Linux ·

通过修改jdbc配置文件方式修改Weblogic数据源密码

2334 0 0

注:假定环境中其中一个的weblogic域名为cams,数据源为CAMSDB

(1)直接修改weblogic的数据源配置文件中密文密码为最新的明文密码【首次尝试,以失败告终,weblogic并没用将JDBC配置文件中的密码从明文自动转化成为密文,并遇到了新问题
进入JDBC配置文件所在路径
[cams@mymc1 jdbc]$ cd /home/cams/bea/middleware/user_projects/domains/cams/config/jdbc
打开配置文件并进行修改
[cams@mymc1 jdbc]$ vi CAMSDB-2211-jdbc.xml
将XXX中的密文密码改为明文密码

然后启动weblogic域,并查看启动日志
[cams@mymc1 jdbc]$ cd /home/cams/bea/middleware/user_projects/domains/cams
[cams@mymc1 jdbc]$ nohup ./startWebLogic.sh &
[cams@mymc1 jdbc]$ tail -f nohup.out

发现如下报错信息:

  1. <2016-9-12 下午10时22分47秒 CST> <Error> <J2EE> <BEA-160197> <Unable to load descriptor java.net.URLClassLoader@6639c8c1/null of module null. The error is weblogic.descriptor.DescriptorException: Unmarshaller failed
  2.     at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:161)
  3.     at weblogic.descriptor.BasicDescriptorManager.createDescriptor(BasicDescriptorManager.java:323)
  4.     at weblogic.application.descriptor.AbstractDescriptorLoader2.getDescriptorBeanFromReader(AbstractDescriptorLoader2.java:788)
  5.     at weblogic.application.descriptor.AbstractDescriptorLoader2.createDescriptorBean(AbstractDescriptorLoader2.java:409)
  6.     at weblogic.application.descriptor.AbstractDescriptorLoader2.loadDescriptorBeanWithoutPlan(AbstractDescriptorLoader2.java:759)
  7.     at weblogic.application.descriptor.AbstractDescriptorLoader2.loadDescriptorBean(AbstractDescriptorLoader2.java:768)
  8.     at weblogic.jdbc.module.JDBCDeploymentHelper.getJDBCDataSourceBean(JDBCDeploymentHelper.java:186)
  9.     at weblogic.jdbc.module.JDBCDeploymentHelper.createJDBCDataSourceDescriptor(JDBCDeploymentHelper.java:51)
  10.     at weblogic.management.mbeans.custom.JDBCSystemResource.loadDescriptor(JDBCSystemResource.java:60)
  11.     at weblogic.management.mbeans.custom.ConfigurationExtension.getExtensionRoot(ConfigurationExtension.java:178)
  12.     at weblogic.management.mbeans.custom.JDBCSystemResource.getJDBCResource(JDBCSystemResource.java:45)
  13.     at weblogic.management.mbeans.custom.JDBCSystemResource._postCreate(JDBCSystemResource.java:50)
  14.     at weblogic.management.configuration.JDBCSystemResourceMBeanImpl._postCreate(JDBCSystemResourceMBeanImpl.java:355)
  15.     at weblogic.descriptor.internal.AbstractDescriptorBean._postCreate(AbstractDescriptorBean.java:670)
  16.     at weblogic.management.configuration.DomainMBeanImpl.setJDBCSystemResources(DomainMBeanImpl.java:11820)
  17.     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  18.     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  19.     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  20.     at java.lang.reflect.Method.invoke(Method.java:597)
  21.     at com.bea.staxb.runtime.internal.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:48)
  22.     at com.bea.staxb.runtime.internal.RuntimeBindingType$BeanRuntimeProperty.setValue(RuntimeBindingType.java:539)
  23.     at com.bea.staxb.runtime.internal.AttributeRuntimeBindingType$QNameRuntimeProperty.fillCollection(AttributeRuntimeBindingType.java:381)
  24.     at com.bea.staxb.runtime.internal.MultiIntermediary.getFinalValue(MultiIntermediary.java:52)
  25.     at com.bea.staxb.runtime.internal.AttributeRuntimeBindingType.getFinalObjectFromIntermediary(AttributeRuntimeBindingType.java:140)
  26.     at com.bea.staxb.runtime.internal.UnmarshalResult.unmarshalBindingType(UnmarshalResult.java:200)
  27.     at com.bea.staxb.runtime.internal.UnmarshalResult.unmarshalDocument(UnmarshalResult.java:169)
  28.     at com.bea.staxb.runtime.internal.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:65)
  29.     at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:150)
  30.     at weblogic.descriptor.BasicDescriptorManager.createDescriptor(BasicDescriptorManager.java:323)
