From 29959e5d3fae972dff6391acd42d18568bf0ff3e Mon Sep 17 00:00:00 2001 From: Monica Riccelli Date: Thu, 28 Jun 2018 18:19:48 -0400 Subject: [PATCH 1/5] Changes to secure Admin Authentication --- .../dockerfiles/12.2.1.3/Dockerfile.developer | 8 +- .../dockerfiles/12.2.1.3/Dockerfile.generic | 7 +- OracleWebLogic/dockerfiles/12.2.1.3/README.md | 86 ++++++++----------- .../container-scripts/create-wls-domain.py | 67 +++++++++------ .../createAndStartEmptyDomain.sh | 52 ++++++----- 5 files changed, 105 insertions(+), 115 deletions(-) diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.developer b/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.developer index 86c4c1777e..7aaf027147 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.developer +++ b/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.developer @@ -55,12 +55,12 @@ COPY container-scripts/createAndStartEmptyDomain.sh container-scripts/create-wls # ------------------------------------------------------------ ENV DOMAIN_NAME="${DOMAIN_NAME:-base_domain}" \ DOMAIN_HOME=/u01/oracle/user_projects/domains/${DOMAIN_NAME:-base_domain} \ - ADMIN_PORT="${ADMIN_PORT:-7001}" \ - ADMIN_USERNAME="${ADMIN_USERNAME:-weblogic}" \ + ADMIN_LISTEN_PORT="${ADMIN_LISTEN_PORT:-7001}" \ ADMIN_NAME="${ADMIN_NAME:-AdminServer}" \ - ADMIN_PASSWORD="${ADMIN_PASSWORD:-""}" \ DEBUG_FLAG=true \ - PRODUCTION_MODE=dev + PRODUCTION_MODE=dev \ + ADMINISTRATION_PORT_ENABLED="${ADMINISTRATION_PORT_ENABLED:-true}" \ + ADMINISTRATION_PORT="${ADMINISTRATION_PORT:-9002}" diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.generic b/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.generic index fb895ec55c..e18b856a88 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.generic +++ b/OracleWebLogic/dockerfiles/12.2.1.3/Dockerfile.generic @@ -55,11 +55,10 @@ COPY container-scripts/createAndStartEmptyDomain.sh container-scripts/create-wls # ------------------------------------------------------------ ENV DOMAIN_NAME="${DOMAIN_NAME:-base_domain}" \ DOMAIN_HOME=/u01/oracle/user_projects/domains/${DOMAIN_NAME:-base_domain} \ - ADMIN_PORT="${ADMIN_PORT:-7001}" \ - ADMIN_USERNAME="${ADMIN_USERNAME:-weblogic}" \ + ADMIN_LISTEN_PORT="${ADMIN_LISTEN_PORT:-7001}" \ ADMIN_NAME="${ADMIN_NAME:-AdminServer}" \ - ADMIN_PASSWORD="${ADMIN_PASSWORD:-""}" - + ADMINISTRATION_PORT_ENABLED="${ADMINISTRATION_PORT_ENABLED:-true}" \ + ADMINISTRATION_PORT="${ADMINISTRATION_PORT:-9002}" # Environment variables required for this build (do NOT change) # ------------------------------------------------------------- diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/README.md b/OracleWebLogic/dockerfiles/12.2.1.3/README.md index f90e915b2d..14fe3bde58 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/README.md +++ b/OracleWebLogic/dockerfiles/12.2.1.3/README.md @@ -1,105 +1,84 @@ Oracle WebLogic Server on Docker ================================= -These Docker configurations have been used to create the Oracle WebLogic Server image. Providing this WLS image facilitates the configuration and environment setup for DevOps users. This project includes the installation and creation of an empty WebLogic Server domain (an Administration Server only). These Oracle WebLogic Server 12.2.1.3 images are based on Oracle Linux and Oracle JRE 8 (Server). +These Docker configurations have been used to create the Oracle WebLogic Server (WLS) image. Providing this WLS image facilitates the configuration and environment setup for DevOps users. This project includes the installation and creation of an empty WebLogic Server domain (an Administration Server only). These Oracle WebLogic Server 12.2.1.3 images are based on Oracle Linux and Oracle JRE 8 (Server). The certification of Oracle WebLogic Server on Docker does not require the use of any file presented in this repository. Customers and users are welcome to use them as starters, and customize, tweak, or create from scratch, new scripts and Dockerfiles. For more information on the certification, please see the [Oracle WebLogic Server on Docker certification whitepaper](http://www.oracle.com/technetwork/middleware/weblogic/overview/weblogic-server-docker-containers-2491959.pdf) and [The WebLogic Server Blog](https://blogs.oracle.com/WebLogicServer/) for updates. ## How to