This blog post covers the issue & fix which I encountered while performing Hands-On Lab for our EBS R12 On OCI Training. While accessing the WebLogic Console from the Oracle EBS environment created from Oracle EBS Cloud Manager.
If you don’t know how to deploy Oracle EBS Environment using Oracle EBS Cloud Manager check here.
Issue Encountered
While accessing the WebLogic Admin console <http://<Apps_tier_public_IP>:7001/console> I encountered with the following error:
Error: “The Server is not able to service this request: [Socket:000445]Connection rejected, filter blocked Socket, weblogic.security.net.FilterException: [Security:090220]rule 2”
Also Check Our Blog Post on OCI Migration.
Root Cause
The error I encountered is due to WebLogic offers a concept called “connection filter“. Connection filters provide network layer access control and allow the server(s) to block unwanted communication based on different criteria. To know more about the Weblogic Connection filter click here.
You can check the WebLogic connector filter configuration under the config.xml file. To know more about config.xml check here
Note: config.xml is a file that contains all the WebLogic configurations
In the above config.xml file, you can see that it is blocking the connection for 0.0.0.0/0 where 0.0.0.0/0 is nothing but public internet.
Note: Using Weblogic Connection filter you can also whitelist particular IP
Also Read: Oracle OCI vs OCI Classic, to know the major differences between them.
Fix
1)Open the config.xml file
(/u01/install/APPS/fs1/FMW_Home/user_projects/domains/EBS_domain/config)
2)Backup your config.xml file before making any changes
eg: $ cp -R config.xml config.xml_bkp
3)Search for connection -filter-rule
4)Change the string “deny” to “allow”
5)Save the config.xml file & bounce the Application services’
To know how to Start/Stop Application services check here.
Now you will be able to access the WebLogic console!!!
If you find the blog useful don’t forget to share with your friends & colleague.
Related/References
- [Video] Oracle EBS R12 on Cloud For Beginners: 7 Things You Must Know
- Oracle EBS Cloud Manager: New Release (19.3.1) Is Now Available
- April 2019 EBS Cloud Manager Updates(19.1.1)
- [Troubleshoot] instance ocid1.instance.oc1.iad.XX Not Found While Deploying EBS Cloud Manager: config.pl
- Oracle EBS (R12) on Cloud (OCI) Beginners: 15 Things Apps DBAs Must Know
- [Video] Role of Oracle Apps DBA (EBS) R12 On Cloud
Next Task For You
Join our FREE Masterclass on Build, manage & Migrate EBS R12 to Cloud For Beginners. Click on the image below to register for FREE
Soumya says
This is pretty much a temporary solution.
Next time you run autoconfig, the issue pops up, and you need to do the same steps all over again
Rohit Pathak Pathak says
Hi Soumya,
Yes this is the temporary solution, this even not required if you are accessing the Weblogic console within the network, this only required if you are accessing it outside the network.
Thanks & Regards,
Rohit
Victor Finberg says
Hi
we need this as a permanenet solution
and want this not to be overwritten after adconfig
any idea what is the template to be changed for it ?
Ashish Mehta says
I have the same question/point as others have mentioned, what is the permanent solution ?
From somewhere that ‘deny’ entry is coming, what is the source of this ?
We need to fix the source to fix it permanent .
Thanks
Sumit Singh says
Hi Ashish,
The value is “deny” by default to deny access to UNWANTED Connections at the network level. You can access the Weblogic within the network, this is only required if you are accessing it outside the network.
Since this is a default value you need to change it manually.
You can also check the Oracle doc for the same: Failed to Access WebLogic Console with Error “[Socket:000445]Connection rejected, filter blocked Socket, weblogic.security.net.FilterException” (Doc ID 2680320.1)
I hope this answers your query.
Thanks