http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/openejb.xml.mdtext ---------------------------------------------------------------------- diff --git a/docs/openejb.xml.mdtext b/docs/openejb.xml.mdtext deleted file mode 100644 index 1836d35..0000000 --- a/docs/openejb.xml.mdtext +++ /dev/null @@ -1,96 +0,0 @@ -title=openejb.xml -type=page -status=published -~~~~~~ - -<a name="openejb.xml-Overview"></a> -# Overview - -The openejb.xml is the main configuration file for the container system and -its services such as transaction, security, and data sources. - -The format is a mix of xml and properties inspired by the format of the -httpd configuration file. Basically: - - - <tag id=""> - ...properties... - </tag> - - -Such as: - - - <Resource id="MyDataSource" type="DataSource"> - username foo - password bar - </Resource> - - -*Note the space*. White space is a valid name/value pair separator in any -java properties file (along with semi-colon). So the above is equivalent -to: - - <Resource id="MyDataSource" type="DataSource"> - username = foo - password = bar - </Resource> - -You are free to use white space, ":", or "=" for your name/value pair -separator with no effect on OpenEJB. - -<a name="openejb.xml-PropertyDefaultsandOverriding"></a> -## Property Defaults and Overriding - -The openejb.xml file itself functions as an override, default values are -specified via other means (service-jar.xml files in the classpath), -therefore you only need to specify property values here for 2 reasons:<br/> -1. you wish to for documentation purposes<br/> -2. you need to change the default value - -The default openejb.xml file has most of the useful properties for each -component explicitly listed with default values for documentation purposes. - It is safe to delete them and be assured that no behavior will change if a -smaller config file is desired. - -Overriding can also be done via the command line or plain Java system -properties. See [System Properties](system-properties.html) - for details. - -<a name="openejb.xml-Whatpropertiesareavailable?"></a> -## What properties are available? - -To know what properties can be overriden the './bin/openejb properties' -command is very useful: see [Properties Tool](properties-tool.html) - -Its function is to connect to a running server and print a canonical list -of all properties OpenEJB can see via the various means of configuration. -When sending requests for help to the users list or jira, it is highly -encouraged to send the output of this tool with your message. - -<a name="openejb.xml-Notconfigurableviaopenejb.xml"></a> -## Not configurable via openejb.xml - -The only thing not yet configurable via this file are ServerServices due to -OpenEJB's embeddable nature and resulting long standing tradition of -keeping the container system separate from the server layer. This may -change someday, but untill then ServerServices are configurable via -conf/<service-id>.properties files such as conf/ejbd.properties to -configure the main protocol that services EJB client requests. - -The format of those properties files is greatly adapted from the xinet.d style -of configuration and even shares similar functionality and properties such -as host-based authorization (HBA) via the 'only_from' property. - -<a name="openejb.xml-Restoringopenejb.xmltothedefaults"></a> -## Restoring openejb.xml to the defaults - -To restore this file to its original default state, you can simply delete -it or rename it and OpenEJB will see it's missing and unpack another -openejb.xml into the conf/ directory when it starts. - -This is not only handy for recovering from a non-functional config, but -also for upgrading as OpenEJB will not overwrite your existing -configuration file should you choose to unpack an new distro over the top -of an old one -- this style of upgrade is safe provided you move your old -lib/ directory first.
http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/openjpa.mdtext ---------------------------------------------------------------------- diff --git a/docs/openjpa.mdtext b/docs/openjpa.mdtext deleted file mode 100644 index 7e51d53..0000000 --- a/docs/openjpa.mdtext +++ /dev/null @@ -1,111 +0,0 @@ -Title: OpenJPA -OpenJPA is bundled with OpenEJB as the default persistence provider. - -An example of working `persistence.xml` for OpenJPA: - - <persistence xmlns="http://java.sun.com/xml/ns/persistence"; version="1.0"> - - <persistence-unit name="movie-unit"> - <jta-data-source>movieDatabase</jta-data-source> - <non-jta-data-source>movieDatabaseUnmanaged</non-jta-data-source> - <class>org.superbiz.injection.jpa.Movie</class> - - <properties> - <property name="openjpa.jdbc.SynchronizeMappings" value="buildSchema(ForeignKeys=true)"/> - </properties> - </persistence-unit> - </persistence> - - -Where the datasources above are configured in your openejb.xml as follows: - - <Resource id="movieDatabase" type="DataSource"> - JdbcDriver = org.hsqldb.jdbcDriver - JdbcUrl = jdbc:hsqldb:mem:moviedb - </Resource> - - <Resource id="movieDatabaseUnmanaged" type="DataSource"> - JdbcDriver = org.hsqldb.jdbcDriver - JdbcUrl = jdbc:hsqldb:mem:moviedb - JtaManaged = false - </Resource> - - -Or in properties as follows: - - p.put("movieDatabase", "new://Resource?type=DataSource"); - p.put("movieDatabase.JdbcDriver", "org.hsqldb.jdbcDriver"); - p.put("movieDatabase.JdbcUrl", "jdbc:hsqldb:mem:moviedb"); - - p.put("movieDatabaseUnmanaged", "new://Resource?type=DataSource"); - p.put("movieDatabaseUnmanaged.JdbcDriver", "org.hsqldb.jdbcDriver"); - p.put("movieDatabaseUnmanaged.JdbcUrl", "jdbc:hsqldb:mem:moviedb"); - p.put("movieDatabaseUnmanaged.JtaManaged", "false"); - - -# Common exceptions - -## Table not found in statement - -Or as derby will report it "Table 'abc.xyz' doesn't exist" - -Someone has to create the database structure for your persistent objects. -If you add the *openjpa.jdbc.SynchronizeMappings* property as shown below -OpenJPA will auto-create all your tables, all your primary keys and all -foreign keys exactly to match your objects. - - <persistence xmlns="http://java.sun.com/xml/ns/persistence"; version="1.0"> - - <persistence-unit name="movie-unit"> - <!-- your other stuff --> - - <properties> - <property name="openjpa.jdbc.SynchronizeMappings" value="buildSchema(ForeignKeys=true)"/> - </properties> - </persistence-unit> - </persistence> - - -<a name="OpenJPA-Auto-commitcannotbesetwhileenrolledinatransaction"></a> -## Auto-commit can not be set while enrolled in a transaction - -Pending - -<a name="OpenJPA-Thisbrokerisnotconfiguredtousemanagedtransactions."></a> -## This broker is not configured to use managed transactions. - -<a name="OpenJPA-Setup"></a> -### Setup - -Using a EXTENDED persistence context ... - - @PersistenceContext(unitName = "movie-unit", type = PersistenceContextType.EXTENDED) - EntityManager entityManager; - -on a persistence unit setup as RESOURCE_LOCAL ... - - <persistence-unit name="movie-unit" transaction-type="RESOURCE_LOCAL"> - ... - </persistence-unit> - - -inside of a transaction. - - @TransactionAttribute(TransactionAttributeType.REQUIRED) - public void addMovie(Movie movie) throws Exception { - entityManager.persist(movie); - } - - -Note the default transaction attribute for any ejb method is REQUIRED -unless explicitly set otherwise in the bean class or method in question. - -<a name="OpenJPA-Solutions"></a> -### Solutions - -You can either: - -1. Change your bean or it's method to use `TransactionAttributeType.NOT_REQUIRED` or `TransactionAttributeType.NEVER` which will guarantee it will not be invoked in a JTA transaction. -1. Change your persistence.xml so the persistence-unit uses `transaction-type="TRANSACTION"` making it capable of participating in a JTA transaction. - - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/orb-config.mdtext ---------------------------------------------------------------------- diff --git a/docs/orb-config.mdtext b/docs/orb-config.mdtext deleted file mode 100644 index c719cc8..0000000 --- a/docs/orb-config.mdtext +++ /dev/null @@ -1,24 +0,0 @@ -Title: ORB Configuration - - -A ORB can be declared via xml in the `<tomee-home>/conf/tomee.xml` file or in a `WEB-INF/resources.xml` file using a declaration like the following. All properties in the element body are optional. - - <Resource id="myORB" type="org.omg.CORBA.ORB"> - </Resource> - -Alternatively, a ORB can be declared via properties in the `<tomee-home>/conf/system.properties` file or via Java VirtualMachine `-D` properties. The properties can also be used when embedding TomEE via the `javax.ejb.embeddable.EJBContainer` API or `InitialContext` - - myORB = new://Resource?type=org.omg.CORBA.ORB - -Properties and xml can be mixed. Properties will override the xml allowing for easy configuration change without the need for ${} style variable substitution. Properties are not case sensitive. If a property is specified that is not supported by the declared ORB a warning will be logged. If a ORB is needed by the application and one is not declared, TomEE will create one dynamically using default settings. Multiple ORB declarations are allowed. -# Supported Properties -<table class="mdtable"> -<tr> -<th>Property</th> -<th>Type</th> -<th>Default</th> -<th>Description</th> -</tr> -</table> - - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/persistence-context.mdtext ---------------------------------------------------------------------- diff --git a/docs/persistence-context.mdtext b/docs/persistence-context.mdtext deleted file mode 100644 index cc14daa..0000000 --- a/docs/persistence-context.mdtext +++ /dev/null @@ -1,54 +0,0 @@ -Title: persistence-context -<a name="persistence-context-Viaannotation"></a> -# Via annotation - -Both lookup and injection of an EntityManager can be configured via the -`@PersistenceContext` annotation. - - package org.superbiz; - - import javax.persistence.PersistenceContext; - import javax.persistence.EntityManager; - import javax.ejb.Stateless; - import javax.naming.InitialContext; - - @Stateless - @PersistenceContext(name = "myFooEntityManager", unitName = "foo-unit") - public class MyBean implements MyInterface { - - @PersistenceContext(unitName = "bar-unit") - private EntityManager