Solaris Container Manager 3.6.1 , unable to select newly plumbed interfaces
Hi everyone,
I was wondering if anybody experienced this with SCM..
For a new zone I want to have a dedicated network interface qfe0. The manual says you have to plumb it first or else you won't be able to select it when you create a new zone via SCM, but no matter how many times I plumb it I'm only able to select the interface already in use by the system itself.
Best Regards,
Emerald
Nevermind.... problem is solved.
After plumbing the interfaces I had to restart the SunMC agent and the smcwebserver. New interfaces can be selected after this.
Cheers, Emerald
Similar Messages
-
Monitoring services in zones with Solaris container Manager
I need to know how to Manage Solaris services (SMF) in sparse zone with Solaris container manager.
I have navigated all the documentation and I have not found any clue.
I installed the Sun management center (SMC) server on a server box and the agents on others. I can manage the SMF of the global zone by drilling down via the console GUI. But having access to the container manager, I have to go via https connection. And drilling down on the zone did not reveal that SMF can be monitored.
Please if you have any idea, share it with me.Hi,
check these:
- Version of webserver latest is 3.1
# smcwebserver -V
- check webconsole is started and running
# smcwebserver status
Sun Java(TM) Web Console is running
# svcs webconsole
STATE STIME FMRI
online 19:38:06 svc:/system/webconsole:console
# svcs -pl webconsole
fmri svc:/system/webconsole:console
name java web console
enabled true
state online
next_state none
state_time Wed Feb 10 19:38:06 2010
logfile /var/svc/log/system-webconsole:console.log
restarter svc:/system/svc/restarter:default
contract_id 64
dependency require_all/none svc:/milestone/network (online)
dependency require_all/refresh svc:/milestone/name-services (online)
dependency require_all/none svc:/system/filesystem/local (online)
dependency optional_all/none svc:/system/filesystem/autofs (online) svc:/network/nfs/client (online)
dependency require_all/none svc:/system/system-log (online)
process 843 /usr/java/bin/java -server -Xmx128m -XX:+UseParallelGC -XX:ParallelGCThreads=4
- check port 6789 is listen mode
# netstat -an | grep 6789
*.6789 *.* 0 0 49152 0 LISTEN
if the output show
localhost .6789 *.* 0 0 49152 0 LISTEN
than do these:
- check that the tcp_listen of webconsole service is true, default is false
# svccfg -s webconsole listprop options/tcp_listen
options/tcp_listen boolean false
# svcadm disable svc:/system/webconsole:console
# svccfg -s webconsole setprop options/tcp_listen=true
# svccfg -s webconsole listprop options/tcp_listen
options/tcp_listen boolean true
# svcadm enable svc:/system/webconsole:console
Regards -
Port 135 and 25913 and how to run Solaris Container Manager?
What are these ports 135 and 25913 and how to I run Solaris Container Manager .
thanksHi Zeealee,
zeealee wrote:
What are these ports 135 and 25913 and how to I run Solaris Container Manager .I haven't heard of those ports being used with SunMC before, sorry (but maybe my memory is just bad). The features of Solaris Container Manager (SCM) have now almost been entirely superseded by [Oracle Enterprise Manager Ops Center|http://www.oracle.com/us/products/enterprise-manager/opscenter/index.html] (forum here), but if you're still looking to try SCM, the manual can be found here, and if you said "yes" to SCM when you installed your SunMC Server, then you should see it in your SunMC web interface:
https://<sunmc_server>:6789 --> SunMC 4.0 --> Manage Solaris Container
If you'd like a demo of how you perform Container/LDOM operations in Ops Center, let me know and I'll set it up.
Regards,
[email protected] -
Solaris Container Manager console does not work
I've loaded SMC 3.6 and loaded the container manager piece with no problems on a fresh Solaris 10 (11/06) install on a blade 1000. The managment center works just fine. I've loaded the container manager according to the following doc:
http://docs.sun.com/app/docs/doc/819-4098/6n699bc48?a=view
The install went fine but when I point my browser to the page specified in the doc above the browser wants to download a bin file. I've restarted the java web server as shown in the above doc and I've scanned the port 6789 with nmap to make sure it was open. All browsers I've tried want to download a bin file. They are not launching a console as shown in the doc.
