Adding security websphere.javaee.security jar to Liberty Server classpath - websphere-liberty

I am attempting to use a third party application to instrument Liberty Server 18.0 and attempting to add a library to the liberty server classpath on Linux. The library is called: "com.ibm.websphere.javaee.security.1.0_1.0.21.jar" and it is under the "/wlp/dev/api/sec" of the Liberty Server.
In my defaultServer directory I have tried several things including in my jvm.options file:
-Dorg.osgi.framework.bootdelegation=META-INF.services,com.singularity.*,com.ibm.*
-Djava.security.policy=/opt/wlp/usr/servers/defaultServer/server.policy
-Xbootclasspath/p:/opt/wlp/dev/api/spec
-javaagent:/opt/myserveragent/javaagent.jar
I've validated that my server is taking that classpath argument but it seems to have no affect. I've also attempted to add this folder also to my server.xml
<library id="agent">
<fileset dir="/opt/wlp/dev/api/spec" includes="*.jar" scanInterval="5s" />
</library>
In desperation I've also tried to simply copy the jars from the /dev/api/sec/ folder to the /wlp/lib directory which appears to be the default folder where all the main liberty classes are loaded from..
Whenever I run:
lsof -p xxxx
I can see that it is never loaded. How do I add this jar to my defaultServer classpath so my third party library can use it?

The best way to do this is to add it to the jvm.options file of your server instance:
-Xbootclasspath/p:/opt/wlp/lib/com.ibm.websphere.security_1.1.21.jar
However; as both Andy and Alasdair mentioned in the comments it seems to affect the admin-Center feature. So not recommended!!

Related

Liberty on Windows/Linux

I try to deploy a JAVA application on Liberty (I will use <> as place holder)
On Windows:
If I add my application in Eclipe with the help of the Add and Remove.. Ressource, the application runs successfully on Liberty. In \wlp\usr\servers\<ServerName>\apps a new file <MyAppName>.war.xml is created:
<dir sourceOnDisk="C:\<MyAppName>\<MyAppName>-source\src\main\webapp" targetInArchive="/"/>
On Windows:
If I create in \wlp\usr\servers\<ServerName>\apps the file <MyAppName>.war.xml manually and link it to the <MyApp>.war directory:
<dir sourceOnDisk="C:\Users\<userName>\Desktop\<MyAppName>.war" targetInArchive="/"/>
the application runs successfully.
On Linux:
I want now to deploy the same war on a Liberty server on linux. The problem is the structure of the directories- it is completely different than in Windows.
In the appl directory, there are the following subdirectories:
appl_dropins
wl_config
Where do I have to put the file <MyAppName>.war.xml? And the server.xml? Why is so different on Linux?
On Windows the structure was for the <ServerName> apps, dropins, logs,resources, tranlog, workarea + the File server.xml
Thank you in advance.
When you deploy directly from Eclipse it is pointing to the workspace by default, which is good for development, but not for deployment to other environments.
You have following options:
change publishing options in Eclipse to publish war by unchecking 'Run applications directly from workspace'
Export application from Eclipse using Export > War file
or create packaged server - right click on your server select Utilities > Package server and then use 'usr' option.
Packed server option is quite good for moving between environments, as it gathers all - application, server.xml, and any other files you had in the server folder. Then you just unzip archive on your target host and run the server.
As Alasdair said there is no difference in directory structure between Win and Linux, so either you have some different product on Linux, or it was heavily customized by someone or some tool.
Thank you for the fast answer.
I did as you said. I created the war <MyAppNewName.war> file, unzip it <MyAppNewName> and put it in the dropings directory. When I start the server, I get among other exceptions the following one:
[ERROR ] CWWKZ0005E: The server is not configured to handle the resource at location C:\kits\wlp-webProfile7-18.0.0.1\wlp\usr\servers\newTest\dropins\<MyAppNewName>\index.xhtml.
For the App in the orginal question, the file <MyAppName>.war.xml contained
<?xml version="1.0" encoding="UTF-8"?>
<archive>
<dir sourceOnDisk="C:\Users\userName\Desktop\MyAppName.war" targetInArchive="/"/>
<dir sourceOnDisk="C:\MyAppName\MyAppName-source\target\classes" targetInArchive="/WEB-INF/classes"/>
</archive>
In C:\MyAppName\MyAppName-source\target\classes there are the .class files and the war does not contain them.
So how do I add the .classes to the war?

