Hi I am new to work on activemq, i am trying to access the messages send from the activemq in mdb onMsg() method but i am unable to get the things done here the sample standalone-full.xml configuration.
<subsystem xmlns="urn:jboss:domain:messaging-activemq:1.0">
<jms-queue name="favouritesQueue" entries="queue/favouritesQueue"/>
</server>
</subsystem>
mdb configuration
<mdb>
<resource-adapter-ref resource-adapter-name="activemq-ra.rar"/>
<bean-instance-pool-ref pool-name="mdb-strict-max-pool"/>
</mdb>
<subsystem xmlns="urn:jboss:domain:resource-adapters:4.0">
<resource-adapters>
<resource-adapter id="activemq-ra.rar">
<archive>
activemq-rar-5.13.3.rar
</archive>
<transaction-support>XATransaction</transaction-support>
<config-property name="ServerUrl">
tcp://localhost:61616
</config-property>
<config-property name="UserName">
admin
</config-property>
<config-property name="UseInboundSession">
false
</config-property>
<config-property name="Password">
admin
</config-property>
<connection-definitions>
<connection-definition class-name="org.apache.activemq.ra.ActiveMQManagedConnectionFactory" jndi-name="java:/ConnectionFactory" enabled="true" pool-name="ConnectionFactory">
<xa-pool>
<min-pool-size>1</min-pool-size>
<max-pool-size>20</max-pool-size>
<prefill>false</prefill>
<is-same-rm-override>false</is-same-rm-override>
</xa-pool>
</connection-definition>
</connection-definitions>
<admin-objects>
<admin-object class-name="org.apache.activemq.command.ActiveMQQueue" jndi-name="queue/favouritesQueue" use-java-context="true" pool-name="favouritesQueue">
<config-property name="PhysicalName">
queue/favouritesQueue
</config-property>
</admin-object>
</admin-objects>
</resource-adapter>
</resource-adapters>
</subsystem>
Related
So, I have installed WAS, and IHS.
I'm able to access the application directly from WAS. But IHS is trying to reply the request and its not using the plugin to reply the request.
I'm able to access the default IHS page, but not to the test application.
To create the IHS, I have done the standard stuff:
1- Install IHS and Plugin
2- Configure the plugin within the IHS
3- Create an unmanaged node on the DMGR
4- Create the webserver instance on the DMGR
I'm just trying to call a sample application called hello (for helloworld)
I see the request on the webservers logs, but they are not being redirected to the WAS.
This is the mention of the plugin on the httpd.conf:
LoadModule was_ap22_module /opt/ibm/plugin-ihs-85/test_webserver_instance1/bin/64bits/mod_was_ap22_http.so
WebSpherePluginConfig /opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-cfg.xml
This is the plugin-cfg.xml:
<?xml version="1.0" encoding="ISO-8859-1"?><!--HTTP server plugin config file for the webserver test_Cell.test_webserver_01_unmanagedNode_1.test_webserver_instance1 generated on 20
17.06.25 at 07:37:51 PM CDT-->
<Config ASDisableNagle="false" AcceptAllContent="true" AppServerPortPreference="HostHeader" ChunkedResponse="false" FIPSEnable="false" FailoverToNext="false" HTTPMaxHeaders="
300" IISDisableFlushFlag="false" IISDisableNagle="false" IISPluginPriority="High" IgnoreDNSFailures="false" KillWebServerStartUpOnParseErr="false" MarkBusyDown="false" OS400C
onvertQueryStringToJobCCSID="false" RefreshInterval="60" ResponseChunkSize="64" SSLConsolidate="true" StrictSecurity="false" TrustedProxyEnable="false" VHostMatchingCompat="f
alse">
<Log LogLevel="Error" Name="/opt/ibm/plugin-ihs-85/test_webserver_instance1/logs/test_webserver_instance1/http_plugin.log"/>
