Welcome to my website. I am always posting links to photo albums, art, technology and other creations. Everything that you will see on my numerous personal sites is powered by the formVistaTM Website Management Engine.


  • Adding MultipartConfig Configuration to web.xml in JBoss 6.x for a Servlet 3.0 File Upload Servlet
    01/12/2012 11:45AM

    If you do not want to hard-code your file upload servlet with the @MultipartConfig annotation but would rather add it to your <servlet> configuration element in web.xml, following is the syntax (add this as a child element of <servlet>):


  • Configuring JBoss 6.x for HTTPS with a Self-Signed Cert
    01/03/2012 11:57AM

    This tutorial makes the following assumptions:

    • That you are running JBoss under a 'jboss' user whose home directory is /home/jboss/

    For the following examples the string "<server-name/ip>" should be replaced with the domain name, or ip address from which the site will be accessed via https.  Also the path to your installed JDK is likely different.

    • Create a new keystore using the jdk provided binary:
    # /usr/lib/jvm/java-1.6.0-openjdk/bin/keytool -genkey -alias your_alias -keyalg RSA -keystore keystore.jks

    Enter keystore password:
    Re-enter new password:
    What is your first and last name?
      [Unknown]: <server-name/ip>
    What is the name of your organizational unit?
      [Unknown]:  Your Unit
    What is the name of your organization?
      [Unknown]:  Your Organization
    What is the name of your City or Locality?
      [Unknown]:  Your City
    What is the name of your State or Province?
      [Unknown]:  MD
    What is the two-letter country code for this unit?
      [Unknown]:  US
    Is CN=<server-name/ip>, OU=Your Unit, O=Your Organization, L=Your City,
    ST=MD, C=US correct?
      [no]:  yes

    Enter key password for <your_alias>
            (RETURN if same as keystore password):
    Re-enter new password:

                    . When propmted for the key password, you must enter the same password as you first entered, when going through the keystore prompts.
                    . Put the keystore file in the /home/jboss directory

    • Export the generated server certificate in .keystore to server.cer
    # /usr/lib/jvm/java-1.6.0-openjdk/bin/keytool -export -alias your_alias -storepass password -file server.cer -keystore keystore.jks
    • Create a trust-store file and add the server cert to it
    # /usr/lib/jvm/java-1.6.0-openjdk/bin/keytool -import -v -trustcacerts -alias your_alias -file server.cer -keystore cacerts.jks -keypass password -storepass password

    It will display the following:

    Owner: CN=<server-name/ip>, OU=Your Unit, O=Your Organization,
    L=Your City, ST=MD, C=US
    Issuer: CN=<server-name/ip>, OU=Your Unit, O=Your Organization,
    L=Your City, ST=MD, C=US
    Serial number: 4e20527c
    Valid from: Fri Jul 15 10:45:16 EDT 2011 until: Thu Oct 13 10:45:16 EDT 2011
    Certificate fingerprints:
             MD5:  B9:25:A0:89:B9:A3:62:44:38:DD:B7:13:2C:05:C5:8C
             SHA1: 3C:F9:54:2D:96:0C:D7:F9:C5:DA:24:54:A3:29:41:98:5E:01:2C:97
             Signature algorithm name: SHA1withRSA
             Version: 3

    . Enter 'yes'
    Trust this certificate? [no]:  yes
    Certificate was added to keystore
    • Edit the JBOSS config file $JBOSS_HOME/server/server_profile/deploy/jbossweb.sar/server.xml
                    . Make a copy of the following block of XML

          <!-- SSL/TLS Connector configuration using the admin devl guide keystore
          <Connector protocol="HTTP/1.1" SSLEnabled="true"
               port="${jboss.web.https.port}" address="${jboss.bind.address}"
               scheme="https" secure="true" clientAuth="false"
               keystorePass="rmi+ssl" sslProtocol = "TLS" />

                    . Make the following changes:

            <Connector protocol="HTTP/1.1" SSLEnabled="true"
                    port="${jboss.web.https.port}" address="${jboss.bind.address}"
                    scheme="https" secure="true" clientAuth="false"
                    sslProtocol = "TLS" />

                    . Disable unencrypted http/8080 access to the server by commenting out the following:

          <Connector protocol="HTTP/1.1" port="${jboss.web.http.port}"
             redirectPort="${jboss.web.https.port}" />
    • Set up port forwarding for port 443 to 8443 via iptables  Use the following iptables commands, replacing $IPADDR with the IP of your web server

      # iptables -t nat -A OUTPUT --destination localhost -p tcp --dport 443 -j REDIRECT --to-ports 8443
      # iptables -t nat -A OUTPUT --destination $IPADDR -p tcp --dport 443 -j REDIRECT --to-ports 8443
      # iptables -t nat -A PREROUTING --destination $IPADDR -p tcp --dport 443 -j REDIRECT --to-ports 8443

      # /etc/init.d/iptables save
      # /etc/init.d/iptables restart

  • Fixing JBoss Error installing to Start: name=IIOPInvoker state=Create: java.net.UnknownHostException:
    01/03/2012 11:22AM

    If you ever see the following when attempting to start up an instance of JBoss 6.x:

    15:41:15,740 ERROR [AbstractKernelController] Error installing to Start: name=IIOPInvoker state=Create: java.net.UnknownHostException: some_host_name: some_host_name
            at java.net.InetAddress.getLocalHost(InetAddress.java:1426)
            [:1.6.0_17] at org.jboss.invocation.iiop.IIOPInvoker.start(IIOPInvoker.java:233) [:6.0.0.Final]

    It is because JBoss cannot resolve the host name of the machine on which it is running.  To fix:


    • Edit /etc/hosts and add the name of the box pointing to an ip address.
    • Set up a proper DNS entry for the host name of the machine.
  • Installing Jboss 6.1.0-Final under RHEL or CentOS
    12/22/2011 12:19PM

    The following is a howto for installing Jboss under Red Hat Enterprise Linux or CentOS.  The steps are most likely the same under any other Linux distro.

