BEA and NFS shares

In the current architecture I work with it has been decided that we use NFS for certain elements in our setup. Now (months after the design) we figured out that the decission (using nfs) has been made on false assumptions….the assumption was that VMware did not support the preferred BEA SAN setup..miscommunication …whatever.

Anyway implementing NFS on BEA the last couple of weeks taught me the following:


  • EMC is a large vendor for storage solutions…a competitor is netapps (is a specialist in providing lower end solutions like NFS)
  • SAN ( Storage Area Networks) can be used by ESX VM ware (VMDK makes it possible to resize on the fly)
  • SRDF is a protocol from EMC that does synchronization. In our setup it synchronizes the disk from 1 data center to the other. If network routing and caching is not setup optimal it will have a big impact on network performance.
  • An indicator of networkspeed for disks is for example: dd if=/dev/zero of=/mountpoint for share/someFilename bs=1MB count=50this will write you a 50MB file on the share and will show you the speed in which it does…
  • A proper setup NSF share can give me around 30/80 MB per seconds…local san can give me 250/500 MB per second
  • iScsi/ Fibre Optic and NFS are solutions/ technologies that are able to provide network storage.
  • We use NFS over SAN (raid 5) for loggins and software shares/ for high end stuff (JMS filestores and the domain itself) we use the SAN
  • Celera is the NFS server from EMC (is based on DOS)
  • FileLocking is a big issue/ consideration in your network storage setup
  • If you use NFS, consider the version…we use NFS4 as this is more secure handling file locking issues.
  • Make sure you understand if your file locking is based on user or Process ID
  • Tweakable options/configuration in NFS/SAN setup: Clientlock, Wlock (lock on OS level or on NFS server level/ we use the NFS server to dermine the fileLocks), nfs version, ldap, nolock mounting option, Delegation (which server has the right of speak) , version of Kernel, version of NFS server, network setup UDP/ vs IP


Bea problems

Things I do when I experience problems with starting the domain admin Server…and it says it has problems with it’s credentials and file:

  • put the expected username password in cleartext in the file

copy the 3DES encrypted password from the conf/config.xml and decrypt it..check if passwords match check if there are .lok files and remove them check the certificate that is being used ” keytool -v –list –keystore check if the ldap files of the broken server is corrupted…try using different ldap files (copying to the servers directory ) copy it of one of the servers that still works


Making joomla com_rokin component show a specific sub album/ gallery

Imho one of the greatest joomla components is com_rokin developed by The component makes it easy to integrate web albums in your joomla CMS, one of the great features is the integration with picassa and flickr. This means you can host your pictures on picassa or plickr and incorporate them in your local CMS.

One of the frustrating things however is that there is no default seperation in webalbums …like in picassa it is not possible to have your albums devided in subalbums…

I have changed the com_rokin component a little to make it aware of subalbums, by default com_rokin shows you all the galleries you have configured.

Things you have to do to get a page from com_rokin which displays only 1 gallery:

  • login to the database and see what albums you have configured: select * from jos_rokin_galleries you can use this data in your query you will use later on in this story
  • vi administrator/components/com_rokin/lib/rokin.common.php
  • edit the function get_rokin_request()
  • make up a variable which you will pass in your url and add it to your function, for example: $chrisParam = getReqParamVal(“chrisParam”);
  • change the query in the function get_rokin_request: $database->setQuery(“select * from #__rokin_galleries where 1=1 “); into $database->setQuery(“select * from #__rokin_galleries where username=’$chrisParam’ “);
  • in your menu create a link to the com_rokin component with the parameter you have defined above, for eg:


Making hosts trust eachother with keys

generate a key on your hosts…for example a .dsa key: ssh-keygen -t dsa this will generate a ~/.ssh/ and a ~/.ssh/id_dsa file copy the contents of the file and put it on the host you want to be trusted on…

scp ~/.ssh/ @:/tmp login to the remote host append the contents of the public key to the authorized_keys file in the ~/.ssh directory cat /tmp/ >> ~/.ssh/authorized_keys

How to start/stop Weblogic ALSB services with java code

With the following code you can connect to a Weblogic server get it’s context and manipulate it’s domain objects (starting/ stopping servers, change properties of the domain logging/ jdbc datasource properties etc etc)

In order to get the following code working you need to incorporate the following jar’s in your classpath:

