Monday, 26 December 2016

Installing JBOSS Application Server 7.1.1 on Linux OR Ubuntu and Configuring Multiple Instances

Hi All,

 In this post, I will be covering the steps required to set up JBoss Application Server in Linux/Ubuntu and creating multiple instances of JBoss in same machine.

JBoss Application Server (or JBoss AS) is a free software/open-source Java EE-based application server and is usable in any operating system supported by Java. The installation of JBoss is simply extracting the compressed archive into a folder.

Minimum requirements: Install java and define the environment variable JAVA_HOME

Set up JBoss Application Server 7.1.1

1. Download JBoss Application Server 7.1.1

The latest version of JBoss is available in the site 'http://jbossas.jboss.org/downloads/'. Copy the link location as shown in the figure.
 
Use 'wget' command to download the ZIP file.
wget "http://download.jboss.org/jbossas/7.1/jboss-as-7.1.1.Final/jboss-as-7.1.1.Final.zip"

Unzip the file using the below command
'unzip jboss-as-7.1.1.Final.zip'

2. Creating  new user to run the JBoss server and set the password using the following commands.

$useradd -d /home/jboss -s /bin/bash -m jboss
$password jboss

3. Rename the folder to jboss-7.1.1 and change the ownership

Move the unzipped file to /home/jboss (or any other location where you want to setup) and rename it to jboss-7.1.1
mv jboss-as-7.1.1.Final /home/jboss/
mv /home/jboss/jboss-as-7.1.1.Final /home/jboss/jboss-as-7.1.1

Change the owner of the directory on jboss installed.
chown -R jboss.jboss jboss-7.1.1/
chmod -R 775 jboss-7.1.1/

 

4. Set the JBoss and java classpath

Switch user to jboss user so that this new installation can be administered properly. It is not recommended to administer JBoss as root
su -l jboss

 Open .bashrc file in /home/jboss and add below 2 lines
export JBOSS_HOME=$HOME/jboss-7.1.1
export JAVA_HOME=/usr/lib/jvm/java-1.7.0-openjdk-amd64

 Update the changes and verify
echo $JAVA_HOME
echo $JBOSS_HOME

 

5. To Change default port 8080

If you do not want to change the port and continue using the default port 8080, skip this step and move to step 6.
Open standalone.xml present in <JOBSS_HOME>/jboss-7.1.1/standalone/configuration and change the ports (here I am using 7080) in the below location and find <socket-binding-group> and <socket-binding> in it.
        <socket-binding name="ajp" port="7009"/>
        <socket-binding name="http" port="7080"/> <!-- Changed from 8080 to 7080 -->
        <socket-binding name="https" port="7443"/>
        <socket-binding name="osgi-http" interface="management" port="7090"/>

6. To Access JBoss AS using hostname of IP

By default (due to security reasons) JBoss AS binds only to localhost. If you want to access it via your hostname or IP, then you can edit the
JBOSS_HOME/standalone/configuration/standalone.xml to change the "public" and "management" interfaces to point to hostname of your system as shown in above screenshot.
<interface name="management">
            <inet-address value="${jboss.bind.address.management:<your hostname/ip address>}"/>
        </interface>
        <interface name="public">
                 <inet-address value="${jboss.bind.address:<your hostname/ip address>}"/>
</interface>

 

7. Run the JBoss application

JBoss can be started using below command
<JBOSS_HOME>/jboss-7.1.1/bin$ ./standalone.sh

The server start up message is shown as '[org.jboss.as] (Controller Boot Thread) JBAS015874: JBoss AS 7.1.1.Final "Brontes" started in 1901ms - Started 133 of 208 services (74 services are passive or on-demand)'



CTRL+C can be used to stop the server.

