I have a Spring application, and I have enabled JMX for some beans. For each beans, at least, I have a get operation and a set operation. I have read a little about Jolokia, and it provides an HTTP bridge between you and JMX. It provides a way to sent GET requests to read the value of managed beans, and POST request to set them as well.
I'm wondering if, either Jolokia ships with a way to autogenerate a web page, where you can read/write your managed beans from, or if there is already a tool for this.
For example, let's say Jolokia has this capability. So then, if you go, per say, to localhost:8080/jolokia/dashboard, you will see an autogenerated web page like this:
beanName1: vaue1 EditButton1
beanName2: vaue2 EditButton2
.
.
beanNameN: valueN EditButtonN
I think it can be such a nice tool, and it can be autogenerated. VisualVM does this in a great way, but in a HTTP world basis, it could be really good to monitor your application from your Mobile anywhere.
If you really want just a simple web ui for jmx management, have a look at https://github.com/lbovet/jminix
I was able to accomplish this by using JMinix
Related
If I want to have asynchronous components of my app talk to each other via RESTful endpoints and callbacks, they need to be able to know their own URLs (protocol+hostname+port). I can think of a few ways to tell them this info via semi-hacky ways involving environment variables or post-startup commands, but I'm curious if there's any widely-used techniques to this.
Usually each RESTful endpoint has its own (internal) DNS name, which the other nodes know and use. As servers go up and down, they all maintain the same URL endpoint name, hence the RESTful calls remain active. This is most helpful for synchronous usage.
For asynchronous usage you'd usually use a queuing solution. In amazon you can use AWS SNS. You'd post a topic and the appropriate service would pick it up for processing.
I've got a question about hawt.io security.
I've installed hawt.io as a web application (currently its embedded jetty but we have an option to use tomcat in an embedded / regular mode as well).
Hawt.io visualizes the JMX mbeans tree of the same process, we don't connect to remote servers, everything is local.
What I would like to do is to find the best way to provide an authentication and authorization mechanism to be used:
User's authentication: should be done preferably via LDAP
User authorization: some users can gain full access to all mbeans, others are restricted to not execute mbean operations, but only read attributes.
I thought that I can install a web filter, in jetty I can do it outside the web.xml and check requests, but since hawt.io uses POST web method to communicate to its internal jolokia, the identifier of the operation execution is inside the body of the request, so I don't really have an access to it from within the web filter since in Java Servlets I can read the request body only once. I know I can provide a 'fake request', but maybe there exists a better solution.
Maybe someone can provide relevant configuration snippets for configuration of such an installation. Thanks a lot in advance
For role based authorization you can query up-front if the user has access to a given mbean/operation/attribute. If you implement this interface
you can probably integrate with some server-side authorization for JMX. By default hawtio uses a dummy implementation that lets everything through. This all was originally designed to work with the JMX guard stuff implemented for Apache Karaf which exposes the same mbean but actually does restrict access via ACL configuration. Anyways, the client-side javascript is set up to locate this mbean by scanning for "type=security;area=jmx", just set a higher 'rank' attribute in your mbean and the javascript will use it.
I'm looking at exposing separate services inside an application server, and all services need to authenticate with the same API key.
Rather than each request authenticating with the DB individually, I was hoping I could write the authentication service and configuration once, do some caching of the available API keys, and expose that auth service to the other services on the app server (TC, Glassfish, etc). I don't think HTTP loopback is a good choice, so I was looking at Spring Integration, JavaEE, RMI, etc.
There's lots of info available, but it's still not clear to me if this is something that Spring Integration can support after reading through some documentation and projects. It looks like Spring makes the assumption you're in-app, or MQ based (external MQ or embedded MQ.) I'm also not sure if this is something inherently available in EJB implementations with Jboss or Glassfish...It seems like it might be though.
While MQ's seem possible, they seem like overkill for what my purpose is. I really just need to pass a bean to my authentication service on the same box, and respond with a bean/boolean on whether the key was approved or not.
Anyone have some guidance on accomplishing something like this? (or maybe why I'm making the wrong decision?)
You can do it via plain PCT/IP or RMI.
But I don't see problem to follow with Micro Service Architecture principles and use the Spring Integration REST ability
Any networks access you always can restrict via firewalls and HTTP-proxies.
I have a scenario where i am hosting different java Rest Services on different Tomcat instances (different machines). These projects running on the tomcats do not have any UI. For simplicity's sake, lets assume that the user will directly enter some URL in the browser (or curl) to avail these services. Now I need this service to be able to talk to (call functions) the services available in the other tomcat instance.
For eg. If TomcatInstance1 gets the call, and all this does is act as a 'router' to the different services, i want it to be able to place the Rest call for the other 'service' available on, say, TomcatInstance2. Is this possible?. If so, how to achieve that? (Tried searching for similar questions on SO, couldnt find any). Are there any online reference for the same?
PS: Hosting the services in the same Tomcat Instance is against the requirement that I'm having.
That is completely possible. You can use (for example) Jersey-client (http://jersey.java.net/) to make the queries to the other RESTful web services in the other Tomcat instances. Only need to define the correct URIs of the end points and query them according the the API exposed and call it (like you were a client from a browser, or curl).
See here a nice example of using Jersey-client to do that: http://www.mkyong.com/webservices/jax-rs/restful-java-client-with-jersey-client/
I would suggest Spring Restful api ( http://static.springsource.org/spring/docs/3.0.0.M3/reference/html/ch18s02.html , http://www.mkyong.com/spring-mvc/spring-3-rest-hello-world-example/ ).
As #emgsilva mentioned the only thing you need to do is to point correct uris between each other.
The beauty of spring restful api is it is simple to use and you don't deal with any serialization - deserialization.
I'm looking for some advice on the simplest way to create some product registration communication. I have a Java desktop application that needs to be re-newed every year. When a user downloads and install this app (through JNLP) they get a limited demo-version. There is code in place on the client to "register" the product and unlock all of the features.
My next step is to build the server-side components. There will be a database with customer ID numbers and other information about the customer. When the user clicks register, some contact information will be sent to the server as well as some product registration ID. The server will check this against the database and then either give the client the o.k. to unlock the features or the user will be informed that the registration id was not valid. This seems like a very standard thing. So what is the standard way to do it?
I have my own VPS and I'm running Tomcat, so I'm really free to implement this any way I choose. I was planning on building some web service, but I have never used REST before.
Use REST; REST is nothing more than using plain HTTP 'better'. Since you are already using HTTP, somehow you are already doing REST like calls and moving these calls to full fledged REST will be easy.
Implementing REST calls is easy. You have two approaches:
Low end: using URLConnection objects on the client, servlets on the server and following some REST conventions on using HTTP methods and 'clean' URLs (see here). Advantage is that you need no 3rd party library and minimize the footprint. Maintenance and evolutions are harder though.
High-end: a framework and specifications like JAX-RS. Using Restlet you can be up in running with a REST server in a couple of hours without having to deploy a servlet container.
Don't use SOAP. The only reason you would want to use SOAP is that you want to contractualise using a WSDL what you are exposing (you can do the same with REST btw, see the Amazon documentation for instance). Trust me, SOAP is way too heavy and confusing for what you are trying to do.