Problem with EJB3 security in JBoss 4.2.X

November 7th, 2007 Radim Marek

Release of JBoss 4.2.X has been significant because of the integration of important bits from Java EE before release of JBoss AS 5. Sadly important fix to align EJB3 security in this branch, announced for version 4.2.1 (JBAS-4198) does not exist. Duplicate ticket (JBAS-4423) has been reason why this issue has been closed in JIRA as duplicate ticket, unfortunately with fix version assigned – yes, you can guess - to 4.2.1.

Therefore if you’re trying to use @RunAs annotation on MDB in order to call secured session beans, you’ll experience following exception:

java.lang.IllegalStateException: No valid security context for the caller identity

I truly hope this task will be integrated into 4.2 branch and we don’t have to wait for release of JBoss AS 5.

Original topic from JBoss Forums:
Bug in SecurityAssociation(?) - EJB3 MDB Calls

My topic to verify the problem:
@RunAs on MDB and not finished alignation of EJB3 security

Posted in jboss | No Comments »

JBoss Seam 2.0 released

November 6th, 2007 Radim Marek

Finally I can delete all my betas, because JBoss Seam 2.0 has been released today.

Link: Download
Link: Documentation

Don’t miss official post What’s new in JBoss Seam, or check my list published few weeks ago.

Posted in seam | No Comments »

Dev Fu: Bowler Hat strikes back

November 4th, 2007 Radim Marek

World of open source has changed drastically and so has one of the most iconic company behind it – RedHat. Open source reached enterprise. Enterprise reached open source. The share price is becoming more important than latest kernel version.

If there wasn’t the acquisition of JBoss by RedHat last year, I would probably forget about RedHat for once and for all. But things went in the rather different direction. Let’s hope it’s for good in the longer term. Lately the some negative changes emerged. For example in the last couple of months, alterations to the JBoss website made it quite hard to distinguish the open source projects and commercial enterprise middleware. The separation of jboss.com and jboss.org (labs.jboss.com) hasn’t been promoted as much as it would be needed. The constant questions I’m facing related to this topic are bitter evidence of this problem. I have to ask myself, if it is so difficult to separate both domains completely? I don’t think so.

But to switch to positive note, I would like to dedicate this post to RedHat’s new developers’ portal called Dev Fu. Recently it seems to receive the attention and new articles are being published frequently. Hopefully it will help to improve perception of identity of the RedHat’s open source projects and that’s the reason why I’m happy to promote it. The other question is the mixture of Linux and JBoss articles, but we shall see how this rather difficult combination is going to settle down.

Link: Dev Fu [http://developer.redhatmagazine.com/]

Personally I would like to recommend article Continuing the Conversation – Understanding Seam Nested Conversation. Because the conversations are one of the most important parts of JBoss Seam, this article should provide you enough information to understand the concept behind it and therefore understand the framework a little bit more.

Posted in jboss | No Comments »

What’s new in JBoss AS 5

October 28th, 2007 Radim Marek

It’s a long wait for JBoss version 5. If you’re anxious to get more information without digging deep into the beta version or current trunk, there are notes available from Mark Newton’s presentation ‘What’s new’ in JBoss AS 5, published on Christian Bauer’s blog.

Link: JBoss AS 5 Presentation Liveblog

Posted in jboss | No Comments »

Extending Seam Components

October 14th, 2007 Radim Marek

An important characteristic of every framework is a level of possible extensibility. JBoss Seam scores top marks in this perspective. Reason for it is simple. The main goal, to introduce consistent programming model that will make various frameworks to work together, is not just promoted for application developer, but also used through-out Seam itself. So with knowledge how to use component model and a quick insight behind the scene, you can easily start extending built-in components.

Mechanism you need to understand is component deployment process. Seam application start-up is triggered by the context listener which instantiates the Initialization object responsible for building configuration metadata. That is accomplished by collection of data from standard configuration files (WEB-INF/components.xml and deprecated WEB-INF/events.xml), configuration properties (supplied both from servlet context and file name seam.properties in the root of the classpath) and eventually by scanning archives in the application classpath for classes annotated with @Name which implies the Seam component.

