, "Link Tool Works Incorrectly in Some Locales"
■
Section 29.3.6, "Memory Issues when Exporting Extremely Large Graphs"
■
Section 29.3.7, "Issue While Printing Worksheets with Large Data Values"
■
Section 29.3.8, "Issues with Titles and Text Areas"
■
Section 29.3.9, "Errors with JAWS and Format Dialogs"
29.3.1 Issues with Applet Download
There may be Oracle Business Intelligence Discoverer Plus applet download issues
when caching has been enabled in the Sun Java Plug-In.
To avoid these issues, disable caching in the plug-in.
29-10 Oracle Fusion Middleware Release Notes
Issues Specific to Oracle BI Discoverer Plus OLAP
29.3.2 Disabled Netscape and Mozilla Browsers
When you are running Netscape 7.x or Mozilla browsers, the Netscape and Mozilla
Mail clients and Web browser may become disabled when Oracle BI Discoverer Plus
OLAP modal dialogs are displayed.
Dismissing the Oracle BI Discoverer Plus OLAP dialogs resumes normal operation for
the Netscape and Mozilla tools.
29.3.3 Tabbing Fails to Synchronize Menus
When you use the Tab key to select items in a worksheet, the menus do not always
synchronize to reflect the currently selected item.
This issue has no workaround.
29.3.4 Esc Key Fails to Close Certain Dialogs
The Esc key does not close the following dialogs: Totals, New Total, Parameter, and
Manage Catalog.
Instead of using the Esc key, click the Close or OK button.
29.3.5 Link Tool Works Incorrectly in Some Locales
The Link tool, which enables users to drill out to external URLs from a crosstab cell,
might not work correctly in all locales due to URL encoding issues.
This issue has no workaround.
29.3.6 Memory Issues when Exporting Extremely Large Graphs
Exporting extremely large graphs can cause memory issues, requiring a restart of the
Oracle BI Discoverer Plus OLAP session.
This issue has no workaround.
29.3.7 Issue While Printing Worksheets with Large Data Values
When printing a worksheet that contains large numbers in the data cells, the string
####### may be printed instead of the actual numbers.
This issue has no workaround.
29.3.8 Issues with Titles and Text Areas
The following issues exist with titles and text areas:
■
Nonempty titles and text areas are printed even if they are hidden in the
worksheet.
This issue has no workaround.
■
When you set the title or text area background to green and export the worksheet
to an HTML file, the background is incorrectly set to red in the exported file.
This issue has no workaround.
Oracle Business Intelligence Discoverer 29-11
Issues Specific to Oracle BI Discoverer Portlet Provider
29.3.9 Errors with JAWS and Format Dialogs
When you use JAWS, you will notice errors when you attempt to format graphs and
crosstabs using the Format dialogs.
This issue has no workaround.
29.4 Issues Specific to Oracle BI Discoverer Portlet Provider
This section describes issues that are specific to Oracle BI Discoverer Portlet Provider.
It includes the following topics:
■
■
■
■
■
■
■
■
Section 29.4.1, "Inability to Turn Off Display of Range Min and Max as Labels"
Section 29.4.2, "Using Oracle BI Discoverer Portlet Provider with Oracle Single
Sign-On and Secure Sockets Layer (SSL) Modes"
Section 29.4.3, "Issues with Discoverer Portlets in WebCenter"
Section 29.4.4, "Issue while Publishing Discoverer WSRP Portlets in Portals Other
than Oracle Portal and Oracle WebCenter"
Section 29.4.5, "Issue with Portlet Titles in Discoverer WSRP Portlets Published on
IBM WebSphere"
Section 29.4.6, "Issue with Color and Date Pickers in Discoverer WSRP Portlets"
Section 29.4.7, "Worksheet Parameter LOV is not Displayed in Discoverer WSRP
Portlets on IBM WebSphere Portal"
Section 29.4.8, "Issue with Worksheet Parameter LOV Pop-Up Window in
Discoverer WSRP Portlets"
29.4.1 Inability to Turn Off Display of Range Min and Max as Labels
In the Display Options of a gauge portlet, the Minimum Value and Maximum Value
range labels are selected but are also disabled so that you cannot deselect the display
of those values. The values for the minimum and the maximum appear at the ends of
every gauge in the set except for those gauges where the value to be gauged is out of
the range of the minimum and the maximum values. For those gauges where the value
to be displayed exceeds the range of the minimum and the maximum values, the
gauge will automatically adjust to accommodate the value.
