一、Console修改密码后,挂载的服务无法重启【解决办法】
1、打开 weblogic 控制台,安全领域 --> myrealm --> 用户和组,将会看到 weblogic 用户,可以直接删除,也可以点击 weblogic 进行修改,这里保存后立即生效。
2、这时重启 weblogic 控制台会报错,通过 cmd 可以看到如下提示信息。
<2015-6-27 下午01时02分27秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<2015-6-27 下午01时02分27秒 CST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<2015-6-27 下午01时02分27秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
#这是因为启动服务用的用户名密码和登录的是同一个,而启动时所读取的boot.properties文件中的密码还是旧的。
3、所以需要去修改 DOMAIN_HOME/servers/server_name/security/boot.properties 文件,把 username 和 password 改为明文的新密码,各 server 都得改。
4、然后重启受管服务器和管理服务器即可,启动成功后 boot.properties 文件内容已改成了密文。
二. weblogic console登录密码遗忘【解决方法】
1、首先进入 weblogic 安装目录,备份三个文件:boot.properties,DefaultAuthenticatorInit.ldift,DefaultAuthenticatormyrealmInit.initialized。
2、重新生成一个新的 DefaultAuthenticatorInit.ldift 文件。具体操作为:
#找到 weblogic.jar 路径
#在 %DOMAIN_HOME%/security 下执行如下命令:
java -classpath /data/bea/weblogic11/wlserver_10.3/server/lib/weblogic.jar weblogic.security.utils.AdminAccount weblogic weblogic123 .
#其中jar可以是相对路径,也可以是绝对路径;weblogic.security.utils.AdminAccount固定格式;weblogic 是用户名,weblogic123 是密码,最后加一个空格 和一个点. 最后一个.不要忘了)
#执行完会在当前路径下面生成一个新的 DefaultAuthenticatorInit.ldift 文件。
3、到 XX/servers/AdminServer/security 路径下新建一个 boot.properties 文件,并写入:username=weblogic password=weblogic123保存。
4、删除 XX/servers/AdminServer/data/ 下面的ldap文件夹,
5、重新启动 weblogic,启动成功,即可删除备份的 boot.properties,DefaultAuthenticatorInit.ldift,DefaultAuthenticatormyrealmInit.initialized 三个文件。
三. 问题补充说明
帐号/密码修改后启动 weblogic 失败,我遇上两种情况. 错误差异都是从:<Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>语句之后开始体现的.
3.1. 当通过./startManagedWebLogic.sh 启动时,手动输入错误的密码,打印日志如下:
假设现在帐号/密码已从 weblogic/weblogic123 改成 weblogic/weblogic798 ,此时故意输错密码成 wbwbwb
[weblogic@localhost bin]$ ./startManagedWebLogic.sh httpserver http://localhost:7001
.
.
JAVA Memory arguments: -Xms256m -Xmx512m -XX:MaxPermSize=128m
.
WLS Start Mode=Production
.
CLASSPATH=/home/weblogic/Oracle/Middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/weblogic/Oracle/Middleware/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/weblogic/Oracle/Middleware/jdk160_29/lib/tools.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/weblogic_sp.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/weblogic.jar:/home/weblogic/Oracle/Middleware/modules/features/weblogic.server.modules_10.3.6.0.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/webservices.jar:/home/weblogic/Oracle/Middleware/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/weblogic/Oracle/Middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/xqrl.jar:.:/home/rootbobo/data/jdk/jdk1.7.0_80/lib/dt.jar:/home/rootbobo/data/jdk/jdk1.7.0_80/lib/tools.jar
.
PATH=/home/weblogic/Oracle/Middleware/wlserver_10.3/server/bin:/home/weblogic/Oracle/Middleware/modules/org.apache.ant_1.7.1/bin:/home/weblogic/Oracle/Middleware/jdk160_29/jre/bin:/home/weblogic/Oracle/Middleware/jdk160_29/bin:/home/rootbobo/data/jdk/jdk1.7.0_80/bin:/usr/lib64/qt-3.3/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/weblogic/bin
.
