I'm going to describe an odd situation.. We have a product with a properly working CAS and LDAP integration. The problem is that not all of our clients use LDAP, which is fine, EXCEPT that the integration is still in place and so CAS is actively attempting to connect to the ldap server (and failing of course). It attempts to connect every five minutes, which creates a very bloated Tomcat log. My goal is to prevent it from attempting to connect without gutting the integration. I'm hoping someone knows of a way to prevent or manage when/how CAS attempts to connect to the defined LDAP server.
I've attempted to remove key components of the CAS property file as well as the deployerConfigContext.xml but the integration has too many dependencies, and I haven't been successful.
Here are some of the properties that are used in the cas.properties file. Setting the ldap.auth.enabled to false allows our integration to not use LDAP when authenticating the user but doesn't prevent CAS from attempting to connect to the LDAP server:
ldap.auth.enabled=false
ldap.url=ldap://xyz.customurl.com
ldap.useStartTLS=false
ldap.rootDn=DC=xyz,DC=xyz,DC=com
ldap.baseDn=DC=xyz,DC=xyz,DC=com
ldap.connectTimeout=3000
ldap.managerDn=CN=xyz,CN=Users,DC=xyz,DC=xyz,DC=com
ldap.managerPassword=xyz
ldap.authn.searchFilter=(&(sAMAccountName={user})(objectClass=user))
ldap.domain=123.456.7.890
ldap.pool.minSize=1
ldap.pool.maxSize=10
ldap.pool.validateOnCheckout=false
ldap.pool.validatePeriodically=true
ldap.pool.blockWaitTime=3000
ldap.pool.validatePeriod=300
ldap.pool.prunePeriod=300
ldap.pool.idleTime=600
ldap.usePpolicy=false
ldap.allowMultipleDns=true
This is the relevant section from the deployerConfigContext.xml. I've tried commenting the entire ldap section but have received various other errors that caused TomCat to crash:
<bean id="ldapAuthenticationHandler"
class="org.jasig.cas.authentication.LdapAuthenticationHandler"
p:principalIdAttribute="sAMAccountName"
c:authenticator-ref="authenticator" lazy-init="true"/>
<ldaptive:ad-authenticator id="authenticator"
ldapUrl="${ldap.url}"
userFilter="${ldap.authn.searchFilter}"
bindDn="${ldap.managerDn}"
bindCredential="${ldap.managerPassword}"
allowMultipleDns="${ldap.allowMultipleDns:false}"
connectTimeout="${ldap.connectTimeout}"
validateOnCheckOut="${ldap.pool.validateOnCheckout}"
failFastInitialize="false"
blockWaitTime="${ldap.pool.blockWaitTime}"
idleTime="${ldap.pool.idleTime}"
baseDn="${ldap.baseDn}"
maxPoolSize="${ldap.pool.maxSize}"
minPoolSize="${ldap.pool.minSize}"
validatePeriodically="${ldap.pool.validatePeriodically}"
validatePeriod="${ldap.pool.validatePeriod}"
prunePeriod="${ldap.pool.prunePeriod}"
useSSL="${ldap.use.ssl:false}"
subtreeSearch="${ldap.subtree.search:true}"
useStartTLS="${ldap.useStartTLS}"/>
The stack trace for the CAS to LDAP server connection is huge. Here is a small snippet. I can attach the whole thing if that is useful.
org.ldaptive.provider.ConnectionException:
javax.naming.CommunicationException: ldap.url.com:389 [Root exception
is java.net.UnknownHostException: ldap.url.com
I toggle between JDBC and LDAP/AD Handlers. Ensure that you comment out your ldap handler under:
deployerConfigContext.xml
xpath:
/beans
/bean[class=org.jasig.cas.authentication.AuthenticationManagerImpl]
/property[name=authenticationHandlers]
/list/
We satisfactorily resolved this by disabling this log4j property in the log4j configuration file in CAS:
<Logger name="org.ldaptive.pool.BlockingConnectionPool" level="debug">
<AppenderRef ref="console" />
</Logger>
Another option may have been to create a log4j filter and target the particular message that was causing the tomcat file to become huge.
Hi i want to start more than one gemfire cache-server on same host using Spring gemfire 8.1.Please find below gemfire configuration file. I want to start GFServer1 and GFServer2 on same host i.e.HOSTNAME using Spring Gemfire configuration. I want to avoid gfsh command and start everything from eclipse and connect client to these servers on the same host.
