Oracle Application Server

One month ago, I attended an Oracle Application Server course in Geneva, Switzerland. We were a group of 3 students and the 5-days lesson has been extremly interesting and intense. Starting at 9am, we used to finish at 5:30pm or later.

At LC Systems, we have a few customers using OAS, that is why I did jump into this non-database product cursus.

As I experienced in the course, it is quite different from Oracle Database. Technically speaking, you do not need much database know-how to administer an application server.

There are basically two parts. One is the Infrastructure. It contains a Directory Server (LDAP) which is stored physically on a database. As for the Grid Control, you can just click Next->Next->Next->Install to have it up and running (if you are lucky). You do not specify the size of the memory, the location of the files, the logging mode, nothing. Just the database passwords.

The second part is called the Middle Tier. It contains a J2EE engine. There you can “hotplug” your application : portal, forms, reports, discoverer…

The consistency, availability, backup strategy are not as clearly defined as in the db world I know. In the “online backup” mode, you should just hope that nothing is going to modify the xml configuration files at the time you edit them. If your file system is getting full of logs, it can well happen that your config file get truncated. If you think you are not modifying anything during the backup, it could well be Oracle itself that updates the xml files. What did also sound dubious to me is the point in time recovery. It sounds like : “Well, I will try to recover until time your repository with rman, and if I found your backup sets on the disk, it may work. If the config changed since that time, well, this is probably not the best thing to try…”

The security concept made me hurl more than one time. For example Portal. There is a superuser called PORTAL in the Oracle Internet Directory (OID). To my surprise, you can see his database password in clear text in the OID. This user has, no joke, DBA role in the database. You can “revoke” the DBA role from PORTAL in the Application Server Console, but, believe me, it does not revoke the DBA at the db level. The mod_plsql enables you to encrypt passwords in files. This is a 2-ways encryption, I doubt the algorythm is very strong. The concept rather rely on “No one should ever log-in neither on the application server (with telnet) nor on the repository database (with sqlplus).

This morning I passed my 1Z0-311 exam with success (0 error).

13 thoughts on “Oracle Application Server

  1. Aman Sharma

    hi sir
    Accept my congrats.You have cleared your OCM credential.Will you like to share that how should a person proceed to get successful with it like the training process,practise,resources you used?
    Once again,congrats and best wishes!

  2. Laurent Schneider

    Thanks all for your wishes!

    10gR3 is not really out yet, they cannot use it in course, because there is no infrastructure, no BI, nothing else than the OC4J.

    About OCM, I am not allowed to reveal the content but I will try to put something helpful and neutral soon.

  3. Aman Sharma

    Hi sir
    Yes not the content but the preparation method
    you chose,how did you prepare for it.Yes a neutral to guide aspirants how to prepare so that they can be successful with it?
    Once again thanx a bunch.

  4. Anonymous

    Hi Laurent,
    How did you review for this exam? I know you attended the course and did lots of practice… but did you use any other exam guides? I can’t find any exam guide on this but just the Oracle documentation manuals.

    Thanks a lot and Congratulations !!

Leave a Reply

Your email address will not be published.