  31.     at weblogic.management.provider.internal.DescriptorManagerHelper.loadDescriptor(DescriptorManagerHelper.java:68)
  32.     at weblogic.management.provider.internal.RuntimeAccessImpl$IOHelperImpl.parseXML(RuntimeAccessImpl.java:690)
  33.     at weblogic.management.provider.internal.RuntimeAccessImpl.parseNewStyleConfig(RuntimeAccessImpl.java:270)
  34.     at weblogic.management.provider.internal.RuntimeAccessImpl.<init>(RuntimeAccessImpl.java:115)
  35.     at weblogic.management.provider.internal.RuntimeAccessService.start(RuntimeAccessService.java:41)
  36.     at weblogic.t3.srvr.ServerServicesManager.startService(ServerServicesManager.java:461)
  37.     at weblogic.t3.srvr.ServerServicesManager.startInStandbyState(ServerServicesManager.java:166)
  38.     at weblogic.t3.srvr.T3Srvr.initializeStandby(T3Srvr.java:881)
  39.     at weblogic.t3.srvr.T3Srvr.startup(T3Srvr.java:568)
  40.     at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:469)
  41.     at weblogic.Server.main(Server.java:71)
  42. Caused by: com.bea.xml.XmlException: java.lang.IllegalArgumentException: In production mode, it's not allowed to set a clear text value to the property: PasswordEncrypted of JDBCDriverParamsBean
  43.     at com.bea.staxb.runtime.internal.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:54)
  44.     at com.bea.staxb.runtime.internal.RuntimeBindingType$BeanRuntimeProperty.setValue(RuntimeBindingType.java:539)
  45.     at com.bea.staxb.runtime.internal.ByNameRuntimeBindingType$ElementQNameProperty.fill(ByNameRuntimeBindingType.java:351)
  46.     at com.bea.staxb.runtime.internal.LiteralUnmarshalResult.extractAndFillElementProp(LiteralUnmarshalResult.java:159)
  47.     at com.bea.staxb.runtime.internal.ByNameUnmarshaller.deserializeContents(ByNameUnmarshaller.java:51)
  48.     at com.bea.staxb.runtime.internal.AttributeUnmarshaller.unmarshalIntoIntermediary(AttributeUnmarshaller.java:47)
  49.     at com.bea.staxb.runtime.internal.LiteralUnmarshalResult.unmarshalElementProperty(LiteralUnmarshalResult.java:184)
  50.     at com.bea.staxb.runtime.internal.LiteralUnmarshalResult.extractAndFillElementProp(LiteralUnmarshalResult.java:156)
  51.     at com.bea.staxb.runtime.internal.ByNameUnmarshaller.deserializeContents(ByNameUnmarshaller.java:51)
  52.     at com.bea.staxb.runtime.internal.AttributeUnmarshaller.unmarshalIntoIntermediary(AttributeUnmarshaller.java:47)
  53.     at com.bea.staxb.runtime.internal.UnmarshalResult.unmarshalBindingType(UnmarshalResult.java:199)
  54.     at com.bea.staxb.runtime.internal.UnmarshalResult.unmarshalDocument(UnmarshalResult.java:169)
  55.     at com.bea.staxb.runtime.internal.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:65)
  56.     at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:150)
  57.     ... 39 more
  58. Caused by: java.lang.IllegalArgumentException: In production mode, it's not allowed to set a clear text value to the property: PasswordEncrypted of JDBCDriverParamsBean
  59.     at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.setPasswordEncrypted(JDBCDriverParamsBeanImpl.java:430)
  60.     at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.setPasswordEncryptedAsString(JDBCDriverParamsBeanImpl.java:276)
  61.     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  62.     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  63.     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  64.     at java.lang.reflect.Method.invoke(Method.java:597)
  65.     at com.bea.staxb.runtime.internal.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:48)
  66.     ... 52 more
  67. .>
  68. <2016-9-12 下午10时22分47秒 CST> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason: [Management:141266]Parsing Failure in config.xml: weblogic.management.ManagementRuntimeException: weblogic.application.ModuleException: >

