Skip to Main Content

Integration

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Impact of updating Skew Clock property under message security in WSM domain

4229689Apr 14 2020 — edited Apr 14 2020

Hi,

We need to understand the impact of updating skew clock property under the message security tab in the WSM domain configuration of the WebLogic server.

Currently, we need to implement an Oauth2 token authorization service in SOA BPEL service and get the refreshed token from Microsoft token provider service immediately after the token expires.

But we find that the JWT Token received from Microsoft gets stored in WSM cache-store until it expired.

JWT token lifetime was affected by clock skew property value set under the message security tab in WSM domain configuration.

Skew Clock : 360,000 ms

JWT Token Actual Lifetime: 1 hour

JWT Token Actual Start-Time: Issued At Time (IAT) attached with the token

JWT Token Updated Start time after Skew Clock Consideration: IAT - Skew Clock

JWT Token Actual End-Time: Expire At Time  (exp) attached with the token

JWT Token Updated End time after Skew Clock Consideration: EXP + Skew Clock

The exceptions were received between the period of JWT token Actual end-time(expired at client side) and the JWT token expiry time in the WebLogic server.

By this, we got to understand that the client machine runs in the same clock time as the WebLogic server. So, in this case, as the client skew clock value has 0ms(zero) we need to have server skew clock value to be updated from 360,000ms (default) to 0ms(zero) in order to be in sync.

Our Questions are,

1. Can skew clock property under the message security section of the WSM Domain configuration of the WebLogic Server can be set to 0ms?

2. What if, when WebLogic server needs to connect with multiple clients with different clock times. How should be the skew clock configured to have no exceptions and data loss?

Comments

Dude!

You should be able to open the vi utility by simply giving the absolute path:

# cd ~

# /bin/vi .bashrc

There isn't really much in .bashrc

# cat .bashrc

# .bashrc

# User specific aliases and functions

alias rm='rm -i'

alias cp='cp -i'

alias mv='mv -i'

# Source global definitions

if [ -f /etc/bashrc ]; then

    . /etc/bashrc

fi

ReemaPuri

Actually  when i logged in with root user  then i am not able to use vi command

[reema@reema Desktop]$ vi /etc/oratab

[reema@reema Desktop]$ su

Password:

[root@reema Desktop]# vi /etc/oratab

bash: vi: command not found

[root@reema Desktop]#

But  with normal user i am able to use vi command

why ?

Dude!

When you type "vi", the command line interpreter attempts to locate the path to the executable by walking through the directories defined by the PATH environment variable. If your PATH does not contain the directory where the program resides, you will have to specify the correct path instead, e.g.: /bin/vi. The PATH environment variable and other things are defined in the login scripts, such as .bashrc, /etc/profile, etc. and read depending on your type of shell. Note the difference between "su" and "su -". The later will perform a login and reset the current environment. You obviously screwed up the root login environment.

[root@localhost ~]# ls -al

total 36

dr-xr-x---.  2 root root 4096 Jan  3 00:00 .

drwxr-xr-x. 17 root root 4096 Jan  3 00:00 ..

-rw-------.  1 root root  903 Jan  2 21:43 anaconda-ks.cfg

-rw-------.  1 root root  525 Jan  3 01:24 .bash_history

-rw-r--r--.  1 root root   18 Apr 30  2014 .bash_logout

-rw-r--r--.  1 root root  176 Apr 30  2014 .bash_profile

-rw-r--r--.  1 root root  176 Apr 30  2014 .bashrc

-rw-r--r--.  1 root root  100 Apr 30  2014 .cshrc

-rw-r--r--.  1 root root  129 Apr 30  2014 .tcshrc

[root@localhost ~]# cat .bash_profile

# .bash_profile

# Get the aliases and functions

if [ -f ~/.bashrc ]; then

    . ~/.bashrc

fi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin

export PATH

[root@localhost ~]#

ReemaPuri

Yes u r right but what i found is in .bash_profile

Screenshot.png

I am setting in .bash_rc

export ORACLE_HOME=/u01/app/oracle/

product/11.2.0/dbhome_1
export PATH=$ORACLE_HOME/bin:$/u01/app/oracle/product/11.2.0/dbhome_1
export PATH

Is it my Path clashing am i right

in .bash_profile and .bash_rc

Dude!
Answer

Pretty much everything there is wrong. What you probably want to set is the following:

export ORACLE_BASE=/u01/app/oracle

export ORACLE_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1

export PATH=$PATH:$ORACLE_HOME/bin

or better:

$ . oraenv

Enter your oracle SID and all your Oracle environment variables will be set.

Marked as Answer by ReemaPuri · Sep 27 2020
1 - 5

Post Details

Added on Apr 14 2020
0 comments
325 views