JBoss in Action is the first book to focus on teaching readers in detail how to use the JBoss application server. Unlike other titles about JBoss, the authors of JBoss in Action go deeper into the advanced features and configuration of the server. In particular, it focuses on enterprise-class topics, such as high availability, security, and performance.
This book walks readers through the JBoss 5 Application Server from installation to configuration to production development. It shows how to configure the server's various component containers such as the JBoss Web Server, the EJB 3 server, and JBoss Messaging. It also provides detailed insight into configuring the various component services such as security, performance, and clustering. Beyond coverage of the core application server, the book also teaches how to use some of the ''hot'' technologies that run on top of the application server, such as Jboss Seam and JBoss Portal.
The authors, both seasoned professional experts at developing and administering JBoss, provide meaningful explanations and background on many topics which they tie in with their own practical, real-world advice from their collective experience. These uniquely comprehensive explanations and the wide coverage provided in this book surpass any other content currently available in any other book, article, or documentation on the subject.
JBoss......Page 1
brief contents......Page 4
contents......Page 6
about the cover illustration......Page 27
preface......Page 15
acknowledgments......Page 18
about this book......Page 20
Roadmap......Page 21
Source code conventions and downloads......Page 23
On versions of JBoss middleware......Page 24
About the authors......Page 25
About the title......Page 26
The JBoss Application Server......Page 29
Vote for JBoss......Page 31
1.1.1 What is JBoss?......Page 32
1.1.2 Exploring the JEMS lineup......Page 34
1.1.3 Why is JBoss AS so popular?......Page 35
1.2 Installing JBoss Application Server......Page 37
1.2.1 Preparing for the installation......Page 38
1.2.3 Using the JEMS Installer......Page 39
1.3.1 The bin directory......Page 41
1.3.2 The client directory......Page 42
1.3.5 The server directory......Page 43
1.3.6 Understanding server configurations......Page 44
1.3.7 Exploring the configuration structure......Page 45
1.3.8 Customizing your configuration......Page 47
1.4.1 Starting the server......Page 48
1.4.2 Starting an alternative configuration......Page 49
1.4.3 Verifying that the server is running......Page 50
1.5 Deploying to the server......Page 51
1.5.1 Creating the application......Page 52
1.5.2 Deploying the application......Page 53
1.5.3 Undeploying the application......Page 54
1.7 References......Page 55
Managing the JBoss Application Server......Page 56
2.1.1 Understanding the microcontainer......Page 57
2.1.2 Understanding JMX......Page 59
2.2 Configuring the application server......Page 61
2.2.1 Configuring logging......Page 62
2.2.2 Configuring directory locations......Page 65
2.2.3 Defining system properties......Page 67
2.3.1 Using the JMX Console......Page 68
2.3.2 Using the twiddle utility......Page 70
2.4 Examining interesting MBeans......Page 71
2.4.2 Viewing the JNDI namespaces......Page 72
2.4.3 Changing the logging levels......Page 73
2.6 References......Page 74
Deploying applications......Page 75
3.1.1 Deploying an application......Page 76
3.1.2 Understanding application packaging......Page 77
3.1.3 Understanding application types......Page 78
3.1.5 Deployment configuration options......Page 80
3.2.1 Understanding multiple class loaders......Page 83
3.2.2 Scoping classes......Page 84
3.2.3 Understanding loader repositories......Page 85
3.3.1 Class not found exception......Page 86
3.3.2 Duplicate JAR files......Page 87
3.3.4 Class cast exception......Page 88
3.4.1 Deploying data sources......Page 89
3.4.2 Deploying a Hibernate archive......Page 95
3.6 References......Page 100
Securing applications......Page 101
4.1 Understanding security......Page 102