myBarEntityManager; - - public void someBusinessMethod() throws Exception { - if (myBarEntityManager == null) throw new NullPointerException("myBarEntityManager not injected"); - - // Both can be looked up from JNDI as well - InitialContext context = new InitialContext(); - EntityManager fooEntityManager = (EntityManager) context.lookup("java:comp/env/myFooEntityManager"); - EntityManager barEntityManager = (EntityManager) context.lookup("java:comp/env/org.superbiz.MyBean/myBarEntityManager"); - } - } - - -<a name="persistence-context-Viaxml"></a> -# Via xml - -The above @PersistenceContext annotation usage is 100% equivalent to the -following xml. - - <persistence-context-ref> - <persistence-context-ref-name>myFooEntityManager</persistence-context-ref-name> - <persistence-unit-name>foo-unit</persistence-unit-name> - <persistence-context-type>Transaction</persistence-context-type> - </persistence-context-ref> - - <persistence-context-ref> - <persistence-context-ref-name>org.superbiz.calculator.MyBean/myBarEntityManager</persistence-context-ref-name> - <persistence-unit-name>bar-unit</persistence-unit-name> - <persistence-context-type>Transaction</persistence-context-type> - <injection-target> - <injection-target-class>org.superbiz.calculator.MyBean</injection-target-class> - <injection-target-name>myBarEntityManager</injection-target-name> - </injection-target> - </persistence-context-ref> - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/persistence-unit-ref.mdtext ---------------------------------------------------------------------- diff --git a/docs/persistence-unit-ref.mdtext b/docs/persistence-unit-ref.mdtext deleted file mode 100644 index 4011699..0000000 --- a/docs/persistence-unit-ref.mdtext +++ /dev/null @@ -1,87 +0,0 @@ -Title: persistence-unit-ref -Both lookup and injection of an EntityManagerFactory can be configured via -the @PersistenceUnit annotation or <persistence-unit-ref> in xml. -Annotations and xml have equal function in both lookup and injection. - -<a name="persistence-unit-ref-InjectionandLookup"></a> -# Injection and Lookup - -<a name="persistence-unit-ref-Viaannotation"></a> -## Via annotation - - package org.superbiz; - - import javax.persistence.PersistenceUnit; - import javax.persistence.EntityManagerFactory; - import javax.ejb.Stateless; - import javax.naming.InitialUnit; - - @Stateless - public class MyBean implements MyInterface { - - @PersistenceUnit(unitName = "bar-unit") - private EntityManagerFactory myBarEntityManagerFactory; - - public void someBusinessMethod() throws Exception { - if (myBarEntityManagerFactory == null) throw new NullPointerException("myBarEntityManagerFactory not injected"); - - // Both can be looked up from JNDI as well - InitialContext unit = new InitialContext(); - EntityManagerFactory barEntityManagerFactory = (EntityManagerFactory) context.lookup("java:comp/env/org.superbiz.MyBean/myBarEntityManagerFactory"); - } - } - - -<a name="persistence-unit-ref-Viaxml"></a> -## Via xml - -The above @PersistenceUnit annotation usage is 100% equivalent to the -following xml. - - <persistence-unit-ref> - <persistence-unit-ref-name>org.superbiz.calculator.MyBean/myBarEntityManagerFactory</persistence-unit-ref-name> - <persistence-unit-name>bar-unit</persistence-unit-name> - <persistence-unit-type>Transaction</persistence-unit-type> - <injection-target> - <injection-target-class>org.superbiz.calculator.MyBean</injection-target-class> - <injection-target-name>myBarEntityManagerFactory</injection-target-name> - </injection-target> - </persistence-unit-ref> - - - -# Lookup only - -## Via annotation - - package org.superbiz; - - import javax.persistence.PersistenceUnit; - import javax.persistence.EntityManagerFactory; - import javax.ejb.Stateless; - import javax.naming.InitialUnit; - - @Stateless - @PersistenceUnit(name = "myFooEntityManagerFactory", unitName = "foo-unit") - public class MyBean implements MyInterface { - - public void someBusinessMethod() throws Exception { - InitialContext context = new InitialContext(); - EntityManagerFactory fooEntityManagerFactory = (EntityManagerFactory) context.lookup("java:comp/env/myFooEntityManagerFactory"); - } - } - - -<a name="persistence-unit-ref-Viaxml"></a> -# Via xml - -The above @PersistenceUnit annotation usage is 100% equivalent to the -following xml. - - <persistence-unit-ref> - <persistence-unit-ref-name>myFooEntityManagerFactory</persistence-unit-ref-name> - <persistence-unit-name>foo-unit</persistence-unit-name> - <persistence-unit-type>Transaction</persistence-unit-type> - </persistence-unit-ref> - - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/properties-listing.mdtext ---------------------------------------------------------------------- diff --git a/docs/properties-listing.mdtext b/docs/properties-listing.mdtext deleted file mode 100644 index 5b719e3..0000000 --- a/docs/properties-listing.mdtext +++ /dev/null @@ -1,90 +0,0 @@ -Title: System Properties Listing - -# OpenEJB system properties -<table class="mdtable"> -<tr><td><b>Name</b></td><td><b>Value</b></td><td><b>Description</b></td></tr> -<tr><td>openejb.embedded.remotable</td><td> bool </td><td> activate or not the remote services when available </td></tr> -<tr><td><service prefix>.bind, <service prefix>.port, <service prefix>.disabled, <service prefix>.threads</td><td> host or IP, port, bool</td><td> override the host. Available for ejbd and httpejbd services (used by jaxws and jaxrs), number of thread to maneg requests </td><tr> -<tr><td>openejb.embedded.initialcontext.close </td><td> LOGOUT or DESTROY </td><td> configure the hook called when closing the initial context. Useful when starting OpenEJB from a new InitialContext([properties]) instantiation. By default it simply logs out the logged user if it exists. DESTROY means clean the container.</td></tr> -<tr><td>javax.persistence.provider </td><td> string </td><td> override the JPA provider value</td></tr> -<tr><td>javax.persistence.transactionType </td><td> string </td><td> override the transaction type for persistence contexts</td></tr> -<tr><td>javax.persistence.jtaDataSource </td><td> string </td><td> override the JTA datasource value for persistence contexts</td></tr> -<tr><td>javax.persistence.nonJtaDataSource </td><td> string </td><td> override the non JTA datasource value for persistence contexts</td></tr> -<tr><td>openejb.descriptors.output </td><td>bool</td><td> dump memory deployment descriptors. Can be used to set complete metadata to true and avoid scanning when starting the container or to check the used configuration.</td></tr> -<tr><td>openejb.deployments.classpath.require.descriptor </td><td> CLIENT or EJB </td><td> can allow to filter what you want to scan (client modules or ejb modules)</td></tr> -<tr><td>openejb.descriptors.output.folder </td><td> path </td><td> where to dump deployement descriptors if activated. </td></tr> -<tr><td>openejb.strict.interface.declaration </td><td> bool </td><td> add some validations on session beans (spec validations in particular). false by default.</td></tr> -<tr><td>openejb.conf.file or openejb.configuration </td><td> string </td><td> OpenEJB configuration file path</td></tr> -<tr><td>openejb.debuggable-vm-hackery </td><td> bool </td><td> remove JMS informations from deployment</td></tr> -<tr><td>openejb.validation.skip </td><td> bool </td><td> skip the validations done when OpenEJB deploys beans</td></tr> -<tr><td>openejb.deployments.classpath.ear </td><td> bool </td><td> deploy the classpath as an ear</td></tr> -<tr><td>openejb.webservices.enabled </td><td> bool </td><td> activate or not webservices</td></tr> -<tr><td>openejb.validation.output.level </td><td> TERSE or MEDIUM or VERBOSE </td><td> level of the logs used to report validation errors</td></tr> -<tr><td>openejb.user.mbeans.list </td><td> * or a list of classes separated by , </td><td> list of mbeans to deploy automatically</td></tr> -<tr><td>openejb.deploymentId.format </td><td> composition (+string) of {ejbName} {ejbType} {ejbClass} and {ejbClass.simpleName} </td><td> default {ejbName}. The format to use to deploy ejbs.</td></tr> -<tr><td>openejb.deployments.classpath </td><td> bool </td><td> whether or not deploy from classpath</td></tr> -<tr><td>openejb.deployments.classpath.include and openejb.deployments.classpath.exclude </td><td> regex </td><td> regex to filter the scanned classpath (when you are in this case)</td></tr> -<tr><td>openejb.deployments.package.include and openejb.deployments.package.exclude </td><td> regex </td><td> regex to filter scanned packages</td></tr> -<tr><td>openejb.autocreate.jta-datasource-from-non-jta-one </td><td> bool </td><td> whether or not auto create the jta datasource if it doesn't exist but a non jta datasource exists. Useful when using hibernate to be able to get a real non jta datasource.</td></tr> -<tr><td>openejb.altdd.prefix </td><td> string </td><td> prefix use for altDD (example test to use a test.ejb-jar.xml).</td></tr> -<tr><td>org.apache.openejb.default.system.interceptors </td><td> list of interceptor (qualified names) separated by a comma or a space </td><td> add these interceptor on all beans</td></tr> -<tr><td>openejb.jndiname.strategy.class </td><td> class name </td><td> an implementation of org.apache.openejb.assembler.classic.JndiBuilder.JndiNameStrategy</td></tr> -<tr><td>openejb.jndiname.failoncollision </td><td> bool </td><td> if a NameAlreadyBoundException is thrown or not when 2 EJBs have the same name</td></tr> -<tr><td>openejb.jndiname.format </td><td> composition (+string) of these properties: ejbType, ejbClass, ejbClass.simpleName, ejbClass.packageName, ejbName, deploymentId, interfaceType, interfaceType.annotationName, interfaceType.annotationNameLC, interfaceType.xmlName, interfaceType.xmlNameCc, interfaceType.openejbLegacyName, interfaceClass, interfaceClass.simpleName, interfaceClass.packageName </td><td> default {deploymentId}{interfaceType.annotationName}. Change the name used for the ejb.</td></tr> -<tr><td>openejb.org.quartz.threadPool.class </td><td> class qualified name which implements org.quartz.spi.ThreadPool </td><td> the thread pool used by quartz (used to manage ejb timers)</td></tr> -<tr><td>openejb.localcopy </td><td> bool </td><td> default true. whether or not copy EJB arguments[/method/interface] for remote invocations.