Documente Academic
Documente Profesional
Documente Cultură
Prepared by:
Prepared for:
Kieran Harrop
Ministry of Education and
Advanced Education
Table of Contents:
Table of Contents:............................................................................................................... 2
Purpose:............................................................................................................................... 4
Audience: ............................................................................................................................ 4
Terms and Concepts............................................................................................................ 4
Introduction..................................................................................................................... 4
The term Landscape .................................................................................................... 4
Tiers and Layers.............................................................................................................. 4
Public Web Server (Reverse Proxy Server).................................................................... 5
Application Servers......................................................................................................... 6
Database Server Connections ......................................................................................... 6
What Is a Farm? .............................................................................................................. 7
What Is an OracleAS Cluster? ........................................................................................ 7
High Level Architecture ..................................................................................................... 7
Architectural Review .................................................................................................... 11
Versions of OAS 10g .................................................................................................... 11
OAS 10g 10.1.2.0.2 (Forms, Reports, mod_plsql, Portal)................................................ 11
Oracle HTTP Server ..................................................................................................... 11
Oracle HTTP Server Components ............................................................................ 12
Oracle HTTP Server Architecture ............................................................................ 13
Oracle HTTP Server Features................................................................................... 15
Common Gateway Interface (CGI) Support ............................................................. 17
Oracle Application Server Containers for J2EE (OC4J) .............................................. 17
Introduction to J2EE Application Development....................................................... 17
Oracle Application Server Containers for J2EE Architecture .................................. 21
Oracle Application Server Containers for J2EE Features......................................... 22
Deploying an ear File................................................................................................ 26
Deploying the J2EE Application Using an existing OC4J Instance ......................... 27
Deploying JSP reports to a new OC4J instance........................................................ 28
Middle Tier Administrator Setup Data Source Connection Pooling ..................... 29
Oracle Application Server Forms Services................................................................... 32
Oracle Application Server Forms Services Architecture.......................................... 32
Oracle Application Server Forms Services Features ................................................ 34
Oracle Application Server Reports Services................................................................. 34
Report Server Architecture ....................................................................................... 35
Middle Tier Administrator Forms/Reports/mod_plsql Middle Tier Setup Example:
FREDS ...................................................................................................................... 37
Developer Forms/Reports/mod_plsql Middle Tier Setup Example: FREDS ........ 41
Oracle Portal ................................................................................................................. 41
Introduction to Oracle Application Server Portal ..................................................... 41
Oracle Application Server Portal .............................................................................. 42
Oracle Instant Portal ................................................................................................. 43
Oracle Portal Architecture ........................................................................................ 43
Purpose:
To describe the high level architecture and new functionality of the OAS 10g middle tier
environment to aid in the ongoing maintenance of the middle tier environment.
Audience:
Middle tier administrators, database administrators, application architects, developers and
ITMB team leads.
Browser
The internal users (intra-net) may access these services directly whereas the external
users (Internet) will most likely reach them through a public web servers / web Cache
acting as reverse proxy server to hide the internal application servers as well as providing
Secure Socket Layer (SSL) encryption functionality.
The public web servers will be running Oracle 10g proxy services. The reverse proxy
server is exposed to the Internet and can provide SSL services when necessary. In the
case of applications with a great deal of static pages used by Internet users, and only a
few calls to Oracle Application Server 10g modules such as mod_plsql or report service,
the static pages may reside on the public web servers and only the requests to mod_plsql
or report server will be tunneled through to the application servers.
It is entirely possible to serve certain public or static pages directly from the reverse
proxy server. In other words, this server can play two distinct roles at the same time:
For example, it can host a Ministry public web site and manage and serve all the static or
non-database related pages right from this server (public web server role) but any
requests for pages that need to be generated from databases, produce Oracle reports or
run in J2EE containers are transparently tunnelled through to an internal application
server and the responses are received and served back to the external user as if coming
from this server itself (reverse proxy role).
Another possibility is to use the caching capability of this server (provided by web cache
module) and greatly reduce the load on internal application servers. In this way a lot of
static or repeated requests aimed at internal application servers will be cached by this
server the first time and consequently served directly from the cache and not from the
internal application server.
Yet another advantage of this architecture is the ability to enable SSL (Secure Socket
Layer) encryption for the traffic between the reverse proxy server and external users.
The primary purpose of SSL is to encrypt and secure the communications over the
Internet and in general, due to its overhead and impact on performance, we do not want to
use it at the intra-net level. By limiting SSL on the traffic between the reverse proxy
server and the external users only, we can achieve secure Internet communications
without adversely affecting our internal users.
Although it is possible to use a free version of Apache HTTP server instead of Oracle
Application server 10g on this server (The current practice), we may find it preferable to
use a lightweight Oracle 10g instance instead. This is due to extensive 10g support by
Oracle and the fact that we will not need an extra set of expertise to deal with more than
one type of server. We can consider that option later on if the Oracle Licensing and the
Ministrys budget allow such move, for the time being, the current configuration will do
fine.
If at some point there is a great demand to use Microsoft IIS as the public Web server, It
may be possible to use a specialized DLL written by Oracle in order to make the
Microsoft IIS act as reverse proxy server, This DLL currently exists, however this will
create a dependency on Oracle and assuming that it will keep this DLL up to date. Such
decision should only be taken after extensive tests and by accepting the extra risks
associated with such combination.
Application Servers
Application servers do the actual work. These servers support applications that require
services such as J2EE containers, web services, forms10g, Reports10g, Oracle Portal,
Discoverer, BI beans and PLSQL etc. They are based on Oracle Application server 10g
software.
What Is a Farm?
A farm is a collection of clusters and instances that share the same Oracle application
server infrastructure.
When instances belong to a farm, we can manage them as a group and we can also cluster
them.
Oracle Application Server can store repository information in a database ("databasebased repository") or file system ("file-based repository"). Repository information
includes things such as the list of instances that belong to a farm, whether or not the
instances are clustered, and configuration information for clusters.
The repository for a file-based farm exists within a specific instance of a middle tier
instance Oracle Home. This instance is called the "repository host".
The repository for a database-based farm exists within the Metadata Repository.
We can set a J2EE and Web Cache instance to belong to a farm during or after
installation. If we are unsure during installation, we can install the instance as a
standalone instance (that is, not belonging to a farm). After installation, if we so desire,
we can associate the instance with a farm. Conversely, we can install an instance as part
of a farm and after installation; we can convert the instance to a standalone instance.
