Thursday, February 11, 2016

Calling a web service from Unix using Curl


Create a request message:
echo "<soapenv:Envelope xmlns:soapenv=\"\" xmlns:chec=\"\">" > /tmp/request.xml 
echo "   <soapenv:Header/>"  >> /tmp/request.xml 
echo "   <soapenv:Body>"     >> /tmp/request.xml 
echo "      <chec:process/>" >> /tmp/request.xml 
echo "   </soapenv:Body>"    >> /tmp/request.xml 
echo "</soapenv:Envelope>"   >> /tmp/request.xml

Invoke the web service using curl:
curl -X POST -H "Content-Type: text/xml" -H "SOAPAction: \"http://soadev:8001/soa-infra/services/default/HealthCheck/checkbpel_client_ep\"" --data-binary @/tmp/request.xml http://soadev:8001/soa-infra/services/default/HealthCheck/checkbpel_client_ep?WSDL > /tmp/response.xml

View the contents of the response:
cat /tmp/response.xml

Wednesday, February 10, 2016

Red Hat Enterprise Linux Server release 5.5 - Hacked and fixed

One of our public, rarely used, sandbox servers was hacked last January. Even Amazon Web Services got hit with one of the three we've gotten rid of.

Several of the OS binaries would have been overwritten by a 1135000 byte binary file, so you will have to re-copy them from a different server.

Run these commands to get rid of the offending trojans/viruses:
killall -9 l26.tmp 
killall -9 
killall -9 
killall -9 sleep
killall -9 ps 
killall -9 .sshd 
chattr -i /usr/bin/.sshd 
chattr -i /usr/bin/kernel 
chattr -i /usr/bin/acpid 
chattr -i /etc/bash 
rm -rf /usr/bin/dpkgd 
rm -rf /usr/bin/bsd-port 
rm -f /l26.tmp 
rm -f /usr/bin/.sshd 
rm -f /usr/bin/kernel 
rm -f /usr/bin/acpid 
rm -f /etc/bash 
rm -f /etc/Centos-ssh 
rm -f /etc/Centos-sshd 
rm -f /etc/fake.cfg 
rm -f /etc/* 
rm -f /etc/* 
scp oracle@soadb:/bin/ps /bin 
scp oracle@soadb:/bin/netstat /bin 
scp oracle@soadb:/usr/sbin/lsof /usr/sbin 
scp oracle@soadb:/usr/sbin/ss /usr/sbin 
scp oracle@soadb:/usr/bin/chattr /usr/bin 
scp oracle@soadb:/usr/bin/kernel /usr/bin 
scp oracle@soadb:/usr/bin/acpid /usr/bin

Applicable Versions:
  • Red Hat Enterprise Linux Server release 5.5

Wednesday, January 27, 2016

Error 503--Service Unavailable when trying to access the EM console


If you're running Oracle Fusion Middleware (specifically Oracle SOA Suite 11g), and when navigating to the EM console via this URL:
We get this error on the browser:
Error 503--Service Unavailable 
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1: 
10.5.4 503 Service Unavailable 
The server is currently unable to handle the request due to a temporary overloading or maintenance of the server. The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the delay may be indicated in a Retry-After header. If no Retry-After is given, the client SHOULD handle the response as it would for a 500 response. 
Note: The existence of the 503 status code does not imply that a server must use it when becoming overloaded. Some servers may wish to simply refuse the connection.


In this particular case, the file targets.xml was missing.

1. Confirm that targets.xml is missing.
export DOMAIN_HOME=/u01/app/oracle/middleware/user_projects/domains/soa_domain 
ls -l $DOMAIN_HOME/sysman/state/targets.xml

2. If so, recreate the targets.xml file using the following as a template:
 <Target TYPE="oracle_ias_farm" NAME="Farm_soa_domain" DISPLAY_NAME="Farm_soa_domain"> 
  <Property NAME="MachineName" VALUE=""/> 
  <Property NAME="Port" VALUE="7001"/> 
  <Property NAME="isLocal" VALUE="true"/> 
  <Property NAME="Protocol" VALUE="t3"/> 
  <Property NAME="serviceURL" VALUE="service:jmx:t3://"/> 
  <Property NAME="WebLogicHome" VALUE="/u01/app/oracle/middleware/wlserver_10.3"/>
  <Property NAME="DomainHome" VALUE="/u01/app/oracle/middleware/user_projects/domains/soa_domain"/>

