Resolving 'ORA-00959: tablespace 'TABLE_SPACE' does not exist when importing db dump

This is a simple one.

I was importing data dump with following command.

impdp system/password schemas=db_dump_schema remap_schema=db_dump_schema:locally_mapped_schema directory=DB_DUMPS DUMPFILE=dump_file_name.dmp LOGFILE=DB_LOGS:import.log

But I got following error.

Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

Master table "SYSTEM"."SYS_IMPORT_SCHEMA_05" successfully loaded/unloaded

Starting "SYSTEM"."SYS_IMPORT_SCHEMA_05":  system/******** schemas=db_dump_schema remap_schema=db_dump_schema:locally_mapped_schema directory=DB_DUMPS DUMPFILE=dump_file_name.dmp LOGFILE=DB_LOGS:import.log

Processing object type SCHEMA_EXPORT/USER

ORA-39083: Object type USER failed to create with error:

ORA-00959: tablespace 'IMPORTED_TABLE_SPACE' does not exist

Failing sql is:

Obliviously I've not mapped table space to an existing table space

So

1) Find out available table spaces

SELECT TABLESPACE_NAME, STATUS, CONTENTS FROM USER_TABLESPACES;

You'll see an output similar to

2) Remap table space to an existing one

impdp system/password schemas=db_dump_schema remap_schema=db_dump_schema:locally_mapped_schema directory=DB_DUMPS DUMPFILE=dump_file_name.dmp LOGFILE=DB_LOGS:import.log remap_tablespace=IMPORTED_TABLE_SPACE:SYSTEM,IMPORTED_SCHEMA_INDEX:SYSTEM

Addressing 'Caused by: java.lang.RuntimeException: Cannot find System Java Compiler.' in Jenkins

I maintain this blog to keep track of common errors encountered in testing and how to solve them so that they'll be useful to anyone including myself.

So this is another one.

In this current CI environment I work, all the jobs run successfully, but when I added a new job for a TestNG project it complained about JAVA_HOME not being found.

Obviously in the environment where this happened, only JRE is installed and I didn't want to change any settings so that there's a possibility of it affecting other tests and jobs.

Solutions

 So the solution was to add a JDK specifically for this job.

01) Add JDK configuration in Jenkins global configuration (Jenkins -> Manage Jenkins -> Global tool configuration

 

Even if that specific JDK version is not in the environment, it's possible to download it automatically and install it. What you have to do is provide valid credential to download the binary.

NOTE : I'm using a rather old version of Jenkins here. So steps can be bit different. Specially from where JDK version can be added.

02) I've already configured the job. So this new JDK option did not show up automatically at job configuration UI. So had to restart Jenkins server

03) Now choose the JDK in Job configuration page.

 

04) Save the configuration and trigger a job. Now it should pick up the JDK version mentioned above and should no longer throw the initial error.

05) Then I ran into another issue and worth mentioning it here. Jenkins download the JDK version and when it tries to access and install it, that operation fails due to not having enough permission.

Software Deployment failure - The requested operation requires elevation




Solution

 06) followed the steps in https://www.manageengine.com/products/desktop-central/software_installation_requires_elevation.html

Turn off UAC in the client computers

 

To turn off UAC follow the steps below,

1. Select Control Panel --> User Account
   
   1. For Windows 7 and Windows 2008 R2,
      
      1. click User Account Control Settings link.
      2. This opens the User Account Control Settings dialog showing the control level.
      3. Drag and choose the control level to Never Notify and click OK
   2. For Windows Vista and Windows 2008
      
      1. Click "Turn User Account Settings On or Off link
      2. Uncheck the "Use User Account Control (UAC) to protect your computer" option and click OK
2. Close the Control Panel dialog.
3. Restart the computer after disabling the UAC for the changes to take effect.

 

 

 

 

Email based login for tenants - For WSO2 Carbon based Products.

