Re: Forwarding *.jsp from Apache to Orion
Hi Manish, What we do in Apache, is a combination of mod_rewrite and mod_proxy, as the latter is just able to proxy directories on its own. Something like that: ... RewriteEngine on RewriteRule ^(.*)\.jsp$ /proxy_orion_server/$1.jsp [P] ... ProxyRequests On ProxyPass/proxy_orion_server/ http://www.orion.host:8080/ ProxyPassReverse /proxy_orion_server/ http://www.orion.host:8080/ ... I hope it helps, D. Manish M. Shah wrote: Hi guys, We have to use Apache as our web server and Orion as the application server. As a result, I need to forward all *.jsp files from Apache to Orion. I know about the proxy setup in Apache. I also know about forwarding *.html/*.jpg/etc files from Orion to Apache, but we need to forward from Apache to Orion. Has anyone had any luck or success with that? Thanks. Manish
Re: [announce] Log4J Appender for Orion's application.log
Hi Curt, I agree with you, and that's why long ago we developed our own logging library, which rolls log files, logs to DB and can be configured per web application. Now we are looking to migrating to Log4J, even though we still have to check if it will be worthwhile for us. I had a look at the new logging classes that are being included now in the JDK1.4, and it seems the tendence is to centralise everything, which I don't like. I understand though, that for maintenance reasons it might look very attractive. In our case, log configuration files are always located in the same place /WEB-INF and follow the same name pattern *.logger.conf. We then redirect all the log files to the same directory, which is outside the deployed application directory, and you can have all the log files in one place while you know where everything is configured. Easy to find information, easy to mantain and, as configuration changes are detected in runtime, pretty useful. D. PD: I would also add that IMHO, web app security in the J2EE spec is very poorly defined, as specifying mappings in static files and letting containers implement role-users mappings makes applications rigid and non-portable. But that's another story ;). Curt Smith wrote: Geoff Soutter wrote I've hacked up an Orion Appender to allow you to log to the application.log file, via the Logger instance that Orion installs at java:comp/Logger. Here it is in all it's glory, use it however you wish. Cheers Geoff PS, did anyone figure out if it's possible to get orion to roll it's log files when they get too big? ;-) How about Orion logs to a log4j output device instead of apps logging to Orion's log files? Or did I miss understand this functionality?? Personally I feel the new log4j 1.3 features that make it easier for each application to have it's xml config file in the .war / .ear so that apps can have their own (separate) log files from each other to be a very useful choice. My view of the problem of deploying and supporting a j2ee app is the few features j2ee put in the spec (a big zero) to allow debugging and logging of app, feature, bean operations. I feel we need to drill on the debugging problem until we have a facility that supports logging based on session ID, so that we can follow a particular user's actions and failures across a cluster and set of services. To me, moving to one log file for the universe is the wrong direction? Any opinions? curt
Re: hot redeployment - how to preserve session state?
Hi Peter, We use hot-deployment in production, to be able to update the application without losing all the sessions. But you have to configure Orion explicitly to keep the session state, as it is disabled by default. On the other hand, we also us it during development, but if you update the ear file very often, you usually ends up complaining with an OutOfMemoryException or some sort of decompression problems. So it is not very stable when used very often in a short period of time. That's why we try no to hot-deploy the ears in production very often, as it might cause a kaa-boum. I hope it helps, D. Peter Beck wrote: I tried to use the hot-deploy just for development to not always have to restart Orion and log in. To only have to restart the server when classes change which are stored in the session would be better than on every little change during bug fixing... On this list I read about people using this, and the problem they were talking about most of the time was that classes have to be serializable... Now I tried that with a few objects in the session, and all of them were lost after touching application.xml. Peter Aaron Tavistock wrote: I'm not currently doing hot-deploy, but I've always wonder how it could posibly work given that a serialized class might have the underlying base class changed during hot-deploy (e.g. the classic 'run instance' is different than a 'new instance' problem that java throws a ClassCastException from). Its also theoretically problematic (I'm not sure if instanceof or reflection will work properly). Since this is a very low-level issue (e.g. Java simply doesn't have the facilities to really handle this), how does hot-deply work? The only reliable strategy would appear to be to preserver primatives (since they don't change), maybe preserve 'well-defined' objects (java.util.* is unlikely to change), and discard all the rest. Any thoughts? AT -Original Message- From: Peter Beck [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 7:41 AM To: Orion-Interest Subject: hot redeployment - how to preserve session state? After a forced redeployment of an application on Orion 1.5.3 by touching application.xml my session state seemst to be completely lost. I have set development=true in my global-web-application.xml, and the switch is present in the orion-web.xml in the application- deployment directory. The variables I try to serialize implement the Serializable interface. Some of them are simple JavaBeans, others just Strings. For testing I use a JSP which prints the variables in the session. Before the redeployment everything is there. and when a user is logged in, request.getRemoteUser() gives me the correct user name. After the redeployment session.toString() still gives me the same ID as before, but all variables in the session are gone. Even request.getRemoteUser() == null. What am I missing? Peter
Re: how to allow certain IPs to access my directory
Hi Takeo, Wehn we came across this issue, we wrote our own servlet filter as IP based security is not defined in the JDK spec and then, even if you fin a solution like the one you ask, it will be orion-specific and non-portable. On the other hand, if you write your filter carefully, you can have a pretty flexible tool to do what you want (In our case we define the IP/Hostname masks through an XML document that can be loaded through the network, filesystem...). regards, D. Takeo Kameda wrote: Hi All. This is my first post. I would like to allow only certain IPs to access some of my site. I know that can be done in orion-web.xml using access-mask/ip-access, but I believe it can only be applied to the whole application. What I want to do is to block IPs only to a certain directory. Is there any easy way to do that, like using .htaccess for apache? or, do I have to write my own servlet filter for that? thanks in advance.
