I have a liberty app that connects Bluemix Message Hub. It works fine locally, however it never works when I run the liberty app from Bluemix Liberty. I'm following the example in https://github.com/ibm-messaging/message-hub-samples/tree/master/kafka-java-liberty-sample where you change username/pw in server.xml during runtime.
After some trial and error I realized that when I hardcode my kafka username/pw in server.xml, then BluemixLiberty connects to MsgHub fine. When I "hotswap" the kafka username/pw like in the example, it doesn't work and never connects to kafka (even when I restart the service it doesn't reconnect). I've checked by logging into my service using CF and the sever.xml does have the username/pw correctly swapped.
Is this feature supported in Bluemix Liberty? If not, how am I supposed to properly use vcap-services so I don't hardcode my production user/pw?
I have just redeployed MessageHub's kafka-java-liberty-sample to Bluemix and checked it works ok.
One reason your own application may not work could be if it reads server.xml's before the credentials replacement takes place. In the sample, the textual replacement occurs before any JAAS configuration is set.
However, you may follow another, better, approach.
Using Kafka's 0.10.2 client, you do not have to use a global JAAS configuration (a jaas.conf file in a plain Java app, or a <jaasLoginContextEntry> in Liberty's server.xml).
You can instead remove both <jaasLoginContextEntry> and </jaasLoginModule> sections from server.xml and avoid doing any replacement there.
Add to your consumer and producer's Properties a sasl.jaas.config property that contains the username and password obtained from VCAP_SERVICES.
see http://kafka.apache.org/documentation/#security_sasl_plain_clientconfig
e.g. a property like the following with real USERNAME and PASSWORD.
Note that " and ; are expected to be there verbatim.
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username="USERNAME" password="PASSWORD";
see https://github.com/ibm-messaging/message-hub-samples/pull/17
(we will merge this PR shortly, for now the branch is
https://github.com/edoardocomar/message-hub-samples/tree/liberty-fixed-serverxml)
Related
I'm working on a SpringBoot application running on z/OS natively (not in a zCX container).
The idea is to maintain a session to a PROTECTED RACF service id using ssh key private/public key pair.
I've set the user, the USS directory and the keys are in the right places.
Here is the interesting bit - I've written the application for easy of testing that runs locally on my corporate laptop. I've targeted in it the inbound address of the z/OS and the same exact private key as when running on z/OS natively(therefore I'm sure the key format is correct). Everything works as expected and I'm able to connect using this key.
However when I package the application to a jar file and run it on z/OS I get
java.lang.RuntimeException: com.jcraft.jsch.JSchException: invalid privatekey
The service ID that is running the SpringBoot application on z/OS has access to the private key used when using jSch.addIdentity() - I know this because I changed the owner of the key and tested it out. Got a ICH408I message stating the user doesn't have access to the private key(reverted back after testing).
After few days of scratching my head and testing out lots of access setups I've decided to test out if I'm even able to establish a SSH session to this ID from within z/OS - no problems here.
I've also set a password to service ID that is used to run the SpringBoot application. Logged to it and ran ssh XXXXXX#localhost -i private_key without any problems. Therefore I'm pretty sure that this is somehow related to a JSch library problem.
Anyone ever came a cross something like that ?
I'm really struggling to configure Wildfly 9 to cluster/failover its sessions...
I keep reading that wildfly in standalone-ha mode will automatically discover peers and automatically share sessions, but it's clearly not working for me.
I have setup 3 AWS EC2 servers which all have the same configuration. They all run the same versions of everything and have the same webapp .war file deployed to each of them. This webapp works fine, I can log in to the app which maintains a simple session variable to verify that I am logged in. I've launched each server with standalone-ha.xml configuration files but logging into one doesn't allow be to access the session in any of the others.
I've tried all the things I can think of, but don't know how to diagnose the issue as I don't know how the servers identify each other.
I've manually deployed the war file on each server but placing the file into .../standalone/deployments/
Each has a fully open firewall...
Oh - I set the muticast address on the command line to 230.0.0.4 (That number came from a guide, and I have literally no understanding of it) and each is bound (-b) to the internal IP of the server...
Any help appreciated...
First you must consider that in AWS EC2 multicast traffic is not allowed and thus MPING will not work.
See http://developer.jboss.org/wiki/JGroupsS3PING
An example how to implement S3Ping http://aws.typepad.com/awsaktuell/2013/10/elastic-jboss-as-7-clustering-in-aws-using-ec2-s3-elb-and-chef.html
Follwing the steps as outlined here: Standalone web service
I created a test web service that works great on my local machine. Since this is 'stand alone' I copied the same root folder on to a 'server' that I use and published the service on the server (as if it is my local machine). When I access the wsdl using localhost as the domain name, it works fine on the server. However, when I try the url from a different macihne on the network giving the server's domain name instead of localhost, I get a 'can not be displayed' error in IE.
