2 Options to Encrypt
|
1 method for Decryption
|
|
Opt 1
|
.
/u01/app/oracle/product/fmw/user_projects/domains/<your
domain>/bin/setDomainEnv.sh
java weblogic.security.Encrypt <user name to be encrupted w/o quotes> |
. /u01/app/oracle/product/fmw/user_projects/domains/<your
domain>/bin/setDomainEnv.sh
Not Applicable; as weblogic.security.Decrypt method in unavailable |
Opt2
|
/u01/app/oracle/product/fmw/wlserver_10.3/common/bin/wlst.sh
wls:/offline> domain="/u01/app/oracle/domains/<your domain>" wls:/offline> service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain) wls:/offline> encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service) wls:/offline> print encryption.encrypt("Welcome1") {AES}DY2vfJ80wx72i8GUhNYFgiPsxr2ImFBrpOmUYcfMFBo= |
/u01/app/oracle/product/fmw/wlserver_10.3/common/bin/wlst.sh
wls:/offline> domain="/u01/app/oracle/domains/<your domain>" wls:/offline> service = weblogic.security.internal.SerializedSystemIni.getEncryptionService(domain) wls:/offline> encryption = weblogic.security.internal.encryption.ClearOrEncryptedService(service) wls:/offline> print encryption.decrypt("{AES}DY2vfJ80wx72i8GUhNYFgiPsxr2ImFBrpOmUYcfMFBo=") Welcome1 |
An IT professional and a technology enthusiast interested in SOA, FMW, database and linux.
Tuesday, October 24, 2017
Encrypt and Decrypt text in Weblogic
Saturday, October 7, 2017
Cannot read the default policy store. config/fmwconfig/work/AdminServer/policyA/mac Permission denied
Cannot read the default policy store. config/fmwconfig/work/AdminServer/policyA/mac (Permission denied)
OIM Weblogic
Admin Server Failed to start with below error. Sometimes,
Admin server may start but the managed server may FAIL to Restart,
with similar errors.
<Notice> <Log Management>
<BEA-170019> <The server log file
/u01/app/oracle/product/fmw/user_projects/domains/oim_domain/servers/AdminServer/logs/AdminServer.log
is opened. All server side log events will be written to this file.> Dec 10, 2017 2:04:16 AM oracle.security.jps.az.internal.runtime.service.PDPServiceImpl
oracle.security.jps.az.internal.runtime.service.PDPServiceImpl SEVERE: Cannot read the
default policy store. oracle.security.jps.service.policystore.PolicyStoreException: java.io.FileNotFoundException:
/u01/app/oracle/product/fmw/user_projects/domains/oim_domain/config/fmwconfig/work/AdminServer/policyA/mac
(Permission denied) at
oracle.security.jps.az.internal.runtime.pd.receiver.FileCacheHelper.writeStateCheck(FileCacheHelper.java:241) … …
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221) Caused by: java.io.FileNotFoundException:
/u01/app/oracle/product/fmw/user_projects/domains/oim_domain/config/fmwconfig/work/AdminServer/policyA/mac
(Permission denied)
at java.io.FileOutputStream.open(Native
Method)
at java.io.FileOutputStream.<init>(FileOutputStream.java:221)
at java.io.FileOutputStream.<init>(FileOutputStream.java:171)
at oracle.security.jps.az.internal.runtime.pd.receiver.FileCacheHelper.writeMac(FileCacheHelper.java:633)
at
oracle.security.jps.az.internal.runtime.pd.receiver.FileCacheHelper.writeMac(FileCacheHelper.java:606) |
Resolution:
-
Change
permission of the file from root to oracle (or the application owner)
-
$
chown oracle:oracle /u01/app/oracle/product/fmw/user_projects/domains/oim_domain/config/fmwconfig/work/AdminServer/policyA/mac
-
Also
remove (backup) the stage, data, tmp and cache
folders from AdminServer. Do the same for managed
servers if they were started as well, following the Adminserver
startup with root user
-
Restart
the Admin and managed servers
Cause:
-
It
appears the Admin server was started using root user