I've tried firefox on linux, netscape on solaris and IE on windows. Java is loaded and working on all platforms. How do I get this working?use secure http
https://<server name>:6789
make sure you ran the setup for Solaris Container Manager -
Container manager - error message
I'm trying to install SunMC 3.6.1 with container manager. when I go to the following url:
https://sunmc_server:6789/containers
I get the following:
Solaris Container Manager 3.6.1
When I click on this link, I get an error message:
There was an error while connecting to the Solaris Container Manager service. Restart the services and login again.
Restart Sun Management Center services and log in again.
I have seen others on this forum with the same problem, but no solution..........any ideas?Please disable the HTTPS Everywhere addon. This dll file is from Firefox 4. If you would like to do a clean reinstall it may help.
Certain Firefox problems can be solved by performing a ''Clean reinstall''. This means you remove Firefox program files and then reinstall Firefox. Please follow these steps:
'''Note:''' You might want to print these steps or view them in another browser.
#Download the latest Desktop version of Firefox from http://www.mozilla.org and save the setup file to your computer.
#After the download finishes, close all Firefox windows (click Exit from the Firefox or File menu).
#Delete the Firefox installation folder, which is located in one of these locations, by default:
#*'''Windows:'''
#**C:\Program Files\Mozilla Firefox
#**C:\Program Files (x86)\Mozilla Firefox
#*'''Mac:''' Delete Firefox from the Applications folder.
#*'''Linux:''' If you installed Firefox with the distro-based package manager, you should use the same way to uninstall it - see [[Installing Firefox on Linux]]. If you downloaded and installed the binary package from the [http://www.mozilla.org/firefox#desktop Firefox download page], simply remove the folder ''firefox'' in your home directory.
#Now, go ahead and reinstall Firefox:
##Double-click the downloaded installation file and go through the steps of the installation wizard.
##Once the wizard is finished, choose to directly open Firefox after clicking the Finish button.
More information about reinstalling Firefox can be found [[Troubleshoot and diagnose Firefox problems#w_5-reinstall-firefox|here]].
<b>WARNING:</b> Do not run Firefox's uninstaller or use a third party remover as part of this process, because that could permanently delete your Firefox data, including but not limited to, extensions, cache, cookies, bookmarks, personal settings and saved passwords. <u>These cannot be easily recovered unless they have been backed up to an external device!</u>
Please report back to say if this helped you!
Thank you. -
Sun Container Manager doesn't start
Hello !!
I have some problem with Sun management center 4.0
After install, I try to use Sun Container.
Impossible...
After looking in the log I found this message :
Start scripts for the following addons were not present:
Solaris Container Manager
But the application is installed and the database also .
Somebody have an idea about the problem ?
ThanksHello !!
I have some problem with Sun management center 4.0
After install, I try to use Sun Container.
Impossible...
After looking in the log I found this message :
Start scripts for the following addons were not present:
Solaris Container Manager
But the application is installed and the database also .
Somebody have an idea about the problem ?
Thanks -
Container Manager and firewall
There doesn't appear to be any documentation on this aspect of SCM so I'm hoping somone here will be able to help.
Essentially, I have two servers separated by a firewall. The usual SunMC ports are accessible between server and agent,
but unless the firewall rules are dropped I'm unable to create/copy zones in container manager.
Looking at the firewall logs, a number of server ports are accessed from the agent machine via UDP - one in the 10000
range and multiple packets to the 8900 range. Does anyone have a defacto list?I responded earlier today to your question about malware. I have no idea why the host chose to delete it, but if you will come to the ClamXav Forum I can help you there. Please start with the following detailed information concerning what was found:
To get detailed infomation on what ClamXav has found, click in the top pane of the ClamXav window showing the Infection / File Name / Status to make sure it's in front and type the key combinations command-A, command-C (or choose "Select-All", "Copy" from the "Edit" menu) to copy the information to your clipboard, then come back here and type command-V or choose "Paste" to show us what was found where. -
SunMC Container Manager - Can't get to it
Hi everyone, I have a small problem that is driving me crazy.
I installed Solaris Management Center 4.0 on a T-5120 running Solaris 10 update 6.
I can log into https://<server>:6789 which is the Java Web Console.
If I try to log into https:// <server>:6789/containers I am brought to the same Web console log in screen
Now: Under Systems I have "Sun Management Center 4.0" so I click that but I see nothing anywhere about containers. I have 3 zones configured on this server of which 1 is running already.
When I click default domain, I am shown my server's global zone name.