Re: hot redeployment - how to preserve session state?
Hi Aaron, We preserve session state through hot and cold deploys with no problem, unless you explicitly change the objects involved in keeping the session state, or any object that is stored in the context. However, it is not impossible to modify these objects while preserving your state, as long as you know how to handle serialisation issues. If you are careful with the classes you put in sessions and the context ( make them serializable and take into account the possible evolution of classes ) then you will minimize your problems. Have a look at the Object Serialization part of the Java SDK Documentation to learn more about that. BTW: The attribute to get persistence to work in Orion is not development=true but persistence-path=../temp/persistence.ser. So your global-web-application.xml should look something like... orion-web-app ... persistence-path=../temp/persistence.ser ... ... I hope it helps, D. Aaron Tavistock wrote: I'm not currently doing hot-deploy, but I've always wonder how it could posibly work given that a serialized class might have the underlying base class changed during hot-deploy (e.g. the classic 'run instance' is different than a 'new instance' problem that java throws a ClassCastException from). Its also theoretically problematic (I'm not sure if instanceof or reflection will work properly). Since this is a very low-level issue (e.g. Java simply doesn't have the facilities to really handle this), how does hot-deply work? The only reliable strategy would appear to be to preserver primatives (since they don't change), maybe preserve 'well-defined' objects (java.util.* is unlikely to change), and discard all the rest. Any thoughts? AT -Original Message- From: Peter Beck [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 7:41 AM To: Orion-Interest Subject: hot redeployment - how to preserve session state? After a forced redeployment of an application on Orion 1.5.3 by touching application.xml my session state seemst to be completely lost. I have set development=true in my global-web-application.xml, and the switch is present in the orion-web.xml in the application- deployment directory. The variables I try to serialize implement the Serializable interface. Some of them are simple JavaBeans, others just Strings. For testing I use a JSP which prints the variables in the session. Before the redeployment everything is there. and when a user is logged in, request.getRemoteUser() gives me the correct user name. After the redeployment session.toString() still gives me the same ID as before, but all variables in the session are gone. Even request.getRemoteUser() == null. What am I missing? Peter
Re: JSP, Frames and Browser reload
Hi, AFAIK, it depends on the browser. When you have frames and hit reload, some browsers refresh the original set of frames and some refresh the current state of the frames. I can't say that one of the options is bad, as both of them can be interpreted as reloading the page. Sometimes one option can be useful, sometimes the other. But I think there's not much that we can do from the server side, unless you get into storing the clients' state in a session value and redirect to the appropriate page when you think you detected a problem like the one you mentioned. You'll have to evaluate if this is such a big problem that you have to invest the effort to control the clients' state. regards, D. Juan Andres Chau Li wrote: Hi, I have a top.jsp with: frameset rows=90, * BORDER=0 frame SRC=%= response.encodeURL(menu.jsp) % id=menu border=0 frameborder=0 framespacing=0 noresize scrolling=no name=menu frame SRC=%= response.encodeURL(main.jsp) % border=0 frameborder=0 framespacing=0 noresize id=main name=main noframes/noframes /frameset Inside main.jsp, there is a link to miapp.jsp, so I can go to it. The problem is that when I reload the browser (F5), instead of loading miapp.jsp, it loads main.jsp. This situation happens in IE 5, but in NS 6 no. Does someone know how to solve it? Is it a browser configuration? Thank you very much, Andres.