1. mtsbx cluster
a. Hornby
b. Cortez
2. mtdev cluster
a. Taku
b. Bighorn
3. mtprd cluster
a. Columbia
b. Fraser
Please see Appendix 1, Hardware/OS Details for more specific information for the
configuration of each cluster.
The following picture gives a logical high level view of the architecture:
INTERNET
Desktop
Laptop
PDA
FIRE WALL
DMZ
PUBLIC WEB
SERVERS
(Apache)
T
U
N
N
E
L
FIRE WALL
INTERANET
APPLICATION
SERVERS
(OAS 10g)
DATABASE SERVERS
DATABASE
SERVERS
Gateway Tier
GOLD Cluster
Client Tier
Middle Tier
Dean Cluster
Public Gateway
Tier
T
U
N Apache
Internet Client
Application Server
Tier
OAS 10g
N mod_ssl
E
L mod_ sm
HTTP Server
Database Tier
White Cluster
OLTP Tier
Oracle RDBMS
Corporate
Subject Area
mod_plsql
mod_ proxy
DMZ-Firewall
Headstart
OC4J
GAME
Portal
Generic User
Reports Server
Named User
Application
Forms Service
Firewall
Intranet Client
Data
LEGEND
Generic User = xxx_web
Named User = DB User (eg. jsmith)
Application = Code Repository (xxx_app)
Data = Data Repository (xxx)
where xxx = application acronym
Architectural Review
After it was discovered in a failed proof of concept that Reports Services would not run
on Tru64, it was decided to do an evaluation of the Middle Tier software and an
architectural review for the operating system, clustering software, and servers for all
ITMB servers. The outcome of that exercise was the decision to run OAS 10g, Redhat 4.0
and HP Service Guard for Linux running on HP Proliant servers. Please refer to
Appendix 2 Architectural Review Forrester Research for details.
Another factor which influenced our decision to go with Linux was that Linux was a tier
one and fully supported operating system for Oracle software. See Appendix 3 Oracles
Linux support for details.
Oracle HTTP Server allows developers to program their sites in a variety of languages
and technologies, such as Java, Perl, C, C++, PHP, and PL/SQL. Additionally, it can
serve as either a forward or reverse proxy server. The following sections describe how
Oracle HTTP Server provides a deployment platform for web sites and applications.
Description
mod_php
mod_plsql
mod_oc4j
mod_osso
The following shows the path of various requests through Oracle HTTP Server
components.
Oracle HTTP Server Request Flow
The following shows the process architecture of Oracle HTTP Server in a Linux
environment.
Oracle HTTP Server Process Architecture
The parent process does not listen to HTTP requests. Its sole job is to ensure that the
child processes are running or that new ones are started when the load requires it.
On UNIX platforms, each child process handles a single HTTP request. The child
processes determine who should take the next request based on a mutex mechanism that
you can configure.
Modular Architecture
As mentioned above, the architecture of Oracle HTTP Server is modular. The core HTTP
listener is very small, and all capabilities are implemented as modules that plug in and are
invoked at the appropriate place during the HTTP request lifecycle. The following shows
the lifecycle of an HTTP request in Oracle HTTP Server.
Oracle HTTP Server HTTP RequestResponse Cycle
A child process guides the request through this entire lifecycle. The modules register their
application programming interfaces (APIs), which are then either invoked automatically
when the request reaches a certain stage in its lifecycle, or can be configured to be
invoked only in certain situations.
PHP support through mod_php: Oracle HTTP Server now supports PHP
(recursive acronym for PHP: Hypertext Preprocessor), an open source, client-side
scripting language used to generate dynamic HTML pages. PHP support is
provided through mod_php.
Increased application security with mod_security: mod_security is an
open source intrusion detection and prevention engine for Web applications,
which protects against known and unknown attacks.
Security through Secure Sockets Layer: Secure Sockets Layer (SSL) is
required to run any Web site securely. Oracle HTTP Server supports SSL
encryption based on patented, industry standard algorithms. SSL works with both
Internet Explorer and Netscape browsers. Oracle HTTP Server also provides
support for dedicated SSL hardware, session renegotiation, and communication
with OC4J using the AJP protocol over SSL.
Single Sign On Support: Oracle HTTP Server supports the standard basic
authentication features of Web servers. In addition, the mod_osso module is
included to support single sign on across sites and across applications, improving
the end-user experience.
Virtual Host Support: A virtual host is a Web site that may share its Web
server with other similar sites. Oracle HTTP Server provides a "container"
environment for a virtual host, providing the virtual host with its own set of
security and configuration directives. It also provides the location from which
files are served. This allows ISPs to save on hardware and administrative costs by
enabling multiple sites to be served from a single runtime instance of Oracle
HTTP Server. However, due to technology limitations, only one virtual host can
enable SSL.
Dynamic monitoring services (DMS): These services automatically measure
runtime performance statistics for both Oracle HTTP Server and OC4J processes.
As applications run, DMS collects detailed performance statistics. This data
allows you to monitor the duration of important request processing phases and
status information. With this information, you can locate performance bottlenecks
and tune the application server to maximize throughput and minimize response
time.
Request ID: To enhance request tracking through various components, a
request ID is now attached to each request. This provides more detailed
tracking information, allowing you to see how much time a particular
request spends in any component or layer.
External API for performance monitoring: This API allows you to use
external, third-party performance monitoring tools to monitor Oracle
Application Server-based J2EE components, such as servlets and JSPs,
as well as J2EE containers.
OC4J Plug-In: The OC4J Plug-In provides a way for you to use Apache
as well as the IIS and Sun ONE third-party listeners to access servlets
running in OC4J without having to use the Oracle HTTP Server as a
proxy. The OC4J Plug-In routes requests directly from the third-party
HTTP listener to OC4J.
Oracle Application Server Single Sign-On Plug-in: This plug-in is the
Oracle single sign-on solution for third-party listeners such as Sun ONE
and IIS. The plug-in is designed to protect native third-party listener
applications using the single sign-on infrastructure. Using this plug-in, you
can be authenticated to different third-party listener applications using only
one password. You can integrate these protected third-party listener
applications with other single sign-on enabled applications as long as they
are all protected by the same single sign-on server.