Thanks in advance
<util:properties id="gemfireProperties">
<prop key="name">Locator_Dev</prop>
<prop key="mcast-port">0</prop>
<prop key="locators">HOSTNAME[1099]</prop>
<prop key="log-level">warning</prop>
<prop key="http-service-port">8181</prop>
<prop key="jmx-manager">true</prop>
<prop key="jmx-manager-port">1199</prop>
<prop key="jmx-manager-start">true</prop>
<prop key="start-locator">HOSTNAME[1099]</prop>
</util:properties>
<gfe:cache properties-ref="gemfireProperties" />
<gfe:cache-server id="GFServer1" auto-startup="true"
bind-address="HOSTNAME" port="40411" host-name-for-clients="HOSTNAME"
load-poll-interval="2000" max-connections="22" max-threads="16"
max-message-count="1000" max-time-between-pings="30000" >
<gfe:subscription-config eviction-type="ENTRY"
capacity="1000" disk-store="diskStore1" />
</gfe:cache-server>
<gfe:cache-server id="GFServer2" auto-startup="true"
bind-address="HOSTNAME" port="40412" host-name-for-clients="HOSTNAME"
load-poll-interval="2000" max-connections="22" max-threads="16"
max-message-count="1000" max-time-between-pings="30000" >
<gfe:subscription-config eviction-type="ENTRY"
capacity="1000" disk-store="diskStore1" />
</gfe:cache-server>
<gfe:disk-store id="diskStore1" queue-size="50"
auto-compact="true" max-oplog-size="10" time-interval="9999">
<gfe:disk-dir
location="D:\NP\WorkSpace\GemfireRegionSolutionNStart\disk-store\store_1"
max-size="20" />
<gfe:disk-dir
location="D:\NP\WorkSpace\GemfireRegionSolutionNStart\disk-store\store_2"
max-size="20" />
</gfe:disk-store>
<gfe:replicated-region id="customer" name="Customer">
</gfe:replicated-region>
<gfe:replicated-region id="bookMaster" name="BookMaster">
</gfe:replicated-region>
</beans>
The configuration you have posted will create two cache-servers within the same JVM, i.e it will open up two ports within the same process.
If this is not what you want, i.e you want two distinct process, in eclipse you will have to provide two runtime configurations to start the two servers.
Is there a specific question? As #Swapnil points out, this will start 2 GemFire "Cache Servers" (ServerSockets listening for Cache Clients) as you have appropriately configured on the same host within the same JVM. This will work regardless of how this is executed (i.e. IDE, command-line, from Gfsh or from Spring Boot).
Let us know if you have a more specific question, thanks!
So you can configure the LocatorLauncherFactoryBean, for example, like so...
<uti:properties id="gemfireProperties">
<prop key="log-level">config</prop>
<prop key="http-service-port">8181</prop>
<prop key="jmx-manager">true</prop>
<prop key="jmx-manager-port">1199</prop>
<prop key="jmx-manager-start">true</prop>
<prop key="locators">host1[10334],host2[11235],...,hostN[20668]</prop>
</util:properties>
<bean id="locator" class="org.spring.data.gemfire.config.LocatorLauncherFactoryBean">
<property name="gemfireProperties" ref="gemfireProperties"/>
<property name="memberName" value="SpringDataGemFireLocator"/>
<property name="bindAddress" value="10.124.12.24"/>
<property name="port" value="12480"/>
</bean>
As you may have noticed, this Locator can join other Locators in the GemFire Cluster, which were specified in the "gemfireProperties" bean with the "locators" GemFire System property.
NOTE: the "bindAddress" property to the LocatorLauncherFactoryBean is only necessary if the localhost where this Locator will be running has multiple NICs and you want to bind to a specific NIC.
Also, I have set the JMX Manager GemFire System properties to enable the Locator to become and actually start a Manager (on port 1199). This allows you to connect to this Locator from Gfsh either with gfsh>connect --locator=localhost[12480] or with gfsh>connect --jmx-manager=localhost[1199].
Basically, the "gemfireProperties" bean allows you to configure any valid GemFire System property.
Now, since this Locator is running from within your IDE, you will need to configure the "run profile" with a $GEMFIRE environment variable pointing at a GemFire distribution downloaded from Pivotal's website in order to get Pulse running from this Locator. This is expected by the GemFire Manager's ManagementAgent when making a decision of whether to 1. start the embedded HTTP Service (Jetty) running GemFire's out-of-box webapps (e.g. Pulse) and 2. whether it can find Pulse and start the webapp. The ManagementAgent looks for Pulse in the distro.
For instance, I set my $GEMFIRE environment variable to...
/Users/jblum/Downloads/Pivotal/GemStone/Products/GemFire/Pivotal_GemFire_820_b17919_Linux
Now, to get your individiual Spring-configured GemFire Servers to connect to the cluster, that is simple.
Again, you only need a "gemfireProperties" bean defined in each Spring GemFire Server XML configuration file with the "locators" GemFire System property defined, e.g. ...
<uti:properties id="gemfireProperties">
<prop key="log-level">config</prop>
<prop key="locators">localhost[12480]</prop>
</util:properties>
<gfe:cache properties-ref="gemfireProperties"/>
This configuration will enable the GemFire Data Nodes to connect to the cluster, and this cluster will be visible from Pulse, if everything is setup correctly.
