Skip to Main Content

ORDS, SODA & JSON in the Database

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

ORDS-13002 with ORDS using a different context path and ReverseProxy with OHS

RaffyMartinNov 22 2024 — edited Nov 22 2024

Good morning,

I'm trying to migrate from ORDS 21.4.3.r1170405 to 24.3.1.r3061450. However, we're running Oracle Forms & Reports on WebLogic 12.2.1 which uses JAVA 8, that means we can't deploy any other ORDS starting with version 22.1 onward as it requires a newer LTS version of Java like 11, 17, or 21. So I have started testing this and deployed it on standalone mode and put OHS in front of it as a reverse proxy.

Since we still have the old version or ords currently deployed in WebLogic, I had to change the standalone.context.path to be /apps since I OHS was redirecting the calls to the old version of ORDS.

My reverse proxy is as follows:

ProxyPreserveHost On
RequestHeader set WL-Proxy-SSL true
ProxyPass /apps http://localhost:8999/apps
ProxyPassReverse /apps http://localhost:8999/apps

I found the following forum on the same error ORDS, "o:errorCode": "ORDS-13002" - Oracle Forums and I set the security.externalSessionTrustedOrigins to my domain but I still get the same error when trying to sign in to APEX. I'm able to get to the sign landing and sign in pages, but after signing in, I get the 403 and ORDS-13002.

Below is the configuration for ORDS 24.3. Any help on how to solve this issue is really appreciated.

Picked up _JAVA_OPTIONS: -Xms1G -Xmx1G

ORDS: Release 24.3 Production on Fri Nov 22 15:48:35 2024

Copyright (c) 2010, 2024, Oracle.

Configuration:
/opt/oracle/ords-config

2024-11-22T15:48:35.548Z INFO HTTP and HTTP/2 cleartext listening on host: 0.0.0.0 port: 8999
2024-11-22T15:48:35.575Z INFO Disabling document root because the specified folder does not exist: /opt/oracle/ords-config/global/doc_root
2024-11-22T15:48:35.576Z INFO Default forwarding from / to contextRoot configured.
2024-11-22T15:48:42.847Z INFO Configuration properties for: |test|lo|
db.servicename=test
java.specification.version=21
conf.use.wallet=true
sun.jnu.encoding=UTF-8
user.region=US
java.class.path=/opt/oracle/ords/24.3/ords.war
java.vm.vendor=Oracle Corporation
sun.arch.data.model=64
standalone.static.path=/opt/oracle/apex/24.1/images
nashorn.args=--no-deprecation-warning
java.vendor.url=https://java.oracle.com/
resource.templates.enabled=false
user.timezone=UTC
db.port=1521
java.vm.specification.version=21
os.name=Linux
sun.java.launcher=SUN_STANDARD
user.country=US
sun.boot.library.path=/opt/oracle/java/lib
sun.java.command=/opt/oracle/ords/24.3/ords.war --config /opt/oracle/ords-config serve
jdk.debug=release
sun.cpu.endian=little
user.home=/home/oracle
oracle.dbtools.launcher.executable.jar.path=/opt/oracle/ords/24.3/ords.war
user.language=en
java.specification.vendor=Oracle Corporation
java.version.date=2024-07-16
database.api.enabled=true
java.home=/opt/oracle/java
db.username=ORDS_PUBLIC_USER
file.separator=/
java.vm.compressedOopsMode=32-bit
line.separator=

restEnabledSql.active=true
java.specification.name=Java Platform API Specification
java.vm.specification.vendor=Oracle Corporation
feature.sdw=true
java.awt.headless=true
standalone.context.path=/apps
db.hostname=localhost
db.password=******
sun.management.compiler=HotSpot 64-Bit Tiered Compilers
security.requestValidationFunction=ords_util.authorize_plsql_gateway
java.runtime.version=21.0.4+8-LTS-274
user.name=oracle
stdout.encoding=UTF-8
path.separator=:
standalone.http.port=8999
os.version=5.4.17-2136.315.5.el8uek.x86_64
java.runtime.name=Java(TM) SE Runtime Environment
file.encoding=UTF-8
plsql.gateway.mode=proxied
security.externalSessionTrustedOrigins=https://development.example.com/
java.vm.name=Java HotSpot(TM) 64-Bit Server VM
java.vendor.url.bug=https://bugreport.java.com/bugreport/
java.io.tmpdir=/tmp
oracle.dbtools.cmdline.ShellCommand=ords
java.version=21.0.4
user.dir=/home/oracle/scripts
os.arch=amd64
java.vm.specification.name=Java Virtual Machine Specification
oracle.dbtools.cmdline.home=/opt/oracle/ords/24.3
native.encoding=UTF-8
java.library.path=/lib:/usr/lib:/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib
java.vendor=Oracle Corporation
java.vm.info=mixed mode, sharing
stderr.encoding=UTF-8
java.vm.version=21.0.4+8-LTS-274
sun.io.unicode.encoding=UnicodeLittle
db.connectionType=basic
java.class.version=65.0
standalone.access.log=/opt/oracle/ords-logs

2024-11-22T15:48:42.848Z WARNING *** jdbc.MaxLimit in configuration |test|lo| is using a value of 10, this setting may not be sized adequately for a production environment ***
2024-11-22T15:48:42.848Z WARNING *** jdbc.InitialLimit in configuration |test|lo| is using a value of 10, this setting may not be sized adequately for a production environment ***
2024-11-22T15:48:43.733Z INFO

Mapped local pools from /opt/oracle/ords-config/databases:
/apps/test/ => test => VALID

2024-11-22T15:48:43.800Z INFO Oracle REST Data Services initialized
Oracle REST Data Services version : 24.3.1.r3061450
Oracle REST Data Services server info: jetty/10.0.21
Oracle REST Data Services java info: Java HotSpot(TM) 64-Bit Server VM 21.0.4+8-LTS-274

2024-11-22T15:49:33.210Z INFO <IUnzUkUIcajC7s4QVzNKvw> POST development.example.com /apps/test/wwv_flow.accept?p_context=workspace-sign-in/oracle-apex-sign-in/3590702378245 403 The request cannot be processed because it failed cross origin request validation
CORSAccessForbiddenException [statusCode=403, logLevel=INFO, errorCode=ORDS-13002: The request cannot be processed because it failed cross origin request validation Cause: This resource does not support Cross Origin Sharing requests, or the request Origin is not authorized to access this resource. Action: If ords is being reverse proxied ensure the front end server is propagating the host name, scheme and port correctly. If using mod_proxy ensure ProxyPreserveHost is set to On. If using SAML with Oracle APEX, ensure security.externalSessionTrustedOrigins is correctly configured. If using a RESTful Service ensure the Origins Allowed value is correctly configured]

This post has been answered by RaffyMartin on Nov 22 2024
Jump to Answer
Comments
Post Details
Added on Nov 22 2024
1 comment
60 views