Version
1.2
Java Servlet
2.3
2.0
2.0 Extensions
1.0
1.0.2b
JavaMail
1.2
1.0
1.1
1.0
1.0
See Also:
J2EE Application
A J2EE application is an application that is written in Java using the J2EE APIs. It
can be deployed, managed, and executed on a J2EE-compatible server. The
J2EE application itself is composed of a set of components, such as Web
presentation modules, business logic modules, and data access modules. Each
component is assembled into the overall application with all of its related classes
and XML deployment descriptors.
You can distribute J2EE applications across the four tiers shown in this figure,
but generally they are considered to be three-tier applications because they are
usually distributed over the following machine locations:
client machines
J2EE Server machines hosting presentation services, like JSPs and
servlets, and business logic components, like EJBs
database servers or legacy machines at the back end
Three-tiered applications that run in this way extend the standard two-tiered
client and server model by placing an application server between the client and
the back-end storage.
Servlets: A servlet is a Java class that executes behind a Web server and
can extend the capability of the Web server to provide services for
dynamic page creation or application logic. The servlet works in the
standard HTTP request-response model.
JavaServer Pages: JavaServer Pages (JSPs) are text files that contain
two types of information: static template data, which can be expressed in
any text-based format, such as HTML, XML, or WML (Wireless Markup
Language); and JSP elements, which construct dynamic content.
Enterprise Beans: Enterprise beans are server-side components that
encapsulate the business logic of an application.
The J2EE containers also perform services for applications, such as providing
access to the APIs and lifecycle management.
J2EE Services
Java 2 Platform Enterprise Edition (J2EE) provides core services for writing J2EE
components. The J2EE containers manage access to these services for the
application components. The services are as follows:
Java Database Connectivity (JDBC): This service lets you invoke SQL
commands from Java programming methods. You use the JDBC API in an
enterprise bean when you override the default container-managed
persistence or have a session bean access the database. You can also
use the JDBC API from a servlet or a JSP to access a database directly
without going through an enterprise bean.
Oracle Application Server includes the following drivers to provide highly
scalable and reliable connectivity to both Oracle and non-Oracle data
sources:
For this release, JMS support has been enhanced by the addition of a
lightweight JMS provider in addition to the Oracle JMS offered in previous
versions. The new lightweight JMS is fully JMS 1.0 compatible and can
support durable messaging through a file-based persistence mechanism,
which provides improved stability and performance. Support for Message
Driven Beans is also now available for both Oracle JMS (AQ) and the
lightweight OC4J JMS.
18. Click Stop, then Start to restart your application so that the new
library paths take effect.
oracle.home
java.rmi.server.randomIDs
oracle.display
oracle.path
org.omg.CORBA.ORBClass
org.omg.CORBA.ORBSingletonClass
<config-file path="D:\oracle\Ora9iasR2App\j2ee\<your
application>\config\server.xml"/>
<oc4j-option value="-properties"/>
<port ajp="3001-3100" rmi="3101-3200" jms="3201-3300"/>
</oc4j>
Note: For more information please refer to Oracle Containers for J2EE Services Guide
10g Release 3 (10.1.3)
Immediate data validation as clients enter data into the form instead of
after submitting the form
Automatic completion and list of value searches for fields that enable
users to enter correct information quickly
1. The user launches a browser and navigates to the URL for the Forms
application.
2. The HTTP Listener interprets the URL and displays an HTML page
containing an <APPLET> tag that describes the Forms Java Client to the
browser. The URL calls the Forms servlet to create the HTML page
dynamically.
3. The client receives the HTML file served by the HTTP Listener. The HTML
file supplies the information required to locate the Java class files that
make up the Forms Java Client. The HTML file also contains information
about the requested Forms application, as well as parameters that get
passed to the Forms session, such as login information.
4. The browser downloads the Forms Java Client and the Java applet starts.
5. The Forms Java Client applet sends a request to start a Forms session
through the HTTP Listener to the Forms Listener Servlet.
6. After receiving the connection request from the Forms Java Client, the
Forms Listener Servlet starts a new Forms Runtime process for the client.
7. The Forms Runtime process allocated to the client loads the module
specified in the HTML file and any libraries and menus that are required
by that form. All communication between the Forms Java Client and the
Forms Runtime process is passed through the Forms Listener Servlet.
8. The user is prompted for database login information, and the connection
to the database server is established.
9. The user is now ready to work with the Forms application.
The following diagram illustrates this flow in terms of the Oracle Application
Server Forms Services architecture.
Oracle Application Server Forms Services Request Flow
OAS Reports Services is part of Oracle Reports. Oracle Application Server also
includes Oracle Reports Developer, a component of the Oracle Developer Suite.
Using Oracle Reports Developer you can build a complex data model and share
it between an existing high quality paper layout and an improved high quality
Web layout using servlets and JSP technology.
Developers can publish sophisticated, high quality reports from any data source,
in any data format, and deploy them anywhere on Oracle Application Server.
OAS Reports Services can combine data from multiple data sources into a single
report, including the Oracle database, XML feeds and JDBC-enabled data
sources.
Reports can be generated on demand or scheduled for a specific time or interval.
Once formatted, a report can be distributed to a standard Web browser, email,
printer or Oracle Portal, be stored on the middle tier for rapid retrieval, or be
stored in a custom destination via the Pluggable Destinations API.
OAS Reports Services enables you to do the following:
OAS Reports Services job objects are persistent. This means that if the server is shut
down and then restarted, all jobs are recovered, not just scheduled jobs.
Oracle Reports Developer enables you to embed a report within a larger existing
Web page. This technology enables you to open and save HTML, JSP, and XML
files that contain report definitions. When a report is saved as a JSP file, the data
model is embedded using XML tags. The entire report can also be defined using
XML tags and saved as an XML file.
You can also use Oracle Reports Developer to take retrieved data, using the
data model, and embed it into an existing Web page. This provides tremendous
flexibility in creating reports that meet business demands by completely
integrating multiple sources of information within a single Web page. If you
choose to create your own JSP, Oracle Reports Developer supplies templates
that can be used to build your report.
Developers can easily create a JSP layout using the Reports Block Wizard to
generate the necessary JSP tags in Oracle Reports Developer. Alternatively,
they can add the tags themselves manually for more precise control.