3. Restart the AdminServer

Applicable Versions:
  • Oracle SOA Suite 11g (11.1.1.x)

Friday, January 1, 2016

Oracle SOA Suite development error: 'jca.retry.count' must be a positive number


After developing an Oracle SOA Suite 11g composite and attempting to deploy it directly from Oracle JDeveloper 11g, we get the following error in the JDeveloper logs:
[11:24:23 AM] Received HTTP response from the server, response code=500 
[11:24:23 AM] Error deploying archive sca_HealthCheck_rev1.0.jar to partition "default" on server soa_server1 [http://soahost1:8001]  
[11:24:23 AM] HTTP error code returned [500] 
[11:24:23 AM] Error message from server:
There was an error deploying the composite on soa_server1: Update Failed: Error while validating JCA Reference Binding meta data during composite deployment: Exception occured when binding was invoked.
Exception occured during invocation of JCA binding: "Cannot parse JCA binding retry property 'jca.retry.count', value '0' due to: Value of JCA binding retry property 'jca.retry.count' must be a positive number". 
The invoked JCA adapter raised a resource exception.
Please examine the above error message carefully to determine a resolution.
: Exception occured when binding was invoked.
Exception occured during invocation of JCA binding: "Cannot parse JCA binding retry property 'jca.retry.count', value '0' due to: Value of JCA binding retry property 'jca.retry.count' must be a positive number". 
The invoked JCA adapter raised a resource exception.
Please examine the above error message carefully to determine a resolution.
[11:24:23 AM] Check server log for more details. 
[11:24:23 AM] Error deploying archive sca_HealthCheck_rev1.0.jar to partition "default" on server soa_server1 [http://soahost1:8001]  
[11:24:23 AM] ####  Deployment incomplete.  #### 
[11:24:23 AM] Error deploying archive file:/C:/Oracle/mywork/HealthCheck/deploy/sca_HealthCheck_rev1.0.jar 


This error was because value of Attempts in the database adapter configuration wizard was set to zero. This must be a positive (non-zero) number. This value maps directly to jca.retry.count.

1. Set the Attempts or jca.retry.count value in the DbAdapter to a value greater than 0.

Applicable Versions:
  • Oracle SOA Suite 11g (11.1.1.x)

Thursday, December 3, 2015

Oracle SOA Suite error: "Cannot call commit when using distributed transactions"


I made a web service call to an Oracle SOA Suite 11g BPEL service, and got the following exception:
<env:Envelope xmlns:env="">
         <faultstring>Exception occured when binding was invoked.
Exception occured during invocation of JCA binding: "JCA Binding execute of Reference operation 'QueryInstanceTable' failed due to: DBWriteInteractionSpec Execute Failed Exception.
unknown failed. Descriptor name: [unknown].
Caused by java.sql.SQLException: Cannot call commit when using distributed transactions.
Please see the logs for the full DBAdapter logging output prior to this exception.  This exception is considered retriable, likely due to a communication failure.  To classify it as non-retriable instead add property nonRetriableErrorCodes with value "0" to your deployment descriptor (i.e. weblogic-ra.xml).  To auto retry a retriable fault set these composite.xml properties for this invoke: jca.retry.interval, jca.retry.count, and jca.retry.backoff.  All properties are integers.
The invoked JCA adapter raised a resource exception.
Please examine the above error message carefully to determine a resolution.</faultstring>
            <exception>Cannot call commit when using distributed transactions</exception>


Your connection factory is misconfigured. The data source was configured to use an XA driver.

1. Make sure that this data source is included the xaDataSourceName and not the dataSourceName property.

Applicable Versions:
  • Oracle SOA Suite 11g (11.1.1.x)

Saturday, November 21, 2015

Searching Google Drive using Windows Search yields no items match

Are you using Google Drive on your Windows PC?