build and run -This project offers sample Dockerfiles for Oracle WebLogic Server 12cR2 (12.2.1.3). It provides at least one Dockerfile for the 'developer' distribution, a second Dockerfile for the 'generic' distribution, and a third Dockerfile for the 'infrastructure' distribution. To assist in building the images, you can use the [`buildDockerImage.sh`](dockerfiles/buildDockerImage.sh) script. See below for instructions and usage. +This project offers sample Dockerfiles for Oracle WebLogic Server 12cR2 (12.2.1.3). It provides at least one Dockerfile for the 'developer' distribution, a second Dockerfile for the 'generic' distribution. To assist in building the images, you can use the [`buildDockerImage.sh`](dockerfiles/buildDockerImage.sh) script. See below for instructions and usage. The `buildDockerImage.sh` script is a utility shell script that performs MD5 checks and is an easy way for beginners to get started. Expert users are welcome to directly call `docker build` with their prefered set of parameters. - ### Building Oracle WebLogic Server Docker install images **IMPORTANT:** You must download the binary of Oracle WebLogic Server and put it in place (see `.download` files inside `dockerfiles/`). The WebLogic image extends the Oracle JRE Server 8 image. You must either build the image by using the Dockerfile in [`../../../OracleJava/java8`](https://github.com/oracle/docker-images/tree/master/OracleJava/java-8) or pull the latest image from the [Oracle Container Registry](https://container-registry.oracle.com) or the [Docker Store](https://store.docker.com). Before you build, select the version and distribution for which you want to build an image, then download the required packages (see `.download` files) and locate them in the folder of your distribution version of choice. Then, from the `dockerfiles` folder, run the `buildDockerImage.sh` script as root. $ sh buildDockerImage.sh - Usage: buildDockerImage.sh -v [version] [-d | -g | -i] [-s] + Usage: buildDockerImage.sh -v [version] [-d | -g ] [-s] Builds a Docker Image for Oracle WebLogic Server. Parameters: -v: version to build. Required. Choose : 12.2.1.3 -d: creates image based on 'developer' distribution - -g: creates image based on 'generic' distribution -i: creates image based on 'infrastructure' distribution -c: enables Docker image layer cache during build -s: skips the MD5 check of packages - * select one distribution only: -d, -g, or -i + * select one distribution only: -d, or -g LICENSE UPL 1.0 Copyright (c) 2014-2018 Oracle and/or its affiliates. All rights reserved. -**IMPORTANT:** The resulting images will have an empty domain (Administration Server only), by default. You must extend the image with your own Dockerfile, and create your domain using WLST. You might take a look at the use case samples. - -## Samples for Oracle WebLogic Server domain creation -To give users an idea of how to create a domain from a custom Dockerfile to extend the WebLogic Server image, we provide a few samples for 12c versions of the developer distribution. For an example, we provide samples to create a `12.2.1.3 medrec` domain. - -### Sample installation and base domain for Oracle WebLogic Server 12.2.1.3 -The image `oracle/weblogic:12.2.1.3-developer` will configure a `base_domain` with the following settings: - - * Admin Username: `weblogic` - * Admin Password: Auto generated - * Oracle Linux Username: `oracle` - * Oracle Linux Password: `welcome1` - * WebLogic Server Domain Name: `base_domain` - * Admin Server on port: `7001` - * Production Mode: `developer` +**IMPORTANT:** The resulting images will have a single server domain (Administration Server only), by default. -**IMPORTANT:** If you intend to run these images in production, you must change the Production Mode to `production`. + 1. To build the `12.2.1.3`image, from `dockerfiles`, call: -### Admin password - -On the first startup of the container, a random password will be generated for the administration of the domain. You can find this password in the output line: - -`Oracle WebLogic Server auto generated Admin password:` - -If you need to find the password at a later time, grep for `password` in the Docker logs generated during the startup of the container. To look at the Docker container logs, run: - - $ docker