2) Make sure that the .profile (Linux: .bash_profule) file sets all the
environment variables
In the .profile of the fred_dev user add the following lines
export ORACLE_HOME=/oasdev1/home/oracle/product/oas.10.1.2.0.2
export
PATH=$PATH:$ORACLE_HOME/bin:/home/fred_dev/bin:$ORACLE_HOME/jdk/jre/lib/i386/se
rver
:/oasdev1/app1/freds/src
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/jdk/jre/lib/i386/server
:$ORACLE_HOME/jdk/jre/lib/i386/native_threads
export FORMS_PATH=/oasdev1/app1/freds/bin:$ORACLE_HOME/forms
export TMP=/oasdev1/app1/freds/tmp
export TMPDIR=/oasdev1/app1/freds/tmp
export TERM=vt220 important in order to run converting and compililation
scripts
cd /oasdev1/app1/freds
3) Create UNIX group fred_dev. Members are the UNIX users oracle and fred_dev.
4) Create the following directory structure
Root user creates the directory /oasdev1/app1/freds and then changes owner to
fred_dev. Then fred_dev user can create all the subdirectories.
/oasdev1/app1/freds
/oasdev1/app1/freds/admin
/oasdev1/app1/freds/src
/oasdev1/app1/freds/bin
/oasdev1/app1/freds/logs
/oasdev1/app1/freds/tmp this directory is used by conversion and compilation
executables
/oasdev1/app1/freds/www
/oasdev1/app1/freds/www/img
/oasdev1/app1/freds/www/html
/oasdev1/app1/freds/www/dmp
All directories are created by fred_dev and their group is fred_dev
Set up Form Configuration
1) From application server middle tier control console access Forms
Configuration; that brings to the page, which provides functionality to update
formsweb.cfg file.
This file physically located in the directory $ORACLE_HOME/forms/server.
Backup this file before updating it through web interface.
Create new section freds in formsweb.cfg file. Add the following values to this
section:
workingDirectory=/oasdev1/app1/freds/bin // working directory for Forms runtime
processes
form= frd_start.fmx
// which form module to run
envFile=freds.env
// file setting environment variables
for
the Forms runtime processes
pageTitle=FREDS DEV
background=NO
width=974
height=688
lookandfeel=Generic
serverApp=freds
splashScreen=NO
otherParams=term=/oasdev1/home/oracle/product/oas.10.1.2.0.2/forms/admin/
resource/
US/fmrpcweb.res
2) Create new freds.env file that belongs to user oracle. Environment file must
be created manually in $ORACLE_HOME/forms/server with an .env extension.
cp default.env freds.dev
For a new environment file to be picked up by Application Server Control
Console restart the Enterprise Manager processes:
emctl stop em
emctl start em
From application server middle tier control console access Forms Environment;
that brings to the page, which provides functionality to update freds.env file.
Update FORMS_PATH environment variable:
FORMS_PATH=/oasdev1/app1/freds/bin
In file $ORACLE_HOME/reports/conf/rep_dev1_freds.conf :
1) define cache directory
find the section that starts from :
<cache class="oracle.reports.cache.RWCache">
-
/oasdev1/app1/freds/src
Oracle Portal
Introduction to Oracle Application Server Portal
Portals allow clients to access information through a Web browser. This information
usually comes from different data sources that the portal makes available through a single
entry point. That entry point is known as a page.
Portals also support personalized views, so that each user or user group can customize
both the content and the appearance of the portal to suit individual preferences and
requirements.
For example, a financial analyst's page would likely include information from real-time
Internet-based stock quotes, financial reports from an online repository, and access to
legacy financial accounting and banking systems. The data from these systems are
independent of each other, but the portal allows them to exist within a single page.
When a user requests an OAS Portal page, many Oracle Application Server
components service parts of the request. Requests have the following flow:
1. The browser requests a portal page. OAS Web Cache receives this
request.
2. OracleAS Web Cache forwards the request to the OracleAS Portal
Parallel Page Engine (PPE) through Oracle HTTP Server.
3. The PPE retrieves the portal page definition, and coordinates with all of
the portlet providers to see if there is a cached copy available or if fresh
information is needed.
4. The PPE aggregates all of the portlet content into a single page. This
page is sent to OracleAS Web Cache.
5. OracleAS Web Cache returns the final page to the browser.
The following diagram illustrates this flow in terms of the OracleAS Portal
architecture.
High Availability
Requirements
Some of the requirements addressed by high availability are:
Continuous uptime
Increased capacity
Introduction
High availability solutions can be categorized into local high availability solutions that
provide high availability in a single data centre deployment, and disaster recovery
solutions, which are usually geographically distributed deployments that protect
applications from disasters such as floods or regional network outages.
Amongst possible types of failures, process, node, and media failures as well as human
errors can be protected by local high availability solutions. Local physical disasters can
be protected by geographically distributed disaster recovery solutions. Disaster recovery
is out of the scope of the current document; therefore we will focus on local high
availability only. The disaster recovery can be added later on if required.
To solve the high availability problem, a number of technologies and best practices are
needed. The most important mechanism is redundancy. High availability comes from
redundant systems and components.
Local high availability solutions can be categorized -- by their level of redundancy -- into
active-active solutions and active-passive solutions (see Figure 2). Active-active solutions
deploy two or more active system instances and can be used to improve scalability as
well as provide high availability. All instances handle requests concurrently.
Active-passive solutions deploy an active instance that handles requests and a passive
instance that is on standby. In addition, a heartbeat mechanism is set up between these
two instances. This mechanism is provided and managed through vendor-specific cluster
ware. Generally, vendor-specific cluster agents are also available to automatically
monitor and fail over between cluster nodes, so that when the active instance fails, an
agent shuts down the active instance completely, brings up the passive instance, and
application services can successfully resume processing. As a result, the active-passive
roles are now switched. The same procedure can be done manually for planned or
unplanned down time. Active-passive solutions are also generally referred to as cold fail
over clusters (CFC).
Hardware Cluster
A hardware cluster is a collection of loosely coupled computers (called nodes) that
provides a single view of network services (for example: an IP address) or application
services (for example: databases, web servers) to the clients of these services. Each node
in a cluster is a standalone server that runs its own processes. These processes can
communicate with one another to form what looks like a single system that cooperatively
provides applications, system resources, and data to users. This type of clustering offers
several advantages over traditional single server systems for highly available and scalable
applications.