Dependency Manager is then responsible for evaluation of component dependency to determine which components are to be installed.

And that’s the place where Seam utilizes another annotation - @Install. It does not only specify whether or not the component should be installed (this might be overridden by configuration files) and its dependencies, but also specifies precedence of the component. If two components with the same name are present, Dependency Manager will offer for installation only the one with higher precedence.

The precedence is specified integer value and following pre-defined constants are available:

• BUILT_IN [0] used for built-in components
• FRAMEWORK [10] to be used by frameworks which extend Seam
• APPLICATION [20] default precedence, to be used by application components
• DEPLOYMENT [30] used for overriding components for particular deployment
• MOCK [40] for objects used in testing

Further control over the components deployment process is provided by following two annotations:

• @BypassInterceptors which disables all Seam interceptors on particular class or method.
• @Startup to control initialization of component depending of scope its available in
  

With this overview you’re ready to extend any provided component, either Seam built-in or available within 3^rd party framework or application.

Extending Identity object

As example I’ll show you how to extend built-in identity object to support custom JAAS Login Module that requires custom callback handler to be used to obtain/provide further information. This particular implementation adds functionality to support NTLM as other authentication method (together with customized jCIFS library) and NTLM support iself is not part of this code snapshot.

@Name("org.jboss.seam.security.identity")
@Scope(SESSION)
@Install(precedence = APPLICATION)
@BypassInterceptors
@Startup
public class NTLMIdentity extends Identity {

  //
  // custom code
  //

  @Override
  public String login() {
    try {
       retrieveNTLMAuthenticationDetails();
    } catch (LoginException le) {
       log.error("Unable to retrieve NTLM authentication details!", le);
       return null;
    }
  }

  @Override
  protected CallbackHandler getDefaultCallbackHandler() {
     return new CallbackHandler() {
       public void handle(Callback[] callbacks)
          throws IOException, UnsupportedCallbackException {
          for (int i = 0; i < callbacks.length; i++) {
            if (callbacks[i] instanceof NameCallback) {
              ((NameCallback) callbacks[i]).setName(getUsername());
            } else if (callbacks[i] instanceof PasswordCallback) {
              ((PasswordCallback) callbacks[i]).setPassword(getPassword() != null ?
                  getPassword().toCharArray() : null);
            } else if (callbacks[i] instanceof SFSIdentityCallbackHandler) {
               processSFSCallbackHandler((SFSIdentityCallbackHandler) callbacks[i]);
            } else {
               throw new UnsupportedCallbackException(callbacks[i], "Unsupported callback");
            }
         }
       }
     };
   }

   //
   // custom code
   //
  }

Where @Name is specified to override Seam built-in Identity component, and precedence set higher than BUILT_IN. If you run application, the result of #{identity} and Identity.instance() will always be NTLMIdentity object.

Posted in seam | 5 Comments »

JBoss Seam 2.0 - What’s new

October 6th, 2007 Radim Marek

Next week I will be doing an in-house JBoss Seam training for client who migrates frontend solution from .NET to Java. Because my personal experiments are mainly based on upcoming version 2.0, the fact second release candidate is available and GA release is just few days away, the whole training is built around the new version. For better understanding I’ve compiled description of some features and changes in Seam 2.0 from documentation and JIRA tickets.

Please note that this description is based only on my personal investigation and isn’t provided from project (RedHat/JBoss) sources.

New features are:

Seam WS allows Seam components to function as Web Service endpoints

Seam components not just can act as Web Service endpoints, but can directly participate in long running conversations. A handler has been provided to manage Seam’s lifecycle during the scope of a web service request. Conversation ID is carried from and to client using SOAP header element and it is client’s responsibility to implement propagation individually.