logs --details + `$ sh buildDockerImage.sh -v 12.2.1.3 -d` -### Write your own Oracle WebLogic Server domain with WLST -The best way to create your own, or extend domains, is by using the [WebLogic Scripting Tool](https://docs.oracle.com/middleware/1221/cross/wlsttasks.htm). You can find an example of a WLST script to create domains at [`create-wls-domain.py`](dockerfiles/12.2.1.3/container-scripts/create-wls-domain.py). You may want to tune this script with your own setup to create datasources and connection pools, security realms, deploy artifacts, and so on. You can also extend images and override an existing domain, or create a new one with WLST. + 2. Verify that you now have this image in place with: -## Building the Oracle WebLogic Server Docker image -To try a sample of a WebLogic Server image with a base domain configured, follow the steps below: + `$ docker images` - 1. To build the `12.2.1.3`image, from `dockerfiles`, call: +### Running a Single Server Domain from the image +The WebLogic Server install image (built above) allows you to run a container with a single WebLogic server domain. This makes it extreemly simple to deploy applications and any resource the application might need. - `$ sh buildDockerImage.sh -v 12.2.1.3-d` +#### Providing Admin server Usernasme and Password +For security reasons the username and password will be supplied in a domain.properties file located in a HOST directory that you will map at Docker run time with a -v option. This properties file will enable the scripts to configure the correct authentication for the WebLogic Admin server. - 2. Verify that you now have this image in place with: +The format of the domain.properties file is key value pair: +`username=myudminsername` +`password=myadminpassword` - `$ docker images` +**Note**: we recommend that the domain.properties file be deleted or secured after the container and the WebLogic server are started to make sure that no one can maliciously get hold of the username and password. - 3. Start a container from the image created in step 1. - You can override the default values of the following parameters during runtime with the `-e` option: - * `ADMIN_NAME` (default: `AdminServer`) - * `ADMIN_PORT` (default: `7001`) - * `ADMIN_USERNAME` (default: `weblogic`) - * `ADMIN_PASSWORD` (default: Auto Generated) - * `DOMAIN_NAME` (default: `base_domain`) - * `DOMAIN_HOME` (default: `/u01/oracle/user_projects/domains/base_domain`) +#### Start the Container +Start a container from the image created in step 1. +You can override the default values of the following parameters during runtime with the `-e` option: + * `ADMIN_NAME` (default: `AdminServer`) + * `ADMIN_LISTEN_PORT` (default: `7001`) + * `DOMAIN_NAME` (default: `base_domain`) + * `DOMAIN_HOME` (default: `/u01/oracle/user_projects/domains/base_domain`) + * `ADMINISTRATION_PORT_ENABLED` (default: `true`) + * `ADMINISTRATION_PORT` (default: `9002`) -**NOTE**: To set the `DOMAIN_NAME`, you must set both `DOMAIN_NAME` and `DOMAIN_HOME`. +**NOTE**: To set the `DOMAIN_NAME`, you must set both `DOMAIN_NAME` and `DOMAIN_HOME`. For security the Administration port 9002 is enabled by default, if you would like to disable it set 'ADMINISTRTATION_PORT_ENABLED' to false. If you intend to run these images in production, you must change the Production Mode to `production`. - $ docker run -d -p 7001:7001 -e ADMIN_USERNAME=weblogic -e ADMIN_PASSWORD=welcome1 -e DOMAIN_HOME=/u01/oracle/user_projects/domains/abc_domain -e DOMAIN_NAME=abc_domain oracle/weblogic:12.2.1.3-developer + $docker run -d -p 7001:7001 -p 9002:9002 -v `HOST PATH where the domain.properties file is`:/u01/oracle/properties -e ADMINISTRATION_PORT_ENABLED=true -e DOMAIN_HOME=/u01/oracle/user_projects/domains/abc_domain -e DOMAIN_NAME=abc_domain oracle/weblogic:12.2.1.3-developer - 4. Run the Administration Console: +Run the Administration Console: `$ docker inspect --format '{{.NetworkSettings.IPAddress}}' ` - This returns the IP address of the container (for example, `xxx.xx.x.x`). Go to your browser and enter `http://xxx.xx.x.x:7001/console` - + This returns the IP address of the container (for example, `xxx.xx.x.x`). Go to your browser and enter `https://xxx.xx.x.x:9002/console` your browser will request for you to accept Security