 

8. Install JBoss AS 7 as a service

Create a file at /etc/init.d location.
cp <JBOSS_HOME>/jboss-7.1.1/bin/init.d/jboss-as-standalone.sh /etc/init.d/jboss7

 Give execute permissions to the script.
chmod +x jboss7

 Run the JBoss as a service.
service jboss7 start|stop|status|restart|reload

 

9. After a successful startup, login to the JBoss admin console.

http://<hostname>:7080

 Access the admin console using http://<hostname>:9990
You will see the below error page as no users are added to access the admin console. 
Create an internal JBoss management user which is used to access the new JBoss management console. This is done by running 'add-user.sh' script in <JBOSS_HOME>/bin location. We select the default value for the Realm (ManagementRealm), by hitting enter, and select 'jboss1' as our username. By default, we supply 'jboss1pwd' as our password, of course, you can provide any password you prefer here.


 After finishing the above steps, start the server again and access the JBoss admin console again.

10. Deploying the application

Just copy your war file to <JBOSS_HOME>/standalone/deployments/ folder, it should deploy it automatically. It'll also create your_app_name.deployed file,
when your application is deployed. Access your application using
http://<hostname>:7080/test-app/

Create Multiple Instances of JBoss Application Server 7.1.1

Follow the below steps to set up multiple instances of JBoss in the same server.

1. Create multiple directories under deployment folder. Here I am creating two directories named one and two under <JBOSS_HOME>/jboss-7.1.1/standalone/deployments folder.
  

2. Open standalone.xml file under <JBOSS_HOME>/jboss-7.1.1/standalone/configuration and change the deployment-scanner to point to one folder.



3. Create new standalone-two.xml file (copy of standalone.xml) under <JBOSS_HOME>/jboss-7.1.1/standalone/configuration and change the deployment-scanner to point to two folder. Also change port-offset to 2000 (default value is 0). This indicates that all the sockets will have their port offset by 2000 from the declared value. In the below example, http port is 7080, so the new http port is 9080.

 

4. Create new standalone-two.conf file under <JBOSS_HOME>/jboss-7.1.1/bin and point server default configuration file to use standalone-two.xml.

 

5. Create new standalone-two.sh file under <JBOSS_HOME>/jboss-7.1.1/bin and point to use standalone-two.conf file.

 

6. Now the instances can be started/stopped using their respective sh scripts.  

For example, to deploy only the war/jar files under <JBOSS_HOME>/jboss-7.1.1/standalone/deployments/one directory, use ./standalone.sh command. The application can be accessed using http://<hostname>:7080/test-app/. Admin console using http://<hostname>:9990

To deploy only the war/jar files under <JBOSS_HOME>/jboss-7.1.1/standalone/deployments/two directory, use ./standalone-two.sh command. The application can be accessed using http://<hostname>:9080/test-app/ (9080 as our port-offset is 2000 in this case). Admin console can be accessed using http://<hostname>:11990

 

7. Below given is the structure of JBoss AS configured for multiple instances.

jboss-7.1.1
 |-bin
    |- standalone.conf
    |- standalone.sh
    |- standalone-two.conf
    |- standalone-two.sh
 |-standalone
    |- configuration
        |- standalone.xml
        |- standalone-two.xml
    |- deployments
        |- one
            |- test-app.war
        |- two
             |- test-app.war 

 

ERRORS Occurred and its solution:

1. /etc/init.d/jboss7: 12: Can't open /etc/init.d/functions during starting the service.
    Comment the line /etc/init.d/functions and add the below 2 lines in the jboss7 script.
     export JBOSS_HOME=$HOME/jboss-7.1.1
   export JAVA_HOME=/usr/lib/jvm/java-1.7.0-openjdk-amd64

2. 'let' not found during starting the JBOSS service.
The command 'let' is a bash builtin, so if you're using it in a script that runs /bin/sh, it will fail, since /bin/sh on Ubuntu is dash, not bash.
Change from /bin/sh to /bin/bash in the starting line of the script.

