I need to have the information and operations of my MBeans in my applications and I need this to be as a web application.
My app server is Weblogic 10.3.2
Actually I need an application which can do the things(only about MBeans) like JConsole does(both functionally and visually).
ANy applications u know? or any code examples to do it easilly?
Thanks
Ali
Take a look at:
Jolokia: Deploys as a WAR or a JavaAgent and exposes JMX ops and attributes through a REST API. There's no actual console as yet, but check here and here for possible implementations.
OpenDMK: This is the open-sourced Java Dynamic Management Kit. It contains, among other things, a HTML Protocol Adaptor which provides a very basic browser accessible view of your MBeanServer.
MX4J: Also provides an HTTP Protocol Adaptor.
The last 2 are not particularly active any more, but I can attest to their stability.
Related
Is there a way to secure Hadoop (version 2.7.2) web user interface - JobTracker, etc. - by using the available Linux accounts of the system? My goal is somewhat similar to what the old mod_auth_pam and the newer mod_authnz_external and pwauth is to Apache. I found a description on how to password protect these interfaces, however it would be much easier if an additional user-password list would not be required to be maintained just for this.
Configuring Hadoop into secure mode and using Kerberos authentication would be one option, but since I have a small cluster with few users, mainly for testing purposes, it would be nice if a not so robust solution would be available for the Jetty web server as well, since my goal is just to make the web UI not public towards the world.
I've got a question about hawt.io security.
I've installed hawt.io as a web application (currently its embedded jetty but we have an option to use tomcat in an embedded / regular mode as well).
Hawt.io visualizes the JMX mbeans tree of the same process, we don't connect to remote servers, everything is local.
What I would like to do is to find the best way to provide an authentication and authorization mechanism to be used:
User's authentication: should be done preferably via LDAP
User authorization: some users can gain full access to all mbeans, others are restricted to not execute mbean operations, but only read attributes.
I thought that I can install a web filter, in jetty I can do it outside the web.xml and check requests, but since hawt.io uses POST web method to communicate to its internal jolokia, the identifier of the operation execution is inside the body of the request, so I don't really have an access to it from within the web filter since in Java Servlets I can read the request body only once. I know I can provide a 'fake request', but maybe there exists a better solution.
Maybe someone can provide relevant configuration snippets for configuration of such an installation. Thanks a lot in advance
For role based authorization you can query up-front if the user has access to a given mbean/operation/attribute. If you implement this interface
you can probably integrate with some server-side authorization for JMX. By default hawtio uses a dummy implementation that lets everything through. This all was originally designed to work with the JMX guard stuff implemented for Apache Karaf which exposes the same mbean but actually does restrict access via ACL configuration. Anyways, the client-side javascript is set up to locate this mbean by scanning for "type=security;area=jmx", just set a higher 'rank' attribute in your mbean and the javascript will use it.
We are developing a java application which provide web services through SSL. This application is running in Tomcat server.
The purpose of web services is insert, update and select data. So under web service tier is implemented backend tier, which provide access to database.
Suddenly we were asked to build swing application which will also access the data in database. We want to use the same backend (exactly the same runtime) which is used for web service application. How to reach this goal?
I see following possibilities:
use web app instead swing application, which will be part of the same project like web service application and then it will be able to connect backend
Provide some extra web services for swing application only.
Use JMX. It is possible run JMX on Tomcat. Backend could provide functionality through JMX and Swing application could connect it.
Each of these possibilities have advantages and disadvantages. We followed solution 3 and I think it wasn't a clever selection. JMX has problem with generics, you can run only one JMX on tomcat etc.
Java world is rich and there should be some optimal solution for this situation. Could you help?
Add a web service client to the Swing app and let it make exactly the same calls to web services that a browser based UI would.
You're certainly free to add extra, Swing-only web services if you choose.
I didn't think JMX was anything other than a way to allow you to monitor MBeans using a JConsole. What does that have to do with Swing?
I am a little confused about the roles of a java application server and its differences from a web server.
I found many sites explaining the same difference between the two but not to my satisfaction.
So please explain me about the two following cases:-
1)App. Server and its difference with web server:
From these two links:
Difference between an application server and a servlet container?
What is the difference between application server and web server?
web server: It handles everything through http protocol by accepting requests from clients and sending
responses to them with the help of its servlet container(e.g Apache Tomcat)
App. Server: An application server supports the whole of JavaEE like JMS,JPA,RPC etc.
Now what I am confused with is that how can I use a lot of JavaEE APIs like JMS,JPA etc. with my Tomcat
by adding their jar files in my web application ?
Does that mean that if I use an appliation server I don't have to add those jar files?(I don't think so)
2)The roles of an appl. server (This is very important to me)
From Wikipedia
http://en.wikipedia.org/wiki/Application_Server
An application server provides services such as security,transaction support etc.
"The term is often used for web servers which support the JavaEE" -- It sounds like if we add the required jar files of JavaEE APIs a web server becomes an appl. server.What about it.