</td></tr> -<tr><td>openejb.cxf.jax-rs.providers </td><td> the list of the qualified name of the JAX-RS providers separated by comma or space. Note: to specify a provider for a specific service suffix its class qualified name by ".providers", the value follow the same rules. Note 2: default is a shortcut for jaxb and json providers.</td><td></td></tr> -<tr><td>openejb.wsAddress.format </td><td> composition (+string) of {ejbJarId}, ejbDeploymentId, ejbType, ejbClass, ejbClass.simpleName, ejbName, portComponentName, wsdlPort, wsdlService </td><td> default /{ejbDeploymentId}. The WS name format.</td></tr> -<tr><td>org.apache.openejb.server.webservices.saaj.provider </td><td> axis2, sun or null </td><td> specified the saaj configuration</td></tr> -<tr><td>[<uppercase service name>.]<service id>.<name> or [<uppercase service name>.]<service id></td><td> whatever is supported (generally string, int ...) </td><td> set this value to the corresponding service. example: [EnterpriseBean.]<ejb-name>.activation.<property>, [PERSISTENCEUNIT.]<persistence unit name>.<property>, [RESOURCE.]<name></td></tr> -<tr><td> log4j.category.OpenEJB.options </td><td> DEBUG, INFO, ... </td><td> active one OpenEJB log level. need log4j in the classpath</td></tr> -<tr><td> openejb.jmx.active </td><td> bool </td><td> activate (by default) or not the OpenEJB JMX MBeans </td></tr> -<tr><td> openejb.nobanner </td><td> bool </td><td> activate or not the OpenEJB banner (activated by default) -<tr><td> openejb.check.classloader </td><td> bool </td><td> if true print some information about duplicated classes </td><tr> -<tr><td> openejb.check.classloader.verbose </td><td> bool </td><td> if true print classes intersections </td><tr> -<tr><td> openejb.additional.exclude </td><td> string separated by comma </td><td> list of prefixes you want to exclude and are not in the default list of exclusion</td></tr> -<tr><td> openejb.additional.include </td><td> string separated by comma </td><td> list of prefixes you want to remove from thedefault list of exclusion</td></tr> -<tr><td> openejb.offline </td><td> bool </td><td> if true can create datasources and containers automatically </td></tr> -<tr><td> openejb.exclude-include.order </td><td> include-exclude or exclude-include </td><td> if the inclusion/exclusion should win on conflicts (intersection) </td><tr> -<tr><td>openejb.log.color</td><td> bool </td><td> activate or not the color in the console in embedded mode </td></tr> -<tr><td>openejb.log.color.<level in lowercase></td><td> color in uppercase </td><td> set a color -for a particular level. Color are BLACK, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE, DEFAULT. </td></tr> -<tr><td>tomee.serialization.class.blacklist</td><td> string </td><td> default list of packages/classnames excluded for EJBd deserialization (needs to be set on server and client sides). Please see the description of <a href="http://tomee.apache.org/ejbd-transport.html";>Ejbd Transport</a> for details.</td></tr> -<tr><td>tomee.serialization.class.whitelist</td><td> string </td><td> default list of packages/classnames allowed for EJBd deserialization (blacklist wins over whitelist, needs to be set on server and client sides). Please see the description of <a href="http://tomee.apache.org/ejbd-transport.html";>Ejbd Transport</a> for details.</td></tr> -<tr><td>tomee.remote.support</td><td> boolean </td><td> if true /tomee webapp is auto-deployed and EJBd is active (true by default for 1.x, false for 7.x excepted for tomee maven plugin and arquillian)</td></tr> -</table> - -Note: all resources can be configured by properties, see http://tomee.apache.org/embedded-configuration.html and http://tomee.apache.org/properties-tool.html - - -# OpenEJB client -<table class="mdtable"> -<tr><td><b>Name</b></td><td><b>Value</b></td><td><b>Description</b></td></tr> -<tr><td>openejb.client.identityResolver </td><td> implementation of org.apache.openejb.client.IdentityResolver </td><td> default org.apache.openejb.client.JaasIdentityResolver. The class to get the client identity.</td></tr> -<tr><td>openejb.client.connection.pool.timeout or openejb.client.connectionpool.timeout </td><td> int (ms) </td><td> the timeout of the client</td></tr> -<tr><td>openejb.client.connection.pool.size or openejb.client.connectionpool.size </td><td> int </td><td> size of the socket pool</td></tr> -<tr><td>openejb.client.keepalive </td><td> int (ms) </td><td> the keepalive duration</td><tr> -<tr><td>openejb.client.protocol.version </td><td> string </td><td> Optional legacy server protocol compatibility level. Allows 4.6.x clients to potentially communicate with older servers. OpenEJB 4.5.2 and older use version "3.1", and 4.6.x currently uses version "4.6" (Default). This does not allow old clients to communicate with new servers prior to 4.6.0</td><tr> -</table> - -# TomEE specific system properties -<table class="mdtable"> -<tr><td><b>Name</b></td><td><b>Value</b></td><td><b>Description</b></td></tr> -<tr><td>openejb.crosscontext </td><td> bool </td><td> set the cross context property on tomcat context (can be done in the traditionnal way if the deployment is don through the webapp discovery and not the OpenEJB Deployer EJB)</td></tr> -<tr><td>openejb.jsessionid-support </td><td> bool </td><td> remove URL from session tracking modes for this context (see javax.servlet.SessionTrackingMode)</td></tr> -<tr><td>openejb.myfaces.disable-default-values </td><td> bool </td><td> by default TomEE will initialize myfaces with some its default values to avoid useless logging</td></tr> -<tr><td>openejb.web.xml.major </td><td> int </td><td> major version of web.xml. Can be useful to force tomcat to scan servlet 3 annotatino when deploying with a servlet 2.x web.xml</td></tr> -<tr><td>tomee.jaxws.subcontext </td><td> string </td><td> sub context used to bind jaxws web services, default is webservices</td></tr> -<tr><td>openejb.servicemanager.enabled</td><td> bool </td><td> run all services detected or only known available services (WS and RS</td></tr> -<tr><td>tomee.jaxws.oldsubcontext</td><td> bool </td><td> wether or not activate old way to bind jaxws webservices directly on root context</td><tr> -<tr><td>openejb.modulename.useHash</td><td> bool </td><td> add a hash after the module name of the webmodule if it is generated from the webmodule location, it avoids conflicts between multiple deployment (through ear) of the same webapp. Note: it disactivated by default since names are less nice this way.</td><tr> -<tr><td>openejb.session.manager</td><td> qualified name (string) </td><td> configure a session managaer to use for all contexts</td><tr> -</table> - -# TomEE Arquillian adaptor -<table class="mdtable"> -<tr><td><b>Name</b></td><td><b>Value</b></td><td><b>Description</b></td></tr> -<tr><td>tomee.ejbcontainer.http.port </td><td> int </td><td> tomee port, -1 means random. When using a random port you can retreive it getting this property too.</td></tr> -<tr><td>tomee.arquillian.http </td><td> int </td><td> http port used by the embedded arquillian adaptor</td></tr> -<tr><td>tomee.arquillian.stop </td><td> int </td><td> shutdown port used by the embedded arquillian adaptor</td><tr> -</table> http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/properties-tool.mdtext ---------------------------------------------------------------------- diff --git a/docs/properties-tool.mdtext b/docs/properties-tool.mdtext deleted file mode 100644 index 6882d68..0000000 --- a/docs/properties-tool.mdtext +++ /dev/null @@ -1,212 +0,0 @@ -Title: Properties Tool -<a name="PropertiesTool-PropertiesCommandlineTool"></a> -# Properties Command line Tool - -To see all configurable properties in use by OpenEJB, using the following -tool against a running server: - -> ./bin/openejb properties - -The output of this tool takes all overrideable components OpenEJB sees and -outputs their properties along with the current value. This allows you to -easily see what is running in your system, what properties are available -for overriding, and what exact values are for each component. OpenEJB has -a number of flags that can be passed to it not associated with any -particular component, these are output as well. - -Content from this file can be safely copied as-is into the -conf/system.properties file or sent to the users list with bug reports. -These properties may also be applied back into the openejb.xml file by -pasting the properties without the "<id>." prefix into the respective -component declarations. The only warning is that any properties of type -"<id>.password" will have their values masked, so make sure you edit them -if you reapply them back into conf/openejb.xml or conf/system.properties. - -<a name="PropertiesTool-PropertyOverriding"></a> -# Property Overriding - -Any component configured in OpenEJB via the openejb.xml (and some that -aren't) can be overridden using system properties. The format is: - -`<id>.<property-name>=<property-value>` - -And this can be done on the command line as follows: - -`./bin/openejb -D<id>.<property-name>=<property-value> ...