Here
Contents
1. esee 3 3 Au thenticatirig EIETP Clients e cen tret rto i ee Pete e teer e tet 3 4 Authenticating EJB Clietits 45 ete etate dme tec tee er bec tort el tete 3 4 Setting INDL Pr petties 555i teo toe rette e beet ine en Ha ee ve adiectis 3 4 No NDIPrOperties 55e ooa e Sd Eat a eed pado qiti asa 3 4 JNDIProperties File ie aene e EG D rette rette eria 3 4 JNDI Properties Within Implementation sese 3 5 Using the Initial Context Factory Classes sse eee enn 3 5 Authornzation nee ether tette tede diee t ete D eet 3 6 Specifying Logical Roles in a J2EE Application sssssssssessseeeeeerereneete 3 6 Mapping Logical Roles to Users and Groups sess eene nnns 3 7 Plugging In a User Manager nenne nennen enne ne nenne nennen 3 8 Using the JAZNUserManager Class eee eee eene nnne enne nnne nennen 3 8 Using the JAZNUserManager Class with the LDAP Based Provider Type 3 9 Using the JAZNUserManager Class with the XML Based Provider Type 3 10 Using the XMLUserManager Class sese eene nnne nnne nn nenenen 3 10 Creating Your Own User Managen neierens cen eene ee enne nente nennen 3 11 Confidentiality Through SSL sse RE nter tenente tenentes 3 13 Overview of Using SSL for OC4J Standalone sse eee een 3 13 Overview of SSL Keys and Certificates ssssssssss2. socket backlog The number of connections to queue up before denying connections at the socket level The default is 30 a value The maximum number of connections lt metric collector gt The lt metric collector gt element specifies that OC4J sends a metric between 0 and 100 inclusive to mod_oc4j so that mod_oc4j can make routing decisions to load balance incoming requests to a list of available OC4 instances The metric sent has a relative value only where 0 means that the OC4J instance is very busy and 100 means that the OC4J instance is available not busy When configured for metric load balancing mod 0c4j routes first to the OC4J instance with the greater value The metric sent from OC4J to mod 0c4j is used only when metric based load balancing is specified for mod 0c4j and when OC4J runs in an Oracle Application Server environment If you specify metric based load balancing in mod_oc4j and do not specify the metric collector element in server xml then mod oc4j expects OC4J to send metrics but OC4J does not send metrics In this case mod 0c4 j reports the following warning message No run time metrics for oc4j opmnid s in notification Oc4jSelectMethod is configured to use run time metrics please make sure OCAJ side is configured accordingly Default to 50 In this case mod 0c4 j uses the value 50 for each of the OC4J processes and continues Likewise if you specify the lt metric collector gt e
3. You can have both the ODL and text logging turned on To save on disk space you should turn off one of these options If you decide to enable ODL logging turn off the text logging functionality by commenting out the lt file gt subelement of the 10g element for all XML files except the http web site xml file For the http web site xml file turn off the text logging by commenting out the access log element Redirecting Standard Out and Standard Error Many developers use the System out println and System err println methods in their applications to generate debug information Normally the output from these method calls are printed to the console where the OC4J process is started However you can specify command line options when starting OC4J to direct the STDOUT and STDERR output directly to files The out and err parameters inform OC4J where to direct the error messages The following startup command includes and example of the out and err parameters java jar oc4j jar out d log files oc4j out err d log files oc4j err In this case all information written to STDOUT and STDERR is printed to the files d log files oc4j out and d log files oc4j err respectively OC4J Debugging OC4J provides several debug properties for generating additional information on the operations performed by the various sub systems of OC4J These debug properties can be set for a particular sub system while starting up OC4J No
4. secure true false If set to t rue the Web site is secure If set to false the Web site is not secure The default is false factory classname The new name of the SSLServerSocketFactory class if you are not using JSSE keystore path The new relative or absolute path to a keystore storepass password The new keystore password provider provider The new provider used if you are not using JSSE needs client auth true false Tf setto true a client that wants to access a J2EE Web site needs to identify itself with a digital certificate If set to false a client does not need to identify itself with a digital certificate The default is false DataSource And Application Options Table B 6 lists the application option subswitches for the admin jar command line tool The application takes in a name of an application before the subswitch command This name can be one of the following The global application name installed originally as default specified in the name attribute of the lt global application gt element in the server xml file a A specific application name defined within an application element in the server xml file This name while a string should not be enclosed in quotes For example the following command lists all data source objects defined java jar admin jar ormi oc4j host oc4j ormi port admin id admin password application default listDataSource Table B 6 Options For Application
5. Statement Caching You can cache database statements which prevents the overhead of repeated cursor creation and repeated statement parsing and creation In the DataSource configuration you enable JDBC statement caching which caches executable statements that are used repeatedly A JDBC statement cache is associated with a particular physical connection See Oracle9i JDBC Developer s Guide and Reference for more information on statement caching You can dynamically enable and disable statement caching programmatically through the setStmtCacheSize method of your connection object or through the stmt cache size XML attribute in the DataSource configuration An integer value is expected with the size of the cache The cache size you specify is the maximum number of statements in the cache The user determines how many distinct statements the application issues to the database Then the user sets the size of the cache to this number If you do not specify this attribute or set it to zero this cache is disabled 2 18 Oracle Application Server Containers for J2EE Standalone User s Guide Enabling OC4J Logging Example 2 2 Statement Caching The following XML sets the statement cache size to 200 statements data source stmt cache size 200 data source Task Manager Granularity The task manager is a background process that performs cleanup However the task manager can be expensive You can manage when the task ma
6. The application is removed from the OC4J runtime 1 16 Oracle Application Server Containers for J2EE Standalone User s Guide Undeploying Web Applications All bindings for the Web modules are removed from all the Web sites to which the Web modules were bound The application files are removed from both the applications and application deployments directories If you do not want these files to be removed use the keepFiles switch Configuration and Deployment 1 17 Undeploying Web Applications 1 18 Oracle Application Server Containers for J2EE Standalone User s Guide 2 Advanced Configuration and Development This chapter provides information for administering OC4J in standalone mode for development purposes Chapter 1 Configuration and Deployment discusses the easiest method for configuring developing and deploying a J2EE application However if you want to use other services such as JMS you must know how to manipulate the XML configuration files This chapter discusses the following topics a Overview of OC4J and J2EE XML Files Sharing Libraries Manually Adding Applications in a Development Environment Building and Deploying Within a Directory a OC4J Automatic Deployment for Applications Changing XML Files After Deployment Designating a Parent of Your Application Developing Startup and Shutdown Classes Setting Performance Options Enabling OC4J Logging a OC4 Debuggin
7. After starting the OC4J server you can administer the server using the admin jar command line tool which is located in lt install_directory gt j2ee home To use the admin jar command see the following syntax java jar admin jar ormi oc4j host oc4j ormi port admin id admin password options where the variables are as follows a oc4j_host oc4j_ormi_port The host name and port of the OC4 server from which you want to deploy the application The admin jar tool uses the OC4J Remote Method Invocation ORMI protocol to communicate with the OC4J server Therefore the host name and port identified by these variables are defined in the rmi xml file for the OC4J server to which you are directing the request The default port number for the ORMI protocol is 23791 Configure both the host name and port number if not using the default in the rmi xm1 file in the lt rmi server gt element as follows rmi server port oc4j ormi port host oc4j host a admin id admin password The administration identity and password Specify this identity and password for the OC4J server in its principals xml file Options for the OC4J Administration Management JAR on page B 26 discusses the options for this tool 1 4 Oracle Application Server Containers for J2EE Standalone User s Guide Starting and Stopping OC4J Restarting OC4J You can designate whether the task manager in OC4J automatically detects changes made to deployed appl
8. gt web site This step sets up a mode where OC4J accepts or rejects a client entity for secure communication depending on its identity The needs client auth attribute instructs OC4J to request the client certificate chain upon connection If the root certificate of the client is recognized then the client is accepted The keystore specified in the lt ss1 config gt element must contain the certificates of any clients that are authorized to connect to OC4J through HTTPS 4 Optionally specify each application in the Web site as shared The shared attribute of the web app element indicates whether multiple bindings different Web sites or ports and context roots can be shared Supported values are true and false default Sharing implies the sharing of everything that makes up a Web application including sessions servlet instances and context values A typical use for this mode is to share a Web application between an HTTP site and an HTTPS site at the same context path when SSL is required for some but not all of the communications Performance is improved by encrypting only sensitive information rather than all information If an HTTPS Web application is marked as shared then instead of using the SSL certificate to track the session the cookie is used to track the session This is beneficial in that the SSL certificiate uses 50K to store each certificate when tracking it which sometimes results in an out of mem
9. Additional Information This appendix contains complete information about the following topics Description of XML File Contents Elements in the server xml File Elements in the application xml File Elements in the orion application xml File Elements in the application client xml File Elements in the orion application client xml File Standalone OC4J Command Line Options and Properties OC4J System Properties Configuration and Deployment Examples Description of XML File Contents OC4J uses configuration and deployment XML files The following sections describe each of these files and their function OC4J Configuration XML Files This section describes the following XML files which are necessary for OC4J configuration server xml http web site xml jazn data xml principals xml data sources xml jms xml rmi xml server xml This file contains the configuration for the application server The server xml file is the root configuration file it contains references to other configuration files In this file specify the following Additional Information B 1 Description of XML File Contents Library path which is located in the application deployment descriptor Global application global Web application and default Web site served Maximum number of HTTP connections the server allows Logging settings Java compiler settings Transaction time out SMTP host Location of the data sources xml configuration Location
10. B 21 web site element 3 15 B 14 web uri element B 16 write access element B 21 A administration 1 5 admin jar command 1 14 admin jar tool B 26 administration 1 4 bind Web context 1 11 1 15 deploying 1 6 1 14 options B 27 register applications 1 11 restarting 1 5 shutdown 1 5 undeployment 1 16 usage example B 41 ANT 1 13 Apache Oracle HTTP Server 1 2 application binding 1 15 deployment 1 10 1 13 example 1 7 registration 1 10 undeployment 1 16 ApplicationClientInitialContextFactory 3 5 application client xml file element description B 22 example B 40 application xml file 1 12 3 9 3 12 authentication 3 2 element description B 14 example B 37 security 3 8 associateUsingThirdTable property B 35 authentication 3 1 3 2 authorization 3 2 3 6 automatic deployment enable 1 5 C command line options B 33 performance settings 2 16 compiler specifying B 10 confidentiality definition 3 2 configuration application xml file 1 12 data sources xml file 1 12 default 1 2 http web site xml file 1 10 1 12 1 13 server xml file 1 10 1 12 1 13 1 14 cookie domain 3 16 cookie domain attribute 3 16 createUser method 3 8 D DAS 3 9 data source default 1 9 emulated 1 9 DataSource interface 3 12 data sources xml file 1 12 pre installed definitions 1 9 DataSourceUserManager class 3 12 datasource verbose property B 36 DBEntityHomeDebug property B 3
11. OC4 Configuration XML Files neret nee mit rn tine ihre nee eee ie rns B 1 Server xml een e a e et RIETI pee e Nene B 1 http web sitexml ee pete setae nth a een iod nd he RU adhe tothe cg B 2 jazn data XM scsi iiti tenere tto deh tesi bede voa to ep b bnt te B 2 puncipals xml 5 ue ente nondom pee eis Lebe tis B 3 Aata SOurees xia ss eee Ohi ck eme eee e Move doce canes e Ae E REA B 3 GEIS ond MET MET B 3 uber B 3 JPEE Deployment XML Files erret e qe ate ee dene Sates ies B 4 The J2EE application xml File ee eee nece tete tte ee terr bei tet ie he B 4 The OC4J Specific orion application xml File eee B 4 The J2EE ejb jar xml File 5b n eec ne e dp ie iens B 4 vi The OC4J Specific orion ejb jar xml File esee eene B 4 The J2EEweb xml File eire teer ertt eee ee eter Pe Ere repre etna B 5 The OC4J Specific orion web xml File sese nennen B 5 The J2EE application client xml File tte tenete ee tede tete B 5 The OC4J Specific orion application client xml File sss B 5 Elements in the server xml File sess enne ene enttnen rr ent nnne t nennt nenne B 6 Cotifigure OCA iiie entier puto De ean rd e be P ie a B 6 Reference Other Configuration Files sees eee eene enne B 6 application server Element Description sse eee eene e eene B 6 Elements Contained Within lt application Server
12. OC4J Confidentiality Through SSL Ensures encrypted communications Use Secure Sockets Layer SSL over HTTP for encrypted communication Authentication Authentication verifies that the identity and credentials of a user are valid The J2EE application determines which user can use the application However it is the user manager employing the user name and password that verifies the user s identity based on information in the user repository Authentication is distinct from authorization which is the process of giving a user access to a J2EE application based on his identity OC4J security authenticates two types of clients HTTP and Enterprise JavaBeans EJBs This section describes each of these along with setting up users and groups Specifying Users and Groups OC4J supports the definition of users and groups either shared by all deployed applications or specific to a given application Shared users and groups are listed in the user repository whose location is specified in the global config application xml file Application specific users and groups are listed in the application specific user repository whose location is specified in the orion application xml file of that application The way you define users and groups depends on what user manager you employ For example because the Oracle Application Server Java Authentication and Authorization Service JAAS Provider OracleAS JAAS Provider uses roles i
13. The name of the parameter value The value of the parameter lt read access gt The read access policy lt resource provider gt Define a JMS resource provider To add a custom lt resource provider gt add the following to your orion application xml file resource provider class providerClassName name JNDI name gt lt description gt description lt description gt lt property name name value value gt lt resource provider gt In place of the user replaceable constructs those in italics in the preceding code do the following Replace the value providerClassName of the class attribute with the name of the resource provider class B 20 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the application client xml File Replacethe value JNDI name ofthe name attribute with a name by which to identify the resource provider This name will be used in finding the resource provider in the application s JNDI as java comp resource name Replace the value description of the description element with a description of the specific resource provider Replace the values name and value of the corresponding attributes with the same name in any property elements that the specific resource provider needs to be given as parameters security role mapping impliesAll true false name theRole gt The runtime mapping to groups and users of a role Maps to a securit
14. application client gt The orion application client xml file maps the EJB reference logical name to the JNDI name for the EJB For example this file maps the lt ejb ref name gt element TemplateBean defined in the application client xml to the JNDI name myapp myapp ejb TemplateBean as follows orion application client ejb ref mapping name TemplateBean location myapp myapp ejb TemplateBean gt lt orion application client gt JNDI Properties for the Client Set the JNDI properties for a regular client so it finds the initial JNDI context factory in one of the following manners a Set the JNDI properties within a Hashtable then pass the properties to javax naming InitialContext a Set the JNDI properties within a jndi properties file B 40 Oracle Application Server Containers for J2EE Standalone User s Guide Configuration and Deployment Examples If you provide the JNDI properties in the jndi properties file package the properties in myapp client jar to ensure that it is in the CLASSPATH jndi properties java naming factory initial com evermind server ApplicationClientInitialContext Factory java naming provider url ormi oc4j_ host 23791 myapp java naming security principal admin java naming security credentials welcome Deploying Example After developing your J2EE application assemble the different modules of your J2EE application EJB Web and client into an EAR file This section provides an
15. cmp field gt lt cmp field gt lt field name gt salary lt field name gt lt cmp field gt lt primkey field gt empNo lt primkey field gt lt entity gt lt enterprise beans gt lt assembly descriptor gt lt container transaction gt lt method gt lt ejb name gt TemplateBean lt ejb name gt lt method name gt lt method name gt lt method gt lt trans attribute gt NotSupported lt trans attribute gt lt container transaction gt lt security role gt lt description gt Users lt description gt lt role name gt users lt role name gt lt security role gt lt assembly descriptor gt lt ejb jar gt server xml Addition When you deploy the application using the admin jar deploy option this adds the location of the application EAR file to the server xm1 file This causes the application to be started every time that OC4J is started If you do not want the application to be started with OC4J change the auto start attribute to FALSE Note Ifyouset auto start to FALSE you can manually start the application using the admin jar tool or it is automatically started when a client requests the application application name myapp path myapp myapp ear Additional Information B 39 Configuration and Deployment Examples auto start true gt where The name attribute is the name of the application The path indicates the directory and filename for the EAR file The auto start a
16. or any other web site xml file that you choose data sources xml You must configure the DataSource object in the data sources xml file for each database used within the application To create and deploy simple J2EE applications perform the following basic steps Basic Step FAQ Application Step Description Create or obtain the application Download the FAQApp zip from OTN Make any necessary server environment Set the JAVA HOME variable changes Modify any application XML All of the application XML files are provided for configuration files you in the FAQ ZIP file Update the application standard J2EE The application xml file is included in the application descriptor file FAQApp EAR file Build an EAR file including the If you want to modify the FAO demo modify application if one does not already within the src directory and use ANT to build exist an EAR file Register the application in the Modify the server xml and appropriate server XML files http web site xml files Configure the database used Modify the data sources xml file The following steps describe what modifications to make to deploy the FAQ demo application into OC4J 1 We asked you to download the FAQ demo application from the Oracle OTN site 2 Make any necessary server environment changes You must set the JAVA HOME variable to the base directory of the Java 2 SDK 3 All of the application XML files such as web xm1 are provided for you in th
17. the timestamp change and redeploys the application change in timestamp of certain XML files in the exploded directory format The appname directory that is discussed in Building and Deploying Within a Directory on page 2 8 For automatic deployment of exploded directory applications you must do the following 1 Modify the classes in the module and touch its J2EE deployment descriptor to change the timestamp on the XML file For example if you modify servlet classes you must touch its web xm1 file This notifies OC4J that changes occurred in this modules 2 Touchthe application xml ofthis application Changing the timestamp of the application xml starts the automatic deployment Once started OC4J checks which modules to redeploy by noticing which module deployment descriptors have timestamp changes When OC4J does not check for updates redeploy by either using the admin jar command line tool or restarting the OC4J server manually See Options for the OC4J Administration Management JAR on page B 26 for a description of the deploy option Changing XML Files After Deployment Whenever you deploy an application OC4J automatically generates the OC4J specific XML files with the default elements If you want to change these files or add to the existing XML files you must copy the XML files to where your original development directory for the application and change it in this location If you change the XML file within the
18. For more information on starting and stopping OC4J see Starting and Stopping OC4J on page 1 3 For more information on configuration see Deploying Applications on page 1 13 Starting and Stopping OC4J Starting OC4J a Administering OC4J Configuration and Deployment 1 3 Starting and Stopping OC4J Starting OC4J Shutting Down OC4J OC4J is installed with a default configuration that includes a default Web site and a default application Therefore you can start OC4J immediately To start OC4J in a standalone environment issue the following command from the j2ee home directory java jar oc4j jar options This command starts OC4J using the default configuration files which you can find in the j2ee home config directory Options for this command are not necessary to start OC4J However if you want to exercise more control use the options listed in Options for the OC4J Server JAR on page B 26 or issue the following command from the j2ee home directory java jar oc4j jar help After OC4J launches a message is displayed on the screen to note this fact Note Instead of executing oc4j jar from the j2ee home directory you can set a 72EE HOME variable for UNIX or the J2EE HOMES variable for Windows NT to j2ee home so that in the command line and execute oc4j jar from any directory For example in the UNIX environment use the following java jar SJ2EE HOME oc4j jar Administering OC4J
19. Supply application information in the following subswitches file path filename Required The path and filename of the EAR file to deploy deploymentName app name Required The user defined application deployment name This same name is used to identify the application within OC4J It is also provided when you want to undeploy the application targetPath deploy dir Optional The path on the server node to deploy archive into Default is the applications directory It is best to provide a target path to the directory where the EAR file is copied for deployment If targetPath is not specified the EAR file is copied to the applications directory OC4J maintains a unique name for the EAR file Thus when you redeploy the EAR file OC4J renames the file by prepending an underscore character _ in front of the name to ensure that another application s EAR file is not overwritten Each successive deployment will cause another underscore character to be prepended to the EAR file However if it is the same application the applications directory contains a separate EAR file for each deployment If you provide a target path this problem does not occur parent parent appname Optional The parent application of this application When deployed any method within the child application can invoke any method within the parent application This is a means to enable methods in one JAR to see EJBs that have been deployed in another JAR
20. This is useful to deploy all service EJBs in a single JAR file where its users declare the service application as its parent The default is the global application deploymentDirectory path Optional If not specified the application is deployed into the application deployments directory To change where the application is deployed provide a path with this option If you supply the string NONE the deployment configurations are always read from the EAR file each time the application is deployed Bind a Web application to the specified site and root app name is the application name which is the same name used in deploymentName on the deploy option Also note that this is the same name that is saved in the application name app name attribute in the server xml file web_app_name is the name of the WAR file contained within the EAR file without the WAR extension a eb site name is the name of the name web site xml file that denotes the Web site that this Web application should be bound to This is the file that will receive the Web application definition context root is the root context for the Web module This option creates an entry in the OC4J name web site xml configuration file that was denoted in the web site name variable B 28 Oracle Application Server Containers for J2EE Standalone User s Guide Standalone OC4J Command Line Options and Properties Table B 4 Cont Options for Application D
21. When the Oracle JDBC driver performs a query it first uses a round trip to a database to determine the types that it should use for the columns of the result set Then when JDBC receives data from the query it converts the data as necessary as it populates the result set When you specify column types for a query with the DefineColumnType extension set to true you avoid the first round trip to the Oracle database The server which is optimized to do so performs any necessary type conversions Thread Pool Settings Thread pools create and maintain a queue of threads for use by an OC4J process Re using existing threads rather than creating new threads on demand improves performance and reduces the burden on the JVM and underlying operating system By default a single thread pool is created at OC4J startup New threads are created and added to the pool on an as needed basis As each thread is released it is returned to the pool to wait until it is needed by a new request Idle threads In the pool are used first before a new thread is spawned Threads in the pool are automatically destroyed after 10 minutes of inactivity There is no limit on the number of threads that can be created in this configuration 2 16 Oracle Application Server Containers for J2EE Standalone User s Guide Setting Performance Options The default configuration should by sufficient for most OC4J usage scenarios However you can optionally modify the single
22. allusers group in the orion ejb jar xml file Any user that can log in as part of this group is considered Configuring Security 3 7 Plugging In a User Manager to have the VISITOR role and can therefore execute the methods of customerbean This role is mapped to the allusers group which is defined in the User Manager configuration file the jazn data xml file lt security role mapping name VISITOR gt lt group name allusers gt lt security role mapping gt Note You can map a logical role to a single group or to several groups Plugging In a User Manager Any user manager class providing OC4J security is an implementation of the com evermind security UserManager interface This includes any custom user managers you create User manager classes manage users groups and passwords with such methods as createUser getUser and getGroup Table 3 1 lists the user managers that you can employ in OC4J security Table 3 1 User Managers and Their User Repositories Available to OC4J User Manager User Repository oracle security jazn oc4j JAZNUserManager using the XML based provider type jazn data xml using the LDAP based provider type OID com evermind server XMLUserManager principals xml Custom user manager user provided user repository By default OC4J reads the user names groups and passwords from the JAZNUserManager user repository jazn data xml In order for OC4J to employ any use
23. as EJB and JMS clients should send their requests directly to OC4J The default RMI port is 23791 Modify this port number in the rmi xml file See Configuring a Listener on page 2 7 for directions Quick Start for JSPs and Servlets To deploy Web applications on OC4J do one of the following a Place your servlet classes and JSP pages in the j2ee home default web app directory Deploy J2EE applications using the admin jar tool The J2EE application must be archived in the EAR format Placing servlets and JSP pages in the default web app directory is the easiest method to deploy applications or to migrate J2EE applications from previous versions of OC4J Do the following for quick deployment of servlets or JSPs 1 Place your servlet classes in the j2ee home default web app WEB INF classes subdirectory in a directory corresponding to their Java package The servlet is accessible from URLs of the form http oc4j_host 8888 servlet class name For example place the servlet class my HelloServlet as follows j2ee home default web app Web INF classes my HelloServlet class Then it is accessible from the following URL http oc4j host 8888 servlet my HelloServlet 2 Place JSP pages anywhere in the j2ee home default web app directory They are accessible with URLs of the form http oc4j_host 8888 path to JSP For example a JSP page in j2ee home default web app examples Hello jsp is accessible as http oc4j host 8
24. beans you can designate if a third database table is used to manage the relationship Set to false if you do not want a third association table Default is false See the Entity Relationship Mapping chapter in the Oracle Application Server Containers for J2EE Enterprise JavaBeans Developer s Guide for more information DefineColumnType true false The default is false Set this to true if you are using an Oracle JDBC driver that is prior to 9 2 For these drivers setting this variable to true avoids a round trip when executing a select over the Oracle JDBC driver This parameter should be set on the OC4J server When you change the value of this option and restart OC4J it is only valid for applications deployed after the change Any applications deployed before the change are not affected When true the Def ineColumnType extension saves a round trip to the database that would otherwise be necessary to describe the table When the Oracle JDBC driver performs a query it first uses a round trip to a database to determine the types that it should use for the columns of the result set Then when JDBC receives data from the query it converts the data as necessary as it populates the result set When you specify column types for a query with the DefineColumnType extension set to true you avoid the first round trip to the Oracle database The server which is optimized to do so performs any necessary type conversions Table B 8
25. content provided on third party Web sites You bear all risks associated with the use of such content If you choose to purchase any products or services from a third party the relationship is directly between you and the third party Oracle is not responsible for a the quality of third party products or services or b fulfilling any of the terms of the agreement with the third party including delivery of products or services and warranty obligations related to purchased products or services Oracle is not responsible for any loss or damage of any sort that you may incur from dealing with any third party Contents Send Us Your Comments 15 eee ttt tette tette tete tet totos ix ad ae LO ENN Libet OESE E MALI D ERMC eRe EU A ERN IURE SIM LE ARI es xi Intended Audience cei nen inae e eo reap i inae ud xi Doctimentation Accessibility iie aine mite adii ett ndis Deep rte entr xi Otr Cctutre i e oe e ideni nni arn bime e eite bii edis xi Related Documents o ete Nee pice bb is be ic ee xii ConvenLblorfis cob eim ace t SE et E E nein adh exes cobs stanat cons a A OE A VEER xiii Configuration and Deployment Introduction to OC4J Standalone sees entente nennen ennt nenne nenne nnne 1 1 OC4 Installation eter rre prete ee eU e e e ee n Hee eve eer eoe 1 2 lequiremerits eoe uv stec use seses sjeseungcensvoueseowerastiescenessveseunssestaeuteapcentuoerestiaasekecsuasivese st 1 2 Basic Installatio