Are you trying to use Windows Search to locate a file(s) and the results are consistently coming up empty even though the files exist?


1. Right-click on your "Google Drive" folder

2. Click on "Properties"

3. Click on the "Security" tab

4. Click on "Advanced"

5. Check the checkbox "Replace all child object permission entries with inheritable permission entries from this object"

6. Click on "Apply"

Try searching again, and you should finally see your results:

Applicable Versions:
  • Microsoft Windows 8.1 Pro
  • Oracle WebLogic Server 12c

Wednesday, November 11, 2015

Where do I get data?

When getting started with data analysis of any kind, it can sometimes seem daunting. If you have no frame of reference it can be difficult to know where to start. If you are trying to learn time-series analysis techniques it might be good to have large sets of time series data such as a list of stock quotes over time to perform the analysis. If you are trying clustering techniques it would be good to have categorical data such as a list of all car models and their characteristics including: range, mpg, number of cylinders, various emissions, country of distribution, etc.

So assuming you have the tools you need there are a number of places that you can get information. Many sites such as Twitter, Facebook, and YouTube offer apis which allow you to pull all sorts of information. However, if you are looking for information outside of the Social media area it seems to get a bit more difficult, but there are a few great options out there.

First there's the U.S. Government, there has been a large push in data openness, and the result of that is which claims to have over 198,000. Not all the sources are available in an easily ingested format such as CSV, but there are over 8200 api accessible sources. Additionally from the U.S government there are NASA Open Datasets. Beyond the government though there are more options.

Quandl is a great resource for data both for free and for a premium. All data is available in XML, CSV, and JSON via APIs. There are also Libraries directly supported by Quandl for Python, R and Excel. Additionally, there are community supported plugins for many other languages and programs including: Go, Java and Ruby.

Beyond these there's always communities such as those on reddit /r/datasets and /r/data.

Happy data collecting!

Tuesday, November 3, 2015

Why we opted against using Oracle MAF

What is Raastech Mobile Manager?

Have you seen Raastech Mobile Manager for Oracle Fusion Middleware? It's the world's only mobile monitoring and management solution for Oracle Fusion Middleware.

It has been built with a customizable framework, top-notch and responsive UI, and does everything you would expect a mobile app like this would do.

For more details, check out

Designed for Oracle from the start

We are an Oracle partner. We implement Oracle solutions. We use Oracle products ourselves.

So from the start, Raastech Mobile Manager was intended to be built leveraging Oracle tools, Oracle infrastructure, and Oracle frameworks.

Currently, the Raastech Management Server (the server backend) runs on the following Oracle infrastructure software:

Deciding against Oracle MAF

For the development of our iOS and Android apps, we've chosen to go native instead of using Oracle MAF.

Forget Oracle ADF Mobile... that thing is dead. Instead, Oracle Mobile Application Framework, otherwise known as Oracle MAF, was released on June 30, 2014 and recommended by Oracle for all new mobile application development.

Oracle MAF is available as an extension to both JDeveloper and Eclipse and offers a Java-based MVC framework that executes in a hybrid container on the various mobile OSs.

The Good
  • Develop a single application that will run on both iOS and Android devices
  • Oracle Support Services available

The Bad
  • HTML5 is not what it's cracked up to be (see TheLadders' and Facebook's experience)
  • You must license Oracle MAF per user per app or per app with unlimited number of end users <-- this is the deal breaker

Though Oracle will provide you with a break if you purchase some of the Oracle Mobile Cloud Service offerings, as it stands, the awful Oracle MAF licensing model pretty much sums it up.


