“Sudo su - weblogic” via a Java Program?

I am trying to connect my remote unix machine and execute some ssh commands using a java program.

connection = new Connection(hostname);                                                   connection.connect(); boolean isAuthenticated = connection.authenticateWithPassword(username, password); if (isAuthenticated == false)     throw new IOException("Authentication failed.");     Session session = connection.openSession(); session.execCommand("sudo su - weblogic");   

Here it needs password again & ofcrs, I can't provide because there is no terminal. So created a user.sh file @ my unix user home direcotry (/home/..../bharat) with below content.

echo <mypassword> | sudo -S su - weblogic sudo -S su - weblogic 

but now if I call bash user.sh like below

session.execCommand("bash user.sh");  

after logging in with my user in java, it gives below error & could not figure out the resolution for this yet.

sudo: sorry, you must have a tty to run sudo sudo: sorry, you must have a tty to run sudo 

Please help :)

1 Answers

Answers 1

As you and @rkosegi say, su needs a terminal session for the password.

It looks like the Ganymed SSH-2 library in the example? This has an option for a shell session. Clearly you now need to handle reading and writing through stdout and stdin directly though.

For example, with a couple of methods to keep it simpler:

public class SshTerminal {     private Connection connection;     private Session session;      private Reader reader;     private PrintWriter writer;     private String lastResponse;      public SshTerminal(String hostname, String username, String password)             throws JSchException, IOException {         connection = new Connection(hostname);         connection.connect();         boolean isAuthenticated = connection.authenticateWithPassword(username,                 password);         if (isAuthenticated == false)             throw new IOException("Authentication failed.");         session = connection.openSession();         session.requestDumbPTY();         session.startShell();          writer = new PrintWriter(session.getStdin());         reader = new InputStreamReader(session.getStdout());     }      public void send(String command) {         writer.print(command + "\n");         writer.flush();     }      public void waitFor(String expected) throws IOException {         StringBuilder buf = new StringBuilder();         char[] chars = new char[256];         while (buf.indexOf(expected) < 0) {             int length = reader.read(chars);             System.out.print(new String(chars, 0, length));             buf.append(chars, 0, length);         }          int echoEnd = buf.indexOf("\n");         int nextPrompt = buf.lastIndexOf("\n");         if (nextPrompt > echoEnd)             lastResponse = buf.substring(echoEnd + 1, nextPrompt);         else             lastResponse = "";     }      public String getLastResponse() {         return lastResponse;     }      public void disconnect() {         session.close();         connection.close();     } } 

This then worked fine:

    SshTerminal term = new SshTerminal(host, username, password);      term.waitFor("$ ");     term.send("su -");     term.waitFor("Password: ");     term.send(rootPassword);     term.waitFor("# ");     term.send("ls /root");     term.waitFor("# ");     term.send("cat /file-not-found 2>&1");     term.waitFor("# ");      term.send("cat /var/log/messages");     term.waitFor("# ");     String logFileContent = term.getLastResponse();      term.send("exit");     term.waitFor("$ ");     term.send("exit");      term.disconnect();      String[] lines = logFileContent.split("\n");     for (int i = 0; i < lines.length; i++)         logger.info("Line {} out of {}: {}", i + 1, lines.length, lines[i]); 

That includes examples of parsing the lines in a response, and forcing error output through.

Clearly some of the responses there might be different in your environment.

Read More

WebLogic stopManagedWeblogic.sh script prompts for username and password for shutting down managed server

The managed server created in the WebLogic 12c environment is prompting for the username and password when stopping the managed server with stopManagedWeblogic.sh script even when boot.properties file is present with correct credentials.

The boot.properties file configured in some other accessible location whose path is specified using -Dweblogic.system.BootIdentityFile java option

I've observed below strange behavior

• It's not prompting for username and password when starting the managed server with startManagedWeblogic.sh script(I suppose it's looking into boot.properties file).
• It's not prompting for username and password when starting and stopping admin server

It's prompting for username and password only in case of managed server shutdown using stopManagedWeblogic.sh script.

Is passwordless managed server shutdown not supported in WebLogic ?, as I don't want username and password specified as a parameter to stop script.

1 Answers

Answers 1

I faced a similar issue and could resolve it by trying the following:

1. create the directory <domain_home>/servers/<managed_server>/security
2. create boot.properties in the above directory with the below values:
   username=<username>
   password=<password>
   

Now, start/stopManagedWeblogic.sh would work without prompting for credentials.