26. defaults to null The runas mode and doasprivileged mode settings are described in Table B 1 See the Oracle Application Server Containers for J2EE Security Guide for more information Table B 1 runas mode and doasprivileged mode Settings If runas mode is If doasprivileged mode Is Set To Set To Then true true default Subject doAsPrivilegedina privilegedExceptionAction block that calls chain doFilter myrequest response true false Subject doAsinaprivilegedExceptionAction block that calls chain doFilter myrequest response false default true chain doFilter myrequest response false false chain doFilter myrequest response library path lib gt B 18 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the orion application xml File A relative absolute path URL to a directory or a JAR ZIP to add as a library path for this server Directories are scanned for JARS ZIP files to include at startup Attribute path The path log Logging settings odl The ODL log entries are each written out in XML format in its respective log file The log files have a maximum limit When the limit is reached the log files are overwritten When you enable ODL logging each message goes into its respective log file named logN xml where N is a number starting at one The first log message starts the log file log1 xml When the log file size maximum is reached
27. from which you can choose one or none xiii xiv 1 Configuration and Deployment This chapter demonstrates how to configure and execute OC4J as simply and quickly as possible Within OC4J you can execute servlets JSP pages andEJBs As an example of deploying an application to OC4J this chapter describes how to configure the FAQ application demo This chapter includes the following topics Introduction to OC4J Standalone a OC4J Installation Starting and Stopping OC4J Creating the Development Directory Configuring the FAQ Application Demo Deploying Applications a What Happens When You Deploy Undeploying Web Applications Introduction to OC4J Standalone Oracle Application Server Containers for J2EE OC4J Standalone provides a complete Java 2 Enterprise Edition J2EE 1 3 environment written entirely in Java that executes on the Java virtual machine JVM of the standard Java Development Kit JDK OC4J is J2EE 1 3 certified and provides all the containers APIs and services that J2EE specifies OC4J is based on technology licensed from Ironflare Corporation which develops the Orion server one of the leading J2EE containers so the product and some of the documentation still contains some reference to the Orion server OC4J supports and is certified for the standard J2EE APIs as listed in Table 1 1 Table 1 1 OC4J J2bEE Support J2EE 1 3 Standard APIs Version Supported JavaServer
28. gt element and its URL pattern is defined in the lt servlet mapping gt element ejb jar xml J2EE EJB application configuration files The orion ejb jar xml ejb jar xml files are used to define the EJB deployment descriptors and are included in the EJB JAR file application client xml J2EE client application configuration files orion application client xml 2 4 Oracle Application Server Containers for J2EE Standalone User s Guide Overview of OC4J and J2EE XML Files Table 2 1 Cont OC4J Features and Components XML Configuration File Features Components oc4j connectors xml Connector configuration files ra xml a Theoc4j connectors xml file contains global OC4J specific configuration for connectors oc4j ra xml a The xra xml file contains J2EE configuration a Theoc4j ra xml file contains OC4J specific configuration XML File Interrelationships Some of these XML files are interrelated That is some of these XML files reference other XML files both OC4J configuration and J2EE application see Figure 2 3 Here are the interrelated files a server xml contains references to the following All web site files for each Web site for this OC4J server including the default http web site xml file The location of each of the other OC4J server configuration files except principals xml which is defined in the global application xml shown in Figure 2 1 The location of each application xml file
29. in the server xml file Each application is defined by an application element in the server xml file In this element a parent attribute designates the parent application application parent applicationWithCommonClasses Developing Startup and Shutdown Classes You can develop classes that are called after OC4J initializes or before OC4J terminates Startup classes can start services and perform functions after OC4 initiates shutdown classes can terminate these services and perform functions before OC4J terminates The oc45j jar must be in the Java CLASSPATH when you compile these classes OC4J deploys and executes the OC4J startup and shutdown classes based on configuration of these classes in the server xm1 file 2 12 Oracle Application Server Containers for J2EE Standalone User s Guide Developing Startup and Shutdown Classes a OC4J Startup Classes a OC4J Shutdown Classes OC4J Startup Classes Startup classes are executed only once after OC4J initializes They are not re executed everytime the server xml file is touched Your startup class implements the com evermind server OC4JStartup interface that contains two methods preDeploy and postDeploy in which you can implement code for starting services or performing other initialization routines The preDeploy method executes before any OC4J application initialization The postDeploy method executes after all OC4J applications initialize Each meth
30. indicates the directory and filename for the EAR file The auto start attribute indicates if this application should be automatically restarted each time OC4J is restarted For a description of the elements in server xml see Elements in the server xml File on page B 6 1 14 Oracle Application Server Containers for J2EE Standalone User s Guide Deploying Applications Binding the Web Application To make your J2EE Web application accessible from the OC4J Web server bind the Web application to the OC4J server using the bindWebApp option as follows java jar admin jar ormi oc4j host oc4j ormi port username password bindWebApp app name web app name web site name context root where the following are the values for bindWebApp app name is the application name which is the same name used in deploymentName on the deploy option In addition note that this is the same name that is saved in the application name app name gt attribute in the server xml file a web app name is the name of the WAR file contained within the EAR file without the war extension a web site name is the name of the web site xml file that denotes the Web site to which this Web application should be bound This is the file that will receive the Web application definition a context root is the root context for the Web module The Web context defines how the Web application is accessed This step creates an entry in the OC4J web
31. into the current log file named log xml When the log file is full that is the log file size maximum is reached then it is copied to an archival log file named 1ogN xm1 where N is a number starting at one When the last log file is full the following occurs 1 Theleast recent log file is erased to provide space in the directory 2 The log xml file is written to the latest 1ogN xm1 file where N increments by one over the most recent log file Thus your log files are constantly rolling over and do not encroach on your disk space Within each XML file listed in Table 2 3 you enable ODL logging by uncommenting the ODL configuration line as follows a Uncomment the lt od1 gt element within the 10g element in all XML files listed in Table 2 3 except for the http web site xml file a Add the odl access 1log element in the http web site xml file The attributes that you can configure are path Path and folder name of the log folder for this area You can use an absolute path or a path relative to where the configuration XML file exists which is normally in the j2ee home config directory This denotes where the log files will reside for the feature that the XML configuration file is concerned with For example modifying this element in the server xm1 file denotes where the server log files are written max file size The maximum size in KB of each individual log file max directory size The maximum size of
32. keystore password lt Your Password gt gt Where Your Keystore is the full path to the keystore and lt Your Passwords is the keystore password In our example this is as follows lt Enable SSL gt lt ssl config keystore keystore keystore password 123456 gt Note The keystore path is relative to where the XML file resides 3 18 Oracle Application Server Containers for J2EE Standalone User s Guide Confidentiality Through SSL c Change the web site port number to use an available port For example the default for SSL ports is 443 so change the Web site port attribute to port 4443 To use the default of 443 you have to be a super user d Now save the changes to secure web site xml 5 Ifyou did not have the secure web site xml file then edit server xml to point to the secure web site xml file a Uncomment or add the following line in the file server xm1 so that the secure web site xml file is read web site path secure web site xml gt Note Even on Windows you use a forward slash and not a back slash in the XML files b Save the changes to server xml 6 Stop and re start OC4J to initialize the secure web site xml file additions Test the SSL port by accessing the site in a browser on the SSL port If successful you will be asked to accept the certificate since it is not signed by an accepted authority When completed OC4J listens for SSL re
33. notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution o o o ox 3 The end user documentation included with the redistribution if any must include the following acknowledgment This product includes software developed by the Apache Software Foundation http www apache org Alternately this acknowledgment may appear in the software itself Third Party Licenses C 1 Third Party Licenses if and wherever such third party acknowledgments normally appear 4 The names Apache and Apache Software Foundation must not be used to endorse or promote products derived from this Software without prior written permission For written permission please contact apache apache org 5 Products derived from this software may not be called Apache nor may Apache appear in their name without prior written permission of the Apache Software Foundation THIS SOFTWARE IS PROVIDED AS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL D
34. of the configuration for JMS and RMI Location of the default and additional Web sites Specify these locations by adding entries that list the location of the Web site configuration files You can have multiple Web sites The http web site xml file defines a default Web site therefore there is only one of these XML files AII other Web sites are defined in web site xml configuration files Register each Web site within the server xml file as follows web site path http web site xml web site path another web site xml gt Note The path that is designated is relative to the config directory Pointers to all applications for the container to deploy and execute Specify the applications that run on the container in the server xml file You can have as many application directories as you want and they do not have to be located under the OC4J installation directory http web site xml This file contains the configuration for a Web site In the http web site xml file specify the following Host name or IP address virtual host settings for this site listener ports and security using SSL Default Web application for this site Additional Web applications for this site Access log format Settings for user Web applications for user sites SSL configuration jazn data xml This file contains security information for the OC4J server It defines the user and group configuration for employing the defa
35. preface introduces you to the Oracle Application Server Containers for J2EE Standalone User s Guide discussing the intended audience structure and conventions of this document It also provides a list of related Oracle documents Intended Audience This manual is intended for anyone who is interested in using Oracle Application Server Containers for J2EE OC4J in standalone mode assuming you have basic knowledge of the following a Java and J2EE a XML a JDBC Documentation Accessibility Structure Our goal is to make Oracle products services and supporting documentation accessible with good usability to the disabled community To that end our documentation includes features that make information available to users of assistive technology This documentation is available in HTML format and contains markup to facilitate access by the disabled community Standards will continue to evolve over time and Oracle is actively engaged with other market leading technology vendors to address technical obstacles so that our documentation can be accessible to all of our customers For additional information visit the Oracle Accessibility Program Web site at http www oracle com accessibility Accessibility of Links to External Web Sites in Documentation This documentation may contain links to Web sites of other companies or organizations that Oracle does not own or control Oracle neither evaluates nor makes any representations regarding
36. resource factory type expected by the enterprise bean code and the type of authentication Bean or Container lt res ref name gt name lt res ref name gt The res ref name element specifies the name of a resource factory reference lt res sharing scope gt Shareable lt res sharing scope gt The res sharing scope element specifies whether connections obtained through the given resource manager connection factory reference can be shared The value of this element if specified must be one of the following Shareable or Unshareable The default value is Shareable res type javax sql DataSource res type The res type element specifies the type of the data source The type is specified by the Java interface or class expected to be implemented by the data source small icon lib images employee service iconl6x16 jpg lt small icon gt The sma11 icon element contains the name of a file containing a small 16 x 16 icon image The file name is a relative path within the application client JAR file The image must be either in the JPEG or GIF format and the file name must end with the suffix jpg or gif respectively The icon can be used by tools Elements in the orion application client xml File This section provides an overview of the OC4J specific application client deployment descriptor file lt orion application client gt Element Description The top level element of the orion application client xml file is the l
37. resource ref name Matches the name of an resource ref in application client xml Additional Information B 25 Standalone OC4J Command Line Options and Properties Standalone OC4J Command Line Options and Properties You start OC4J through oc4j jar You manage OC4J through the admin jar tool The following sections describe the options for each JAR Options for the OC4J Server JAR Options for the OC4J Administration Management JAR Options for the OC4J Server JAR The oc4j jar command line options enable you to start stop and install OC4J Table B 2 lists all the oc4j jar command line options Table B 2 OC4J Command Line Options Command Line Options Description install Installs the server and activates the admin account Rewrites text files to match the operating system line feed This should be used only the first time quiet Supress standard output config Specifies a location for the server xm1 file out file Specifies a file to route the standard output to The file contains messages that are printed to System out as well as the messages sent to output through the servlet logging interface If not specified all output is written to standard out See Table B 9 stdout stderr Archive Management Properties on page B 36 for additional system properties that can be set to manage stdout files err file Specifies a file to route standard error to The file contains messages that are printed
38. set to false you cause the XML configuration to refresh from the XML files and any necessary automatic deployment to occur by using the admin jar updateConfig option recovery procedure automatic prompt ignore Specifies how the EJB container recovers a global transaction JTA if an error occurs in the middle of the transaction If a CMP bean is in the middle of a global transaction when an error occurs then the EJB container saves the transactional state to a file The next time OC4J is started these attributes specify how to recover the JTA transaction automatic automatically attempts recovery the default prompt prompts the user system in out You may notice a prompt for recovery even if no CMP beans were executing This is caused by the OC4J server asking for permission to see whether there is anything to recover ignore ignores recovery useful in development environments or if you are never executing a CMP entity bean taskmanager granularity milliseconds The task manager is a background process that performs cleanup However the task manager can be expensive You can manage when the task manager performs its duties through this attribute which sets how often the task manager is kicked off for cleanup Value is in milliseconds Default is 1000 milliseconds Elements Contained Within lt application server gt Within the lt application server gt element the following elements which are listed alp
39. shut down 1 5 shutdown class 2 12 startup 1 4 startup class 2 12 system properties B 33 OC4J Remote Method Invocation see ORMI oc4j jar tool startup 1 4 OC4JShutdown interface 2 15 OC4JStartup interface 2 13 OID 3 8 3 9 Oracle Application Server Java Authentication and Authorization Service JAAS Provider 3 2 Oracle Diagnostic Logging see logging Index 3 ODL Oracle HTTP Server front end listener 1 2 OracleAS JAAS Provider 3 2 oracle dms gate setting 2 16 B 35 oracle dms sensors setting 2 16 B 35 oracle mdb fastUndeploy property B 34 orion application client xml file element description B 24 example B 40 orion application xml file 3 9 3 12 authentication 3 2 element description B 16 user manager 3 8 ORMI 1 4 Out of Memory error B 34 P parent specifying 3 4 parent application 2 12 performance oracle dms sensors setting 2 16 B 35 performance setting command line options 2 16 dedicated connection 2 16 B 34 dedicated rmicontext 2 16 B 34 DefineColumnType 2 16 B 35 oracle dms gate 2 16 B 35 statement caching 2 18 task manager granularity 2 19 B 7 thread pools 2 17 B 8 performance settings 2 15 postDeploy method 2 13 postUndeploy method 2 15 preDeploy method 2 13 preUndeploy method 2 15 principals xml file 1 4 3 2 3 3 3 8 3 13 private keys SSL 3 13 public keys SSL 3 13 R RAR 2 9 Resource Adapter Achieve see RAR restarting 1 5 RMI B 3
40. stub tie code If true then while cloning an array list a deep copy is performed If false a shallow copy is performed for the array list Default true Default is false This replaces the deprecated dedicated connection setting When two or more clients in the same process retrieve an InitialContext OC4J returns a cached context Thus each client receives the same InitialContext which is assigned to the process Server lookup which results in server load balancing happens only if the client retrieves its own InitialContext If you set dedicated rmicontext true then each client receives its own InitialContext instead of a shared context When each client has its own InitialContext then the clients can be load balanced This parameter is for the client You can also set this in the JNDI properties The oracle mdb fastUndeploy system property enables you to shutdown OC4J cleanly when you are running MDBs in a Windows environment or when the backend database is running on a Windows environment Normally when you use an MDB it is blocked in a receive state waiting for incoming messages However if you shutdown OC4J while the MDB is in a wait state in a Windows environment then the OC4J instance cannot be stopped and the applications are not undeployed since the MDB is blocked However you can modify the behavior of the MDB in this environment by setting the oracle mdb fastUndeploy system property If you set this property to an
41. suitable for your specific user authentication needs then you can create your own user manager and configure OC4J to use it To create your own user manager complete the following steps 1 Write a custom user manager Your custom user manager class must implement the com evermind security UserManager interface Table 3 2 describes the methods of this interface Table 3 2 Methods of the UserManager Interface Method Description void addDefaultGroup java lang String name Group createGroup java lang String name User createUser java lang String username java lang String password User getAdminUser User getAnonymousUser java util Set getDefaultGroups Group getGroup java lang String name int getGroupCount java util List getGroups int start int max UserManager getParent Adds a group to the set of default groups of which all users of the user manager are members a java lang String name the name of the group being added to the default group Creates a new group If the group already exists a java lang InstantiationException is thrown a java lang String name the name of the new group Creates a new user n java lang String username the new user name n java lang String password the new user password Returns the default admin user or nu11 if there is none Returns the default anonymous user or nu11 if none exists Returns the set of default groups for
42. the accessibility of these Web sites The Oracle Application Server Containers for J2EE Stand Alone User s Guide contains the following chapters and appendices xi Chapter 1 Configuration and Deployment This chapter discusses how to install OC4J how to configure the FAQ application the popular J2EE demo application from Sun Microsystems and how to deploy a Web application Chapter 2 Advanced Configuration and Development This chapter covers advanced OC4J information It includes an overview of OC4J XML configuration files how they relate to each other what happens when you deploy an application some tips on manual XML configuration file editing for applications when OC4J automatic deployment for applications occurs and building and deploying within a directory Chapter 3 Configuring Security This chapter presents an overview of security features It describes how to configure authorization and authentication for security Appendix A Troubleshooting OC4J This appendix describes common problems that you may encounter when using OC4J and explains how to resolve them Appendix B Additional Information This appendix describes the elements of the server XML configuration files OC4 command line tool options and provides configuration and deployment examples Appendix C Third Party Licenses This appendix lists the Java plug in partners third party tool support and third party licences Related Docu
43. the directory in KB New files are created within the directory until the maximum directory size is reached Each log file is equal to or less than the maximum specified in the attributes Thus to specify log files of 1000 KB and a maximum of 10 000 KB for the directory in the lt install dir gt j2ee home log server directory in the server xm1 file configure the following log odl path log server max file size 1000 max directory size 10000 gt log When OC4J is executing all log messages that are server oriented are logged in the lt install dir gt j2ee home log server directory Advanced Configuration and Development 2 21 OC4J Debugging The XML message that is logged is of the following format MESSAGE HEADER TSTZ ORIGINATING 2002 11 12T15 02 07 051 08 00 TSTZ ORIGINATING gt COMPONENT ID 0c4j COMPONENT ID MSG TYPE TYPE ERROR gt lt MSG TYPE MSG LEVEL 1 MSG LEVEL HOST ID myhost HOST ID HOST NWADDR 001 11 22 33 HOST NWADDR PROCESS ID null Thread Orion Launcher 5 main PROCESS ID USER ID dpda USER ID HEADER lt PAYLOAD gt lt MSG_TEXT gt java lang NullPointerException at com evermind server ApplicationServer setConfig ApplicationServer java 1070 at com evermind server ApplicationServerLauncher run ApplicationServerLauncher java 93 at java lang Thread run Unknown Source MSG TEXT PAYLOAD MESSAGE
44. the same port and IP address 3 20 Oracle Application Server Containers for J2EE Standalone User s Guide Confidentiality Through SSL Action Check to see that different ports are assigned within secure web site xml and http web site xml files Keytool does not work on HP UX Cause On HP UX it has been reported that the keytool does not work with the RSA option Action Generate the key on another platform and FTP it to the HP UX server General SSL Debugging You can get more debug information from the JSSE implementation To get a list of options start OC4 with java Djavax net debug help jar oc4j jar Or if you want to turn on full verbosity use java Djavax net debug all jar oc4j jar Both options will display Browser request header a Server HTTP header Server HTTP body HTML served Content length before and after encryption a SSL version For UNIX you could use the startup scripts in NOTE 150215 1 Scripts to Administer OC4J on Unix Platforms and amend these Configuring Security 3 21 Confidentiality Through SSL 3 22 Oracle Application Server Containers for J2EE Standalone User s Guide A Troubleshooting OC4J This appendix describes common problems that you may encounter when using OC4J and explains how to resolve them It includes the following topics Problems and Solutions Need More Help Problems and Solutions This section describes common problems an
45. web xml File The J2EE application client xml File The OC4J Specific orion application client xml File The J2EE application xml File This file identifies the Web or EJB applications that are contained within the J2EE application See Elements in the application xml File on page B 14 for a list of the elements The OC4J Specific orion application xml File This file configures the global application In the orion application xml file specify the following Whether to auto create and auto delete tables for CMP beans Which default data source to use with CMP beans a Security role mappings Which user manager is the default for security JNDI namespace access rules authorization See Elements in the orion application xml File on page B 16 for a list of the elements The J2EE ejb jar xml File This file defines the deployment parameters for the EJBs in this JAR file See the Sun Microsystems EJB specification for a description of these elements The OC4J Specific orion ejb jar xml File This file is the OC4 specific deployment descriptor for EJBs In the orion ejb jar xml file specify the following Time out settings Transaction retry settings Session persistence settings Transaction isolation settings B 4 Oracle Application Server Containers for J2EE Standalone User s Guide Description of XML File Contents CMP mappings OR mappings Finder method specifications
46. your DBMS jms xml This file contains the configuration for the OC4J Java Message Service JMS implementation In the jms xm1 file specify the following Hostname or IP address and port number to which the JMS server binds a Settings for queues and topics to be bound in the JNDI tree a Log settings rmi xml This file contains configuration for the Remote Method Invocation RMI system It contains the setting for the RMI listener which provides remote access for EJBs In the rmi xml file specify the following Hostname or IP address and port number to which the RMI server binds Remote servers to which to communicate Logsettings Additional Information B 3 Description of XML File Contents J2EE Deployment XML Files The OC4J specific deployment XML files contain deployment information for different components If you do not create the OC4J specific files they are automatically generated when the application is deployed You can edit OC4J specific deployment XML files manually OC4J uses these files to map environment entries resources references and security roles to actual deployment specific values This section describes the following XML files necessary for J2EE application deployment a The J2EE application xml File The OC4J Specific orion application xml File The J2EE ejb jar xml File The OC4J Specific orion ejb jar xml File a The J2EE web xml File a The OC4J Specific orion
47. your application has been deployed After the message is displayed you can invoke requests against your application Configuration and Deployment 1 15 What Happens When You Deploy What Happens When You Deploy Whether you deploy the application through the admin jar command or by editing XML files the following occurs OC4J opens the EAR file and reads the descriptors 1 7 OC4J opens parses the application xml1 that exists in the EAR file The application xml file lists all of the modules contained within the EAR file OC4J notes these modules and initializes the EAR environment OC4J reads the module deployment descriptors for each module type Web module EJB module connector module or client module The J2EE descriptors are read into memory If OC4J specific descriptors are included these are also read into memory The JAR and WAR file environments are initialized OC4J notes any unconfigured items that have defaults and writes these defaults in the appropriate OC4J specific deployment descriptor Thus if you did not provide an OC4J specific deployment descriptor you will notice that OC4J provides one written with certain defaults If you did provide an OC4J specific deployment descriptor you may notice that OC4J added elements OC4J reacts to the configuration details contained in both the J2EE deployment descriptors and any OC4J specific deployment descriptors OC4J notes any J2EE component configurations tha
48. 00 milliseconds cx min The minimum number of connection threads that OC4J can simultaneously execute Value is an integer The default is 20 The minimum value you can set this to is 10 cx max The maximum number of connection threads that OC4J can simultaneously execute Value is an integer The default is 40 cx queue The maximum number of connection requests that can be kept in the queue Value is an integer The default is 80 cx keepAlive The number of milliseconds to keep a connection thread alive idle while waiting for a new request This timeout designates how long an idle thread remains alive If the timeout is reached the thread is destroyed The minimum time is a minute Time is set in milliseconds To never destroy threads set this timeout to a negative one Value is a long The default is 600000 milliseconds debug If true print the application server thread pool information at startup The default is false global web app config Attributes path The path where the web application xml file is located path web application xml gt lt init library gt Attributes path The path in which the startup and shutdown classes are located The path indicates the directory in which the class resides or the directory and JAR filename of the JAR where the class is archived If more than one directory or JAR file exists then supply an lt init library gt element for each directory and J
49. 1 MYSERVICE Started Oracle Application Server Containers for J2EE initialized Created session with id 4fa5eb1b9a564869a426e8544963754f at Tue APR 23 16 22 56 PDT 2002 secure only false Created new physical connection XA XA OC4J Pooled jdbc oracle thin Glocalhost 1521 MYSERVICE null Connection XA XA OC4J Pooled jdbc oracle thin localhost 1521 MYSERVICE allocated Pool size 0 jdbc oracle thin localhost 1521 MYSERVICE Opened connection Created new physical connection Pooled oracle jdbc driver OracleConnection 5f18 Pooled jdbc oracle thin localhost 1521 MYSERVICE Connection Pooled oracle jdbc driver OracleConnection 5 1832 allocated Pool size 0 Pooled jdbc oracle thin localhost 1521 MYSERVICE Releasing connection Pooled oracle jdbc driver OracleConnection 5 1832 to pool Pool size 1 null Releasing connection XA XA OC4J Pooled jdbc oracle thin localhost 1521 MYSERVICE to pool Pool size 1 OC4J Pooled jdbc oracle thin localhost 1521 MYSERVICE Cache timeout closing connection Pool size 0 com evermind sql OrionCMTDataSource default jdbc OracleDS Cache timeout closing connection Pool size 0 2 24 Oracle Application Server Containers for J2EE Standalone User s Guide 3 Configuring Security OC4J security employs a user manager to authenticate and authorize users and groups that attempt to access a J2EE application User managers differ in performance and are employed based on the securit
