#%@$&! data-sources.xml!

After chugging along happily with my project and figuring out how to connect to an Oracle database using the jdbc thin driver from a servlet I ran into yet another JDev 10.1.3 - OAS 10.1.2 gotcha - the data-sources.xml file.

This file contains the jndi database connection info used by an OC4J to connect an application to a backend database. Although the ADF Developer's Guide for Forms/4GL Developers contains instructions for creating OAS 10.1.2 compliant deployment descriptor files, it doesn't mention that when JDev 10.1.3 actually loads data into these files it won't be OAS 10.1.2 compliant.

My project ran great with JDev's 10.1.3 embedded OC4J, but when I tried to deploy it to my OAS 10.1.2 OC4J, I got errors complaining of unrecognized tags in the data-sources.xml file. I searched the J2EE directory in OAS 10.1.2, found a sample data-sources.xml file, and copied what I hoped was the correct information from my JDev 10.1.3-created data-sources.xml file. Long story short: it worked. But what a PITA.

Search OID For a DN From a Servlet

Accomplished step 2: searching Oracle Internet Directory for the Distinguished Name taken from the client certificate. I studied the code in the Sample Application Demonstrating User Authentication using Oracle Internet Directory Java API . This is a short sample that loads sample users into OID and then searches for a user using the javax.naming.directory and oracle.ldap.util APIs. Although the sample is run from the command prompt, I was able to adapt it to run in my test servlet. I can now find a user by their DN.

Next - if a user isn't found in OID, prompt them for a username and use it to search a table in the Oracle 10g backend database.

Got X509 Certs - Finally!

Yesterday's problems were caused by, um, operator error, and have been resolved. I can now use a servlet to extract all the details of a client certificate.

Next up: Learning how to use the Subject DN of the certificate to search the Oracle Internet Directory LDAP Server.

X509Certificates - Getting Closer

Found a sample Java servlet that reads client certificates. Loaded it into JDev 10.1.3, configured it for OAS 10.1.2, deployed it successfully to a new OC4J container, and connected to it successfully, but it reported that no client certificate was present. This was a head scratcher, so I reviewed the Java API for the X509Certificate class and the HTTPRequest interface, tried a couple of things, didn't get anything to work, and then somehow ended up on the Sun Developer Network, where I found this post: Obtaining an X509Certificate from a Web App. The post mentions adding the directive "Oc4jExtractSSL On" to the Apache mod_oc4j.conf file. Apparently, you have to explicitly tell the Oracle HTTP Server to pass the client certificate to the OC4J. So I tried it - but still not getting the certificate. But I think I'm getting closer - still googling and hopefully I'll have an answer by the end of the day.

Update: Found another missing piece of the puzzle in an OTN post. Enabled the SSLOptions +ExportCert +StdEnvVars directives in ssl.conf, but the servlet is still not getting the certificates. Posted a plea for help in the OTN OC4J/J2EE forum here. Hope I hear from someone soon.

Another Update: I hate the Metalink interface so much I usually leave it as my last resource, but lo and behold I found Note 256244.1 Sample code to read Client Certificate details in a Servlet/JSP. It links to Note 255965.1 Configuration steps to read Client Certificate details from a Servlet/JSP (sorry - Oracle CSI required to access). The configuration steps have added nothing new to what I've already done with mod_oc4j.conf and ssl.conf. But I thought I'd give the sample code a try. Opened a new application in JDev 10.1.3, changed to the 1.4.2 library, created a servlet, copied and pasted the code, no errors, ran it in the embedded OC4J and got the expected result: A web page stating the connection was not made via HTTPS so no certificate data available. Yippee! Created my deployment descriptors and profile, deployed it to an .EAR, copied the .EAR to the applications directory of my configured OC4J, deployed successfully and all I get is a #@!&^! 404 Page Not Found Error.


Slamming head on desk. . .

Unknown assembly root-tag attribute: xmlns:xsi. deploy failed!

Well, I got an .EAR file created with JDev 10.1.3 to deploy on my 10.1.2 OAS yesterday, but today with a new project I get the above error.

This is an issue with the configuration files being J2EE 1.5-compliant when they need to be J2EE 1.4-compliant.

I have tried searching the directory for the xmlns.xsi attribute, and found a few files with it. Then I reliazed I hadn't changed the J2EE library for the deployment project. I changed it, regenerated the .EAR file, but I'm still getting the error. I also followed the instructions in table 34-3 of the ADF Developers Guide for Forms/4GL Developers, but still getting the error. Tried deleting the OC4J container on the OAS 10.1.2 server in case it was trying to deploy the old .EAR from a temp file, but that didn't work either.

I also created a new deployement profile with a different name, generated an .EAR file with that name, and am still getting the error. A search of the directory for the xmlns.xsi. tag shows it doesn't exist! Why then is OAS complaining? Where is it finding this tag? What the heck is going on?

I'm sure I've missed one simple step, and when I find it I'll post the whole process here step-by-step so I don't have to keep figuring it out each time I want to deploy from JDev 10.1.3 to OAS 10.1.2.

This is why there are dents in the walls surrounding my cubicle - dents shaped like my forehead.

Update: Okay, got it to work. I kept it as simple as possible, creating J2EE 1.4-compliant configuration files for the project, turning off the automatic data-sources.xml creation option in JDev's preferences, and created an .EAR file from the project itself instead of creating a seperate project just for deployment.

So, as promised, here's the steps I'm using to develop and deploy a project from JDev 10.1.3 to OAS 10.1.2:

1. Turned off default data-sources.xml generation in JDev's Tools -> Preferences dialog.
2. After creating the application and adding a project, changing the project properties libraries options to use J2EE 1.4 (more on how to do this on ADF Developers' Guide section 22-11).
3. Created the following J2EE 1.4-compliant configuration files in the project properties dialog (more info in the ADF Developers' Guide for Forms/4GL Developers table 34-3):
1. application.xml
2. web.xml
3. orion-application.xml

I didn't create data-sources.xml or oc4J-connections.xml configuration files because my apps are very simple - a http servlet and html page. I will probably have to add them when I move on to my JSP which will have to query a 10g database.

Time for lunch - woohoo!

JDeveloper and Libraries - an Import Lesson

Although I've run through several of the Oracle JDeveloper 10.1.3 tutorials, none of them dealt with adding libraries to a project. Today, I copy and pasted some sample code that imports from the javax.servlet.http package. JDev complained it couldn't find it. So I guessed I needed to add a library to the project. I fumbled my way around for a while and finally added the J2EE library. This seemed to work - JDev is no longer complaining and the code compiles. I'm sure there's a way to configure JDev to add libraries by default, but I haven't figured it out.