Monday, November 2, 2015

Links to my "An Overview of GlassFish Server" article on OTechMag

My article titled An Overview of GlassFish Server is now published on OTechMag (Fall 2015 issue) and can be found here:

Unfortunately, several of the hyperlinks I had in the article did not make it to print, so I am including them here for your reference:
Oracle sponsored the GlassFish Server Open Source Edition (available on this Java website) but also maintained a commercial version dubbed Oracle GlassFish Server (available on this Oracle website)...
At one point Oracle was marketing Oracle GlassFish Server as providing “lower, more predictable costs” and “high quality” due to the very nature of “open source software [having] nothing hidden.”
For those running Oracle GlassFish Server 3.x, they are still supported under Oracle’s Lifetime Support Policy.
Oracle encourages those who require production level support to migrate to Oracle WebLogic Server. If your project is Java EE standardized, this should be fairly straightforward. Oracle states that “the primary role of GlassFish Server Open Source Edition has been, and continues to be, driving adoption of the latest release of the Java Platform, Enterprise Edition” and that they “are planning for GlassFish Server Open Source Edition 5 as the foundation for the Java EE 8 reference implementation, as well as bundling GlassFish Server Open Source Edition 5 in a Java EE 8 SDK, which is the most popular distribution of GlassFish.”
For those seeking Oracle's indemnification which protects you from legal action associated with the open source software, and in specific GlassFish Server, you're out of luck. For those requiring a bit more clarification, check out the 6 Facts About GlassFish Announcement by Bruno Borges.


Friday, October 30, 2015

Oracle Open World and Java One 2015

This year I made my second appearance at Oracle Open World. It was also my first opportunity to speak at Open World. The atmosphere was very much the same as it was at the last one I experienced. Tons of marketing, and very little to hold. The exceptions to that were the Sunday User Group Day and Java One. Now I may be a little bias about Sunday since I spoke that day, but other speakers were also more focused on the technical side of things.
To be fair Open World is supposed to be a show of where things are going for all fronts of Oracle related technologies. There were a good number of roadmaps laid out, and the general vision for Oracle moving forward was set forth. Plenty of "cloud" and "Internet of Things (IoT)", I will leave my cloud and IoT rant for another time, but suffice it to say that it finally seemed that Oracle is reaching towards the original meanings of these terms, and while they aren't quite there, they are definitely trying. "Safe Harbor" quote, WebLogic will have support for elastic scaling, end "Safe Harbor" quote. Along with that they are officially supporting WebLogic running inside of Docker. This could be a huge win for those looking to have a more dynamic infrastructure.
Coming back to JavaOne, as I said it is a lot more technical, and by that it seemed to me almost completely technical. As a developer/architect/admin, this was great! For those in the mostly Oracle world think of COLLABORATE, which has a much better blend of technical and marketing/customer stories. The main difference is that it is focused on Java, talking about and showing new features coming in Java, showing the internals of Java, best practices to follow, and performing performance tuning. If I had known the level of information I would have attended more presentations earlier. It was definitely a great benefit.
Overall I enjoyed the experience that I had at Open World and at JavaOne. OpenWorld is something you really only need to attend every few years, JavaOne would definitely be more often and I would say the same of COLLABORATE. However, I want to make one last callout. There's a lovely group of people who for the past number of years have been running an event simultaneous to Oracle Open World called Oaktable World which has a ton of informative presentations. I unfortunately did not have a chance to attend, but maybe next time.

Tuesday, October 20, 2015

The R Language: Vectors Everywhere.

When learning the R language, one of the data types you will hear about is called a vector.  In typical scientific and mathematic language a vector is generally defined as having a magnitude and a direction. This is common place in things such as geometry and higher level mathematics including dealing with interactions and motions of particles in 2 or 3 dimensional spaces.

In languages like Java and C++ Vectors are expandable collections of a specific object type. Creating these Vectors can increase the memory efficiency of a program since the size of the collection does not need to be known in advance In R, everything contains vectors including scalar types being a length of 1.  The basic types are even called the "atomic vectors" including logical (boolean), character/string, complex, etc. Below you can see the atomic vectors in action.

> a <- 1+2i
> b <- as.integer(1)
> c <- 1.0
> d <- TRUE
> e <- 'Testing'
> f <- charToRaw('A')
> typeof(a)
[1] "complex"
> typeof(b)
[1] "integer"
> typeof(c)
[1] "double"
> typeof(d)
[1] "logical"
> typeof(e)
[1] "character"
> typeof(f)
[1] "raw"

In order to see the true power of R however you need to organize information into larger structures. Vectors can actually hold more than a single object, but they must all be of the same basic type. If a previously existing vector can't accept the then it will try to convert the elements so that the vector can. As is in the case below you can see where it starts as logical type when a size of 0 and ends up a character type.