***************************************************
* To start WebLogic Server, use a username and *
* password assigned to an admin-level user. For *
* server administration, use the WebLogic Server *
* console at http://hostname:port/console *
***************************************************
starting weblogic with Java version:
java version "1.6.0_29"
Java(TM) SE Runtime Environment (build 1.6.0_29-b11)
Java HotSpot(TM) Server VM (build 20.4-b02, mixed mode)
Starting WLS with line:
/home/weblogic/Oracle/Middleware/jdk160_29/bin/java -server -Xms256m -Xmx512m -XX:MaxPermSize=128m -Dweblogic.Name=httpserver -Djava.security.policy=/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.ProductionModeEnabled=true -Dweblogic.security.SSL.trustedCAKeyStore=/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/cacerts -da -Dplatform.home=/home/weblogic/Oracle/Middleware/wlserver_10.3 -Dwls.home=/home/weblogic/Oracle/Middleware/wlserver_10.3/server -Dweblogic.home=/home/weblogic/Oracle/Middleware/wlserver_10.3/server -Dweblogic.management.discover=false -Dweblogic.management.server=http://localhost:7001 -Dwlw.iterativeDev=false -Dwlw.testConsole=false -Dwlw.logErrorsToConsole=false -Dweblogic.ext.dirs=/home/weblogic/Oracle/Middleware/patch_wls1036/profiles/default/sysext_manifest_classpath:/home/weblogic/Oracle/Middleware/patch_ocp371/profiles/default/sysext_manifest_classpath weblogic.Server
<2017-5-18 下午04时35分50秒 CST> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
<2017-5-18 下午04时35分50秒 CST> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
<2017-5-18 下午04时35分51秒 CST> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) Server VM Version 20.4-b02 from Sun Microsystems Inc.>
<2017-5-18 下午04时35分52秒 CST> <Info> <Security> <BEA-090065> <Getting boot identity from user.>
Enter username to boot WebLogic server:weblogic
Enter password to boot WebLogic server:
<2017-5-18 下午04时35分59秒 CST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3.6.0 Tue Nov 15 08:52:36 PST 2011 1441050 >
<2017-5-18 下午04时36分01秒 CST> <Emergency> <Management> <BEA-141151> <The admin server could not be reached at http://localhost:7001.>
<2017-5-18 下午04时36分01秒 CST> <Info> <Configuration Management> <BEA-150018> <This server is being started in managed server independence mode in the absence of the admin server.>
<2017-5-18 下午04时36分01秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<2017-5-18 下午04时36分01秒 CST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<2017-5-18 下午04时36分01秒 CST> <Notice> <Log Management> <BEA-170019> <The server log file /home/weblogic/Oracle/Middleware/user_projects/domains/base_domain/servers/httpserver/logs/httpserver.log is opened. All server side log events will be written to this file.>
<2017-5-18 下午04时36分04秒 CST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<2017-5-18 下午04时36分04秒 CST> <Critical> <Security> <BEA-090403> <Authentication for user weblogic denied>
<2017-5-18 下午04时36分04秒 CST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Truncated. see log file for complete stacktrace
>
<2017-5-18 下午04时36分04秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<2017-5-18 下午04时36分04秒 CST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<2017-5-18 下午04时36分04秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
[weblogic@localhost bin]$
如果是这个问题,用正确的用户名,密码再次启动就可以了
3.2. 误以为 boot.properties 配置错误,其实是 NodeManager.sh 密码问题
该错误一般在使用 NodeManager.sh 启动被管理 Server 时会报.
[weblogic@localhost bin]$ ./startWebLogic.sh
.
.
JAVA Memory arguments: -Xms256m -Xmx512m -XX:MaxPermSize=128m
.
WLS Start Mode=Production
.
CLASSPATH=/home/weblogic/Oracle/Middleware/patch_wls1036/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/weblogic/Oracle/Middleware/patch_ocp371/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/home/weblogic/Oracle/Middleware/jdk160_29/lib/tools.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/weblogic_sp.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/weblogic.jar:/home/weblogic/Oracle/Middleware/modules/features/weblogic.server.modules_10.3.6.0.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/webservices.jar:/home/weblogic/Oracle/Middleware/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/home/weblogic/Oracle/Middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/common/derby/lib/derbyclient.jar:/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/xqrl.jar:.:/home/rootbobo/data/jdk/jdk1.7.0_80/lib/dt.jar:/home/rootbobo/data/jdk/jdk1.7.0_80/lib/tools.jar
.