Again, hope this helps.
Cheers,
John
OK... so you have a few options from within your IDE (e.g. Eclipse).
If you break the Spring config above into 2 separate Spring (Data GemFire) XML configuration files, each containing 1 of the <gfe:cache-server> elements, call these files, for example, spring-gemfire-server1-context.xml and spring-gemfire-server2-context.xml, you could run the Spring-based/configure GemFire "data nodes" and Cache Servers with the following...
SimpleSpringApplication
Where the argument to the simple little Java "main" program is the file system path to 1 of the Spring XML configuration files noted above.
Better yet, you can launch these Spring (GemFire) configs with a SpringBoot application using something like...
UsefulSpringBootGemFireApplication
As you can see here, you can use either the #Import annotation if you are configuring GemFire from Spring using Java-based Configuration (for example, UsefulSpringBasedGemFireConfiguration), or in your case, with XML using the
#ImportResoruce("/classpath/to/spring-gemfire-server1-context.xml") annotation.
It maybe possible (not sure) to pass a System property value into the #ImportResource annotation, like so...
#SpringBootApplication
#ImportResource("${spring-gemfire-context-xml-location}")
class SpringBootGemFireApplication {
...
}
Then, from within your IDE, you can create 2 separate "run profiles" using the same SpringBootGemFireApplication class and then setting the System property (e.g. -Dspring-gemfire-context-xml-location=/path/to/spring-gemfire-server1-context.xml) appropriately for each configuration.
Remember, you can use Spring's ResourceLoader path qualifiers (e.g. file:, http:, etc) to resolve your Spring GemFire config from different source locations (CLASSPATH, file system, etc)... see the table ("Table 7.1 Resource strings") in hyperlinked section of the Spring Framework Reference Guide.
In the worst case, you need to create 2 separate, but nearly identical SpringBoot application Java main classes to launch your 2 configuration files for each GemFire Data Node (& CacheServer) JVM process. However, hopefully using the System property approach allows you to recycle the same class in 2 separate run profiles.
So, this leaves you with 2 GemFire Data Node JVM processes now. But, what about he Locator?
Well, you can continue to embed the Locator in the GemFire Data Node Server JVM process as before, but if you really want a standalone Locator JVM process, then you can use the following, "experimental" class...
LocatorLauncherFactoryBean
This class uses GemFire's LocatorLauncher class to configure and bootstrap a GemFire Locator from Spring config. I created this class over 2 years ago for a customer POC as example of how a developer might configure a GemFire Locator from Spring config.
The Spring XML configuration (used by the SpringBootGemFireApplication #ImportResoruce annotation, in yet another "run profile" and System property combination), would look similar to the following...
locator.xml
Now, you have effectively achieved 3 separate GemFire JVM processes (2 Servers and 1 Locator). You can scale this from with our IDE to however many Servers and Locators you want, and Pulse will show all of these in the cluster, providing the cluster is configured correctly (Servers pointed at Locators, etc).
Hope this helps.
Cheers!
John
I am porting a suite of related applications from WebLogic to JBoss EAP v6.2.
I have set up a data source connection using the JBoss command line interface and hooked it to an oracle database. This database has a name of "mydatasource" and a JNDI name of
"java:jboss/datasources/mydatasource" as per JBoss standards. I can test and validate this database connection.
However, when I try to port the code and run it, the connection doesn't work. The code that worked in WebLogic was simply:
InitialContext ic = new InitialContext() ;
DataSource ds = (DataSource)ic.lookup(dataSource) ;
with a value in dataSource of "mydatasource".
This worked in Web Logic but in JBoss it throws a NameNotFoundException
javax.naming.NameNotFoundException: mydatasource-- service jboss.naming.context.java.mydatasource
Clearly there is a difference in how the InitialContext is set up between the two servers.
But this port involves a large number of small applications, all of which connect to the datasource via code like that above. I don't want to rewrite all that code.
Is there a way through configuration (InitialContextFactory, maybe) to define the initial context such that code like that above will work without rewriting, or perhaps is there another way of naming the datasource that JBoss will accept that would allow code like that above to work without rewriting?
Or must we bite the bullet and accept that this code needs a rewrite?
Update: Yes, I know that simply passing "java:jboss/datasources/mydatasource" to the InitialContext lookup solves the problem, but I am looking for a solution via configuration, rather than via coding if there is such a solution.
