Closed
Description
Our WL domain instances are configured with extra security components.
We are using the following script to execute discoverDomain.sh action :
=> cat discoverDomain.sh
#!/bin/bash
# ----------------------------------------------------------------
oracleServerUrl="t3s://xyz.cc.cec.eu.int:1041"
oracleHome="/ec/local/weblogic/u000/app/owl12214"
domainHome="/ec/local/weblogic/u010/home/wlsopert/config/JEE-WS_TST"
# ----------------------------------------------------------------
echo
echo "oracleHome properties set [${oracleHome}]"
export WLSDEPLOY_PROPERTIES="-Dweblogic.alternateTypesDirectory=/ec/local/weblogic/u010/home/wlsopert/data/ec_components"
echo "WLSDEPLOY_PROPERTIES properties set [${WLSDEPLOY_PROPERTIES}]"
# ----------------------------------------------------------------
# Online mode
#${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -domain_home ${domainHome} -archive_file ./Domain.zip -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties -admin_url ${oracleServerUrl}
${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties -admin_url ${oracleServerUrl} -remote -skip_archive
# Offline mode
#${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -domain_home ${domainHome} -archive_file ./Domain.zip -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties
# ----------------------------------------------------------------
The content of the directory /ec/local/weblogic/u010/home/wlsopert/data/ec_components referenced by -Dweblogic.alternateTypesDirectory system's property is :
=> ls -la /ec/local/weblogic/u010/home/wlsopert/data/ec_components
total 11884
drwxr-x--- 2 wlsopert weblogic 222 Jul 19 12:39 .
drwxr-x--- 6 wlsopert weblogic 4096 Sep 11 15:57 ..
-rwxr-x--- 1 wlsopert weblogic 43828 Dec 18 2020 ECCustomAudit.jar
-rwxr-x--- 1 wlsopert weblogic 22345 Dec 22 2020 ecas-extragroups-1.6-JDK7.jar
-rw-r----- 1 wlsopert weblogic 11964428 Jul 19 12:39 eulogin-weblogic-12-authprovider-9.8.2-jdk8.jar
-rwxr-x--- 1 wlsopert weblogic 40761 Dec 22 2020 group-enhancer-1.6-JDK7.jar
-rwxr-x--- 1 wlsopert weblogic 40449 Dec 21 2020 net-proxy-1.8.jar
-rwxr-x--- 1 wlsopert weblogic 43146 Aug 3 2021 wlECSecurityProviders_11389.jar
The generation of the model is working fine excepted the Java class are wrong
SecurityConfiguration:
Realm:
myrealm:
Auditor:
ECCustomAudit:
eu.digit.wls.audit.providers.ECCustomAuditProviderImpl: {}
AuthenticationProvider:
// DefaultAuthenticator and DefaultIdentityAsserter have been removed for readability
ECASIdentityAsserterV2:
eu.cec.digit.ecas.client.j2ee.weblogic.EcasIdentityAsserterV2ProviderImpl:
AssuranceLevel: LOW
ControlFlag: SUFFICIENT
ExcludedContextPaths:
- /soa-infra
- /management
ECAuthenticator:
eu.cec.di.stb.authenticationprovider.ECAuthenticationProviderImpl:
ControlFlag: OPTIONAL
GroupEnhancer:
eu.europa.ec.digit.iam.weblogic.groupenhancer.GroupEnhancerProviderImpl: {}
NetProxy:
eu.europa.ec.digit.iam.weblogic.net.proxy.NetProxyAuthenticationProvider:
Active: 'true'
ControlFlag: OPTIONAL
The generated file should be :
SecurityConfiguration:
Realm:
myrealm:
Auditor:
ECCustomAudit:
eu.digit.wls.audit.providers.ECCustomAudit:
AuthenticationProvider:
// DefaultAuthenticator and DefaultIdentityAsserter have been removed for readability
ECASIdentityAsserterV2:
eu.cec.digit.ecas.client.j2ee.weblogic.EcasIdentityAsserterV2:
ControlFlag: SUFFICIENT
ExcludedContextPaths:
- '/soa-infra'
- '/management'
ECAuthenticator:
eu.cec.di.stb.authenticationprovider.ECAuthenticator:
ControlFlag: OPTIONAL
GroupEnhancer:
eu.europa.ec.digit.iam.weblogic.groupenhancer.GroupEnhancer:
ControlFlag: OPTIONAL
NetProxy:
eu.europa.ec.digit.iam.weblogic.net.proxy.NetProxy:
ControlFlag: OPTIONAL