How to specify on the web application to request for a Digital Certificte
I am using orion and I have added SSL on it. Then I have two web servers running, one http and the other https. How should I configure Orion to request the user a digital certificate?? Thanks
SUN JDK1.3 RC1 for Linux
might be of interest to some people on this list http://developer.java.sun.com/developer/earlyAccess/j2sdk13/download-linux.html (-) Robert Krüger (-) SIGNAL 7 Gesellschaft für Informationstechnologie mbH (-) Brüder-Knauß-Str. 79 - 64285 Darmstadt, (-) Tel: 06151 665401, Fax: 06151 665373 (-) [EMAIL PROTECTED], www.signal7.de
Re: Orion Difficulities....
Wow, thanks. Perhaps, I'm lame, but that was not obvious in the documentation? I agree it is not obvious from what they call documentation. However, thinking about it twice, it makes a lot of sense that an admin tool does not talk to the HTTP port, but instead to a dedicated RMI port. Been there myself, and everywhere else. regards, Chris
Re: Device dependent xsl translation recommendation
can you explain briefly what the taglib does? From the readme I gather that it simply places an xsl-stylesheet reference in my page depending on the requesting target device. Does this not require an XSL-aware client, which is able to render the page with the given stylesheet? thanks, After posting the original message this morning, I went to work putting together a custom tag to do what I suggested this morning. A zip file containing all the source, and instructions is attached to this email. Please feel free to use it. If you run into any problems, let me know. (See attached file: xsltags.zip) James Birchfield Ironmax a better way to buy, sell and rent construction equipment 5 Corporate Center 9960 Corporate Campus Drive, Suite 2000 Louisville, KY 40223
referential integrity and ejb's
To inforce referential integrity with ejb's are there any implications if i do a look up in the ejbcreate and throw a createException, or would this be better suited to using a session bean. Alex.
Re: Device dependent xsl translation recommendation
Absolutely - but realise that Orion itself is an XSL-aware client, so that the web browser doesn't have to be. For an overused example, consider www.orionsupport.com, which is 100% XML... but renders on lynx just fine, thank you very much. I'm not using this taglib yet, because the XSL I'm using renders well on every browser I've tried, but I may indeed use this eventually for the purpose of extra flexibility. On Sat, 9 Sep 2000, Christian Sell wrote: can you explain briefly what the taglib does? From the readme I gather that it simply places an xsl-stylesheet reference in my page depending on the requesting target device. Does this not require an XSL-aware client, which is able to render the page with the given stylesheet? thanks, After posting the original message this morning, I went to work putting together a custom tag to do what I suggested this morning. A zip file containing all the source, and instructions is attached to this email. Please feel free to use it. If you run into any problems, let me know. (See attached file: xsltags.zip) James Birchfield Ironmax a better way to buy, sell and rent construction equipment 5 Corporate Center 9960 Corporate Campus Drive, Suite 2000 Louisville, KY 40223 --- Joseph B. Ottinger [EMAIL PROTECTED] http://cupid.suninternet.com/~joeo HOMES.COM Developer
Re: 3rd post, no answer
Hello Dale, I think this might be something that most people isn't using heavily (mailing from different servers) and that this can explain why noone on the Orion-Interest list has answered you. Remember that the people answering the questions on orion-interest (Joseph, Arved, Krüger, Chan, Adams, Smith, Elias, Salaman, Richardson, Ernst, Wenting, Walnes, Lorandi, Duffey, Thiele, Myrseth, Rydin, Cannon-Brooks, a great thanks to all of you, and the ones I missed for helping out as much as you do here on the list), are answering because they feel like helping out, and if they didn't answer the first or second time around, they might not feel like answering the third time around either. If you believe it's an Orion bug, submitting it to Bugzilla will mean that you will be notified about the status of it from the Orion developers (sorry if you have already done so). Regards, Karl Avedal Dale Bronk wrote: Sorry to keep posting this, but I really need an answer. I have a problem that I hope isn't not normal behavior and something I have configured incorrectly. Snip of my sever.xml: global-application name="MyDomain" path="c:\webapps\mydomain-web-app\config\mydomain-application.xml" /-- application name="Client1Domain" path="c:\webapps\Client1Domain-web-app\config\Client1Domain-application.xml" / application name="Client2Domain" path="c:\webapps\Client2Domain-web-app\config\Client2Domain-application.xml" / application name="Client3Domain" path="c:\webapps\Client3Domain-web-app\config\Client3Domain-application.xml" / application name="Client4Domain" path="c:\webapps\Client4Domain-web-app\config\Client4Domain-application.xml" / application name="Client5Domain" path="c:\webapps\Client5Domain-web-app\config\Client5Domain-application.xml" / In mydomain-application.xml, I have: (note that this is my global application) mail-session location="mail/MailSession" smtp-host="mail.mydomain.com" property name="mail.transport.protocol" value="smtp" / property name="mail.smtp.from" value="[EMAIL PROTECTED]" / property name="mail.from" value="[EMAIL PROTECTED]" / /mail-session Now I want to also place the same mail session entries in each of my clients application.xml files except specifying their domain: mail-session location="mail/MailSession" smtp-host="mail.Client1Domain.com" property name="mail.transport.protocol" value="smtp" / property name="mail.smtp.from" value="[EMAIL PROTECTED]" / property name="mail.from" value="[EMAIL PROTECTED]" / /mail-session I have a FormMailServlet that I install on all my clients web.xml files which uses mail.jar classes send the email. My problem is it doesn't matter which one I go to, Orion always uses my mail-session entries from the global application. It doesn't seem to get over written for each other