PATH=/home/weblogic/Oracle/Middleware/wlserver_10.3/server/bin:/home/weblogic/Oracle/Middleware/modules/org.apache.ant_1.7.1/bin:/home/weblogic/Oracle/Middleware/jdk160_29/jre/bin:/home/weblogic/Oracle/Middleware/jdk160_29/bin:/home/rootbobo/data/jdk/jdk1.7.0_80/bin:/usr/lib64/qt-3.3/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/weblogic/bin
.
***************************************************
* To start WebLogic Server, use a username and *
* password assigned to an admin-level user. For *
* server administration, use the WebLogic Server *
* console at http://hostname:port/console *
***************************************************
starting weblogic with Java version:
java version "1.6.0_29"
Java(TM) SE Runtime Environment (build 1.6.0_29-b11)
Java HotSpot(TM) Server VM (build 20.4-b02, mixed mode)
Starting WLS with line:
/home/weblogic/Oracle/Middleware/jdk160_29/bin/java -server -Xms256m -Xmx512m -XX:MaxPermSize=128m -Dweblogic.Name=AdminServer -Djava.security.policy=/home/weblogic/Oracle/Middleware/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.ProductionModeEnabled=true -da -Dplatform.home=/home/weblogic/Oracle/Middleware/wlserver_10.3 -Dwls.home=/home/weblogic/Oracle/Middleware/wlserver_10.3/server -Dweblogic.home=/home/weblogic/Oracle/Middleware/wlserver_10.3/server -Dweblogic.management.discover=true -Dwlw.iterativeDev=false -Dwlw.testConsole=false -Dwlw.logErrorsToConsole=false -Dweblogic.ext.dirs=/home/weblogic/Oracle/Middleware/patch_wls1036/profiles/default/sysext_manifest_classpath:/home/weblogic/Oracle/Middleware/patch_ocp371/profiles/default/sysext_manifest_classpath weblogic.Server
<2017-5-18 下午05时03分53秒 CST> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
<2017-5-18 下午05时03分53秒 CST> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
<2017-5-18 下午05时03分54秒 CST> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) Server VM Version 20.4-b02 from Sun Microsystems Inc.>
<2017-5-18 下午05时03分55秒 CST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3.6.0 Tue Nov 15 08:52:36 PST 2011 1441050 >
<2017-5-18 下午05时03分56秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<2017-5-18 下午05时03分56秒 CST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<2017-5-18 下午05时03分56秒 CST> <Notice> <Log Management> <BEA-170019> <The server log file /home/weblogic/Oracle/Middleware/user_projects/domains/base_domain/servers/AdminServer/logs/AdminServer.log is opened. All server side log events will be written to this file.>
<2017-5-18 下午05时04分00秒 CST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<2017-5-18 下午05时04分00秒 CST> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
<2017-5-18 下午05时04分00秒 CST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:960)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Truncated. see log file for complete stacktrace
>
<2017-5-18 下午05时04分00秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<2017-5-18 下午05时04分00秒 CST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<2017-5-18 下午05时04分00秒 CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
原因分析:
其实这个时候我们已修改了 AdminServer 管理控制台密码,但是 NodeManager 记住的还是旧密码。而用 NodeManager 启动被管理 Server 时,是不需要读取 boot.properties 的,只有在用 ./startManagerWeblogic.sh 时才需要用到 boot.properties 帐号密码.
解决思路:
1、需要进入wlst(weblogic script tool), 让 NodeManager 重新抓取 AdminServer 的配置
#以下命令,请一句一句执行.
cd /data/weblogic/wls/wlserver_10.3/common/bin
sh ./wlst.sh
connect(‘weblogic‘,‘password123‘,‘t3://ip:7004‘)
nmEnroll(‘/data/weblogic/servers/m95/‘)
disconnect()
exit()
2、执行完毕,重启NodeManager
3、控制台启动被管理Server下.
注意:这里如果还是报一样错误.....没关系,进入到被管理server目录下,清下缓存
cd /oracle/esbapp/bea/weblogic11/user_projects/domains/esb_domain/servers/vhlSearch/
rm -rf tmp
rm -rf stage/
rm -rf cache/
rm -rf data
参考
https://blog.csdn.net/nayan8664/article/details/81330086
nmEnroll解释: 参考 https://my.oschina.net/psuyun/blog/145595#OSC_h2_1 搜索 nmEnroll .