  • weblogic.jar (from /bea alsb dir/modules)JMXServiceURL serviceURL = new JMXServiceURL(“t3”, hostname, port, “/jndi/” + DomainRuntimeServiceMBean.MBEANSERVER_JNDI_NAME); Hashtable h = new Hashtable(); h.put(Context.SECURITY_PRINCIPAL, username); h.put(Context.SECURITY_CREDENTIALS, password); h.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES, “”); JMXConnectorFactory connection = JMXConnectorFactory.connect(serviceURL, h); MBeanServerConnection mbconn = connection .getMBeanServerConnection(); domainRuntimeServiceMBean = (DomainRuntimeServiceMBean) MBeanServerInvocationHandler.newProxyInstance(mbconn, new ObjectName(DomainRuntimeServiceMBean.OBJECT_NAME)); domainMBean = domainRuntimeServiceMBean.getDomainConfiguration();


// Now the ALSB specific related stuff:

// With the following code you can connect to an ALSB server (which is a weblogic server with ALSB templates/ deployments) get it’s context and manipulate it’s domain objects (starting/ stopping services, change properties etc etc)

// In order to get the following code working you need to incorporate the following jar’s in your classpath:

  • configfwk_1.1.0.0.jar (from /bea alsb dir/modules)
  • sb-kernel-api.jar (from /bea alsb dir/alsb/lib) SessionManagementMBean sm = (SessionManagementMBean) domainService.findService(SessionManagementMBean.NAME, SessionManagementMBean.TYPE, null); ALSBConfigurationMBean acmb =(ALSBConfigurationMBean)domainService.findService(ALSBConfigurationMBean.NAME + “.” + sessionName, ALSBConfigurationMBean.TYPE, null); // Create a session, it is wise to give the session a unique name sm.createSession(sessionName); // For Proxy services ProxyServiceQuery psQuery = new ProxyServiceQuery(); // For Business services BusinessServiceQuery bsQuery = new BusinessServiceQuery(); Set refs = acmb.getRefs(psQuery);


// configurationMBean for Proxy Services ProxyServiceConfigurationMBean proxyServiceConfigurationMBean = (ProxyServiceConfigurationMBean)domainService.findService(ProxyServiceConfigurationMBean.NAME + “.” + sessionName,ProxyServiceConfigurationMBean.TYPE, null); // configurationMBean for Business Services BusinessServiceConfigurationMBean businessServiceConfigurationMBean = (BusinessServiceConfigurationMBean)domainService.findService(BusinessServiceConfigurationMBean.NAME + “.” + sessionName,BusinessServiceConfigurationMBean.TYPE, null); // Iterate through a list of Busness Service and do stuff… refs = acmb.getRefs(bsQuery); for (Ref ref : refs) { // use the ref object to do things }

// When finished store your session to commit your changes String CLOSE_AND_COMMIT_REMARK = “some remark to identify your change with”; sm.activateSession(sessionName, CLOSE_AND_COMMIT_REMARK + sessionName);

Java yesterday’s date

Ever had to calculate yesterday’s date in a little java proggie… use the roll function of the Gregorian Caledar…

// Create the calendar object, default is todays date GregorianCalendar gc = new GregorianCalendar(); then go back… a day gc.roll(Calendar.DAY_OF_YEAR, -1);

Be aware …if it’s the 1st of January (new year…) then you need to roll back a year as well….

How to decrypt 3DES BEA Weblogic passwords

Weblogic stores its passwords in the config.xml and using the 3DES encryption algorithm. Nice about it is that is not a hash algorithm…meaning if you know the key you can decrypt the encrypted 3DES string. So this part is the secret: Weblogic uses the SerializedSystemIni.dat file in the security directory of your domain as your key. This file was generated when the domain was created.

This piece of code can decrypt the 3DES string for you:



public class DrieDesDecrypter {

static ClearOrEncryptedService ces;

public static String decryptString(String securityDir, String encryptedString) throws Exception {
ces = new ClearOrEncryptedService(SerializedSystemIni.getEncryptionService(securityDir));
encryptedString = encryptedString.replace("\\", "");
return ces.decrypt(encryptedString);


You need to have the weblogic.jar (the one which the domain is using) in your classpath. The securityDir parameter is the Directory where the SerializedSystemIni.dat resides, the encryptedString parameter is the encrypted String…the return value…is what you wanted…

Have fun,