<Property Name="ESIEnable" Value="true"/>
<Property Name="ESIMaxCacheSize" Value="1024"/>
<Property Name="ESIInvalidationMonitor" Value="false"/>
<Property Name="ESIEnableToPassCookies" Value="false"/>
<Property Name="ESICacheidFull" Value="false"/>
<Property Name="PostSizeLimit" Value="-1"/>
<Property Name="PostBufferSize" Value="0"/>
<Property Name="PluginInstallRoot" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/"/>
<Property Name="Keyfile" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.kdb"/>
<Property Name="Stashfile" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.sth"/>
<VirtualHostGroup Name="default_host">
<VirtualHost Name="*:9080"/>
<VirtualHost Name="*:80"/>
<VirtualHost Name="*:9443"/>
<VirtualHost Name="*:5060"/>
<VirtualHost Name="*:5061"/>
<VirtualHost Name="*:443"/>
<VirtualHost Name="*:9061"/>
<VirtualHost Name="*:9044"/>
<VirtualHost Name="*:9062"/>
<VirtualHost Name="*:9081"/>
<VirtualHost Name="*:9444"/>
<VirtualHost Name="*:9045"/>
</VirtualHostGroup>
<ServerCluster CloneSeparatorChange="false" GetDWLMTable="false" IgnoreAffinityRequests="false" LoadBalance="Round Robin" Name="test" PostBufferSize="0" PostSizeLimit="-1"
RemoveSpecialHeaders="true" RetryInterval="60" ServerIOTimeoutRetry="-1">
<Server CloneID="1bjgscrk8" ConnectTimeout="5" ExtendedHandshake="false" LoadBalanceWeight="2" MaxConnections="-1" Name="test_app_01_node_1_test1" ServerIOTimeout="900" W
aitForContinue="false">
<Transport Hostname="test_app_01" Port="9080" Protocol="http"/>
<Transport Hostname="test_app_01" Port="9443" Protocol="https">
<Property Name="keyring" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.kdb"/>
<Property Name="stashfile" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.sth"/>
</Transport>
</Server>
<Server CloneID="1bjgscsei" ConnectTimeout="5" ExtendedHandshake="false" LoadBalanceWeight="2" MaxConnections="-1" Name="test_app_01_node_1_test2" ServerIOTimeout="900" W
aitForContinue="false">
<Transport Hostname="test_app_01" Port="9081" Protocol="http"/>
<Transport Hostname="test_app_01" Port="9444" Protocol="https">
<Property Name="keyring" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.kdb"/>
<Property Name="stashfile" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.sth"/>
</Transport>
</Server>
<Server CloneID="1bjgscstv" ConnectTimeout="5" ExtendedHandshake="false" LoadBalanceWeight="2" MaxConnections="-1" Name="test_app_02_node_1_test3" ServerIOTimeout="900" W
aitForContinue="false">
<Transport Hostname="test_app_02" Port="9080" Protocol="http"/>
<Transport Hostname="test_app_02" Port="9443" Protocol="https">
<Property Name="keyring" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.kdb"/>
<Property Name="stashfile" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.sth"/>
</Transport>
</Server>
<Server CloneID="1bjgsctbv" ConnectTimeout="5" ExtendedHandshake="false" LoadBalanceWeight="2" MaxConnections="-1" Name="test_app_02_node_1_test4" ServerIOTimeout="900" W
aitForContinue="false">
<Transport Hostname="test_app_02" Port="9081" Protocol="http"/>
<Transport Hostname="test_app_02" Port="9444" Protocol="https">
<Property Name="keyring" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.kdb"/>
<Property Name="stashfile" Value="/opt/ibm/plugin-ihs-85/test_webserver_instance1/config/test_webserver_instance1/plugin-key.sth"/>
</Transport>
</Server>
<PrimaryServers>
<Server Name="test_app_01_node_1_test1"/>