50. 5 DBEntityObjectDebug property B 35 DBEntityWrapperDebug property B 35 debugging 2 22 to 2 24 options 2 23 debug http contentLength property B 36 dedicated connection setting 2 16 B 34 dedicated rmicontext property B 34 dedicated rmicontext setting 2 16 default web app directory automatic deployment 1 6 default web site xml file example B 40 DefineColumnType property 2 16 B 35 Delegated Administrative Service see DAS deployment 1 10 applications 1 13 automatic 1 6 command line tool 1 14 example 1 12 verification 1 15 development recommendations 1 6 E certificate authorities SSL 3 13 certificates SSL 3 13 check for updates 1 10 check for updates attribute 1 5 1 11 1 14 cluster debug property B 36 com evermind server RMIInitialContextFactory class 3 5 Index 2 EAR file creation 1 14 structure 1 13 used in deployment 1 13 EJB authentication 3 2 deployment 1 13 1 14 command line tool 1 14 manual 1 15 ejb cluster debug property B 36 ejb jar xml file example B 38 enable passivation attribute B 13 Enterprise JavaBeans see EJB environment modifications 1 12 F front end listener Oracle HTTP Server 1 2 G GeneratelIOP property B 34 getGroup method 3 8 getUser method 3 8 H hashtable B 40 HTTP method trace 2 23 B 35 http cluster debug property B 35 http error debug property B 35 http method trace allow property 2 23 B 35 htt
51. 888 examples Hello jsp Creating the Development Directory When developing your application Oracle recommends that you use consistent and meaningful naming conventions As an example you could develop your application as modules within a directory named after your application All the subdirectories under this directory could be consistent with the structure for creating JAR WAR and EAR archives Thus when you have to archive the source it is already in the required archive format Figure 1 1 demonstrates this structure 1 6 Oracle Application Server Containers for J2EE Standalone User s Guide Configuring the FAQ Application Demo Figure 1 1 Development Application Directory Structure applications lt appname gt META INF pplication xml ejb modules B classes my ejb class maps to my ejb class META INF ejb jar xml orion ej b jar xml web modules index html JSP pages B INF web xml orlon web xml classes Servlet classes ib my Servlet to my Servlet d pendent libraries client modules Client classes META INF pplication SES ieni mni rion application client xml Consider the following points regarding Figure 1 1 You cannot change the following directory names and XML filenames META INF WEB INF application xml ejb jar xml web xml and application client xml Separate directories clearly distinguish modules of the enterprise Java application from each other The app
52. AMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE w Ro ok 0k E ok ok ok Ok 0 0x 0o ok oko O0oR 0k 0o 0o 0o E 0o oo ox This software consists of voluntary contributions made by many individuals on behalf of the Apache Software Foundation For more information on the Apache Software Foundation please see http www apache org Portions of this software are based upon public domain software originally written at the National Center for Supercomputing Applications University of Illinois Urbana Champaign 7 C 2 Oracle Application Server Containers for J2EE Standalone User s Guide Symbols access log element 2 20 alt dd element B 15 application element 1 15 B 7 B 15 application client element B 22 application server element B 6 argument element B 16 arguments element B 17 callback handler element B 22 client module element B 17 cluster element B 8 commit class element B 17 commit coordinator element B 17 compiler element B 8 connector element B 15 connectors element B 17 context
53. AR TemplateClient class META ILIE pHa lication client ml orion application client ml application xml Example The myapp META INF application xml file lists the EJB JAR and Web application WAR file that is contained in the EAR file using the module elements lt xml version 1 0 gt lt DOCTYPE application PUBLIC Sun Microsystems Inc DTD J2EE Application 1 3 EN http java sun com j2ee dtds application 1 3 dtd gt application display name myapp j2ee application lt display name gt description A sample J2EE application that uses a Container Managed Entity Bean and JSPs for a client description module lt ejb gt myapp ejb jar lt ejb gt lt module gt lt module gt lt web gt lt web uri gt myapp web war lt web uri gt lt context root gt myapp lt context root gt lt web gt lt module gt lt application gt Additional Information B 37 Configuration and Deployment Examples web xml Example The myapp web WEB INF web xml file contains the class definitions for EJBs servlets and JSPs that are executed within the Web site The myapp Web module specifies the following in its descriptor The default page to be displayed for the application s root context as specified using the admin jar bind command http oc4j_host port myapp Where to find the stubs for the EJB home and remote interfaces The JNDI name for the EJB The included servlets and where to find each serv
54. AR filename init library path xxx gt lt init param gt Additional Information B 9 Elements in the server xml File Attributes Defines the key value pairs of the parameters to pass into the startup class javacache config Attributes path Specifies the path to the javacache xm1 file javacache config path javacache admin javacache xml gt lt java compiler gt You can specify an alternative compiler either in or out of process for your JSP and EJB compilation The default compiler is an out of process javac compiler found in the JDK bin directory Attributes name Specify the name of the compiler to use Valid compiler names are as follows for in process compilers modern classic javac or ojc for out of process compilers forked modern javac ojc or jikes These names are defined as follows javac the standard compiler name for all JDKs classic the standard compiler of JDK 1 1 1 2 modern the standard compiler of JDK 1 3 1 4 jikes the Jikes compiler ojc The Oracle Java compiler in process lf true the compiler is to run in process If false the compiler runs out of the process Most compilers can execute both in and out of the process The exceptions are as follows The classic compiler cannot run out of the process thus the in process attribute is always true The jikes compiler cannot run in proces
55. An application client is a GUI or console based standalone client that interacts with the server Attributes a auto start Whether or not to auto start the client in process at server startup The default is false a deployment time Last deploy time attribute Internal to OC4J do not edit path The path relative to the enterprise archive or absolute to the application client a user User to run the client as if run in process autostart true Must be specified if auto start is activated lt commit coordinator gt Configure the two phase commit engine lt commit class class com evermind server OracleTwoPhaseCommitDriver gt Attribute class Configures the OracleTwoPhaseCommitDriver class for two phase commit engines connectors path oc4j connectors xml gt Attribute path The name and path of the oc4j connectors xm1 file If no lt connectors gt element is specified then the default path is lt oc4j gt j2ee home connectors rarname oc4j connectors xml lt data sources path data sources xml gt Attribute a path The path lt description gt A short description lt description gt A short description of this component lt ejb module path myEjbs jar remote true false gt An EJB JAR module of the application Attributes a path The path relative to the enterprise archive or absolute to the ejb jar a remote true false value stating whether or not to a
56. And Data Source Management application Option Description application name Restarts the application This triggers auto deployment if enabled restart and a file has been touched application name Adds a user to the security file principals xml addUser username password application name Retrieves the dynamic usage information about the installed dataSourceInfo DataSource objects application name Retrieves the statically configured information about each listDataSource installed DataSource object Additional Information B 31 Standalone OC4J Command Line Options and Properties Table B 6 Cont Options For Application And Data Source Management application Option Description application name testDataSource application name installDataSource application name removeDataSource Tests an existing DataSource Supply information with the following subswitches location location The namespace location for the DataSource For example jdbc DefaultDS Required username username The username you use to login along with a password Optional password password The password to log in with Optional Installs a new DataSource Supply information within the following subswitches jar JARfile The JAR file containing the driver that is to be added to the library of the server url URL The JDBC database URL location JNDllocation The namespace location for the raw source For e
57. C4J startup to to enable OC4J to close AJP sockets in the event that a connection between OHS and OC4J is dropped due to a firewall timeout ajp keepalive true For example java Dajp keepalive true jar oc4j jar OPMN Managed OC4J Unable to Access EJB Resources Via the Default RMI Port Problem OC4J cannot access EJB resources via the default RMI port when running as a component of Oracle Application Server Solution The most common cause is that a user more familiar with Standalone OC4J is reading the RMI port from rmi xm1 unaware that the value specified in this file is not used in an OPMN managed environment OPMN managed OC4J instances use dynamic RMI port assignment The port value ranges are specified in the port element in opmn xml or are determined using dynamic opmn ormi lookup from the application client See the Oracle Process Manager and Notification Server Administrator s Guide for more information Troubleshooting OC4J A 3 Problems and Solutions Application Performance Impacted by Garbage Collection Pauses Problem An application running on OC4J appears unresponsive with simple requests experiencing noticable delays The cause is that the the JVM has crossed the low memory threshold and is running a full garbage collection to free up memory Solution Consider using the incremental low pause collector which avoids long major garbage collection pauses by doing portions of the major collection w
58. D System Properties for Debugging D Debug System Properties Description KeepWrapperCode DBEntityHomeDebug DBEntityObjectDebug DBEntityWrapperDebug iiop runtime debug NativeJDBCDebug h h ttp ttp ttp ttp ttp cluster debug request debug redirect debug method trace allow session debug error debug Default false If true keeps and debugs the generated wrapper code Default false If true displays entity bean home interface debug messages Default false If true displays entity bean object debug messages Default false If true displays entity bean pool debug messages Default false If true outputs IIOP debug messages Default false Native JDBC debug messages Default false HTTP clustering debug messages Default false If true provides information about each HTTP request directed to standard output Default false If true provides information about each HTTP redirects to standard output Default false If true turns on the trace HTTP method Default false If true provides information about HTTP session events Default false If true prints all HTTP errors Additional Information B 35 Configuration and Deployment Examples Table B 8 Cont D System Properties for Debugging D Debug System Properties Description http virtualdirectory debug Default false If true print the enforced virtual directory mappings upon startup debug http
59. DI Properties A servlet that exists in the same application with the target bean automatically accesses the JNDI properties for the node Therefore accessing the EJB is simple because no JNDI properties are required Get the Initial Context for the JNDI lookup for a local EJB InitialContext ic new InitialContext Retrieve the Home interface using JNDI lookup Object empObject ic lookup java comp env employeeBean This is also true if the target bean is in an application that has been deployed as this application s parent To specify parents use the parent option of the admin jar command when deploying the originating application JNDI Properties File If you are setting the JNDI properties within the jndi properties file set the properties as follows Ensure that this file is accessible from the CLASSPATH 3 4 Oracle Application Server Containers for J2EE Standalone User s Guide Authentication Factory java naming factory initial com evermind server ApplicationClientInitialContextFactory Location The ORMI default port number is 23791 which you can modify in j2ee home config rmi xml Therefore set the URL in the jndi properties in one of two ways java naming provider url ormi hostname application name or java naming provider url ormi hostname 23791 application name Security When you access EJBs in OC4J you must pass valid credentials to this server Standalone clients define their credent
60. F web xml orlon web xml classes Servlet classes ib my Servlet to my Servlet d pendent libraries client modules Client classes META INF pea c ieni mni rion application client xml Development Application Directory Structure To deploy EJB or complex J2EE applications in an expanded directory format complete the following steps 1 Place the files in any directory Figure 2 4 demonstrates an application placed into j2ee home applications appname The directory structure below appname is similar to that used within an EAR file as follows a Replace the EJB JAR file name Web application WAR file name client JAR file name and Resource Adapter Archive RAR file name with a directory name of your choosing to represent the separate modules Figure 2 4 demonstrates these directory names by ejb module web module client module and connector module Place the classes for each module within the appropriate directory structure that maps to their package structure Modify the server xml application xml and web site xml files The server xml and web site xml files are located in j2ee home config directory while the application xml is under j2ee home applications lt appname gt META INF directory Modify these files as follows In server xml add a new or modify the existing application name path auto start true gt element for each J2EE application The path points to the maste
61. JNDI mappings Minimum and maximum instance pool settings resource reference mappings See the appendix in the Oracle Application Server Containers for J2EE Enterprise JavaBeans Developer s Guide for description of the elements The J2EE web xml File This file contains deployment information about the servlets and JSPs in this application See the Sun Microsystems specifications for a description of these elements The OC4J Specific orion web xml File This is the OC4J specific deployment descriptor for mapping Web settings This XML file contains the following Auto reloading including modification check time interval Buffering a Charsets Development mode Directory browsing Document root a Locales a Web timeouts Virtual directories a Session tracking JNDI mappings Classloading priority for Web applications See the appendix in the Oracle Application Server Containers for J2EE Servlet Developer s Guide for description of the elements The J2EE application client xml File This file contains JNDI information for accessing the server application and other client information See Elements in the application client xml File on page B 21 for a list of the elements The OC4J Specific orion application client xml File This OC4J specific deployment file is for the client application It contains JNDI mappings and entries for the client See Elements in the orion application client x
62. ORACLE Oracle Application Server Containers for J2EE Standalone User s Guide 10g Release 2 10 1 2 Part No B14361 01 November 2004 Oracle Application Server Containers for J2EE Standalone User s Guide 10g Release 2 10 1 2 Part No B14361 01 Copyright 2002 2004 Oracle All rights reserved Primary Author Sheryl Maring Contributing Authors Brian Wright Dan Hynes The Programs which include both the software and documentation contain proprietary information they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright patent and other intellectual and industrial property laws Reverse engineering disassembly or decompilation of the Programs except to the extent required to obtain interoperability with other independently created software or as specified by law is prohibited The information contained in this document is subject to change without notice If you find any problems in the documentation please report them to us in writing This document is not warranted to be error free Except as may be expressly permitted in your license agreement for these Programs no part of these Programs may be reproduced or transmitted in any form or by any means electronic or mechanical for any purpose If the Programs are delivered to the United States Government or anyone licensing or using the Programs on behalf of the United States Government the following noti
63. OperationException if not supported Returns a list of users between the specified indexes contained in this manager Throws UnsupportedOperationException if not supported Instantiates the user manager with the specified settings Throws java lang InstantiationExceptionif any errors occur Removes the specified group from the user manager and returns true if the operation is successful Removes the specified user from the user manager and returns true if the operation is successful Sets the parent user manager if one exists This method is called only on a nested user manager A user manager can delegate work to its parent user manager 2 Plug the user manager into your application For a single application specify the custom user manager in the user manager element of the orion application xml file For all applications in the server specify the custom user manager in the user manager element of the config application xml file 3 Define your users and groups See Specifying Users and Groups on page 3 2 4 Create security constraints in your Web application See Authorization on page 3 6 Example 3 4 Using the DataSourceUserManager Class The following example of the DataSourceUserManager class is a custom user manager and it implements the UserManager interface Within its methods the DataSourceUserManager class manages the users in a database specified by the DataSource interface To confi
64. OracleAS JAAS Provider policy permissions information Figure 3 2 illustrates the architecture of OC4J security under the JAZNUserManager class The JAZNUserManager class can use two types of OracleAS JAAS Providers for OC4J security Use the provider type that is appropriate for your environment a LDAP based For centralized storage of information in a directory The user repository is OID a XML based For lightweight storage of information in an XML file The user repository is the jazn data xml file Figure 3 2 OC4J Security Architecture Under the JAZNUserManager Class Oracle HTTP Server OC4J JAZNUserManager LDAP based XML based provider type provider type Oracle Internet jazn data xml Directory user repository user repository e JAAS provider T o In OC4J you can configure your application s to use the JAZNUserManager class by adding the jazn or lt user manager gt element in your OC4J specific configuration file config application xmlororion application xml Using the JAZNUserManager Class with the LDAP Based Provider Type The LDAP based provider type delegates user and group management functionality to the Delegated Administrative Service DAS from OID Configuring Security 3 9 Plugging In a User Manager The following examples from an OC4J specific configuration file have OC4J employ the JAZNUserManager
65. Pages JSP 12 Servlets 2 3 Enterprise JavaBeans EJB 2 0 Java Transaction API JTA 1 0 Java Message Service JMS 1 0 Java Naming and Directory Interface JNDT 12 Configuration and Deployment 1 1 OC4J Installation Table 1 1 Cont OC4J J2EE Support J2EE 1 3 Standard APIs Version Supported Java Mail 1 1 2 Java Database Connectivity JDBC 2 0 Extension Oracle Application Server Java Authentication 1 0 and Authorization Service JAAS Provider J2EE Connector Architecture 1 0 JAXP 1 1 OC4J Standalone is for use by development and small medium scale production deployments Specifically OC4J Standalone supports HTTP and HTTPS natively without the use of Oracle HTTP Server It does not have support for load balancing clustering or management through Oracle Enterprise Manager 10g To use those features customers must install one of the Oracle Application Server installation types such as J2EE WebCache The standalone version is supported in a single instance single JVM and single machine configuration The OC4J documentation assumes that you have a basic understanding of Java programming J2EE technology and Web and EJB application technology This includes deployment conventions such as the WEB INF and META INF directories Examples in each of the primers assume the following a You have a working JDK 1 3 1 or 1 4 1 a You have installed OC4J a You have started OC4J Examples also use standard J2EE con
66. See Overview of OC4J and J2EE XML Files on page 2 1 for more information on OC4J XML configuration files Deploying Applications This section describes how to deploy a J2EE application to the OC4 server and how to bind that application to the server so that you can access the application from OC4J Archive Application into an EAR File Deployment In a Production Environment Using ADMIN JAR Verifying Deployment Archive Application into an EAR File Your J2EE application can contain the following modules Web applications The Web applications module WAR files includes servlets and JSP pages EJB applications The EJB applications module EJB JAR files includes Enterprise JavaBeans EJBs Client application contained within a JAR file Archive the JAR and WAR files that belong to an enterprise Java application into an EAR file for deployment to OC4J The J2EE specifications define the layout for an EAR file The internal layout of an EAR file should be as follows Archive Directory Format Archive these files using the JAR command in the appname directory as follows Configuration and Deployment 1 13 Deploying Applications o jar cvfM appname ear Note that the application xml file acts as a standard J2EE application descriptor file Deployment In a Production Environment Using ADMIN JAR OC4J contains a command line deployment tool for deploying J2EE applications the admin jar command The option
67. To execute the client perform the following o java jar myapp client jar TemplateClient main start Enter integer value for col_1 1 Enter string value for col_2 BuyME Enter float value for col 3 99 9 Record added through bean B 42 Oracle Application Server Containers for J2EE Standalone User s Guide C Third Party Licenses This appendix includes a description of the Third Party Licenses for all the third party products included with Oracle Application Server Third Party Licenses Topics include Apache HTTP Server Apache HTTP Server Under the terms of the Apache license Oracle is required to provide the following notices However the Oracle program license that accompanied this product determines your right to use the Oracle program including the Apache software and the terms contained in the following notices do not change those rights Notwithstanding anything to the contrary in the Oracle program license the Apache software is provided by Oracle AS IS and without warranty or support of any kind from Oracle or Apache The Apache Software License The Apache Software License Version 1 1 Copyright c 2000 The Apache Software Foundation All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright
68. Web Site protocol http secure true gt lt default web app application default name defaultWebApp gt lt access log path log default web access log gt lt ssl config keystore keystore keystore password welcome needs client auth true gt 3 16 Oracle Application Server Containers for J2EE Standalone User s Guide Confidentiality Through SSL web site Only the portions in bold are specific to security The protocol value is always http for HTTP communication whether or not you use secure communication A protocol value of http with secure false indicates HTTP protocol http with secure true indicates HTTPS protocol Then configure the news application to accept both HTTP and HTTPS connections web app application news name news web root news shared true gt This Web site uses the default port numbers for HTTP and HTTPS communication If it did not you would also add the cookie domain attribute session tracking cookie domain oracle com gt For more information about elements and attributes of the lt web site gt lt web app gt and lt session tracking gt elements see the XML Appendix in the Oracle Application Server Containers for J2EE Servlet Developer s Guide Example 3 6 Creating an SSL Certificate and Configuring HTTPS The following example uses keytool to create a test certificate and shows all of the XML configuration necessary for HTTPS to work To create a v
69. WebApp FAQApp FAQAppWeb http web site FAQApp This creates the web app entry in the http web site xml configuration file For a complete description of the admin jar command line tool see Options for the OC4J Administration Management JAR on page B 26 For more information on configuring and managing Web applications see the http web site xml file see the Oracle Application Server Containers for J2EE Servlet Developer s Guide Configuration and Deployment 1 11 Configuring the FAQ Application Demo Deployment Details Explained Although the development of J2EE applications is standardized and portable the XML configuration files are not You may have to configure multiple XML files before deploying any application to OC4J The necessary server configuration depends on the services that your application uses For example if your application uses a database you must configure its DataSource object in the data sources xml file For basic applications such as the FAQ demo you configure the following OC4J XML files META INF application xml The standard J2EE application descriptor for the application is contained within the application xml file This file must be properly configured and included within the J2EE EAR file that is to be deployed a server xml and http web site xml tThe application is registered in the server xml file the Web application and the context it uses are registered in the http web site xml file
70. actory class Example 3 1 Servlet Accessing EJB in Remote OC4J Instance The following servlet uses the JNDI name for the target bean cmpapp employeeBean Thus this servlet must provide the JNDI properties in an RMIInitialContext object instead of the ApplicationClientInitialContext object The environment is initialized as follows Configuring Security 3 5 Authorization The INITIAL CONTEXT FACTORY is initialized to a RMIInitialContextFactory Instead of creating a new InitialContext it is retrieved The actual JNDI name is used in the lookup Hashtable env new Hashtable env put Context PROVIDER URL ormi myhost cmpapp env put Context SECURITY PRINCIPAL admin env put Context SECURITY CREDENTIALS welcome env put Context INITIAL CONTEXT FACTORY com evermind server rmi RMIInitialContextFactory Context ic new com evermind server rmi RMIInitialContextFactory getInitialContext env Object homeObject ic lookup cmpapp employeeBean Narrow the reference to a TemplateHome EmployeeHome empHome EmployeeHome PortableRemoteObject narrow homeObject EmployeeHome class Authorization Authorization is the process of granting or denying a user access to a J2EE application based on its identity Authorization is distinct from authentication which is the process of verifying that a user is valid Specify authorization for users and groups in the J2EE and OC4J specific dep
71. ads set to 1 The default is 600000 milliseconds 10 minutes which is also the minimum value allowed if not 1 cx min The minimum number of threads to create in the connection thread pool The minimum value that can be specified is 10 cx max The maximum number of threads that can be created in the connection pool The default is 40 cx queue The maximum number of threads that can be kept in the queue in the connection pool The default is 80 cx keepAlive The length of time in milliseconds to keep a thread alive idle while waiting for a new request After the timeout is reached the thread is destroyed To never destroy threads set to 1 The default is 600000 milliseconds 10 minutes which is also the minimum value allowed if not 1 debug If true print the application server thread pool information to the console at startup The default is false Additional notes on thread pool configuration a The queue attributes should be at least twice the size of the maximum number of threads The minimum and maximum number of worker threads should be a multiple of the number of CPUs installed on your machine However this number should be small the more threads you have the more burden you put on the operating system and the garbage collector The cx minand cx max attributes are relative to the number of the physical connections you have at any point in time The cx queue handles bursts in connection traffic
72. alid certificate for use in production environments see the keytool documentation 1 Install the correct JDK Ensure that JDK 1 3 x is installed This is required for SSL with OC4J Set the JAVA HOME to the JDK 1 3 directory Ensure that the JDK 1 3 x JAVA HOME bin is at the beginning of your path This may be achieved by doing the following UNIX PATH usr opt java130 bin PATH export PATH java version java version 1 3 0 Windows set PATH d jdk131 bin PATH Ensure that this JDK version is set as the current version in your Windows registry In the Windows Registry Editor under HKEY LOCAL MACHINE SOFTWARE JavaSoft Java Development Kit set CurrentVersion to 1 3 or later 2 Request a certificate a Change directory to ORACLE HOME j2ee b Create a keystore with an RSA private public keypair using the keytool command In our example we generate a keystore to reside in a file named mykeystore which has a password of 123456 and is valid for 21 days using the RSA key pair generation algorithm with the following syntax keytool genkey keyalg RSA keystore mykeystore storepass 123456 validity 21 Where the keystore option sets the filename where the keys are stored Configuring Security 3 17 Confidentiality Through SSL a the storepass option sets the password for protecting the keystore the validity option sets number of days the certificate is valid The keytool prompts you f
73. an Enterprise JavaBean s environment entry lt env entry type gt java lang String lt env entry type gt The env entry type element contains the fully qualified Java type of the environment entry value that is expected by the enterprise bean s code The following are the legal values of env entry type java lang Boolean java lang String java lang Integer java lang Double java lang Byte java lang Short java lang Long and java lang Float lt env entry value gt 100 00 lt env entry value gt The env entry value element contains the value of an Enterprise JavaBean s environment entry lt home gt com aardvark payroll PayrollHome lt home gt The home element contains the fully qualified name of the Enterprise JavaBean s home interface lt icon gt The icon element contains a small icon and large icon element which specify the URIs for a small and a large GIF or JPEG icon image used to represent the application client in a GUI tool lt large icon gt lib images employee service icon32x32 jpg lt large ico n gt The large icon element contains the name of a file containing a large 32 x 32 icon image The file name is a relative path within the application client JAR file The image must be either in the JPEG or GIF format and the file name must end with the suffix jpg or gif respectively The icon can be used by tools lt remote gt com wombat empl EmployeeService lt remote gt The remote element contains the
74. ate ete oce ag seite B 27 Adding WebSites i uie eoe a e citu direct Eid b e EE d Eventa B 29 DataSource And Application Options sss nennen B 31 OCAJ System Properties i cieadh o nenesetlte nt Bde le et hia ee eie ener heri rep en ie dido B 33 Configuration and Deployment Examples sss eee eee nnne B 36 J2EE Application XML Configuration Example sse ens B 36 applieationixml Example ae cree tede te t cete ede ce eevee niente teats B 37 websanb Example een seta Sc tti te cene ite ode tete B 38 e amp ib jarxml Example 5c rte eta ee ud ete te e dete et eet B 38 server xml Additioti eR eu ERU eee rl tere ee ie ts B 39 http web sitexml Additi n cedere qe re tete tita te et teinte B 40 Client Example t tento fee ee iore inb ca ond bbs B 40 INDI Properti s for the Client eee eet ertet pete ipte B 40 Deploying Example mt mimeo here He e CR A Rita e erbe UE Decet do B 41 EJB Module a ott tee Soe ect ete tee ete eR Rte e Une EAEE B 41 Web Module Servlet and JSP Calling EJBs sse nns B 41 Client Module Standalone Java Client Invoking EJBs sees B 42 Manifest File for the Client sees enet enne tentent nennen tenes B 42 Executing the Client siete eee i bee ced ita nd cic nd breeds B 42 C Third Party Licenses Third Party Licenses onte ettet ect remet e metet eme iT lene cut dde ee iae eet aes Apache HTTP Ser
75. attribute element B 24 context root element B 15 data sources element B 17 description element B 17 B 22 display name element B 15 B 22 ejb element B 15 ejb link element B 22 lt ejb module gt element B 17 lt ejb ref gt element 3 5 B 22 lt ejb ref mapping gt element B 25 ejb ref name element B 22 lt ejb ref type gt element B 22 env entry element B 22 env entry mapping element B 25 env entry name element B 23 env entry type element B 23 env entry value element B 23 lt execution order gt element B 8 lt file gt element 2 20 B 11 B 17 lt global application gt element B 8 lt global thread pool gt element 2 17 B 8 global web app config element B 9 group element B 18 home element B 23 icon element B 15 B 23 lt init library gt element 2 13 2 14 2 15 B 9 init param element B 9 java element B 15 lt javacache config gt element B 10 Index lt java compiler gt element B 8 B 10 lt jazn gt element 3 9 B 18 B 20 lt jazn web app gt element B 18 lt jms config gt element B 11 lt large icon gt element B 15 B 23 library element 2 7 B 18 log element 2 20 2 21 B 11 B 19 lt lookup context gt element B 25 mail element B 11 B 19 mail session element B 19 lt max http connections gt element B 12 lt method permission gt element 3 7 module element B 15 namespace acce