> vec <- vector()
> typeof(vec)
[1] "logical"
> vec[1] <- 1
> typeof(vec)
[1] "double"
> vec[2] <- 'a'
> typeof(vec)
[1] "character"

 Vectors and other collection types are accessed with a 1-based index. The other built-in types available are Lists, Matrices, and Data Frames. Lists are simple, but they don't require the types of all of it's elements to be of the same type. They also have the advantage of allowing for a key value access method.
> ll <- list()
> ll[1] <- 1
> ll[2] <- 2
> ll[3] <- 'a'
> ll['foo'] <- 'bar'
> ll
[1] 1

[1] 2

[1] "a"

[1] "bar"

> ll$foo      # Name based access with $ operator
[1] "bar"
> ll[['foo']] # Named access method with double bracket
[1] "bar"
> ll[[4]]      # Index Based Access
[1] "bar"

Unlike vectors when trying to access members directly a [[]] double bracket is used, and if it is named then it can be accessed via index id or it's associated name. A matrix functions the same as when considering mathematical concepts, and requires that all elements are of the same type In fact there are many operations such as finding the determinate of a matrix which are part of the base installation.
> test <- c(1,2,3,4)
> testMat <- matrix(test, nrow=2, byrow = TRUE)
> testMat
    [,1] [,2]
[1,]    1    2
[2,]    3    4
> testMat[2,1]
[1] 3

Data Frames are the last thing we will talk about in the post. They act much like one would expect a table from a database to act. Each row can contain heterogenous data, but all data in a column must be of the same type. Accessing information can be done a number of ways and provide,  column vectors, column slices, and row slices. Column Vectors only provide the values in a particular column , and can be useful for aggregate functions such as averages and sums. Column slices provide a named associate with the specific column, and finally row slices provide the all rows which meet a particular criterion.

I hope this has been helpful in learning R.

Raastech @ Oracle OpenWorld

We are pleased to announce that Harold Dost III (@hdost) from Raastech will be presenting Introduction to Oracle R for Big Data Analysis at Oracle OpenWorld 2015.


Introduction to Oracle R for Big Data Analysis [UGF9961]
Harold Dost III
Principal Consultant
Oracle ACE Associate

More and more companies are implementing big data solutions, many with the prospect of someday doing something with the data that is being collected. In this hands-on session, get down to brass tacks beginning with the setup of core tools and a run-through of the R language to get familiar with Oracle R offerings. Begin manipulating data in Oracle R and derive useful statistics from sample data. Learn where this data can be sourced and how results can be displayed into useful graphs. This session is a great way for those new to Oracle R to get a jump-start.

User Group Forum Session
Sunday, Oct 25, 2:30 p.m. | Moscone South—303

Wednesday, October 14, 2015

Recap of Mobile Monitoring for Oracle WebLogic Server presentation

Our esteemed consultants Ahmed Aboulnaga (@Ahmed_Aboulnaga) and Harold Dost (@hdost) presented Oracle WebLogic Server: Remote Monitoring and Management at last night's monthly SEMOP meeting.

The South East Michigan Oracle Professionals (SEMOP) meets once a month in Livonia, Michigan, and venue and catering is sponsored by Secure-24.

Ahmed and Harold at the Secure-24 headquarters

The presentation revolved around Oracle WebLogic Server 12c monitoring and management and discussed topics such as OEM and RESTful Management Services, which allows anyone to query and monitor numerous Oracle WebLogic Server metrics from a multitude of programming languages, including mobiles devices. Ahmed and Harold also introduce a tool that Raastech has developed that supports mobile monitoring, management, and alerting of Oracle WebLogic Server and shared the architecture and design with our SEMOP colleagues.

