Start WebLogic Server on Linux on port 80, 443 <= 1024

On Unix based system (Linux, Solaris ..), only super user (root) can start any process on port <= 1024 . From security reasons its is not desirable to run WebLogic server as root user.  Solution is to start WebLogic process as root (bind on port 80, 443) and then switch process to non privileged user like oraweblogic or nobody.

This is done by setting four properties in WebLogic  –

weblogic.system.enableSetUID (Set User ID)
weblogic.system.enableSetGID (Set Group ID)
weblogic.system.nonPrivUser(Non privledged user)
weblogic.system.nonPrivGroup(Non privledged Group)

1. By setting value of enableSetUID to true; you are instructing weblogic server to switch from ROOT(after starting weblogic server on port 80, 443 or <=1024) to lower privileged user.

2. Value assigned to nonPrivUser will be used to own weblogic server process, once its been started by superuser in port <= 1024

3. Ensure that lower privileged user should have proper access (read, write or both depending on type of type) on files (log, classes..) required by weblogic server.

4. If you wish to start and access weblogic server on both SSL (443) and non SSL (80); you need to define two Listen Port.

.

How to start WebLogic Server on port 80 or 443 on Linux/Unix

1. Login to Administration Server Console using

http://host:admin:port/console

.

2. Define new Linux machine from Administration console

Under Domain Structure >> Environment >> Machines >> New

.

3. Enter Name of Machine (Machine1) & Machine OS (Unix) and click on OK

.

4. Click on machine (Machine1) which you created above

.

5. Select “Enable Post-Bind UID” and enter Post-Bind UID
Select “Enable Post-Bind GID” and enter Post-Bind GID

click Save

In my case oraweblogic is operating system user on machine1 and dba is group of oraweblogic owning WebLogic installation/software.

.

6. Set Listen Port

Domain Structure >> Environment >> Servers >> (Select your Managed Server)

Set Listen port to 80 or 443 for respective Managed Server (Linux/Unix, for which you need to start Server on 443 or 80) and attach Machine (Machine1) you created above

.

7. Depending on setting on Admin Console you may have to activate changes from Change Center (In my case changes take into effect immediately)

.

References

 

Learn Oracle Weblogic Server Administration

 

Get 100 USD OFF + 100% Money Back Guarantee

Click here to get Early Bird Discounts

About the Author Atul Kumar

Oracle ACE, Author, Speaker and Founder of K21 Technologies & K21 Academy : Specialising in Design, Implement, and Trainings.

follow me on:

Leave a Comment:

16 comments
dangana says September 22, 2008

good day atul,
i have sent an email to atul[at]onlineappsdba.com about how to participate in this blog but have not recieved your response, hope i will recieve the response via my email address
dangana7457[at]yahoo.com
Best Regards

Reply
Atul says September 22, 2008

Hi Dangana,
Thanks for your interest, I replied to ID dangana7457[at]yahoo.com on 10th sep. with details. Sending it one more time. If you don’t see message in your inbox mail me alternate number.

Atul

Reply
Sathya says December 15, 2008

Hi Atul,
I was trying to configure WebLogic server on port 80, 443. I followed the same steps u mentioned in this blog. But i am facing an error while starting the managed server. The error trace is below,

<Cannot switch to user “oraweblogic”. java.lang.IllegalArgumentException: Cannot initgroups(“oraweblogic”), system error: ‘Operation not permitted’
java.lang.IllegalArgumentException: Cannot initgroups(“oraweblogic”), system error: ‘Operation not permitted’
at weblogic.platform.Unix.setUser0(Native Method)
at weblogic.platform.Unix.setUser(Unix.java:31)
at weblogic.t3.srvr.SetUIDRendezvous.setUser(SetUIDRendezvous.java:120)
at weblogic.t3.srvr.SetUIDRendezvous.makeUnPrivilegedFinal(SetUIDRendezvous.java:167)
at weblogic.t3.srvr.SetUIDRendezvous.finish(SetUIDRendezvous.java:96)
Truncated. see log file for complete stacktrace

I started the admin server as root and managed server as non-root. Correct me if i am wrong..

Thanks in advance.