This issue has no workaround.
29.4.2 Using Oracle BI Discoverer Portlet Provider with Oracle Single Sign-On and
Secure Sockets Layer (SSL) Modes
If you configure Oracle BI Discoverer Portlet Provider to work with Oracle Single
Sign-On and SSL, then UIX images might not display correctly in Oracle BI Discoverer.
For example, on the Connect to OracleBI Discoverer page, the expand icon (that is, the
blue + symbol) in the Details column of the Discoverer connections list might not
display correctly.
To address this issue, you must add certain server startup properties.
1.
Start Enterprise Manager Fusion Middleware Control. For more information, see
"Managing and Configuring Discoverer" in Oracle Fusion Middleware Configuration
Guide for Oracle Business Intelligence Discoverer.
2.
Navigate to the WebLogic Server node (for example, WLS_DISCO) node, and
click the WebLogic Server Administration Console link.
29-12 Oracle Fusion Middleware Release Notes
Issues Specific to Oracle BI Discoverer Portlet Provider
3.
Select the Server Start tab on the Configurations page of the WebLogic Server
Administration Console.
4.
In the Arguments field, append the following lines, if they do not exist.
■
-Doracle.discoverer.applications.protocol=https
■
-Doracle.discoverer.applications.port=port_no
Set port_no to the HTTPS port number that you want to use (for example,
4443).
5.
Restart the server.
29.4.3 Issues with Discoverer Portlets in WebCenter
The following issues exist for Discoverer portlets displayed in Oracle WebCenter.
■
■
When a Worksheet portlet is displayed in Oracle WebCenter, the links to navigate
to the next set of records does not work.
When a List of Worksheets portlet is displayed in Oracle WebCenter, the Expand
All Icons link does not work.
To work around these issues, set the RenderPortletInIFrame attribute of the
portlet tag to TRUE. For more information, see "Setting Attribute Values for the Portlet
Tag" in Oracle Fusion Middleware Developer's Guide for Oracle WebCenter.
29.4.4 Issue while Publishing Discoverer WSRP Portlets in Portals Other than Oracle
Portal and Oracle WebCenter
When you publish Discoverer WSRP Portlets in portals other than Oracle Portal and
Oracle WebCenter (such as Oracle WebLogic Portal and IBM WebSphere Portal), the
pop-up windows for input selection will have the same page layout as the portal page
with all navigation options. If you select any of these navigation options, the current
portlet state will be lost. You might need to start publishing the portlet from the
beginnng.
The issue has no workaround.
29.4.5 Issue with Portlet Titles in Discoverer WSRP Portlets Published on IBM
WebSphere
You cannot dynamically change the portlet title of a Discoverer WSRP portlet in IBM
WebSphere after it is published. Static title is rendered in the portal for each portlet
instance.
To work around this issue, set a meaningful title for the portlet by editing the title
using the Set Title or Description option in the WebSphere portal. For more
information about changing the title of a portlet, see WebSphere documentation.
29.4.6 Issue with Color and Date Pickers in Discoverer WSRP Portlets
The Color and Date pickers in Discoverer WSRP Portlets do not work on portals other
than Oracle WebCenter.
On portals such as Oracle Portal, Oracle WebLogic Portal and IBM WebSphere, to
workaround this issue, set the value of the configuration parameter
useInlineUIXPicker to true. The default value of this parameter is false. When you
set the useInlineUIXPicker parameter to true, set the color and date as follows:
Oracle Business Intelligence Discoverer 29-13
Issues Specific to Oracle BI Discoverer Viewer
■
■
■
Inline color pickers are enabled in the Gauges Selection page and you can select a
color from the palette.
You cannot select the color using the Format option of the Personalize menu of the
worksheet. Use the Analyze option in the portlet window to change the color.
The Date picker in the Refresh option will not be available. Enter the date
manually.
29.4.7 Worksheet Parameter LOV is not Displayed in Discoverer WSRP Portlets on IBM
WebSphere Portal
The Worksheet Parameter LOV icon is not displayed when you publish Discoverer
WSRP portlets in IBM WebSphere portal.To work around this issue, enter parameter
values manually.
29.4.8 Issue with Worksheet Parameter LOV Pop-Up Window in Discoverer WSRP
Portlets
In Oracle Portal and Oracle WebLogic Portal, when you select values from the
parameter LOV from a worksheet portlet published by using the Discoverer WSRP
Portlet producer, the pop-up window is not getting closed on selection of values.You
must explicitly close the pop-up window after selection of values.