This simple blog post explains how to configure WSO2 Carbon based servers to support email authentication for tenants.

e.g :  If the tenant domain is pavithra.com and if the email user name of the tenant user is pavithra@wso2.com, then "pavithra@wso2.com@pavithra.com" should be able to login to management console of WSO2 products

1) To support email authentication, enable following property in user-mgt.xml (CARBON_HOME/repository/conf)


2) Change following two properties in primary user store manager


3) Remove following property


After this configuration, tenants will be able to login with email attribute (email@tenantDomain)

e.g : pavithra@wso2.com@pavithra.com

References :

- https://wso2.org/jira/browse/IDENTITY-1766

Configuring Active Directory (Windows 2012 R2) to be used as a user store of WSO2 Carbon based products

The purpose of this blog post is not to explain the steps on how to configure AD as primary user store. Above information is covered from WSO2 Documentation. My intention is to give some guide on how to configure AD LDS instance to work over SSL and how to export/import certificates to the trust store of WSO2 servers.

To achieve this, we need to

1. Install AD on Windows 2012 R2
2. Install AD LDS role in Server 2012 R2
3. Create an AD LDS instance
4. Install Active Directory Certificate Service in the Domain Controller (Since we need to get AD LDS instance work over SSL)
5. Export certificate used by Domain Controller.
6. Import the certificate to client-truststore.jks in WSO2 servers.

Also this information is already covered from following two great blog posts by Suresh. So my post will be an updated version of them and will fill some gaps and link some missing bits and pieces.

1. http://sureshatt.blogspot.com/2012/06/installing-ad-lds-role-in-server-2008.html
2. http://sureshatt.blogspot.com/2012/06/creating-ad-lds-instance.html

Let's get started. 

1. Assume you have only installed Windows 2012 R2 and now you need to install AD too. Following article clearly explains all the steps required.

http://www.rackspace.com/knowledge_center/article/installing-active-directory-on-windows-server-2012

Note : As mentioned in the article itself, it is written assuming that there's no existing Active Directory Forrest. If you need to configure the server to act as the Domain Controller for an existing Forrest, then following article will be useful

http://blogs.technet.com/b/canitpro/archive/2013/05/05/step-by-step-adding-a-windows-server-2012-domain-controller-to-an-existing-windows-2003-network.aspx

2) Now you've installed Active Directory Domain Service and the next step is to install AD LDS role. 

- Start - > Open Server Manager -> Dashboard and Add roles and feature

- In the popup wizard, Installation type -> select Role-based or feature based option and click the Next button. 

- In the Server Selection, select current server which is selected by default. Then click Next.

- Select AD LDS (Active Directory Lightweight Directory Service ) check box in Server Roles  and click Next.

- Next you'll be taken through wizard and it will include AD LDS related information. Review that information and click Next.

- Now you'll be prompted to select optional feature. Review it and select the optional features you need (if any) and click next.

- Review installation details and click Install.

- After successful AD LDS installation you'll get a confirmation message.

3. Now let's create an AD LDS instance. 

- Start -> Open Administrative Tools.  Click Active Directory Lightweight Directory Service Setup Wizard.

-  You'll be directed to Welcome to the Active Directory Lightweight Directory Services Setup Wizard. Click Next.

- Then you'll be taken to Setup Options page. From this step onwards, configuration is same as mentioned in 

http://sureshatt.blogspot.com/2012/06/creating-ad-lds-instance.html

4. As explained in above blog, if you pick Administrative account for the service account selection, then you won't have to specifically create certificates and assign them to AD LDS instance. Instead the default certificates used by the Domain Controller can be accessed by AD LDS instance.

To achieve this, let's install certificate authority on Windows 2012 server (if it's not already installed). Again I'm not going to explain it in details because following article covers all required information

http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/

5. Now let's export the certificate used by Domain controller

- Go to MMC (Start -> Administrative tools -> run -> MMC)

- File -> Add or Remove Snap-ins

- Select certificates snap-in and click add.

-Select computer account radio button and click Next.

- Select Local computer and click Finish.

Now restart the Windows server.

- In MMC, click on Certificates (Local Computer) -> Personal -> Certificates.

- There you'll find bunch of certificates.

- Locate root CA certificate, right click on it -> All Tasks and select Export.