When I click that I get host info but no other options.
I am doing all of this as the root user and I have made sure that root is in the Zone management, Pool management, etc.. profiles.
When I run the check on SunMC, it shows container manager as already set up.
A few screenshots here:
http://img291.imageshack.us/i/73181193.png
http://img843.imageshack.us/i/55587859.png
http://img203.imageshack.us/i/14376575.pngHi,
when creating the zone you have to fill in the full domain name, not only the host name.
Is DNS correctly configured?
Can you resolve the virtual host name?
I configured such a zone yesterday without any problems.
In DNS I created a CNAME Resource Record following TID 10020402.
Cheers,
Holger
Originally Posted by chipps7
Teaming 2.0 on SLES 10SP2.
Created a zone 'teamshare' with URL of teamshare.mydomain.com
The catalina.out shows the following two messages:
- Created zone teamshare with virtual host teamshare.mydomain.com in Teaming
- Created zone teamshare with virtual host teamshare.mydomain.com in the portal
I added the server to /etc/hosts and DNS, but when I go to the new zone URL, it shows me my login page from the original kablink zone and I can only login using credentials for the kablink zone....not admin/admin for a new zone.
What step(s) am I missing?
Thanks -
I have Solaris 10 installed and I am unable to log into the Solaris Management console. I am to open it but as I click on an icon it will ask for a password. I have tried root and my username and it keeps telling password is wrong when I know its correct.
Any help is appreciated,
Jim
By the way, it was an upgrade from 9 to 10 and this happens on both Sparc and X86 versions.Same problem here!
I am using Solaris 10 on a Sparc machine (not PC). After I installed the OS,
I tried to configure the system. And when I first started "# /usr/sadm/bin/smc & ",
I got the following message.
=======================================================
Server Not Running
No Solaris Management Console server was available on the specified server. Please ensure there is a Solaris Management Console server available on the specified host and that it is running.
=======================================================
I have been looking around for solutions/hints/advice/suggestions/work-arounds, and it seems that there are a lot of people on the same boat with me! Does anyone from Sun have any tips for us?
This should be something (or at least they should try to make it!) very basic and simple for one to start to use the system, shouldn't it? -
Support for Container Managed XA Txn?
I have been searching the online documentation but have been unable to
determine if WLS 6.0 Container Managed Transactions include support for XA
transactions. That is, the EJB container will start a distributed
transaction. Or, it is necessary to use Bean Managed Transactions.
Carl Lawstuen wrote:
> I have been searching the online documentation but have been unable to
> determine if WLS 6.0 Container Managed Transactions include support for XA
> transactions. That is, the EJB container will start a distributed
> transaction.
Yes
> Or, it is necessary to use Bean Managed Transactions.
No.
-- Rob
-
Updating Records of Container Managed Relationships in OC4J
I have been able to implement the example give on Oracle website for container managed relationship i.e. Departments and their Employees. It works well to get the employees of a particular department. But I am unable to update all the relations correctly. The insertion of a new empployee does not insert a corresponding record in the relatioship table. How can this be implemented. Isn't it the job of the container to insert the correct record in the relationship relation also? Or we have to implement it through SQL statements.. (means it doesn't remain container managed anymore)
Anybody who can help me in this matter?<BLOCKQUOTE><font size="1" face="Verdana, Arial, Helvetica">quote:</font><HR>Originally posted by Umair Rasool ([email protected]):
I am looking for good examples for Container Managed Relationships in OC4J. Can anybody help me with this? Note that I have already tested a number of examples. I need an example that uses 1:N, and M:N container managed relationships.
<HR></BLOCKQUOTE>
The current version of OCJ4 does NOT directly handle M:N CM relationships but does for 1:N. OCJ4 has examples for 1:N. Also you can find examples out at www.orionsupport.com.
null -
Problem with non-container managed entity manager
i am working on a project, in which i am using entity beans.i use netbeans, glassfish as application server and toplink as persistence provider .
i created a java class that handles all the operations with the entitys, which means i using non-container managed entity manager.