76. bles for CMP beans in this application The default is true autodelete tables Whether or not to automatically delete old database tables for CMP beans when redeploying in this application The default is false default data source The default data source to use if other than server default This must point to a valid CMT data source for this application if specified a deployment version The version of OC4J that this JAR was deployed against if it is not matching the current version then it will be redeployed This is an internal server value do not edit treat zero as null Whether or not to treat read zero s as null s when they represent primary keys The default is false Elements Contained Within lt orion application gt Within the lt orion application gt element the following elements which are listed alphabetically and not by DTD ordering can be configured argument value theValue gt An argument used when invoking the client Attribute B 16 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the orion application xml File value The value of the argument arguments A list of arguments to used when invoking the application client if starting it in process auto start true lt client module auto start true false deployment time 073fc2ab513bc3ce path myappclient jar user theUser gt An application client module of the application
77. cate on the client side only if you configure client authentication In the http web site xml file of OC4J or other Web site XML file as appropriate you must specify appropriate SSL settings under the lt web site gt element 1 Turnon the secure flag to specify secure communication as follows web site protocol http secure true web site Setting secure true specifies that the HTTP protocol is to use an SSL socket 2 Usethe ss1 config subelement and its keystore and keystore password attributes to specify the directory path and password for the keystore as follows web site secure true lt ssl config keystore path and file keystore password pwd web site The ss1 config element is required whenever the secure flag is set to true The path and file value can indicate either an absolute or relative directory path and includes the file name Note You can hide the password through password indirection See Oracle Application Server Containers for J2EE Security Guide for a description of password indirection 3 Optionally turn on the needs client auth flag an attribute of the lt ssl config gt element to specify that client authentication is required as follows web site secure true gt Configuring Security 3 15 Confidentiality Through SSL lt ssl config keystore path and file keystore password pwd needs client auth true
78. cates If you request client authentication with the needs client auth attribute perform the following 1 Decide which of the certificates in the client s chain is to be your trust point Ensure that you either have control of the issue of certificates using this trust point or that you trust the certificate authority as an issuer Configuring Security 3 19 Confidentiality Through SSL 2 Importthe intermediate or root certificate in the server keystore as a trust point for authentication of the client certificate 3 If you do not want OC4J to have access to certain trust points make sure that these trust points are not in the keystore 4 Execute the preceding steps to create the client certificate which includes the intermediate or root certificate installed in the server If you wish to trust another certificate authority obtain a certificate from that authority 5 Save the certificate in a file on the client 6 Provide the certificate on the client initiation of the HTTPS connection a If the client is a browser set the certificate in the client browser security area b Iftheclient is a Java client you must programmatically present the client certificate and the certificate chain when initiating the HTTPS connection HTTPS Common Problems and Solutions The following errors may occur when using SSL certificates Keytool Error java security cert CertificateException Unsupported encoding Cause You cannot allow tra
79. ce is applicable U S GOVERNMENT RIGHTS Programs software databases and related documentation and technical data delivered to U S Government customers are commercial computer software or commercial technical data pursuant to the applicable Federal Acquisition Regulation and agency specific supplemental regulations As such use duplication disclosure modification and adaptation of the Programs including documentation and technical data shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement and to the extent applicable the additional rights set forth in FAR 52 227 19 Commercial Computer Software Restricted Rights June 1987 Oracle Corporation 500 Oracle Parkway Redwood City CA 94065 The Programs are not intended for use in any nuclear aviation mass transit medical or other inherently dangerous applications It shall be the licensee s responsibility to take all appropriate fail safe backup redundancy and other measures to ensure the safe use of such applications if the Programs are used for such purposes and we disclaim liability for any damages caused by such use of the Programs Oracle is a registered trademark of Oracle Corporation and or its affiliates Other names may be trademarks of their respective owners The Programs may provide links to Web sites and access to content products and services from third parties Oracle is not responsible for the availability of or any
80. class as the user manager with the LDAP based provider type jazn provider LDAP default realm sample subrealm location ldap myoid 389 gt or user manager class oracle security jazn oc4j JAZNUserManager gt lt property name provider type value LDAP gt property name realm default value sample subrealm gt property name ldap service value ldap myoid 389 gt user manager Notes If you specify both the lt user manager gt element and the jazn element then the lt jazn gt element is ignored Using the JAZNUserManager Class with the XML Based Provider Type The XML based provider type is a fast lightweight implementation of the OracleAS JAAS Provider API This provider type uses XML to store user names and encrypted passwords The following examples from an OC4J specific configuration file have OC4J employ the JAZNUserManager class as the user manager with the XML based provider type The user repository is located at j2ee home jazn config jazn data xml Because there is only one realm in the data file the specification of realm default is not needed jazn provider XML location j2ee home config jazn data xml gt or lt user manager class oracle security jazn oc4j JAZNUserManager gt property name provider type value XML gt lt property name xml store fs jazn value j2ee home config jazn data xml gt lt user manager
81. contentLength Default false If true print explicit content length calls as well as extra sendError information ejb cluster debug Default false EJB clustering debug messages cluster debug Default false Clustering debug messages jms debug Default false JMS debug messages multicast debug Default false Multicast debug messages rmi debug Default false RMI debug messages transaction debug Default false If true prints debug messages for JTA events rmi verbose Default false RMI verbose information datasource verbose Default false If true provides verbose information on creation of data source and connections using data sources and connections released to the pool and so on jdbc debug Default false If true provides very verbose information when JDBC calls are made ws debug Default false If true turns on OracleAS Web Services debugging javax net debug ss1 a11 If ssl turns on SSL debugging If all turns on SSL debugging with verbose messages For more information about debugging properties see OC4 Debugging on page 2 22 Table B 9 stdout stderr Archive Management Properties Property Description stdstream filesize The maximum size any file in the archive will be allowed to grow to in max file size megabytes Files are rotated when this maximum is reached stdstream filenumber The maximum number of files to keep as archives The oldest file will be max files automatically deleted whe
82. ctivate the EJB instances on this node or to look them up remotely from another server The default is false file path log server log gt Additional Information B 17 Elements in the orion application xml File A relative absolute path to log events to Attribute a path The path to the log file group name theGroup gt A group that this security role mapping implies That is all members of the specified group are included in this role Attribute name The name of the group lt jazn provider XML location jazn data xml gt Configure the OracleAS JAAS Provider to use the XML based provider type Attributes a provider XML location Path to file For example jazn data xml This can be an absolute path or a path relative to the jazn xml file where the OracleAS JAAS Provider first looks for the jazn data xml in the directory containing the jazn xm1 file Optional if jazn xm1 file configured otherwise Required persistence Values can be NONE Do not persist changes ALL Persist changes after every modification VM EXIT Default Persist changes when VM exits a default realm A realm name For example sample subrealm Optional if only one realm is configured jazn web app auth method SSO runas mode false doasprivileged mode true gt The filter element of JAZNUserManager Attributes a Set auth method to SSO single sign on If you do not set this parameter it
83. d solutions It contains the following topics Unable to Restart OC4J After Abnormal Termination When OracleAS JMS is Active Stateful Replication Not Consistent Across OC4J instances Using A Non Certified Version of the JDK for OC4J Only java lang OutOfMemory Errors Thrown When Running OC4J Connection Timeouts Through a Stateful Firewall Affect System Performance OPMN Managed OC4J Unable to Access EJB Resources Via the Default RMI Port Application Performance Impacted by Garbage Collection Pauses Invalid or Unneeded Library Elements Degrade Performance Unable to Restart OC4J After Abnormal Termination When OracleAS JMS is Active Problem When persistence is enabled in OracleAS JMS the JMS server creates persistent queues topics It also creates lock files lock associated with these queues topics in the persistence directory If the JVM is terminated abnormally such as with kill 9 the lock files are not deleted This creates a condition in which OC4J cannot be restarted Solution Manually delete all lock files from the persistence directory Troubleshooting OC4J A 1 Problems and Solutions Stateful Replication Not Consistent Across OC4J instances Problem The common scenario is that failover is seen from OC4J instance A to instance B but not back again from B to A Solution Standalone OC4J does not require stateful replication to be set up globally for all applications but instead allows each Web module to con
84. deployed location OC4J simply overwrites these changes when the application is deployed again The changes only stay constant when changed in the development directories For all OC4J specific XML files you can add these files within the recommended development structure as shown in Figure 2 5 Advanced Configuration and Development 2 11 Designating a Parent of Your Application Figure 2 5 Development Application Directory Structure applications lt appname gt META INF pplication xml ejb modules B classes my ejb class maps to my ejb class META INF ejb jar xml orion ej b jar xml web modules index html JSP pages JEB INF web xml orlon web xml classes Servlet classes ib prc my Servlet to my Servlet d pendent libraries client modules Client classes META INF policat ion client xml rion application client xml Designating a Parent of Your Application A child application can see the namespace of its parent application Thus setting up an application as a parent is used to share services among children The default parent is the global application To set up an application as a parent of another you can do one of the following Usethe parent option of the admin jar command when deploying the originating application This option allows you to designate what application will be the parent of the deploying application a Specify the parent in the application definition line
85. e XML files However instead of writing to multiple log files of the same size all messages for that component are written into a single file The text logging does not have any imposed limits or log rollover Instead the log files will continue to grow unless you stop OC4J remove the file and restart OC4J to start the log files over You can overrun your disk space if you do not monitor your log files This is only feasible in a standalone development environment Text messaging is the default and is configured in the XML files in Table 2 3 Text messaging is enabled in the lt file gt subelement the 10g element of the XML files except the http web site xml file For the http web site xml file the text messaging is enabled with the access 10g element To turn off text messaging eliminate or comment out the lt file gt or access log element If you do not remove this line and enable ODL logging you will have both logging facilities turned on The location and filename for text messaging does have defaults as shown in Table 2 4 but you can specify the location and filename within the path attribute of the 10g or access log elements Table 2 4 shows the default location for the log files for a standalone OC4J You can modify the location and names of these files by modifying the configuration files described in Table 2 3 Table 2 4 OC4J Standalone Log File Locations Log File Default Location application lo
86. e ZIP file correctly configured 4 Update the standard J2EE application descriptor file The application xml in the FAQ demo application is provided for you in the ZIP file OC4J uses the application xml file as the standard J2EE application descriptor file 5 Build an EAR file including the application You can modify the FAQ demo application and rebuild it using the ANT command To rebuild and deploy the FAQ demo execute the following ant deploy 1 12 Oracle Application Server Containers for J2EE Standalone User s Guide Deploying Applications The ANT build xml is included in the FAQ ZIP download To learn more about the ANT file go to the following Jakarta site http jakarta apache org ant If you do not want to rebuild you can copy the FAQApp ear from the ZIP file into j2ee home applications This step places the FAQ application in the OC4J server 6 Configure the OC4J DataSource for an Oracle database Modify the default data source OracleDS to point to your back end database with the correct URL username and password 7 Register the J2EE application in the server xml file and its Web application in the http web site xml 8 Start OC4J by executing the following command from the j2ee home directory java jar oc4j jar For a complete description of all the OC4J starting options see Starting OC4J on page 1 4 Open your Web browser and then specify the following URL http oc4j_host 8888 FAQApp
87. e input parameters into the UserManager class It assumes that the tables that these refer to already exist in the database The user manager is a hierarchical implementation with a parent child relationship The parent of the DataSourceUserManager class is the default file based XMLUserManager class which uses the principals xml user repository However you can change the parent with the set Parent method The sample DataSourceUserManager class invokes parent getGroups to retrieve all the available groups from its parent the XMLUserManager Confidentiality Through SSL OC4J supports Secure Socket Layer SSL communication between the client and a standalone OC4J using HTTPS The following sections document SSL in detail a Overview of Using SSL for OC4J Standalone Configuration of OC4J for SSL a HTTPS Common Problems and Solutions Overview of Using SSL for OC4J Standalone The following sections describe security features and discuss how to use them with OC4J standalone a Overview of SSL Keys and Certificates Using Certificates with OC4J Standalone Overview of SSL Keys and Certificates In SSL communication between two entities each entity or at least the server has an associated public key and a private key During communication each entity uses its own private key together with the public key of the other party to ensure that they can communicate with each other If one entity encrypts data using its private k
88. e root element name lt web site gt For example web site xml could be my web site xml Normally the global Web site definition is in http web site xml You must specify each Web site XML file in its own web site path statement contained within the server xml file application xml J2EE application standard J2EE application orion application xml descriptor file and configuration files Theglobalapplication xml file exists in the j2ee home config directory and contains common settings for all applications in this OC4J instance This file defines the location of the security XML definition file principals xml This is a different XML file than the local application xml files The local application xml file defines the J2EE EAR file which contains the J2EE application modules This file exists within the J2EE application EAR file a Theorion application xml file is the OC4J specific definitions for all applications global web application xml J2EE Web application configuration files web xml orion Web ST u global web application xml isan OC4J specific file for configuring servlets that are bound to all Web sites m web xml and orion web xml for each Web application The web xml files are used to define the Web application deployment parameters and are included in the WAR file In addition you can specify the URL pattern for servlets and JSPs in this file For example servlet is defined in the lt servlet
89. eb gt lt web uri gt myapp web lt web uri gt lt web gt lt module gt a Inthe web site xml file add a web app element for each Web application This is important because it binds the Web application within the Web site The application attribute value should be the same value as that provided in the server xml file The name attribute should be the directory for the Web application Note that the directory path given in the name element follows the same rules as for the path in the lt web uri gt element in the application xml file To bind the myapp Web application add the following web app application myapp name myapp web root myapp Note You achieve better performance if you are deploying with an EAR file During execution the entire EAR file is loaded into memory and indexed This is faster than reading in each class from the development directory when necessary OC4J Automatic Deployment for Applications OC4J automatically deploys an application if the timestamp on an EAR file has changed Restarting OC4J to deploy or redeploy applications is not necessary 2 10 Oracle Application Server Containers for J2EE Standalone User s Guide Changing XML Files After Deployment Automatic deployment is not enabled in all cases but deployment occurs in the following cases changes to EAR files are checked If you change the EAR file OC4J automatically detects the change OC4J detects
90. ed To restart OC4J using the default parameters change to the installation root directory and execute the following o java jar admin jar ormi oc4j host oc4j ormi port admin admin password restart This command connects to the OC4J RMI listener port and requests it to restart It may not work if the JVM is not responding to signals or accepting RMI messages In this case stop the JVM in the UNIX environment with the following operating system command kill process Inthe Windows NT environment access the Windows NT Task Manager to terminate the JVM Shutting Down OC4J Shut down OC4J by executing the following o java jar admin jar ormi oc4j host oc4j ormi port admin admin password shutdown This command provides a graceful shutdown of the container If it does not shut down the container force a rapid shutdown by passing the force argument as follows java jar admin jar ormi oc4j host oc4j ormi port admin admin password shutdown force If this method does not work then kill OC4J processes with your operating system commands or tool depending on your system Configuration and Deployment 1 5 Creating the Development Directory HTTP and RMI Communication For HTTP applications clients can send their requests directly to OC4J The default port number is 8888 You can change this port number in the appropriate web site xml file such as the http web site xml file For RMI based applications such
91. ed at startup application server gt global thread pool min 10 max 100 queue 200 keepAlive 700000 cx min 10 cx max 100 cx queue 200 cx keepAlive 700000 debug true gt application server Table 2 2 below describes the attributes of the lt global thread pool gt element Note that this element is not included in server xml by default Table 2 2 Attributes of lt global thread pool gt Attribute Description min The minimum number of threads to create in the pool By default a minimum number of threads are preallocated and placed in the thread pool when the container starts If you add the lt global thread element gt element to server xml the default value is set to 20 The minimum value that can be specified is 10 max The maximum number of threads that can be created in the pool New threads are spawned if the maximum size is not reached and if there are no idle threads Idle threads are used first before a new thread is spawned The default is 40 queue The maximum number of requests that can be kept in the queue The default is 80 Advanced Configuration and Development 2 17 Setting Performance Options Table 2 2 Cont Attributes of lt global thread pool gt Attribute Description keepAlive The length of time in milliseconds to keep a thread alive idle while waiting for a new request After the timeout is reached the thread is destroyed To never destroy thre
92. ema installed on it The FAQ Application uses the default global data source named OracleDsS that ships with the application server which must be configured so that it connects to the database in which you created the FAQ tables Note An I O exception is thrown if you do not update the global OracleDS data source appropriately If your back end database uses the thin JDBC driver is located at myhost 1521 MYSERVICE and uses the username password of faq faq then the j2ee home config data sources xml file is modified to point to the database service at the URL jdbc oracle thin 8myhost 1521 MYSERVICE as follows data source class com evermind sql DriverManagerDataSource name OracleDS location jdbc OracleCoreDSs xa location jdbc xa OracleXADS ejb location jdbc OracleDS connection driver oracle jdbc driver OracleDriver username faq password faq url jdbc oracle thin myhost 1521 MYSERVICE inactivity timeout 30 Security Configuration The FAQ demo uses Oracle Application Server Java Authentication and Authorization Service JAAS Provider for authentication and user access control capabilities An Configuration and Deployment 1 9 Configuring the FAQ Application Demo application user is added to the default jazn com realm through the jazn jar command line tool as follows gt java jar jazn jar adduser jazn com username lt passwd gt java jar jazn jar grantrole users jazn c
93. embly descriptor It is used to keep the EAR assembly clean from deployment specific values The body is the value Attribute name The name of the context parameter lt lookup context location foreign resource location gt The specification of an optional javax naming Context implementation used for retrieving the resource This is useful when hooking up with third party modules such as a third party JMS server for instance Either use the context implementation supplied by the resource vendor or if none exists write an implementation which in turn negotiates with the vendor software Attributes a location The name looked for in the foreign context when retrieving the resource lt resource env ref mapping location jdbc TheDS gt The resource env ref element is used for the declaration of a reference to an external resource such as a data source JMS queue mail session or similar The resource env ref mapping ties that element to a JNDI location during deployment Attributes a location The JNDI location to bind the resource to lt resource ref mapping location jdbc TheDS name jdbc TheDSVar gt The resource ref element is used for the declaration of a reference to an external resource such as a data source JMS queue mail session or similar The resource ref mapping ties this to a JNDI location when deploying Attributes location The JNDI location to look up the resource home from a name The
94. eployment Option Description updateConfig If you have set check for updates to false then OC4J does not automatically refresh modifications of the XML files You have to execute this flag to have OC4J upload all of the new changes to these files undeploy app name Removes the deployed J2EE application from the OC4J Web server The app name is the name provided on the deploymentName subswitch This results in the following a Application is removed from the OC4J runtime and the server xml file Bindings for all the application s Web modules are removed from all the Web sites to which the Web modules were bound a Application files are removed from both the applications and application deployments directories keepFiles Optional subswitch that prevents application files from being removed However the application is removed from the runtime and the Web modules are unbound deploymentDirectory If you specify this flag as NONE then OC4J uses the NONE orion ejb jar xml deployment descriptor in the current deployment to be used instead of the deployment descriptor from a previous deployment within the application deployments directory iiopClientJar You can convert an EJB to use RMI IIOP making it possible for EJBs to invoke one another across EJB containers See the RMI IIOP chapter in the Oracle Application Server Containers for J2EE Services Guide for full details Adding Web Sites The site opt
95. eral OC4 administration For example the following command shuts down the OC4J server java jar admin jar ormi oc4j host oc4j ormi port admin id admin password shutdown Table B 3 Options for OC4J Administration Option Description shutdown Shuts down the OC4J server The default is ordinary ordinary force Ordinary allows each thread to terminate normally Force reason terminates all threads immediately The reason is a string that is logged with the termination restart Restarts the OC4J server The container must have been started reason with oc4j jar The reason is a string that is logged with the restart Application Deployment Table B 4 lists the admin jar options for OC4J application administration For example the following command structure is used to deploy an application java jar admin jar ormi oc4j host oc4j ormi port admin id admin password deploy file path filename deploymentName app name targetPath deploy dir The following command structure is used to bind a Web application java jar admin jar ormi oc4j host oc4j ormi port admin id admin password bindWebApp app name web app name web site name context root Additional Information B 27 Standalone OC4J Command Line Options and Properties Table B 4 Options for Application Deployment Option Description deploy bindWebApp app name web app name web site name context root Deploy redeploy an application
96. escriptor contains the following The entity bean uses container managed persistence The primary key is stored in a table This descriptor defines the type and fields of the primary key B 38 Oracle Application Server Containers for J2EE Standalone User s Guide Configuration and Deployment Examples The table name is TemplateBean and columns are named according to fields in the ejb jar xml descriptor and type mappings in j2ee home config database schemas oracle xml a The bean uses JDBC to access databases as specified in data source xml by ejb locationorby default data sourceinorion application xml lt ejb jar gt lt display name gt myapp lt display name gt lt description gt An EJB app containing only one Container Managed Persistence Entity Bean lt description gt lt enterprise beans gt lt entity gt lt description gt template bean populates a generic template table lt description gt lt display name gt TemplateBean lt display name gt lt ejb name gt TemplateBean lt ejb name gt lt home gt Templat eHome lt home gt lt remote gt Template lt remote gt lt ejb class gt TemplateBean lt ejb class gt lt persistence type gt Container lt persistence type gt lt prim key class gt java lang Integer lt prim key class gt lt reentrant gt False lt reentrant gt lt cmp field gt lt field name gt empNo lt field name gt lt cmp field gt lt cmp field gt lt field name gt empName lt field name gt lt
97. example of a J2EE application with a EJB Web and client sections To deploy this application from the client using the admin jar command line tool perform the following from the myapp directory Notice that it defines the EAR file in the file option and the target path for copying the EAR file into in the target Path option Because the path where the EAR resides and the target path is the same no copying occurs o java jar J2EE_HOME admin jar ormi oc4j_host admin welcome deploy file myapp ear deploymentName myapp Auto deploying myapp New server version detected Auto deploying myapp ejb jar ejb jar xml had been touched since the previous deployment done Auto deploying myapp web application New server version detected Note The EJBJAR file is immediately unpacked the WAR file is unpacked when you navigate to myapp on the Web server EJB Module When you deployed the EJB module the following messages were received Auto deploying myapp New server version detected Auto creating table create table TemplateBean col 1 NUMBER not null primary key col 2 VARCHAR2 255 null col 3 FLOAT null Auto deploying myapp ejb jar Class myapp myapp ejb Template had been updated done OC4J created the TemplateBean table for you however you must first install a data source You can use the admin jar command line tool to install the data source as follows o java jar admin ja
98. ey then the Configuring Security 3 13 Confidentiality Through SSL other party can decrypt the data by only by using the public key of the originating entity If one entity encrypts data using the public key of the other party then that party can decrypt the data only by using its own private key Each key is a number with the private key of an entity being kept secret by that entity and the public key of an entity being publicized to any other parties with which secure communication might be necessary A certificate is a digitally signed statement from a recognized issuer that verifies the public key of an entity Such an issuer is referred to as a certificate authority CA An issued certificate is typically associated with a root certificate This association or chaining of certificates establishes a chain of trust An issuer might have its own root certificate and will chain any certificates it issues to its own root certificate Functionally a certificate acts as a container for keys holding private keys as applicable public keys and associated signatures A single certificate file can contain an entire chain of certificates A keystore is used for storage of certificates including the certificates of all trusted parties Through its keystore an entity such as OC4J can authenticate itself to other parties A keystore isa java security KeyStore instance that you can create and manipulate using the keytool utilit
99. figuration files such as web xm1 and application xml OC4J Installation OC4J is a lightweight container that is J2EE compliant It is configured with powerful and practical defaults and is ready to execute after installation After downloading the oc4j_extended zip file from OTN unzip this file to install OC4J The following sections describe how to do this Requirements a Basic Installation Testing the Default Configuration Requirements You do not need to add anything to your CLASSPATH to run OC4J because it loads the Java JAR and class files directly from the installation directory from the 1ib subdirectory and from the deployed applications EAR WAR or ejb jar files Basic Installation OC4J is distributed within a ZIP file named oc4j extended zip on OTN After unzipping this file follow instructions listed in the README TXT Install this ZIP file in any directory that is in the path 1 2 Oracle Application Server Containers for J2EE Standalone User s Guide Starting and Stopping OC4J You must have a Java2 version Java executable in your PATH preferably version 1 3 1 or 1 4 1 To install OC4J execute the following cd your directory unzip oc4j extended zip cd j2ee home java jar oc4j jar install oe oe oo Enter an administrator password After the install is complete the j 2ee home directory contains all the files necessary for running OC4J with a default configuration The installat