application. I also tried to explicitly set the mail server in my FormMailServet to what is passed in. I pass in mail.Client1Domain.com and inside my class I do the following: properties.put( "mail.smtp.host", "mail.Client1Domain.com"); properties.put( "smtp-host", "mail.Client1Domain.com"); // Not needed as far as I know I also turn verbose on so I can see what is happening. It always uses mail.mydomain.com! If I comment out the mail-session entries from my global application xml then it works fine as long as I pass in the value and explicitly set the mail.smtp.host as above. In other words, it seems to ignore the mail-session in the Clientxxx-application.xml files as I pointed the smtp-host entry in one of the application.xml files to an existing server, but a different one. When I explicitly set the entries it uses the entries I set, not the mail-session entries. Seems to only use the mail-session entries only if in the global application xml file and no where else. When in the global application xml file, it seems you can only use that one even if I explicitly set it to a different one. What gives? Sorry for the long email, but I wanted to be sure to give all the data. Dale Bronk Dale Bronk [EMAIL PROTECTED] Windscape Consulting, Inc. http://www.windscape.com
Re: Orion Difficulities....
Hello Richard, Well, the documentation has so far assumed that the user understands the concept of different URL schemes and different protocols (like http://, ftp:// or ormi://) and understand that they are not the same thing and use different ports, but that you normally don't need to specify the port unless you change something. We will somehow explain this in the FAQ to avoid more confusion about this. However, there is a reason why there is no admin port mentioned in the documentation. It's simply because no special admin port exists. The admin traffic use the regular ormi port. Regards, Karl Avedal Richard Landon wrote: Wow, thanks. Perhaps, I'm lame, but that was not obvious in the documentation? -Original Message- From: Jason von Nieda [mailto:[EMAIL PROTECTED]] Sent: Friday, September 08, 2000 4:09 PM To: Orion-Interest Subject: Re: Orion Difficulities Remove the port (8080) from your ormi URL. The admin port is different from the web port and is configuredin orion/config/rmi.xml - Original Message - From:Richard Landon To: Orion-Interest Sent: Friday, September 08, 2000 4:51 PM Subject: Orion Difficulities I am have some major problems with the learning curve with this server. I have previously used (succesfully)(1) J2EE RI(2) Web Logic 5.1(3) IAS(4) Silverstream(5) Gemstone/JI start the server as follows:[C:/orion] java -jar orion.jar Orion/1.2.9 initializedI take this to mean the server is running.I then do a http://blazer.youbet.com:8080 and see the web page.(I modified the port since I'm already running Apache on port 80).For example, according to the documentation, to shutdown the server:[C:/orion] java -jar admin.jar ormi://blazer.youbet.com:8080 admin root -shutdown Error: javax.naming.NamingException: Lookup error: java.io.StreamCorruptedException: Caught EOFException while reading t he stream header; nested exception is: java.io.StreamCorruptedException: Caught EOFException while reading the stream header So after two-days, it is not possible to figure out how to shutdown the server.I'll try a little bit long, then remove this server from our vendor list.
Re: Clustering and load balancing Howto
Hi, Its already out heh..I gotta go get it. Where ideally should loadbalancer.jar be executed? Obviously if it is running on one of the machines in the cluster it isn't so good.. sort of defeats the fail-safe purposes... So should it have it's own machine? Or am I just missing something. From what Magnus told me ( I think it was he), it is ok to run it on the same server, but as you said, it defeats the purpose. Ideally, you would run it on its own box, and have it communicate on the same port/ip multi-cast as the two or more orion servers for load-balancing. I have a question on this matter. What if I want one load-balancer feeding multiple islands? Can this program load-balance properly between multiple Orion islands? I recall Karl teaching me (and others on the list) about how Orion can work as mutliple islands. The reason this is helpful is that if you have 10 servers on one island, each HttpSession of each server is replicated to all 10 servers. First, this can take a little more time to send all the objects of each servers HttpSession to the other 9 servers for replication. Second, the memory of each server would need to be able to handle the number of objects for all 10 HttpSessions. As Karl pointed out, using an island with say, 2 or 3 servers, but having multiple islands, will reduce the memory footprint needed, as well as increase performance since each island only replicates the HttpSession data within the servers of its island. So, being that this load-balancer program is Orion aware, is it possible to set up multiple islands and does it distribute the load evenly through each island, and each server in each island? Excellent! BUT. when I start up the dead server again... it gets detected by the loadbalancer... starts receiving updates from the other server... so I kill of Server #2 it dies... and the counter returns to 1 even though the counter value DID get passed (listed in the debug messages)... for some reason it creates a new session. Any ideas here? That worries me. I hope this is just a bug or something. In fact after the first successful fail-over ... I can't get it to do it again without stopping the loadbalancer... and then both servers... then starting the load balancer... then both the servers again. It seems to only work once... then not anymore... even though it LOOKS like it should work. Any help is greatly appreciated! I am using Orion 1.3.3 since that's what the autoupdate gave me... the HOWTO DOES say to use 1.3.5+ but I don't know where that is. Really? I thought in 1.2.9 the load-balancer was functional. I haven't tried it yet, but I was told 1.2.9 is a stable release, and that is what I intend on doing production with. OrionTeam...is 1.3.5+ a stable release?