in the constructor
try{
EntityManagerFactory emf = Persistence.createEntityManagerFactory("voidPU");
entityManager = emf.createEntityManager();
catch(Exception ex){
throw new EJBException(ex.getMessage());
}then i call a function in this class from a servlet
the code of the function
List users = null;
try {
ProgLanguages progLanguage = entityManager.find(ProgLanguages.class, languageId);
users = (List) progLanguage.getUserIdCollection();
catch(IllegalStateException illegalStateException){
throw new EJBException(illegalStateException.getMessage());
catch(IllegalArgumentException illegalArgumentException) {
throw new EJBException(illegalArgumentException.getMessage());
}i got an IllegalArgumentException saying Unknown entity bean class: class vanguard.server.entity.ProgLanguages, please verify that this class has been marked with the @Entity annotation
what confuses me is that sometimes it works and most of the time it does not work, have i made anything wrong?, or there is a problem with any of the tools netbeans, glassfish, or toplink?Is it always the same entity that is reported as 'unknown' ? You mention that it works sometimes but is it the same deployment and the same code that works? The first thing I would verify is that the ear is being created as expected by netbeans. Check the persistence.xml file and verify that all of the classes are listed that will be used as entities.
--Gordon -
Container Managed Persistence entity bean relationship fields
I want to ask something that until now still confuse. Did Relationship fields in Container Managed Persistence entity beans declare , inside Database table or only Persistence fields .
If Relationship fields not declare inside database table ,how if SQL calls the relationship fields between related entity bean.
did container handle this task.
example: I have 2 entity bean with CMP(Container Managed Persistence)version 2.0
call Player and Team. every entity bean have own relationship fields and persistence fields.
player has playerId(primary key),name,position,age persistence fields and teams is relationship fields.
team has teamId(primary key),name,city and players is relationship fields.
I know that all persistence fields is declare in own database table but how about relationship fields.
can you tellme, How SQL calls can access relationship fields if relatiosnship fields is not declare in database table.
I use J2EE RI SDK version 1.3
and deploytool .
thank's .thank's for your reply .Now I have another problem
I use J2EE RI from java.sun .I try to follow example in j2eetutorial about CMP Example call RosterApp.ear .
I dont'change anything code inside RosterApp.ear but when I deploy and runclient command thereis syntax error :
java.rmi.ServerException: Remote exception occured in server thread :nested exception is java.rmi.ServerException :exception thrown from bean :nested exception is : java.ejb.EJBException :nested exception is :java.sql.SQLException :syntax error or access violation ,message from server: "you have an error in SQL syntax near "
"leagueBeanTable" WHERE "leagueId" = 'L1' at line 1
in example ,RosterApp.ear use Cloudscape database ,but I try to use Mysql database for RosterApp.ear ,is there any different syntax SQL from Cloudscape to Mysql .
if like that ,so I must edit first SQL calls from Cloudscape to MYSQL . I think because relationship fields is for entity beans only ,so how if mysql database want to access foreign key another table because foreign key isn't declare in databse table.
example : I have 3 entity bean call player, team, league .
1. PlayerEJB have persistence fields name, position, playerId(primary key), cmr fields is teams
2. TeamEJB have persistence fields name, city, teamId (primary key) , cmr fields is players and leagues .
3. LeagueEJB have persistence fields name ,sport, leagueId(primary key), cmr fields is teams
so table is
PlayerEJB <--->TeamEJB<--->LeagueEJB
Player have some finder method call findBySport(String Sport) .
because Sport is persistence fields for LeagueEJB
so PlayerEJB must traverse TeamEJB first before LeagueEJB
EJB QL : SELECT distinct object(p) FROM Player (p) IN (p.teams) AS t
WHERE t.league.sport = ?1
I know that Container will translates EJB QL to SQL calls ,but default is only for cloudscape database and I use for MYsql .
so can you helpme how to query method findBySport(String sport) to Mysql calls .
thereis no foreign key between table in database table there is only Relationship fields in entity bean. -
Using container managed form-based security in JSF
h1. Using container managed, form-based security in a JSF web app.
A Practical Solution
h2. {color:#993300}*But first, some background on the problem*{color}
The Form components available in JSF will not let you specify the target action, everything is a post-back. When using container security, however, you have to specifically submit to the magic action j_security_check to trigger authentication. This means that the only way to do this in a JSF page is to use an HTML form tag enclosed in verbatim tags. This has the side effect that the post is not handled by JSF at all meaning you can't take advantage of normal JSF functionality such as validators, plus you have a horrible chimera of a page containing both markup and components. This screws up things like skinning. ([credit to Duncan Mills in this 2 years old article|http://groundside.com/blog/DuncanMills.php?title=j2ee_security_a_jsf_based_login_form&more=1&c=1&tb=1&pb=1]).