Exception. ## Choose your Oracle WebLogic Server distribution + This project hosts two configurations (depending on the Oracle WebLogic Server version) for building Docker images with WebLogic Server 12c. * Quick Install Developer Distribution @@ -111,5 +90,8 @@ This project hosts two configurations (depending on the Oracle WebLogic Server v - For more information on the Oracle WebLogic Server 12cR2 Generic Full Distribution, see [WebLogic Server 12.2.1.3 Documentation](http://docs.oracle.com/middleware/12213/wls/index.html). +## Samples for Oracle WebLogic Server domain creation +To give users an idea of how to create a WebLogic domain and cluster from a custom Dockerfile which extends the WebLogic Server install image, we provide a few samples for 12c versions of the developer distribution. For an example, please take a look at the `12213-domain` sample. + ## Copyright Copyright (c) 2014-2018 Oracle and/or its affiliates. All rights reserved. diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/create-wls-domain.py b/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/create-wls-domain.py index 8956294014..e84b6c9487 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/create-wls-domain.py +++ b/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/create-wls-domain.py @@ -7,65 +7,78 @@ # Domain, as defined in DOMAIN_NAME, will be created in this script. Name defaults to 'base_domain'. # # Since : October, 2014 -# Author: bruno.borges@oracle.com +# Author: monica.riccelli@oracle.com # ============================================== domain_name = os.environ.get("DOMAIN_NAME", "base_domain") admin_name = os.environ.get("ADMIN_NAME", "AdminServer") -admin_username = os.environ.get("ADMIN_USERNAME", "weblogic") -admin_pass = "ADMIN_PASSWORD" -admin_port = int(os.environ.get("ADMIN_PORT", "7001")) +admin_listen_port = int(os.environ.get("ADMIN_LISTEN_PORT", "7001")) domain_path = '/u01/oracle/user_projects/domains/%s' % domain_name production_mode = os.environ.get("PRODUCTION_MODE", "prod") +administration_port_enabled = os.environ.get("ADMINISTRATION_PORT_ENABLED", "true") +administration_port = int(os.environ.get("ADMINISTRATION_PORT", "9002")) -print('domain_name : [%s]' % domain_name); -print('admin_port : [%s]' % admin_port); -print('domain_path : [%s]' % domain_path); -print('production_mode : [%s]' % production_mode); -print('admin password : [%s]' % admin_pass); -print('admin name : [%s]' % admin_name); -print('admin username : [%s]' % admin_username); +print('domain_name : [%s]' % domain_name); +print('admin_listen_port : [%s]' % admin_listen_port); +print('domain_path : [%s]' % domain_path); +print('production_mode : [%s]' % production_mode); +print('admin name : [%s]' % admin_name); +print('administration_port_enabled : [%s]' % administration_port_enabled); +print('administration_port : [%s]' % administration_port); # Open default domain template -# ====================== +# ============================ readTemplate("/u01/oracle/wlserver/common/templates/wls/wls.jar") set('Name', domain_name) setOption('DomainName', domain_name) +# Set Administration Port +# ======================= +if administration_port_enabled != "false": + set('AdministrationPort', administration_port) + set('AdministrationPortEnabled', 'true') + # Disable Admin Console # -------------------- # cmo.setConsoleEnabled(false) # Configure the Administration Server and SSL port. -# ========================================================= +# ================================================= cd('/Servers/AdminServer') set('Name', admin_name) set('ListenAddress', '') -set('ListenPort', admin_port) +set('ListenPort', admin_listen_port) +if administration_port_enabled != "false": + create('AdminServer','SSL') + cd('SSL/AdminServer') + set('Enabled', 'True') # Define the user password for weblogic # ===================================== cd('/Security/%s/User/weblogic' % domain_name) -cmo.setPassword(admin_pass) +cmo.setPassword(password) # Write the domain and close the domain template # ============================================== setOption('OverwriteDomain', 'true') setOption('ServerStartMode',production_mode) -cd('/NMProperties') -set('ListenAddress','') -set('ListenPort',5556) -set('CrashRecoveryEnabled', 'true') -set('NativeVersionEnabled', 