Any feedback or suggestions is always welcome :-)


Posted by at No comments:

Thursday, 8 December 2016

Alfresco integration with LDAP directory server (For development)


Hi All, 

This is my first blog on Alfresco. I hope that this post will help you in configuring Alfresco with LDAP directory server for development purpose.

Alfresco can be configured with alfrescoNtlm, AD, LDAP, Kerberos or any other external servers. Authentication Chain is used to configure alfresco with a number of systems. By default, the authentication chain in repository.properties file is as below:
authentication.chain=alfrescoNtlm1:alfrescoNtlm
 
This indicates that only alfrescoNtlm is used for authentication. In order to configure AD authentication, we can need to modify the authentication chain.

For the development purpose of integrating Alfresco with LDAP, I am using using Alfresco 5.1 enterprise edition installed and linux to install ApacheDS LDAP server.

 

1. Install ApacheDS LDAP server on Linux

Download ApacheDS for Linux by navigating to
http://directory.apache.org/apacheds/download/download-linux-bin.html and copy the link location of the installer as shown.

Use the following commands from command line to install ldap server
Run the installer using the below commands
    chmod a+x apacheds-2.0.0-M23-64bit.bin
   ./apacheds-2.0.0-M23-64bit.bin start
Provide input to installer
Run the server using the following command
sudo /etc/init.d/apacheds-2.0.0-M12-default start

Check the status of the server
sudo /etc/init.d/apacheds-2.0.0-M12-default status

Once the server is up and running, connect to the ldap server server using Apache Directory Studio.

2. Connect to LDAP server on linux using Apache Directory Studio

In this case, I am installing Apache directory studio in windows.
After successful installation, run Apache Directory Studio.
Create a new connection to the LDAP server we just installed (ApacheDS on Windows)

Provide hostname (10.88.278.165 for me) and port 10389.
Set Bind DN or User to the value uid=admin,ou=system and Bind password to secret.
Press Check Authentication if you want to make sure and press Finish.
The LDAP directory browser is presented with the current contents of the (default, vanilla, out of the box) ApacheDS structure. Add user entries and group by following the below link.
https://access.redhat.com/documentation/en-US/Fuse_MQ_Enterprise/7.1/html/Security_Guide/files/LDAP-AddUserEntries.html

Here I have created 2 users and a group. And added the 2 users to the 'OrgGroup'. 

3. Alfresco configuration

For the integration, our settings should be populated in the ldap-authentication.properties file under 
alfresco-one/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/
Add the below mentioned configuration 

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=uid=%s,ou=User,ou=cignex,ou=system
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://10.88.278.165:10389 <Put your AD server name or IP here>
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.authenticateFTP=true
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=uid=admin,ou=system
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=0
ldap.synchronization.attributeBatchSize=0
ldap.synchronization.groupQuery=(objectclass\=groupOfNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou=Group,ou=cignex,ou=system
ldap.synchronization.userSearchBase=ou=User,ou=cignex,ou=system
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=cn
ldap.synchronization.userLastNameAttributeName=
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=cn
ldap.synchronization.groupType=groupOfNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

Add the authentication chain in alfresco-one/tomcat/shared/classes/alfresco-global.properties as
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap
In this case, Alfresco first tries to authenticate the user from alfrescoNtlm1 and if the user is not present, then ldap1 will be tried.

Now, Alfresco is ready for startup. You can find the below details on synchronization in the log files.
After the Alfresco start up , login into Alfresco to find the groups and users which are created in LDAP server.

 

4. Errors occured and its solutions

I kept getting the following unparseable date exception during Alfresco start up. 


The error comes from this line:
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'

 The error caused because the new entries(Groups and Users) which were created had a different timestamp. It was solved by removing 'Z'. 
ldap.synchronization.timestampFormat=yyyyMMddHHmmss

I hope that this post will help you. Any feedback and comments are always welcome :-)

Thanks,
Swetha Akula
 




Posted by at 1 comment:
Subscribe to: Posts (Atom)