Conceptual help : JAAS and J2EE

Hey guys.
I really need some conceptual help. I have been doing a bunch of reading
on JAAS but I am missing a couple key concepts and I have a whole wad of questions.
First let me tell you my end goal: I want my J2EE client application to be able to connect to the app server and send/receive messages in a JMS queue that has access controls on it. This client will not run in the same VM as the app server and often not on the same machine.
I have it now so that I can connect and send and receive messages from a queue that allows default authorization.
Question 1 : When I create an InitialContext with JNDI, there are some security properties you can set to specify a username and password. From my reading it is my impression that this is the "old" way. Is that true?
Question 2 : When you create a LoginContext with JAAS outside of the application server what will it authenticate against? How can I make it authenticate against the same source as the app server?
Question 3 : So after I create an LoginContext and have authenticated, how does the server know that I was authenticated? There really isn't a way to pass the LoginContext along to the server is there? and how would it associate it with me?
Any help is appreciated.
Regards,
David B.
[email protected]

I think I can help you out with Q's 2 & 3
When you authenticate with JAAS, there are a couple of things that happen. First, you're probably going to have to write your own LoginModule. This is because unless you want to handle ALL security programmatically (i.e. programmatically handle authentication/authorization on the server receiving the messages) you have to use proprietary server APIs. This is at least my experience with WebLogic. Second, in the LoginModule, you have to call weblogic.authenticate()... or something like that. This method requires a security realm within the server such that it can authenticate the user and set the appropriate AccessControlContext - which allows you to use declarative security in the EJB/web tier.
If you choose not to utilize a security realm in the server (really, JAAS should be a replacement to a realm, not an addendum) every object that you wish to authenticate/authorize must be done so programmatically. In my extensive research, I've found that JAAS does not justify complete replacement of declarative security (at least for my project requirements). It can enhance declarative security and provide fine-grained authorization. However, the pluggable authentication did not provide us any benefit, portability, or extensibility as it just added additional development/testing.
I have a topic below yours inquiring to user experience in this area. I've read a lot of JAAS posts (most of them don't have replies) and the whole concept seems to be a big question mark. What I have determined though, is that JAAS was never meant to be utilized WITHIN the server. Instead, it was intended as a means for thick clients to authenticate/authorize against a server.
If I am wrong on any of this, someone please correct me!!

Similar Messages

JAAS and J2EE SDK -- please help!

Hi,
I'd like to know if it is possible to use customized LoginModule classes in the J2EE SDK reference impl. 1.3
If so what I can't understand is the following:
if I use the form-based auth. mechanism in my web app. how can I specify which login module to use? I mean I know JAAS needs an entry in a configuration file such as
mylogin{
MyLoginModule required debug=false;
};but my question is in what file should I add it? clientlogin.config, login.config or serverlogin.config?
And much more important question is: how can I then specify that I need to use the "mylogin" entry?
I don't know how the JSecurityCheck servlet work, is there any document where I can find the source code of it?
Please can anyone help me?
Thanks in advance.

I managed to get it working in tomcat 4.0 if you create a config file with the details you've specified called login.config you then need to pass it as a parameter when you start your servlet engine
i.e. -Djava.security.auth.login.conf=login.config

How to do JAAS and J2EE Deployment Descriptor ACL : Please help

I am trying to develop a Single sign on application using EJB's, JAAS,
ACL, struts and JSP to Log in with a form authenticate (using
j_security_check to hook into the web.xml security) then pull a user
from a database and use the roles defined there for authorization in
the rest of the system?
The examples on the web are from java clients to RMI, they also sit
alone. They dont say how to hook them into weblogic. They say to use
JAAS but they have just JAAS examples! No hooking of it into an EJB,
servlet, etc! They also dont show how to hook that code into web
server to use it as your security module!
What Settings/configuration I need to make in the web server for JAAS
to work. How the logic proceeds to authorization after form is
submitted using j_security_check. and to further logic in the
application. How is it then integrated with the Struts action forms.
Help, I'm at a loss. They recommend using JAAS but their documentation
and examples do not explain how. We have a complex real world product
and need examples of
the same. Can somebody provide me a working real-life example which
really work and give me some pointers to proceeds that will be really
helpful.
Thanks in advance for the help.

