Skip to content

JBoss AS 7 Modifications

Jump to bottom Edit New page
kraxner edited this page Jan 30, 2013 · 4 revisions

This page gives an overview on necessary changes to JBoss AS 7.1.x

Which Version to use

Download and install JBoss AS 7.1.0.Final. You could use JBoss AS 7.1.1.Final, but there are [issues with the included JSF implementation] (https://issues.jboss.org/browse/AS7-4366), so you would have to replace the corresponding modules yourself.

Modules

MySQL:

  1. Download [MySQL Connector/J] (http://dev.mysql.com/downloads/connector/j)
  2. Create a driver module as described in [Installing a JDBC driver as a module] (https://community.jboss.org/wiki/DataSourceConfigurationInAS7#Installing_a_JDBC_driver_as_a_module)

Install and setup PicketLink

  1. Go to the modules/org/picketlink/main directory and delete all jar files in it.
  2. Download Picketlink 2.1.4 jars for JBoss AS 7.1.x here: picketlink-core-2.1.4.Final.jar and picketlink-jbas7-2.1.4.Final.jar
  3. Copy both Picketlink 2.1.4 jars into modules/org/picketlink/main directory
  4. In modules/org/picketlink/main do the following changes to the module.xml file :

<module xmlns="urn:jboss:module:1.1" name="org.picketlink"> <resources> <resource-root path="picketlink-core-2.1.4.Final.jar"/> <resource-root path="picketlink-jbas7-2.1.4.Final.jar"/> </resources> <dependencies> <module name="javax.api"/> <module name="javax.security.auth.message.api"/> <module name="javax.security.jacc.api"/> <module name="javax.transaction.api"/> <module name="javax.xml.bind.api"/> <module name="javax.xml.stream.api"/> <module name="javax.servlet.api"/> <module name="org.jboss.common-core"/> <module name="org.jboss.logging"/> <module name="org.jboss.as.web"/> <module name="org.jboss.security.xacml"/> <module name="org.picketbox"/> <module name="javax.xml.ws.api"/> <module name="org.apache.log4j"/> <module name="org.apache.santuario.xmlsec"/> </dependencies> </module>

Modifications to Configuration

Transaction Timeout

To allow uploads of big sample files, increase the transaction timeout

        <subsystem xmlns="urn:jboss:domain:transactions:1.1">
            <core-environment>
                <process-id>
                    <uuid/>
                </process-id>
            </core-environment>
            <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
            <coordinator-environment default-timeout="1200"/>
        </subsystem>

Deployment-Timeout

Under <subsystem xmlns="urn:jboss:domain:deployment-scanner:1.1"> add the attribute deployment-timeout="300" to the deployment-scanner tag:

   <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" deployment-timeout="300"/>

http-parameters max count

Some of the pages in Plato use big forms which can cause problems (exceptions) when they are validated. To avoid this add following lines in standalone.xml after the <extensions>...</extensions> part.

      <system-properties>
        <property name="org.apache.tomcat.util.http.Parameters.MAX_COUNT" value="10000"/>
      </system-properties>

Picket Link

In standalone.xml add the following security-domains to the <subsystem xmlns="urn:jboss:domain:security:1.1">, <security-domains> .

 
                <security-domain name="idp" cache-type="default">
                    <authentication>
                        <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
                            <module-option name="unauthenticatedIdentity" value="guest"/>
                            <module-option name="dsJndiName" value="java:jboss/datasources/idpDatasource"/>
                            <module-option name="principalsQuery" value="SELECT password FROM IdpUser WHERE username=? AND status='ACTIVE'"/>
                            <module-option name="rolesQuery" value="SELECT r.rolename as Role, 'Roles' as RoleGroup FROM IdpUser u, IdpUser_IdpRole ur, IdpRole r WHERE u.username=? and ur.user_id = u.id and ur.roles_id = r.id order by r.rolename"/>
                            <module-option name="hashAlgorithm" value="MD5"/>
                            <module-option name="hashEncoding" value="hex"/>
                        </login-module>
                    </authentication>                
                </security-domain>
                <security-domain name="sp" cache-type="default">
                    <authentication>
                        <login-module code="org.picketlink.identity.federation.bindings.jboss.auth.SAML2LoginModule" flag="required"/>
                    </authentication>
                </security-domain>

Datasources

You have to add datasource definitions for your applications. Adjust the passwords and users to ones you created for Planning Suite and IDP

For Planning Suite

                <datasource jta="true" jndi-name="java:jboss/datasources/platoDatasource" pool-name="platoDatasource" enabled="true" use-java-context="true" use-ccm="true">
                    <connection-url>jdbc:mysql://localhost:3306/platodb?useUnicode=true&amp;connectionCollation=utf8_general_ci&amp;characterSetResults=utf8&amp;characterEncoding=UTF-8</connection-url>
                    <driver>mysql</driver>
                    <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation>
                    <pool>
                        <min-pool-size>1</min-pool-size>
                        <max-pool-size>20</max-pool-size>
                        <prefill>true</prefill>
                        <use-strict-min>false</use-strict-min>
                        <flush-strategy>FailingConnectionOnly</flush-strategy>
                    </pool>
                    <security>
                        <user-name>plato</user-name>
                        <password>plato</password>
                    </security>
                    <validation>
                        <validate-on-match>false</validate-on-match>
                        <background-validation>false</background-validation>
                        <use-fast-fail>false</use-fast-fail>
                    </validation>
                    <statement>
                        <prepared-statement-cache-size>500</prepared-statement-cache-size>
                        <share-prepared-statements>Ltrue</share-prepared-statements>
                    </statement>
                </datasource>

For IDP:

                <datasource jta="true" jndi-name="java:jboss/datasources/idpDatasource" pool-name="idpDatasource" enabled="true" use-java-context="true" use-ccm="true">
                    <connection-url>jdbc:mysql://localhost:3306/idpdb?useUnicode=true&amp;connectionCollation=utf8_general_ci&amp;characterSetResults=utf8&amp;characterEncoding=UTF-8</connection-url>
                    <driver>mysql</driver>
                    <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation>
                    <pool>
                        <min-pool-size>1</min-pool-size>
                        <max-pool-size>20</max-pool-size>
                        <prefill>true</prefill>
                        <use-strict-min>false</use-strict-min>
                        <flush-strategy>FailingConnectionOnly</flush-strategy>
                    </pool>
                    <security>
                        <user-name>idp</user-name>
                        <password>idp</password>
                    </security>
                    <validation>
                        <validate-on-match>false</validate-on-match>
                        <background-validation>false</background-validation>
                        <use-fast-fail>false</use-fast-fail>
                    </validation>
                    <statement>
                        <prepared-statement-cache-size>500</prepared-statement-cache-size>
                        <share-prepared-statements>Ltrue</share-prepared-statements>
                    </statement>
                </datasource>
Add a custom footer
Add a custom sidebar
Clone this wiki locally