Hardware clusters achieve high availability and scalability through the use of additional
hardware (cluster interconnect, shared storage) and software (health monitors, resource
monitors). (The cluster interconnect is a private link used by the hardware cluster for
heartbeat information to detect node death.) Due to the need for additional hardware and
software, hardware clusters are commonly provided by hardware vendors such as SUN,
HP, IBM, and Dell. While the number of nodes that can be configured in a hardware
cluster is vendor dependent, for the purpose of Oracle Application Server 10g High
Availability using the Oracle Application Server Cold Fail over Clusters solution, only
two nodes are required. Hence, this document will assume a two-node hardware cluster
for the purpose of explanation.
Fail over
Failover is the process by which the hardware cluster automatically relocates the
execution of an application from a failed node to a designated standby node. When a
failover occurs, clients may see a brief interruption in service and may need to reconnect
after the failover operation has completed. However, clients are not aware of the physical
server from which they are provided the application and data. The hardware clusters
software provides the APIs to automatically start, stop, monitor, and failover applications
between the two nodes of the hardware cluster.
Primary Node
The node that is actively executing one or more middle tier application or infrastructure
instance at any given time is called the primary node. If this node fails, the hardware
cluster automatically fails the middle tier or Infrastructure over to the secondary node.
Since the primary node runs the active middle tier or Infrastructure installation(s), it is
considered the "hot" node.
Secondary Node
This is the node that takes over the execution of the middle tier or Infrastructure if the
primary node fails. Since the secondary node does not originally run the middle tier or
Infrastructure, it is considered the "cold" node. And, because the application fails from a
hot node (primary) to a cold node (secondary), this type of failover is called cold failover.
Logical or Virtual IP
To present a single system view of the cluster to network clients, hardware clusters use
what is called a logical or virtual IP address. This is a dynamic IP address that is
presented to the outside world as the entry point into the cluster. The hardware clusters
software manages the movement of this IP address between the two physical nodes of the
cluster while the external clients connect to this IP address without the need to know
which physical node this IP address is currently active on. In a typical two-node cluster
configuration, each physical node has its own physical IP address and hostname, while
there could be several logical IP addresses, which float or migrate between the two nodes.
For a given OracleAS Infrastructure installation, the logical IP/virtual name associated
with that installation is the IP/name that is used by the clients to connect to the
Infrastructure.
Virtual Hostname
The virtual hostname is the hostname associated with the logical or virtual IP. This is the
name that is chosen to give the OracleAS middle tier a single system view of the
hardware cluster. This name-IP entry must be added to the DNS that the site uses, so that
the middle tier nodes can associate with the Infrastructure without having to add this
entry into their local /etc/hosts (or equivalent) file. For example, if the two physical
hostnames of the hardware cluster are node1.mycompany.com and
node2.mycompany.com, the single view of this cluster can be provided by the name
selfservice.mycompany.com. In the DNS, selfservice maps to the logical IP address of
the middle tier, which floats between node1 and node2 without the middle tier knowing
which physical node is active and servicing the requests. Whenever the phrase "virtual
name" is used in this document, it is assumed to be associated with the logical IP address.
In cases where just the IP address is needed or used, it will be explicitly stated so.
Shared Storage
Even though each hardware cluster node is a standalone server that runs its own set of
processes, the storage subsystem required for any cluster-aware purpose is usually
shared. Shared storage refers to the ability of the cluster to be able to access the same
storage, usually disks, from both nodes. While the nodes have equal access to the storage,
only one node, the primary node, has active access to the storage at any given time. The
hardware clusters software grants the secondary node access to this storage if the
primary node fails. For the OracleAS 10g, its ORACLE_HOME is on such a shared
storage file system. The primary node mounts this file system; if that node fails, the
secondary node takes over and mounts the file system. In some cases, the primary node
may relinquish control of the shared storage, such as when the hardware clusters
software deems the Infrastructure as unusable from the primary node and decides to
move it to the secondary.
Recommendations:
Taking the Ministrys requirements in mind the following approach is recommended:
1. Select Application Server 10g R2 as the target release for upgrade and
bypass 10g R1 because it does not have Cold Fail over cluster capability
for the middle tier
2. Select Active-Passive (Cold Fail Over) clustering over Active-Active
(Oracle Cluster or Grid) clustering for now, because:
It can potentially be half as expensive in terms of licenses,
It does not require the purchase of a load balancer hardware
It provides similar capability with lower cost
It is easier to manage
We already have a lot of experience using this technology and
are very familiar with how it works
We do not need to change our software configuration
It satisfies our existing requirements.
We are not closing any doors. We can always switch to activeactive fail over if our requirements indicate that such action is
necessary.
Future Possibilities
In the future, as the need for scalability arises and one server may not be
enough to handle all the traffic, we might want to consider the following
configuration:
This option will require the use of load balancing, for which we might
want to look into using Oracle web cache or a hardware based load
balancers.
Security Architecture
Security is a critical concern when deploying web applications. OAS 10g provides a solid
framework for building web applications using the Apache-based Oracle HTTP Server,
Oracles J2EE framework, and OAS 10g Portal. OAS 10g security starts from the basic,
highly configurable web security services provided by Apache, adds a comprehensive set
of web single sign-on, directory-based authorization and user management, and Java2
security services, and extends them further with portal security and application
integration mechanisms. OAS 10g also support secure access to Oracle database systems
using Oracle Advanced Security. In addition, the modular nature of the middle tier allows
integration with other security mechanisms such as the Government Security Gateway.
The use of Netegrity SiteMinder Policy Server and Web Agent by the Government
Security Gateway is outside the scope of this document and will be handled in a future
phase. The current document focuses on the introduction of various elements of security
infrastructure and their role and prepares the reader for the future security related phases.
For more information on the Government Security Gateway, please refer to
http://mtddev.educ.gov.bc.ca:8080/html/gsg/index.html.
Access Control
When URL requests arrive at the Oracle HTTP server they are processed in a number of
steps which are implemented via the mod/plug-in architecture common to all the popular
web server / listeners. Access control is applied early in the request processing cycle.
Oracle HTTP Server access control is based on Apache access control mechanisms,
which allow the server administrator to restrict access to particular files, directories, or
URLs on the server. For each restricted object on the server, the administrator can
specify, by means of a directive, that access to the object is denied or allowed based on
the value of one or more attributes associated with the requester. The administrator can
configure directives such as deny, allow and order to inhibit further processing, based on
user attributes such as hostname, IP address, or browser type. Restrictions can be applied
to particular files, directories or URL formats using the <files>, <directory> and
<location> configuration directives, respectively.
