Jan 21, 2010

Hardening OAS

Oracle Application Server (OAS) is the Web and Application server typically deployed with OBIEE. There are several settings which by default may be viewed as security weaknesses. Whether realistically a target or not, it’s good practice to always be considering security and lock down your servers as much as reasonably possible. I adopt the default stance of having to find a reason to leave something less secure, rather than justify why it needs doing.

Aug 14, 2009

Unix script to report on OBIEE and OBIA processes state

Here’s a set of scripts that I use on our servers as a quick way to check if the various BI components are up and running. Because we split the stack across servers, there are different scripts called in combination. On our dev boxes we have everything and so the script calls all three sub-scripts, whereas on Production each server will run one of: BI Server Presentation Server & OAS Informatica & DAC The scripts source another script called process_check.

May 18, 2009

Custom HTTP error page in OBIEE / OAS

It’s possible to change the error pages served up by OAS/Apache by using the ErrorDocument directive. This is widely documented. However, to get this to take effect in an oc4j application (such as analytics) you need to change mod_oc4j.conf too. (I found this out from this post here) Take backups of httpd.conf and mod_oc4j.conf, and then edit them as follows: In httpd.conf add: ErrorDocument 500 /500.html where /500.html is a relative path to your custom document

Apr 15, 2009

OBIEE and F5 BIG-IP

We’ve got a setup of two OAS/Presentation Services boxes and two BI Server boxes, with load balancing/failover throughout. The Load Balancing of the web requests is being done through a separate bit of kit, an F5 BIG-IP load balancer. This directs the requests at the two OAS servers. The problem we have is that by default OAS serves HTTP on port 7777, but the F5 is using port 80. A request for our load balanced URL: http://bi.

Apr 2, 2009

OAS makes you log in twice

A very minor irritation, but an irritation nonetheless, is when I go to Application Server Control in OAS I have to login twice. Reading around I found this is an Apache feature, and is actually designed behaviour. For reasons I’ve not explored our servers have several different hostnames which resolve to the same IP, e.g.: myserver myserver-app myserver-data When you request a page from Apache using a hostname other than that configured as ServerName in Apache’s httpd.