In this solution, I will use a pure JSF page as the login page that the end user interacts with. This page will simply gather the input for the username and password and pass that on to a plain old jsp proxy to do the actual submit. This will avoid the whole problem of having to use verbatim tags or a mixture of JSF and JSP in the user view.
h2. {color:#993300}*Step 1: Configure the Security Realm in the Web App Container*{color}
What is a container? A container is basically a security framework that is implemented directly by whatever app server you are running, in my case Glassfish v2ur2 that comes with Netbeans 6.1. Your container can have multiple security realms. Each realm manages a definition of the security "*principles*" that are defined to interact with your application. A security principle is basically just a user of the system that is defined by three fields:
- Username
- Group
- Password
The security realm can be set up to authenticate using a simple file, or through JDBC, or LDAP, and more. In my case, I am using a "file" based realm. The users are statically defined directly through the app server interface. Here's how to do it (on Glassfish):
1. Start up your app server and log into the admin interface (http://localhost:4848)
2. Drill down into Configuration > Security > Realms.
3. Here you will see the default realms defined on the server. Drill down into the file realm.
4. There is no need to change any of the default settings. Click the Manage Users button.
5. Create a new user by entering username/password.
Note: If you enter a group name then you will be able to define permissions based on group in your app, which is much more usefull in a real app.
I entered a group named "Users" since my app will only have one set of permissions and all users should be authenticated and treated the same.
That way I will be able to set permissions to resources for the "Users" group that will apply to all users that have this group assigned.
TIP: After you get everything working, you can hook it all up to JDBC instead of "file" so that you can manage your users in a database.
h2. {color:#993300}*Step 2: Create the project*{color}
Since I'm a newbie to JSF, I am using Netbeans 6.1 so that I can play around with all of the fancy Visual Web JavaServer Faces components and the visual designer.
1. Start by creating a new Visual Web JSF project.
2. Next, create a new subfolder under your web root called "secure". This is the folder that we will define a Security Constraint for in a later step, so that any user trying to access any page in this folder will be redirected to a login page to sign in, if they haven't already.
h2. {color:#993300}*Step 3: Create the JSF and JSP files*{color}
In my very simple project I have 3 pages set up. Create the following files using the default templates in Netbeans 6.1:
1. login.jsp (A Visual Web JSF file)
2. loginproxy.jspx (A plain JSPX file)
3. secure/securepage.jsp (A Visual Web JSF file... Note that it is in the sub-folder named secure)
Code follows for each of the files:
h3. {color:#ff6600}*First we need to add a navigation rule to faces-config.xml:*{color}
<navigation-rule>
<from-view-id>/login.jsp</from-view-id>
<navigation-case>
<from-outcome>loginproxy</from-outcome>
<to-view-id>/loginproxy.jspx</to-view-id>
</navigation-case>
</navigation-rule>
NOTE: This navigation rule simply forwards the request to loginproxy.jspx whenever the user clicks the submit button. The button1_action() method below returns the "loginproxy" case to make this happen.
h3. {color:#ff6600}*login.jsp -- A very simple Visual Web JSF file with two input fields and a button:*{color}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page"
xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:textField binding="#{login.username}"
id="username" style="position: absolute; left: 216px; top:
96px"/>
<webuijsf:passwordField binding="#{login.password}" id="password"
style="left: 216px; top: 144px; position: absolute"/>
<webuijsf:button actionExpression="#{login.button1_action}"
id="button1" style="position: absolute; left: 216px; top:
216px" text="GO"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>h3. *login.java -- implent the
button1_action() method in the login.java backing bean*
public String button1_action() {
setValue("#{requestScope.username}",
(String)username.getValue());
setValue("#{requestScope.password}", (String)password.getValue());
return "loginproxy";
}h3. {color:#ff6600}*loginproxy.jspx -- a login proxy that the user never sees. The onload="document.forms[0].submit()" automatically submits the form as soon as it is rendered in the browser.*{color}
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
version="2.0">
<jsp:output omit-xml-declaration="true" doctype-root-element="HTML"
doctype-system="http://www.w3.org/TR/html4/loose.dtd"
doctype-public="-W3CDTD HTML 4.01 Transitional//EN"/>
<jsp:directive.page contentType="text/html"
pageEncoding="UTF-8"/>
<html>
<head> <meta
http-equiv="Content-Type" content="text/html;
charset=UTF-8"/>
<title>Logging in...</title>
</head>
<body
onload="document.forms[0].submit()">
<form
action="j_security_check" method="POST">
<input type="hidden" name="j_username"
value="${requestScope.username}" />
<input type="hidden" name="j_password"
value="${requestScope.password}" />
</form>
</body>
</html>
</jsp:root>
{code}
h3. {color:#ff6600}*secure/securepage.jsp -- A simple JSF{color}
target page, placed in the secure folder to test access*
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page" xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:staticText id="staticText1" style="position:
absolute; left: 168px; top: 144px" text="A Secure Page"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>
{code}
h2. {color:#993300}*_Step 4: Configure Declarative Security_*{color}
This type of security is called +declarative+ because it is not configured programatically. It is configured by declaring all of the relevant parameters in the configuration files: *web.xml* and *sun-web.xml*. Once you have it configured, the container (application server and java framework) already have the implementation to make everything work for you.