Re: Apache/SSL or Stronghold as Orion Frontend
Hi David, We do have a mod_ssl enabled apache in front of our several orion instances and we've had no problems so far. It could be that we have them in the same host, even though they have been for a while in different hosts with no problems at all. Or that we don't specify the frontend portion, as we've had no problems with firewalls or load balancers, and we can forward requests inside our code (I'm pretty sure, as we use a Controller Servlet who forwards lots of requests). good luck, D. David Kenzik wrote: Is it possible to successfully have Stronghold (ssl) proxy requests to a non-ssl Orion on the backend? I can proxy all day long http -- http, but it seems that Orion has no mechanism in the frontend portion to say the protocol is https, not http when you need to do a redirect. If I say port=443 it tries to use http on port 443. This is bad and breaks things. The Stronghold side is trivial with mod_rewrite or mod_proxy, it's just that Orion is failing to use the right protocol when doing redirects, be them internal (to make /foo turn into /foo/) or be it within a Java program. ASCII for those who like visuals: [https://ssl.server/foo] --(rewrite)-- [http://private.orion/foo] Is this possible without setting Orion up with ssl support? Help.
Standalone applications
Hi, In the System.exit(1) thread, I've read that some people was using some auto-executable files to start up some standalone applications, but I haven't been able to find some clear documentation about it. I've tried with the Sun J2EE tutorials and the J2EE spec but it does not get to the details. Is there any place where I can get more specific documentation? And Orion specific documentation? My problem is that I can move my web applications from one host to another very easily, but I have to modify each time the standalone application startup scripts, so I was wondering if there was a standard way to miminize it. I guess you have to use the java tag in the application.xml descriptor... but how do you execute the application, where do you specify properties like the classpath, -D properties... Thanks in advance, D.
Re: How do you shut down orion after it's initialized
Hi James, Is 8080 your HTTP port, specified in your x-web-site.xml descriptor, or is it the RMI port described in the rmi.xml one? It HAS to be the RMI one, as you admin.jar connects through RMI to tell the orion server to stop, so you cannot do it through the port HTTP is used for. regards, D. James Beeson wrote: This is what I get when I start Orion: C:\orionjava -jar orion.jar Warning: Error reading transaction-log file (/C:/orion/persistence/transaction.state) for recovery: premature end of file Forced or abrubt (crash etc) server shutdown detected, starting recovery process ... Recovery completed, 0 connections committed and 0 rolled back... Orion/1.5.2 initialized I immediately opened a new DOS window and did this: C:\WINDOWS\Profiles\James\Desktopcd c:\orion C:\orionjava -jar admin.jar ormi://localhost:8080 admin pswd -shutdown Error: javax.naming.NamingException: Lookup error: java.io.EOFException: Disconnected; nested exception is: java.io.EOFException: Disconnected C:\orion From: Setlur, Atul (MED) [EMAIL PROTECTED] Reply-To: Orion-Interest [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Subject: RE: How do you shut down orion after it's initialized Date: Tue, 18 Dec 2001 11:16:11 -0600 Are you sure you are running this from the directory where orion is installed. Verify admin.jar is in the directory that you are running this script. Alternatively, cd to the orion directory and run it from there. -Atul -Original Message- From: James Beeson [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 9:41 AM To: Orion-Interest Subject: Re: How do you shut down orion after it's initialized I did not have the admin user deactivated (althought that was a good tip- thanks!) When I use the command: java -jar admin.jar ormi://localhost:8080/ admin pswd -shutdown I get: Exception in thread main java.util.zip.ZipException: The system cannot find the file specified at java.util.zip.ZipFile.open(Native Method) at java.util.zip.ZipFile.init(Unknown Source) at java.util.jar.JarFile.init(Unknown Source) at java.util.jar.JarFile.init(Unknown Source) And then Orion is left running. Could that be related to the error it prints out when Orion starts (here it is): Warning: Error reading transaction-log file (/C:/orion/persistence/transaction.state) for recovery: premature end of file Forced or abrubt (crash etc) server shutdown detected, starting recovery process ... Recovery completed, 0 connections committed and 0 rolled back... Orion/1.5.2 initialized But then the app runs fine. I currently don't have a transaction.state file. Why won't it let me shut down Orion? Thanks
Re: Announcement of new doc