 

(2)查找问题的解决方案【weblogic不能启动:PasswordEncrypted of JDBCDriverParamsBean问题】
找到解决方案链接如下:
http://Oraclemiddlewareblog.com/2012/04/25/unable-to-start-weblogic-passwordencrypted-of-serverstartmbean/

内容如下:

  1. The Weblogic administration server is not starting and the complete error message is:
  3. “In production mode, it’s not allowed to set a clear text value to the property: PasswordEncrypted of ServerStartMBean”
  5. If this is occurring in Weblogic versions 10.3.1 or earlier, then it is a known bug with the administration console. The bug will cause a <password-encrypted> tag of a certain weblogic instance in your domain to be set to a null value in the config.xml. This will happen if you modify some startup arguments of that instance in the administration console. Weblogic will interpret the null value as a plain text password, which is not allowed in a production domain, thus the error in starting the server.
  7. There is a patch that you can apply for this issue, but there are also some quick workarounds that might prove very useful if there is a time constraint for starting the administration service.
  10. The first solution, and the one that is recommended since it is the final fix is to apply the patch delivered by Oracle for this issue:
  12. – PKJ1 for Weblogic 10.3.1
  13. – 6RDR for Weblogic 10.3
  15. Both patches are released for generic platforms. If you are having a hard time identifying these patches in the new My Oracle Support site, please check out this post for instructions on how to find “old style” Weblogic patches in My Oracle Support.
  17. Then, there are a few workarounds that you can quickly apply based on your needs:
  19. 1. The quickest solution is to switch your domain to Development mode. This will allow you to start the administration server, but take into consideration the implications that this change has on the runtime of the server, such as different logging levels and runtime performance.
  21. 2. Another way you can solve this issue is to simply copy the value of the empty tag from another instance in your domain. Locate another instance in the config.xml for which you have the <password-encrypted> tag correctly defined and copy it to the empty tag.
  23. <password-encrypted>{AES}ve8cqLahYHyy8prbAudZTIyRvk4rNG+7kKvANZdaJzU=</password-encrypted>
  25. 3. If you simply do not have the encrypted password, you can encrypt it yourself using a utility provided by Weblogic:
  27. – Run $DOMAIN_HOME/bin/setDomainEnv.sh so set the environment variables for your domain
  28. – Execute: ‘java weblogic.security.Encrypt’
  29. – Enter the password in clear text and the encrypted value will be returned in the output. Copy that in the empty tag in the config.xml and restart the administration server.

因为我所使用的weblogic版本是10.3.6.0,所以不是缺陷的问题。这里给出了三种建议,第一种是切换domain到开发模式,显然不合适;第二种是从其他实例拷贝密码标签的值,因为数据库中每个用户的密码都是不一样的,显然不适用;第三种是使用weblogic提供的工具将明文转化成为密文,然后进行替换,这是一种可行的方案。

(3)按照上述第三种方法执行【再次遇到错误】

  1. [cams@mymc1 bin]$ cd /home/cams/bea/middleware/user_projects/domains/cams/bin
  2. [cams@mysc1 bin]$ setDomainEnv.sh
  3. [cams@mymc1 bin]$ java weblogic.security.Encrypt
  4. Exception in thread "main" java.lang.NoClassDefFoundError: weblogic/security/Encrypt
  5. Caused by: java.lang.ClassNotFoundException: weblogic.security.Encrypt
  6.     at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
  7.     at java.security.AccessController.doPrivileged(Native Method)
  8.     at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
  9.     at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
  10.     at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
  11.     at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
  12. Could not find the main class: weblogic.security.Encrypt. Program will exit.