IBM Liberty Profile: The feature 'websocket-1.0' is not recognized

Just an initial step to run websocket application on IBM Liberty Profile 8.5.5.5. After did lots of research I found I needed to add a feature on the Liberty server.xml file.
<featureManager>
<feature>websocket-1.0</feature>
.......
</featureManager>
But as soon as I added that line on the configuration I'm getting a warning that
The feature 'websocket-1.0' is not recognized
server.xml /WebSphere Application Server V8.5 Liberty Profile/servers/defaultServer
line 5 Liberty Profile Configuration Problem
Any thought? Do I needed to add any Jar file for that?
In the 8.5.5.5 or earlier websocket feature is not contained in the downloaded jar. You have to install it from the repository using the following command:
featureManager install websocket-1.0 --when-file-exists=ignore
see the following page - Java WebSocket 1.0.
The 8.5.5.6 version is Java EE 7 compatible and contains webSocket-1.1 feature already built in, so you may download that one.
The feature files are in [Liberty Install]/lib/features folder.
However, I don't see websocket-1.0 or websocket-1.1 in Liberty 8.5.5.5
Try to use 8.5.5.6, you should see websocket-1.1.mf
For OpenLiberty navigate to [OpenLiberty Install]/bin via shell and execute:
featureUtility installFeature websocket-1.0 --acceptLicense
This will install the missing feature to the folder [OpenLiberty Install]/lib/features.

how to set java class loader PARENT_LAST

i have a spring mvc web application that I need to change the class loader on. I need to change the class loader to be equal to PARENT_LAST. I am using WAS 6.1 and already have a jacl script from a previous web application I can copy to do the job.
In the last application Apache ant was used and what they did was to make the deploy dependent on running the jacl script.
In my new web application I am using maven install to create a war file and am deploying that war file to my application server.
How can I set the class loader to be PARENT_LAST using maven? I know how to do it in the console but if there was a way to do it using scripting that would be nice.
Also will this setting be placed somewhere in the war file so that on deploy of the application the setting will be picked up. This question comes from my lack of understanding of how jacl scripts work?
thanks
If you are only deploying the WAR file itself you can't control this, but if you have your WAR file in an EAR file you can use the deployment.xml solution. The deployment.xml file would look something like this:
<?xml version="1.0" encoding="UTF-8"?>
<appdeployment:Deployment xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI" xmlns:appdeployment="http://www.ibm.com/websphere/appserver/schemas/5.0/appdeployment.xmi" xmi:id="Deployment_1347529484613">
<deployedObject xmi:type="appdeployment:ApplicationDeployment" xmi:id="ApplicationDeployment_1347544766353" startingWeight="99" warClassLoaderPolicy="SINGLE">
<modules xmi:type="appdeployment:WebModuleDeployment" xmi:id="WebModuleDeployment_1347543866613" startingWeight="1" uri="YourWebApp.war" classloaderMode="PARENT_LAST"/>
<classloader xmi:id="Classloader_1347543866613" mode="PARENT_LAST"/>
</deployedObject>
</appdeployment:Deployment>
Once you are done all you need to do is to add the file in the correct location of your EAR project build assuming you are using src/main/application that would be src/main/application/META-INF/ibmconfig/cells/defaultCell/applications/defaultApp/deployments/defaultApp/deployment.xml and build the EAR using Maven as normal.
During server deployment this will be picked up by WAS.
AFAIK there is no way to preconfigure WAR for PARENT_LAST during assembly. Classloading policy is specified during deployment, thus the way of setting it depends on how application is deployed.
Changing the policy using the script is straightforward. Scripts are run using wsadmin tool. The Jython snippet below does the job. It can easily be converted to Jacl.
dep = AdminConfig.getid('/Deployment:app_name/')
depObject = AdminConfig.showAttribute(dep, 'deployedObject')
classldr = AdminConfig.showAttribute(depObject, 'classloader')
AdminConfig.modify(classldr, [['mode', 'PARENT_LAST']])
AdminConfig.save()
Websphere uses deployment.xml file to govern deployment setting of each module in an ear file. You can change the classloader setting in deployment.xml at the following path:
/MyTestEAR/META-INF/ibmconfig/cells/defaultCell/applications/defaultApp/deployments/defaultApp/deployment.xml
I do not know how you can configure that in Maven.