29.5 Issues Specific to Oracle BI Discoverer Viewer
This section describes issues that are specific to Oracle BI Discoverer Viewer. It
includes the following topics:
■
Section 29.5.1, "Drill Icons Cannot Be Hidden in Oracle BI Discoverer Viewer"
■
Section 29.5.2, "Error Displaying Page for Multiple SSO Users"
■
Section 29.5.3, "Inability to Disable the Display of Row Numbers"
■
Section 29.5.4, "Issues with Oracle BI Discoverer Viewer Embedded in Frames"
■
Section 29.5.5, "Issue Exporting to PDF Under Certain Circumstances"
■
Section 29.5.6, "Issue When Changing Colors for Oracle BI Discoverer Viewer in
Fusion Middleware Control on Mac OS X"
■
Section 29.5.7, "Discoverer Catalog Items Not Visible From UNIX Servers"
■
Section 29.5.8, "Known Bug with JAWS Prevents Drilling Using the Enter Key"
■
Section 29.5.9, "JAWS Does Not Read Asterisks that Precede Fields"
■
Section 29.5.10, "Oracle BI Discoverer Viewer Pages are not Cached by Oracle Web
Cache"
29.5.1 Drill Icons Cannot Be Hidden in Oracle BI Discoverer Viewer
The pref.txt file contains a setting called ShowDrillIcon, which is not
functioning properly. If you set ShowDrillIcon to False, then drill icons are still
displayed in Oracle BI Discoverer Viewer.
The issue has no workaround.
29-14 Oracle Fusion Middleware Release Notes
Issues Specific to Oracle BI Discoverer Viewer
29.5.2 Error Displaying Page for Multiple SSO Users
When an Oracle Single Sign-On (SSO) user tries to view a worksheet from a List of
Worksheets Portlet by using the same browser window that is already being used by
an SSO user to view that worksheet, the second user sees the following error message:
"The page cannot be displayed".
To work around this issue, start a new browser session and view the worksheet.
29.5.3 Inability to Disable the Display of Row Numbers
Oracle BI Discoverer Viewer no longer offers the ability to disable the display of row
numbers in a tabular worksheet.
29.5.4 Issues with Oracle BI Discoverer Viewer Embedded in Frames
Users might see JavaScript errors such as "Access Denied" or other unexpected
behavior when both of the following conditions are met:
■
■
When Oracle BI Discoverer Viewer is embedded in an IFRAME tag.
When the domain of the server that hosts the HTML page with the IFRAME tag is
different from the domain of the Oracle BI Discoverer server that is running Oracle
BI Discoverer Viewer.
Use one of the following workarounds for this issue:
■
■
Run the Oracle BI Discoverer server and the server that hosts the HTML page with
the IFRAME tag in the same domain.
Alter the Common2_2_20.js file on the Oracle BI Discoverer server using the
following steps:
1.
Use Fusion Middleware Control to stop all services on the middle tier for
Oracle Business Intelligence.
2.
Make a backup copy of the Common2_2_20.js file from the following
directory:
domain\servers\managed_
server\stage\discoverer\release\discoverer\discoverer.war\
cabo\jsLib
domain is the path of directory that contains the domain.
managed_server is the name of the managed server on which the
Discoverer application is deployed.
release is the release number of Discoverer. For example, 11.1.1.1.0.
3.
Edit the Common2_2_20.js file and replace all occurrences of "parent._
pprSomeAction" with "window._pprSomeAction".
4.
Use Fusion Middleware Control to start all services on the middle tier for
Oracle Business Intelligence.
5.
Clear the browser cache on the client machine so that the new Common2_2_
20.js file will be used.
29.5.5 Issue Exporting to PDF Under Certain Circumstances
If you are using Oracle BI Discoverer Viewer with Microsoft Internet Explorer, you
might encounter an error message when you try to export to PDF a worksheet that is
Oracle Business Intelligence Discoverer 29-15
Issues Specific to Oracle BI Discoverer Viewer
named with non-ASCII characters, a space, and a number. The export fails and you
will see a message similar to the following one:
No %PDF- in a file header
Use one of the following methods to work around this issue:
■
■
■
Use a browser other than Internet Explorer, such as one from Netscape or Mozilla.
Remove the space between the non-ASCII characters and the number, or remove
the number altogether.
Continue to use Internet Explorer and leave the space in the worksheet name, but
follow these steps:
1.