Although it’s possible to make Seam component a web service endpoint and use bijection fetures, recommended strategy is to use it as a facade to a conversational Seam component.

Seam components may now be written in Groovy

In case you haven’t heard about Groovy, it’s an agile dynamic language build upon the strength of Java with features inspired from Python, Ruby and Smalltalk, and that’s all with almost-zero learning curve.Mixture of Java and Groovy classes is possible, in debug mode with hot-deployment ability.

The Seam core is now independent of JSF

Following to questionable position of JSF on the market there is no hard dependency on JSF in Seam 2.0 core. This should allow exclusive integration with other frameworks (for example GWT or Apache Wicket) that can faster react to latest development (because they are not subject to standardization process).

Experimental support for the Google Web Toolkit

As mentioned above, there is now possibility to integrate different frameworks, so if you prefer GWT to develop dynamic AJAX applications Seam now provides experimental integration.

Integration of Hibernate Search

Seam 2.0 provides injection of FullTextSession or FullTextEntityManager as required when Hibernate Search is used, giving possibility to search specially annotated domain model.

Introduction of JBoss EL, an extension to the Unified EL of Java EE 5

Unified Expression Language of Java EE has been extended by JBoss EL to support following features:

• Parameterized Method Bindings to allow methods with parameters to be used in EL and parameters to be evaluated as separate expressions.
• Parameterized Value Bindings which gives ability to access classes that don’t follow JavaBean naming conventions.
• Limited support of projection list into sub-expression to access elements without need of creating specific methods within the Seam component.

Charting integration in PDF and HTML, using JFreeChart

Free Java chart library

Major enhancements to Seam Asynchronicity, including Quartz integration

Default dispatcher can be now replaced either by EJB timer service or alternative Quartz library by simple configuration statement in components.xml. Additionaly the Quartz dispatcher support three new annotations to control final expiration of the recurring task, UNIX Cron syntax for task scheduling and support for ⁿth business day scenario.

Major enhancements to jBPM integration

Including support for asynchronous calls and scheduling, propagation of business/process key available on annotation level and unified use of JBoss EL, as in jBPM 3.2.1.

Support for pageflow composition

Allows to pause one pageflow while another (as sub-processes) executes.

New transaction abstraction layer with support for non-JTA environments

Seam now provides out-of-box integration with multiple transaction APIs (JPA RESOURCE_LOCAL for not participating in JTA transactions, Hibernate and Spring managed transactions)

Migration to JSF 1.2

Latest specification of JSF is now used

Maven used to manage list of dependencies

More information available in Pete Muir’s post Seam Published To Maven.

Completely reorganized packaging of built-in components

Simplified configuration

Enhancements to the integration testing framework

Enhanced JavaDoc

Two new example applications

Migration to the new Embedded JBoss

Many bugfixes

Posted in seam | 1 Comment »

Running multiple instance of JBoss AS

September 25th, 2007 Radim Marek

Either setting up clustered environment for development/testing, need to isolate different application, or necessity of running different version of JBoss AS on the same machine. No matter what is the reason for running multiple instances of JBoss AS, for most users it’s quite a daunting task. Most common technique how to achieve it is complicated manual change of all ports numbers to be different. But what to do during upgrade? Do you really want to go through it all over again?

Read the rest of this entry »

Posted in Administration | No Comments »

JBoss Seam 2.0 CR1 Released

September 20th, 2007 Radim Marek

Recently, I’ve spent some time playing with JBoss Seam. Interested by its development model, supplemental to Java EE 5, I’ve been using latest trunk from CVS for upcoming release.

Today, I was pleasantly suprised to find an announcement about the release candidate of upcoming version 2.0, complete with list of new features. RedHat/JBoss definitely seems to be dedicating a lot of energy to this project.

Sadly Michal Yuan, author of the excellent book JBoss Seam: Simplicity and Power Beyond Java EE, is leaving the project (updated: not project, but only RedHat as an employee).

Posted in seam | 1 Comment »