Read More

Why Session Destroyed Event triggered multiple times for one Http Session on WebLogic Cluster

I have a weblogic 12c, configured with one cluster, 4 node instances in the cluster, Default Load Algorithm is Round Robin, Replication Type is MAN. I deploy one web application on all 4 nodes.

Issue:
During the run time, I found that to one http session, sessionDestroyed event would be triggered more than one time when it becomes time out in the weblogic (1 hour). But per log, sessionCreated event was only triggered one time.

It confused me. Does there has any magic? I remember per the official documentation, session replication among the cluster instance should be transparent to the developers. So that what is expected is only one sessionCreated event and only one sessionDestroyed event would be triggered for one http session.

Attach the Log:

DEBUG Oct-20-17 01:53:40 [[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'] (AMCSessionListener-27  ) - Session: wIc4WB62vlaYR_tMRMIc0WpBHchh5fbwpinxgaig4mJRJFhlPUcj!-1795465203!1400921280!1508478820022 Created at Fri Oct 20 01:53:40 EDT 2017 DEBUG Oct-20-17 02:54:05 [[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'] (AMCSessionListener-46  ) - Session: wIc4WB62vlaYR_tMRMIc0WpBHchh5fbwpinxgaig4mJRJFhlPUcj!-1795465203!1400921280!1508478820022 Destroyed at Fri Oct 20 02:54:05 EDT 2017 DEBUG Oct-20-17 02:55:12 [[ACTIVE] ExecuteThread: '17' for queue: 'weblogic.kernel.Default (self-tuning)'] (AMCSessionListener-46  ) - Session: wIc4WB62vlaYR_tMRMIc0WpBHchh5fbwpinxgaig4mJRJFhlPUcj!173379423!1400921280!1508478820022 Destroyed at Fri Oct 20 02:55:12 EDT 2017 

Below is my weblogic configuration:

<?xml version="1.0" encoding="UTF-8"?> <weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/90" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">   <session-descriptor>     <cookie-path>/AppName</cookie-path>     <persistent-store-type>replicated</persistent-store-type>     <http-proxy-caching-of-cookies>true</http-proxy-caching-of-cookies>     <cookie-secure>true</cookie-secure>      </session-descriptor>   </weblogic-web-app> 

This is my session configure in the web.xml inside web application:

<session-config>     <session-timeout>60</session-timeout> </session-config> 

This is my SessionListener.java:

public class SessionListener implements HttpSessionListener {      private static Logger logger = Logger.getLogger(SessionListener.class);      @Override     public void sessionCreated(HttpSessionEvent se) {         if (logger.isDebugEnabled()) {             logger.debug("Session: " + se.getSession().getId() + " Created at " + (new java.util.Date()));         }     }      @Override     public void sessionDestroyed(HttpSessionEvent se) {         if (logger.isDebugEnabled()) {             logger.debug("Session: " + se.getSession().getId() + " Destroyed at " + (new java.util.Date()));         }     } } 

This code for manually logout:

@RequestMapping(value = "/logout", method = RequestMethod.GET) public ModelAndView logout(HttpServletRequest request,             HttpServletResponse response) throws Exception {          ...         // Business Logic for Logout         ...          request.getSession().invalidate();          CommonViewObject vo = new CommonViewObject();         return renderReponse(request, response, vo, "Login"); } 

Any suggestion would be appreciated. I need address the issue, thank you!

Update:

According to my investigation in this week, I found that the second time call on sessionDestroyed is triggered by the time out of secondary session created by weblogic session replication, which is what I do not want. Do we have any way to avoid this?

1 Answers

Answers 1

If you force the user to logout via the invalidate()method, then HttpSessionListener sessionDestroyed() method is called twice, once when they logout, and a second time after some delayed time period.

This occurs if after the logout you redirect the user back to a web page within your application. What you're essentially doing is starting another session (which may not be immediately obvious if you haven't added security/authentication requirements to all your web pages), and the delayed second call of the sessionDestroyed() method is a timeout occurring.

The simple solution, on logout redirect the user to a web page outside of your application.

You may be interested to look :

JDev/ADF: How to log user login/logout/timeout to the database

JSP Servlet session invalidate() does not make session null

Read More

getting all requestee and requestor calls in weblogic cluster

Pretty high level question here but is there a way to understand what all the calls are being made in a weblogic cluster? for instance, service A is calling service B and/or serviceD is being called by serviceG?

in essence, how do I get to all of the t3 calls being made inside of a weblogic cluster and who they are being made to

0 Answers

Read More