Note : The intended purpose of this certificate is all. (Not purely for server authentication.) It's possible to create a certificate for server authentication and use it for LDAPS authentication. [1] and [2] explains how it can be achieved.

For the moment I'm using the default certificate for LDAPS authentication.

- In the Export wizard, select Do not export private key option and click Next.

- Select DER encoded binary X.509 (.cer) format and provide a location to store the certificate.

6. Import the certificate to trust store in WSO2 Server.

Use following command to import the certificate to client-truststore.jks found inside CARBON_HOME/repository/resource/security.

keytool -import -alias adcacert -file/cert_home/cert_name.cer -keystore CARBON_HOME/repository/resource/security/client-trustsotre.jks -storepass wso2carbon

After this, configuring user-mgt.xml and tenant-mgt.xml is same as explained in WSO2 Documentation.

[1] http://variablerelations.blogspot.com/2012/09/windows-2008-r2-ad-lds-securing-with.html

[2] http://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-ldaps-certificate.aspx

Error while regenerating application token when IS is acting as key manager

Tried the scenario in following version :
WSO2 Identity Server 5.0.0
WSO2 API Manger 1.7.1

In this scenario WSO2 IS acts as key manager and I was following following guide
https://docs.wso2.com/display/CLUSTER420/Configuring+WSO2+Identity+Server+as+the+Key+Manager

After all the configuration is done, created an API, published it, subscribed and created an application token.

When regenerating the token I observed exact issue reported at https://wso2.org/jira/browse/APIMANAGER-2738

[2014-09-09 11:12:04,737] ERROR - APIStoreHostObject Error in getting new accessToken
org.apache.axis2.AxisFault: Error in getting new accessToken
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:445)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
    at org.wso2.carbon.apimgt.keymgt.stub.subscriber.APIKeyMgtSubscriberServiceStub.renewAccessToken(APIKeyMgtSubscriberServiceStub.java:1187)
    at org.wso2.carbon.apimgt.keymgt.client.SubscriberKeyMgtClient.regenerateApplicationAccessKey(SubscriberKeyMgtClient.java:83)
    at org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject.jsFunction_refreshToken(APIStoreHostObject.java:3219)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
    at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
    at org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52)
    at org.jaggeryjs.rhino.store.modules.subscription.c4._c_anonymous_3(/store/modules/subscription/key.jag:61)
    at org.jaggeryjs.rhino.store.modules.subscription.c4.call(/store/modules/subscription/key.jag)
    at org.mozilla.javascript.ScriptRuntime.applyOrCall(ScriptRuntime.java:2430)
    at org.mozilla.javascript.BaseFunction.execIdCall(BaseFunction.java:269)
    at org.mozilla.javascript.IdFunctionObject.call(IdFunctionObject.java:97)
    at org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:42)
    at org.jaggeryjs.rhino.store.modules.subscription.c0._c_anonymous_10(/store/modules/subscription/module.jag:35)
    at org.jaggeryjs.rhino.store.modules.subscription.c0.call(/store/modules/subscription/module.jag)
    at org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52)
    at org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0._c_anonymous_1(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag:206)
    at org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
    at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23)
    at org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0._c_script_0(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag:3)
    at org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
    at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
    at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
    at org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.call(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
    at org.jaggeryjs.rhino.store.site.blocks.subscription.subscription_add.ajax.c0.exec(/store/site/blocks/subscription/subscription-add/ajax/subscription-add.jag)
    at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:570)
    at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273)
    at org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:432)
    at org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:749)
    at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487)
    at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:379)
    at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339)
    at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
    at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
    at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56)
    at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
    at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
    at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
    at java.lang.Thread.run(Thread.java:722)
[2014-09-09 11:12:04,749] ERROR - subscription-add:jag org.wso2.carbon.apimgt.api.APIManagementException: Error in getting new accessToken

The solution is I've missed following point in the guide...

Copy the section from the identity.xml file in the API Manager (/repository/conf/identity.xml) and replace the section of the identity.xml file of the IS (/repository/conf/identity.xml).

Thought of sharing this hoping that someone will come across the same issue :)