The way to do this correctly through configuration is to use
java:comp/env/jdbc/myDataSource
then use resource-ref in web.xml to map it to the declare datasource and use weblogic.xml or jboss-web.xml to actually map it to the real one
in weblogic admin console, when you define datasource it can be jdbc/realDataSource
JNDI path Tomcat vs. Jboss
For weblogic http://docs.oracle.com/cd/E13222_01/wls/docs103/jdbc_admin/packagedjdbc.html
I'm trying to get integration testing working for a GlassFish 2.x project, using Maven2 and Cargo. I finally have Cargo attempting to deploy my EAR but it fails to start because the data source is not configured. The app also depends on a few JMS queues and a connection factory - how do I add these?
The Cargo Glassfish 2.x plugin says existing configurations are not supported, so I can't do that.
Using the maven-glassfish-plugin is an option, but we also run OC4J so a Cargo solution would be preferred.
edit: The resources are: 1 JDBC connection pool, 1 JDBC resource, 4 JMS queues, 2 JMS connection factories and a custom security realm (pear tree optional). The realm needs an entry in the login.conf like:
myRealm {
uk.co.mycom.MyGlassFishLoginModule required;
};
I'm not sure (I never used this) but IIRC, you should be able to put your datasource configuration in a sun-resources.xml file and package it under META-INF/sun-resources.xml in your EAR and GlassFish is supposed to create the resources at deploy time.
Here is an example sun-resources.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE resources PUBLIC "-//Sun Microsystems Inc.//DTD Application Server 9.0 Domain//EN" "sun-resources_1_3.dtd">
<resources>
<jdbc-connection-pool name="SPECjPool" steady-pool-size="100"
max-pool-size="150" max-wait-time-in-millis="60000"
pool-resize-quantity="2" idle-timeout-in-seconds="300"
is-isolation-level-guaranteed="true"
is-connection-validation-required="false"
connection-validation-method="auto-commit"
fail-all-connections="false"
datasource-classname="oracle.jdbc.pool.OracleDataSource">
<property name="URL"
value="jdbc:oracle:thin:#iasperfsol12:1521:specdb"/>
<property name="User" value="spec"/>
<property name="Password" value="spec"/>
<property name="MaxStatements" value="200"/>
<property name="ImplicitCachingEnabled" value="true"/>
</jdbc-connection-pool>
<jdbc-resource enabled="true" pool-name="SPECjPool"
jndi-name="jdbc/SPECjDB"/>
</resources>
Give it a try.
Resources
The sun-resources.xml File
Thanks, that worked. The datasource seems to have gone in okay and the app has deployed. However from the doc you linked, I can't see how to add the other things I need (edited more detail into my question about these). This solution also means that I will have to (use profiles to?) build my EAR differently for IT, which is imperfect.
I somehow missed that you wanted to create other resources than Datasources and I've seen several threads reporting that the suggested approach won't work with GlassFish v2 for any resources (like JMS resources). My bad.
So, given the current state, your options are (IMO):
contribute to Cargo to provide an "existing" configuration implementation for GlassFish v2
use the maven-glassfish-plugin as you suggested
I don't have any better suggestions.
I'm currently trying to 'port' my Java EE 5 Application from Jboss 6 M2 to Glassfish 3.0.1
Jboss used to create my JMS Destination Queues a deployment-time thanks to the -service.xml files. I really liked this feature and I would like to find a way to do the same thing on Glassfish. Is this even possible ?
I'm not sure of the exact status with GlassFish 3.0.1 but according to these threads:
http://markmail.org/thread/cqj56ehulg7qdenp
http://markmail.org/thread/zs4naxy534ijbpic
creating JMS destinations at deploy time was not supported. But these threads are pretty old and things might have changed (see below).
You can however declare them in a sun-resources.xml file and pass it to the asadmin add-resources command.
That being said, several documents (like this one or this one) mention the deployment of application-scoped-resources defined in a sun-resources.xml bundled in the application (that will become glassfish-resources.xml in GlassFish 3.1) as part of the deploy/undeploy of the app but:
I don't know if this is relevant for 3.0.1.
I don't know the exact status, especially for JMS resources.
This would require testing.
With glassfish v4x, Connection factory and destinations(ie queue and topics) can be configured in domain.xml file under glassfish/domains/your-domain-name
Eg :
<resources>
<connector-connection-pool resource-adapter-name="jmsra" max-pool-size="250" steady-pool-size="1" name="jms/DurableConnectionFactory-Connection-Pool" description="connection factory for durable subscriptions" connection-definition-name="javax.jms.ConnectionFactory">
<property name="ClientId" description="MyID" value="MyID"></property>
</connector-connection-pool>
<connector-resource pool-name="jms/DurableConnectionFactory-Connection-Pool" description="connection factory for durable subscriptions" jndi-name="jms/DurableConnectionFactory"></connector-resource>
<admin-object-resource res-adapter="jmsra" description="PhysicalQueue" res-type="javax.jms.Queue" jndi-name="jms/MyQueue">
<property name="Name" value="PhysicalQueue">
</property>
</admin-object-resource>
</resources>