I have a Web-Service that's being called from a remote Java program. I want to secure the Web Service with WS-Trust, using PicketLink. PicketLink is working, and I can obtain a token (assertion) from the picketlink-sts, using the WSTrustClient class.
But in JBoss 7, there appears to be no way to supply any of the client-side WS runtime classes with this token. The samples on the JBoss sites use this:
((BindingProvider) port).getRequestContext().put(SAML2Constants.SAML2_ASSERTION_PROPERTY, assertion);
But org.picketlink.trust.jbossws.SAML2Constants does not exist because there are no org.picketlink.trust packages in any of the JBoss 7 or PicketLink jars.
I have no experience with PicketLink (yet). But some Googling led me to this forum question & answer.
Related
How to call TWS beans from another Java EE server like JBoss or even WAS Liberty Profile?
I've no direct experience with JBoss or Liberty, but we have tried several times from Tomcat without success. Maybe it's possible with Liberty but as said I've never tried it.
This is one of the reason we are moving to REST APIs that makes interoperability much easier. REST APIs has been introduced on TWSd with 9.3 FP2, but are still not available on TWSz.
If you need them on TWSz, you can try to open an RFE to push this new feature.
If you don't have a product/release that natively support REST APIs, a possible pattern is to implement your own REST APIs based on J2EE APIs and deploy them as an additional WAR on the engine/connector WAS, and the call these REST APIs from your JBoss, Liberty.
My team is working on the migration of a hybrid app from Tibco Silver Mobile(TSM) platform to IBM MobileFirst Platform.
I have a JAX-RS webservice developed using Weblogic IDE which is currently hosted on TSM server. This webservice does a security check for all the incoming back-end requests and pass the request to the back-end if it is from a valid source.
When the app will be migrated from TSM to MobileFirst platform the TSM server will be moved out of the scene. I am looking for some alternate options for hosting this JAX-RS webservice. I don't want to make any changes to the webservice since it is a tested and proven code used in the TSM based solution.
I understand from the IBM MobileFirst Platform 7.0 documentation that JAX-RS support is now available on the MobileFirst Server and JAX-RS specification based Java adapters can be developed and deployed to the server.
Can I deploy the above mentioned webservice .WAR file as such to MobileFirst Server, without making any customizations?
If yes, what is the procedure for deploying the webservice (.WAR) to MobileFirst Server?
If no, what are the alternate options that can be considered?
As indicated in the comments above:
MFP Server is actually a Java EE application deployed to a supported Java EE application server, WebSphere Liberty or full WebSphere ND being the normal options, though TomCat is also supported.
In principle your own JAX/RS WAR file can be deployed to these same servers, the details will depend upon exactly what Java EE features you exploit and you will need to understand those Java EE servers' administration model. MFP itself is not affected by this, and you need no MFP knowledge to do it. You just need to understand the chosen Java EE server. Personally I would start with WebSphere Liberty.
A further question would be whether it is better to isolate your JAX/RS and Mobile First servers into their own Java EE server instances. It can be easier to manage and scale if you keep things separate, but technically there should be no interference if you do co-locate them. It is pretty trivial to spin up a dedicated Liberty server.
A more interesting question is whether there is value in actually exploiting the MFP Adapter capability to create JAX/RS services. In effect it's your familiar JAX/RS programming model but packaged slightly differently, deployed as a MFP adapter, and with the option explicitly to exploit the MFP security model and easily call other MFP adapters.
Personally, if I were coming to a project with no existing JAX/RS services and have commited to MFP and its security model then I would do my JAX/RS in the MFP Adapters.
Does GlassFish 4.0 server act as a SIP servlet container? I googled but could not find a answer. It may be obvious but I could not figure it out. I am new to Java EE.
I have got a legacy prototype implementation to work with. It uses Java SIP servlet. It's a Netbeans project. It does not have any setup documentation. So I don't know which server I should use.
I installed Netbeans IDE 8.0 with Java EE 7 and GlassFish server 4.0. I thought I would start learning to use SIP servlet by following Oracle's SIP Servlet Tutorial. In that tutorial, "Communication Server" is recommended in "Required Software" section. When I googled to download this, I found Oracle Communications Converged Application Server which was not free.
I'm not sure if you can use GlassFish for SIP servlets, I'm not aware of any implementation working with it. But you can use Mobicents, built on top of Tomcat or JBoss.
For development of my first JSF 2.0 app I use GlassFish v3.1, deployment is planned on JBoss 6. Are there libraries which work on both servers and support JDBC based login? I have read about Apache Shiro, is this an option for this scenario or would you recommend a different library?
Shiro should more than meet your needs in a Java EE app. Feel free to ask any questions about it along the way - you'll find a helpful community!
Apache Shiro isn't based on Java EE security. I'd really use the latter (specifying security in web.xml, ejb annotations, ...). A login module in Glassfish (custom or existing one), or the jboss equivalent, should handle authentication/groups/roles. I really wouldn't use a non-standard library where there is a standard solution (=specification-based).
Maybe I dont know the right search terms to query with, but I cannot find instructions on how to configure glassfish 3.1 to allow me to use an external websphere mq7 server for my jms/mdb project. Can someone help me get this configured? I'll repay the community by writing a good howto document if there isn't one out there already.
Came across this in my own semi-related Google search... didn't answer my question (nor did anything else) so I posted some instructions here.
You can download WebSphere MQ 7 client from IBM.
After extraction or installation you will find a websphere mq rar adapter which you can deploy onto glassfish. You can use this mq rar adapter to make connections to WebSphere MQ 7.