The basic findings of the presentation included:
  • WebLogic Server can be monitored manually (via consoles such as the WebLogic Admin Console)
  • WebLogic Server can be monitored automatically (via tools such as OEM Cloud Control)
  • WebLogic Server can be monitored via custom scripts (using WLST, DMS Spy Servlet, RESTful Management Services)
  • OEM Cloud Control is the ideal tool of choice for monitoring WebLogic Server, Oracle, and non-Oracle products
  • The DMS Spy Servlet is a hidden gem which can be accessed at http://adminhost:7001/dms/Spy and provides real-time metrics via browser or command line
  • RESTful Management Services, introduced in WebLogic Server 11g, is limited to retrieving metrics for Servers, Clusters, Applications, and Data Sources
  • Raastech has developed the world's only mobile monitoring and management solution for Oracle Fusion Middleware; more information can be found at

The presentation can be downloaded from SlideShare.

Tuesday, October 13, 2015

Raastech @ MOUS

Consultants from Raastech will be giving 4 presentations at the upcoming MOUS conference on November 18, 2015.

The Michigan Oracle Users Summit (MOUS) is a 1-day conference held in Livonia, Michigan and takes place once a year. It boasts 300+ attendees and this year there will be 12 Oracle ACEs presenting.

Introduction to R, for Big Data Analytics
Harold Dost III

More and more companies are implementing big data solutions, many with the prospect of someday doing something with the data that is being collected. In this hands-on session, get down to brass tacks beginning with the setup of core tools and a run-through of the R language to get familiar with Oracle R offerings. Begin manipulating data in Oracle R and derive useful statistics from sample data. Learn where this data can be sourced and how results can be displayed into useful graphs. This session is a great way for those new to Oracle R to get a jump-start.

Automated Testing SOA Suite in 12c
Harold Dost III

If you're concerned about small changes having unseen consequences in your system. You want to speed up the testing process, and have the testing process be easily repeatable in your integration processes. Learn how to use the Unit Testing Framework provided within Oracle SOA Suite. Combine it with automated testing tools like Hudson to keep your commits tested continuously. This presentation will show live examples of how to test the various components within Oracle SOA Suite, and act as catalyst for getting your enterprise environment covered with tests to improve confidence in the quality of code functionality.

Developing Web Services from Scratch - For DBAs and Developers
Ahmed Aboulnaga

WSDL. XSD. SOAP. Namespaces. Port types. If these terms make little sense, this presentation is for you. By the end of this presentation, you will completely understand how to dissect and decipher a web service interface, understand key design patterns, and learn how to develop top-down and bottom-up web services in technologies such as Java and Oracle SOA Suite. Want to know how to expose a PL/SQL package as a web service? This technical presentation, one of my most popular, is intended for DBAs and database developers who want to know what it takes to design and create web services.

Learn Oracle WebLogic Server 12c Administration
Arun Reddy

Have you ever used Oracle WebLogic Server? If the answer is no, this presentation is for you. We explain core WebLogic Server concepts and perform a live walkthrough of the console covering core administration areas that include managed servers, JVM servers, JMS resources, logs, data sources, application deployments, and more. Attend this presentation and become a WebLogic Server administrator in under 45 minutes.

Register at:

For more information:

For a list of all presentations:

Tuesday, October 6, 2015

"Servicing only administrative requests" in Oracle WebLogic Server

When starting a Java application in Oracle WebLogic Server, have you ever wondered what the Servicing only administration requests means?

We're all accustomed to starting up our Java apps by selecting the Servicing all requests option. This makes sure that the application is up and running and available to end users.

When you select the Servicing only administration requests option, it "specifies that WebLogic Server make the application available in Administration Mode only." What does this mean?

You can "start the application in Administration Mode, which restricts access to the application to a configured Administration channel so you can perform final testing without opening the application to external client connections or disrupting connected clients." Thus, the application is only made available to the administrator.

That's it really!