*web.xml will be used to define:*
- Type of security - We will be using "form based". The loginpage.jsp we created will be set as both the login and error page.
- Security Roles - The security role defined here will be mapped (in sun-web.xml) to users or groups.
- Security Constraints - A security constraint defines the resource(s) that is being secured, and which Roles are able to authenticate to them.
*sun-web.xml will be used to define:*
- This is where you map a Role to the Users or Groups that are allowed to use it.
+I know this is confusing the first time, but basically it works like this:+
*Security Constraint for a URL* -> mapped to -> *Role* -> mapped to -> *Users & Groups*
h3. {color:#ff6600}*web.xml -- here's the relevant section:*{color}
{code}
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
<description/>
<url-pattern>/faces/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name/>
<form-login-config>
<form-login-page>/faces/login.jsp</form-login-page>
<form-error-page>/faces/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>User</role-name>
</security-role>
{code}
h3. {color:#ff6600}*sun-web.xml -- here's the relevant section:*{color}
{code}
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
{code}
h3. {color:#ff6600}*Almost done!!!*{color}
h2. {color:#993300}*_Step 5: A couple of minor "Gotcha's"_ *{color}
h3. {color:#ff6600}*_Gotcha #1_*{color}
You need to configure the "welcome page" in web.xml to point to faces/secure/securepage.jsp ... Note that there is *_no_* leading / ... If you put a / in there it will barf all over itself .
h3. {color:#ff6600}*_Gotcha #2_*{color}
Note that we set the <form-login-page> in web.xml to /faces/login.jsp ... Note the leading / ... This time, you NEED the leading slash, or the server will gag.
*DONE!!!*
h2. {color:#993300}*_Here's how it works:_*{color}
1. The user requests the a page from your context (http://localhost/MyLogin/)
2. The servlet forwards the request to the welcome page: faces/secure/securepage.jsp
3. faces/secure/securepage.jsp has a security constraint defined, so the servlet checks to see if the user is authenticated for the session.
4. Of course the user is not authenticated since this is the first request, so the servlet forwards the request to the login page we configured in web.xml (/faces/login.jsp).
5. The user enters username and password and clicks a button to submit.
6. The button's action method stores away the username and password in the request scope.
7. The button returns "loginproxy" navigation case which tells the navigation handler to forward the request to loginproxy.jspx
8. loginproxy.jspx renders a blank page to the user which has hidden username and password fields.
9. The hidden username and password fields grab the username and password variables from the request scope.
10. The loginproxy page is automatically submitted with the magic action "j_security_check"
11. j_security_check notifies the container that authentication needs to be intercepted and handled.
12. The container authenticates the user credentials.
13. If the credentials fail, the container forwards the request to the login.jsp page.
14. If the credentials pass, the container forwards the request to *+the last protected resource that was attempted.+*
+Note the last point! I don't know how, but no matter how many times you fail authentication, the container remembers the last page that triggered authentication and once you finally succeed the container forwards your request there!!!!+
+The user is now at the secure welcome page.+
If you have read this far, I thank you for your time, and I seriously question your ability to ration your time pragmatically.
Kerry RandolphIf you want login security on your web app, this is one way to do it. (the easiest way i have seen).
This method allows you to create a custom login form and error page using JSF.
The container handles the actual authentication and protection of the resources based on what you declare in web.xml and sun-web.xml.