<Server Name="test_app_01_node_1_test2"/>
<Server Name="test_app_02_node_1_test3"/>
<Server Name="test_app_02_node_1_test4"/>
</PrimaryServers>
</ServerCluster>
<UriGroup Name="default_host_test_URIs">
<Uri AffinityCookie="JSESSIONID" AffinityURLIdentifier="jsessionid" Name="/hello/*"/>
</UriGroup>
<Route ServerCluster="test" UriGroup="default_host_test_URIs" VirtualHostGroup="default_host"/>
<RequestMetrics armEnabled="false" loggingEnabled="false" rmEnabled="false" traceLevel="HOPS">
<filters enable="false" type="URI">
<filterValues enable="false" value="/snoop"/>
<filterValues enable="false" value="/hitcount"/>
</filters>
<filters enable="false" type="SOURCE_IP">
<filterValues enable="false" value="255.255.255.255"/>
<filterValues enable="false" value="254.254.254.254"/>
</filters>
<filters enable="false" type="JMS">
<filterValues enable="false" value="destination=aaa"/>
</filters>
<filters enable="false" type="WEB_SERVICES">
<filterValues enable="false" value="wsdlPort=aaa:op=bbb:nameSpace=ccc"/>
</filters>
</RequestMetrics>
</Config>
Normally IHS is going to use port 80 to receive communication and rely to the application server.
The port 80 is in the default virtual host. So I added the listening port I'm using (1080) to the default virtual host.
I am trying to configure Wildfly (10) to use an SSL certificate for HTTPS. It seems to work fine for 8443 (using https://example.com:8443 -- no errors and certificate shows it is signed by the CA), but when I switch the HTTPS to port 443, whenever I access the site (via https://example.com it tells me my certificate was not installed right, the connection is not secure and it's using a self-signed key).
Here are snippets from my standalone.xml file:
Security Realm
<security-realm name="ApplicationRealm">
<server-identities>
<ssl>
<keystore path="devifs.jks" relative-to="jboss.server.config.dir" keystore-password="yadayada" alias="tomcat" key-password="yadayada"/>
</ssl>
</server-identities>
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
Undertow Subsystem
<subsystem xmlns="urn:jboss:domain:undertow:3.0">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https"/>
<https-listener name="default-ssl" security-realm="ApplicationRealm" socket-binding="https"/>
<host name="default-host" default-web-module="hatteras.war" alias="localhost">
<location name="/" handler="welcome-content"/>
<location name="/reports/" handler="ifsreports"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
....
</subsystem>
Socket Binding Group
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="https" port="${jboss.https.port:443}"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="localhost" port="25"/>
</outbound-socket-binding>
</socket-binding-group>
I've restarted Wildfly and even the server after making the standalone.xml changes. No luck.
Stack:
Wildfly 10.0.0.final
Ubuntu 14.04.4 LTS
AWS
Any suggestions?
My SSL contact pointed out that JBoss cannot run on 443 because it's a privileged port. This lead me to research and I found I should redirect the port using: iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443 Is this the correct method? Seems to work fine.
I've installed wso2esb-4.9.0 and the master datasource is configured to a oracle DB. When the connection to the Oracle Database is dropped due to a network connectivity issue the following error is continually printed even though the connection is back again. Only after a restart the exception stops.