In the following example, requests originating from any IP address in the 192.168.1.*
range or with the hostname us.oracle.com are allowed access to files in the directory
/internalonly/.
<Directory /internalonly/>
order deny,allow
deny from all
allow from 192.168.1.* us.oracle.com
</Directory>
Note that allowing or restricting access based on hostname for Internet access is not
considered a very good method of providing security, since hostname is easy to spoof.
While the same is true of IP addresses, sabotage is slightly more difficult. Thus, access
control via IP/hostname for intranet use is reasonable in many situations where the same
cannot be said for Internet IP and hostname restrictions.
Although the Oracle HTTP Server is based on the open source Apache Server, it contains
some access control enhancements, which improve security. For example, the Apache
Server provides for access restrictions per directory/folder via files with the suffix
.htaccess. The processing of these files is disabled by default in Oracle HTTP Server,
since. htaccess processing involves both security and performance-degradation problems.
these requests on the public network. However, the DMZ proxy server is not able to
initiate a session back into the private network. It can only forward packets that have
already been requested.
Users of the public network outside Ministry can only access the DMZ. The DMZ host
may typically have the Ministrys public web pages so these could be served to the
outside world. When this host is allowed to pass through authenticated requests to the
internal network on behalf of the outside users, it is called a reverse proxy server.
In our configuration, the public web server acts as reverse proxy server. It will be located
in the DMZ.
The benefit of using a Reverse-Proxy server in DMZ is that it allows our application
servers to be located behind the firewall and therefore become immune from the direct
Internet connections. Outside clients can only talk to the reverse-Proxy server. Only the
reverse proxy server can talk to the application server through specifically designated
ports on the firewall. These openings in the firewall need to be restricted to only reverse
proxy to application server communications so that other applications could not make use
of them to access our Intranet.
One way to minimize the risk would be to set up a separate segment for the servers
behind the firewall. Then implement firewall rules that the reverse-proxy can be limited
to that segment and not affect the rest of the LAN (assuming that our firewall allows
separate rules for each segment). This gives us the benefit of reverse-proxy, without
changing the firewall protection for the rest of the LAN.
The Apache HTTP server included in the OAS 10g, contains modules that allow us to use
it as a reverse proxy server
Mod_proxy
This is one of the modules that come with both OAS 10g and vanilla Apache server. It
implements and enables reverse proxy capabilities.
We can use the mod_proxy module for tunneling external users to application servers as
well as to other internal http servers if we choose to publish some of their information to
Internet.
To fully hide a middle tier application server from the Internet users for
security reasons, so that they don't know the servers name, DNS entry or
IP address but can access it through a public web server,
To allow a public web server access to middle tier services such as J2EE
applications, mod_plsql pages or reports in a seamless manner
To pass everything:
<IfModule mod_proxy.c>
ProxyRequests On
ProxyPass
http://xyz.educ.bc.ca/
ProxyPassReverse
http://xyz.educ.bc.ca/
</IfModule>
/
/
These instructions, will serve all the pages locally from the public
web server, however if there is any reference to a mod_plsql page
(identified by /pls/ in the path), it will pass that request to the
middle tier application server; receive the response and pass it to
user without any references to the middle tier server in the
response page. As far as the external user is concerned the public
web server contains all the information.
We may or may not need to use this option, however for the sake
of completeness, it has been mentioned here.
Managing multiple accounts and passwords per user is expensive. In many enterprise
deployments, a substantial fraction of the system administrators time is spent on
account- and password-related problems, including initial creation of users accounts
when they join the organization, deletion of accounts when they leave or change roles,
and resetting passwords that have been forgotten. Having several accounts per user
multiplies the associated demands on the system administrator. Among the problems
which system administrators must deal with is having to access multiple systems, through
multiple, possible different administrative intexyzces, to add or remove user accounts on
each system.
Netegrity Siteminder
The Provincial Government has selected Netegrity SiteMinder software to provide a
common authentication Single Sign-on service for all web-based applications/sites that
require authentication. Presently, authentication is handled within each application at
ITMB, typically with an html login form that prompts the user for an id/username and
password.
The Netegrity SiteMinder solution provides a secure foundation for centrally managed,
policy-based authentication and authorization across heterogeneous application
development environments
Here is a high-level diagram of the architecture ...
When a user attempts to access an application through a protected URL, the user is
challenged for credentials (username and password) and presents them to the Web Agent.
The user's credentials are passed to the SiteMinder Policy Server. The Policy Server
authenticates the credentials against the appropriate LDAP directory store (BCeID or
IDIR). The Policy Server grants access, if the user is authenticated. User profile
formation is passed to the application through custom header variables. The user gets
access to the secured application. Authorization and entitlements are handled by the
application security in phase one of the ITMB project to integrate with the Government
Security Gateway.
OAS 10g SSO provides an API for integration of third-party authentication and single
sign-on; The API allows SSO to be configured to obtain user identity from a trusted
external authentication mechanism, and allows integration of OAS 10g into an SSO
framework provided by a third party product, such as Siteminder from Netegrity, Inc.
This feature will become useful when the Ministry will attempt to integrate its
applications with BC Governments Netegrity Siteminder.
A second phase will attempt to integrate various application level authorization
mechanisms either locally, using OID or using the Government Security Gateway
authorization mechanism if available. The long-term vision is to have one common
repository for authorization of users accessing ITMB-hosted applications.
SSL Confidentiality
The primary service provided by SSL is confidentiality: messages are encrypted so they
cannot be read and understood by third parties. SSL uses a standard set of cryptographic
mechanisms to encrypt data and distribute keys between communicating devices. The
specific set of encryption, integrity protection, and key distribution algorithms chosen,
together with encryption key length used, define a cipher suite. The OAS 10g SSL
implementation supports a wide range of standard cipher suites. In particular, OAS 10g
supports those cipher suites that use X.509 certificates for authentication and key
distribution (also referred to as PKI authentication).
Oracle HTTP Server allows SSL sessions to be cached, so that multiple message
interchanges between two IP addresses can be exchanged under one session. Session
caching is very important for performance reasons. Establishment of SSL sessions are
very CPU-intensive, and have been known to take up to 90% of available CPU resources.
