I am trying to migrate the deployment of some applications from tomcat 6 to jboss-as 7.
A single sign-on mechanism has been implemented for these projects, which, in order to work, needs to have crossContext="true" set in the tomcat context.xml file and emptySessionPath="true" in the connector configuration found within server.xml.
How can these settings be mimicked in jboss7? I know that jboss uses a modified tomcat as a servlet container, but I have been unable to find any of these settings.
Found this: http://community.jboss.org/message/617186
Not sure if it works though...
Servlet 3.0 specification supported by JBoss 7.1 allows specification of session cookie path in web.xml. Just put this fragment to all of your wars whose context you want to be shared:
<session-config>
<cookie-config>
<path>/</path>
</cookie-config>
</session-config>
Related
Suppose I have one web application ABC , ABC has one link for module Name XYZ which is deployed in other JBOss or Wildfly server. When user login into application ABC , and click on link XYZ I have to use same authentication of ABC to XYZ. What is the proper way to do it ?
The Web (Undertow) Reference Guide for Wildfly (which was last updated July, 2014) states this:
Sharing sessions between wars in an ear
Undertow allows you to share sessions between wars in an ear, if it is explicitly configured to do so. Note that if you use this feature your applications may not be portable, as this is not a standard servlet feature.
In order to enable this you must include a shared-session-config element in the jboss-all.xml file in the META-INF directory of the ear:
<jboss umlns="urn:jboss:1.0">
<shared-session-config xmlns="urn:jboss:shared-session-config:1.0">
<session-config>
<cookie-config>
<path>/</path>
</cookie-config>
</session-config>
</shared-session-config>
</jboss>
This element is used to configure the shared session manager that will be used by all wars in the ear. For full details of all the options provided by this file please see the schema at https://github.com/wildfly/wildfly/blob/master/undertow/src/main/resources/schema/shared-session-config_1_0.xsd, however in general it mimics the options that are available in jboss-web.xml for configuring the session.
This was added in WFLY-1891 (Fix Versions: 8.2.0.Final, 9.0.0.Alpha1), the comments on which note that it doesn't work in a cluster (as of April, 2014).
See also another SO post - Session sharing on WildFly is not working
Edit:
WFLY-3270 - Clustered support for HTTPSession sharing between wars delivered in an EAR notes that clustering was resolved in 9.0.0.Alpha1.
I faced a very strange behavior with WildFly 8.x (tested with 8.1 and 8.0 also). If I deploy my WAR as ROOT (set the '/' as context-root in jboss-web.xml) my JAX-RS resource classes will have different session IDs (each resource class will have a unique session id). But in fact, if I set anything else other than '/' as the context-root everything works as I expected originally (every JAX-RS resource class share the same session).
I know that REST services are stateless and I don't have to worry about sessions but I'm so curious why it behaves like that. Does anyone have any ideas?
Thanks!
Here's a sample minimal project where you can reproduce this issue: https://github.com/aberkes/cdi-sessionscoped-bean-demo
The idea is that by default if you deploy to ROOT, jboss doesn't use a fixed cookie path parameter. This is made for the case, when you have other applications running in different sub-folders and requiring their own independent sessions.
To change this behaviour, you may use the
<session-config>
<cookie-config>
<path>/</path>
</cookie-config>
</session-config>
parameter in your web.xml. Then all jsessions will be bound to the root path.
I am migrating my project(uses servlets / jsp / jdbc / jndi) build on Weblogic 10c to an Apache Tomcat 7.0.22. I have managed to configure the ldap authentication server and also to replace the xxx-jdbc.xml used by weblogic. Now my problem is that i am trying to migrate the weblogic.xml file found in web Content/WEB-INF directory. The contents of the xml file are the following:
<?xml version = '1.0' encoding = 'UTF-8'?>
<weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-web-app http://www.bea.com/ns/weblogic/weblogic-web-app/1.0/weblogic-web-app.xsd"
xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app">
<security-role-assignment>
<role-name>REGISTERED_USER</role-name>
<principal-name>GROUP_NAME_FROM_LDAP</principal-name>
</security-role-assignment>
<session-descriptor>
<debug-enabled>false</debug-enabled>
<tracking-enabled>true</tracking-enabled>
<cookie-name>nameOfCookie</cookie-name>
<cookie-max-age-secs>-1</cookie-max-age-secs>
<url-rewriting-enabled>false</url-rewriting-enabled>
<encode-session-id-in-query-params>false</encode-session-id-in-query-params>
<sharing-enabled>false</sharing-enabled>
</session-descriptor>
<context-root>my_app_context_root</context-root>
<servlet-descriptor>
<servlet-name>FileDownload</servlet-name>
</servlet-descriptor>
</weblogic-web-app>
From top to bottom i have the security-role-assignment which maps users from an ldap group to have the REGISTERED_USER. The tag session-descriptor i think is self explained. Then there is my apps context root context-root. And then some servlet definition that is used to register the servlet to Weblogic (this is also defined in web.xml and i think this will not need any more handling).
