Skip to Main Content

ORDS, SODA & JSON in the Database

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

ORDS and ICAP

Aljaz MaliOct 26 2016 — edited Feb 20 2017

Hi all,

I would like to ask for some help with configuring ORDS and ICAP.

So my current settings are:

  OS: OEL x64 6.7

  DB: 11.2.0.3

  APEX: 5.0.4

  ORDS: 3.0.8

On my Linux I have installed i-cap (http://c-icap.sourceforge.net) and clamav anti virus. For my testing purposes I also have one infected file. DB, APEX, ORDS, ICAP, CLAMAV this is all installed on the same server.

First I make a test if clamav is working:

clamscan /tmp/eicar/eicar_com.zip

/tmp/eicar/eicar_com.zip: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------

Known viruses: 4998037

Engine version: 0.99.2

Scanned directories: 0

Scanned files: 1

Infected files: 1

Data scanned: 0.00 MB

Data read: 0.00 MB (ratio 0.00:1)

Time: 9.173 sec (0 m 9 s)

Next test is, if icap and clamav are working OK. For this I'm using

/usr/local/c-icap/bin/c-icap-client -i oralin -p 1344

ICAP server:oralin, ip:127.0.0.1, port:1344

OPTIONS:

  Allow 204: Yes

  Preview: 1024

  Keep alive: Yes

ICAP HEADERS:

  ICAP/1.0 200 OK

  Methods: RESPMOD, REQMOD

  Service: C-ICAP/0.4.4 server - Echo demo service

  ISTag: CI0001-XXXXXXXXX

  Transfer-Preview: *

  Options-TTL: 3600

  Date: Wed, 26 Oct 2016 09:48:31 GMT

  Preview: 1024

  Allow: 204

  X-Include: X-Authenticated-User, X-Authenticated-Groups

  Encapsulated: null-body=0

Next I make a file scan (one clean and one infected)

/usr/local/c-icap/bin/c-icap-client -i oralin -p 1344 -f /tmp/eicar/test.txt -s "virus_scan"

ICAP server:oralin, ip:127.0.0.1, port:1344

No modification needed (Allow 204 response)

/usr/local/c-icap/bin/c-icap-client -i oralin -p 1344 -f /tmp/eicar/eicar_com.zip -s "virus_scan"

ICAP server:oralin, ip:127.0.0.1, port:1344

<html>

<head>

   <title>VIRUS FOUND</title>

</head>

<body>

<h1>VIRUS FOUND</h1>

You tried to upload/download a file that contains the virus:

   <b> Eicar-Test-Signature </b>

<br>

The Http location is:

<b>  - </b>

<p>

  For more information contact your system administrator

<hr>

<p>

This message generated by C-ICAP service: <b> virus_scan </b>

<br>Antivirus engine: <b> clamd-0992/22433 </b>

</p>

</body>

</html>

So for me it looks like that icap and clamav are working.

Next I have made a change to defaults.xml in ORDS settings

<entry key="icap.port">1344</entry>

<entry key="icap.server">oralin</entry>

I have created report and form in APEX where I can upload files. If I make a test then I get back following error:

503 Service Unavailable

In ORDS log I can see this:

The ICAP service is unavailable, check the icap.server and icap.port settings.

After reviewing ICAP access log I can see this request:

26/Oct/2016:12:00:00 +0200, 127.0.0.1 127.0.0.1 RESPMOD AVSCAN?action=SCAN 404

I have tried once more with icap client as (same request as I see it from accces log, when request comes from ORDS):

/usr/local/c-icap/bin/c-icap-client -i oralin -p 1344 -f /tmp/eicar/test.txt -s "AVSCAN?action=SCAN"

and in this case I don't get back proper response. So I have added to my icap virus_scan.conf this line

ServiceAlias AVSCAN virus_scan?allow204=on&sizelimit=off&mode=simple

after this change the same command is successful:

/usr/local/c-icap/bin/c-icap-client -i oralin -p 1344 -f /tmp/eicar/test.txt -s "AVSCAN?action=SCAN"

After this change and testing if I go back to my APEX application I do not get the error again. What happens now is that when I try to upload a file the error is gone, but nothing happens. Basically I see in my browser status bar message : Waiting for oralin.... and this takes then forever.

I don't see new entries in icap access log and also no messages in icap server.log or ords log file.

I would like to ask for help, if someone has an idea what has to be done in order that icap and ords would work.

Thank you in advance,

Aljaz

Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Mar 20 2017
Added on Oct 26 2016
1 comment
1,427 views