I am trying to develop a Single sign on application using EJB's, JAAS,
ACL, struts and JSP to Log in with a form authenticate (using
j_security_check to hook into the web.xml security) then pull a user
from a database and use the roles defined there for authorization in
the rest of the system?
The examples on the web are from java clients to RMI, they also sit
alone. They dont say how to hook them into weblogic. They say to use
JAAS but they have just JAAS examples! No hooking of it into an EJB,
servlet, etc! They also dont show how to hook that code into web
server to use it as your security module!
What Settings/configuration I need to make in the web server for JAAS
to work. How the logic proceeds to authorization after form is
submitted using j_security_check. and to further logic in the
application. How is it then integrated with the Struts action forms.
Help, I'm at a loss. They recommend using JAAS but their documentation
and examples do not explain how. We have a complex real world product
and need examples of
the same. Can somebody provide me a working real-life example which
really work and give me some pointers to proceeds that will be really
helpful.
Thanks in advance for the help.

How to do JAAS and J2EE Deployment Descriptor ACL in WLS

The examples on this website and shipped with WLS stink. Does there exist a GOOD
example of how to
Log in with a form
authenticate (I guess using j_security_check to hook into the web.xml security)
then pull a user from a database and use the roles defined there for authorization
in the rest of the system?
The weblogic examples are from java clients to RMI (ya, thats handy). They also
sit alone. They dont say how to hook them into weblogic. They say to use JAAS
but they have just JAAS examples! No hooking of it into an EJB, servlet, etc!
They also dont show how to hook that code into WLS to use it as your security
module!
Help, I'm at a loss.
They recommend using JAAS but their documentation and examples of doing so suck
or are non existant. We have a complex real world product and need examples of
the same. Stupid, stand alone examples that teach nothing do no help.
frustrated at BEA for their poor documentation and support,
Mike

Also, I use struts....
In struts you have to extend the Action class which then calls the perform()
method on your servlet.
So to call an EJB I have to have my servlet implement PrivilegedAction?
If so, then this wants a run() method. Struts calls perform so that means
I'm going to have to make another class to call from my servlet with a run
method()? Or I'm going to have my servlet implement PrivledgedAction and
call Security.runAs()?
What if I just want to call the EJB from my servlet and put my security
credentials in the JNDI lookup? I want the container to use the roles of the
user in the JNDI lookup to authorize methods based on the deployment
descriptors.
thanks,
Mike
"Vimala Ranganathan" <[email protected]> wrote in message
news:[email protected]...
Hi Micheal,
Attached is an exmaple of JAAS login and invoking an EJB.
Let me know if this turns out to be useful.
Regarding the form based authentication, Could you be more clear on whatissue you are
facing?
Just as note, when you use form based login, WLS would authenticate theuser against
the realm
WLS is setup for, which could be a file Realm, or a RDBMS realm (in whichcase users
and groups are from database)
Roles cannot be defined at the database level. This needs to be atapplication level
which you can define in web.xml or
console(in 7.0)
If you need any specific help or more information please let me know.
Vimala
Michael Lee wrote:
The examples on this website and shipped with WLS stink. Does there
exist a GOOD
example of how to
Log in with a form
authenticate (I guess using j_security_check to hook into the web.xmlsecurity)
then pull a user from a database and use the roles defined there forauthorization
in the rest of the system?
The weblogic examples are from java clients to RMI (ya, thats handy).They also
sit alone. They dont say how to hook them into weblogic. They say to useJAAS
but they have just JAAS examples! No hooking of it into an EJB, servlet,etc!
They also dont show how to hook that code into WLS to use it as yoursecurity
module!
Help, I'm at a loss.
They recommend using JAAS but their documentation and examples of doingso suck
or are non existant. We have a complex real world product and needexamples of
the same. Stupid, stand alone examples that teach nothing do no help.
frustrated at BEA for their poor documentation and support,
Mike

JAAS and J2EE authorization combination

I've got a custom login module, which authenticates users and associates roles with them. J2EE declarative security works just fine (isCallerInRole, etc).
What I want now, is to extend the system to grant permissions to roles - to allow a finer-grainer level authorization.
I've been reading the Security Guide - in fact I've pretty much read the whole thing, But I still have a question.
How do I store the permission to role mappings in my database (which already contains roles and users) and grant the permissions to roles?
Do I need to use the JAZNPolicy object and grant various permissions to all my roles upon app startup? What's the best way?
One more point, I don't want to store the role-permission mappings in system-jazn-data.xml or in LDAP. I need to stick with the DB schema we have in place.