Reply
santhosh says March 10, 2009

Hi Atul

Thanks for your posting
They are very useful to me

Can you post how to configure Apache,IIS and JBOSS with weblogic
Thanks
Santhosh

Reply
stumble says May 12, 2009

Hi Atul,

I am trying to follow these directions to set up weblogic to run on port 443. I get up to the last step and for me, there is no pull down menu to attach Machine (Machine1) that I created. It just says “(None)”

Did I do something wrong? Is there a way around this?

Thanks in advance

Reply
stumble says May 12, 2009

Ok, so I was able to figure out how to attach the machine, but I cannot activate my changes. It says that I “Cannot update ‘Machine’ while the server is running.” However, I cannot stop the server because if I do, then I will not have access to the console. Is there any way around this?

Thanks.

Reply
stumble says May 12, 2009

I understand how to stop and start the server from the command line; however, my changes never get activated. So I can stop and start it as much as I want without the machine ever getting attached to the correct server instance. Is there a way for me to activate changes from the command line after I stop weblogic?

Thank you so much!

Reply
Veeresh says March 11, 2010

Hi Atul,

all the composites in soa server are exposed as webservice as http://domain_name:8001/comositename?WSDL.

Suddenly on fly the host and port got changed to https://domain:443 . So this made all composites crashed.

And also we checked your above post..we dont have any port enabled for 443.. we are wonderd that how dynamically its got changed from http to https and 8001 port to 443.

We need your suggesion on this.Please help us.

Reply
» Changing/Starting OHS (Oracle HTTP Server) 11g on Port 80 on Unix Online Apps DBA: One Stop Shop for Apps DBA’s says June 10, 2010

[…] Changing/Starting OHS (Oracle HTTP Server) 11g on Port 80 on Unix Posted in June 10th, 2010 byAtul Kumar in fusion, ohs  Print This Post This post covers steps to start OHS (Oracle HTTP Server) 11g on port 80 on Unix (To start any process on port < 1024 that process should run as ROOT).  If you are looking for steps to start WebLogic Server on port 80 (Non SSL) or 443 (SSL) then click here […]

Reply
Paranormal says August 4, 2010

hello Atul
im facing a problem i couldnt find anything about it here nether in oracle weblogic forum
its about
Automating Weblogic Startup/Shutdown on Linux
im using CentoOS 5.5 and weblogic 10.3

but my problem is that i want to startup/shutdown weblogic on system start/shutdown
i defined weblogic as service ( i tried all levels) and it works but the problem is
when the system is booting it start weblogic but it stops continue system boot!

i also tries put the start weblogic on the .bash_profile
the system boot but when im trying to login it stops because the same problem
(weblogic startup and prevent contitnue the loginin )

i also tried to add startWeblogic in /etc/rc.d/rc.local
and the same problem when weblogic start system cant continue booting

i also tried using nohup
also the same problem

is there any way to do that
i posted this problem in oracle weblogic forum but no
answered me
so i used google and i found that you have a lot of interesting perfect articles about weblogic
i said may be i can find help here

thankx

Reply
Rajat says March 22, 2012

Hi Atul,
My Weblogic server is not starting up after this change. It says > <Cannot switch to group “oracle”. java.lang.IllegalArgumentException: setegid: no such g roup: ‘oracle’

How can i revert back the change?

Regards,
Rajat

Reply
Atul Kumar says March 27, 2012

@ Rajat,
RTo reveert back changes restore DOMAIN_HOME (domain directory) from backup.

Most of these changes are stored in $DOMAIN_HOME/config/config.xml

Reply
zia says June 19, 2013

Hi Atul,

i have SSL enabled on weblogic, how to do port redirection from 7001 to 7002 from weblogic side?

eg: if user type the URL
http://mydomain.com:7001/application it shld redirect to
https://mydomain.com:7002/application

Appreciate your help…

Thanks

Reply
    Atul Kumar says June 20, 2013

    @ Zia,
    There is no out of the box feature in weblogic to achieve this. If you want to so something like this then configure OHS or Apache in front of weblogic and use mod_rewrite to achieve this .

    Reply
fannaq says January 10, 2014

Hi Atul.

I know how to create datasource. and how to install database. but after creating datasource my test connection failed again and again.

I want to know that how to set environment variable and what are other necessary files required to edit for datasource connection.

Please provide me the step

weblogic version is 10.3.6 and oracle database is 11g

thanks,
farhan

Reply
Add Your Reply

Not found