Setting osgi.configuration.area breaks my Equinox OSGI app

I have an application which uses Equinox as an osgi framework for a while now. Until now I used the system property osgi.install.area to specify where my bundles are like so
${osgi.install.area}/
plugins/
org.eclipse.osgi_3.7.0.v20110613.jar
... my app bundles
Equinox then automatically uses ${osgi.install.area}/configuration as the configuration area.
Everything works fine.
Now I need to move the configuration area out of ${osgi.install.area} because that may be read-only and I thought it was as simple as setting ${osgi.configuration.area} to a suitable path but when I do this the application no longer starts and I have the following stack trace in the logs:
java.lang.IllegalStateException: Unable to acquire application service. Ensure that the org.eclipse.core.runtime bundle is resolved and started (see config.ini).
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:74)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:344)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:179)
at org.eclipse.core.runtime.adaptor.EclipseStarter.main(EclipseStarter.java:150)
...
The path is used because at that location the log file is created and a directory "org.eclipse.osgi".
Paths to bundles are referenced in my config.ini like so:
osgi.bundles=de.mycomp.app-0.6.0.20121116-1834.jar#start, ...
The error message does not really give a hint where to look. It must be something rather simple but I am rather clueless at the moment.
Thanks in advance,
Robert
I tested changing the configuration area an existing osgi app and it worked, with the following argument below in the .ini file in the root of the install. Are you sure you are setting the config param correctly like this:
-Dosgi.configuration.area=c:\mytest
After doing that and running the app again, it created the folder and a new configuration.
Here is a copy of my .ini file that works, also it's important that osgi params come after and vm args.
-loglevel=trace
-vmargs
-Dosgi.configuration.area=c:\mytest
-Dorg.osgi.service.http.port=8094
-Declipse.ignoreApp=true
-Dosgi.noShutdown=true
-Dequinox.ds.print=true

JDBC Driver class not found: oracle.jdbc.OracleDriver

I have installed a third party java webservice which uses Oralce jdbc thin driver to write data into Oracle database. When i run this, i get the following error;
JDBC Driver class not found: oracle.jdbc.OracleDriver
I have oracle installed and set classpath variable to following value:
*D:\oracle\product\10.2.0\client_1\jdbc\lib\classes12.jar;D:\oracle\product\10.2.0\client_1\jdbc\lib\classes12.zip;D:\oracle\product\10.2.0\client_1\jdbc\lib\ojdbc14.jar;D:\oracle\product\10.2.0\client_1\jdbc\lib\ojdbc14.zip;C:\Program Files\Java\jdk1.7.0\jre\lib\rt.jar*
and path variable to following value;
*D:\oracle\product\10.2.0\client_1\bin;C:\Program Files\Java\jdk1.7.0\bin\;D:\oracle\product\10.2.0\client_1\jdbc\lib\classes12.jar;D:\oracle\product\10.2.0\client_1\jdbc\lib\classes12.zip;D:\oracle\product\10.2.0\client_1\jdbc\lib\ojdbc14.jar;D:\oracle\product\10.2.0\client_1\jdbc\lib\ojdbc14.zip*
Any suggestion why web service is not able to identify jdbc driver?
Thanks
I know 2 ways of turning Java app into Windows service and both do not use CLASSPATH. One is Java Service Wrapper by Tanuki Software. This tool uses wrapper.conf where you can show directories with .jar libraries:
# Java Classpath (include wrapper.jar) Add class path elements as
# needed starting from 1
wrapper.java.classpath.1=c:\jars\*
wrapper.java.classpath.2=myservice.jar
Second tool I know is JSL: Java Service Launcher. In this tool there is jsl.ini where you put command line to run your server. It can use java with -cp option to show location of .jar libraries:
[defines]
MY_LIBS=d:\jars\*
AXIS_LIBS=d:\axis2-1.5.4\lib\*
CLASSPATH=.;%MY_LIBS%;%AXIS_LIBS%
export = CLASSPATH
...
[java]
...
cmdline = -Dfile.encoding=utf8 -cp %CLASSPATH% example.my.server
In both configuration you can use * to add all .jar files or you can show those files one by one (just like in CLASSPATH).
At first you should know what Windows is trying to execute. Check it in the service properties page. Then try to localize its configuration. If it uses one of tools I know then you know what to change. Other tools probably have similar configuration.
Method 1:
Download ojdbc.jar
add ojdbc6.jar to deployment assembly.
Right click on project->properties->select deployment assembly->click on 'Add'
->select 'Archives from File System'->browse to the folder where ojdbc6.jar is saved.->add the jar->click finish->Apply/OK.
Method 2:
if you want to add ojdbc.jar to your maven dependencies you follow this link:
http://www.mkyong.com/maven/how-to-add-oracle-jdbc-driver-in-your-maven-local-repository/
.
.
Even if you're using a maven project it is not necessary to add ojdbc to maven dependencies(method 2), method 1 (adding directly to deployment assembly) works just fine.
Make sure you have the ojdbc jar file (make sure you are using the correct one because depending on java version you may need to choose a different one).
use ojdbc14.jar for Java 1.4
use ojdbc5.jar for Java 1.5
ojdbc6.jar for Java 1.6
here is linke where you can download ojdbc6.jar file
http://www.oracle.com/technetwork/database/enterprise-edition/jdbc-112010-090769.html
You also have to add the jdbc jar to your server classpath. if tomcat, rigth-click on your Project->run as->run configurations, click on classpath and add your jdbc jar in Add external jars option
add ojdbc-6.jar to your lib directory of tomcat installation. Maven will downlowd this jar for you in .m2 directory, but you need to have this jar in tomcat lib as well.

Resources