You can use the jazn admintool to grant policies:
1)
http://download-west.oracle.com/docs/cd/B31017_01/web.
1013/b28957/admintool.htm#CIHJGHHE
Then you can use the -grantperm to grant permissions
to roles. We provide a DB Table login module in
10.1.3.1:
http://iasdocs.us.oracle.com/iasdl/101310_final/web.10
13/b28957/loginmod.htm#BABCDDAI)
You may want to check this out since it seems to fit
the bill for your requirements.I have a login module already. don't need the included db table module.
I can't use the admin tool - I need to provide screens in my app to allow administrative-type users to modify the permissions associated with roles. So I need to do this programmatically and store the role-permission mappings in my database.

JWSDP and J2EE Integration: Doesn't work. What's the point?

My problems involve the integration of JWSDP and J2EE as described in these two documents:
http://developer.java.sun.com/developer/technicalArticles/WebServices/wsj2ee/
http://java.sun.com/j2ee/documentation/windows_guide.html
It looks like a long one, but it�s really not that bad. All comments are appreciated.
I�ve numbered each line-paragraph-section for easy reference later.
(1) My ultimate goal is to setup a website that displays data from a database. I will use Java, Apache, Oracle, and whatever else I need to create a website that uses servlets, JavaServer Pages (JSP), and JDBC.
(2) I�ve got four Pentium III computers:
1. Windows 2000 Server to be the web server (MyWebServer, IP = 10.10.1.1).
2. Windows 2000 Professional to be the database server (MyDatabaseServer, IP = 10.10.1.2).
3. Windows 2000 Professional that I use to develop and test (MyDeveloperPC, IP = 10.10.1.3).
4. Windows 2000 Professional that I use as a client to connect to the website (MyClientPC, IP = 10.10.1.4).
(3) On MyWebServer I installed the following:
Java 2 Standard Edition (J2SE)
Java 2 Enterprise Edition (J2EE)
Java Web Services Developer Pack (JWSDP)
The JWSDP tutorial
Apache HTTP Server
(4) The files I downloaded and installed are as follows:
j2sdk-1_4_0-rc-win.exe
j2sdkee-1_3_1-win.exe
jwsdp-1_0-ea1-win.exe
jwsdp-1_0-ea1_01-tutorial.zip
apache_1.3.23-win32-x86-no_src.exe
(5) After installing these products, I set the environment variables as follows:
JAVA_HOME = c:\j2se
J2EE_HOME = c:\j2ee
JWSDP_HOME = c:\jwsdp
Path = c:\j2se\bin;c:\j2ee\bin;c:\jwsdp\bin; [and other previous statements]
(6) I checked to see that Apache is running as a service. It is.
On MyWebServer I start Tomcat and J2EE. Both start properly and are operating simultaneously.
(7) From MyClientPC I open Internet Explorer and in the address box I type:
http://10.10.1.1
This displays the page c:\ApacheHTTP\apache\htdocs\index.html.en (The Apache default server installation page.)
(8) I then enter this address in IE:
http://10.10.1.1:8080
This displays the page c:\jwsdp\webapps\root\index.html (The default JWSDP page).
(9) I then enter this address in IE:
http://10.10.1.1:8000
This displays the page c:\j2ee\public_html\index.html (The J2EE 1.3 Default Home Page).
(10) So far so good. Now I want to test JWSDP as a container for JSP pages.
(11) I use ant to build the converter app found in the tutorial examples (in folder c:\jwsdp\�\tutorial\examples\gs). I then deploy the converter app to the c:\jwsdp\webapps\gs folder.
(12) From MyClientPC I open Internet Explorer and in the address box I type:
http://10.10.1.1:8080/gs
The converter app works perfectly.
(13) To eliminate the need to enter the port number, I create a link from the Apache default server installation page to the converter app. From MyClientPC and enter this address into IE:
http://10.10.1.1
I then click on the link to the converter app and it works perfectly.
(14) Question: Is this the best way to display JSP pages without having to enter the port number?
(15) Now it�s time to integrate JWSDP and J2EE as described in these two documents:
http://developer.java.sun.com/developer/technicalArticles/WebServices/wsj2ee/
http://java.sun.com/j2ee/documentation/windows_guide.html
(16) After I complete this integration I cannot start both Tomcat and J2EE at the same time. This makes sense because they both share port 8080.
I start Tomcat.
(17) From MyClientPC and use Internet Explorer to test the various relevant addresses. Everything works the same as it did before except this one:
http://10.10.1.1:8000
The page cannot be displayed. The J2EE default home page is not displayed, which makes sense because the J2EE port is no longer 8000; it has been changed to 8080.
(18) Now I shutdown Tomcat and start J2EE.
From MyClientPC and use Internet Explorer to test the various relevant addresses:
(19) http://10.10.1.1:8080
Displays the JWSDP default home page.
(20) http://10.10.1.1:8080/gs
The page cannot be displayed. The converter app no longer works.
(21) From MyWebServer and use Internet Explorer to test localhost:
http://localhost:8080
This displays the J2EE default home page.
(22) Question: Why does localhost give me a different page than the IP address?
(23) Question: What was the point of integrating JWSDP and J2EE?
(24) I want to get the converter app working, so I create a .war file and attempt to add it to the J2EE deploytool (see the two integration documents listed above at section 15.) I create the .war file following the instructions in the JWSDP tutorial:
http://java.sun.com/webservices/docs/ea1/tutorial/doc/WebApp3.html#64606
(25) I change to the c:\jwsdp\�\tutorial\examples\gs\build folder.
I then type:
jar cvf converter.war .
A .war file is created.
(26) I open the deploytool: File, New, Application, and I name it �converter�.
I attempt to add the .war file: File, Add to Application, Web WAR.
(27) When I attempt to add the converter.war file I get this error:
�converter.war does not appear to be a valid web JAR.�
I tried a few different attempts, all with the same result. I�m stuck.
(28) I ask again, What was the point of integrating JWSDP and J2EE?
(29) If this is the preferred configuration, how do I display my JSP pages like the converter app?
Please help!!!