SSL session caching is specified via the SSLSessionCache directive, whose parameter
specifies the file or shared memory segment where SSL session information is
maintained.
SSL Logging
The Oracle HTTP server also provides for logging of SSL-related information. This can
be used to determine if intrusions were attempted, and if they succeeded. It can also be
used in determining the source of intrusion attacks, or for other purposes.
As described elsewhere in this document, the Ministrys internal users will not need to
use SSL. Only the traffic between reverse proxy server and the external users should be
SSL enabled when the need arises.
PKI Support
PKI authentication is beginning to replace passwords in many applications. In web-based
applications, PKI authentication is typically performed through an exchange of X.509
certificates, as part of a Secure Sockets Layer (SSL) session establishment. PKI by itself
can be used to provide SSO, since a user with a certificate can authenticate to multiple
applications without entering a password. This capability is mentioned here for the sake
of completeness, since the current direction with GSG seems to be password based
authentication.
In OAS 10g R2, users can authenticate to the OAS 10g SSO Server via PKI. This will
provide SSO both to web-based applications supported by OAS 10g SSO Server, and to
other PKI enabled applications. Instead of providing an SSO username and password,
users will authenticate to the OAS 10g HTTP Server via SSL with client and server
X.509 certificate exchange. The OAS 10g SSO Server will obtain the users SSLvalidated certificate from the HTTP Server, and look up this certificate in Oracle Internet
Directory (OID). If the user is found, OID will return the users SSO identity to the OAS
10g SSO Server. The OAS 10g SSO Server, using the cookie-based approach described
previously will then perform authentication to partner and external applications.
The main benefits of this approach are that applications, which work within the OAS 10g
SSO Server framework, will automatically be PKI-enabled when the OAS 10g SSO
Server is PKI enabled. The OAS 10g SSO Server and OID assume responsibility for
name mapping. Moreover, since getting and checking a cookie is much less processingintensive than performing an SSL exchange, using PKI for initial authentication to the
SSO framework and cookies for authentication to partner applications should have better
performance than a PKI-only authentication approach. For web applications, which are
characterized by many short-lived sessions, this can lead to significant improvement in
server performance and throughput.
Java Security
This is of great importance to the Ministry, since most of the future web applications will
be using Java, and in particular Java2 Enterprise Edition (J2EE).
Java2 Enterprise Edition defines a Java2 Security Model and a security framework
referred to as Java Authentication and Authorization Service (JAAS). OAS 10g
implements this framework through a fully-J2EE compliant JAAS provider. The JAAS
provider makes user authentication, authorization, and delegation services accessible to
application developers, and allows them to integrate these services into J2EE application
environments.
The OAS 10g JAAS provider implements the Java2 Security Model, allowing application
developers to obtain authenticated user (principal) identity from a set of standard
authentication services provided by JAAS, and to manage the privileges which principals
have for accessing objects. It also supports privilege delegation, for managing privileges
of methods invoked by principals.
The OAS 10g JAAS provider supports a flexible authentication framework. It provides
specific mechanisms for authentication, based on SSL and SSO, but also allows
developers to integrate custom authentication modules through the standard JAAS Login
Module API.
SSL authentication allows users who have client X.509v3 certificates to authenticate to
JAAS, and thus to J2EE applications, using these certificates. SSL authentication uses
mod_ossl in the Oracle HTTP Server to obtain an authenticated user identity from the
client X.509 certificate, as validated through an SSL exchange. This identity can then be
provided to Java applications through JAAS.
SSO authentication allows Java applications to use OAS 10g SSO for user authentication.
In this case, authenticated user identity is obtained from mod_osso, and made available to
Java applications through JAAS.
The OAS 10g JAAS provider supports the standard JAAS Login Module API, which
allows developers to integrate custom authentication methods into JAAS.
it super user privilege on the database, or store multiple database user passwords in OAS
10g.
305199-B26
EVA Storage:
1. Giga estimates within three to four years there is high probability Linux will
overtake Windows to become the leading operating system on new server
shipments. (Forrester Research)
2. Aggressive action by Oracle during the past two years has moved the integration
capability of its application server platform from an afterthought to one of its
most significant features. This will serve the vendor well in its upcoming battles
against BEA Systems, IBM, Microsoft, and SAP. (Executive Summary Ken
Vollmer, Forrester Research Analyst)
3. The integration enhancements are particularly important in the wake of Oracle's
recently finalized acquisition of PeopleSoft. Oracle will now have a broader
application portfolio that can be used to provide its expanded base of customers
with robust composite application development capability that, going forward,
will dominate the development environment in an increasing number of
organizations. A complete technology platform that includes the business
applications, an application platform (containing robust integration capability),
and integrated database technology will be one of the most efficient alternatives
for organizations that want to acquire the ability to create composite
applications. (Ken Vollmer Forrester Research Analyst).
4. Ken Vollmer, Forrester research analyst, recommends Put Oracle as 10g on your
integration vendor shortlist.
5. According to the Scorecard summary and Techranking Research Process
(Forrester), Oracle 10g ranked highest for Application Integration, Business
Process Management, Architecture, Development, and Administration when
compared to the top 8 Application servers.
6. Shops committed to the Oracle database and that are using both the Oracle
application server and third-party J2EE servers should consider consolidating
their J2EE investments on Oracle to capture savings on license fees and skills
development. (Forrester Recommendation)
7. Application Server 10g strengthens Oracles position as a top alternative to BEA
WebLogic and IBM WebSphere. Forrester.
8. The next major release is scheduled for late 2004. Oracle plans to offer the 10g
application server for the same prices it established for 9iAS: $5,000 per CPU for
the Java Edition, $10,000 per CPU for the Standard Edition and $20,000 per CPU
for the Enterprise Edition. (Forrester).
outsourcing business runs on Linux. We run our Application Demo Systems and
Technology Demo Systems, which consist of several hundred servers, on Linux.