This example uses a statically defined user/password, stored in a file, but you can also configure JDBC realm in Glassfish, so that that users can register for access and your program can store the username/passwrod in a database.
I'm new to programming, so none of this may be a good practice, or may not be secure at all.
I really don't know what I'm doing, but I'm learning, and this has been the easiest way that I have found to add authentication to a web app, without having to write the login modules yourself.
Another benefit, and I think this is key ***You don't have to include any extra code in the pages that you want to protect*** The container manages this for you, based on the constraints you declare in web.xml.
So basically you set it up to protect certain folders, then when any user tries to access pages in that folder, they are required to authenticate.
--Kerry -
MDB container managed transaction demarcation not working in wls 6.1 beta
I have an MDB which sends the messages it receives onto another JMS
destination within the onMessage method. These messages are not sent to
the JMS destination unless I explicitly use a transacted session for the
destination and subsequently commit the session. If I set the transacted
parameter to Session as false the messages are sent. If I set the
transacted parameter to true the messages will only be output if the
session is committed. This is the standard behaviour for a JMS session
but this is not the correct behaviour for an MDB running with
container-managed transaction demarcation.
For a start the transacted parameter to session should be ignored when
run in the context of a container transaction and the commit method
should thrown an exception as it is not allowed within the context of a
container transaction.
This is the MDB code and the deployment descriptor: -
public class MessageBean implements MessageDrivenBean, MessageListener
private String topicName = null;
private TopicConnectionFactory topicConnectionFactory = null;
private TopicConnection topicConnection = null;
private TopicSession topicSession = null;
private Topic topic = null;
private TopicPublisher topicPublisher = null;
private TextMessage textMessage=null;
private transient MessageDrivenContext messageDrivenContext = null;
private Context jndiContext;
public final static String
JMS_FACTORY="weblogic.examples.jms.TopicConnectionFactory";
public final static String
TOPIC="weblogic.examples.jms.exampleTopic";
public MessageBean()
public void setMessageDrivenContext(MessageDrivenContext
messageDrivenContext)
this.messageDrivenContext = messageDrivenContext;
public void ejbCreate()
public void onMessage(Message inMessage)
try
jndiContext = new InitialContext();
topicConnectionFactory =
(TopicConnectionFactory)jndiContext.lookup(JMS_FACTORY);
topic = (Topic) jndiContext.lookup(TOPIC);
topicConnection =
topicConnectionFactory.createTopicConnection();
topicConnection.start();
// The transacted parameter should be ignored in the context of a
container tx
topicSession = topicConnection.createTopicSession(true,
Session.AUTO_ACKNOWLEDGE);
topicPublisher = topicSession.createPublisher(topic);
textMessage = (TextMessage)inMessage;
topicPublisher.publish(inMessage);
// this is illegal in a container transaction
topicSession.commit();
topicConnection.close();
catch (JMSException je)
throw new EJBException(je);
catch (NamingException ne)
throw new EJBException(ne);
public void ejbRemove()
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Enterprise
JavaBeans 2.0//EN' 'http://java.sun.com/dtd/ejb-jar_2_0.dtd'>
<ejb-jar>
<enterprise-beans>
<message-driven>
<display-name>MessageBean</display-name>
<ejb-name>MessageBean</ejb-name>
<ejb-class>MessageBean</ejb-class>
<transaction-type>Container</transaction-type>
<message-driven-destination>
<destination-type>javax.jms.Queue</destination-type>
</message-driven-destination>
<security-identity>
<description></description>
<run-as>
<description></description>
<role-name></role-name>
</run-as>
</security-identity>
</message-driven>
</enterprise-beans>
<assembly-descriptor>
<container-transaction>
<method>
<ejb-name>MessageBean</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
Please see the response in the EJB newsgroup.
Also, could you kindly only post to a single newsgroup?
Thanks.
"Jimmy Johns" <[email protected]> wrote in message
news:[email protected]...
> I have an MDB which sends the messages it receives onto another JMS
> destination within the onMessage method. These messages are not sent to
> the JMS destination unless I explicitly use a transacted session for the
>
> destination and subsequently commit the session. If I set the transacted
>
> parameter to Session as false the messages are sent. If I set the
> transacted parameter to true the messages will only be output if the
> session is committed. This is the standard behaviour for a JMS session
> but this is not the correct behaviour for an MDB running with
> container-managed transaction demarcation.