The JWSDP tutorial says to be in the �build� folder of the example when issuing the jar command to create the .war file. The build folder is created when I run the �ant build� command.
Attempt 1 from the command prompt in folder c:\jwsdp\tutorial\examples\gs\build>
I typed this command:
jar cvf c:\jaxmservices\converter.war .
In this case I directed the .war file to be placed in a different folder as you suggested. Here�s the output:
added manifest
adding: index.jsp(in = 921) (out= 525)(deflated 42%)
adding: WEB-INF/(in = 0) (out= 0)(stored 0%)
adding: WEB-INF/classes/(in = 0) (out= 0)(stored 0%)
adding: WEB-INF/classes/Converter.class(in = 582) (out= 358)(deflated 38%)
Didn�t work. Same error as before.
Attempt 2 from the same folder:
I typed this command as you suggested (I tried it with and without the final dot):
jar tvf converter.war
Here is the output:
java.io.FileNotFoundException: converter.war (The system cannot find the file specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:103)
at java.io.FileInputStream.<init>(FileInputStream.java:66)
at sun.tools.jar.Main.run(Main.java:185)
at sun.tools.jar.Main.main(Main.java:904)
I tried a few other variations on these attempts with no luck. I�m stuck.
I�m attempting to create a .war file out of two files: index.jsp and converter.class.
Now that I�ve integrated JWSDP and J2EE, is there some other way that I can run the converter app instead of a .war file and the deploytool? In other words, if I go back to using ant to build and deploy converter, where would I deploy it so that it will work with J2EE?
By the way, it doesn�t have to be converter. I�d be happy if I could get any JSP page to work in J2EE after the integration.
Forever grateful,
Logan