100. figure replication through the cluster config elementinits orion web xml descriptor file Ensure that this element is populated correctly in each Web module s descriptor Note that OPMN managed OC4J only supports clustering at the global level and not at the application module level Using A Non Certified Version of the JDK for OC4J Only Problem In this scenario you wish to use a later version of the JDK with OC4J than the version certified for use with all Application Server Components However using a later version of the JDK globally for all Oracle Application Server components increases the risk of breaking certification Solution To use the later JDK version with OC4J only specify its location in the lt java bin gt element in the opmn xm1 configuration file For example lt module data gt lt category id start parameters gt lt data id java bin value myjavalocation jdk bin java gt lt category gt lt module data gt java lang OutOfMemory Errors Thrown When Running OC4J Problem This error indicates that the heap size of the Java instance is lower than the memory required by applications running within OC4J Solution Increase the heap size by setting Xmx to the desired amount of memory in the lt java option gt element in opmn xm1 module data category id start parameters gt data id java options value Xmx256M gt category module data Alternatively you can set a sy
101. for each J2EE application that has been deployed in OC4J http web site xml references applications by name as defined in the server xml file And this file references an application specific EAR file a application xml contains a reference to the principals xml file The server xml file is the keystone that contains references to most of the files used within the OC4J server Figure 2 2 shows the XML files that can be referenced in the server xml file Figure 2 2 XML Files Referenced Within server xml j2ee home config server xml L rmi xml e jms xml I application xml I data sources xml Lp jazn data xml m global web application xml L default web site xml O 1060 Figure 2 3 demonstrates how the server xml points to other XML configuration files For each XML file the location can be the full path or a path relative to the location of where the server xml file exists In addition the name of the XML file can be any name as long as the contents of the file conform to the appropriate DTD a The lt rmi config gt element denotes the name and location of the rmi xm1 file a The lt jms config gt element denotes the name and location of the jms xm1 file Advanced Configuration and Development 2 5 Sharing Libraries a The lt global application gt element denotes the name and location of the global application xml file a The lt globa
102. fully qualified name of the Enterprise JavaBean s remote interface lt res auth gt Application Container lt res auth gt The res auth element specifies whether the Enterprise JavaBean code signs on programmatically to the resource manager or whether the Container will sign on to the resource manager on behalf of the bean In the latter case the Container uses information that is supplied by the Deployer The value of this element must be one of the two following Application or Container lt resource env ref gt The resource env ref element contains a declaration of an application s reference to an administered object associated with a resource in the application s environment It consists of an optional descrioption the resource environment reference name and an indication of the resource environment reference type expected by the application code lt resource env ref name gt The resource env ref name element specifies the name of a resource environment entry name used in the application code resource env ref type Additional Information B 23 Elements in the orion application client xml File The resource env ref type element specifies the type of a resource environment reference resource ref The resource ref element contains a declaration of Enterprise JavaBean s reference to an external resource It consists of an optional description the resource factory reference name the indication of the
103. g Overview of OC4J and J2EE XML Files This section contains the following topics a XML Configuration File Overview a XML File Interrelationships XML Configuration File Overview Because OC4J is configured solely through XML files you must understand the role and method for a set of XML files Each XML file exists to satisfy a certain role thus if you have need of that role you will understand which XML file to modify and maintain Figure 2 1 illustrates all the OC4J XML files and their respective roles Advanced Configuration and Development 2 1 Overview of OC4J and J2EE XML Files a OC4J server All XML files within this box are used to set up this instance of the OC4J server These files configure things such as listening ports administration passwords security and other basic J2EE services OC4 J server configuration files exist under the j2ee home config directory These files configure the OC4J server and point to other key configuration files The settings in the OC4J configuration files are not related to the deployed J2EE applications directly but to the server itself Web site These XML files configure listening ports protocols and Web contexts for the OC4J Web site Application XML files Each J2EE application type EJB servlet JSP connector requires its own configuration deployment files Each application type has one J2EE deployment descriptor and one OC4J specific deployment descriptor
104. g install dir j2ee home application deployments application name global application log install dir j2ee home log jms log rmi log server log web access log install dir j2ee home log install dir j2ee home log install dir j2ee home log The location is configurable from web site xml with the lt access log gt element as follows access log path log http web access log gt The location of all of the above log files can be specified except the web access log file using the lt log gt element in the respective configuration files You can specify either absolute paths or paths relative to the j2ee home contig directory For example specify the server log file in the server xm1 configuration file as follows log 2 20 Oracle Application Server Containers for J2EE Standalone User s Guide Enabling OC4J Logging file path log my server log lt log gt You can also specify an absolute path for the location of the log file as follows lt log gt lt file path d log files my server log gt lt log gt Oracle Diagnostic Logging ODL Log Files The ODL log entries are each written out in XML format in its respective log file Each XML message can be read through your own XML reader The advantages for ODL logging is that the log files and the directory have a maximum limit When the limit is reached the log files are overwritten When you enable ODL logging each new message goes
105. g property 2 23 B 36 X XML based provider type 3 1 3 9 XMLUserManager class 3 13 Index 5 Index 6
106. gt ssssssseessseeeeee B 7 Elements in the application xml File eese eee nennen B 14 application Element Description sse eene nnne nnne B 14 Elements Contained Within application sse eee nnns B 15 Elements in the orion application xml File esee eee enn B 16 lt orion application gt Element Description esses ee eee nnne B 16 Elements Contained Within orion application sssssssssseeeenne B 16 Elements in the application client xml File esses eee ne B 21 lt application client gt Element Description sssssssseeseee eee eee nennen B 22 lt application client gt s ustedes end ete aee nete de B 22 Elements Contained Within application client sss B 22 Elements in the orion application client xml File sees eee B 24 lt orion application client gt Element Description sess B 24 Elements Contained Within orion application client sssssssssss B 24 Standalone OC4J Command Line Options and Properties 25 e B 26 Options for the OC4J Server JAR sees eee eene nen nennen enne nnnen B 26 Options for the OC4J Administration Management JAR s sss B 26 General OC4J Administration tiani ainiaan nennen tnn B 27 Application Deployment one ette t
107. gt Notes If you specify both the lt user manager gt element and the lt jazn gt element then the lt jazn gt element is ignored Using the XMLUserManager Class The XMLUserManager is a file based security model where all of your users roles groups and passwords are stored in principals xml This is not secure as your passwords could be in the clear However if you want to use the XMLUserManager class instead of the JAZNUserManager class you must modify the global application xml file if modifying for all applications or the orion application xml file if using the XMLUserManager class only for a specific application Add the following line principals path principals xml gt where the path points to the location of the principals xml file Also you must remove or comment out the jazn element in this file If you do not remove or 3 10 Oracle Application Server Containers for J2EE Standalone User s Guide Plugging In a User Manager comment out the jazn element then whichever element is specified first is the User Manager for the applications For example if you have the following principals path principals xml gt jazn provider XML location j2ee home config jazn data xml gt In this case the principals element appears first so the XMLUserManager is the security manager Creating Your Own User Manager If none of the user managers supplied by OC4J are
108. gure a custom user manager you specific the classname in the c1ass attribute of the lt user manager gt element in either the global application xml file or the orion application xml file Then you can specify input parameters and values through the name value attributes of one or more property elements 3 12 Oracle Application Server Containers for J2EE Standalone User s Guide Confidentiality Through SSL For our DataSourceUserManager example it requires that the table name and columns are defined in the lt property gt element name value pairs This example sets up the following input parameters Data source that specifies the database where the tables reside Table for user names and passwords Table for user and group association A typical registration of the user manager for an application can be specified in orion application xml as follows user manager class com evermind sql DataSourceUserManager gt lt property name dataSource value jdbc OracleCoreDS gt lt property name table value j2ee users gt lt property name usernameField value username gt lt property name passwordField value password gt lt property name groupMembershipTableName value second_table gt lt property name groupMembershipGroupFieldName value group gt property name groupMembershipUserNameFieldName value userId gt lt user manager gt The lt user manager gt property elements define th
109. habetically and not by DTD ordering can be configured application An application is a entity with its own set of users Web applications and EJB JAR files Attributes auto start true false Specifies whether the application should be automatically started when the OC4J server starts The default is true Setting auto start to false is useful if you have multiple applications installed and want them to start on demand This can improve general server startup time and resource usage deployment directory application deployments myapp Specifies a directory to store application deployment information If none is Additional Information B 7 Elements in the server xml File specified the default OC4 looks in the global deployment directory and if none exists there it stores the information inside the EAR file The path can be relative or absolute If relative the path should be relative to the location of the server xml file name anApplication Specifies the name used to reference the application parent anotherApplication The name of the optional parent application The default is the global application Children see the namespace of its parent application This is used to share services such as EJBs among multiple applications path applications myApplication ear The path to the EAR file containing the application code In this example the EAR file is named myApplica
110. i xml file rmi server port 23791 gt Advanced Configuration and Development 2 7 Building and Deploying Within a Directory Configuring J2EE Applications To configure and deploy your J2EE applications modify the server xml and http web site xml files with your application information In server xml add a new or modify the existing application name path auto start true gt entry for each application that you want automatically started when OC4J starts The path points to either the location of the EAR file to be deployed or the exploded directory where the application has been built See Deployment In a Production Environment Using ADMIN JAR on page 1 14 or Building and Deploying Within a Directory on page 2 8 for more information In http web site xml add a web app entry for each Web application you want bound to the Web site upon OC4J startup Because the name attribute is the WAR filename without the war extension you must have one line for each WAR file included in your J2EE application For Web application binding using a WAR file add the following web app application myapp name myapp web root myapp gt The application attribute is the name provided in the server xml as the application name a The name attribute is the name of the WAR file without the WAR extension The root attribute defines the root context for the application off of the Web site For example
111. ials in the jndi properties file deployed with the code of the client java naming security principal username java naming security credentials password JNDI Properties Within Implementation Set the properties with the same values but with different syntax For example JavaBeans running within the container pass their credentials within the InitialContext which is created to look up the remote EJBs To pass JNDI properties within the Hashtable environment set these as shown below Hashtable env new Hashtable env put java naming provider url ormi myhost ejbsamples env put java naming factory initial com evermind server ApplicationClientInitialContextFactory env put Context SECURITY PRINCIPAL guest env put Context SECURITY CREDENTIALS welcome Context ic new InitialContext env Object homeObject ic lookup java comp env employeeBean Narrow the reference to a TemplateHome EmployeeHome empHome EmployeeHome PortableRemoteObject narrow homeObject EmployeeHome class Using the Initial Context Factory Classes For most clients set the initial context factory class to ApplicationClientInitialContextFactory If you are not using a logical name defined in the lt ejb ref gt in your XML configuration file then you must provide the actual JNDI name of the target bean In this case you can use a different initial context factory class the com evermind server RMIInitialContextF
112. ibute was set to TRUE OC4J Shutdown Classes Shutdown classes are executed before OC4J terminates Your shutdown class implements the com evermind server OC4JShutdown interface that contains two methods preUndep1oy and postUndeploy in which you can implement code for shutting down services or perform other termination routines The preUndeploy method executes before any OC4J application terminates a The postUndeploy method executes after all OC4J applications terminates Each method requires two arguments a Hashtable that is populated from the configuration and a JNDI Context to which you can bind to process values contained within the Context The implementation and configuration is identical to the shutdown classes as described in OC4J Startup Classes on page 2 13 with the exception that the configuration is defined within the shutdown classes and lt shutdown class gt elements and there is no failure is fatal attribute Thus the configuration for a TestShutdown class would be as follows lt shutdown classes gt shutdown class classname TestShutdown gt lt execution order gt 0 lt execution order gt lt init param gt param name oracle test shutdown param name lt param value gt true lt param value gt lt init param gt lt init param gt lt param name gt shutdown oracle year lt param name gt lt param value gt 2002 lt param value gt lt init param gt lt shutdown class gt lt shutdown c
113. ications Once a change is detected then OC4J reloads these applications automatically In this case you do not need to restart the server when redeploying an application The check for updates attribute in the application server element in the server xml file defaults to true which enables automatic deployment If true task manager checks for XML configuration file modifications Thus if you set this to false you can disable automatic refreshing of the configuration to any new XML modifications Also setting this attribute to false stops the automatic deployment of any applications until you execute admin jar updateConfig If set to false you cause the XML configuration to refresh from the XML files and any necessary automatic deployment to occur by using the admin jar updateConfig option If you enable automatic deployment then you do not have to restart the OC4J process each time you make a modification to the application However enabling automatic deployment also effects your performance Thus it is recommended that you enable automatic deployment only in a development environment not in a production environment Even if you have automatic deployment enabled it does not detect modifications in the global server XML configuration files Thus if you modify any of the container level configuration files such as data sources xml rmi xml or principals xml you must restart the OC4J process for these modifications to be recogniz
114. if you defined your Web site as http oc4j_ host 8888 then to initiate the application point your browser at http oc4j host 8888 myapp Note Wait for automatic startup to complete before trying to access the client The client fails on lookup if it tries to access before the completion of these processes Building and Deploying Within a Directory When developing applications you want to quickly modify compile and execute your classes OC4J can automatically deploy your applications as you are developing them within an expanded directory format OC4J automatically deploys applications if the timestamp of the top directory noted by appname in Development Application Directory Structure changes This is the directory that server xml knows as the master location The application must be placed in the master directory in the same hierarchical format as necessary for JAR WAR and EAR files For example if appname is the directory where your J2EE application resides Figure 2 4 displays the necessary directory structure 2 8 Oracle Application Server Containers for J2EE Standalone User s Guide Building and Deploying Within a Directory Figure 2 4 Development Application Directory Structure applications lt appname gt META INF pplication xml ejb modules B classes my ejb class maps to my ejb class META INF ejb jar xml orion ej b jar xml web modules index html JSP pages B IN
115. iling whitespace in the keytool Action Delete all trailing whitespace If the error still occurs add a new line in your certificate reply file Keytool Error KeyPairGenerator not available Cause You are probably using a keytool from an older JDK Action Use the keytool from the latest JDK on your system To ensure that you are using the latest JDK specify the full path for this JDK Keytool Error Failed to establish chain from reply Cause The keytool cannot locate the root CA certificates in your keystore thus the keytool cannot build the certificate chain from your server key to the trusted root certificate authority Action Execute the following keytool keystore keystore import alias cacert file cacert cer keytool keystore keystore import alias intercert file inter cer If you use an intermediate CA keytool then execute the following keystore keystore genkey keyalg RSA alias serverkey keytool keystore keystore certreq file my host com csr Get the certificate from the Certificate Signing Request then execute the following keytool keystore keystore import file my host com cer alias serverkey No available certificate corresponds to the SSL cipher suites which are enabled Cause Something is wrong with your certificate Action INSERT ACTION HERE IllegalArgumentException Mixing secure and non secure sites on the same ip port Cause You cannot configure SSL and non SSL web sites to listen on
116. integer then when the MDB is not processing incoming messages and in a wait state the OC4J container goes out to the database requiring a database round trip and polls to see if the session is shut down The integer denotes the number of seconds that the system waits to poll the database This can be expensive for performance If you set this property to 60 seconds then every 60 seconds OC4J checks the database If you do not set this property and you try to shutdown OC4J using CTRL C then the OC4J process will hang for at least 2 5 hours B 34 Oracle Application Server Containers for J2EE Standalone User s Guide OC4J System Properties Table B 7 Cont D General System Properties for OC4J D Option Description oracle dms sensors none normal heavy all associateUsingThirdTable true false DefineColumnType true false You can set the value for Oracle Application Server built in performance metrics to the following none off normal medium amount of metrics heavy high number of metrics or all every possible metric The default is normal This parameter should be set on the OC4J server The previous method for turning on these performance metrics oracle dms gate true false is replaced by the oracle dms sensors variable However if you still use oracle dms gate then setting this variable to false is equivalent to setting oracle dms sensors none For container managed relationships in entity
117. internal FAOs External FAOs that are published on external forums Within the demo Areas Topics and FAQs are entered or updated in the database through Input Update screens or through a OracleAS Web Services interface Each Area Topic and FAQ is uniquely identified by a primary key which is automatically generated by the system This application is a J2EE 1 3 compliant application developed utilizing the following technologies HTML including MS HTML for creating a Rich Text Editor JavaScript Cascade Style Sheets Java Server Pages 12 a Servlet 2 3 a JSP Standard Tag Library JSTL 1 0 a Oracle JSP 1 2 Utility Tag Libraries Enterprise JavaBeans 2 0 using Local Interfaces Abstract Classes CMR and EJB QL Entity Bean CMP a Session Facade Bean stateless Oracle Application Server Java Authentication and Authorization Service JAAS Provider a Oracle Application Server Web Services The following sections detail how to configure and deploy the FAQ demo application In addition the last section demonstrates how these steps relate to any application that you may wish to configure and deploy to OC4J Environment Setup for FAQ Demo a OC4J System Configuration for FAQ Demo Deploy the FAQ Demo Deployment Details Explained Environment Setup for FAQ Demo Before you configure OC4J and deploy the FAQ demo you need to modify the back end database to contain tables that are necessa
118. ion enables you to add Web site configuration to the XML files Table B 5 lists all the subswitches for the site option of the admin jar command line tool For example the following command structure installs a new Web site java jar admin jar ormi oc4j_host oc4j ormi port admin id admin password site add host hostname port portnumber display name name virtual hosts virtual host Additional Information B 29 Standalone OC4J Command Line Options and Properties Table B 5 Options for Web Site Administration site options Description site add Installs a new Web site Supply information with the following subswitches host hostname The host where the web site exists port portnum The Web site port display name name The name of the Web site virtual hosts virtual hosts The virtual hosts of the Web site secure true false The value is t rue if the Web site is secure otherwise the value is false factory factory name The name of the SSLServerSocket Factory class if you are not using the Java Secure Socket Extension JSSE The JSSE defines a provider interface that other security providers can implement Sun Microsystems provides its own implementation in com sun net ssl internal ssl Provider keystore keystore The relative or absolute path to a keystore storepass password The keystore password provider provider The provider used if using JSSE defaults to com sun net ssl internal ssl Pro
119. ion prompts you for an administration username and password which is used for the administration console command line tool Note Instead of executing oc4j jar from the j2ee home directory you can set a 72EE HOME variable for UNIX or the J2EE HOMES variable for Windows NT to j2ee home so that in the command line and execute oc4j jar from any directory For example in the UNIX environment use the following java jar J2EE HOME oc4j jar Testing the Default Configuration OC4J is installed with a default configuration that includes a default Web site and a default application These are provided so you can start and test OC4J immediately Start OC4J by executing the following 1 Change directory to the OC4J installation directory j 2ee home and issue one of the following commands a java jar oc4j jar This starts OC4J using the default configuration files which are located in j2ee home config a java jar oc4j jar config mypath server xml This starts OC4J using the server xml file located in mypath The server should output an initialization string with the version number 2 Test OC4J by accessing http hostname 8888 from a Web browser If you changed the default port number access the Web server using http hostname portnumber For example test the Web server by connecting a Web browser to http hostname 8888 servlet HelloWorldServlet which should return a Hello World page
120. ission gt element lt method permission gt lt description gt VISITOR role needed for CustomerBean methods lt description gt lt role name gt VISITOR lt role name gt lt method gt lt ejb name gt customerbean lt ejb name gt lt method name gt lt method name gt lt method gt lt method permission gt Mapping Logical Roles to Users and Groups Map logical roles defined in the application deployment descriptors to actual users and groups defined in a user repository The mapping is specified in the OC4J specific deployment descriptor with a lt security role mapping gt element Figure 3 1 illustrates this mapping Figure 3 1 Mapping Logical Roles to Users and Groups Defined in jazn data xml application xml security role security role ejb jar xml web xml orion application xml orion ejb jar xml security role mapping security role mapping orion web xml jazn data xml group group be and principals xml user IESUS CUTS user O 1011 Note The security role mapping layer either defined in the principals xml or jazn data xml file is bypassed if the following conditions are true The name of the security role and group or roles as in the case of jazn data xm1 are the same a No security role mapping is specified Example 3 3 Mapping Logical Role to Actual Role This example maps the logical role VISITOR to the
121. l to generate a certificate request which is a request to have the certificate signed by a certificate authority b Submit the certificate request to a certificate authority 3 14 Oracle Application Server Containers for J2EE Standalone User s Guide Confidentiality Through SSL c Receive the signature from the certificate authority and import it into the keystore again using keytool In the keystore the signature will be matched with the associated certificate The process for requesting and receiving signatures is up to the particular certificate authority you use You can go to the Web site of any certificate authority for information Any browser should have a list of trusted certificate authorities Here are the Web addresses for VeriSign and Thawte acquired by VeriSign for example http www verisign com http www thawte com In addition Oracle provides a certificate authority where each certificate is recognized only by Oracle applications The Oracle Certificate Authority OCA allows customers to create and issue certificates for themselves and their users although these certificates would likely be unrecognized outside a customer s organization without prior arrangements See the Oracle Application Server Security Guide for information about OCA Configuration of OC4J for SSL For secure communication between a client and OC4J configuration is required on OC4J standalone You are required to provide a certifi
122. l web app config gt element denotes the name and location of the global web application xml file a The lt web site gt element denotes the name and location of one web site xml file Since you can have multiple Web sites you can have multiple lt web site gt entries In addition to pointing to the OC4J server configuration files the server xml file describes the applications that have been deployed to this OC4 server You can deploy applications through the admin jar command using the deploy option or by modifying the server xml file directly Each deployed application is denoted by the application element See Manually Adding Applications in a Development Environment on page 2 7 for more information on directly editing the server xml file Figure 2 3 Server xml File and Related XML Files server xml rmi rmi xml jms jms xml lt global application path application xml gt application xml global web app config path global web application xml gt global web application xml lt web site path default web site xml gt default web site xml application name bank_application gt bank application application name inventory_application gt 3 inventory application O 1010 Other elements for server xml are described in Eleme
123. lasses gt Assuming that the Test Shut down class is archived in app1 shutdown jar add another lt init library gt element in the server xml file as follows lt init library path app1 shutdown jar gt Setting Performance Options Most performance settings are discussed in the Oracle Application Server Performance Guide You can manage these performance settings yourself from either the OC4J command line option or by editing the appropriate XML file element a Performance Command Line Options Thread Pool Settings Statement Caching lask Manager Granularity Advanced Configuration and Development 2 15 Setting Performance Options Performance Command Line Options Each D command line option except for the dedicated rmicontext option defaults to the recommended setting However you can modify these options by providing each D command line option as an OC4J option See the Standalone OC4J Command Line Options and Properties on page B 26 for an example a dedicated rmicontext true false The default value is false This replaces the deprecated dedicated connection setting When two or more clients in the same process retrieve an InitialContext OC4J returns a cached context Thus each client receives the same InitialContext which is assigned to the process Server lookup which results in server load balancing happens only if the client retrieves its own InitialContext If you set dedicated rmicontex
124. lement in server xml but do not specify metric based load balancing in mod 0c4j then OC4J sends metrics but mod oc4j is not configured to receive metrics In this case mod_oc4j ignores the metrics and uses whatever the configured method is for load balancing You specify the load balancing method with 0c4jSelectMethod If no 0c4jSelectMethod is specified then mod_oc4j uses the default which is roundrobin The lt metric collector gt element takes the following attribute classname The classname attribute defines an interface for gathering and calculating a server wide metric Use oracle oc4j server DMSMetricCollector for the B 12 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the server xml File classname attribute when using a DMS noun based metric collector A DMSMetricCollector instance takes several parameters Details for the values for these parameters are available in the Oracle Application Server 10g Performance Guide For example metric collector classname oracle oc4j server DMSMetricCollector gt init param param name dms noun param name param value oc4j default WEBs processRequest time param value init param init param param name history proportion param name param value 0 2 param value init param init param param name debug param name param value false param value init param me
125. let class How servlets are mapped to a subcontext using the servlet mapping element template off of the application root context The Web server looks for the following All servlet classes under WEB INF classes package class All HTML and JSP from the root of the WAR file that is pointed to by web app name lt warfile war gt gt in the web site xml file which is packaged in the deployed corresponding application EAR file OC4J compiles each JSP from j ava into c1ass the first time it is used and caches it for subsequent use lt web app gt lt display name gt myapp web application lt display name gt lt description gt Web module that contains an HTML welcome page and 4 JSP s lt description gt lt welcome file list gt lt welcome file gt index html lt welcome file gt lt welcome file list gt lt ejb ref gt lt ejb ref name gt TemplateBean lt ejb ref name gt lt ejb ref type gt Entity lt ejb ref type gt lt home gt TemplateHome lt home gt lt remote gt Template lt remote gt lt ejb ref gt lt servlet gt lt servlet name gt template lt servlet name gt lt servlet class gt TemplateServlet lt servlet class gt lt init param gt lt param name gt length lt param name gt param value 1 param value init param servlet web app ejb jar xml Example The ejb jar xml file contains the definitions for a container managed persistent EJB The myapp EJB deployment d
