xa-data-source add \
--name=MyDS \
--driver-name=h2 \
--jndi-name=java:jboss/datasources/MyDS \
--user-name=sa \
--password=sa \
--xa-datasource-properties={ \
"URL" => "jdbc:h2:/tmp/localtxtest;AUTO_SERVER=TRUE"}
Entries tagged [wildfly]
JDBC chunk oriented processing with jberet.local-tx
TweetPosted on Saturday Feb 21, 2015 at 11:40PM in Technology
As following URL said, in my understanding, each open, read, write and close of every JDBC resources (Connection, Statement and ResultSet) needs to be in it’s own transaction.
There are open and close methods in ItemReader and ItemWriter interface. these methods looks like good to create and dispose JDBC resources such as Connection, Statement and ResultSet but we can’t go that way due to the JSR352 spec. before invocation of these methods, the framework starts a transaction, then commits a transaction after invocation finished. according to preceding URL said, these resources become unusable at readItem and writeItems method because these resources were created in another transaction.
It’s terrible to do open a cursor again and again at start of every chunk processing. to overcome this problem, JBeret supplied an implementation specific parameter named jberet.local-tx. so I created a sample batch project to test that parameter. my test was done with WildFly 8.2.0.Final.
How the batch works
Entire project can be obtained from my GitHub repository. the batch has 2 steps as follows:
-
prepare: createsSRCandDESTtable, and insert 100 rows intoSRCtable. refer source of Batchlet for details. -
test: loads data fromSRCtable, then simply writes data intoDESTtable as is using chunk oriented processing. this step has a propertyjberet.local-txwithtruevalue.MyItemReadercreates and disposes JDBC resources inopenandclosemethod. refer source of MyItemReader and MyItemWriter for details.
How to run the batch
-
Define a H2 DataSource
-
Deploy the project
-
Access http://localhost:8080/localtxtest-1.0-SNAPSHOT/ to launch the batch through the Servlet which mapped at
/ -
Look your database to the check batch works expectedly
Notes
Actually, the problem ARJUNA016087 warning is disappeared in latest WildFly 8.2.0.Final without using jberet.local-tx. but I don’t know whether it is intended to fix or simply by chance still. I’ll keep looking further of this discussion.
jconsole.sh in WildFly 8.2.0.Final doesn't work
TweetPosted on Thursday Feb 12, 2015 at 10:06AM in Technology
Environment
-
WildFly 8.2.0.Final
Problem
A shell script $WILDFLY_HOME/bin/jconsole.sh is shipped with WildFly to launch JConsole with an additional jar to connect to WildFly instance, but it doesn’t work. as reported in this issue, it made wrong classpath.
Workaround
Launch $JAVA_HOME/bin/jconsole directly instead with an additional parameter as follows:
jconsole -J-Djava.class.path=$JAVA_HOME/lib/jconsole.jar:$JAVA_HOME/lib/tools.jar:/Users/kyle/servers/wildfly-8.2.0.Final/bin/client/jboss-cli-client.jar
Enabling SSL for Apache/WildFly
TweetPosted on Monday Feb 09, 2015 at 05:56PM in Technology
Environment
-
WildFly 8.2.0.Final
-
httpd-2.2.15-39.el6.centos.x86_64
-
CentOS 6.5
Put SSL related files
-
public.crt: begins with
BEGIN CERTIFICATE -
intermediate.crt: begins with
BEGIN CERTIFICATE -
private.key: begins with
BEGIN RSA PRIVATE KEY
Edit /etc/httpd/conf.d/ssl.conf
SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCertificateFile /usr/local/ssl/public.crt SSLCertificateKeyFile /usr/local/ssl/private.key SSLCertificateChainFile /usr/local/ssl/intermediate.crt SSLPassPhraseDialog exec:/usr/local/ssl/passphrase.sh
Put passphrase.sh
#!/bin/sh echo "put the passphrase here"
Define an ajp-listener
Execute following command with jboss-cli:
/socket-binding-group=standard-sockets/socket-binding=https-external:add(port=443) /subsystem=undertow/server=default-server/ajp-listener=myListener:add(socket-binding=ajp, redirect-socket="https-external", enabled=true)
Put /etc/httpd/conf.d/jk.conf
<VirtualHost *:80> ProxyPass / ajp://localhost:8009/ ProxyPassReverse / http://www.example.org/ </VirtualHost>
Put following inside VirtualHost element of /etc/httpd/conf.d/ssl.conf
ProxyPass / ajp://localhost:8009/ ProxyPassReverse / https://www.example.org/
Configuring WildFly as a standalone HTTP/HTTPS server
TweetPosted on Sunday Feb 08, 2015 at 12:23PM in Technology
Environment
-
WildFly 8.2.0.Final
Requirement
-
WildFly runs as a regular user owning process
-
WildFly listens port 8080 and 8443
-
iptables forwards 80 and 443 to ports of WildFly is listening
-
Record combined
access_logequivalent on http/https listener -
Gzip compression enabled
Defining SSL listener
-
Set
httpsport to8443/socket-binding-group=standard-sockets/socket-binding=https:write-attribute(name=port, value="${jboss.https.port:8443}") -
Put your Java KeyStore in
$WILDFLY_HOME/standalone/configuration/mykeystore.jks -
Create a security realm named
CertificateRealm/core-service=management/security-realm=CertificateRealm:add /core-service=management/security-realm=CertificateRealm/server-identity=ssl:add( \ keystore-path="mykeystore.jks", \ keystore-relative-to="jboss.server.config.dir", \ keystore-password="PASSPHRASE")
-
Create a https listener:
/subsystem=undertow/server=default-server/https-listener=myHttpsListener:add( \ socket-binding="https", \ security-realm="CertificateRealm")
Defining a socket binding for HTTP ⇒ HTTPS redirection
As default WildFly redirects to 8443 port when client attempt to enter confidential area because WildFly listen to it but in my case client needs to be redirected to port 443 instead of 8443. so I need to tell WildFly to send redirects to 443 not 8443.