JAAS and j_security_check

Hi there,
I'm using Weblogic 6.1 and working on the security aspect of a project.
What I want to do is to set up the app so that a user logs in and gets authenticated
using JAAS. I also want to secure the app so that all requests for urls must
be authenticated first i.e. They go through the login page first.
The easiest way I can see to do this is to use FORM based authentication using
j_security_check.
Is there a way then to set whatever j_security_check in the session, within the
JAAS part of the code? Rather than authenticating with JAAS and then sending
username and password to j_security_check.
Does anyone know what to set? I looked at previous messages but they seem to
deal with earlier versions and these do not work with 6.1
Any help would be appreciated,
Thanks,
Ian

Frank, thanks for comments.
Yes user info is in the sama database so I can get it from there, but I would like to call this DB function once after succesfull authentication. In addition we have kind of 2 level passwords in place, one application password and one internal db password for user to access database resources.
User does not know his/her db password, we have just api to get db password after authentication and existing application api (developed for forms client originaly) assumes user access db by his own connection, so in many api's oracle function user is stored in some tables.
So what I need is after authentication of user (with application password) I can get Oracle password and then make new DB connection to all application api, just would like to store Oracle password (or new user db connection )somewhere so I dont need to fetch it everytime I need to call application API.
ferdo

Connect swing and J2EE

In WEB Application i used JSP, Struts and J2EE.
But Now use swing application, and something for joing swing and j2ee
Somebody knows something...
I need your help....

In WEB Application i used JSP, Struts and J2EE.
But Now use swing application, and something for joing
swing and j2ee
hopefully, no business logic is in struts; only the application logic (i.e. order of screens, input type validation, etc.). If this is the case you have many options:
- direct calls to the ejb (assuming you have a service defined as an EJB)
- SOAP, SOAP-RPC, or a full web-service (as mentioned above)
- your own custom protocol over HTTP
- RMI (probably too much work; easier to just make direct EJB calls)
- JMS (probably more work than just using SOAP or HTTP)
- Socket based communication with your own custom protocol
Probably the fastest to get going is direct calls from swing to the EJB.
You'll have to re-implement your application logic; but this is fine as the swing app will probably have a different flow than the web-app.
Best of luck,
Andrew

Authentication & Authorization with SSO, JAAS and Database Tables mix

Hi,
I'm looking for how manage Authentication & Authorization in a J2EE ADF+Struts+JSP application.
I'm interested in use SSO for authentication (I just did it programatically & dynamically already), and now I would like to could define authorization using database tables with users, groups, profiles, individual permissions, ..., (maitanined dynamically by web application admin) throught JAZN (JAAS or however is said) but not statically defining roles, groups, users, ... in jazn xml files.
I saw that exists the possibility to create a custom DataSourceUserManager class to manage all this, and this gave me the idea that this could be possible to do (I was thinking in make a custom Authorization API over my application tables, without JAZN) but what is better that use and extended and consolidated aprox like JAZN.
Anybody could tell me if my idea could be possible, and realizable, and maybe give me some orientation to build this approach.
A lot of thanks in advanced.
And sorry, excuse my so bad english.
See you.

Marcel,
Originally the idea was to create a post to only explain how to do authentication using a Servlet filter. However,
I have recently added code to the JHeadstart runtime and generators to enable both JAAS and 'Custom' authentication AND authorization in generated applications. Therefore, this post will be made after we have released the next patch release, as it will depend on these code changes.
We currently plan to have the patch release available sometime in the second half of May.
Kind regards,
Peter Ebell
JHeadstart Team

ABAP and J2EE-Stacks in SAP WEB AS

Hi,
I have two questions about the technical architecture of SAP WebAS, particularly about the ABAP- and J2EE-Server.
Can someone recommend detailed papers/guides (besides help.sap.com)describing:
1) the management of processes and resources in two parts (ABAP and Java)
and
2) The communication mechanisms between J2EE- and ABAP-server.
What are the problems with JCo?
Is there other possibilities to communicate between 2EE- and ABAP-server.(besides JCO), what is the performance in this case compares with JCO?
Thank you!
Peter Hneke