` - -Or by adding the property to the conf/system.properties file. Note that -command line overrides win over overrides in the -conf/system.properties file. - -In an embedded environment, the properties can be added to the Hashtable -passed into the javax.naming.InitialContext when using the -LocalInitialContextFactory or also to the System.getProperties() object -before OpenEJB is embedded (which will be when the first InitialContext is -created). - -At startup, OpenEJB will find the component with the given id and apply the -new property value before constructing the individual component. - -<a name="PropertiesTool-Exampleoutput"></a> -# Example output - - # Container(id=Default CMP Container) - # className: org.apache.openejb.core.cmp.CmpContainer - # - Default\ CMP\ Container.CmpEngineFactory=org.apache.openejb.core.cmp.jpa.JpaCmpEngineFactory - Default\ CMP\ Container.Engine=instantdb - Default\ CMP\ Container.ConnectorName=Default JDBC Database - - # Container(id=Default BMP Container) - # className: org.apache.openejb.core.entity.EntityContainer - # - Default\ BMP\ Container.PoolSize=10 - - # Container(id=Default Stateful Container) - # className: org.apache.openejb.core.stateful.StatefulContainer - # - Default\ Stateful\ Container.BulkPassivate=50 - Default\ Stateful\ Container.Passivator=org.apache.openejb.core.stateful.SimplePassivater - Default\ Stateful\ Container.TimeOut=20 - Default\ Stateful\ Container.PoolSize=500 - - # Container(id=Default Stateless Container) - # className: org.apache.openejb.core.stateless.StatelessContainer - # - Default\ Stateless\ Container.PoolSize=10 - Default\ Stateless\ Container.StrictPooling=true - Default\ Stateless\ Container.TimeOut=0 - - # Container(id=Default MDB Container) - # className: org.apache.openejb.core.mdb.MdbContainer - # - Default\ MDB\ Container.ResourceAdapter=Default JMS Resource Adapter - Default\ MDB\ Container.InstanceLimit=10 - Default\ MDB\ Container.MessageListenerInterface=javax.jms.MessageListener - Default\ MDB\ Container.ActivationSpecClass=org.apache.activemq.ra.ActiveMQActivationSpec - - # ConnectionManager(id=Default Local TX ConnectionManager) - # className: org.apache.openejb.resource.SharedLocalConnectionManager - # - - # Resource(id=Default JMS Resource Adapter) - # className: org.apache.activemq.ra.ActiveMQResourceAdapter - # - Default\ JMS\ Resource\ Adapter.ServerUrl=vm\://localhost?async\=true - Default\ JMS\ Resource\ Adapter.BrokerXmlConfig=broker\:(tcp\://localhost\:61616) - Default\ JMS\ Resource\ Adapter.ThreadPoolSize=30 - - # Resource(id=Default JDBC Database) - # className: org.apache.openejb.resource.jdbc.BasicManagedDataSource - # - Default\ JDBC\ Database.MinIdle=0 - Default\ JDBC\ Database.Password=xxxx - Default\ JDBC\ Database.JdbcUrl=jdbc\:hsqldb\:file\:hsqldb - Default\ JDBC\ Database.MaxIdle=20 - Default\ JDBC\ Database.ConnectionProperties= - Default\ JDBC\ Database.MaxWait=-1 - Default\ JDBC\ Database.TimeBetweenEvictionRunsMillis=-1 - Default\ JDBC\ Database.MaxActive=20 - Default\ JDBC\ Database.DefaultAutoCommit=true - Default\ JDBC\ Database.AccessToUnderlyingConnectionAllowed=false - Default\ JDBC\ Database.JdbcDriver=org.hsqldb.jdbcDriver - Default\ JDBC\ Database.TestWhileIdle=false - Default\ JDBC\ Database.UserName=sa - Default\ JDBC\ Database.MaxOpenPreparedStatements=0 - Default\ JDBC\ Database.TestOnBorrow=true - Default\ JDBC\ Database.PoolPreparedStatements=false - Default\ JDBC\ Database.ConnectionInterface=javax.sql.DataSource - Default\ JDBC\ Database.TestOnReturn=false - Default\ JDBC\ Database.MinEvictableIdleTimeMillis=1800000 - Default\ JDBC\ Database.NumTestsPerEvictionRun=3 - Default\ JDBC\ Database.InitialSize=0 - - # Resource(id=Default Unmanaged JDBC Database) - # className: org.apache.openejb.resource.jdbc.BasicDataSource - # - Default\ Unmanaged\ JDBC\ Database.MaxWait=-1 - Default\ Unmanaged\ JDBC\ Database.InitialSize=0 - Default\ Unmanaged\ JDBC\ Database.DefaultAutoCommit=true - Default\ Unmanaged\ JDBC\ Database.ConnectionProperties= - Default\ Unmanaged\ JDBC\ Database.MaxActive=10 - Default\ Unmanaged\ JDBC\ Database.TestOnBorrow=true - Default\ Unmanaged\ JDBC\ Database.JdbcUrl=jdbc\:hsqldb\:file\:hsqldb - Default\ Unmanaged\ JDBC\ Database.TestOnReturn=false - Default\ Unmanaged\ JDBC\ Database.AccessToUnderlyingConnectionAllowed=false - Default\ Unmanaged\ JDBC\ Database.Password=xxxx - Default\ Unmanaged\ JDBC\ Database.MinEvictableIdleTimeMillis=1800000 - Default\ Unmanaged\ JDBC\ Database.PoolPreparedStatements=false - Default\ Unmanaged\ JDBC\ Database.MaxOpenPreparedStatements=0 - Default\ Unmanaged\ JDBC\ Database.ConnectionInterface=javax.sql.DataSource - Default\ Unmanaged\ JDBC\ Database.MinIdle=0 - Default\ Unmanaged\ JDBC\ Database.NumTestsPerEvictionRun=3 - Default\ Unmanaged\ JDBC\ Database.TimeBetweenEvictionRunsMillis=-1 - Default\ Unmanaged\ JDBC\ Database.JdbcDriver=org.hsqldb.jdbcDriver - Default\ Unmanaged\ JDBC\ Database.UserName=sa - Default\ Unmanaged\ JDBC\ Database.MaxIdle=10 - Default\ Unmanaged\ JDBC\ Database.TestWhileIdle=false - - # Resource(id=Default JMS Connection Factory) - # className: org.apache.activemq.ra.ActiveMQManagedConnectionFactory - # - Default\ JMS\ Connection\ Factory.ConnectionInterface=javax.jms.ConnectionFactory, \ - javax.jms.QueueConnectionFactory, javax.jms.TopicConnectionFactory - Default\ JMS\ Connection\ Factory.ResourceAdapter=Default JMS Resource Adapter - - # SecurityService(id=Default Security Service) - # className: org.apache.openejb.core.security.SecurityServiceImpl - # - - # TransactionManager(id=Default Transaction Manager) - # className: org.apache.geronimo.transaction.manager.GeronimoTransactionManager - # - - # ServerService(id=httpejbd) - # className: org.apache.openejb.server.httpd.HttpEjbServer - # - httpejbd.port=4204 - httpejbd.name=httpejbd - httpejbd.disabled=false - httpejbd.server=org.apache.openejb.server.httpd.HttpEjbServer - httpejbd.threads=200 - httpejbd.bind=127.0.0.1 - - # ServerService(id=telnet) - # className: org.apache.openejb.server.telnet.TelnetServer - # - telnet.port=4202 - telnet.name=telnet - telnet.disabled=false - telnet.bind=127.0.0.1 - telnet.threads=5 - telnet.server=org.apache.openejb.server.telnet.TelnetServer - - # ServerService(id=ejbd) - # className: org.apache.openejb.server.ejbd.EjbServer - # - ejbd.disabled=false - ejbd.bind=127.0.0.1 - ejbd.server=org.apache.openejb.server.ejbd.EjbServer - ejbd.port=4201 - ejbd.name=ejbd - ejbd.threads=200 - - # ServerService(id=hsql) - # className: org.apache.openejb.server.hsql.HsqlService - # - hsql.port=9001 - hsql.name=hsql - hsql.disabled=false - hsql.server=org.apache.openejb.server.hsql.HsqlService - hsql.bind=127.0.0.1 - - # ServerService(id=admin) - # className: org.apache.openejb.server.admin.AdminDaemon - # - admin.disabled=false - admin.bind=127.0.0.1 - admin.only_from=localhost - admin.port=4200 - admin.threads=1 - admin.name=admin - admin.server=org.apache.openejb.server.admin.AdminDaemon http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/property-overriding.mdtext ---------------------------------------------------------------------- diff --git a/docs/property-overriding.mdtext b/docs/property-overriding.mdtext deleted file mode 100644 index ddddb64..0000000 --- a/docs/property-overriding.mdtext +++ /dev/null @@ -1,62 +0,0 @@ -Title: Property Overriding -OpenEJB consists of several components (containers, resource adapters, -security services, etc.) all of which are pluggable and have their own -unique set of configurable properties. These components are required to -specify their default property values in their service-jar.xml file. This -means that at a minimum you as a user only need to specify what you'd like -to be different. You specify the property name and the new value and the -default value will be overwritten before the component is created. - -We call this overriding and there are several ways to do it. - -<a name="PropertyOverriding-Theopenejb.xml"></a> -# The openejb.xml - -The default openejb.xml file has most of the useful properties for each -component explicitly listed with default values for documentation purposes. - It is safe to delete them and be assured that no behavior will change if a -smaller config file is desired. - - -Overriding can also be done via the command line or plain Java system -properties. See [System Properties](system-properties.html) - for details. - -<a name="PropertyOverriding-Whatpropertiesareavailable?"></a> -## What properties are available? - -To know what properties can be overriden the './bin/openejb properties' -command is very useful: see [Properties Tool](properties-tool.html) - -It's function is to connect to a running server and print a canonical list -of all properties OpenEJB can see via the various means of configuration. -When sending requests for help to the users list or jira, it is highly -encouraged to send the output of this tool with your message. - -<a name="PropertyOverriding-Notconfigurableviaopenejb.xml"></a> -## Not configurable via openejb.xml - -The only thing not yet configurable via this file are ServerServices due to -OpenEJB's embeddable nature and resulting long standing tradition of -keeping the container system separate from the server layer. This may -change someday, but untill then ServerServices are configurable via -conf/<service-id>.properties files such as conf/ejbd.properties to -configure the main protocol that services EJB client requests. - -The format those properties files is greatly adapted from the xinet.d style -of configuration and even shares similar functionality and properties such -as host-based authorization (HBA) via the 'only_from' property. - -<a name="PropertyOverriding-Restoringopenejb.xmltothedefaults"></a> -## Restoring openejb.xml to the defaults - -To restore this file to its original default state, you can simply delete -it or rename it and OpenEJB will see it's missing and unpack another -openejb.xml into the conf/ directory when it starts. - -This is not only handy for recovering from a non-functional config, but -also for upgrading as OpenEJB will not overwrite your existing -configuration file should you choose to unpack an new distro over the top -of an old one -- this style of upgrade is safe provided you move your old -lib/ directory first. - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/provisioning.mdtext ---------------------------------------------------------------------- diff --git a/docs/provisioning.mdtext b/docs/provisioning.mdtext deleted file mode 100644 index e99fe91..0000000 --- a/docs/provisioning.mdtext +++ /dev/null @@ -1,76 +0,0 @@ -Title: TomEE/OpenEJB provisioning - -# Summary - -Provioning is about the way to get binaries or information. It is the answer to -how do i get my application, my webapp, my configuration. - -TomEE and OpenEJB brings some help about it allowing you to point out some -resources instead of providing it directly. - -This indirection is clearly very useful to industrialize your software -or simply to cloudify it. - -# A word about this page - -This page will not explain you how to deploy an application or -how to enhance your container. It will simply explain you how which -kind of urls are supported for such features. - -These feature are explained in other places. - -# Supported provionings -## file - -This is the default and well know provisioning. Simply give a -file path the container is able to access through its filesystem. - -Example: - - /MIDDLE/foo/bar/my-local-file.jar - -## Http/https - -Here you give an url to access the desired file. Proxies used are the JVM ones. - -Example: - - http://atos.net/foo/bar/my-http-file.jar - -## Maven -### Usage - -Probably the most fun but very useful for cloud deployments: maven. -Use maven informations to deploy your application. - -The location should follow: - - mvn:groupId/artifactId[/[version]/[type]] - -or - - mvn:groupId:artifactId[:[version]:[type]] - -Note: classifier are supported (through version field) - -For instance you can use: - - mvn:net.atos.xa/my-application/1.0.0/war - -### Installation - -The maven url parsing is not included by default in OpenEJB/TomEE bundle. It needs to be installed. - -If you are using an embedded application and maven simply add -org.apache.openejb:openejb-provisionning:VERSION dependency. - -If you are using TomEE you have to extract the org.apache.openejb:openejb-provisionning zip -in the same classloader than tomee (webapps/tomee/lib for instance, for other places please have -a look to other tip pages). - -Another way to install it with tomee is to edit or create the file <tomee>/conf/provisioning.properties -and add the line: - - zip=http://repo1.maven.org/maven2/org/apache/openejb/openejb-provisionning/<version>/openejb-provisionning-<version>.zip - - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/proxyfactory-config.mdtext ---------------------------------------------------------------------- diff --git a/docs/proxyfactory-config.mdtext b/docs/proxyfactory-config.mdtext deleted file mode 100644 index 552950a..0000000 --- a/docs/proxyfactory-config.mdtext +++ /dev/null @@ -1,24 +0,0 @@ -Title: ProxyFactory Configuration - - -A ProxyFactory can be declared via xml in the `<tomee-home>/conf/tomee.xml` file or in a `WEB-INF/resources.xml` file using a declaration like the following. All properties in the element body are optional. - - <ProxyFactory id="myProxyFactory" type="ProxyFactory"> - </ProxyFactory> - -Alternatively, a ProxyFactory can be declared via properties in the `<tomee-home>/conf/system.properties` file or via Java VirtualMachine `-D` properties. The properties can also be used when embedding TomEE via the `javax.ejb.embeddable.EJBContainer` API or `InitialContext` - - myProxyFactory = new://ProxyFactory?type=ProxyFactory - -Properties and xml can be mixed. Properties will override the xml allowing for easy configuration change without the need for ${} style variable substitution. Properties are not case sensitive. If a property is specified that is not supported by the declared ProxyFactory a warning will be logged. If a ProxyFactory is needed by the application and one is not declared, TomEE will create one dynamically using default settings. Multiple ProxyFactory declarations are allowed. -# Supported Properties -<table class="mdtable"> -<tr> -<th>Property</th> -<th>Type</th> -<th>Default</th> -<th>Description</th> -</tr> -</table> - - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/queue-config.mdtext ---------------------------------------------------------------------- diff --git a/docs/queue-config.mdtext b/docs/queue-config.mdtext deleted file mode 100644 index 434b403..0000000 --- a/docs/queue-config.mdtext +++ /dev/null @@ -1,34 +0,0 @@ -Title: Queue Configuration - - -A Queue can be declared via xml in the `<tomee-home>/conf/tomee.xml` file or in a `WEB-INF/resources.xml` file using a declaration like the following. All properties in the element body are optional. - - <Resource id="myQueue" type="javax.jms.Queue"> - destination = - </Resource> - -Alternatively, a Queue can be declared via properties in the `<tomee-home>/conf/system.properties` file or via Java VirtualMachine `-D` properties. The properties can also be used when embedding TomEE via the `javax.ejb.embeddable.EJBContainer` API or `InitialContext` - - myQueue = new://Resource?type=javax.jms.Queue - myQueue.destination = - -Properties and xml can be mixed. Properties will override the xml allowing for easy configuration change without the need for ${} style variable substitution. Properties are not case sensitive. If a property is specified that is not supported by the declared Queue a warning will be logged. If a Queue is needed by the application and one is not declared, TomEE will create one dynamically using default settings. Multiple Queue declarations are allowed. -# Supported Properties -<table class="mdtable"> -<tr> -<th>Property</th> -<th>Type</th> -<th>Default</th> -<th>Description</th> -</tr> -<tr> - <td>destination</td> - <td>String</td> - <td></td> - <td> -Specifies the name of the queue -</td> -</tr> -</table> - - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/quickstart.mdtext ---------------------------------------------------------------------- diff --git a/docs/quickstart.mdtext b/docs/quickstart.mdtext deleted file mode 100644 index 6c67f8f..0000000 --- a/docs/quickstart.mdtext +++ /dev/null @@ -1,67 +0,0 @@ -Title: Quickstart -<a name="Quickstart-Installation"></a> -# Installation - - -To install OpenEJB, simply [download the latest binary](downloads.html) - and unpack your zip or tar.gz into the directory where you want OpenEJB to -live. - -Windows users can download the zip and unpack it with the WinZip program. - -Linux users can download the tar.gz and unpack it with the following -command: - -*tar xzvf openejb-3.0.tar.gz* - - -Congratulations, you've installed OpenEJB. - -If you've unpacked OpenEJB into the directory C:\openejb-3.0, for example, -then this directory is your OPENEJB_HOME directory. The OPENEJB_HOME -directory is referred to in various parts of the documentation, so it's -good to remember where it is. - -<a name="Quickstart-UsingOpenEJB"></a> -# Using OpenEJB - - -Now all you need to do is move to the bin directory in OPENEJB_HOME, the -directory where OpenEJB was unpacked, and type: - -*openejb* - -For Windows users, that looks like this: - -*C:\openejb-3.0> bin\openejb* - -For UNIX/Linux/Mac OS X users, that looks like this: - -`[user@host openejb-3.0]([email protected]) -# ./bin/openejb` - -You really only need to know two commands to use OpenEJB, [deploy](openejbx30:deploy-tool.html) - and [start|OPENEJBx30:Startup] -. Both are completely documented and have examples. - -For help information and command options, try this: - -> openejb deploy --help -> openejb start --help - -For examples on using the start command and options, try this: - -> openejb start --examples - -That's it! - -If you don't have any EJBs or clients to run, try the ubiquitous [Hello World](openejbx30:hello-world.html) - example. - -<a name="Quickstart-Jointhemailinglist"></a> -# Join the mailing list - -The OpenEJB User list is where the general OpenEJB community goes to ask -questions, make suggestions, chat with other users, and keep a finger on -the pulse of the project. More information about the user list and dev list -can be found [here](mailing-lists.html) http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/remote-server.mdtext ---------------------------------------------------------------------- diff --git a/docs/remote-server.mdtext b/docs/remote-server.mdtext deleted file mode 100644 index 9839a8c..0000000 --- a/docs/remote-server.mdtext +++ /dev/null @@ -1,60 +0,0 @@ -Title: Remote Server - -!http://www.openejb.org/images/diagram-remote-server.gif|valign=top, -align=right, hspace=15! -<a name="RemoteServer-AccessingEJBsRemotely"></a> -# Accessing EJBs Remotely - -When using OpenEJB as a stand-alone server you can connect across a network -and access EJBs from a remote client. The client code for accessing an -EJB's Remote Interface is the same, however to actually connect across a -network to the server, you need to specify different JNDI parameters. - -<a name="RemoteServer-Shortversion"></a> -# Short version - -Using OpenEJB's default remote server implementation is pretty straight -forward. You simply need to: - -1. Deploy your bean. -1. Start the server on the IP and Port you want, 25.14.3.92 and 4201 for -example. -1. Use that information in your client to create an initial context -1. Add the right jars to your client's classpath - -So, here it is in short. - -Deploy your bean with the Deploy Tool: - - c:\openejb> openejb.bat deploy beans\myBean.jar - -See the [OPENEJBx30:Deploy Tool](openejbx30:deploy-tool.html) - documentation for more details on deploying beans. - -Start the server: - - c:\openejb> openejb.bat start -h 25.14.3.92 -p 4201 - -See the Remote Server command-line guide for more details on starting the -Remote Server. - -Create an initial context in your client as such: - - - Properties p = new Properties(); - p.put("java.naming.factory.initial", "org.apache.openejb.client.RemoteInitialContextFactory"); - p.put("java.naming.provider.url", "ejbd://25.14.3.92:4201"); - p.put("java.naming.security.principal", "myuser"); - p.put("java.naming.security.credentials", "mypass"); - - InitialContext ctx = new InitialContext(p); - - -If you don't have any EJBs or clients to run, try the ubiquitous [Hello World](openejbx30:hello-world.html) - example. -Add the following library to your clients classpath: - -* openejb-client-x.x.x.jar -* javaee-api-x.x.jar - -Both can be found in the lib directory where you installed OpenEJB or in Maven repositories. http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/resource-injection.mdtext ---------------------------------------------------------------------- diff --git a/docs/resource-injection.mdtext b/docs/resource-injection.mdtext deleted file mode 100644 index 6a1a23b..0000000 --- a/docs/resource-injection.mdtext +++ /dev/null @@ -1,180 +0,0 @@ -<a name="ResourceInjection-Overview"></a> -# @Resource Overview - -This example demonstrates the use of the injection of environment entries -using <span style="color: #217D18;">**@Resource**</span> annotation. - -The EJB 3.0 specification (*EJB Core Contracts and Requirements*) section -16.2.2 reads: - -*A field or method of a bean class may be annotated to request that an entry from the bean's environment be injected. Any of the types of resources or other environment entries described in this chapter may be injected. Injection may also be requested using entries in the deployment descriptor corresponding to each of these -resource types.