Start the Adobe Reader.
2.
From the Edit menu, choose Preferences, then click Internet.
3.
Clear the Display PDF in browser box.
29.5.6 Issue When Changing Colors for Oracle BI Discoverer Viewer in Fusion
Middleware Control on Mac OS X
You can use Fusion Middleware Control to change the look and feel of Oracle BI
Discoverer Viewer. That page contains a color chooser, or palette. If you use Fusion
Middleware Control on Mac OS X with the Safari browser, then the page does not
correctly enter the color code when you select a color from the palette.
To work around this issue, you can either use the Firefox browser or you can enter a
color code directly.
The color codes are standard HTML hexadecimal color codes. You can enter one of the
49 colors that are available in the color palette, or you can enter any valid HTML
hexadecimal color code.
The following list provides examples of colors with their codes:
white #FFFFFF
grey #CCCCCC
black #000000
pink #FFCCCC
red #FF0000
light yellow #FFFFCC
yellow #FFFF00
light green #99FF99
dark green #00CC00
light blue #66FFFF
dark blue #3333FF
lavender #FF99FF
purple #CC33CC
29.5.7 Discoverer Catalog Items Not Visible From UNIX Servers
You might encounter issues when trying to see items in the Discoverer Catalog when
using Oracle BI Discoverer Viewer with OLAP data on UNIX servers.
You can resolve this issue on the middle-tier machine where Oracle BI Discoverer runs
by performing the following steps.
To check whether the time zone variable is set:
29-16 Oracle Fusion Middleware Release Notes
Issues Specific to Oracle BI Discoverer Viewer
1.
Open a shell prompt.
2.
Type echo $TZ to display the time zone setting.
If no value is displayed, then the time zone has not been set.
To set the time zone variable:
1.
Open a shell prompt.
The UNIX user that sets the TZ variable must be the same
UNIX user that installed Oracle Business Intelligence.
Note:
2.
If you do not know which shell you are using, type $echo $SHELL to display the
name of the current shell.
3.
Set the time zone as appropriate.
For example, to set the time zone variable for US/Pacific time:
■
For the Bourne, Bash, or Korn shell, type export TZ=US/Pacific
■
For the C shell, type setenv TZ US/Pacific
Note:
Consult the shell documentation for the appropriate values.
29.5.8 Known Bug with JAWS Prevents Drilling Using the Enter Key
Oracle BI Discoverer can be used in conjunction with assistive technologies such as the
JAWS screen reader. However, a bug in JAWS prevents the drilling feature from
working correctly in Oracle BI Discoverer Viewer when querying a relational data
source.
Assume that you use the keyboard to navigate to the drill icon beside an item in the
worksheet header. When you press the Enter key to drill on that header item, the
Drill page should be displayed as described in the "Worksheet Display page: (Page
level tools and controls)" topic in the Help system and the Oracle Fusion Middleware
User's Guide for Oracle Business Intelligence Discoverer Viewer).
However, when JAWS is running, the Drill page is not displayed. Instead, the Drill
popup menu is displayed. It is not possible to select items from this popup menu by
using the keyboard, and JAWS does not read the items on the popup menu.
This issue has no workaround.
29.5.9 JAWS Does Not Read Asterisks that Precede Fields
In Oracle BI Discoverer Viewer, an asterisk that precedes a text field indicates that the
user is required to enter a value into that text field. The JAWS screen reader does not
read an asterisk that precedes a required text field and does not otherwise indicate that
the field is required.
This issue has no workaround.
29.5.10 Oracle BI Discoverer Viewer Pages are not Cached by Oracle Web Cache
When using Oracle BI Discoverer with Oracle Web Cache, note the following:
Oracle Business Intelligence Discoverer 29-17
Issues Specific to Oracle BI Discoverer EUL Command Line for Java
■
■
When Oracle Single Sign-On is enabled, Oracle Web Cache does not cache Oracle
BI Discoverer Viewer pages, regardless of whether they are accessed using a
public connection or a private connection.
If an Oracle BI Discoverer Viewer page is accessed directly through a URL and the
URL contains URL parameters that specify login details (for example, user name,
database name), then Oracle Web Cache does not cache the page. For example,
Oracle Web Cache does not cache worksheet "Sheet 1" in workbook "Workbook 2"
that is displayed by using the following URL:
http://<host.domain>:<port>/discoverer/viewer?us=video5&db=db
1&eul=VIDEO5&wbk=Workbook+2&ws=Sheet+1
Note: In the example above, us= specifies the database user name,
and db= specifies the database name.