Hi
please have a look in to this Pdf Doc . might be of soem help to you .
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/b52456bd-0a01-0010-6d9b-f153bf15a82f
Apart from JCO communication between JAVA and ABAP can also be handled using ESA services .
please have a llok at these blogs
/people/scott.campbell/blog/2005/05/16/the-esa-is-coming-the-esa-is-coming
/people/kevin.liu/blog/2005/10/17/esa-soa-es
/people/harsh.chauhan/blog/2005/08/27/building-esa-and-delivering-it-through-caf
/people/sap.user72/blog/2005/10/28/the-fundamental-problem-solved-by-esa
Hope this helps . pelase do not forget to reward points , if helpful
regards
rajeshkr

DB-API in ABAP and J2EE

Hello!
I have two questions regarding the communication mechanisms between ABAP- and J2EE-Stack.
1)Is Jco the only one solution to communicate between ABAP- and J2EE, or exist other possibilities (if Yes, is there some comparison papers: performance, advantages/disadvantages).
2) Which similarities/differences are in the DB-communication in both Server? (e.g. each Workprocess in ABAP/Serverprocess in J2EE<--> DB-Process)
Which DB-API is used in both stacks?
Thank You!
Regards

Hi, Peter!
For both languages - ABAP and Java - SAP offers a Dictionary (for definition of database objects) and Open SQL (for database independency), you may also in both languages embed static SQL scripts into you code (via SQL/J in Java).
For Java there' s the Persistence-Framework offering three support levels, Vendor-JDBC, Native and Open SQL the last one guaranteeing the maximum support. You may in Java access data - via JDBC and SQLJ - in a relational or - via EJB/CMP or JDO - in a object-relational way.
Performance-Features like Table-Buffering exist also in both stacks.
Please have a look at <a href="http://help.sap.com/saphelp_nw2004s/helpdata/de/61/fdbc3d16f39e33e10000000a11405a/frameset.htm">Developing Java Persistence</a> for more information regarding the Java-Part.
Regards,
Thomas

JAAS and JBOSS

I'm trying to use JAAS to log in a user on a JBOSS app, but am running into a problem. I'm able to successfully authenticate the user, and retrieve a Subject from my LoginContext. However, once that request is done (i.e. the browser displays the "log in complete" page), the application seems to forget that the user was logged in. How does JAAS and JBOSS keep track of the logged in user? Is this done by keeping a singleton of LoginContext around in some scope? Right now I'm creating a new instance of LoginContext, and using it to load a new instance of my CallbackHandler. Note, when I used JBOSS default form based authentication, it kept the user logged in. However, I can't use their default auth because I have some custom things I need to do.
Thanks in advance for any help you provide.

Hi,
I tested this on OC4J for you and here - after setting jbo.security.enforce to Must, the user principal name and the roles are displayed.
So there are three possibilities why you don't see things working
- JBoss doesn't add the role principals to the Subject so they become available in the session
- You attempt accessing this information in a prepareSession() override without enforcing authentication to happen for the root page - URL pattern = /
- ADF BC security doesn't recognize the custom role principal
After briefly reviewing the security implementation code, it seems that ADF BC security is dependent on Oracle JAZN for authorization.
Frank

Renew License Problem - Option NSP and J2E (7.0) Windows Not Available

Hi all,
I Download and instaled the :
- SAP NetWeaver 7.0 Java Trial Version - SP14SR3
- SAP NetWeaver 7.0 ABAP Trial Version - SP12
for Windows almost 90 days ago.
To Renew the license I went to link "SAP Sneak Preview License Key Request"
[https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/minisap/minisap.htm]
But at "System Id *" combobox the correspondent options for Windows intalations above are not available (J2EE and NSP).
Pls, how to proceed ? I remember I did it with older versions (< SP14/SP12) with no problem.
Best Regards and thanks for your help.