* - -*Environment entries may also be injected into the bean through bean methods that follow the naming conventions for JavaBeans properties. The annotation is applied to the set method for the property, which is the method that is called to inject the environment entry. The JavaBeans property name (not the method name) is used as the default JNDI name.* - -The *PurchaseOrderBean* class shows use of field-level **@Resource** -annotation. - -The *InvoiceBean* class shows the use of method-level **@Resource** -annotation. - -The source for this example can be checked out from svn: - -> $ svn co -http://svn.apache.org/repos/asf/tomee/tomee/trunk/examples/injection-of-env-entry - -To run it change your working directory to the directory -*injection-of-env-entry* and run the following maven2 commands: - ->$ cd injection-of-env-entry - ->$ mvn clean install - -<a name="ResourceInjection-TheCode"></a> -# The Code - -<a name="ResourceInjection-Injectionthroughfield(field-levelinjection)"></a> -## Injection through field (field-level injection) - -The *maxLineItem* field in *PurchaseOrderBean* class is annotated with **@Resource** annotation to inform the EJB container the location where in the code the injection of a simple environment entry should take place. The default value of 10 is assigned. You can modify the value of the environment entries at deployment time using deployment descriptor (**ejb-jar.xml**). - -<a name="ResourceInjection-@Resourceannotationofafield"></a> -#### @Resource annotation of a field - - - @Resource - int maxLineItems = 10; - - -<a name="ResourceInjection-Injectionthroughasettermethod(method-levelinjection)"></a> -## Injection through a setter method (method-level injection) - -The *setMaxLineItem* method in *InvoiceBean* class is annotated with -*@Resource* annotation to inject the simple environment entry. Only setters -can be used as a way to inject environment entry values. - -You could look up the env-entry using JNDI lookup() method and the -following name: - - java:comp/env/org.apache.openejb.examples.resource.InvoiceBean/maxLineItems - -The pattern is to combine the fully-qualified class name and the name of a -instance field (or a name of the setter method without _set_ prefix and the -first letter lowercased). - -<a name="ResourceInjection-@Resourceannotationofasettermethod"></a> -#### @Resource annotation of a setter method - - - @Resource - public void setMaxLineItems(int maxLineItems) { - this.maxLineItems = maxLineItems; - } - - -<a name="ResourceInjection-env-entryinejb-jar.xml"></a> -#### Using env-entry in ejb-jar.xml - - <env-entry> - <description>The maximum number of line items per invoice.</description> - <env-entry-name>org.apache.openejb.examples.injection.InvoiceBean/maxLineItems</env-entry-name> - <env-entry-type>java.lang.Integer</env-entry-type> - <env-entry-value>15</env-entry-value> - </env-entry> - - -<a name="ResourceInjection-Using@Resourceannotatedenv-entry"></a> -#### Using @Resource annotated env-entry - - public void addLineItem(LineItem item) throws TooManyItemsException { - if (item == null) { - throw new IllegalArgumentException("Line item must not be null"); - } - - if (itemCount <= maxLineItems) { - items.add(item); - itemCount++; - } else { - throw new TooManyItemsException("Number of items exceeded the maximum limit"); - } - } - - -<a name="ResourceInjection-JUnitTest"></a> -# JUnit Test - -Writing an JUnit test for this example is quite simple. We need just to -write a setup method to create and initialize the InitialContext, and then -write our test methods. - -<a name="ResourceInjection-Testfixture"></a> -#### Test fixture - - - protected void setUp() throws Exception { - Properties properties = new Properties(); - properties.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.apache.openejb.client.LocalInitialContextFactory"); - properties.setProperty("openejb.deployments.classpath.include", ".*resource-injection.*"); - initialContext = new InitialContext(properties); - } - - -<a name="ResourceInjection-Testmethods"></a> -#### Test methods - - public void testAddLineItem() throws Exception { - Invoice order = (Invoice)initialContext.lookup("InvoiceBeanBusinessRemote"); - assertNotNull(order); - LineItem item = new LineItem("ABC-1", "Test Item"); - - try { - order.addLineItem(item); - } catch (TooManyItemsException tmie) { - fail("Test failed due to: " + tmie.getMessage()); - } - } - - -<a name="ResourceInjection-Running"></a> -# Running - -Running the example is fairly simple. Just execute the following commands: - ->$ cd injection-of-env-entry -> ->$ mvn clean test - - - ------------------------------------------------------- - T E S T S - ------------------------------------------------------- - Running org.superbiz.injection.PurchaseOrderBeanTest - Apache OpenEJB 3.0.0-SNAPSHOT build: 20071218-01:41 - http://tomee.apache.org/ - INFO - openejb.home = c:\oss\openejb3\examples\injection-of-env-entry - INFO - openejb.base = c:\oss\openejb3\examples\injection-of-env-entry - WARN - Cannot find the configuration file [conf/openejb.xml]. Will attempt to create one for the beans deployed. - INFO - Configuring Service(id=Default Security Service,type=SecurityService, provider-id=Default Security Service) - INFO - Configuring Service(id=Default Transaction Manager, type=TransactionManager, provider-id=Default Transaction Manager) - INFO - Configuring Service(id=Default JDK 1.3 ProxyFactory, type=ProxyFactory, provider-id=Default JDK 1.3 ProxyFactory) - INFO - Found EjbModule in classpath: c:\oss\openejb3\examples\injection-of-env-entry\target\classes - INFO - Configuring app: c:\oss\openejb3\examples\injection-of-env-entry\target\classes - INFO - Configuring Service(id=Default Stateful Container, type=Container, provider-id=Default Stateful Container) - INFO - Auto-creating a container for bean InvoiceBean: Container(type=STATEFUL, id=Default Stateful Container) - INFO - Loaded Module: c:\oss\openejb3\examples\injection-of-env-entry\target\classes - INFO - Assembling app: c:\oss\openejb3\examples\injection-of-env-entry\target\classes - INFO - Jndi(name=InvoiceBeanRemote) --> Ejb(deployment-id=InvoiceBean) - INFO - Jndi(name=PurchaseOrderBeanRemote) --> Ejb(deployment-id=PurchaseOrderBean) - INFO - Created Ejb(deployment-id=InvoiceBean, ejb-name=InvoiceBean, container=Default Stateful Container) - INFO - Created Ejb(deployment-id=PurchaseOrderBean, ejb-name=PurchaseOrderBean, container=Default Stateful Container) - INFO - Deployed Application(path=c:\oss\openejb3\examples\injection-of-env-entry\target\classes) - INFO - OpenEJB ready. - OpenEJB ready. - Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.859 sec - Running org.superbiz.injection.InvoiceBeanTest - Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.031 sec - - Results : - - Tests run: 4, Failures: 0, Errors: 0, Skipped: 0 - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/resource-ref-for-datasource.mdtext ---------------------------------------------------------------------- diff --git a/docs/resource-ref-for-datasource.mdtext b/docs/resource-ref-for-datasource.mdtext deleted file mode 100644 index e48552e..0000000 --- a/docs/resource-ref-for-datasource.mdtext +++ /dev/null @@ -1,42 +0,0 @@ -# Via annotation - - package org.superbiz.refs; - - import javax.annotation.Resource; - import javax.ejb.Stateless; - import javax.naming.InitialContext; - import javax.sql.DataSource; - - @Stateless - @Resource(name = "myFooDataSource", type = DataSource.class) - public class MyDataSourceRefBean implements MyBeanInterface { - - @Resource - private DataSource myBarDataSource; - - public void someBusinessMethod() throws Exception { - if (myBarDataSource == null) throw new NullPointerException("myBarDataSource not injected"); - - // Both can be looked up from JNDI as well - InitialContext context = new InitialContext(); - DataSource fooDataSource = (DataSource) context.lookup("java:comp/env/myFooDataSource"); - DataSource barDataSource = (DataSource) context.lookup("java:comp/env/org.superbiz.refs.MyDataSourceRefBean/myBarDataSource"); - } - } - -# Via xml - -The above @Resource annotation usage is 100% equivalent to the following xml. - - <resource-ref> - <res-ref-name>myFooDataSource</res-ref-name> - <res-type>javax.sql.DataSource</res-type> - </resource-ref> - <resource-ref> - <res-ref-name>org.superbiz.refs.MyDataSourceRefBean/myBarDataSource</res-ref-name> - <res-type>javax.sql.DataSource</res-type> - <injection-target> - <injection-target-class>org.superbiz.refs.MyDataSourceRefBean</injection-target-class> - <injection-target-name>myBarDataSource</injection-target-name> - </injection-target> - </resource-ref> http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/running-a-standalone-openejb-server.mdtext ---------------------------------------------------------------------- diff --git a/docs/running-a-standalone-openejb-server.mdtext b/docs/running-a-standalone-openejb-server.mdtext deleted file mode 100644 index 2fd04bf..0000000 --- a/docs/running-a-standalone-openejb-server.mdtext +++ /dev/null @@ -1,91 +0,0 @@ -Title: Running a standalone OpenEJB server - -<a name="RunningastandaloneOpenEJBserver-ConfiguringtheOpenEJBRuntime"></a> -# Configuring the OpenEJB Runtime -The OpenEJB Eclipse plugin provides support for running OpenEJB as a -standalone server in Eclipse using WTP. - -To setup a server, first of all, you will need to have a copy of OpenEJB -extracted on your machine. Once you have that, the next step is to set up a -runtime. - -To set up a new runtime, click on Window, Preferences, and select Installed -Runtimes under the Server category. Click the Add button. - -![http://people.apache.org/~jgallimore/images/server_step_4.jpg][1] - -Select OpenEJB 3.0.0 from the Apache category, and click next. If you -choose to 'also create a new server' on this panel, you can add a server -straight after configuring the runtime. - -![http://people.apache.org/~jgallimore/images/server_step_5.jpg][2] - -Browse to, or enter the path to your copy of OpenEJB. Click on