    • Unpack your jboss.zip (or .tar)
    • Jboss requires a 'place' to store data as it runs.  Out of the box it uses org.jboss.jdbc.HypersonicDatabase which is horribly inefficient and should never be used in a production system.  So we'll set up MySQL such that jboss can write to it (installing and configuring MySQL is an excersize for the reader) and create a DataStore instance in jboss that points to the MySQL server:
    Add a jboss user to MySQL (This is with a 5.x version of MySQL)

    INSERT INTO `user` VALUES ('localhost', 'jboss', '5d2e19393cc5ef67', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'N', '', '', '', '', 0, 0, 0, 0)

    Create a table for jboss
    • Create a DataSource definition:
    Copy mysql-ds.xml from $JBOSS_HOME/docs/examples/jcs/mysql-ds.xml to $JBOSS_HOME/server_profile/deploy

    Edit the mysql-ds.xml:

    Change JNDI name to: DefaultDS

    Update the URL to point to the MySQL server and jboss database.

    Remove the 'zeroDateTimeBehavior=convertToNull' connection argument

    # mv deploy/hsqldb-ds.xml deploy/hsqldb-ds.xml.removed.   This will disable the default HyperSonic db DataStore.
    • Unistall the services that you do not need.  This will greatly depend on what it is that you are trying to do with this application server instance.  Following are some examples of services that are removed and how to do it.  Each one is a bit different.
    In deployers/jsr77-deployers-jboss-beans.xml: Comment out the following: <property name="mailService">jboss:service=Mail</property>

    # mv deploy/mail-service.xml deploy/mail-service.xml.removed

    # rm -rf deploy/jms-ra.rar/
    # rm -rf deploy/hornetq/
    # mv deployers/hornetq-deployers-jboss-beans.xml deployers/hornetq-deployers-jboss-beans.xml.removed


    # mv ./deployers/clustering-deployer-jboss-beans.xml ./deployers/clustering-deployer-jboss-beans.xml.removed
    # rm -rf ./deploy/mod_cluster.sar/
    • Update the admin console password:
    Edit: $JBOSS_HOME/server_profile/conf/props/jmx-console-users.properties

    Add a uid/password combination in the following format: uid=password
    • Secure the jmx-console:
    Copy the jmx-console.war from the common directory into the server_profile server dir.
    # cp -Rpf ./common/deploy/jmx-console.war/ server/amap/deploy

    Edit: ./deploy/jmx-console.war/WEB-INF/jboss-web.xml

    Uncomment the <security-domain> node

    Edit: ./deploy/jmx-console.war/WEB-INF/web.xml

    Uncomment the <security-constraint> node

    Edit: ./deploy/jmx-jboss-beans.xml

    Uncomment the line: <property name="securityDomain">jmx-console</property>

    Edit: conf/props/jmx-console-users.properties

    Change the password

    With that, you should have an instance of JBoss up and running and ready for you to develop your applications.

  • Configuring JBoss 6.x to Run as a Service Under RHEL and CentOS
    12/22/2011 11:28AM

    In most cases you will want to run JBoss as a non-privileged user.  For this example we will set up a jboss user (adding the user is an excersize for the user).  This example covers jboss-6.1.0-Final.

    • Add $JAVA_HOME and $JBOSS_HOME environmental vars to .bash_profile for your jboss user.  $JAVA_HOME points to your install of the JDK and $JBOSS_HOME points to your jboss installation directory.
      export JAVA_HOME
      export PATH
    export JBOSS_HOME

    • Once you have done the basic JBoss installation set up, copy the jboss_init_redhat.sh to /etc/init.d/jboss.
    • Add the following directly below the #!/bin/bash line:
    # description: JBoss Start Stop Restart
    # processname: jboss
    # chkconfig: 234 20 80

    • Set JBOSS_HOME
    • JAVAPTH to the location of your JDK
    • Set JBOSS_CONF to the profile you want to run
    • define a $JBOSS_HOST variable and set it to either the IP address or host name of the machine on which you are running jboss.
    • Update the JBOSSCP to include the jbossall-client.jar
    • Replace the JBOSS_CMD_STOP with the following line (the uid:password combo is whatever you used to lock down the admin console in jboss):
    JBOSS_CMD_STOP="$JBOSS_HOME/bin/shutdown.sh -s service:jmx:rmi:///jndi/rmi:// -u admin -p password"
    • Enable jboss as a service in the OS:
    • Make the jboss script executable:
    • # chmod 755 jboss
    Add it as a service via chkconfig:
    • # chkconfig --add jboss
    Set the run levels for the jboss service
    • # chkconfig --level 2345 jboss on
  • 1 2 >>
Advanced Search