In Windows, I'm looking at JBoss security features, let's say you modified the standalone.xml and defined your security domains and everything is in place, what stops a user on the host where JBoss is running to modify your settings, restart JBoss and have access to everything in your applications?
Ultimately, there is nothing to stop this.
Therefore, you need to:
secure the data
perhaps use version control mechanisms, so you can see what has changed, when it changed and who did it.
Similarly you will need to stop attackers (for example) deploying their own ear files to something untrustworthy
Related
I have deployed applications in Websphere 8.5, and I want to modify web.xml, but it seems not working. What I am supposed to do?
While there are documented ways of updating enterprise application files, those were conceived for multi-server deployments and partly are legacy of the previous decade of monster application servers. They are inconvenient for making changes to local development server and it wastes a lot of time.
Upon application deployment, WAS creates (copies/updates) deployment descriptors in the config directory. Then web.xml is used from that location.
You are probably changing web.xml in the location where original application files are kept, thus no effect. You should change the one in config\cells\<cell_name>\applications\<ear_name>\deployments\<app_name>\<war_name>\WEB-INF.
WebSphere writes a second file named web_merged.xml. If you only update the web.xml and replace it you will not update the runtime file used by the container.
Best result I had was using the single file upload function provided within the Admin console or to use the wsadmin or jacl cmd.
The proper way is to update application via console/script.
But I'm assuming you are editing file directly (very hard to guess from your description, I've asked you to describe your procedure).
You need to restart the application to pick up changes in web.xml. See the Hot deploy in WAR files
Two ways:
Update web.xml with WebSphere Web Console
Update web_merged.xml at the same time, and also update the two files in config\cells\<cell_name>\applications\<ear_name>\deployments\<app_name>\<war_name>\WEB-INF
I am adding some things in an existing Android app, which connects to a Apache Tomcat server to get information from a database, but some of the changes required that I also make minor changes on the webapp (changing some database fields).
I had never used tomcat, but managed to do the simple changes here and there.
But when I deployed it, I noticed some errors(see the photo).
How can I fix them ?
The app works regardless of them, but the server takes a few more seconds to start up.
P.S.I read somewhere that this means that the server already has these libs, and doesnt need to use the ones from the lib folder of the app ?
I have multiple applications that share common jars, so I decided to put them in the shared library and add a reference to all the applications.
Now the problem is that when I make a change in one of the jars and put them back I have to re start the server.
The weird thing is that I have to do that on my local system and not on the shared server, i was trying to find the setting that will allow me to upload the jar and see the effect with out restarting the server.
One of the blogs says it it not possible but on the shared server it happens so I am sure it is definitely possible.
Please advice what can be done here.
thanks
It sounds like you've configured the shared library to be a part of the server's classpath. Any JARs on the server classpath are only loaded once on server startup. Changes to these JARs require a full server restart.
Libraries that are added to the application's classpath can be reloaded dynamically. The application will still need to restart when the JAR gets changed but that's a much lighter operation and WAS will often automatically detect a file system change and restart the affected applications.
Check how you've configured your shared library to make sure it's being loaded on the application classpath.
I am here to get some expert advice on deploying applications to WebLogic Production Server.
Is it a best practice to use Admin Server Console for deploying and redeploying applications in production. Actually I am deploying to a cluster having two managed server instances.
I have encountered this issue while i am redeploying application in the production. When i am deleting existing .ear file and adding updated .ear file will put the updated .ear file into prepared state. I can not make it Active state using Admin Server Console. If i try it will through some exceptions. But after some time it automatically goes in to active state, but i don't know what is happening inside. Sometimes i restart the server to make it active. Could anybody explain me what is the procedure when deploying application and redeploying applications in weblogic
Thanks in advance for any Help...
Generally WLST (WebLogic Scripting Tool) is used to deploy the applications. Administration Console can also be used to deploy/upgrade the applications but if there are many environments that need to be upgraded then WLST (which works like a command line tool) is much better option.
Get an overview of WLST to know how to use it to deploy/undeploy/upgrade applications.
Check out "Understanding WebLogic Server Deployment" and the "Redeploying Applications in a Production Environment". There are different factors that affect redeployment of an application which you might be running into.
http://docs.oracle.com/cd/E23943_01/web.1111/e13702/understanding.htm#i1057116
http://docs.oracle.com/cd/E23943_01/web.1111/e13702/redeploy.htm#g1039635
Additionally, there is a WebLogic Plug-in for Maven in more recent WebLogic releases that you can use for deployments in conjunction with Maven.
I installed a java web service on a machine that accesses an Oracle DB via JDBC on the same network. The service was functioning fine for several months until this morning when I installed another applicaiton that access the database using ODP.NET. I'm trying to figure out what went wronge to cause the ORA-01017 exceptions that I'm getting. This generally means that the login credentials are invalid, but the login credentials haven't changed. I also verified it the service's log4j output that it is indeed still trying to connect to the DB correctly.
I realize I don't have much to go off of here, but I'm trying to figure out what other dependencies that. The web service came packaged with ojdbc14.jar, so that tells me that it targets java1.4, but presumably would work fine in later java versions. Not too sure about it working with later java versions, however, it was working fine until today.
Does OJDBC rely on tnsnames.ora. If it depends on how the service uses OJDBC, then I'm not sure which it is doing. I suppose it's possible I deleted the tnsnames.ora, but that is a bit of a longshot. I also tried manging Apache Tomcat (running on Win Server 2003 x64) to target different java jvm versions, but to no avail. It was initially targeting the default jvm.
Are there other dependencies that I've missed here, or any diagnostic measures I could try? THe same web service is running on another machine on the same network which I am pretty sure is configured exactly the same. Again, it was working on both machines until today, and is now just working on the one.
Tomcat targets JDK 7.
Looks like replacing ojdbc14.jar with ojdbc6_g.jar did the trick. No idea why it was the case only for 1 of the 2 machines. ojdbc6 targets JDK 6, but ojdbc14 did, and should have continued to work. If anyone has any additional insight here, let me know.