Finish. - -<a name="RunningastandaloneOpenEJBserver-ConfiguringtheOpenEJBServer"></a> -# Configuring the OpenEJB Server -Open the Servers view (if it isn't already), and right click and select -New->Server. - -![http://people.apache.org/~jgallimore/images/server_step_8.jpg][3] - -Select OpenEJB 3.0.0 from the Apache category, ensure you have the OpenEJB -runtime selected, and click Next. - -![http://people.apache.org/~jgallimore/images/server_step_9.jpg][4] - -Select the EJB port for the server, and select Finish. - -![http://people.apache.org/~jgallimore/images/server_step_10.jpg][5] - -<a name="RunningastandaloneOpenEJBserver-Deployingaproject"></a> -# Deploying a project -In order to deploy your project to an OpenEJB server in Eclipse, your -project must be a Java EE project, with the EJB facet enabled. If your -project doesn't have the Faceted nature, you can use the OpenEJB plugin to -add it. Simply select OpenEJB->Add Faceted Nature from the menu bar. - -![http://people.apache.org/~jgallimore/images/server_step_1.jpg][6] - -To add the EJB facet, right click on the project in the navigator, and -select Properties. Select Project Facets on the left hand side. Click on -the Modify Project button. - -![http://people.apache.org/~jgallimore/images/server_step_2.jpg][7] - -Select the EJB Module facet, and the Java Facet. Remember to select your -OpenEJB runtime too. Click Next. - -![http://people.apache.org/~jgallimore/images/server_step_6.jpg][8] - -Enter the source folder for the EJBs in your project and click Finish. - -![http://people.apache.org/~jgallimore/images/server_step_7.jpg][9] - -Now right click on your OpenEJB server in the servers view, and select Add -and Remove Projects. - -![http://people.apache.org/~jgallimore/images/server_step_11.jpg][10] - -Add your project to the server, and click Finish. - -![http://people.apache.org/~jgallimore/images/server_step_12.jpg][11] - -To start the server, Right click on your OpenEJB server, and select Start. - -![http://people.apache.org/~jgallimore/images/server_step_13.jpg][12] - - - - [1]: http://people.apache.org/~jgallimore/images/server_step_4.jpg - [2]: http://people.apache.org/~jgallimore/images/server_step_5.jpg - [3]: http://people.apache.org/~jgallimore/images/server_step_8.jpg - [4]: http://people.apache.org/~jgallimore/images/server_step_9.jpg - [5]: http://people.apache.org/~jgallimore/images/server_step_10.jpg - [6]: http://people.apache.org/~jgallimore/images/server_step_1.jpg - [7]: http://people.apache.org/~jgallimore/images/server_step_2.jpg - [8]: http://people.apache.org/~jgallimore/images/server_step_6.jpg - [9]: http://people.apache.org/~jgallimore/images/server_step_6.jpg - [10]: http://people.apache.org/~jgallimore/images/server_step_11.jpg - [11]: http://people.apache.org/~jgallimore/images/server_step_12.jpg - [12]: http://people.apache.org/~jgallimore/images/server_step_13.jpg \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/securing-a-web-service.mdtext ---------------------------------------------------------------------- diff --git a/docs/securing-a-web-service.mdtext b/docs/securing-a-web-service.mdtext deleted file mode 100644 index 80b565e..0000000 --- a/docs/securing-a-web-service.mdtext +++ /dev/null @@ -1,239 +0,0 @@ -Title: Securing a Web Service - -Web Services are a very common way to implement a Service Oriented -Architecture (SOA). - -There are lots of web service standards/specifications (XML, SOAP, WSDL, -UUDI, WS-*, ...) coming from organizations like W3C, OASIS, WS-I, ... -And there are java web service standards like JAX-WS 1.x (JSR 181), JAX-WS -2.0 (JSR 224). - -OpenEJB provides a standard way to implement web services transport -protocol throughout the JAX-WS specification. -Java basic standards for web services (JAX-WS) do lack some features that -are required in most real world applications, e.g. standard ways for -handling security and authentication (there is no java specification for -Oasis's WS-Security specification). - -OpenEJB provides two mechanisms to secure webservices - HTTP authentication -and WS-Security: - -HTTPS : works at the transport level, enables a point-to-point security. -It has no impact on developments. It allows you : - -1. To secure data over the network with data encrypted during transport -2. To identify the end user with SSLv3 with client certificate required -3. OpenEJB supports BASIC authentication over HTTP(S), using the configured -JAAS provider. This will honour any EJB security roles you have setup using -@RolesAllowed. See the webservice-security example in the OpenEJB codebase [http://svn.apache.org/repos/asf/tomee/tomee/trunk/examples/](http://svn.apache.org/repos/asf/tomee/tomee/trunk/examples/) - -*Warning: -Currently only BASIC is the only HTTP authentication mechanism available -when running OpenEJB standalone or in a unit test, but we hope to support -DIGEST in the future.* - - -WS-Security: works at the message (SOAP) level, enables a higher-level -security, -Nowadays, SOAP implementations use other protocols than just HTTP so we -need to apply security to the message itself and not only at the transport -layer. Moreover, HTTPS can only be used for securing point-to-point -services which tend to decrease with Enterprise Service Bus for example. - -The Oasis organization has defined a standard (part of well-known WS-*) -which aims at providing high level features in the context of web services: -WS-Security. It provides a standard way to secure your services above and -beyond transport level protocols such as HTTPS. WS-Security relies on other -standards like XML-Encryption. - -Main features are: - -1. Timestamp a message, -2. Pass credentials (plain text and/or ciphered) between services, -3. Sign messages, -4. Encrypt messages or part of messages. - -Again, JAX-WS doesn't standardize security for web services. OpenEJB -provides a common and highly configurable way to configure WS-Security in -association with the JAX-WS usage without vendor dependence. Internally, -OpenEJB integrates Apache WSS4J as the WS-Security implementation. To use -the integration, you will need to configure WSS4J using the -*openejb-jar.xml*. - -*Warning: -the proposed WS-Security integration is only used at server side. -Currently, WS-Security client configuration is not managed by OpenEJB. You -can use the JAX-WS API to create a stub and then rely on the implementation -to set up WS-Security properties.* - -This configuration file lets you set up incoming and outgoing security -parameters. Incoming and outgoing configuration is independent so that you -can configure either one or the other or both. You can decide to check -client credentials for incoming messages and sign outgoing messages -(response). - -<a name="SecuringaWebService-Configurationprinciples"></a> -# Configuration principles -The configuration is made in the *openejb-jar.xml*. Each endpoint web -service can provide a set of properties to customize WS-Security behavior -through the <properties> element. The content of this element is consistent -with the overall structure of *openejb.xml*. The format for properties is -the same as if you would use a common java property file. - - - - <properties> - wss4j.in.action = UsernameToken - wss4j.in.passwordType = PasswordDigest - wss4j.in.passwordCallbackClass=org.superbiz.calculator.CustomPasswordHandler - </properties> - - - -In order to recover WSS4J properties both for input and output, we use -naming conventions. -Each property is made of - <wss4j>.<in|out>.<wss4j property name>=<wss4j property value> - -For example : *wss4j.in.action = UsernameToken* - -<a name="SecuringaWebService-UsernameToken(Passworddigest)example"></a> -# Username Token (Password digest) example -<a name="SecuringaWebService-Excerptfrom*openejb-jar.xml*."></a> -#### Excerpt from *openejb-jar.xml*. - - - <openejb-jar xmlns="http://tomee.apache.org/xml/ns/openejb-jar-2.2";> - <enterprise-beans> - ... - <session> - <ejb-name>CalculatorImpl</ejb-name> - <web-service-security> - <security-realm-name/> - <transport-guarantee>NONE</transport-guarantee> - <auth-method>WS-SECURITY</auth-method> - <properties> - wss4j.in.action = UsernameToken - wss4j.in.passwordType = PasswordDigest - wss4j.in.passwordCallbackClass=org.superbiz.calculator.CustomPasswordHandler - </properties> - </web-service-security> - </session> - ... - </enterprise-beans> - </openejb-jar> - - -<a name="SecuringaWebService-Requestsentbytheclient."></a> -#### Request sent by the client. -This request contains SOAP headers to manage security. You can see -*UsernameToken* tag from the WS-Security specification. - - POST /CalculatorImplUsernameTokenHashedPassword HTTP/1.1 - Content-Type: text/xml; charset=UTF-8 - SOAPAction: "" - Accept: * - Cache-Control: no-cache - Pragma: no-cache - User-Agent: Java/1.5.0_05 - Host: 127.0.0.1:8204 - Connection: keep-alive - Transfer-Encoding: chunked - - 524 - <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> - <soap:Header> - <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soap:mustUnderstand="1"> - <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; - wsu:Id="UsernameToken-22402238" - xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> - <wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>jane</wsse:Username> - <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"; - xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>tf7k3a4GREIt1xec/KXVmBdRNIg=</wsse:Password> - <wsse:Nonce xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>cKhUhmjQ1hGYPsdOLez5kA==</wsse:Nonce> - <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2009-04-14T20:16:26.203Z</wsu:Created> - </wsse:UsernameToken> - </wsse:Security> - </soap:Header> - <soap:Body> - <ns1:sum xmlns:ns1="http://superbiz.org/wsdl";> - <arg0>4</arg0> - <arg1>6</arg1> - </ns1:sum> - </soap:Body> - </soap:Envelope> - - -<a name="SecuringaWebService-Theresponsereturnedfromtheserver."