'true') -set('StartScriptEnabled', 'false') -set('SecureListener', 'false') -set('LogLevel', 'FINEST') +# Create Node Manager +# =================== +#cd('/NMProperties') +#set('ListenAddress','') +#set('ListenPort',5556) +#set('CrashRecoveryEnabled', 'true') +#set('NativeVersionEnabled', 'true') +#set('StartScriptEnabled', 'false') +#set('SecureListener', 'false') +#set('LogLevel', 'FINEST') -# Set the Node Manager user name and password (domain name will change after writeDomain) -cd('/SecurityConfiguration/base_domain') -set('NodeManagerUsername', admin_username) -set('NodeManagerPasswordEncrypted', admin_pass) +# Set the Node Manager user name and password +# =========================================== +#cd('/SecurityConfiguration/%s' % domain_name) +#set('NodeManagerUsername', username) +#set('NodeManagerPasswordEncrypted', password) # Write Domain # ============ diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/createAndStartEmptyDomain.sh b/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/createAndStartEmptyDomain.sh index 661ecd367e..c3558a5588 100755 --- a/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/createAndStartEmptyDomain.sh +++ b/OracleWebLogic/dockerfiles/12.2.1.3/container-scripts/createAndStartEmptyDomain.sh @@ -31,39 +31,35 @@ if [ ! -f ${DOMAIN_HOME}/servers/AdminServer/logs/AdminServer.log ]; then ADD_DOMAIN=0 fi +mkdir -p $ORACLE_HOME/properties # Create Domain only if 1st execution if [ $ADD_DOMAIN -eq 0 ]; then + PROPERTIES_FILE=/u01/oracle/properties/domain.properties + if [ ! -e "$PROPERTIES_FILE" ]; then + echo "A properties file with the username and password needs to be supplied." + exit + fi -if [ -z $ADMIN_PASSWORD ]; then - # Auto generate Oracle WebLogic Server admin password - while true; do - s=$(cat /dev/urandom | tr -dc "A-Za-z0-9" | fold -w 8 | head -n 1) - if [[ ${#s} -ge 8 && "$s" == *[A-Z]* && "$s" == *[a-z]* && "$s" == *[0-9]* ]]; then - break - else - echo "Password does not Match the criteria, re-generating..." - fi - done + # Get Username + USER=`awk '{print $1}' $PROPERTIES_FILE | grep username | cut -d "=" -f2` + if [ -z "$USER" ]; then + echo "The domain username is blank. The Admin username must be set in the properties file." + exit + fi + # Get Password + PASS=`awk '{print $1}' $PROPERTIES_FILE | grep password | cut -d "=" -f2` + if [ -z "$PASS" ]; then + echo "The domain password is blank. The Admin password must be set in the properties file." + exit + fi - echo "" - echo " Oracle WebLogic Server Auto Generated Empty Domain:" - echo "" - echo " ----> 'weblogic' admin password: $s" - echo "" -else - s=${ADMIN_PASSWORD} - echo " ----> 'weblogic' admin password: $s" + # Create an empty domain + wlst.sh -skipWLSModuleScanning -loadProperties $PROPERTIES_FILE /u01/oracle/create-wls-domain.py + mkdir -p ${DOMAIN_HOME}/servers/AdminServer/security/ + echo "username=${USER}" >> /u01/oracle/user_projects/domains/$DOMAIN_NAME/servers/AdminServer/security/boot.properties + echo "password=${PASS}" >> /u01/oracle/user_projects/domains/$DOMAIN_NAME/servers/AdminServer/security/boot.properties + ${DOMAIN_HOME}/bin/setDomainEnv.sh fi -sed -i -e "s|ADMIN_PASSWORD|$s|g" /u01/oracle/create-wls-domain.py - -# Create an empty domain -wlst.sh -skipWLSModuleScanning /u01/oracle/create-wls-domain.py -mkdir -p ${DOMAIN_HOME}/servers/AdminServer/security/ -echo "username=${ADMIN_USERNAME}" > /u01/oracle/user_projects/domains/$DOMAIN_NAME/servers/AdminServer/security/boot.properties -echo "password=$s" >> /u01/oracle/user_projects/domains/$DOMAIN_NAME/servers/AdminServer/security/boot.properties -${DOMAIN_HOME}/bin/setDomainEnv.sh -fi - # Start Admin Server and tail the logs ${DOMAIN_HOME}/startWebLogic.sh From b3c7d34974f76072be417cb1da66fb3c40992eed Mon Sep 17 00:00:00 2001 From: Monica Riccelli Date: Thu, 28 Jun 2018 19:10:02 -0400 Subject: [PATCH 2/5] Changes to secure Admin Authentication --- OracleWebLogic/dockerfiles/12.2.1.3/README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/README.md b/OracleWebLogic/dockerfiles/12.2.1.3/README.md index 14fe3bde58..606155444f 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/README.md +++ b/OracleWebLogic/dockerfiles/12.2.1.3/README.md @@ -24,7 +24,7 @@ Before you build, select the version and distribution for which you want