These systems are utilized by Oracle's worldwide sales organization to provide
Oracle E-Business Suite and Oracle Database with RAC demonstrations to
customers and prospects. In addition, several for our Global IT systems are now
running on Linux. In October 2003, over 5,000 Oracle developers migrated over
to use Linux as the platform on which we build the Oracle E-Business Suite
product. OTN
In order to make the middle tier and infrastructure related ports consistent and easy to remember,
and in order to avoid port conflicts across various landscapes, we will apply the following pattern
when assigning ports:
1. When the range allows the last three digits to change: (this mostly applies to HTTP and
WebCache ports)
i. The third digit from right will identify the middle tier vs. infrastructure
For example: the middle tier will use 80xx and the infrastructure will use 81xx
ii. The second digit from the right will identify the landscape:
2. When the range only allows the last two digits to change and the range is 00 to 99
iv. The second digit from right will identify the landscape (similar to the previous
case)
v. The last digit on the right will be assigned to Middle tier and infrastructure
and documented following these rules:
1. Even numbers will be assigned to the Middle tier
2. Odd numbers will be assigned to the infrastructure.
For example: DCM discovery port range is 7100-7199, in this case the
Landscape
sbx
dev
tst
uat
trn
efx
prd
Middle-Tier
7100
7110
7120
7130
7140
7150
7180
Infrastructure
7101
7111
7121
7131
7141
7151
7181
Middle-Tier
7102
7112
7122
7132
Infrastructure
7103
7113
7123
7133
trn2
efx2
prd2
7142
7152
7182
7143
7153
7183
3. When the range only allows the last digit to change or it only covers a range of 10 to 20
ports or any time the first and second rules dont apply:
vi. The numbers within the range are assigned sequentially and documented
vii. Even numbers will be assigned to the Middle tier
viii. Odd numbers will be assigned to the infrastructure.
For example: for the Application Server Control range (1810-1829) we will use:
Landscape
sbx
dev
tst
uat
trn
efx
prd
Middle-Tier
1810
1812
1814
1816
1818
1820
1822
Infrastructure
1811
1813
1815
1817
1819
1821
1823
Landscape
sbx2
efx2
prd2
Middle-Tier
1824
1826
1828
Infrastructure
1825
1827
1829
25
137
139
143
Port
Number
Service
389
443
548
636
993
1098
1099
1156
1157
1521
1810-1829
1830-1849
1850-1869
2049
4443
Oracle HTTP Server Listen (SSL) and Oracle HTTP Server Port
(SSL)
Port
Number
Service
(SSL)
OracleAS Certificate Authority Mutual Authentication Virtual Host
(SSL)
9901
9998-9999
SOAP server
12401 12500
OC4J RMI
12501 12600
OC4J AJP
12601 12700
OC4J JMS
Port
Number
Service
13060 13129
13130 13159
13161 13199
13301 13400
OC4J IIOP
13401 13500
13501 13600
14011 14020
14021 14030
14040 14049
16001 16020
18100 18119
18120 18139
18140 18159
20300 20350
44000 44099
Log Loader
53140 53999
Port
Number
Service
Manager
IP address
Shorthand
code
xyz
Root
Application
Directory
Accounts
sbx2
http://oassbx2.educ.bc.ca:8000/
/oassbx1
http://oasdev1.educ.bc.ca:8010/
/oasdev1 xyz_dev
Programmer
Testing
142.32.236.105 tst1
http://oastst1.educ.bc.ca:8020/
/oastst1
xyz_tst
User
Acceptance
Testing
142.32.236.111
uat1
http://oasuat1.educ.bc.ca:8030/
/oasuat1
xyz_uat
Training
142.32.236.107 trn1
http:// oastrn1.educ.bc.ca:8040/
/oastrn1
xyz_trn
Emergency
Fix
142.32.236.109 efx1
http://oasefx1.educ.bc.ca:8050/
/oasefx1
xyz_efx
Production
142.32.236.101 prd1
http://oasprd1.educ.bc.ca :8080/
/oasprd1
xyz_prd
Environment
/
Landscape
Sand Box
142.32.236.70
xyz_sbx
If a second instance of any of the above is created, they will be named as follows:
Instant /
Shorthand
code
Root
Directory
xyz Application
Accounts
Sand Box
sbx2
http://oassbx2.educ.bc.ca:800x/
/oassbx2
xyz_sbx
Development
dev2
http://oasdev2.educ.bc.ca:801x/
/oasdev2
xyz_dev
Environment /
Landscape
Instant /
Shorthand
code
Root
Directory
xyz Application
Accounts
Programmer
Testing
tst2
http://oastst2.educ.bc.ca:802x/
/oastst2
xyz_tst
User Acceptance
Testing
uat2
http://oasuat2.educ.bc.ca:803x/
/oasuat2
xyz_uat
Training
trn2
http:// oastrn2.educ.bc.ca:804x/
/oastrn2
xyz_trn
Emergency Fix
efx2
http://oasefx2.educ.bc.ca:805x/
/oasefx2
xyz_efx
Production
prd2
http://oasprd2.educ.bc.ca :808x/
/oasprd2
xyz_prd
Environment /
Landscape
For the last digit of the port, The letter x has been used since a number of the ports in that
range may have been used by the first instance
For a second instance, the application accounts do not change.
Infrastructure Instances
Instant /
Shorthand
Environment / Landscape code
Root Directory
Sand Box
sbx
http://oaisbx1.educ.bc.ca:8100/
/oaisbx1
Development
dev
http://oaidev1.educ.bc.ca:8110/
/oaidev1
Programmer Testing
tst
http://oaitst1.educ.bc.ca:8120/
/oaitst1
uat
http://oaiuat1.educ.bc.ca:8130/
/oaiuat1
Training
trn
https://oaiprx1.educ.bc.ca:8140
/oaitrn1
Emergency Fix
efx
http://oaiefx1.educ.bc.ca:8150/
/oaiefx1
Production
prd
http://oaiprd1.educ.bc.ca:/8180
/oaiprd1
If a second instance of any of the above is created, they will be named as follows:
Instant /
Shorthand
Environment / Landscape code
Root Directory
Sand Box
http://oaisbx2.educ.bc.ca:8100/
/oaisbx2
sbx2
Instant /
Shorthand
Environment / Landscape code
Root Directory
Development
dev2
http://oaidev2.educ.bc.ca:8110/
/oaidev2
Programmer Testing
tst2
http://oaitst2.educ.bc.ca:8120/
/oaitst2
uat2
http://oaiuat2.educ.bc.ca:8130/
/oaiuat2
Training
trn2
https://oaiprx2.educ.bc.ca:8140
/oaitrn2
Emergency Fix
efx2
http://oaiefx2.educ.bc.ca:8150/
/oaiefx2
Production
prd2
http://oaiprd2.educ.bc.ca:/8180
/oaiprd2