However, Oracle Web Cache does cache worksheet "Sheet 1" in workbook
"Workbook 2" if a user logs in manually to Oracle BI Discoverer Viewer by using
the same login details, and navigates to the worksheet.
■
You must increase the delays for Oracle BI Discoverer Viewer by at least 60
seconds for Oracle BI Discoverer Viewer to properly cache workbooks with Oracle
Web Cache.
For more information, see "How to configure Discoverer Viewer to enable
maximum caching" in the Oracle Fusion Middleware Configuration Guide for Oracle
Business Intelligence Discoverer.
29.6 Issues Specific to Oracle BI Discoverer EUL Command Line for Java
This section describes issues that are specific to Oracle BI Discoverer EUL Command
Line for Java.
29.6.1 Issue with Exported Non-ASCII Data
When you export multibyte or Eastern European data (such as the names of items and
business areas in Japanese or Russian characters) from Oracle BI Discoverer EUL
Command Line for Java on a platform other than Windows, the exported data is
corrupted.
To work around this issue, edit the discwb.sh file that is located in the ORACLE_
HOME/discoverer directory before exporting. Change the character set value in the
NLS_LANG variable to UTF8.
For example, if the original setting of the variable is:
NLS_LANG="GERMAN_GERMANY.WE8ISO8859P1"
Change the setting to:
NLS_LANG="GERMAN_GERMANY.UTF8"
29.7 Issues Specific to Oracle BI Discoverer Administrator
This section describes issues that are specific to Oracle BI Discoverer Administrator. It
includes the following topic:
■
Section 29.7.1, "Issue with Installation of Video Stores Tutorial"
29-18 Oracle Fusion Middleware Release Notes
Issues Specific to Oracle BI Discoverer Administrator
29.7.1 Issue with Installation of Video Stores Tutorial
Before installing the video stores tutorial in Oracle Database 10g Enterprise Edition
Release 2 (version 10.2.0.1 and higher), you must manually create the VIDEO5 user. If
you attempt to install the video stores tutorial in Oracle Database 10g Enterprise
Edition Release 2, then the installation will fail if the VIDEO5 user does not already
exist. To work around this issue:
1.
Create the VIDEO5 user manually by completing these steps:
a.
Access Oracle Database 10g with SQL*Plus, Enterprise Manager, or any SQL
command line tool.
b.
Create the VIDEO5 user.
c.
Grant CONNECT and RESOURCE privileges to the VIDEO5 user.
For more information about creating users and granting privileges, see the Oracle
Database SQL Reference or your DBA
2.
Connect to Discoverer Administrator as the EUL owner and install the tutorial.
You must enter the VIDEO5 user password during installation.
For information about installing the video stores tutorial, see the Oracle Fusion
Middleware Administrator's Guide for Oracle Business Intelligence Discoverer.
Oracle Business Intelligence Discoverer 29-19
Issues Specific to Oracle BI Discoverer Administrator
29-20 Oracle Fusion Middleware Release Notes
30
Oracle Forms
30
This chapter describes issues associated with Oracle Forms. It includes the following
topics:
■
Section 30.1, "General Issues and Workarounds"
■
Section 30.2, "Configuration Issues and Workarounds"
■
Section 30.3, "Documentation Errata"
30.1 General Issues and Workarounds
This section describes general issues and workarounds. It includes the following
topics:
■
Section 30.1.1, "Backwards Compatibility with Earlier Releases"
■
Section 30.1.2, "Linux/UNIX Issues and Workarounds"
30.1.1 Backwards Compatibility with Earlier Releases
For information about upgrading from Forms 6i, see the "Upgrading to Oracle Forms
Services 11g" chapter in Oracle Fusion Middleware Forms Services Deployment Guide. For
information about changed or obsolete features, see the Oracle Forms Upgrading Oracle
Forms 6i to Oracle Forms 11g Guide.
For upgrading from Oracle Forms 10g and prior releases, you can use the Upgrade
Assistant. For more information, see the Oracle Fusion Middleware Upgrade Planning
Guide and Oracle Fusion Middleware Upgrade Guide for Oracle Portal, Forms, Reports, and
Discoverer.
Additional information about backwards compatibility is included in My Oracle
Support Note 113987.1 at: http://myoraclesupport.oracle.com
Regardless from which version of Oracle Forms you are upgrading, you will need to
recompile your applications and restart Oracle Forms.