to buil -v: version to build. Required. Choose : 12.2.1.3 -d: creates image based on 'developer' distribution - -i: creates image based on 'infrastructure' distribution + -g: creates image based on 'generic' distribution -c: enables Docker image layer cache during build -s: skips the MD5 check of packages @@ -49,13 +49,13 @@ Before you build, select the version and distribution for which you want to buil The WebLogic Server install image (built above) allows you to run a container with a single WebLogic server domain. This makes it extreemly simple to deploy applications and any resource the application might need. #### Providing Admin server Usernasme and Password -For security reasons the username and password will be supplied in a domain.properties file located in a HOST directory that you will map at Docker run time with a -v option. This properties file will enable the scripts to configure the correct authentication for the WebLogic Admin server. +The username and password must be supplied in a domain.properties file located in a HOST directory that you will map at Docker run time with a -v option. The properties file enables the scripts to configure the correct authentication for the WebLogic Admin server. The format of the domain.properties file is key value pair: -`username=myudminsername` -`password=myadminpassword` + `username=myudminsername` + `password=myadminpassword` -**Note**: we recommend that the domain.properties file be deleted or secured after the container and the WebLogic server are started to make sure that no one can maliciously get hold of the username and password. +**Note**: Oracle recommends that the domain.properties file be deleted or secured after the container and the WebLogic server are started so the username and password are not inadvertently exposed. #### Start the Container Start a container from the image created in step 1. @@ -75,6 +75,7 @@ Run the Administration Console: `$ docker inspect --format '{{.NetworkSettings.IPAddress}}' ` + `Go to your browser and enter` https://xxx.xx.x.x:9002/console `your browser will request for you to accept Security Exception. To avoid the Security Exception you must update the WebLogic server SSL configuration with a custom identity certificate.` This returns the IP address of the container (for example, `xxx.xx.x.x`). Go to your browser and enter `https://xxx.xx.x.x:9002/console` your browser will request for you to accept Security Exception. ## Choose your Oracle WebLogic Server distribution From 0e2c8e719f1719147e7b156bd150ff3b572c3b74 Mon Sep 17 00:00:00 2001 From: Monica Riccelli Date: Thu, 28 Jun 2018 19:27:31 -0400 Subject: [PATCH 3/5] Changes to secure Admin Authentication --- OracleWebLogic/dockerfiles/12.2.1.3/README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/README.md b/OracleWebLogic/dockerfiles/12.2.1.3/README.md index 606155444f..81fb3411d1 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/README.md +++ b/OracleWebLogic/dockerfiles/12.2.1.3/README.md @@ -52,6 +52,7 @@ The WebLogic Server install image (built above) allows you to run a container wi The username and password must be supplied in a domain.properties file located in a HOST directory that you will map at Docker run time with a -v option. The properties file enables the scripts to configure the correct authentication for the WebLogic Admin server. The format of the domain.properties file is key value pair: + `username=myudminsername` `password=myadminpassword` @@ -60,6 +61,7 @@ The format of the domain.properties file is key value pair: #### Start the Container Start a container from the image created in step 1. You can override the default values of the following parameters during runtime with the `-e` option: + * `ADMIN_NAME` (default: `AdminServer`) * `ADMIN_LISTEN_PORT` (default: `7001`) * `DOMAIN_NAME` (default: `base_domain`) @@ -75,8 +77,7 @@ Run the Administration Console: `$ docker inspect --format '{{.NetworkSettings.IPAddress}}' ` - `Go to your browser and enter` https://xxx.xx.x.x:9002/console `your browser will request for you to accept Security Exception. To avoid the Security Exception you must update the WebLogic server SSL configuration with a custom identity certificate.