My question is, should this even be possible? Or is there anything specific that needs to be done. Since this is a 'stand alone' solution, we should not require 'another' container like tomcat correct?
To be honest, until your post, I had no idea there was a builtin, lightweight, HTTP Server in the JDK. I've always used glassfish for my web service needs.
I can't say for sure, but if you look closely at the example code you'll see:
Endpoint endpoint = Endpoint.publish("http://localhost:8080/calculator", calculator);
I suspect that this limits you to "localhost" as opposed to the host machine. Try changing it so that it represents the name of the server and try again from another machine (naturally making sure it can get through the firewall as well). Something like:
Endpoint endpoint = Endpoint.publish("http://myserver:8080/calculator", calculator);
Rebuild it and try again. Other than that, you'd need to create a proper war file and deploy to glassfish, tomcat, etc.
I've being trying to setup my java application that connects to a local queue manager in MQ7 without a WebSphere Application Server installed on my machine in binding mode. Without specifying the host in the .bindings file, running my application will throw an java exception somewhere along the lines of:
com.ibm.msg.client.jms.DetailedIllegalStateException: JMSWMQ0018:
Failed to connect to queue manager 'TBUKKKNN' with connection mode
'Client' and host name ''. Check the queue manager is started and if
running in client mode, check there is a listener running. Please see
the linked exception for more information.
Although documentation for WebSphere MQ has explicitly denied possibility of connecting to MQ7 without WAS installed on same machine, my colleagues are very confident that there are workarounds for this.
Much appreciated if anyone could help me with this issue. Or let me know if more clarification on my question is required.
I wrote an article a while back that explains how to do this so I'm a little puzzled about any documentation stating that it can't be done. Not only is there a "workaround" but it is officially supported and the sample programs that come with the WMQ Client install media include several that use Java and JMS but do not use a Java EE server. If for some reason you just grabbed the jar files instead of installing the vendor distribution, you can download it for free to get the samples. The v7.0 client is here and the v7.1 client is here. Also, make sure to use the version of the docs that matches your client version. The v7.0 Infocenter is here and the v7.1 Infocenter is here. Any client version can connect to a v7.0 QMgr, by the way.
Anyway, your error message indicates that your Connection Factory transport type is still set to Client. You'll need to change it to BIND. The properties are described here. The landing page with the list of all the properties of all the administered objects is here.
Change to cf.setTransportType(MQCNO_STANDARD_BINDING); ...that should work
cf.setTransportType(WMQConstants.WMQ_CM_BINDINGS);
cf.setIntProperty(WMQConstants.WMQ_CONNECTION_MODE, WMQConstants.WMQ_CM_BINDINGS);
First of all, we are running a Java Web application running on WAS 5.1. Behind that, we use an Oracle data base. The problem that we're faced to is really simple, but after a couple of hours of Google search, I decided to ask you.
We have an application that is running on WAS. When we start the server, WAS sets his DataSource so that it points to the data base. Everything works fine, expect when the DBAs have to reboot the data base server. When they do, the data source is no longer valid and we have to manually restart all server and we are currently trying to correct that, if possible. We need to find a way to do it because we have 3 pre-production environnement for for our application, and there are two servers associated with it, one for the application and the other is a report generator web service. So, when the DBAs wants to reboot the server (and they usually don't tell us!) we have to reboot six servers. I was wondering if in Java, there was a way to reset the data source so that we don't need to restart the servers.
For you information, WebSphere is v5.1 and Oracle is 9g with Java 1.4.2.17.
We also use RAD:
Version: 6.0.1
Build id: 20050725_1800
You should configure your application server to always test the connection before leasing it out to a client. I'm not familiar with Websphere that much, but in WebLogic, you can set a jdbc sql statement such as select 1 from dual and the container removes stale connections from the connection pool.
Here is a link on how to do it in Websphere
http://www-01.ibm.com/support/docview.wss?uid=swg21439688
Based on what i read from your note, you should receive Stale connection exception as WAS has stale handles (in its pool) as the DB has been restarted.
The Data Source configuration can be configured to purge the entire pool once a stale connection is detected. The default policy is to purge the individual connection.
Adopting this would prevent you from restarting your WAS Servers.
There are a number of resources in this space
http://www-01.ibm.com/support/docview.wss?uid=swg21063645
HTH
Manglu