TID: [-1234] [] [2016-05-16 00:53:21,457] ERROR {org.wso2.carbon.registry.core.utils.RegistryUtils} - Failed to construct the connectionId. {org.wso2.carbon.registry.core.utils.RegistryUtils}
java.sql.SQLRecoverableException: Closed Connection
at oracle.jdbc.driver.PhysicalConnection.getMetaData(PhysicalConnection.java:3131)
at sun.reflect.GeneratedMethodAccessor28.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.tomcat.jdbc.pool.ProxyConnection.invoke(ProxyConnection.java:126)
at org.apache.tomcat.jdbc.pool.JdbcInterceptor.invoke(JdbcInterceptor.java:109)
at org.wso2.carbon.ndatasource.rdbms.ConnectionRollbackOnReturnInterceptor.invoke(ConnectionRollbackOnReturnInterceptor.java:51)
at org.apache.tomcat.jdbc.pool.JdbcInterceptor.invoke(JdbcInterceptor.java:109)
at org.apache.tomcat.jdbc.pool.interceptor.AbstractCreateStatementInterceptor.invoke(AbstractCreateStatementInterceptor.java:71)
at org.apache.tomcat.jdbc.pool.JdbcInterceptor.invoke(JdbcInterceptor.java:109)
at org.apache.tomcat.jdbc.pool.interceptor.ConnectionState.invoke(ConnectionState.java:153)
at org.apache.tomcat.jdbc.pool.JdbcInterceptor.invoke(JdbcInterceptor.java:109)
at org.apache.tomcat.jdbc.pool.TrapException.invoke(TrapException.java:41)
at org.apache.tomcat.jdbc.pool.JdbcInterceptor.invoke(JdbcInterceptor.java:109)
at org.apache.tomcat.jdbc.pool.DisposableConnectionFacade.invoke(DisposableConnectionFacade.java:80)
at com.sun.proxy.$Proxy14.getMetaData(Unknown Source)
at org.wso2.carbon.registry.core.utils.RegistryUtils.getConnectionId(RegistryUtils.java:194)
at org.wso2.carbon.registry.core.jdbc.dataaccess.JDBCDatabaseTransaction$ManagedRegistryConnection.getConnectionId(JDBCDatabaseTransaction.java:1133)
at org.wso2.carbon.registry.core.jdbc.dataaccess.JDBCDatabaseTransaction$ManagedRegistryConnection.rollback(JDBCDatabaseTransaction.java:1288)
at org.wso2.carbon.registry.core.jdbc.dataaccess.JDBCTransactionManager.rollbackTransaction(JDBCTransactionManager.java:120)
at org.wso2.carbon.registry.core.jdbc.dao.JDBCLogsDAO.rollbackTransaction(JDBCLogsDAO.java:335)
at org.wso2.carbon.registry.core.jdbc.dao.JDBCLogsDAO.getLogList(JDBCLogsDAO.java:306)
at org.wso2.carbon.registry.core.jdbc.EmbeddedRegistry.getLogs(EmbeddedRegistry.java:2332)
at org.wso2.carbon.registry.core.caching.CacheBackedRegistry.getLogs(CacheBackedRegistry.java:402)
at org.wso2.carbon.registry.core.session.UserRegistry.getLogsInternal(UserRegistry.java:1806)
at org.wso2.carbon.registry.core.session.UserRegistry.access$3600(UserRegistry.java:60)
at org.wso2.carbon.registry.core.session.UserRegistry$37.run(UserRegistry.java:1777)
at org.wso2.carbon.registry.core.session.UserRegistry$37.run(UserRegistry.java:1774)
at java.security.AccessController.doPrivileged(Native Method)
at org.wso2.carbon.registry.core.session.UserRegistry.getLogs(UserRegistry.java:1774)
at org.wso2.carbon.registry.indexing.ResourceSubmitter.submitResource(ResourceSubmitter.java:119)
at org.wso2.carbon.registry.indexing.ResourceSubmitter.run(ResourceSubmitter.java:76)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
master-datasources.xml
<?xml version="1.0" encoding="UTF-8" standalone="no"?><datasources-configuration xmlns:svns="http://org.wso2.securevault/configuration">
<providers>
<provider>org.wso2.carbon.ndatasource.rdbms.RDBMSDataSourceReader</provider>
</providers>
<datasources>
<datasource>
<name>WSO2_CARBON_DB</name>
<description>The datasource used for registry and user manager</description>
<jndiConfig>
