Web Logic Admin Best Practices Tom Janofsky Chariot

Web. Logic Admin Best Practices Tom Janofsky Chariot Solutions DVBUG – 12/16/03

Tom Janofsky l l l Architect with Chariot Solutions Instructor at PSU Abington Tjanofsky@chariotsolutions. com

Overview l l l Process Deployment Architecture Debugging WLS Administration Performance Security Scripting

Process l l l Integrate early and often on a cluster Test as early as possible on deployment platform and configuration Development team needs build manager Deploy so you can roll back Model production in your QA environment

Deployment Architecture l l KISS Have a good reason before splitting the presentation and object tier Consider Web. Logic Express Premium Prove a real improvement before using Apache for static content

More Deployment l l l Beware giving servers different internal and external names Evaluate deployments on the admin server Use domains as an administrative constraint

Debugging Administration l l l . wlnotdelete and stage Firewalls and JDBC pool shrinking One WLS version in QA and production Upgrade Web. Logic Backup config. xml Beware the console domain wizard

More Debugging Admin l l Remember licenses are IP bound Licenses at http: //elicense. bea. com, can be misleading (CPUs and products) Class. Cast. Exception and Class. Not. Found. Errors are usually problems in deployment architecture Not. Serializable. Exceptions – look for objects going into Session not tested on a cluster

More Debugging Admin l l l Use shutdown, not kill – 9 Search esupport and Google groups for problems When contacting support, fill out the whole form Deadlocks – kill – 3 Use your salesrep for real support problems

Performance l l l Focus on object tier -> DB for CRUD apps Spend $$s on network and DB machine Set headers and cache images Use replication in groups in large clusters Set max size in connection pool to max number of users

Security l l l http: //dev 2 dev. bea. com/advisories Permissions Restrict size and time limit on connections Password protect the JDBC connection pools to a role Enable security auditing

More Security l l Don’t allow JSPs in production to have keepgenerated = true No builds / no source Don’t enable the Servlet servlet in production Do not leave the File. Servlet as the default servlet

Scripting l l Write shell scripts to control disparate servers Use MBeans to ensure consistent configurations

Panel Discussion l l Keith Wilson – Vertex Inc. Don Nawrocki – GSI Commerce Tom Janofsky – Chariot Solutions Tom Purcell – Chariot Solutions

Tom Janofsky l Tjanofsky@chariotsolutions. com