(4)接着查找该问题的处理方案【成功执行并生成了新的密文】

  1. encrypting password in weblogic (get java.lang.ClassNotFoundException:)
  2. if you need to encrypt password and get java.lang.ClassNotFoundException: weblogic.security.Encrypt then use this way /app/bea/WLS1031/jdk/bin/java -cp /app/bea/WLS1031/wlserver_10.3/server/lib/weblogic.jar:$java weblogic.security.Encrypt yourpassword
  3. PS: i have called java cause it was not in my env.
  4. if you already have java in your env then /opt/bea/WLS1031/wlserver_10.3/server/lib/weblogic.jar:$java weblogic.security.Encrypt yourpassword

参考上文,执行命令如下:【注:标黄的password处输入真实的明文密码,可自动输出为密文】

  1. [cams@mymc1 ~]$ cp /home/cams/bea/middleware/wlserver_10.3/server/lib/weblogic.jar /home/cams/bea/middleware/user_projects/domains/cams/
  2. [cams@mymc1 ~]$ cd /home/cams/bea/middleware/user_projects/domains/cams/
  3. [cams@mymc1 cams]$ java -cp weblogic.jar weblogic.security.Encrypt password

这里得到数据源CAMSDB的密码的密文为:【注:相同的明文在不同的weblogic下生成的密文不同】

{AES}dUH3nDtUg3LfPBCngOAAPFgsIW4gVRPyD25aibk4zVQ=

这里测试在另外一个weblogic下生成的密文为:

{AES}GA2sa2jSBeEtCoyt2g6NxJS3JPIWth70Z7s6dmIJ1uM=

显然两个相同密码在不同weblogic下生成的密文大不相同。

 

(5)修改weblogic的数据源配置文件中密文密码为最新的密文密码【还是遇到问题,账户锁定了】
进入JDBC配置文件所在路径
[cams@mymc1 jdbc]$ cd /home/cams/bea/middleware/user_projects/domains/cams/config/jdbc
打开配置文件并进行修改
[cams@mymc1 jdbc]$ vi CAMSDB-2211-jdbc.xml
将XXX中的密文密码改为最新密文密码

然后启动weblogic域,并查看启动日志
[cams@mymc1 jdbc]$ cd /home/cams/bea/middleware/user_projects/domains/cams
[cams@mymc1 jdbc]$ nohup ./startWebLogic.sh &
[cams@mymc1 jdbc]$ tail -f nohup.out

发现如下报错信息:

 

  1. weblogic.common.ResourceException: weblogic.common.ResourceException: Could not create pool connection. The DBMS driver exception was: ORA-28000: the account is locked

很显然,是Oracle用户使用错误的密码尝试连接的次数过多,导致账户被锁定了

(6)处理最后的问题【结果再次遇到报错,不细心造成的】
这里需要联系数据库管理员,使用system或者sys用户登录数据库,执行查询语句:

SQL>  select * from dba_users where account_status <> 'OPEN' ;

找到锁定的用户,然后执行解锁语句:
SQL> alter user XXXX account unlock;

然后再次重启,还是发现报错信息:

ORA-01017: invalid username/password; logon denied

经过检查,因为在替换的时候,有一个密文替换错了,导致数据源连接失败。这里重新替换即可。

最终,weblogic启动成功,一切OK!

「点点赞赏,手留余香」
    还没有人赞赏,快来当第一个赞赏的人吧!

除特别注明外,本站所有文章均为堕络的小屋原创,转载请注明出处来自https://www.duoluosb.com/187.html

收藏 打赏
  • 0 个人已赞

相关文章

参与评论