Hi Curt, I don't know if it will help you, but we deploy multiple web components inside and orion instance using different .ear. But I guess that if they all had to be inside the same .ear, things wouldn't be that different. What we do is: in file server.xml, we first define the applications and their origin ... !-- mandatory global application -- global-application name=Global path=../Global.ear / !-- extra applications -- application name=Extra1 path=../Extra1.ear / application name=Extra2 path=../Extra2.ear / in file web-site.xml (what by default is default-web-site.xml), we define the mappings to the applications: ... !-- The default web-app for this site, bound to the root -- default-web-app application=Global name=Global / web-app application=Extra1 name=Extra1 root=/extra1 load-on-startup=true / web-app application=Extra2 name=Extra2 root=/extra2 load-on-startup=true / ... And that's pretty much all. Having different .ear for different modules, allows us to update each module independently. And we have an orion instance for every two-three modules, so they are even more independent in case we have to stop an instance (if the DB goes down, for example). Supposedly, if you want the different modules inside the .ear file, you would just define the different web modules (.war files) and their mappings inside the application.xml descriptor, and then define one application in orion. Orion should then extract the information from the descriptor and define the mappings apropriately, or at least that's what I would expect. I haven't verified that, though. Good luck, D. Curt Smith wrote: My 2 cents worth is this is the order of importance of documentation that is needed right now to do REAL professional deployments and developments with Orion/OC4J 1) Orion specific deployment settings explained these are not really explained anywhere right now. My configuration challeng that I haven't figured out is; how to support multiple web components. I'm prefering the expanded tree deployment where I'd have multiple web/WEB-INF/web.xml trees. All need to be in the same restricted single-signon scope. I.E. root/web1/WEB-INF/web.xml /web2/WEB-INF/web.xml The confusion between default-web-site.xml, orion-web.xml, application-name, name ... :-/ Anybody have configuration to share of multiple .ear in one application or multiple web directories?? Thanks and have a great TG holidays, curt
Re: Various levels of security, how do you do it?
Hi Alex, AFAIK, the only things you have when using JSDK specified security are those you mention: Defining roles in web.xml and using isUserInRole() inside your code. We thought it could have done better and we pointed out the shortcomings, like your second option, to the spec guys. They answered that that was right, but as pretty much nobody was complaining about it, they assumed it was a feature that was not required. So we ended up implementing our own security architecture that handles this kind of things nicely. Our system allows you to specify the security requirements per-request, so you can specify a different domain depending on the parameters (like which object the operation is going to be performed upon) and the environment (like which user is authenticated). These settings are specified through interfaces and abstract classes, so it wouldn't be too hard to create a specificacion using them. There are some other shortcomings that forced us to implement our own solution, but I won't get into detail. Sorry about the long answer, the short one that I was told by the spec guys was no, that's everything that you have. regards, D Alex Paransky wrote: We are in a process of developing an application, and are looking for ways to implement security, we have the following requirements: 1. There are operations that certain members cannot perform in general 2. There are operations that certain members cannot perform relative to an object (owner vs non-owner) What are some of the mechanims that you are using to deal with these problems. I assume, in the first case you can use deployment descriptor. Also isInRole query can be made to determine if particular option should be shown to the user during the .JSP processing. The second option is a bit more difficult to implement, since a particular user can be an owner of some objects but not others. How can this requirement be implemented? Thanks. -AP_
Re: Monitoring web apps
Hi David, We don't have a sophisticated system, but it works well for us. What we do is put an Apache web server, acting as a proxy, in front of the orion server. Then, in the proxy configuration you can specify a redirect page in case something goes wrong, and we use it to redirect to a SSI script that determines which application is down and which page should be shown as an error message. This way you show automatically an error message, just by shutting down orion or by returning a 500 code from your application. I hope it helps, D. David Pérez Villanueva wrote: Hi! We have several applications running in an Orion web server. Our server is allocated in a hosting corporation. They have a program that queries our PCs with an url , calling us if there is the word 'error' (or similar) in response. What is the problem? We need something that will check our applications and will build a html page (or plain text, or anything) with the check result. Does anybody know any good software to do this? (We have two PCs: one with Windows 2000 server and another with Linux). Thankyou for your support.