></a> -#### The response returned from the server. - - HTTP/1.1 200 OK - Content-Length: 200 - Connection: close - Content-Type: text/xml; charset=UTF-8 - Server: OpenEJB/??? (unknown os) - - <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> - <soap:Body> - <ns1:sumResponse xmlns:ns1="http://superbiz.org/wsdl";> - <return>10</return> - </ns1:sumResponse> - </soap:Body> - </soap:Envelope> - - -<a name="SecuringaWebService-JAASwithWS-Security"></a> -# JAAS with WS-Security - -@RolesAllowed doesn't work straight off with WS-Security, but you can add -calls to the OpenEJB SecurityService to login to a JAAS provider to a -CallbackHandler. Once you have done this, any permissions configured with -@RolesAllowed should be honoured. - -Here is a snippet from the webservice-ws-security example demonstrating -this: - - - public class CustomPasswordHandler implements CallbackHandler { - - public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { - WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; - - if (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) { - // TODO get the password from the users.properties if possible - pc.setPassword("waterfall"); - - } else if (pc.getUsage() == WSPasswordCallback.DECRYPT) { - - pc.setPassword("serverPassword"); - - } else if (pc.getUsage() == WSPasswordCallback.SIGNATURE) { - - pc.setPassword("serverPassword"); - - } - - if ((pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN) || (pc.getUsage() == WSPasswordCallback.USERNAME_TOKEN_UNKNOWN)) { - - SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class); - Object token = null; - try { - securityService.disassociate(); - - token = securityService.login(pc.getIdentifer(), pc.getPassword()); - securityService.associate(token); - - } catch (LoginException e) { - e.printStackTrace(); - throw new SecurityException("wrong password"); - } - } - } - } - - - -<a name="SecuringaWebService-Examples"></a> -# Examples -A full example (webservice-ws-security) is available with OpenEJB Examples. - http://git-wip-us.apache.org/repos/asf/tomee/blob/c3f8984b/docs/security-annotations.mdtext ---------------------------------------------------------------------- diff --git a/docs/security-annotations.mdtext b/docs/security-annotations.mdtext deleted file mode 100644 index bdd8d6d..0000000 --- a/docs/security-annotations.mdtext +++ /dev/null @@ -1,294 +0,0 @@ -Title: Security Annotations -This page shows the correct usage of the security related annotations: - - - javax.annotation.security.RolesAllowed - - javax.annotation.security.PermitAll - - javax.annotation.security.DenyAll - - javax.annotation.security.RunAs - - javax.annotation.security.DeclareRoles - -<a name="SecurityAnnotations-Basicidea"></a> -## Basic idea - -- By default all methods of a business interface are accessible, logged in -or not -- The annotations go on the bean class, not the business interface -- Security annotations can be applied to entire class and/or individual -methods -- The names of any security roles used must be declared via @DeclareRoles - -<a name="SecurityAnnotations-Norestrictions"></a> -## No restrictions - -Allow anyone logged in or not to invoke 'svnCheckout'. - -These three examples are all equivalent. - - - @Stateless - public class OpenSourceProjectBean implements Project { - - public String svnCheckout(String s) { - return s; - } - } - - - @Stateless - @PermitAll - public class OpenSourceProjectBean implements Project { - - public String svnCheckout(String s) { - return s; - } - } - - - @Stateless - public class OpenSourceProjectBean implements Project { - - @PermitAll - public String svnCheckout(String s) { - return s; - } - } - - - - Allow anyone logged in or not to invoke 'svnCheckout'. - -<a name="SecurityAnnotations-RestrictingaMethod"></a> -## Restricting a Method - -Restrict the 'svnCommit' method to only individuals logged in and part of -the "committer" role. Note that more than one role can be listed. - - - @Stateless - @DeclareRoles({"committer"}) - public class OpenSourceProjectBean implements Project { - - @RolesAllowed({"committer"}) - public String svnCommit(String s) { - return s; - } - - public String svnCheckout(String s) { - return s; - } - } - - - - Allow only logged in users in the "committer" role to invoke -'svnCommit'. - - Allow anyone logged in or not to invoke 'svnCheckout'. - - -<a name="SecurityAnnotations-DeclareRoles"></a> -## DeclareRoles - -You need to update the @DeclareRoles when referencing roles via -isCallerInRole(roleName). - - - @Stateless - @DeclareRoles({"committer", "contributor"}) - public class OpenSourceProjectBean implements Project { - - @Resource SessionContext ctx; - - @RolesAllowed({"committer"}) - public String svnCommit(String s) { - ctx.isCallerInRole("committer"); // Referencing a Role - return s; - } - - @RolesAllowed({"contributor"}) - public String submitPatch(String s) { - return s; - } - } - - -<a name="SecurityAnnotations-Restrictingallmethodsinaclass"></a> -## Restricting all methods in a class - -Placing the annotation at the class level changes the default of PermitAll - - - @Stateless - @DeclareRoles({"committer"}) - @RolesAllowed({"committer"}) - public class OpenSourceProjectBean implements Project { - - public String svnCommit(String s) { - return s; - } - - public String svnCheckout(String s) { - return s; - } - - public String submitPatch(String s) { - return s; - } - } - - -- Allow only logged in users in the "committer" role to invoke 'svnCommit', -'svnCheckout' or 'submitPatch'. - -<a name="SecurityAnnotations-Mixingclassandmethodlevelrestrictions"></a> -## Mixing class and method level restrictions - -Security annotations can be used at the class level and method level at the -same time. These rules do not stack, so marking 'submitPatch' overrides -the default of "committers". - - - @Stateless - @DeclareRoles({"committer", "contributor"}) - @RolesAllowed({"committer"}) - public class OpenSourceProjectBean implements Project { - - public String svnCommit(String s) { - return s; - } - - public String svnCheckout(String s) { - return s; - } - - @RolesAllowed({"contributor"}) - public String submitPatch(String s) { - return s; - } - } - - - - Allow only logged in users in the "committer" role to invoke 'svnCommit' -or 'svnCheckout' - - Allow only logged in users in the "contributor" role to invoke -'submitPatch'. - -<a name="SecurityAnnotations-PermitAll"></a> -## PermitAll - -When annotating a bean class with @RolesAllowed, the @PermitAll annotation -becomes very useful on individual methods to open them back up again. - - - @Stateless - @DeclareRoles({"committer", "contributor"}) - @RolesAllowed({"committer"}) - public class OpenSourceProjectBean implements Project { - - public String svnCommit(String s) { - return s; - } - - @PermitAll - public String svnCheckout(String s) { - return s; - } - - @RolesAllowed({"contributor"}) - public String submitPatch(String s) { - return s; - } - } - - - - Allow only logged in users in the "committer" role to invoke -'svnCommit'. - - Allow only logged in users in the "contributor" role to invoke -'submitPatch'. - - Allow anyone logged in or not to invoke 'svnCheckout'. - - -<a name="SecurityAnnotations-DenyAll"></a> -## DenyAll - -The @DenyAll annotation can be used to restrict business interface access -from anyone, logged in or not. The method is still invokable from within -the bean class itself. - - - @Stateless - @DeclareRoles({"committer", "contributor"}) - @RolesAllowed({"committer"}) - public class OpenSourceProjectBean implements Project { - - public String svnCommit(String s) { - return s; - } - - @PermitAll - public String svnCheckout(String s) { - return s; - } - - @RolesAllowed({"contributor"}) - public String submitPatch(String s) { - return s; - } - - @DenyAll - public String deleteProject(String s) { - return s; - } - } - - - - Allow only logged in users in the "committer" role to invoke -'svnCommit'. - - Allow only logged in users in the "contributor" role to invoke -'submitPatch'. - - Allow anyone logged in or not to invoke 'svnCheckout'. - - Allow *no one* logged in or not to invoke 'deleteProject'. - -<a name="SecurityAnnotations-IllegalUsage"></a> -# Illegal Usage - -Generally, security restrictions cannot be made on AroundInvoke methods and -most callbacks. - -The following usages of @RolesAllowed have no effect. - - - @Stateful - @DecalredRoles({"committer"}) - public class MyStatefulBean implements MyBusinessInterface { - - @PostConstruct - @RolesAllowed({"committer"}) - public void constructed(){ - - } - - @PreDestroy - @RolesAllowed({"committer"}) - public void destroy(){ - - } - - @AroundInvoke - @RolesAllowed({"committer"}) - public Object invoke(InvocationContext invocationContext) throws -Exception { - return invocationContext.proceed(); - } - - @PostActivate - @RolesAllowed({"committer"}) - public void activated(){ - - } - - @PrePassivate - @RolesAllowed({"committer"}) - public void passivate(){ - - } - } - -
![http://people.apache.org/~jgallimore/images/server_step_4.jpg][1](http://people.apache.org/~jgallimore/images/server_step_4.jpg][1){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_5.jpg][2](http://people.apache.org/~jgallimore/images/server_step_5.jpg][2){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_8.jpg][3](http://people.apache.org/~jgallimore/images/server_step_8.jpg][3){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_9.jpg][4](http://people.apache.org/~jgallimore/images/server_step_9.jpg][4){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_10.jpg][5](http://people.apache.org/~jgallimore/images/server_step_10.jpg][5){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_1.jpg][6](http://people.apache.org/~jgallimore/images/server_step_1.jpg][6){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_2.jpg][7](http://people.apache.org/~jgallimore/images/server_step_2.jpg][7){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_6.jpg][8](http://people.apache.org/~jgallimore/images/server_step_6.jpg][8){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_7.jpg][9](http://people.apache.org/~jgallimore/images/server_step_7.jpg][9){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_11.jpg][10](http://people.apache.org/~jgallimore/images/server_step_11.jpg][10){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_12.jpg][11](http://people.apache.org/~jgallimore/images/server_step_12.jpg][11){kind=link}
![http://people.apache.org/~jgallimore/images/server_step_13.jpg][12](http://people.apache.org/~jgallimore/images/server_step_13.jpg][12){kind=link}