So what is the best way to migrate this weblogic.xml file in my application?
In Tomcat, these things can be defined in a couple of different places.
For the security-role re-mapping, use the standard <security-role-ref> in web.xml to re-map role names.
If you are using a servlet-3.0-spec webapp, then many of your session- and cookie-related items are available via web.xml:
<session-config>
<cookie-config>
<name>nameOfCookie</name>
<max-age>-1</max-age>
</cookie-config>
<!-- just don't use "URL" to disable rewriting -->
<tracking-mode>COOKIE</tracking-mode>
</session-config>
Otherwise, you'll have to resort to some acrobatics. First, I'll assume that you are using a META-INF/context.xml file within your webapp for deployment to Tomcat.
Session cookie name
<Context sessionCookieName="nameOfCookie" />
Cookie max-age
Use the standard <session-config><session-timeout /> in web.xml. (Technically, this configures the max-age of the session, but the effect is the same: the cookie will essentially become invalid after the session expires. If you really need cookie max-age, read this thread: http://markmail.org/thread/u2ysiz3uxays2w4i)
Cookie debug/tracking are not supported by configuration. You will have to write your own Filter(s) to duplicate these features.
Disabling URL rewriting will require that you write a Filter that overrides HttpServletResponse.encodeURL and HttpServletResponse.encodeRedirectURL to be no-ops on their String arguments.
I have a web application deployed as war file in weblogic 10.3.3. Now I want to make this application clusterable. For this I'm using the HttpClusterServlet from Weblogic as a load balancer. According to the documentation I can put this servlet configuration into the web.xml
<servlet>
<servlet-name>HttpClusterServlet</servlet-name>
<servlet-class>weblogic.servlet.proxy.HttpClusterServlet</servlet-class>
<init-param>
<param-name>WebLogicCluster</param-name>
<param-value>server-1:7122|server-1:7123</param-value>
</init-param>
</servlet>
The problem is that this configuration is hard wired at build time and can't be reconfigured at runtime. For instance I would like to be able to add 5 more servers dynamically. I had several ideas to solve that problem:
Extend the weblogic.servlet.proxy.HttpClusterServlet with an own servlet implentation. This is not possible, the class is final.
Use a servlet filter to reconfigure the servlet. The servlet is not accessible anymore through ServletContext().getServlet(String) since Java Servlet API 2.1, with no direct replacement.
Reflection might be an option, but I couldn't figure out a reliable way to access the configuration
All of my attempts to reconfigure this init-param externally failed so far. I'm open to any solutions.
This might help How to externalize web.xml servlet init-param? Spring DelegatingFilterProxy for Servlets? Even if your not using Spring it wouldn't be too hard to port that servlet to another IoC container.
When using JAAS JDBCRealms with Tomcat, I usually define the realm in server.xml. But now I am looking for a simpler solution, where I don't have to configure the Tomcat container when deploying the application.
If possible, I would like to keep all the JAAS configuration in web.xml and just define the realm per application/webapp.
One thread mentions that he did this by defining the realm in META-INF/context.xml of the webapp.. but I could not get it working (Why is Tomcat manager using my LoginModule?).
Please help me find the correct location in the .war to define a org.apache.catalina.realm.JDBCRealm that is then used for that webapp.
To define your own JDBCRealm, create a META-INF/context.xml in your own web application.
Configure your JDBCRealm according to the specification based on your Tomcat Server versions:
Tomcat 5.5
Tomcat 6.0
Tomcat 7.0
These links shows you exactly how to configure JDBCRealm.