Re: RMI-IIOP
Karl, Do you have an approximate timeframe for implementation of this feature? Thanks, Cory At 12:10 AM 9/9/00 +0200, Karl Avedal wrote: Hello Cory, RMI-IIOP is scheduled to be implemented for the full EJB 2.0 release but is not yet. Regards, Karl Avedal Cory Adams wrote: Has anybody implemented RMI-IIOP to interoperate from an EJB to a different system? If so how is it supported within ORION or does it totally depend upon the JDK's support for RMI-IIOP? Also how to you implement RMI-IIOP usage in an EJB? Can the container pool those connections. Thanks, Cory
RE: SSL and non SSL within the same instance of the web application
You can do this all within a single running orion server process. You will need to define the two web applications using the default-web-site.xml as a starting point. I copied this and created a second file called ssl-web-site.xml. In both of these files you should refer to the same application using this line: default-web-app application="default" name="defaultWebApp" shared="true" / The 'shared="true"' setting allows both web applications to share HttpSession based objects so when you transfer from non-SSL to SSL your user sessions will stay intact. Access the SSL portion of your site using https:// Good luck, Mikef -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Terence KwanSent: Friday, September 08, 2000 8:18 PMTo: Orion-InterestSubject: SSL and non SSL within the same instance of the web application Hello, we can setup SSL on the application without problem. However, can we setup SSL enable part of the web application? For example, I just want to setup SSL enable on the member area of the web site but not the whole web application. Or do we need to setup 2 applications - one for SSL enable and one for non SSL enable. Thanks TK
RE: Orion RMI Security problem
Title: Orion RMI Security problem Hi, Matt This is largely not Orion-dependent stuff. You evidently have some security roles and method permissions declared in the ejb-jar.xml for UserBean, but you haven't logged in under any of the security roles that may access the create() method (and presumably others). Without logging in your servlet is going to be a "guest" as far as EJB's are concerned. Assuming that you wish to maintain the entity bean security, you'll want to place a security constraint on some web component. I trust you have some JSPs and/or HTML pages out in front of your servlet; look at the docs for web.xml and study the security-constraint tag. At some point in your business logic flow, exemplified by transitioning from one JSP to another (or similar), it will make sense to place the target JSP or HTML under a security constraint to trigger a login, which for you at this stage is probably easiest with BASIC or FORM-based authentication. If you've used an app-client then you'll have already encountered login. Either a dialog pops up or you use a jndi.properties file. Same idea. Up to this point everything is as specified by the J2EE spec. You'd have to do this with any other server. The server dependency enters in user/group mapping to security roles. You explicitly specify users and groups in config/principals.xml. So you may have username=Matt, password=matt123 declared there, and included that user in groups "users" and "agents". How do we ensure that "Matt" and "matt123" entered at login time map to security role "agent", for example? Use the security-role-mapping in orion-application.xml, which may be set up in the top-level META-INF and will get properly deployed as a result. In this tag we designate that either user "Matt" or group "agents", or both, map to role "agent", which is the same role as you have in web.xml and ejb-jar.xml. If you don't actually have anything other than the servlet (which is a model we use), then things get exciting and you need to programmatically authenticate and login. Hopefully that's not the case for you. :-) Hope this helps. It's worth pointing out that the second part you'd also have to do with any J2EE server, in varying degrees of obscurity and completeness and ease of use. Orion is pretty darned good in this respect, compared to most of the other servers out there. If you've used the J2EE RI then anything you did with "realmtool" falls into the server-dependent category, for example. Arved Sandstrom -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tilchen, MattSent: Friday, September 08, 2000 4:51 PMTo: Orion-InterestSubject: Orion RMI Security problem Hello all, I currently have an entity bean deployed under the JNDI name "UserBean" I am accessing the bean from a servlet running in the same VM and am getting the following exception: "com.evermind.server.rmi.OrionRemoteException: guest is not allowed to call the UserBean.create(...) method, check your security settings." Do any of you know how to alleviate this. I am relatively new to Orion so maybe one of you could just point me in the right direction for some reading. You all have been very helpful in your responses in the past and I appreciate all of them. Thanks again. -Matt Tilchen [EMAIL PROTECTED]
OR mapping of table joins for CMP
Can somebody please point me to a good reference for managing joins across multiple tables while using CMP? There was a thread on the list that somebody pointed me to previously but it did not really give the information I needed. I just want to be able to specify tables and fields to do joins on with Orion for CMP. Thanks, Cory