>
> For a start the transacted parameter to session should be ignored when
> run in the context of a container transaction and the commit method
> should thrown an exception as it is not allowed within the context of a
> container transaction.
>
> This is the MDB code and the deployment descriptor: -
>
> public class MessageBean implements MessageDrivenBean, MessageListener
> {
> private String topicName = null;
> private TopicConnectionFactory topicConnectionFactory = null;
> private TopicConnection topicConnection = null;
> private TopicSession topicSession = null;
> private Topic topic = null;
> private TopicPublisher topicPublisher = null;
> private TextMessage textMessage=null;
> private transient MessageDrivenContext messageDrivenContext = null;
>
> private Context jndiContext;
>
> public final static String
> JMS_FACTORY="weblogic.examples.jms.TopicConnectionFactory";
> public final static String
> TOPIC="weblogic.examples.jms.exampleTopic";
>
> public MessageBean()
> {
> }
>
> public void setMessageDrivenContext(MessageDrivenContext
> messageDrivenContext)
> {
> this.messageDrivenContext = messageDrivenContext;
> }
>
> public void ejbCreate()
> {
> }
>
> public void onMessage(Message inMessage)
> {
> try
> {
> jndiContext = new InitialContext();
> topicConnectionFactory =
> (TopicConnectionFactory)jndiContext.lookup(JMS_FACTORY);
> topic = (Topic) jndiContext.lookup(TOPIC);
> topicConnection =
> topicConnectionFactory.createTopicConnection();
> topicConnection.start();
> // The transacted parameter should be ignored in the context of a
> container tx
> topicSession = topicConnection.createTopicSession(true,
> Session.AUTO_ACKNOWLEDGE);
> topicPublisher = topicSession.createPublisher(topic);
> textMessage = (TextMessage)inMessage;
> topicPublisher.publish(inMessage);
> // this is illegal in a container transaction
> topicSession.commit();
> topicConnection.close();
> }
> catch (JMSException je)
> {
> throw new EJBException(je);
> }
> catch (NamingException ne)
> {
> throw new EJBException(ne);
> }
> }
>
> public void ejbRemove()
> {
> }
> }
>
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!DOCTYPE ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Enterprise
> JavaBeans 2.0//EN' 'http://java.sun.com/dtd/ejb-jar_2_0.dtd'>
>
> <ejb-jar>
> <enterprise-beans>
> <message-driven>
> <display-name>MessageBean</display-name>
> <ejb-name>MessageBean</ejb-name>
> <ejb-class>MessageBean</ejb-class>
> <transaction-type>Container</transaction-type>
> <message-driven-destination>
> <destination-type>javax.jms.Queue</destination-type>
> </message-driven-destination>
> <security-identity>
> <description></description>
> <run-as>
> <description></description>
> <role-name></role-name>
> </run-as>
> </security-identity>
> </message-driven>
> </enterprise-beans>
> <assembly-descriptor>
> <container-transaction>
> <method>
> <ejb-name>MessageBean</ejb-name>
> <method-name>*</method-name>
> </method>
> <trans-attribute>Required</trans-attribute>
> </container-transaction>
> </assembly-descriptor>
> </ejb-jar>
>
>
>
>
>
>
>
>
Maybe you are looking for
-
Matrix object in matrix report
hi friends I am designing a simple matrix report, data model - "select deptno , job , sum(sal) from emp group by deptno , job" now in the layout model i see that report builder has created a frame in which there is an object called "MATRIX verti rpea
-
Installed iOS7 from my iPad 2 and now it is in recovery mode...
So, two days ago, a message popped up on my iPad 2 saying that there is a new system update (iOS7) out, and I should update...I selected continue...downloaded it and then the iPad started installing it...after the installation completed, it turned of
-
KDE 4.3 vs KDEmod 4.3 (What is modularization)
Hi, Ok first a newbie question. Have I understood correctly when I say that KDEmod is essentially a "modularized" version of KDE? If so what does "modularization" mean exactly? Does it mean that instead of installing everything KDE has to offer I can
-
Hi All, In pre-insert trigger, i am inserting data in my audit table. i need to know the name of the block/table to whom the record getting saved belongs to. I need this information for my audit table. just for information, when i use :system.cursor_
-
Pay already but cannot use provisioning 3 day pass
i've pay for developer account then i got the Activation Code Email i've click on link then page show me We are unable to activate your Apple Developer Program membership. We are unable to activate your Apple Developer Program membership because we a