4.1.1 Understanding application security......Page 103
4.1.2 Understanding authentication......Page 104
4.1.3 Understanding authorization......Page 105
4.1.4 Configuring security......Page 106
4.1.5 Dynamic login configuration......Page 108
4.1.6 Logging security on the server......Page 109
4.2.1 Understanding symmetric and asymmetric encryption......Page 110
4.2.2 Understanding certificates and source authentication......Page 112
4.2.3 Creating and signing certificates......Page 113
4.2.5 Understanding certificate-based client authentication......Page 115
4.2.6 Configuring an SSL-aware security domain......Page 118
4.3 Configuring login modules......Page 119
4.3.1 Using the file-based login module......Page 120
4.3.2 Using the database login module......Page 122
4.3.3 Using the LDAP login module......Page 123
4.3.5 Stacking login modules......Page 130
4.3.6 Using the client certificate login module......Page 132
4.5 References......Page 133
Application services......Page 135
Configuring JBoss Web Server......Page 137
5.1.1 Understanding the web application structure......Page 138
5.1.2 Understanding web application configuration......Page 139
5.2.1 Locating key directories......Page 143
5.2.2 Exploring JBoss Web Server Configuration......Page 144
5.2.3 Exploring the WAR deployer configuration file......Page 147
5.3 Configuring URL paths......Page 148
5.3.1 Enabling virtual hosts......Page 149
5.3.2 Configuring context paths......Page 151
5.3.3 Changing the root context path......Page 153
5.4 Configuring connectors......Page 154
5.4.1 Understanding connector configuration......Page 156
5.5 Configuring web class loading......Page 157
5.6 Using valves......Page 158
5.7 Configuring JavaServer Faces......Page 160
5.8 Summary......Page 161
5.9 References......Page 162
Securing web applications......Page 163
6.1 Configuring web security......Page 164
6.1.1 Configuring security in web.xml......Page 165
6.1.3 Configuring security in server.xml......Page 167
6.2 Authenticating users......Page 168
6.2.1 Understanding the web authentication strategies......Page 169
6.2.2 Basic authentication......Page 170
6.2.3 Form-based authentication......Page 172
6.2.4 Digest authentication......Page 173
6.3.1 Configuring authorization......Page 174
6.3.2 Allowing access to any authenticated user......Page 175
6.4.1 Enabling HTTPS......Page 176
6.4.2 Enabling transport guarantees......Page 178
6.4.3 Enabling mutual authentication......Page 180
6.4.4 Creating browser certificates......Page 181
6.5 Enabling client-certificate authentication......Page 182
6.5.3 Specifying the JaasSecurityDomain MBean......Page 183
6.5.5 Pointing to the security domain from the application......Page 184
6.5.7 Adding principals and roles to the authorization datastore......Page 185
6.5.9 Creating a browser certificate......Page 186
6.7 Summary......Page 187
6.8 References......Page 188
Configuring enterprise applications......Page 189
7.1 Understanding EJBs......Page 190
7.1.1 Understanding session beans......Page 192
7.1.2 Understanding Hibernate and JPA......Page 193
7.1.3 Understanding enterprise packaging......Page 194
7.2 Creating an EJB application......Page 195
7.2.1 Coding the example application......Page 196
7.2.2 Packaging and running the example application......Page 199
7.3.1 Where does everything go?......Page 200
7.3.2 Configuring EJB applications......Page 201
7.3.3 Configuring the EJB server......Page 204
7.4.1 Changing the JNDI binding......Page 205
7.4.3 Configuring EJB containers......Page 207
7.5.1 Injecting Hibernate objects......Page 210
7.5.2 Deploying Hibernate mappings......Page 211
7.6.1 Creating a service object......Page 212
7.6.2 Running the sample application......Page 214
7.6.3 Accessing MBeans without injection......Page 215
7.7.1 Understanding transport configuration......Page 216
7.7.2 Changing the transport......Page 218
7.8 Securing EJBs......Page 219
7.8.1 Securing EJBs via annotations......Page 220
7.8.2 Securing EJBs via configuration......Page 222