30.1.2 Linux/UNIX Issues and Workarounds
This section describes issues related to Oracle Forms and Linux/UNIX. It includes the
following topics:
■
Section 30.1.2.1, "LD_PRELOAD Setting Required for Signal Chaining Facility"
■
Section 30.1.2.2, "Check the Reports Engine Logs for FRM-41214"
■
Section 30.1.2.4, "Changing User Permissions"
Oracle Forms 30-1
Configuration Issues and Workarounds
30.1.2.1 LD_PRELOAD Setting Required for Signal Chaining Facility
The LD_PRELOAD setting in default.env is required for the working of signal
chaining facility in JVM version 1.5 and later. If you are creating or using other
environment files, the setting in the environment file for LD_LIBRARY_PATH and LD_
PRELOAD must be the same as in default.env.
30.1.2.2 Check the Reports Engine Logs for FRM-41214
If you encounter the Forms error FRM-41214:Unable to run report when trying to run
Reports from a Forms session, check the Reports engine logs for more details on the
error.
30.1.2.3 Forms Builder Does not Launch on Linux RHEL5
Included per bug 8485101 Deleted as per bug 8618471
When attempting to launch Forms Builder using the command frmbld.sh in
$ORACLE_INSTANCE/bin/, the following error message is displayed:
$ORACLE_HOME/bin/frmbld: error while loading shared libraries:
libXm.so.3: cannot open shared object file: No such file or
directory
As a workaround, create a symlink named libXm.so.3 to libXm.so.4 in ORACLE_
INSTANCE/bin/xm and add it to the LD_LIBRARY_PATH. Or install OpenMotif
package using the command rpm -i openmotif22-2.2.3-18.i386.rpm
30.1.2.4 Changing User Permissions
The 11g installation sets the permissions of the files so that only the user who installed
11g can run the executables. Refer to the document Setting Developer Tools Permissions
on Unix at http://www.oracle.com/technology/products/forms for
instructions on changing permissions for other users to allow execution of the Forms
development tools.
30.2 Configuration Issues and Workarounds
This section describes configuration issues and their workarounds. It includes the
following topics:
■
Section 30.2.1, "Non-Internet Explorer Browser Proxy Settings when Using
One-Button-Run"
■
Section 30.2.2, "WebUtil Client Files Allow Configuration of Destination Directory"
■
Section 30.2.3, "webutil.properties Files Renamed for Different Libraries"
■
■
■
Section 30.2.4, "Forms does not Work with JDK 1.6.0_12 on Client with
WinRunner"
Section 30.2.5, "JavaScript Communication Does not Work in IE for Framed HTML
File"
Section 30.2.6, "JavaScript Events Calling Forms Applications in a Safari 5 Browser
Do not Work"
30.2.1 Non-Internet Explorer Browser Proxy Settings when Using One-Button-Run
If you encounter a FORBIDDEN error when using One-Button-Run with any of the
supported browsers other than Internet Explorer, verify if 127.0.0.1 (localhost) is in the
30-2 Oracle Fusion Middleware Release Notes
Configuration Issues and Workarounds
proxy settings for your browser. If 127.0.0.1 is not in the exceptions list, then add it.
This ensures that the browser will bypass the proxy server.
30.2.2 WebUtil Client Files Allow Configuration of Destination Directory
WebUtil downloads install.syslib libraries into the bin directory of the JRE or
JVM on Windows and into the lib directory of JRE on Linux. This location can be
specified in the parameter install.syslib.location.client.<OS> = <Path
on client machine> (where <Path on client machine> represents the path
to the location where libraries used on the client by WebUtil are stored and is either
absolute or relative to client user home) in webutil.cfg.
30.2.3 webutil.properties Files Renamed for Different Libraries
When install.syslib libraries are downloaded, WebUtil creates the
webutil.properties file which is located in the client user home. Different
webutil.properties files are maintained on client side to allow different servers to
download and manage their libraries on client. The files are named
webutil.<HOST>.<CONFIG>.properties on the client, where HOST is the server
computer name and CONFIG is the name of configuration section in formsweb.cfg.
30.2.4 Forms does not Work with JDK 1.6.0_12 on Client with WinRunner
Forms does not run when using JDK 1.6.0_12 and later versions on a client that also
has WinRunner installed.
As a workaround, rename the two environment variables _JAVA_OPTIONS and
JAVA_TOOLS_OPTIONS. For example, rename them to test_JAVA_OPTIONS and
test_JAVA_TOOLS_OPTIONS. This will disable WinRunner but allows Forms to run.