126. lication xml file which acts as the standard J2EE application descriptor file defines these modules The directories containing the separate modules ejb modules web module gt and client module can have arbitrary names However these names must match the values in the standard J2EE application descriptor file the local application xml file The top of the module represents the start of a search path for classes As a result classes belonging to packages are expected to be located in a nested directory structure beneath this point For example a reference to an EJB package class myapp ejb Demo is expected to be located in appname ejb_ module myapp ejb Demo class Configuring the FAQ Application Demo This section describes how to configure the FAQ J2EE demo application which provides support for managing Frequently Asked Questions FAQs and storing retrieving these FAQs from an Oracle database FAQs are broadly categorized into Specialization Areas Each Specialization Area is further sub categorized into Topics Configuration and Deployment 1 7 Configuring the FAQ Application Demo Each FAQ can be associated with multiple Specialization Areas where each area has one or more Topics associated with them You can generate a list of FAQs in HTML format for a given Specialization Area for internal or external publication Internal FAQs that are published for internal users only These include all external and
127. lication All common events errors and All applications application xml log exceptions related to including the default applications application jms log All JMS events and errors JMS sub system jms xml rmi log All RMI events and errors RMI sub system rmi xml server log All events not associated with a server wide server xml particular sub system or an application This logs history of server startup shutdown internal server errors web access log Logs all accesses to the Web site Each Web site http web site xml Advanced Configuration and Development 2 19 Enabling OC4J Logging There are two types of log files a Text Log Files The messages logged in these files are text based and not in XML format You can read these messages with any editor This is the default Normally those who use OC4J standalone would benefit from viewing their log messages in a text format Oracle Diagnostic Logging ODL Log Files The messages logged in these files use an XML format that can be read by a GUI tool such as the Oracle Enterprise Manager 10g GUI We recommend that you use this format for your logging when you are using OC4J within Oracle Application Server Text Log Files Full text logging is still available in OC4J Primarily you should use text logging within OC4J standalone It is easier to read within any editor as it is not in XML format The text logging facility separates messages out in alignment with th
128. loyment descriptors The J2EE deployment descriptor is where you specify the access rules for using logical roles The OC4J specific deployment descriptor is where you map logical roles to actual users and groups which are defined in a user repository The following sections describe how to define users groups and roles a Specifying Logical Roles in a J2EE Application Mapping Logical Roles to Users and Groups Specifying Logical Roles in a J2EE Application Specify the logical roles that your application uses in the XML deployment descriptors Depending on the application component type update one of the following with the logical roles web xml for the Web component a ejb jar xml for the EJB component application xml for the application In each of these deployment descriptors the roles are defined by an XML element named lt security role gt Example 3 2 EJB JAR Security Role Definition The following steps describe the XML necessary to create a logical role named VISITOR in the ejb jar xml deployment descriptor 1 Define the logical security role VISITOR in the lt security role gt element 3 6 Oracle Application Server Containers for J2EE Standalone User s Guide Authorization lt security role gt lt description gt A role for every user lt description gt lt role name gt VISITOR lt role name gt lt security role gt 2 Define the bean and methods that this role can access in the lt method perm
129. ly rolling over and do not encroach on your disk space Attributes path Path and folder name of the log folder for this area You can use an absolute path or a path relative to where the configuration XML file exists which is normally in the j2ee home config directory This denotes where the log files will reside for the feature that the XML configuration file is concerned with For Additional Information B 11 Elements in the server xml File example modifying this element in the server xm1 file denotes where the server log files are written a max file size The maximum size in KB of each individual log file a max directory size The maximum size of the directory in KB The default directory size is 10 MB New files are created within the directory until the maximum directory size is reached Each log file is equal to or less than the maximum specified in the attributes lt max http connections gt Used to define the maximum number of concurrent connections any given Web site can accept at a single point in time If text exists inside the tag it is used as a redirect URL when the limit is reached Attributes a max connections queue timeout 10 When the maximum number of connections are reached this is the number of seconds that can pass before the connections are dropped and a message is returned to the client stating that the server is either busy or connections will be redirected The default is 10 seconds
130. me of an enterprise bean in the same J2EE Application package lt ejb ref gt The ejb ref element is used for the declaration of a reference to an enterprise bean s home The declaration consists of an optional description the EJB reference name used in the code of the referencing application client the expected type of the referenced enterprise bean the expected home and remote interfaces of the referenced enterprise bean and an optional ejb link information The optional ejb link element is used to specify the referenced enterprise bean lt ejb ref name gt ejb Payroll lt ejb ref name gt The ej b ref name element contains the name of an EJB reference The EJB reference is an entry in the enterprise bean s environment It is recommended that name is prefixed with ejb lt ejb ref type gt Entity Session lt ejb ref type gt The ejb ref type element contains the expected type of the referenced enterprise bean The ejb ref type element must be one of the following Entity Session lt env entry gt The env entry element contains the declaration of an Enterprise JavaBean s environment entries The declaration consists of an optional description the name of the environment entry and an optional value B 22 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the application client xml File lt env entry name gt minAmount lt env entry name gt The env entry name element contains the name of
131. memory as one would see with a more traditional Java object memory leak OC4J loads all resources using the links in the application xml file If these links are invalid then the C heap continues to grow causing OC4J to run out of memory Solution Ensure that all symbolic links are valid and restart OC4J In addition keep the number of JAR files OC4J is configured to load to a minimum Eliminate all unused JAR files from the configuration and from the directories OC4J is configured to search OC4J searches all JAR files for classes and resources thereby causing the file cache to use extra memory and processor time You can control the loading more precisely if your library elements in the application xml file point to the individual JAR and ZIP files that are needed instead of to the directories where they reside A 4 Oracle Application Server Containers for J2EE User s Guide Need More Help Need More Help You can search for additional solutions on the following Oracle support oriented Web sites Oracle Application Server Release Notes available on the Oracle Technology Network at http www oracle com technology tech java oc4j index html Oracle MetaLink available at http metalink oracle com If you still cannot find a solution for the problem you are facing please log a service request Troubleshooting OC4J A 5 Need More Help A 6 Oracle Application Server Containers for J2EE User s Guide
132. ments xii For more information on OC4J see the following documentation available from other OC4J manuals a Oracle Application Server Containers for 2EE Services Guide a Oracle Application Server Containers for J2EE Support for JavaServer Pages Developer s Guide a Oracle Application Server Containers for J2EE JSP Tag Libraries and Utilities Reference a Oracle Application Server Containers for J2EE Servlet Developer s Guide a Oracle Application Server Containers for J2EE Security Guide a Oracle Application Server Containers for J2EE Enterprise JavaBeans Developer s Guide The following documentation may also be helpful in understanding OC4J a Oracle Application Server Performance Guide a Oracle Application Server High Availability Guide a Oracle9i JDBC Developer s Guide and Reference Oracle HTTP Server Administrator s Guide a X Oracle Application Server DMS API Reference Conventions The following conventions are used in this manual Convention Meaning Vertical ellipsis points in an example mean that information not directly related to the example has been omitted Horizontal ellipsis points in statements or commands mean that parts of the statement or command not directly related to the example have been omitted boldface text Boldface type in text indicates a term defined in the text the glossary or in both locations lt gt Angle brackets enclose user supplied names Brackets enclose optional clauses
133. ml File application client Element Description The top level element of the application client xml file is the application client element lt application client gt The application client element is the root element of an application client deployment descriptor The application client deployment descriptor describes the EJB components and external resources referenced by the application client Elements Contained Within lt application client gt Within the lt application client gt element the following elements which are listed alphabetically and not by DTD ordering can be configured lt callback handler gt The callback handler element names a class provided by the application The class must have a no args constructor and must implement the javax security auth callback CallbackHandler interface The class will be instantiated by the application client container and used by the container to collect authentication information from the user description The description lt description gt A short description lt display name gt The name lt display name gt The display name element contains a short name that is intended to be displayed by tools lt ejb link gt EmployeeRecord lt ejb link gt The ejb 1ink element is used in the ejb ref element to specify that an EJB reference is linked to an enterprise bean in the encompassing J2EE Application package The value of the ej b 1ink element must be the ej b na
134. ml File on page B 24 for a list of the elements Additional Information B 5 Elements in the server xml File Elements in the server xml File The server xml file is where you perform the following tasks Configure OC4J Reference other configuration files Specify your J2EE application s Configure OC4J Configuring the OC4J server includes defining the following elements in the server xml file Library path Global application the global Web application and the default Web site Maximum number of HTIP connections the server allows Logging settings Java compiler settings Transaction time out a SMTP host Reference Other Configuration Files Referencing other configuration files in the server xm1 file includes specifying the following a data sources xml location a jazn data xml location a jms xml and rmi xml locations Several XML files and directories are defined in the server xm1 file The path to these files or directories can be relative or absolute If relative the path should be relative to the location of the server xm1 file application server Element Description The top level element of the server xml file is the lt application server gt element lt application server gt This element contains the configuration for an application server Attributes application auto deploy directory applications auto Specifies the directory from which EAR files are a
135. module in the application package lt role name gt nameOfRole lt role name gt Additional Information B 15 Elements in the orion application xml File The name of the role lt security role gt The security role element contains the definition of a security role which is global to the application The definition consists of a description of the security role and the security role name The descriptions at this level override those in the component level security role definitions and must be the descriptions tool display to the deployer lt small icon gt path to icon gif lt small icon gt The smal1 icon element contains the location within the application of a file containing a small 16x16 pixel icon image The image must be either GIF or JPEG format and the filename must end with the extension of gif or jpg web The web element contains the web uri and context root of a Web application module lt web uri gt pathTo war lt web uri gt The web uri element specifies the URI of a web application file relative to the top level of the application package Elements in the orion application xml File This section describes the OC4J specific application deployment descriptor file lt orion application gt Element Description The top level element of the orion application xml file is the lt orion application gt element Attributes a autocreate tables Whether or not to automatically create database ta
136. mple 2 1 Startup Class Example The configuration for the TestStartup class is contained within a startup class element in the server xml file The configuration defines the following The failure is fatal attribute is true so that an exception causes OC4J to exit a The execution order is 0 so that this is the first startup class to execute Two initialization key value pairs defined of type String which will be populated in the Hashtable of the following oracle test startup true startup oracle year 2002 Advanced Configuration and Development 2 13 Developing Startup and Shutdown Classes Note The names of the key value pairs must be unique in all startup and shutdown classes as JNDI binds the name to its value Thus configure the following in the server xml file to define the TestStartup class startup classes startup class classname TestStartup failure is fatal true gt lt execution order gt 0 lt execution order gt lt init param gt lt param name gt oracle test startup lt param name gt lt param value gt true lt param value gt lt init param gt lt init param gt lt param name gt startup oracle year lt param name gt lt param value gt 2002 lt param value gt lt init param gt lt startup class gt lt startup classes gt The container provides the two initialization kay value pairs within the input Hashtable parameter to the startup class The followi
137. n eee ca Cere nda Backs ded cues aa EER Se CUR PERI AEE Deed 1 2 Testing the Default Configuration sse aa 1 3 Starting and Stopping OCAT oio ec ee Dp eh aee p e teorie 1 3 Starting OCA stie ice He e ee E ERR rtm T be ib M RU e on 1 4 Administering OCA rcp erue i etcetera te R 1 4 Restarting OCAJ 34 esie reinen e tee eee a he e hoe e e ee e e de eere 1 5 Shutting Down OC4 sic etcetera bene ee e erre tree rne tere be derer e E pe a 1 5 HTTP and RMI Communication eese atens i a nana eren ettet tree inen tentes riei 1 6 Quick Start for JSPs and Servlets 5o se Reese ete biete e Hb pets 1 6 Creating the Development Directory sssssssssseeeee eee eee nnns 1 6 Configuring the FAQ Application Demo seen eene enne 1 7 Environment Setup for FAQ Demo eene eene 1 8 Oracle Database 5 neo bed E Hp qr E Eie pee perte ehe iet edes 1 8 OC4J System Configuration for FAQ Demo sese ee eee eene 1 9 Data Source Configutration 4eten tette iei e hee Hi tenete eee pee ecran 1 9 Security Configuration iere emen ri ient ter Pere tek pere Preis 1 9 Deploy the FAQ Derio 2t tee REIR iie en ERE Uis 1 10 Deploy Using Automatic Deployment in a Development Environment 1 10 Deploy Using the Admin JAR Tool in All Environments 1 11 Deployment Details Explained neon tre depen te ede obedire eer 1 12 Deploying Applications ie e Re ettet se pe tee
138. n data xml file Example Specifying Users and Groups in principals xml The following XML from the principals xml file the user repository configuration file for the XMLUserManager class shows how to define a group named allusers and a user named guest with password welcome The guest user is made a member of the allusers group If you want to use the XMLUserManager class instead of the JAZNUserManager class you must modify the global application xml file if modifying for all applications or the orion application xml file if using the XMLUserManager class only for a specific application Add the following line principals path principals xml gt where the path points to the location of the principals xml file Also you must remove or comment out the lt jazn provider element in this file Note Youcan hide the password through password indirection See the Oracle Application Server Containers for J2EE Security Guide for a description of password indirection principals groups group name allusers gt description Group for all normal users description permission name rmi login permission name com evermind server rmi RMIPermission group Other groups Configuring Security 3 3 Authentication groups users user username guest password welcome gt lt description gt Guest user lt description gt lt group membership group allusers g
139. n the limit is exceeded stdstream rotatetime The time at which the log file will be rotated each day HH mm Configuration and Deployment Examples The following examples show how to configure and deploy a J2EE application within OC4J See Configuring the FAQ Application Demo on page 1 7 to learn how to modify the XML configuration files for the FAQ application demo J2EE Application XML Configuration Example Deploying Example J2EE Application XML Configuration Example In this example the myapp application contains a Java client an EJB assembled into a JAR file servlets and JSPs assembled into a WAR file and an EAR file that contains both the EJB JAR file and the Web application WAR file The tree structure showing the B 36 Oracle Application Server Containers for J2EE Standalone User s Guide Configuration and Deployment Examples location of all the XML configuration files the Java class files and the JSP files is shown in Application EAR Structure Notice that you can separate all the configuration files into logical directories within the application directory Application EAR Structure myapp ear META IIIF application xm l my app jb JAR META IIIF BNET jb jar xml Template class E TemplateBean class ss TemplateHome cla myapp web WAR Ee j web xml L elasses TemplateServlet class index html add jsp edit jsp iist jsp Serv jsp mzapp client J
140. nager performs its duties through the taskmanager granularity attribute in server xml This element sets how often the task manager is kicked off for cleanup Value is in milliseconds Default is 1000 milliseconds application server taskmanager granularity 60000 Enabling OC4J Logging 2 OC4J logs messages both to standard error standard out and several log files for OC4J services and deployed applications Viewing OC4J System and Application Log Messages This section describes the separate log files for OC4J sub systems and deployed applications You can manage how large these files can be and where they are located Redirecting Standard Out and Standard Error This section describes how to forward standard out and standard error messages to a log file Note Also OC4J supports Jakarta 10g4j See the Open Source Frameworks and Utilities appendix in the Oracle Application Server Containers for J2EE Servlet Developer s Guide Viewing OC4J System and Application Log Messages Each OC4J process has a set of log files as shown in Table 2 3 If there are multiple processes running for an OC4J instance there is a multiple set of log files Table 2 3 List of Log Files Generated for OC4J Default Log File Name Description Scope Configuration File application log All events errors and exceptions One log file for each orion application for a deployed application application deployed xml global app
141. ng example shows Test Startup which implements the com evermind server OC4JStartup interface The preDeploy method retrieves the key value pairs from the Hashtable and prints them out The postDeploy method is a null method The oc4j jar must be in the Java CLASSPATH when you compile Test Startup import com evermind server OC4JStartup import javax naming import java util public class TestStartup implements OC4JStartup public String preDeploy Hashtable args Context context throws Exception bind each argument using its name Enumeration keys args keys while keys hasMoreElements String key String keys nextElement String value String args get key System out println prop key value args get key context bind key value return ok public String postDeploy Hashtable args Context context throws Exception return null Assuming that the Test Startup class is archived in app1 startup jar modify the lt init library gt element in the server xml file as follows init library path appl startup jar 2 14 Oracle Application Server Containers for J2EE Standalone User s Guide Setting Performance Options When you start OC4J the preDeploy method is executed before any application is initialized OC4J populates the JNDI context with the values from the Hashtable If TestStartup throws an exception then OC4J exits since the failure is fatal attr
142. ng subswitches oldLocation JNDllocation The old namespace location for the DataSource For example jdbc DefaultDS Required newLocation JNDllocation The new namespace location for the DataSource For example jdbc DefaultDs jar JAR The JAR file containing the driver to add to the library of the server url URL The JDBC database URL pooledLocation JNDllocation The namespace location for the pooled source For example jdbc DefaultPooledDS xaLocation JNDllocation The namespace location for the XA DataSource For example jdbc xa DefaultXADS Required if ejbLocation is specified ejbLocation JNDllocation The namespace location for the data source for container managed transactions This is the only data source that can perform global JTA transactions For example jdbc DefaultDS username username The username you use to login password password The password you use to login connectionDriver driverClass The JDBC database driver class For example com mydb Driver className dsClass The data source class name For example com evermind sqgl DriverManagerDataSource sourceLocation jndiDS The underlying data source of this specialized data source xaSourceLocation jndiXADS The underlying XA data source of this specialized data source OC4J System Properties You can set system properties on the OC4J command line before startup If OC4J is running you must restart the instance for these
143. nstead of groups the JAZNUserManager XML based user repository jazn data xml hasa different structure from the XMLUserManager user repository principals xml In addition in a JAZNUserManager user repository passwords are encrypted unlike in principals xml The following sections offer examples of how to specify users and groups under the JAZNUserManager and XMLUserManager classes See Plugging In a User Manager on page 3 8 for additional details on these classes 3 2 Oracle Application Server Containers for J2EE Standalone User s Guide Authentication Example Specifying Users and Groups in jazn data xml The following XML from the JAZNUserManager user repository configuration file jazn data xml shows how to define OracleAS JAAS Provider roles groups and users It defines a group named allusers and a user named guest role lt name gt allusers lt name gt lt members gt lt member gt lt type gt user lt type gt lt name gt guest lt name gt lt member gt lt members gt lt role gt Unlike the XML from the XMLUserManager user repository configuration file principals xm1l you can encrypt the password under the JAZNUserManager user name guest name lt description gt The default user lt description gt lt credentials gt wEE6aA lt credentials gt lt user gt Note See the Oracle Application Server Containers for J2EE Security Guide for more information on setting up the jaz
144. nts in the server xml File on page B 6 Sharing Libraries If you have libraries that you want to share among applications add a lt library gt element in the global application xml file indicating the directory where you are placing the libraries as follows Windows library path d oc4j j2ee home applib gt 2 6 Oracle Application Server Containers for J2EE Standalone User s Guide Manually Adding Applications in a Development Environment UNIX library path private oc4j j2ee home applib gt For each directory to be included use a separate library element on a separate line as follows library path private oc4j j2ee home applib gt library path private oc4j j2ee home mylibrary gt As a default a library element exists in the global application xml file with the j2ee home applib directory Instead of modifying the lt library gt element to contain other directories you could move your libraries into the app1ib directory However note that adding libraries to this directory increases the size of OC4J and effects the performance as all libraries are searched for unknown classes Use this with discretion Note The default j2ee home applib directory is not created when OC4J is installed If you want to add shared libraries to this directory you must first create it before adding your libraries If you can you should keep your shared libraries local to the application th
145. od requires two arguments a Hashtable that is populated from the configuration and a JNDI Context to which you can bind to process values contained within the Context Both methods return a String which is currently ignored Once created you must configure the startup class within the lt startup classes gt element in the server xml file Each OC4JStartup class is defined in a single startup class element within the startup classes element Each lt startup class gt defines the following The name of the class that implements the com evermind server OC4JStartup interface a Whether a failure is fatal If considered fatal then when an exception is thrown OC4J logs the exception and exits If not considered fatal then OC4J logs the exception and continues Default is not fatal a The order of execution where each startup class receives an integer number that designates in what order the classes are executed a The initialization parameters that contain key value pairs of type String which OC4J takes which are provided within the input Hashtable argument The names for the key value pairs must be unique as JNDI is used to bind each value to its name Inthe lt init library path xxx gt elementin the server xml file configure the directory where the startup class resides or the directory and JAR filename where the class is archived The path attribute can be fully qualified or relative to j2ee home conf ig Exa
146. om username The previous adds your user given the username and password to the jazn com realm and then grants the users role to the new user See the Oracle Application Server Containers for J2EE Security Guide for complete information on using Oracle Application Server Java Authentication and Authorization Service AAS Provider as your security provider Deploy the FAQ Demo Download the FAQ demo application from OTN at http www oracle com technology tech java oc4j demos 904 index html inthe FAQApp zip file 1 Unzip this file to a working directory which is referred to as FAQApp Home gt 2 Deploy the FAQ application using by either copying the EAR file to the j2ee home applications directory or by the admin jar tool The following sections explain each method 3 Start the OC4J server by executing java jar oc4j jar 4 Execute the FAQ application in your browser where the default port is 8888 http your machine name 8888 FAQApp Deploy Using Automatic Deployment in a Development Environment As discussed in Restarting OC4J on page 1 5 OC4J supports automatic deployment and redeployment of applications which allows you to make changes to the application EAR file which are picked up by the server without stopping and restarting OC4J You enable this through the check for updates attribute in the server xml file When automatic deployment is enabled simply modify the XML configuration files rearchive the applica
147. on deployment descriptor file lt application gt Element Description The top level element of the application xml file is the lt application gt element B 14 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the application xml File Elements Contained Within lt application gt Within the lt application gt element the following elements which are listed alphabetically and not by DTD ordering can be configured lt alt dd gt path to dd lt alt dd gt The alt dd element specifies an optional URI to the post assembly version of the deployment descriptor file for a particular J2EE module The URI must specify the full pathname of the deployment descriptor file relative to the application s root directory If alt dd is not specified the deployer must read the deployment descriptor from the default location and file name required by the respective component specification lt connector gt context lt connector gt The connector element specifies the URI of a resource adapter archive file relative to the top level of the aplication package context root thedir context root The context root element specifies the context root of a web application description A description description The description element provides a human readable description of the application The description element should include any information that the application assembler wants to provide the deploye
148. or more information as follows keytool genkey keyalg RSA keystore mykeystore storepass 123456 validity 21 What is your first and last name Unknown Test User What is the name of your organizational unit Unknown Support What is the name of your organization Unknown Oracle What is the name of your City or Locality Unknown Redwood Shores What is the name of your State or Province Unknown CA What is the two letter country code for this unit Unknown US Is CN Test User OU Support O Oracle L Reading ST Berkshire C GB gt correct no yes Enter key password for lt mykey gt RETURN if same as keystore password Note To determine your two letter country code use the ISO country code list at the following URL http www bcpl net jspath isocodes html The mykeystore file is created in the current directory The default alias of the key is mykey 3 If you do not have a secure web site xml file then copy the http web site xml to SJ2EE HOME config secure web site xml 4 Edit secure web site xml with the following elements a Add secure true to the lt web site gt element as follows web site port 8888 display name Default Oracle Application Server Containers for J2EE Web Site secure true gt b Add the following new line inside the lt web site gt element to define the keystore and the password lt ssl config keystore lt Your Keystore gt
149. ork at each minor collection This collector also known as the train collector collects portions of the tenured generation a memory pool holding objects that are typically collected in a major collection at each minor collection The result is shorter pauses spread over many minor collections Note that the incremental collector is even slower than the default tenured generation collector when considering overall throughput To use the incremental collector the Xincgc option must be passed in on the Java command line at application startup Set the inital and maxmium size of the young generation object pool to the same value using the XX NewSize and XX MaxNewSize options Set the initial and the maximum Java heap sizes to the same value using the Xms and Xmx options For example to use this collector with a server with 1GB of physical memory java server Xincgc XX NewSize 64m XX MaxNewSize 64m Xms512m Xmx512m For more information on garbage collection tuning read Tuning Garbage Collection with the 1 4 2 Java TM Virtual Machine which is available at http java sun com docs hotspot gc1 4 2 Invalid or Unneeded Library Elements Degrade Performance Problem If the OC4J process memory is growing consistently during program execution then you may have references to invalid symbolic links in your global application xml file This problem is usually characterized by a growth in the C heap and not a growth in Java object
150. ory problem for the session before the session times out This could possibly make the Web application less secure but might be necessary to work around issues such as SSL session timeouts not being properly supported in some browsers 5 Optionally set the cookie domain if shared is true and the default ports are not used When the client interacts with a Web server over separate ports the cookie believes that each separate port denotes a separate Web site If you use the default ports of 80 for HTTP and 443 for HTTPS the client recognizes these as two different ports of the same Web site and creates only a single cookie However if you use non default ports the client does not recognize these ports as part of the same Web site and will create separate cookies for each port unless you specify the cookie domain Cookie domains track the client s communication across multiple servers within a DNS domain If you use non default ports for a shared environment with HTTP and HTTPS set the cookie domain attribute in the lt session tracking gt element in the orion web xml file for the application The cookie domain attribute contains the DNS domain with at least two components of the domain name provided session tracking cookie domain oracle com gt Example 3 5 HTTPS Communication With Client Authentication The following configures a Web site for HTTPS secure communication with client authentication web site display name 0C4J