7.8.3 Nonintegrated security......Page 223
7.8.4 Securing EJB communication......Page 225
7.9 Summary......Page 227
7.10 References......Page 228
JBoss Messaging......Page 229
8.1.1 Understanding messaging system architectures......Page 230
8.1.2 Understanding the messaging models......Page 231
8.1.3 Understanding the JMS API......Page 232
8.1.4 Understanding the JBoss Messaging architecture......Page 234
8.2.1 Coding the example application......Page 235
8.2.2 Packaging and running the example application......Page 241
8.3 Using message-driven beans......Page 242
8.3.1 Creating an MDB......Page 243
8.3.2 Packaging an MDB......Page 245
8.3.3 Using a descriptor file with an MDB......Page 246
8.4.1 Implementing a message-driven POJO consumer......Page 247
8.4.2 Implementing a message-driven POJO producer......Page 249
8.5 Configuring JBoss Messaging......Page 250
8.5.1 Configuring a data source......Page 251
8.5.2 Configuring access control......Page 252
8.5.3 Configuring destinations......Page 255
8.5.4 Updating the application......Page 256
8.5.5 Running the modified example......Page 257
8.5.7 Configuring secure message transport......Page 258
8.6 Summary......Page 261
8.7 References......Page 262
Configuring Web Services......Page 263
9.1 Understanding Web Services......Page 264
9.1.2 Understanding SOAP binding styles......Page 265
9.2.1 Coding the web service......Page 266
9.2.2 Packaging the web service......Page 267
9.2.3 Manually generating the WSDL......Page 268
9.2.4 Developing a web service using the top-down strategy......Page 269
9.2.5 Developing the client......Page 270
9.2.6 Developing a C# client......Page 272
9.2.7 Revisiting the SOAP binding styles......Page 273
9.3.1 Understanding the WebContext annotation......Page 274
9.3.2 Understanding the EndpointConfig annotation......Page 276
9.4.1 Authorizing web service access......Page 277
9.4.2 Defining the security realm......Page 278
9.5 Encrypting SOAP messages......Page 280
9.5.1 Generating the certificate......Page 281
9.5.2 Securing the server using WS-Security......Page 282
9.5.3 Securing the client using WS-Security......Page 284
9.5.4 Signing the messages using WS-Security......Page 286
9.7 References......Page 288
JBoss Portal......Page 289
The JBoss Portal and portlets......Page 291
10.1 Introducing the JBoss Portal......Page 292
10.1.2 Understanding portal terminology......Page 293
10.1.3 Installing the JBoss Portal......Page 294
10.1.4 Administering the JBoss Portal......Page 296
10.2.1 Coding the Image portlet......Page 298
10.2.2 Coding the JSP-related source files......Page 303
10.2.3 Understanding the portlet descriptors......Page 307
10.2.4 Building and deploying the portlet......Page 310
10.3.1 Creating an instance using the portlet-instance.xml file......Page 311
10.4.1 Declaring a portlet window using the *-object.xml file......Page 312
10.4.2 Declaring a portlet window using the Admin portlet......Page 313
10.6 References......Page 316
Configuring the JBoss Portal......Page 317
11.1 Configuring window appearance......Page 318
11.1.1 Configuring window appearance using *-object.xml......Page 319
11.2 Working with multiple windows and instances......Page 320
11.2.1 Configuring multiple instances and windows using the descriptor files......Page 321
11.3 Working with the CMS portlet......Page 323
11.3.1 Gathering example CMS data......Page 324
11.3.2 Displaying the new content......Page 325
11.3.3 Accessing CMS content......Page 326
11.4.1 Creating a new account......Page 327
11.4.2 Managing roles......Page 328
11.4.3 Understanding access control......Page 329
11.5.2 Making the proposal......Page 336
11.5.3 Defining the portal......Page 337
11.5.4 Customizing the theme......Page 340
11.5.5 Customizing CMS content......Page 343
11.5.6 Packaging the portal......Page 344
11.6 Summary......Page 346
Going to production......Page 347
Understanding clustering......Page 349
12.1.1 Load balancing......Page 350
12.1.2 Cluster topology and makeup......Page 353