Now my question is how an application server performs the tasks of security control or transaction management by itself ?
E.g. in my web application using Spring framework I am providing security by using spring-security and transaction management by using #Transactional annotation and all those things you know.
So does the appl. server have anything to do with my security or transaction management or it has its own ways ?
Forgive my ignorance.
Using Spring, you're in fact embedding some kind of Java EE container inside your application. But even when using Spring, if you need JTA support (because you need distributed XA transactions), you'll need to use an additional transaction manager. If you need JMS, you'll need to install an additional JMS broker. If you need connection pooling, you'll need to use an additional connection pool. Sometimes it's as simple as adding additional jars to the classpath and properties or XML files. Sometimes it's harder.
A Java EE app server comes with everything bundled. You have less flexibility, but you don't need to install, configure and make everything work by yourself.
When you use the Java EE framework, that is a specification. So the application server, if it is Java EE compliant, needs to implement this. So once it is implemented the specification, then it will address Security,transaction etc because it is mentioned in the spec. So it is a contract. Whereas, in a web server, it will just pull out your static resource. There is no need for handling other stuff.
In case of the Spring framework, the framework knows how to handle transaction, security etc. So particularly the developer need not look into these aspects which are implemented by the Application Server in the other scenario.
how an application server performs the tasks of security control or transaction management by itself
It is rather the specification that address these issues, not the application server. So, the duty of the app server is to implement these.
So, if your application is Java EE compliant, then these areas will be addressed and the implementation would have been done by the app server.
May be this is oversimplification,
A web server is basically a HTTP server serving contents over http protocol. So a web server is simply about serving the contents over http protocol. A typical example would be Apache web server. This is simply a file server.
Now the question is where does the web server gets the contents from ? Possible sources are
Static contents (the contents like images/css etc) which are not generated on request but statically served.
Dynamic contents: Simply put, the contents to be served are generated upon the user request.
For the static contents, the web server does not need anything as it simply reads the file and serves it.
For dynamic contents, the web server might need help of additional components which will generate the contents to be served.
Here the Application Server comes into picture.
Now these additional components referred earlier, might interact with database or some other system etc.
In a web environment where your website is exposed to huge number of users (intended/unintended), you need typical services like transaction/security/concurrency etc. so that the user get expected responses and do not see inconsistencies in the behavior of the application.
An application server has inbuilt abilities to manage transaction/security/concurrency/resource management. generally these are referred as Managed services and environment offered by them is called Managed Environment where these basic services are managed by the application server and programmer does not have be bother for them.
Application Server needs web servers or we can say Web servers use Application server's services to generate dynamic contents.
For example, JBoss uses Tomcat as inbuilt web server. Whereas web logic has its own web server. Tomcat again can be called as application server (in principle) as it also offers managed environment for servlets (it manages concurrency and instance pool of servlets/JSPs ).
Coming your your example of Spring:
An Application server will come inbuilt with transaction/security etc whether you need it or not. The Spring offers a very nice way handling this. Spring has all these things BUT you use what you need. Not just these, but just a Java Web Sever like Tomcat is sufficient to build a full fledged services that needs an application server.
Why do we need Application Server in Java like JBoss or WebSphere. Is it possible that we develop large scale website only with Java (Apache Tomcat). Where thousand of user connect on site at a moment. An example is a website like b2b.
What is the cost of a Application Server? I will be thankful if you compare price among different application server and if there is any free version kindly highlight it.
Application Servers are mostly used if you want to use advanced features like transaction management, hot code swapping and advanced persistence.
There are application servers that are open source. E.g. GlassFish and JBoss.
I don't think you need an application server for building a popular web site, you'll also be fine with a servlet container like Tomcat or Jetty.
In short Application Servers provide you with few services like
Transaction Management
Load Balancing
Security
Threading
etc.
You have to take care of these things yourself in a Web Server.
There are few Open Source Application servers which are free of cost.
I have used Glassfish.
Apart from answers given above, App Servers are required for EJBs.
You need Application Server as follow:
It provides you useful services like automatic transaction,Authentication,Authorization,Lifecycle management.
To remember large user data across pages using ejb's pertaining to a client.
Load balance the user request and buisness logic.
To interact with different Client UI like Java Swing,Browsers.
It is possible to handle the httpheaders yourself. We have done socket servers in java for 20 years. You do not need a container for java swing.
Persistence can be done through databases or server side files unless you need real high speed stuff. I have yet to find a real requirement for an ejb
except that some systems simply require them
This may be because jboss can provide better after-sales service, and jboss, etc. can provide operation and maintenance support, etc. This may be the reason why many large companies choose commercial versions of servers.
But you must know that tomcat and netty are not bad. For example, many large B2B or C2C or B2C companies still use tomcat, such as Internet companies such as Alibaba.
Choose a server
Operation and maintenance costs
Scalable costs
Server cost