30.2.5 JavaScript Communication Does not Work in IE for Framed HTML File
JavaScript communication does not work in framed HTML file that is opened in
Internet Explorer 7, or in Internet Explorer 8 with file:// protocol.
As a workaround, use the IP address instead of the machine name in the URL for the
frame. For example in testform.htm, change:
<frame noresize="noresize"
src="http://testform.us.oracle.com:8888/forms/java/js2frm1.html" name="fr2"
frameborder="0">
<frame noresize="noresize"
src="http://testform.us.oracle.com:8888/forms/frmservlet?play=&record=forms&
form=js2frm1&userid=scott/tiger@adt10220" name="fr1" frameborder="0">
to
<frame noresize="noresize"
src="http://<IP address>:8888/forms/java/js2frm1.html" name="fr2"
frameborder="0">
<frame noresize="noresize"
src="http://<IP address>:8888/forms/frmservlet?play=&record=forms&form=js2fr
m1&userid=scott/tiger@adt10220" name="fr1" frameborder="0">
Oracle Forms 30-3
Documentation Errata
30.2.6 JavaScript Events Calling Forms Applications in a Safari 5 Browser Do not Work
When using JavaScript integration with a Forms application in a Safari 5 browser on
Windows, the communication from Forms to JavaScript running in the browser works;
however, the calls to the applet from JavaScript do not work.
As a workaround, perform the following:
1.
Ensure you are using base.htm.
2.
In base.htm, delete the <NOSCRIPT></NOSCRIPT> tags that are wrapping the
<APPLET> tag.
30.3 Documentation Errata
This section describes documentation errata. It includes the following topics:
■
Section 30.3.1, "Support for Common SQL Parser"
■
Section 30.3.2, "Passing userid in Secure Mode"
■
Section 30.3.3, "JDAPI Programming Example"
30.3.1 Support for Common SQL Parser
The following environment variable must be added to Table 4-14 of the Oracle Fusion
Middleware Forms Services Deployment Guide: FORMS_PLSQL_BHVR_COMMON_SQL.
Set the environment variable to true or to 1 to enable the feature and to false or to 0 to
disable the feature. If this variable is set, PL/SQL uses a common SQL parser (that is,
the one in RDBMS SQL engine) for compiling SQL code rather than the separate one
built in to PL/SQL used for compiling static SQL.
30.3.2 Passing userid in Secure Mode
The following information on passing userid in secure mode must be added to Oracle
Forms Builder online help.
Passing userid as an argument when using the Forms compiler (frmcmp or frmcmp_
batch) may lead to security risks. In addition to the interactive dialog mode already
available, the compiler can now accept the connect string via standard input. To pass
the userid in a secure mode, perform the following:
1.
Set the environment variable FORMS_STDIN_PASSWORD to 1.
2.
Run the compiler without any connect string. Enter the connect string after the
compiler has started.
3.
Run the compiler using redirection to pass the password to the compiler. (This is
especially useful in compiling several Forms in a script.) For example:
#!/bin/sh
echo "Enter userid"
read -s myuserid
for i in 'ls *.fmb'
do
echo Compiling Form $i ....
frmcmp_batch.sh batch=yes module=$i module_type=form compile_all=yes <<<
"$myuserid"
done
Note that this script is a sample that tries to protect the password, but on some
platforms and configurations it may still lead to security risks.
30-4 Oracle Fusion Middleware Release Notes
Documentation Errata
30.3.3 JDAPI Programming Example
The JDAPI Programming Example in the Forms Developer Online Help must be
updated to the following code:
import
import
import
import
java.io.File;
java.io.PrintWriter;
java.io.FileWriter;
java.text.MessageFormat;
import oracle.forms.jdapi.*;
/**
* Dumps passed forms JdapiObjects to an output stream as text.
*
* Set command line options for more output, else only the
* basic form tree structure will be dumped.
*
* See printUsage for command line options.
*/
public class FormDumper
{
/**
* Need this to parse the command line options
*
* The string represents valid command options as detailed in the
* Getopt class
*/
boolean m_dumpAllProps = false;
boolean m_dumpBoolProps = false;
boolean m_dumpNumProps = false;
boolean m_dumpTextProps = false;
boolean m_dumpPropNames = false;
String m_dumpPath = null;
/**
* Output stream, default to STDOUT */
private PrintWriter m_out = new PrintWriter(System.out, true);
/**
* Use this to indent children
*/
private String m_indentation = "";
/**
* Constructor
*/
public FormDumper()
{
}
/**
* Special constructor that does not take command line arguments.