Applicable Versions:
  • Oracle WebLogic Server 11g
  • Oracle WebLogic Server 12c

Thursday, October 1, 2015

InvalidSecurity : error in processing the WS-Security security header in SOA Suite 12c


Even though the SOA composite does not have any WS security policies attached to it, we still get this error when invoking the service:
<env:Envelope xmlns:env="">   <env:Header>      <tracking:faultId xmlns:tracking="http://oracle.soa.tracking.core.TrackingProperty">20002</tracking:faultId>   </env:Header>   <env:Body>      <env:Fault xmlns:ns0="">         <faultcode>ns0:InvalidSecurity</faultcode>         <faultstring>InvalidSecurity : error in processing the WS-Security security header</faultstring>         <faultactor/>      </env:Fault>   </env:Body></env:Envelope>


This error could be caused if your WSM and SOA applications are deployed to different managed servers, and the WSM managed server is not running.

1. Start up the WSM managed server (e.g., wsm_server1, wls_wsm1).

Applicable Versions:
  • Oracle SOA Suite 12c

Thursday, September 3, 2015

Performance Tuning JVM

Performance tuning is no easy task, and when you are trying to improve application there are many aspects to it. The various levels which can be tuned include: Operating System, Application Server, Database, and Application Configurations/Code. The first place to look when planning to improve performance is to improve the performance of your algorithms, this can be in the application code whether it's in the database or not. Having an algorithm that runs O(n^3) or polynomial then finding a way to reduce it to a order to linear or logarithmic this will beat most any other changes that anywhere else that could be made. However here we will talk specifically about the JVM when running Oracle WebLogic 12c.

Memory Options
If you've had any experience with the JVM then you likely know about a few java options available to you. The usual ones people set are: -Xms, -Xmx, and -XX:MaxPermSize. One thing to note is that with Java 8 PermGen has been replaced with Metaspace as mentioned in this post. While the official minimum amount of memory recommended for WebLogic 12c is 4GB, I would recommend at least 8GB for most applications, but many cases there may be a need for even more memory. This is completely dependent upon the applications running within WebLogic. The second recommendation is that whatever the amount of memory is designated for the maximum amount of memory through Xmx, the same amount should be set for the minimum using Xms . This saves the JVM from wasting time cycles on deallocating memory back to the system.
With respect to MetaSpace a similar option is now available -XX:MaxMetaspaceSizewhich will allow a limit on the new space. Just as with the JVM Heap we want to limit the size of the Metaspace usually a 1G is plenty of space and depending on your application may even be overkill. The important part however is to make sure that there is a limit. Now that we have our various spaces in memory we need to look at how to manage it.

Garbage Collectors
There are a number of different garbage collectors available including: Concurrent Mark Sweep (CMS), ParallelGC, and Garbage First (G1GC). G1GC the newest of the bunch, and it certainly has a lot of advantages many of which can be found here. However, it is still not ready for the lime light. It was introduced in an update to Java 7, and is currently targeted to be the default for Java 9; it could still be pushed back if it still isn't considered stable enough. Concurrent Mark Sweep is an older collector is used to focus on lower pause times which G1GC is planned to replace, and ParallelGC is considered the throughput collector. Once again there is no really solid answer as to which you should use, but from working with clients, ParallelGC has been the most dependable when it came to heavier load tests. While I wouldn't say to use G1GC right now, there are some fixes coming which may change my mind in the future. To use any of these garbage collectors you will need the following commands:
G1GC: -XX:+UseG1GC
ParallelGC: -XX:+UseParallelGC
CMS: -XX:+UseConcMarkSweepGC

Once a garbage collector is selected there are a number of options specific to them which can be explored, and should be explored to find further improvements.

Additional Options
While there are many tweakable options, there are only a few I would look into beside the ones mentioned above. -XX:+ScavengeBeforeFullGC is a setting that deals with performing a scavenge before a full garbage collection, and I would almost alway use unless there is a specific performance hit seen from its use. -XX:MaxTenuringThreshold can be tweaked to different numbers and can be useful depending on long your application tends to hold onto certain information. -XX:+AlwaysPreTouch prepares handles for paging in the beginning, and while it has a performance hit on startup tends to result in quicker memory accesses later. Finally, -XX:+ParallelRefProcEnabled allows for parallel as opposed to serial reference processing as part of the garbage collection process, another flag that I would highly recommend enabling. 

Happy Tuning!