` - This returns the IP address of the container (for example, `xxx.xx.x.x`). Go to your browser and enter `https://xxx.xx.x.x:9002/console` your browser will request for you to accept Security Exception. +Go to your browser and enter `https://xxx.xx.x.x:9002/console` your browser will request for you to accept Security Exception. To avoid the Security Exception you must update the WebLogic server SSL configuration with a custom identity certificate. ## Choose your Oracle WebLogic Server distribution From 561f1e57d6bf5570400426659359559e068e0a2f Mon Sep 17 00:00:00 2001 From: Monica Riccelli Date: Thu, 28 Jun 2018 19:32:44 -0400 Subject: [PATCH 4/5] Changes to secure Admin Authentication --- OracleWebLogic/dockerfiles/12.2.1.3/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/README.md b/OracleWebLogic/dockerfiles/12.2.1.3/README.md index 81fb3411d1..c1df56a97e 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/README.md +++ b/OracleWebLogic/dockerfiles/12.2.1.3/README.md @@ -53,8 +53,8 @@ The username and password must be supplied in a domain.properties file located i The format of the domain.properties file is key value pair: - `username=myudminsername` - `password=myadminpassword` + username=myudminsername + password=myadminpassword **Note**: Oracle recommends that the domain.properties file be deleted or secured after the container and the WebLogic server are started so the username and password are not inadvertently exposed. @@ -75,7 +75,7 @@ You can override the default values of the following parameters during runtime w Run the Administration Console: - `$ docker inspect --format '{{.NetworkSettings.IPAddress}}' ` + $ docker inspect --format '{{.NetworkSettings.IPAddress}}' Go to your browser and enter `https://xxx.xx.x.x:9002/console` your browser will request for you to accept Security Exception. To avoid the Security Exception you must update the WebLogic server SSL configuration with a custom identity certificate. From 0287716459de6c03b4f4f7dbb7bf6b21bdbe001c Mon Sep 17 00:00:00 2001 From: Monica Riccelli Date: Mon, 2 Jul 2018 14:27:49 -0400 Subject: [PATCH 5/5] Fixes to the README --- OracleWebLogic/dockerfiles/12.2.1.3/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/OracleWebLogic/dockerfiles/12.2.1.3/README.md b/OracleWebLogic/dockerfiles/12.2.1.3/README.md index c1df56a97e..347e97d5b5 100644 --- a/OracleWebLogic/dockerfiles/12.2.1.3/README.md +++ b/OracleWebLogic/dockerfiles/12.2.1.3/README.md @@ -46,10 +46,10 @@ Before you build, select the version and distribution for which you want to buil `$ docker images` ### Running a Single Server Domain from the image -The WebLogic Server install image (built above) allows you to run a container with a single WebLogic server domain. This makes it extreemly simple to deploy applications and any resource the application might need. +The WebLogic Server install image (built above) allows you to run a container with a single WebLogic server domain. This makes it extremely simple to deploy applications and any resource the application might need. #### Providing Admin server Usernasme and Password -The username and password must be supplied in a domain.properties file located in a HOST directory that you will map at Docker run time with a -v option. The properties file enables the scripts to configure the correct authentication for the WebLogic Admin server. +The username and password must be supplied in a domain.properties file located in a HOST directory that you will map at Docker run time with a -v option. The properties file enables the scripts to configure the correct authentication for the WebLogic Administration Server. The format of the domain.properties file is key value pair: @@ -77,7 +77,7 @@ Run the Administration Console: $ docker inspect --format '{{.NetworkSettings.IPAddress}}' -Go to your browser and enter `https://xxx.xx.x.x:9002/console` your browser will request for you to accept Security Exception. To avoid the Security Exception you must update the WebLogic server SSL configuration with a custom identity certificate. +Go to your browser and enter `https://xxx.xx.x.x:9002/console`. Your browser will request for you to accept Security Exception. To avoid the Security Exception you must update the WebLogic server SSL configuration with a custom identity certificate. ## Choose your Oracle WebLogic Server distribution