*
* @param out The output writer where to send dump information.
*/
public FormDumper(PrintWriter out)
{
m_out = out;
m_dumpAllProps = true;
Oracle Forms 30-5
Documentation Errata
m_dumpBoolProps = true;
m_dumpNumProps = true;
m_dumpTextProps = true;
m_dumpPropNames = true;
}
/**
* Set the dump path.
*
* @param path The file where the dumper must send the information
*/
public void setDumpPath(String path)
{
m_dumpPath = path;
}
/**
* Indirect output
*/
public void println(String s)
{
m_out.println(s);
}
/**
* Dump a form to the output stream
*/
public void dumpForm(String filename)
throws Exception
{
FormModule fmb = FormModule.open(filename);
System.out.println("Dumping module " + fmb.getName());
if (m_dumpPath != null)
{
// use this form's FILE name to name the dump file
String thisFormName = new File(filename).getName();
thisFormName = thisFormName.substring(0, (thisFormName.length()-4));
StringBuffer dmpFilename = new StringBuffer();
dmpFilename.append(m_dumpPath);
if (!dmpFilename.toString().endsWith("/"))
{
dmpFilename.append("/");
}
dmpFilename.append(thisFormName);
m_out = new PrintWriter(new FileWriter(dmpFilename.toString()), true);
}
// Call the actual 'dump' method
dump(fmb);
// Dump the coordinate system used by the module
m_indentation = " ";
dump(new Coordinate(fmb));
m_indentation = "";
println("Dumped " + fmb.getName());
// Close the module
30-6 Oracle Fusion Middleware Release Notes
Documentation Errata
fmb.destroy();
}
/**
* Recursively dump a forms JdapiObject and its children to the output stream
*/
protected void dump(JdapiObject jo)
{
String className = jo.getClassName();
// print out a context line for the JdapiObject
// If it is a coordinate system, it does not have a name
if(className.equals("Coordinate"))
{
println(m_indentation + "Coordinate System ");
}
else
{
println(m_indentation + className + " " + jo.getName());
}
// Property classes need special treatment
if(className.equals("PropertyClass"))
{
dumpPropertyClass((PropertyClass)jo);
}
else // Generically dump the required property types only
{
if (m_dumpTextProps)
{
dumpTextProps(jo);
}
if (m_dumpBoolProps)
{
dumpBoolProps(jo);
}
if (m_dumpNumProps)
{
dumpNumProps(jo);
}
// Additionally, dump any Item list elements
if(className.equals("Item"))
{
dumpListElements((Item)jo);
}
}
// use Form's metadata to get a list of all the child JdapiObjects this
JdapiObject can have
JdapiMetaObject meta = JdapiMetadata.getJdapiMetaObject(jo.getClass());
JdapiIterator props = meta.getChildObjectMetaProperties();
JdapiMetaProperty prop = null;
JdapiIterator iter = null;
JdapiObject child = null;
// loop through every possible kind of child JdapiObject this JdapiObject
//can have
while(props.hasNext())
Oracle Forms 30-7
Documentation Errata
{
prop = (JdapiMetaProperty)props.next();
// only bother if we can access these JdapiObjects
if(!prop.allowGet())
{
continue;
}
// get the actual values for the current child JdapiObject type,
// e.g. get the Items on a Block
iter = jo.getChildObjectProperty(prop.getPropertyId());
// null is returned if there are no property values
if(iter != null)
{
// loop over every child value
while(iter.hasNext())
{
child = (JdapiObject)iter.next();
// recursively navigate to it
m_indentation += " ";
dump(child);
if(m_indentation.length()>2)
m_indentation = m_indentation.substring(0, m_indentation.length()-2)
;
}
}
}
}
/**
* Dump list elements
*
* The JdapiObject is an item; if it is a list item,
* dump the list elements.
*
* @param item
*/
private void dumpListElements(Item item)
{
if( item.getItemType() == JdapiTypes.ITTY_LS_CTID)
{
if (m_dumpPropNames)
{
println(m_indentation + "dumping list elements");
}
for(int i = 1; i <= item.getListElementCount(); i++)
{
String label = item.getElementLabel(i);
String value = item.getElementValue(i);
println( m_indentation + " " + i + ": '" +