<name>jdbc/WSO2CarbonDB</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:oracle:thin:#xxx.xx.x.xxx:1528/dvdb</url>
<username>esbuser</username>
<password svns:secretAlias="Datasources.WSO2_CARBON_DB.Configuration.Password">password</password>
<driverClassName>oracle.jdbc.driver.OracleDriver</driverClassName>
<maxActive>80</maxActive>
<maxWait>60000</maxWait>
<minIdle>5</minIdle>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1 FROM DUAL</validationQuery>
<validationInterval>30000</validationInterval>
</configuration>
</definition>
</datasource>
<datasource>
<name>WSO2_REG_DB</name>
<description>The datasource used for registry and user manager</description>
<jndiConfig>
<name>jdbc/WSO2REG</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:oracle:thin:#xxx.xx.x.xxx:1528/dvdb</url>
<username>reguser</username>
<password svns:secretAlias="Datasources.WSO2_REG_DB.Configuration.Password">password</password>
<driverClassName>oracle.jdbc.driver.OracleDriver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<minIdle>5</minIdle>
<validationQuery>SELECT 1 FROM DUAL</validationQuery>
<testWhileIdle>true</testWhileIdle>
<timeBetweenEvictionRunsMillis>1800000</timeBetweenEvictionRunsMillis>
<numTestsPerEvictionRun>5</numTestsPerEvictionRun>
<minEvictableIdleTimeMillis>3600000</minEvictableIdleTimeMillis>
</configuration>
</definition>
</datasource>
<!-- For an explanation of the properties, see: http://people.apache.org/~fhanik/jdbc-pool/jdbc-pool.html -->
<!--datasource>
<name>SAMPLE_DATA_SOURCE</name>
<jndiConfig>
<name></name>
<environment>
<property name="java.naming.factory.initial"></property>
<property name="java.naming.provider.url"></property>
</environment>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<defaultAutoCommit></defaultAutoCommit>
<defaultReadOnly></defaultReadOnly>
<defaultTransactionIsolation>NONE|READ_COMMITTED|READ_UNCOMMITTED|REPEATABLE_READ|SERIALIZABLE</defaultTransactionIsolation>
<defaultCatalog></defaultCatalog>
<username></username>
<password svns:secretAlias="WSO2.DB.Password"></password>
<maxActive></maxActive>
<maxIdle></maxIdle>
<initialSize></initialSize>
<maxWait></maxWait>
<dataSourceClassName>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</dataSourceClassName>
<dataSourceProps>
<property name="url">jdbc:mysql://localhost:3306/Test1</property>
<property name="user">root</property>
<property name="password">123</property>
</dataSourceProps>
</configuration>
</definition>
</datasource-->
</datasources>
repository/conf/registry.xml
<currentDBConfig>wso2registry</currentDBConfig>
<readOnly>false</readOnly>
<enableCache>true</enableCache>
<registryRoot>/</registryRoot>
<dbConfig name="wso2registry">
<dataSource>jdbc/WSO2CarbonDB</dataSource>
</dbConfig>
<dbConfig name="remoteRegistry">
<dataSource>jdbc/WSO2REG</dataSource>
</dbConfig>
<remoteInstance url="https://registryhost:9453/registry">
<id>9453</id>
<dbConfig>remoteRegistry</dbConfig>
<readOnly>false</readOnly>
<registryRoot>/</registryRoot>
</remoteInstance>
<mount path="/_system/config" overwrite="false">
<instanceId>9453</instanceId>
<targetPath>/_system/nodes</targetPath>
</mount>
<mount path="/_system/governance" overwrite="false">
<instanceId>9453</instanceId>
<targetPath>/_system/governance</targetPath>
</mount>
In my case the problem was caused by a wrong line deleted at file repository/config/registry.xml.
I'd removed this code:
<dbConfig name="wso2registry">
<dataSource>jdbc/WSO2CarbonDB</dataSource>
</dbConfig>
Instead of add another dbConfig tag.