/socket-binding-group=standard-sockets/socket-binding=https-external:add(port=443) /subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=redirect-socket,value="https-external")
Configuring WildFly to listen 0.0.0.0
/system-property=jboss.bind.address:add(value=0.0.0.0)
Defining combined access_log equivalent
/subsystem=undertow/server=default-server/host=default-host/setting=access-log:add
/subsystem=undertow/server=default-server/host=default-host/setting=access-log:write-attribute(name=pattern, value="%h %l %u [%t] \"%r\" %s %b \"%{i,Referer}\" \"%{i,User-Agent}\"")
Enabling gzip compression
/subsystem=undertow/configuration=filter/gzip=gzipFilter/:add
/subsystem=undertow/server=default-server/host=default-host/filter-ref=gzipFilter:add(\
predicate="exists['%{o,Content-Type}'] and regex[pattern='(?:application/javascript|text/css|text/html|text/xml|application/json)(;.*)?', value=%{o,Content-Type}, full-match=true]")
Also sending Vary: Accept-Encoding is better for proxies. conditional insertion is best, but an issue reported about it at present time, so I’d go constant insertion this time.
/subsystem=undertow/configuration=filter/response-header=vary-header:add(header-name="Vary", header-value="Accept-Encoding") /subsystem=undertow/server=default-server/host=default-host/filter-ref=vary-header:add
Configuring iptables redirection
An example of /etc/sysconfig/iptables:
*nat :PREROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination :8080 -m comment --comment "HTTP" -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination :8443 -m comment --comment "HTTPS" -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to-destination :10025 -m comment --comment "SMTP" -A PREROUTING -i eth0 -p tcp --dport 465 -j DNAT --to-destination :10465 -m comment --comment "SMTPS" -A PREROUTING -i eth0 -p tcp --dport 993 -j DNAT --to-destination :10993 -m comment --comment "IMAPS" COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -m comment --comment "SSH" -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -m comment --comment "HTTP" -A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT -m comment --comment "HTTPS" -A INPUT -m state --state NEW -m tcp -p tcp --dport 10025 -j ACCEPT -m comment --comment "SMTP" -A INPUT -m state --state NEW -m tcp -p tcp --dport 10465 -j ACCEPT -m comment --comment "SMTPS" -A INPUT -m state --state NEW -m tcp -p tcp --dport 10993 -j ACCEPT -m comment --comment "IMAPS" COMMIT
Registering PostgreSQL JDBC driver & datasource on WildFly
TweetPosted on Monday Jan 26, 2015 at 07:35AM in Technology
Registering JDBC driver as a module:
module add \ --name=org.postgresql \ --resources=/tmp/postgresql-9.3-1102.jdbc41.jar \ --resource-delimiter=, \ --dependencies=javax.api,javax.transaction.api
Registering JDBC driver which is referencing a module:
/subsystem=datasources/jdbc-driver=postgresql:add(driver-name=postgresql, \ driver-module-name=org.postgresql, \ driver-class-name=org.postgresql.Driver, \ driver-datasource-class-name=org.postgresql.ds.PGSimpleDataSource, \ driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource)
Registering datasource
data-source add \ --name=MyDS \ --driver-name=postgresql \ --jndi-name=java:jboss/jdbc/MyDS \ --user-name=wildfly \ --password=**** \ --valid-connection-checker-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker \ --exception-sorter-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter \ --connection-url=jdbc:postgresql://localhost:5432/wildfly
Registering XA datasource
xa-data-source add \
--name=MyDS \
--driver-name=postgresql \
--jndi-name=java:jboss/jdbc/MyDS \
--user-name=wildfly \
--password=****\
--valid-connection-checker-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker \
--exception-sorter-class-name=org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter \
--xa-datasource-properties={ \
"ServerName" => "localhost", \
"PortNumber" => "5432", \
"DatabaseName" => "wildfly"}
Testing connection:
/subsystem=datasources/xa-data-source=MyDS:test-connection-in-pool
References