151. p redirect debug property B 35 http request debug property 2 23 B 35 B 36 HTTPS 3 13 client authentication 3 19 http session debug property B 35 http virtualdirectory debug property B 36 http web site xml file 1 10 1 12 1 13 bind Web context 1 11 identities 3 2 iiop runtime debug property B 35 InitialContext 2 16 B 34 J J2EE definition 1 1 J2EE_HOME environment variable 1 3 1 4 JAVA_HOME variable 1 12 java ext dirs property B 11 B 34 java home property B 34 java io tmpdir property B 34 javax net debug property 3 21 B 36 jazn data xml file 3 2 3 3 3 7 3 8 3 9 JAZNUserManager class 3 8 jdbc debug property B 36 JDK 1 1 Jikes B 8 JMS B 3 jms debug property B 36 JSP pages default deployment 1 6 deployment 1 13 JVM 1 1 K KeeplIIOPCode property B 34 KeepWrapperCode property B 35 keys SSL 3 13 keystores SSL 3 13 L LDAP 3 1 LDAP based provider type 3 1 3 9 library sharing 2 6 Lightweight Directory Access Protocol see LDAP logging 2 19 to 2 22 log files 2 19 2 20 ODL 2 21 B 11 B 19 rollover logging 2 21 B 11 B 19 standard error 2 22 standard out 2 22 text 2 20 XML message format 2 22 mod_ossl 3 9 mod_osso 3 8 multicast debug property B 36 N NativeJDBCDebug property B 35 needs client auth attribute 3 19 O OC4J administration 1 4 application example 1 7 command line options B 33 restarting 1 5 setup 1 2
152. plication and separate from the application xml that exists in the j2ee home config directory The j2ee home config application xml file configures options that are applied to all applications deployed in this OC4J server instance Table 2 1 describes the role and function for each XML file that was displayed in the preceding figure Table 2 1 OC4J Features and Components XML Configuration File Features Components server xml OC4J overall server configuration Configures the server and points to the XML files that add to this file such as jms xm1 for JMS support The listing of other XML files enables the services to be configured in separate files but the server xml file denotes that they be used for the OC4J configuration Advanced Configuration and Development 2 3 Overview of OC4J and J2EE XML Files Table 2 1 Cont OC4J Features and Components XML Configuration File Features Components principals xml OC4 J security configuration for the type of security required for accessing the server data sources xml OC4J data source configuration for all databases used by applications within OC4J rmi xml OC4J RMI port configuration and RMI tunneling over HTTP jms xml OC4J JMS configuration for Destination topics and queues that are used by JMS and MDBs in OC4J web site xml OC4J Web site definition Each Web site is defined within its own XML file It is a good practice to name each XML file based on th
153. quests on one port and non SSL requests on another You can disable either SSL requests or non SSL requests by commenting out the appropriate web site xml in the server xml configuration file lt web site path secure web site xml gt comment out this to remove SSL lt default site path http web site xml gt comment out this to remove non SSL Requesting Client Authentication with OC4J Standalone OC4J supports a client authentication mode in which the server explicitly requests authentication from the client before the server will communicate with the client In this case the client must have its own certificate The client authenticates itself by sending a certificate and a certificate chain that ends with a root certificate OC4J can be configured to accept only root certificates from a specified list in establishing a chain of trust back to the client A certificate that OC4J trusts is called a trust point This is the first certificate that OC4J encounters in the chain from the client that matches one in its own keystore There are three ways to configure trust The client certificate is in the keystore One of the intermediate certificate authority certificates in the client s chain is in the keystore The root certificate authority certificate in the client s chain is in the keystore OC4J verifies that the entire certificate chain up to and including the trust point is valid to prevent any forged certifi
154. r lt display name gt The name lt display name gt The display name element specifies an application name The application name is assigned to the application by the application assembler and is used to identify the application to the deployer at deployment time lt ejb gt pathToEJB jar lt ejb gt The ejb element specifies the URI of a EJB JAR relative to the top level of the application package lt icon gt The icon element contains a small icon and a large icon element which specify the location within the application for a small and large image used to represent the application in a GUI tool lt java gt pathToClient jar lt java gt The java element specifies the URI of a Java application client module relative to the top level of the application package lt large icon gt path to icon gif lt large icon gt The large icon element contains the location within the application of a file containing a large 32x32 pixel icon image The image must be either GIF or JPEG format and the filename must end with the extension of gif or j pg lt module gt The module element represents a single J2EE module and contains an EJB Java or Web element which indicates the module type and contains a path to the module file and an optional alt dd element which specifies an optional URI to the post assembly version of the deployment descriptor The application deployment descriptor must have one module element for each J2EE
155. r application directory In Figure 2 4 this is j2ee home applications appname Advanced Configuration and Development 2 9 OC4J Automatic Deployment for Applications You can specify the path in one of two manners Specifying the full path from root to the parent directory In the example in Figure 2 4 if appname is myapp then the fully quali fied path is as follows application name myapp path private j2ee home applications myapp auto start true gt Specifying the relative path The path is relative to where the server xml file exists to where the parent directory lives In the example in Figure 2 4 if appname is myapp then the relative path is as follows application name myapp path applications myapp auto start true gt a Inapplication xml modify the lt module gt elements to contain the directory names for each module not JAR or WAR files You must modify the lt web uris the lt ejb gt and the client elements in the application xml file to designate the directories where these modules exist The path included in these elements should be relative to the master directory and the parent of the WEB INF or META INF directories in each of these application types For example if the web_module directory in Figure 2 4 was myapp web then the following example designates this as the Web module directory within the lt web uri gt element as follows lt module gt lt w
156. r manager you must specify the name of the user manager class in one of the following XML files orion application xml file for a single application a config application xml global configuration file for all applications in the server The following sections describe how to configure each User Manager type Using the JAZNUserManager Class Using the XMLUserManager Class Creating Your Own User Manager Using the JAZNUserManager Class The primary purpose of the JAZNUserManager class is to leverage the OracleAS JAAS Provider as the security infrastructure for OC4J For a complete description of the OracleAS JAAS Provider see the Oracle Application Server Containers for J2EE Security Guide By integrating the OracleAS JAAS Provider with OC4J the following benefits can be achieved Single Sign on SSO mod_osso integration 3 8 Oracle Application Server Containers for J2EE Standalone User s Guide Plugging In a User Manager SSL mod oss1 integration a OID integration using the LDAP based provider type Fine grained access control using Java2 permissions a run as identity support delegation support from servlet to EJB Secure file based storage of passwords using the XML based provider type Use the JAZNUserManager class if you want OC4J security that has secure centralized storage retrieval and administration of OracleAS JAAS Provider data This data consists of realm user and roles and
157. r ormi oc4j_host admin welcome installDataSource jar ORACLE HOME jdbc classes12 jar url jdbc oracle thin oc4j_host 1521 MYSERVICE connectionDriver oracle jdbc driver OracleDriver location jdbc DefaultOracleDS username scott password tiger Web Module Servlet and JSP Calling EJBs To bind the Web component WAR file of a J2EE application EAR file on a Web site do the following java jar admin jar ormi oc4j host admin welcome bindWebApp myapp myapp web http web site myapp Additional Information B 41 Configuration and Deployment Examples This adds the following to http web site xml lt web app application myapp name myapp web root myapp gt Client Module Standalone Java Client Invoking EJBs Package your client module in a JAR file with the descriptor META INF application client xml Manifest File for the Client Package the client in a runable JAR with a manifest that has the main class to run and required CLASSPATH as shown below Check that the relative paths in this file are correct Verify that you point to the relative location of the required OC4J class libraries manifest mf Manifest Version 1 0 Main Class myapp myapp client TemplateClient Name TemplateClient Created By 1 2 Sun Microsystems Inc Implementation Vendor Oracle Class Path j2ee home oc4J jar j2ee home lib jndi jar j2ee home lib ejb jar myapp ejb jar Executing the Client
158. reiecit 1 13 Archive Application into an EAR File sssseeseeeeee eee ee nennen 1 13 Deployment In a Production Environment Using ADMIN JAR eee 1 14 Binding the Web Application eren treten riter iea 1 15 Deploy Your Application Manually in a Development Environment 1 15 Verifying Deploy Ment zueinander e med aee trei ete tiet edente 1 15 What Happens When You Deploy sss nennen nennen 1 16 Undeploying Web Applications eene nnne nennen tenentes 1 16 2 Advanced Configuration and Development Overview of OC4J and J2EE XML Files essent entente nennen nenne nenne 2 1 XML Configuration File Overview nennen 2 1 XML File Interrelatioriships itte tete eei b esteri 2 5 Sharing Libr ries eoe SE iid cede POE a edere ti tete deleted 2 6 Manually Adding Applications in a Development Environment sse 2 7 Configuring Eisteret ne tete n e eene e Pe debe te eire ere 2 7 Configuring J2EE Applications eene enne nennen nennen 2 8 Building and Deploying Within a Directory sssesesseeee eee een enne 2 8 OC4J Automatic Deployment for Applications ssssssssseeeeee eee nnn 2 10 Changing XML Files After Deployment sse eee eene nnne 2 11 Designating a Parent of Your Application sees eee eene nnne 2 12 Developing Startup and Shutdown Classes esses eee enn 2 12 OCA Startap Class
159. rmi debug property B 36 rmi verbose property B 36 roles 3 2 run as identity 3 9 S OC4J and OHS configuration 3 15 using certificates with OC4J and OHS 3 14 server xml file 1 10 1 12 1 13 1 14 1 15 element description B 6 example B 39 servlets default deployment 1 6 deployment 1 13 setParent method 3 13 setStmtCacheSize method 2 18 sharing libraries 2 6 shutdown class 2 15 postUndeploy method 2 15 preUndeploy method 2 15 Single Sign on see SSO SSL 3 2 3 13 client authentication 3 19 SSO 3 8 standard error redirection 2 22 standard out redirection 2 22 startup 1 4 startup class 2 13 to 2 15 example 2 14 postDeploy method 2 13 preDeploy method 2 13 statement caching DataSource statement caching 2 18 stmt cache size attribute 2 18 system properties B 33 I task manager granularity 2 19 B 7 taskmanager granularity attribute 2 19 B 7 thread pooling 2 17 transaction debug property B 36 U undeployment 1 16 user manager definition 3 2 user repository 3 6 definition 3 2 jazn data xml 3 2 3 3 3 7 3 8 3 9 OID 3 8 3 9 principals xml 3 2 3 3 3 8 3 13 UserManager interface 3 11 W Secure Socket Layer see SSL Secure Sockets Layer see SSL security defined 3 1 introduction 3 13 keys and certificates 3 13 Index 4 Web application deployment 1 13 binding context 1 11 Web context binding 1 15 web xml file example B 38 ws debu
160. rom the XMLUserManager to the JAZNUserManager Authentication and authorization along with OC4J confidentiality are introduced below a Authentication Verifies the identity and credentials of a user Configuring Security 3 1 Authentication Defines users and groups in a user repository A user repository is employed by a user manager to verify the identity of a user or group attempting to access a J2EE application A user repository can be a file or a directory server depending on your environment The Oracle Application Server Java Authentication and Authorization Service JA AS Provider LDAP user manager and the XMLUserManager are two examples of user repositories Although the J2EE application determines which client can access the application itis the user manager employing the user name and password that verifies the client s identity based on information in the user repository Authorization Permits or denies users and groups access to an application Specifies authorization for users and groups identities in the J2EE and OC4J specific deployment descriptors J2EE and OC4J specific deployment descriptors indicate what roles are needed to access the different parts of the application Roles are the logical identities that each application uses to indicate access rights to its different objects The OC4J specific deployment descriptors provide a mapping between the logical roles and the users and groups known by
161. rough the orion application xml file deployed with the application You can add library elements in the orion application xml file for the application to indicate where the libraries are located which are used only within the application Manually Adding Applications in a Development Environment When you are in a development environment it is easier to modify XML files than to use the admin jar command for each iteration of development The following sections help you understand how to modify your XML configuration files Configuring a Listener Configuring J2EE Applications Configuring a Listener Each OC4J server is configured to listen on HTTP or RMI protocols for incoming requests Each OC4J Web server is configured within its own web site xml file HTTP protocol listener HTTP clients can access an OC4J HTTP listener directly This involves configuring an http web site xml file which indicates the HTTP listener port The default HTTP port is 8888 The following shows the entry in the http web site xml for an HTTP listener with a port number of 8888 web site host oc4j host port 8888 protocol http display name Default OCAJ WebSite gt a RMI protocol listener EJB clients and the OC4J tools such as admin jar access the OC4J server through a configured RMI port This involves configuring the rmi xml file The default RMI port is 23791 The following shows the default RMI port number configured in the rm
162. ry for executing the FAQ demo Oracle Database Create the database tables for the FAQ demo by executing the SQL table creation script CreateTables sql script which is located at http lt hostname gt 8888 FAQApp CreateTables sql or can be downloaded 1 8 Oracle Application Server Containers for J2EE Standalone User s Guide Configuring the FAQ Application Demo with the rest of the FAQ application from OTN at http www oracle com technology tech java oc4j demos 904 index html inthe FAQApp zip file In an Oracle database environment you can execute the SQL script through SQL Plus connecting to the database and schema where you want the tables to be installed and executing CreateTables Please refer to the Oracle database documentation for further instructions on how to use SQL Plus running install scripts creating database users schemas and so on OC4J System Configuration for FAQ Demo In order for the FAQ demo to execute properly the following system modification must be implemented a Modify the default data source OracleDS to point to the back end database a Add the FAQ user to the jazn com realm and assign it to the users role The directions for each of these steps are covered in the following sections DataSource Configuration Security Configuration Data Source Configuration In order to execute the FAQ application you must have an Oracle database with the corresponding FAQ application database sch
163. s The following examples show the output with and without verbosity Example 2 3 Error Messages Displayed Without Veribosity D oc4j903 j2ee home gt java jar oc4j jar Oracle Application Server Containers for J2EE initialized Example 2 4 Error Messages Displayed With Verbosity Level of 10 D 0c4j903 j2ee home gt java jar oc4j jar verbosity 10 Application default default initialized Binding EJB work ejb WorkHours to work ejb WorkHours Application work work initialized Application serv23 Servlet 2 3 New Features Demo initialized Web App default defaultWebApp 0 0 0 0 0 0 0 0 8888 started Oracle Application Server Containers for J2EE initialized Servlet Debugging Example You deployed a Web application to OC4J that is having some problems with servlets You are losing the client session when you use a pre configured data source to make database connection You want to know what OC4J is doing when the servlet is accessing the data source In order to generate the debug information on HTTP Session and data source usage you must set two debug options http session debug and datasource verbose to true java Dhttp session debug true Ddatasource verbose true jar oc4j jar Then re execute your servlet and see the following type of debug information in the standard output for the OC4J process DataSource logwriter activated jdbc oracle thin localhost 1521 MYSERVICE Started jdbc oracle thin Glocalhost 152
164. s thus the in process attribute is always false a encoding Specify the type of character encoding for the source file such as UTF 8 EUCJIS or SJIS Encoding is only supported by the javac compiler The default is determined by the language version of the JVM that is installed a bindir Provide the absolute path to the compiler directory You do not need to specify this attribute for javac modern or classic as the JDK bin directory is searched for this compiler The syntax is specific to the operating system platform Sun Microsystems Solaris example If you are using jikes which is in usr local bin jikes then specify the following name jikes bindir usr local bin Windows example To specify j ikes which is located in e jdk1 3 1 bin jikes exe specify the following B 10 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the server xml File name jikes bindir c jdk1 3 1 bin a extdirs Specifies extension directories that the compilation uses to compile against The default is your JDK extension directories Multiple directories can be specified each separated by a colon Each JAR archive in the specified directories are searched for class files You can specify certain directories to be searched by modifying the Djava ext dirs system property The j ikes compiler requires that extension directories are specified in either this attribute or in the Djava ext dir
165. s fen eene ee eie iei e e ee e t E UA Pee ree eon 2 13 OC4 Shutdown Classes nises ter rere eere Re ea ere eae inerte entendi 2 15 Setting Performance Options nencce ete tiae tee eene eee intret deesset dede 2 15 Performance Command Line Options eese eee eee nennen 2 16 Thread Pool Settings imde ee chute pio P eh epe ett ee are terae 2 16 Statement Cachin gisis edt netu an US GU EG e Ta ett ti ot ti hes e SE betas 2 18 Task Manager Granulafity uideris e temer ha ig ter shes seutsbenscseatebendeseseubslseoesesrartes 2 19 Enabling OQC4J Logging rre ett e ee etie ene ee etie eges 2 19 Viewing OC4J System and Application Log Messages sssssssssseeeeeee 2 19 Text Log P188 ci iaeg aie some ne ed OR OE Rd Pr ape ente te ibtd ives 2 20 Oracle Diagnostic Logging ODL Log Files esee eee ne 2 21 Redirecting Standard Out and Standard Error sss 2 22 OC4 Debugging eate e e eee D itii eerte turi HER d RR Ted ago 2 22 Servlet Debugging Example tm tmt i Pee e vea rd 2 24 3 Configuring Security Overview of Security Furictioris eene be antecedent idee tl i d ee ee uode eec de 3 1 Authenlicali n 5 gabe UE NER RERO PO EE HERD Ei eue e Deoa 3 2 Specifying Users and Groups eee ete ee dI eicere tee eere es 3 2 Example Specifying Users and Groups in jazn data xml sss 3 3 Example Specifying Users and Groups in principals xml
166. s follows web app application FAQApp name FAQAppWeb root FAQApp This step makes FAQ accessible from the OC4J server For full details on the http web site xml configuration file see the Oracle Application Server Containers for J2EE Servlet Developer s Guide For more information see Manually Adding Applications in a Development Environment on page 2 7 OC4 Automatic Deployment for Applications on page 2 10 and What Happens When You Deploy on page 1 16 Deploy Using the Admin JAR Tool in All Environments In the production environment you should set the check for updates attribute to false see Restarting OC4J on page 1 5 and then use the admin jar tool for deploying all applications The admin jar tool deploys the application and modifies all of the appropriate XML files This provides for remote deployment Use the admin jar command line tool for registration and deployment as follows java jar admin jar ormi oc4j host oc4j ormi port admin welcome deploy file d j2ee home applications FAQApp ear deploymentName FAQApp targetPath applications This step creates the entry in the server xm1 file for the FAQ application For a complete description of the admin jar command line tool see Options for the OC4J Administration Management JAR on page B 26 You can bind any Web application through the admin jar tool as follows java jar admin jar ormi oc4j host oc4j ormi port admin welcome bind
167. s for this command are listed in Standalone OC4J Command Line Options and Properties on page B 26 Ensure that automatic deployment is disabled by setting the check for updates attribute to false see Restarting OC4J on page 1 5 To deploy a J2EE application with the EAR file to a remote node execute admin jar as follows java jar admin jar ormi host port username password deploy file filename deploymentName app name targetPath path destination where a The host port is the host and port of the OC4J server a The username password is the administration username and password for the OC4 server The file path filename indicates the local directory and filename for the EAR file The deploymentName app name variable is a user defined name of the application The targetPath path destination indicates what path on the server node in which to deploy the EAR file Provide a target path to the directory where the EAR file is copied for deployment The default path is the applications directory Oracle recommends that you provide a target path Note If you have a Web application within the EAR file bind the Web application using the admin jar bindWebApp option This deployment step creates a new entry in server xml for the application as follows application name app name path path EARfile auto start true gt where The name attribute is the name of the application The path
168. s system property The following are four examples of how to define alternate compilers in this element lt java compiler name jikes bindir C java jikes bin in process false gt java compiler name ojc bindir C java jdev jdev bin in process false java compiler name classic in process true java compiler name modern in process true jms config Attribute path Specifies the path to the jms xm1 file path jms xml lt log gt lt file gt Attribute path log server log Specifies a relative or absolute path to a file where log events are stored lt mail gt An e mail address where log events are forwarded You must also specify a valid mail session if you use this option Attribute address my mail address Specifies the mail address odl The ODL log entries are each written out in XML format in its respective log file The log files have a maximum limit When the limit is reached the log files are overwritten When you enable ODL logging each message goes into its respective log file named logN xml where N is a number starting at one The first log message starts the log file log1 xml When the log file size maximum is reached the second log file is opened to continue the logging 1092 xm1 When the last logfile is full the first log file 1og1 xml1 is erased and a new one is opened for the new messages Thus your log files are constant
169. settings for all J2EE applications lt global thread pool gt You can specify unbounded one or two thread pools for an OC4J process through this element If you do not specify this element then an infinite number of threads can be created See Thread Pool Settings on page 2 16 for a full description B 8 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the server xml File Attributes min The minimum number of threads that OC4J can simultaneously execute By default a minimum number of threads are preallocated and placed in the thread pool when the container starts Value is an integer The default is 20 The minimum value you can set this to is 10 max The maximum number of threads that OC4J can simultaneously execute New threads are spawned if the maximum size is not reached and if there are no idle threads Idle threads are used first before a new thread is spawned Value is an integer The default is 40 queue The maximum number of requests that can be kept in the queue Value is an integer The default is 80 keepAlive The number of milliseconds to keep a thread alive idle while waiting for a new request This timeout designates how long an idle thread remains alive If the timeout is reached the thread is destroyed The minimum time is a minute Time is set in milliseconds To never destroy threads set this timeout to a negative one Value is a long The default is 6000
170. site xml configuration file that is denoted in the web site name variable For a listing of all the options for admin jar see Options for the OC4J Administration Management JAR on page B 26 Deploy Your Application Manually in a Development Environment To deploy your application in a development environment you can modify the XML files by hand Ensure that automatic deployment is enabled by setting check for updates attribute to true In server xml add a new or modify the existing application name path auto start true gt entry for each J2EE application The path should be the full directory path and EAR filename For our employee example add the following to the server xml file application name employee path private applications Employee ear auto start true gt If you included a Web application portion you must do the following to bind the Web application to the Web server In web site xml add a web app entry for each Web application The application attribute should be the same value as provided in the server xml file The name attribute should be the WAR file without the WAR extension for the Web application For Web application binding for the employee Web application add the following lt web app application employee name Employee web root employee gt Verifying Deployment OC4J detects the addition of your application to server xml The OC4J server displays a message that
171. ss element B 19 namespace resource element B 19 odl element 2 21 B 11 B 19 odl access log element 2 21 orion application element B 16 orion application client element B 24 lt password manager gt element B 20 persistence element B 20 principals element B 20 property element B 20 read access element B 20 remote element B 23 res auth element B 23 lt resource env ref gt element B 23 resource env ref mapping element B 25 resource env ref name element B 23 resource env ref type element B 23 resource provider element B 20 lt resource ref gt element B 24 lt resource ref mapping gt element B 25 lt res ref name gt element B 24 lt res sharing scope gt element B 24 lt res type gt element B 24 lt rmi config gt element B 13 role name element B 15 lt security role gt element 3 6 B 16 lt security role mapping gt element 3 7 B 21 sep config element B 13 session tracking element 3 16 sfsb config element B 13 shutdown class element 2 15 B 14 shutdown classes element 2 15 B 14 small icon element B 16 B 24 Index 1 ssl config element 3 15 3 16 startup class element 2 13 B 14 startup classes element 2 13 B 14 transaction config element B 14 user element B 21 lt user manager gt element 3 9 3 12 B 21 web element B 16 lt web app gt element 3 16 web module element
172. sse eee nennen 3 13 Using Certificates with OCAJ Standalone ccceeseecesccceceseseeceneesesesteeseseecesesesesnsneeneseeees 3 14 Configuration of OCA for SOL tre pP iere eerie ebrei re teo E dee bra e 3 15 Requesting Client Authentication with OCA4J Standalone sees 3 19 HTTPS Common Problems and Solutions essent nennt 3 20 General SSL Debugging eret rte eee eere i te e i eere tie evene s 3 21 Troubleshooting OC4J Problems and Solutions ree etiem tee eter edite n ERE ER Pe IHR ee ee TEE A 1 Unable to Restart OC4J After Abnormal Termination When OracleAS JMS is Active A 1 Stateful Replication Not Consistent Across OC4J instances sess eee A 2 Using A Non Certified Version of the JDK for OCA4J Only sees eee A 2 java lang OutOfMemory Errors Thrown When Running OC4J sese A 2 Connection Timeouts Through a Stateful Firewall Affect System Performance A 3 OPMN Managed OC4J Unable to Access EJB Resources Via the Default RMI Port A 3 Application Performance Impacted by Garbage Collection Pauses sss A 4 Invalid or Unneeded Library Elements Degrade Performance sss A 4 Need More Help eter ege ette etel e e ta iced Ie ee tagen A 5 Additional Information Description of XML File Contents esses eene nennen nennen nennen tenentes B 1
173. st The session SMTP server host if using SMTP lt namespace access gt Namespace naming context security policy for RMI clients lt namespace resource root the path gt A resource with a specific security setting Additional Information B 19 Elements in the orion application xml File Attribute a root The root of the part of the namespaec that this rule applies to password manager Specifies the UserManager that is used for the lookup of hidden passwords If omitted the current UserManager is used for authentication and authorization For example you can use a OracleAS JAAS Provider LDAP UserManager for the overall UserManager but use a OracleAS JAAS Provider XML UserManager for checking hidding passwords To identify a UserManager provide a lt jazn gt element definition within this element as follows password manager jazn gt password manager persistence path persistence gt A relative to the application root or absolute path to a directory where application state should be stored across restarts Attribute a path The path relative to the enterprise archive or absolute to the persistence directory lt principals path principals xml gt Attribute a path The path relative to the enterprise archive or absolute to the principals file property name theName value theValue gt Contains a name value pair initialization param Attributes name
174. stem property at OC4J startup java Xmx256M jar oc4j jar If running under Unix Linux verify that ulimit settings allow the JVM process to allocate this much memory A 2 Oracle Application Server Containers for J2EE User s Guide Problems and Solutions Connection Timeouts Through a Stateful Firewall Affect System Performance Problem To improve performance the MOD OC4J component in each httpd process maintains open TCP connections to the AJP port within each OC4J instance it sends requests to In situations where a firewall exists between OHS and OC4J packages sent via AJP are rejected if the connections can be idle for periods in excess of the inactivity timeout of stateful firewalls However the AJP socket is not closed as long as the socket remains open the worker thread is tied to it and is never returned to the thread pool OC4J will continue to create more threads and will eventually exhaust system resources Solution The OHS TCP connection must be kept alive to avoid firewall timeout issues This can be accomplished using a combination of OC4J configruation parameters and Apache runtime properties Set the following parameters in the httpd conf or mod 0c4j conf configuration files Note that the value of Oc4j ConnTimeout sets the length of inactivity in seconds before the session is considered inactive Oc4jUserKeepalive on Oc4jConnTimeout 12000 ora similar value Also set the following AJP property at O
175. t lt user gt lt users gt lt principals gt Authenticating HTTP Clients OC4J requests the client to authenticate itself when accessing protected URLs You can achieve authentication through a user name and password or in the case of SSL through an SSL certificate Although in most cases where authentication is required the user is prompted to enter a user name and password If you decide to use an SSL certificate to authenticate the client see Confidentiality Through SSL on page 3 13 for directions on how to set up your client certificate and server keystore Authenticating EJB Clients When you access EJBs in OC4J you must pass valid credentials to this server a Standalone clients define their credentials in the jndi properties file either deployed with the EAR file or in the InitialContext object Servlets or JavaBeans running within OC4J pass their credentials within the InitialContext object which is created to look up the remote EJBs Setting JNDI Properties If the client exists within the same application as the target or the target exists within its parent you do not need a JNDI properties file If not you must initialize your JNDI properties either within a jndi properties file in the system properties or within your implementation before the JNDI call The following sections discuss these three options a NoJNDI Properties JNDI Properties File JNDI Properties Within Implementation No JN