For me, the correction was re-add that tag. Like this:
<wso2registry>
<!-- These are used to define the DB configuration and the basic parameters to be used for the registry -->
<currentDBConfig>wso2registry</currentDBConfig>
<readOnly>false</readOnly>
<enableCache>true</enableCache>
<registryRoot>/</registryRoot>
<!-- This defines the default database and its configuration of the registry -->
<dbConfig name="wso2registry">
<dataSource>jdbc/WSO2CarbonDB</dataSource>
</dbConfig>
<dbConfig name="sharedregistry">
<dataSource>jdbc/WSO2RegistryDB</dataSource>
</dbConfig>
...
...
</wso2registry>
Hope this post help you...
I had the same issue.
In the master-datasources.xml
1- set the datasource name same as the jndiConfig name
2- set 2 differents datasources with different names for both registry and user management.
Here my master-datasources.xml
<datasource>
<name>WSO2REG_DB</name>
<description>The datasource used for registry</description>
<jndiConfig>
<name>jdbc/WSO2REG_DB</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:mysql://localhost:3306/registry?autoReconnect=true&relaxAutoCommit=true&</url>
<username>apiuser</username>
<password>apimanager</password>
<driverClassName>com.mysql.jdbc.Driver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1</validationQuery>
<validationInterval>30000</validationInterval>
</configuration>
</definition>
</datasource>
<datasource>
<name>WSO2UM_DB</name>
<description>The datasource used for user management</description>
<jndiConfig>
<name>jdbc/WSO2UM_DB</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:mysql://localhost:3306/userstore?autoReconnect=true&relaxAutoCommit=true&
</url>
<username>apiuser</username>
<password>apimanager</password>
<driverClassName>com.mysql.jdbc.Driver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1</validationQuery>
<validationInterval>30000</validationInterval>
</configuration>
</definition>
</datasource>
In the registry.xml
1- set the wso2registry dbConfig with the user management data source
2- set the govregistry dbConfig with the registry data source
Here my registry.xml
<dbConfig name="wso2registry">
<dataSource>jdbc/WSO2UM_DB</dataSource>
</dbConfig>
<dbConfig name="govregistry">
<dataSource>jdbc/WSO2REG_DB</dataSource>
</dbConfig>
It worked for me and my IS-Server could start properly. Hope it will work for you too, when the problem isn't already fixed.
I use jetty 9.2.2.v20140723 as the server.
I use jetty-maven-plugin, the pom.xml like this:
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>9.2.2.v20140723</version>
<configuration>
<systemProperties>
<systemProperty>
<name>java.security.auth.login.config</name>
<value>props.conf</value>
</systemProperty>
</systemProperties>
<!-- <scanIntervalSeconds>3</scanIntervalSeconds> -->
<connectors>
<connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
<port>8080</port>
</connector>
<connector implementation="org.eclipse.jetty.server.ssl.SslSocketConnector">
<port>8443</port>
<keystore>keystore.jks</keystore>
<keyPassword>password</keyPassword>
<password>password</password>
<needClientAuth>false</needClientAuth>
<wantClientAuth>false</wantClientAuth>
</connector>
</connectors>
</configuration>
</plugin>
jetty-env.xml like this:
<Configure id="wac" class="org.eclipse.jetty.webapp.WebAppContext">
<New id="myds" class="org.eclipse.jetty.plus.jndi.Resource">
<Arg><Ref refid="wac"/></Arg>
<Arg>jdbc/myds</Arg>
<Arg>
<New class="com.mysql.jdbc.jdbc2.optional.MysqlDataSource">
<Set name="Url">jdbc:mysql://localhost:3306/cp</Set>
<Set name="User">root</Set>
<Set name="Password">1234</Set>
</New>
</Arg>
</New>
</Configure>
web.xml like this:
<resource-ref>
<description>My DataSource Reference</description>
<res-ref-name>jdbc/myds</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
When I login in like this:
ctx = new LoginContext("props", new TestCallBackHandler(username, password));
ctx.login();
I get the error:
javax.security.auth.login.LoginException: java.lang.IllegalStateException: javax.naming.NameNotFoundException; remaining name 'env/jdbc/myds'
But I can get the datasource like this:
InitialContext ctx = new InitialContext();
DataSource ds = (DataSource)ctx.lookup("java:comp/env/jdbc/myds");
Is the Vaadin problem, I changed the "#Push"
With the following, mutual client cert, SSL (TLS) handshake works for a rest endpoint (yay!) - validated via testing and debugging: javax.net logging & wireshark. But...