12.1.3 Automatic discovery and multicasting......Page 355
12.1.4 High availability......Page 356
12.1.5 Replication and fault tolerance......Page 357
12.1.6 State passivation......Page 360
12.1.7 Distribution versus clustering......Page 361
12.2.1 Bringing up a JBoss cluster......Page 362
12.2.2 Creating a clustered EJB......Page 364
12.2.4 Calling the clustered EJB......Page 365
12.3 Understanding JBoss clustering......Page 366
12.3.1 Understanding the JGroups architecture......Page 367
12.3.2 Configuring JBoss clustering services......Page 368
12.3.3 Configuring the protocol stack......Page 371
12.4 Configuring JBoss Cache......Page 374
12.4.1 Examining the JBoss Cache configuration files......Page 375
12.4.2 Deciding what to cache......Page 378
12.5 Summary......Page 379
12.6 References......Page 380
Clustering JBoss AS services......Page 381
13.1 HTTP load balancing......Page 382
13.1.1 Load balancing with native web servers......Page 383
13.2.1 Configuring replication......Page 384
13.2.2 Understanding session usage......Page 385
13.2.3 Using field-level replication......Page 387
13.2.4 Configuring passivation......Page 388
13.3 Clustering session beans......Page 389
13.3.1 Load balancing session beans......Page 390
13.3.2 Replicating stateful session beans......Page 391
13.4.1 Replicating the entity cache......Page 392
13.5.1 Understanding the HA-JNDI service......Page 395
13.5.2 Enabling HA-JNDI......Page 397
13.5.3 Accessing HA-JNDI......Page 398
13.5.4 Deciding whether to use HA-JNDI......Page 399
13.6 Summary......Page 400
13.7 References......Page 401
Tuning the JBoss Application Server......Page 402
14.1 Defining performance......Page 403
14.2.1 Holistic performance tuning......Page 404
14.2.2 Performance analysis test cycle......Page 405
14.3 Tuning the hardware and network......Page 407
14.3.1 Setting network card speed......Page 408
14.3.3 Choosing 32-bit or 64-bit......Page 409
14.4.1 Understanding processor affinity......Page 410
14.5 Tuning the JVM......Page 412
14.5.1 Understanding the Java heap......Page 413
14.5.2 Understanding garbage collection......Page 415
14.5.3 Gathering garbage collection data......Page 417
14.5.4 Choosing heap settings......Page 424
14.5.6 Exploring more tuning options......Page 425
14.6.1 Configuring data sources......Page 426
14.6.2 Configuring the HTTP request thread pool......Page 428
14.6.3 Tuning the JSP servlet......Page 429
14.7 Tuning your application......Page 430
14.7.2 Taking a thread dump......Page 431
14.8 Summary......Page 434
14.9 References......Page 435
Going to production......Page 436
15.1.1 Selecting a JVM......Page 437
15.1.2 Selecting a JBoss AS version......Page 438
15.1.3 Selecting a platform......Page 441
15.2.1 Preventing file clashes......Page 442
15.2.2 Preventing port clashes......Page 443
15.3 Removing unwanted services......Page 450
15.4 Securing the server applications......Page 451
15.4.3 Limiting access to the local machine......Page 452
15.5 Changing the default database......Page 453
15.5.1 Configuring the EJB3 timer service......Page 454
15.6 Starting the application server as a service......Page 455
15.6.1 Registering a service in Windows......Page 456
15.6.2 Registering multiple services......Page 457
15.6.3 Registering a service in Linux......Page 460
15.7 Configuring JSP compilation......Page 462
15.8 Summary......Page 463
15.9 Resources......Page 464
A.1 Understanding the enterprise naming context......Page 465
A.2 Examining the JNDI namespaces......Page 467
appendix B: Change is inevitable......Page 470
B.1.1 Installing and configuring Embedded Jopr......Page 471
B.1.2 JBoss Portal 2.7.0......Page 475
B.1.3 The common/lib directory......Page 476
B.1.5 The profile service repository......Page 477
B.1.7 References......Page 479
A......Page 481
C......Page 482
E......Page 483
I......Page 484
J......Page 485
L......Page 486
M......Page 487
P......Page 488
R......Page 489
S......Page 490
V......Page 491
Z......Page 492
back cover......Page 493