176. t orion application client gt element lt orion application client gt Anorion application client xml file contains the deploy time information for a J2EE application client It complements the application client assembly information found in application client xml Elements Contained Within lt orion application client gt Within the lt orion application client gt element the following elements which are listed alphabetically and not by DTD ordering can be configured lt context attribute name name value value gt An attribute sent to the context The only mandatory attribute in JNDI is the java naming factory initial which is the classname of the context factory implementation Attributes B 24 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the orion application client xml File name The name of the attribute a value The value of the attribute ejb ref mapping location ejb Payroll name ejb Payroll gt The ejb ref element is used for the declaration of a reference to another enterprise bean s home The ejb ref mapping element ties this to a JNDI location when deploying Attributes location The JNDI location to look up the EJB home from name The ejb ref name Matches the name of an ejb ref in application client xml env entry mapping name theName gt deploymentValue lt env entry mapping gt Overrides the value of an env entry in the ass
177. t require action on OC4J s part such as wrapping beans with their interfaces After defaults have been added and necessary actions have been taken OC4J writes out the new module deployment descriptors to the application deployments directory These are the descriptors that OC4J uses when starting and restarting your application But do not modify these descriptors Always change your deployment descriptors in the master location OC4J copies the EAR file to the master directory This defaults to the applications directory However you can designate where the master directory is by the admin jar targetPath option Note If you deploy this EAR file using admin jar without removing the EAR file from the applications directory the new deployment renames the EAR file prepended with an underscore It does not copy over the EAR file Instead you can copy over the EAR file OC4J notices the change in the timestamp and redeploys Finally OC4J updates the server xml file with the notation that this application has been deployed Undeploying Web Applications You can remove a J2EE Web application from the OC4J Web server using the undeploy option with the admin jar command line tool The syntax is as follows java jar admin jar ormi oc4j host oc4j ormi port admin adminpassword undeploy applicationName keepFiles This command removes the deployed J2EE application known as applicationName and results in the following
178. t true then each client receives its own InitialContext instead of a shared context When each client has its own InitialContext then the clients can be load balanced This parameter is for the client You can also set this in the JNDI properties a oracle dms sensors none normal heavy all You can set the value for Oracle Application Server built in performance metrics to the following None off normal medium amount of metrics heavy high number of metrics or all all possible metrics The default is normal This parameter should be set on the OC4J server The previous method for turning on these performance metrics oracle dms gate true false is replaced by the oracle dms sensors variable However if you still use oracle dms gate then setting this variable to false is equivalent to setting oracle dms sensors none a DefineColumnType true false The default is false Set this to true if you are using an Oracle JDBC driver that is prior to 9 2 For these drivers setting this variable to true avoids a round trip when executing a select over the Oracle JDBC driver This parameter should be set on the OC4J server When you change the value of this option and restart OC4J it is only valid for applications deployed after the change Any applications deployed before the change are not affected When true the Def ineColumnType extension saves a round trip to the database that would otherwise be necessary to describe the table
179. te Turning on excessive debug options can slow down the execution of your applications and use large amounts of disk space with the contents of the log files 2 22 Oracle Application Server Containers for J2EE Standalone User s Guide OC4J Debugging The following table provides useful debug options available with OC4J These debug options have two states either true or false By default these are set to false For a complete list of debug properties see OC4J System Properties on page B 33 Table 2 5 HTTP Debugging Options HTTP Debugging Description of Option http session debug Provides information about HTTP session events http request debug Provides information about each HTTP request http error debug Prints all HTTP errors http method trace allow Default false If true turns on the trace HTTP method Table 2 6 JDBC Debugging Options JDBC Debugging Description of Option datasource verbose Provides verbose information on creation of data source and connections using Data Sources and connections released to the pool and so on jdbc debug Provides very verbose information when JDBC calls are made Table 2 7 RMI Debugging Options RMI Debugging Description of Options rmi debug Prints RMI debug information rmi verbose Provides very verbose information on RMI calls Table 2 8 OracleAS Web Services Debugging Options OracleAS Web Services Debugging Description of Options ws debug T
180. the second log file is opened to continue the logging 1092 xm1 When the last logfile is full the first log file log1 xml is erased and a new one is opened for the new messages Thus your log files are constantly rolling over and do not encroach on your disk space Attributes a path Path and folder name of the log folder for this area You can use an absolute path or a path relative to where the configuration XML file exists which is normally in the j2ee home config directory This denotes where the log files will reside for the feature that the XML configuration file is concerned with For example modifying this element in the server xm1 file denotes where the server log files are written a max file size The maximum size in KB of each individual log file a max directory size The maximum size of the directory in KB The default directory size is 10 MB New files are created within the directory until the maximum directory size is reached Each log file is equal to or less than the maximum specified in the attributes mail address my mail address gt An e mail address to log events to A valid mail session also needs to be specified if this option is used Attribute a address The mail address lt mail session location mail TheSession smtp host smtp server com gt The session SMTP server host if using SMTP Attributes location The location in the namespace to store the session at smtp ho
181. the user defined startup class lt startup classes gt Startup classes can be defined by the user and will be executed after the core services JMS RMI are started but before applications are deployed The shutdown classes are executed after undeployment but before the core services are stopped lt startup class gt Each startup class is defined within the lt startup class gt element Attributes classname The classname of the user defined startup class a failure is fatal lf true if an exception is thrown then OC4J logs the exception and exit If false OC4J logs the exception and then continues Default is false lt transaction config gt Transaction configuration for the server Attribute a timeout 30000 Specifies the maximum amount of time in milliseconds that a transaction can take to finish before it is rolled back due to a timeout The default value is 30000 This timeout will be a default timeout for all transactions that are started in OC4J You can change it by using the dynamic API UserTransaction setTransactionTimeout milliseconds lt web site gt Attribute path The path to a web site xml file that defines a Web site For each Web site you must specify a separate web site xml file This example shows that a Web site is defined in the my web site xml file path my web site xml Elements in the application xml File This section provides an overview of the J2EE applicati
182. the user manager Returns the group with the specified name or nu11 if none exists a java lang String name the name ofthe specified group Returns the number of users contained in the user manager Throws UnsupportedOperationException if not supported Returns a list of groups between the specified indexes contained in the user manager Throws UnsupportedOperationException if not supported Returns the parent manager of the user manager Configuring Security 3 11 Plugging In a User Manager Table 3 2 Cont Methods of the UserManager Interface Method Description User getUser java lang String username User getUser java lang String issuerDN java math BigInteger serial User getUser java security cert X509Certificate certificate int getUserCount java util List getUsers int start int max void init java util Properties properties boolean remove Group group boolean remove User user void setParent UserManager parent Returns the user with the specified user name or nu11 if there is no match Returns the user associated with this certificate or nu11 if either certificates are not supported or there is no user associated with this certificate Returns the user associated with this certificate or nu11 if either certificates are not supported or there is no user associated with this certificate Returns the number of users contained in this manager Throws Unsupported
183. thread pool created by default through the min max queue and keepAlive attributes of the lt global thread pool gt element in the server xm1 file Alternatively you can create two thread pools using lt global thread pool gt with different types of threads divided among the pools a The worker thread pool contains worker threads used in processing RMI HTTP and AJP requests as well as MDB listener threads These are process intensive and use database resources a The connection thread pool contains threads such as listener threads JDBC connection threads RMI server and HTTP server connection threads and background threads These threads are typically not process intensive To create two pools you must configure the min max queue and keepAlive attributes for the worker thread pool and the cx min cx max cx queue and cx keepAlive attributes for the connection thread pool All of these attributes must be configured if creating pools otherwise you will see the following error message Error initializing server Invalid Thread Pool parameter null See Table 2 2 on page 2 17 for descriptions of the attributes of lt global thread pool gt The following example initializes two thread pools for the OC4J process Each contains a minimum of 10 threads and maximum of 100 threads The number of requests outstanding in each queue can be 200 requests Also idle threads are kept alive for 700 seconds The thread pool information is print
184. tion ear lt compiler gt This element is deprecated for version 9 0 4 and forward See the lt java compiler gt element for the alternative For previous releases it specifies an alternative compiler such as Jikes for EJB JSP compiling Attributes a classpath my rt jar Specifies an alternative additional classpath when compiling Some compilers need an additional classpath such as Jikes which needs the rt jar file of the Java 2 VM to be included a executable jikes The name of the compiler executable to use such as Jikes or JVC cluster Cluster settings for this server Attribute a id 123 The unique cluster ID of the server lt execution order gt Defines the ordering of how the startup classes are executed Value is an integer OC4J loads from 0 on up If duplicate numbers OC4J chooses the ordering for those classes lt global application gt The default application for this server This acts as a parent to other applications in terms of object visibility Attributes name default Specifies the application path application xml gt Specifies the path to the global application xml file which contains the settings for the default application An application xml file exists for each application as the standard J2EE application descriptor file which is different than this file This application xml may have the same name but it exists to provide global
185. tion with its XML files into an EAR file and copy the EAR file to the applications directory The OC4J server notices the modified date and will redeploy the application as necessary WARNING Automatic deployment should only be used in a development environment The task manager that checks for updates can be time consuming Turn off automatic deployment in a production environment by setting the check for updates attribute to false For the first deployment of the FAO application locally do the following 1 Copy the FAQApp Home gt fagq dist FAQApp ear file to the j2ee home applications directory 2 Modify the j2ee home config server xml and http web site xml files to register the FAQ application in the j2ee home applications directory as follows a Inthe j2ee home config server xml file add the FAQApp entry as follows 1 10 Oracle Application Server Containers for J2EE Standalone User s Guide Configuring the FAQ Application Demo application name FAQApp path applications FAQApp ear gt This step deploys the FAQ application on OC4J The path is relative to j2ee home config Since the FAQApp ear file is in j2ee home applications this makes the path applications FAQApp ear For full details on the server xml configuration file see Elements in the server xml File on page B 6 b Inthe j2ee home config http web site xml file bind the FAQ Web application by adding the FAQApp entry a
186. to System err If not specified all errors are written to standard error See Table B 9 stdout stderr Archive Management Properties on page B 36 for additional system properties that can be set to manage stderr files verbosity Define an integer between 1 and 10 to set the verbosity level of the message output Example verbosity 10 monitorResourceThreads Enables backup debugging of thread resources Enable this only if you have problems that relates to threads getting stuck in critical sections of code userThreads Enables context lookup support from user created threads version Prints the version and exits help Prints the help message Options for the OC4J Administration Management JAR The admin jar command line tool enables you to administer any stand alone OC4J from a client admin console using a command line The syntax is as follows java jar admin jar ormi oc4j host oc4j ormi port admin id admin password options The options for the admin jar command line tool cover the four subjects below a General OC4J administration described in Table B 3 Application deployment described in Table B 4 B 26 Oracle Application Server Containers for J2EE Standalone User s Guide Standalone OC4J Command Line Options and Properties a Web site administration described in Table B 5 a Data source administration described in Table B 6 General OC4J Administration Table B 3 lists the admin jar options for gen
187. to take effect All system properties are prefaced with a D For example DGenerateIIOP a Table B 7 details general system properties a Table B 8 details debugging properties Additional Information B 33 OC4J System Properties Table B 7 D General System Properties for OC4J D Option Description java home java ext dirs java io tmpdir new tmp dir GenerateIIOP true false KeepIIOPCode true false oracle arraylist deepCopy true false dedicated rmicontext true false oracle mdb fastUndeploy lt int gt Sets the JAVA_HOME environment variable Sets the external directories to be searched for classes when compiling Default is tmp var To change the temporary directory for the deployment wizard The deployment wizard uses 20 MB in swap space of the temp directory for storing information during the deployment process At completion the deployment wizard cleans up the temp directory of its additional files However if the wizard is interrupted it may not have the time or opportunity to clean up the temp directory Thus you must clean up any additional deployment files from this directory yourself If you do not this directory may fill up which will disable any further deployment If you receive an Out of Memory error check for space available in the temp directory Default is false If true enables IIOP stub generation Default is false If true keeps the generated IIOP
188. tric collector For details on using the lt metric collector gt element and using metric based load balancing with mod oc4j see the Oracle Application Server 10g Performance Guide rmi config Attribute path Specifies the path to the rmi xml1 file path rmi xml lt sep config gt The lt sep config gt element in this file specifies the pathname normally internal settings xml for the server extension provider properties Attribute path The path of the server extension provider properties sfsb config Passivation for stateful session beans is automatically done unless you set the enable passivation attribute for this element to false For more information on stateful session bean passivation see the Advanced chapter in the Oracle Application Server Containers for 2EE Enterprise JavaBeans Developer s Guide Attribute Additional Information B 13 Elements in the application xml File a enable passivation Default is true which means that stateful session bean passivation occurs If you have a situation where your stateful session beans are not in a state to be passivated set this attribute to false shutdown classes Shutdown classes can be defined by the user and are executed after undeployment but before the core services are stopped lt shutdown class gt Each startup class is defined within the lt startup class gt element Attributes classname The classname of
189. ttribute indicates if this application should be automatically started each time OC4J is started http web site xml Addition You must designate the WAR file name and define the root context for the Web application which was deployed in the WAR file You can either bind the Web context through the admin jar bindWebApp option or edit the http web site xml file and add the following web app application myapp name myapp web root myapp a The name attribute is the name of the WAR file without the WAR extension The root attribute defines the root context for the application off of the Web site For example if you defined your Web site as http oc4j host 8888 then to initiate the application you would point your browser at http 0c47j host 8888 myapp Client Example The application client that accesses the myapp application has a descriptor which describes where to find the EJB stubs home and remote interface and its JNDI name The client XML configuration is contained in two files application client xml and orion application client xml The application client xml file contains a reference for an EJB as follows application client lt display name gt TemplateBean lt display name gt lt ejb ref gt lt ejb ref name gt TemplateBean lt ejb ref name gt lt ejb ref type gt Entity lt ejb ref type gt lt home gt mTemplateHome lt home gt lt remote gt Template lt remote gt lt ejb ref gt lt
190. ult JAZNUserManager In the jazn data xml file specify the following Username and passwords Name and description of users groups and roles B 2 Oracle Application Server Containers for J2EE Standalone User s Guide Description of XML File Contents principals xml This file contains security information for the OC4J server It defines the user and group configuration for employing the XMLUserManager which is no longer the default security manager In the principals xml file specify the following a Username and password for the client admin console Name and description of users groups and real name and password for users Optional X 509 certificates for users data sources xml This file contains configuration for the data sources that are used In addition it contains information on how to retrieve JDBC connections In the data sources xml file specify the following JDBC driver a JDBC URL JNDI paths to which to bind the data source a Username password for the data source Database schema to use Inactivity time out a Maximum number of connections allowed to the database Note Database schemas are used to make auto generated SQL work with different database systems OC4J contains an XML file format for specifying properties such as type mappings and reserved words OC4J comes with database schemas for MS SOL Server MS Access Oracle and Sybase You can edit these or make new schemas for
191. urns on Web Services debugging For example if you want to generate debug information on HTTP session events then you start OC4J as follows java Dhttp session debug true jar oc4j jar After OC4J is started with a specific debug option debug information is generated and routed to standard output In the above example you would see HTTP session information on your OC4J console as follows Oracle Application Server Containers for J2EE initialized Created session with id 36c04d8alcd64ef2b6a9ba6e2ac6637e at Mon Apr 15 12 24 20 PDT 2002 secure only false Created session with id 36c04d8alcd64ef2b6a9ba6e2ac6637e at Mon APR 15 12 36 06 PDT 2002 secure only false Invalidating session with id 36c04d8alcd64ef2b6a9ba6e2ac6637e at Mon APR 15 12 44 32 PDT 2002 created at Mon APR 15 12 24 23 PDT 2002 due to timeout If you want to save this debug information then you can redirect your standard output to a file using the out or err command line options as follows java Dhttp session debug true jar oc4j jar out oc4j out err oc4j err Advanced Configuration and Development 2 23 OC4J Debugging In addition to the specific sub system switches you can also start OC4J with a supplied verbosity level The verbosity level is an integer between 1 and 10 The higher the verbosity level the more information that is printed in the console You specify the verbosity level with the verbosity OC4J option in the OC4J command line option
192. utomatically detected and deployed by the running OC4J server In addition it performs the Web application binding for the default Web site auto start applications true false If set to true all applications defined in the lt applications gt elements are automatically started when the OC4J server is started If set to false the applications are not started unless their auto start attribute is set to true The default for auto start applications is true B 6 Oracle Application Server Containers for J2EE Standalone User s Guide Elements in the server xml File application directory applications Specifies a directory in which to store applications EAR files If none is specified the default OC4J stores the information in j2ee home applications deployment directory application deployments Specifies the master location where applications that are contained in EAR files are deployed The location defaults to j2ee home application deployments connector directory The location and file name of the oc4j connectors xml file check for updates true false Default in standalone OC4J is Crue If true task manager checks for XML configuration file modifications Thus if you set to false you can disable automatic refreshing of the configuration to any new XML modifications Also setting this attribute to false stops the automatic deployment of any applications until you execute admin jar updateConfig If
193. vers aiite ane unn peo e een Eee iiber aii neret stets cheat The Apache Software License issues aites eni eee eene nennen nnnenen Index vii viii Send Us Your Comments Oracle Application Server Containers for J2EE Standalone User s Guide 10g Release 2 10 1 2 Part No B14361 01 Oracle welcomes your comments and suggestions on the quality and usefulness of this publication Your input is an important part of the information used for revision Did you find any errors a Is the information clearly presented a Do you need more information If so where Arethe examples correct Do you need more examples What features did you like most about this manual If you find any errors or have any other suggestions for improvement please indicate the title and part number of the documentation and the chapter section and page number if available You can send comments to us in the following ways Electronic mail appserverdocs_us oracle com a FAX 650 506 7225 Attn Java Platform Group Information Development Manager m Postal service Oracle Corporation Java Platform Group Information Development Manager 500 Oracle Parkway Mailstop 4op9 Redwood Shores CA 94065 USA If you would like a reply please give your name address telephone number and electronic mail address optional If you have problems with the software please contact your local Oracle Support Services Preface This
194. vider needs client auth true false Tf setto true a client that wants to access a J2EE Web site needs to identify itself with a digital certificate If set to false a client does not need to identify itself with a digital certificate The default is false site remove Removes an existing Web site Supply the host and port of this Web site with the following subswitches host hostname The Web site host to be removed port portnum The Web site port to be removed site test Tests an existing Web site Supply the host and port of the Web site to be tested with the following subswitches host hostname The Web site host to be tested port portnum The Web site port to be tested site list Lists all existing Web sites B 30 Oracle Application Server Containers for J2EE Standalone User s Guide Standalone OC4J Command Line Options and Properties Table B 5 Cont Options for Web Site Administration site options Description site update Updates an existing Web site Supply information with the following subswitches oldHost hostname The old host of the Web site You can change the Web site host and port with the old and new subswitches oldPort portnum The old port of the Web site newHost hostname The new host of the Web site newPort portnum The new port of the Web site display name name The new display name of the Web site virtual hosts vhosts The new virtual hosts of the Web site
195. which is denoted with an orion prefix In addition the following are global configuration files for all components in the application The application xml as the global application configuration file that contains common settings for all applications in this OC4J instance The orion application xml file contains OC4J specific global application information for all applications in this OC4J instance The global web application xml file contains OC4J specific global Web application configuration information that contains common settings for all Web modules in this OC4J instance The oc4j connectors xml file contains global connector configuration information 2 2 Oracle Application Server Containers for J2EE Standalone User s Guide Overview of OC4J and J2EE XML Files Figure 2 1 OC4J and J2EE Application Files OC4J Server XML Files Server Configuration Web Site server xml web site xml principals xml data sources xml rmi xml jms xml loadbalancer xml Application XML Files Global Configuration EJB Web Module application xml ejb jar xml web xml orion application xml orion ejb jar xml orion web xml global web application xml oc4j connectors xml Client Connector application client xml ra xml orion application client xml oc4j ra xml Note Each deployed application uses an application xml as the standard J2EE application descriptor file That XML file is local to the ap
196. xample jdbc DefaultPooledDS Required pooledLocation JNDllocation The namespace location for the pooled source For example jdbc DefaultPooledDS xaLocation JNDllocation The namespace location for the XA source For example jdbc xa DefaultXADS Requied if ejbLocation is specified ejbLocation JNDllocation The namespace location for the container managed transactional data source This is the only data source that can perform global JTA transactions For example jdbc DefaultDS username username The username to log in with password password The password to log in with connectionDriver driverClass The JDBC database driver class classname DSclass The data source class name such as com evermind sql DriverManagerDataSource Required sourceLocation jndiDS The underlying data source of this specialized data source xaSourceLocation jndiXADS The underlying XA data source of this specialized data source Remove an existing DataSource Supply information with the following subswitches location JNDllocation The namespace location for the DataSource For example jdbc DefaultDS Required B 32 Oracle Application Server Containers for J2EE Standalone User s Guide OC4J System Properties Table B 6 Cont Options For Application And Data Source Management application Option Description application name Update an existing DataSource Supply information with the updateDataSource followi
197. y provided with the Sun Microsystems JDK Go to the following site for information about keytool http java sun com j2se 1 3 docs tooldocs win32 keytool htm1 During secure communication between the client and OC4J the following functionality is executed a The link all communications between the two is encrypted a OC4J is authenticated to the client through a security challenge and response A secret key is securely exchanged and used for the encryption of the link Optionally if OC4J is in client authentication mode the client is authenticated to OC4J Using Certificates with OC4J Standalone The steps for using keys and certificates for SSL communication in OC4J are as follows These are server level steps typically executed prior to deployment of an application that will require secure communication perhaps when you first set up OC4J 1 Use keytool to generate a private key public key and unsigned certificate You can place this information into either a new keystore or an existing keystore 2 Obtain a signature for the certificate using either of the following two approaches a You can generate your own signature by using keytool to self sign the certificate This is appropriate if your only clients will trust you as in effect your own certificate authority You can obtain a signature from a recognized certificate authority through the following steps a Using the certificate from Step 1 use keytoo
198. y role of the same name in the assembly descriptor Attributes a impliesAl11 Whether or not this mapping implies all users The default is false name The name of the role user name theUser gt A user that this security role mapping implies Attribute name The name of the user lt user manager class com name of TheUserManager display name Friendly UserManager name gt Specifies an optional user manager to use For example user managers are com evermind sql DataSourceUserManager com evermind ejb EJBUserManager and so on These are used to integrate existing systems and provide custom user managers for Web applications Attributes a class The fully qualified classname of the user manager a display name A descriptive name for this UserManager instance web module id myWebApp path myWebApp war gt A Web application module of the application Each Web application can be installed on any site and in any context on those sites for instance http www myserver com myapp Attributes a id The name used to reference this web application when used in web sites etc a path The path relative to the enterprise archive or absolute to the web application write access The write access policy Elements in the application client xml File This section describes the J2EE application client deployment descriptor file Additional Information B 21 Elements in the application client x
199. y you require Confidentiality through encryption is supplied with SSL This chapter describes the following topics a Overview of Security Functions a Authentication Authorization Plugging In a User Manager Confidentiality Through SSL For a broader description of Oracle Application Server security see the Oracle Application Server Security Guide and the Oracle Application Server Containers for J2EE Security Guide Overview of Security Functions OC4J security is based on a two step process First a user or group attempting to access a J2EE application is authenticated and then it is authorized Authentication and authorization are provided under various user managers such as the JAZNUserManager and XMLUserManager classes The JAZNUserManager class is the default and offers the best security The XMLUserManager is the simplest method for security The JAZNUserManager leverages the OracleAS JAAS Provider as the security infrastructure for OC4J by using either the Lightweight Directory Access Protocol LDAP based or the XML based provider type The XMLUserManager is configured using a file so the passwords are visible See Plugging In a User Manager on page 3 8 for details on the OracleAS JAAS Provider provider types and user managers Also see the Oracle Application Server Containers for J2EE Security Guide for details on the OracleAS JAAS Provider and provider types Note The default user manager was changed f
Download Pdf Manuals
Related Search
Here hereditary heretic heredity here movie heretic definition hereinafter heresy definition hereditary meaning here comes the sun here\u0027s johnny hereby here comes the guide hereditary hemochromatosis hereditary angioedema here i am to worship lyrics here comes the sun lyrics heretic movie hereditary spherocytosis herencia hereditary movie here to slay hereditary hemorrhagic telangiectasia heredia costa rica here come the mummies here comes the bus