1st observation: HTTPServletRequest and JAX-RS annotated SecurityContext has null Principal info
2nd observation: Tampering with the login-config.xml, containing application-policy elements, has no effect
In short, TLS works but the transfer of the cert DN to the HTTPServletRequest object in the request thread does not preventing the application from picking up on the caller's ID. Does anyone have any advice?
On JBoss 6:
deploy/jbossweb.sar/server.xml:
<Connector protocol="HTTP/1.1" debug="10"
SSLEnabled="true"
...
secure="true"
clientAuth="true"
sslProtocol = "TLS"
securityDomain="java:/jaas/mydomain"
SSLImplementation="org.jboss.net.ssl.JBossImplementation" />
deploy/jbossweb.sar/META-INF/jboss-beans.xml:
<depends>jboss.security:service=PBESecurityDomain</depends>
deploy/security-service.xml:
<?xml version="1.0" encoding="UTF-8"?>
<server>
<mbean code="org.jboss.security.plugins.JaasSecurityDomain"
name="jboss.security:service=PBESecurityDomain">
<constructor> <arg type="java.lang.String" value="mydomain"/>
</constructor>
<attribute name="KeyStoreURL">${jboss.server.home.dir}/mykeystore.jks</attribute>
<attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/mykeystorepass.pbe</attribute>
<attribute name="TrustStoreURL">${jboss.server.home.dir}/mytruststore.jks</attribute>
<attribute name="TrustStorePass">password</attribute>
<attribute name="Salt">abunchofrandomchars</attribute>
<attribute name="IterationCount">13</attribute>
<depends>jboss.security:service=JaasSecurityManager</depends>
</mbean>
</server>
deploy/security/security-jboss-beans.xml:
<bean name="XMLLoginConfig" class="org.jboss.security.auth.login.XMLLoginConfig">
<property name="configResource">login-config.xml</property>
</bean>
<bean name="SecurityConfig" class="org.jboss.security.plugins.SecurityConfig">
<property name="mbeanServer"><inject bean="JMXKernel" property="mbeanServer"/></property>
<property name="defaultLoginConfig"><inject bean="XMLLoginConfig"/></property>
</bean>
conf/login-config.xml:
<application-policy name="mydomain">
<authentication>
<login-module code="org.jboss.security.auth.spi.BaseCertLoginModule"
flag = "required">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="securityDomain">java:/jaas/mydomain</module-option>
<module-option name="verifier">org.jboss.security.auth.certs.AnyCertVerifier</module-option>
<module-option name="principalClass">org.jboss.security.auth.certs.SubjectDNMapping</module-option>
</login-module>
<login-module code="org.jboss.security.auth.spi.UserRolesLoginModu"
flag = "required">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="usersProperties">users.properties</module-option>
<module-option name="rolesProperties">roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
war/WEB-INF/jboss-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC
"-//JBoss//DTD Web Application 2.4//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">
<jboss-web>
<security-domain>java:/jaas/mydomain</security-domain>
<context-root>/myapp</context-root>
</jboss-web>
Add the special ClientLoginModule to login-context.xml to fix the null principal issue.
<login-module code="org.jboss.security.ClientLoginModule" flag="required"></login-module>