>
Klaus Keller wrote:
> see my posting at SAP NetWeaver Application Server
>
> Rgds,
> Klaus
Hi Mr. Klaus Keller, first at all, thanks a lot for your help,
After your msg I requested the license renew for NSP and J2EE with success, but when I tried to instal the new license file NSP.txt (User=SAP* / Transaction=SLICENSE) I received the error msg:
"Error when installing permanent license key - This system's system number is "000000000310714511", but there is a license key for system number "000000000310994500" in the license key file."
In fact the System Number on SLICENSE transaction and NSP.txt are diferents.
Looking at installation documentation (start.html / Getting Started) it shows the screen to request the renew license and it has the option below wich is not available at actual screen:
System number [ _________________ ] (For prologation only)
I tried to change the System Number manually at NSP.txt but the license becames invalid.
I did not try with J2E.txt license cause I notice that the System Number is different too.
Thanks for your attention,
Walmir Catunda.
PS. As the thread [No longer able to renew licenses for SAP Netweaver 2004 Linux Testdrive?|No longer able to renew licenses for SAP Netweaver 2004 Linux Testdrive?; is closed (answered) I will keep this and put a note to this one

BPM standalone and J2EE versions

What is the diffrence between BPM standalone and J2EE versions
and
What are the advantages of Using J2EE Version over standlone?
In configuration document it is mentioned that we need to deploy wlj2eedeployer.ear on weblogic server.
Why this deployment?
Thanks

Depending on your needs, the Engine can be deployed using two different implementation styles.
Standalone Oracle BPM Enterprise Engine
Oracle BPM can be deployed in a standalone environment running on a JVM. This is the original version of the Engine and has been around for 10 years.
The benefits of deploying processes to Enterprise Standalone are:
<li> It does not require an application server J2EE container to run. This means a lower cost of entry if you do not already own WebLogic or WebSphere J2EE application servers.
<li> It is simple to install and administer.
Enterprise Standalone uses a simple active/standby failover mechanism. When the active engine starts, it immediately registers in the Oracle BPM Directory that it is the primary engine. When the standby engine starts on another machine, it sees that another engine has already registered as the active server in the Oracle BPM Directory. Since the active engine is already up, the standby knows that it needs to ping the primary engine periodically to ensure it is still up. If the standby engine fails to get a response from the active engine, the standby notifies the Directory that it is now the active engine. When what was previously the active primary engine restarts, it notifies the Directory that it has restarted, sees that another server is now the primary and then starts as the secondary.
J2EE Application Server Oracle BPM Enterprise Engine
Oracle BPM Enterprise engines can also run on a J2EE application server within WebLogic and WebSphere containers.
Oracle BPM Engines running on a J2EE Application Server support active clustering. This means that as loads increase over time, new nodes can be added making the environment more scalable over time.
With the J2EE Application Server environment automatic failover is automatically provided across nodes.
Finally, in answer to your last question - the deployed wlj2eedeployer.ear is useful because this lets you stop and start the Engine and deploy projects from the simple (ok - somewhat simple) Oracle BPM Process Administrator tool.
Hope this helps,
Dan

Connector for tomcat and j2ee

I have a login system created. It creates accounts into a mysql server at the moment. I want the users to be able to log in. I need the correct details in my "my-DB-plan.xml" file in order to be able to connect to the SQL server. Im not sur what to put in this file or whether im to use a server.xml file
Any Help.Please.

Our[b] login.html page is simple as follows:
<html><head><title>
J2EE SQL Security and Registry System Demo
</title></head><body>
<h1>LOGIN using Derby and J2EE declarative security!</h1>
<form method="POST" action="j_security_check">
Username:<br>
<input size="20" name="j_username">
<br><br>
Password:<br>
<input size="20" name="j_password" type="password">
<input name="submit" type="submit" value="Login">
</form>
</html>The connection is not made on the page but rather the username and password is authenticated by "j_security_check".
It's something to do with the my-db-plan.xml file I think, but I don't know if I'm to replace that file, change it or what..
It's setup for the Derby Database server rather than MySQL. I'm not sure how you'd change it. This login system we are using can be seen here: http://www-128.ibm.com/developerworks/opensource/library/os-ag-logreg2/

Conceptual help : JAAS and J2EE

Similar Messages

Maybe you are looking for