Re: Monitoring web apps
Hi Eddie, Here it goes: .- Environment - An apache web server configured with mod_proxy and SSI, running in port 80. Several orion instances with applications running in other ports. .- in httpd.conf - ... VirtualHost _default_:80 ProxyVia On # Proxy configuration for the different applications # Application X ProxyPass /nameX http://hostx.com:portX/nameX ProxyPassReverse /nameX http://hostx.com:portX/nameX # Application Y ProxyPass /nameY http://hostx.com:portY/nameY ProxyPassReverse /nameY http://hostx.com:portY/nameY # Error configuration for the Cannot establish connection case ErrorDocument 502 /SSIErrorHandler.shtml /VirtualHost ... .- Then the SSIErrorHandler.shtml looks like - !-- Define application paths -- !-- Define the path for application X -- !--#set var=appX value=/^\/nameX/ -- !-- Define the path for application Y -- !--#set var=appY value=/^\/nameY/ -- ... !-- Check which was the redirected path and include the appropriate error page -- !-- If the original url was from application X -- !--#if expr=$REDIRECT_URL=$appX -- !-- Include the app X is not running, sorry error page -- !--#include file=localApacheDirX/index.html -- !-- If the original url was from application Y -- !--#elif expr=$REDIRECT_URL=$appY -- !-- Include the app Y is not running, sorry error page -- !--#include file=localApacheDirY/index.html -- !-- Error in an application with no specific message defined -- !--#else -- !-- Include the this app is not running, sorry error page -- !--#include file=localApacheDirCommon/index.html -- !--#endif -- And that's pretty much all. Just some catches: .- In the Error pages, ALL the links have to be absolute and start with a different name than the proxied path. Otherwise you get an infinite loop between the proxied page and the error page. So make sure that nameX and localApacheDirX are ALWAYS different and that all links in localApacheDirX/index.html start with /localApacheDirX or http://. .- If inside the applications you want to get the real remote IP instead of the proxy one, then you can use, for example, the mod_proxy patch written by Bjoern Hansen which includes the original IP in an http header (X-Forwarded-For). We used it because we needed to implement IP based security restrictions, which are not defined in the JSDK spec. We also used this IP based security restrictions to prevent acces to the applications by-passing the proxy, which is very important with SSL protected applications. .- It also works with ssl. .- To improve performance, you can also use the apache proxy as proxy-cache, to get the static content faster, but then be careful not to allow it to cache the dynamic pages you don't want to be cached. And make sure you have enough disk space ;). .- We haven't specified and ErrorDocument directive for the code 500 (internal server error) because we wanted to be able to see this kind of messages, but you can put it later on to show more graceful messages. .- We use SSI to define the error hanlding page, but you could use a JSP if you wished. We just did it to have a light weight proxy with no special add ons. I hope it helps, D. Eddie wrote: Daniel, The way you do this with Apache sounds very nice. I like to know how you configure Apache to redirect to another page when something goes wrong. Could you submit a little example please ? Eddie - Original Message - From: Daniel López [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Monday, November 12, 2001 2:23 PM Subject: Re: Monitoring web apps Hi David, We don't have a sophisticated system, but it works well for us. What we do is put an Apache web server, acting as a proxy, in front of the orion server. Then, in the proxy configuration you can specify a redirect page in case something goes wrong, and we use it to redirect to a SSI script that determines which application is down and which page should be shown as an error message. This way you show automatically an error message, just by shutting down orion or by returning a 500 code from your application. I hope it helps, D. David Pérez Villanueva wrote: Hi! We have several applications running in an Orion web server. Our server is allocated in a hosting corporation. They have a program that queries our PCs with an url , calling us if there is the word 'error' (or similar) in response. What is the problem? We need something that will check our applications and will build a html page (or plain text, or anything) with the check result. Does anybody know any good software to do this? (We have two PCs: one with Windows 2000 server and another with Linux). Thankyou for your support.
Error restoring application state
Hi, Lately I'm getting this error when I update my web applications and hence the application state is not restored and I lose all my sesions. The complete error message is: --- Error restoring application state: java.io.WriteAbortedException (Writing aborted by exception; java.io.NotSerializableException: com.evermind.server.http.HttpApplication) --- It might be that I'm storing a reference to some object that cannot be serializable, but it used to work and I can't see the problem. Besides, the problem comes from an orion internal class so I don't know where to start looking. Is there any way to get a more detailed error message? Has anybody come across this message before? Any hits? Thanks in advance?, D.
Re: Stored procedures and J2EE
Hi, I think I might add our 2c, even though they are completely against the trend ;). In fact, we don't use EJBs at all, unsing instead Stored Procedures to perform the business logic. When we started, EJB was an, IMHO, inmature technology that forced people to write lots of intermediate classes to get to the point, it forced you to write vendor dependent code, it had a everything is remote philosophy that was pretty inconvenient and good god! it didn't even took into account relationships between tables! After testing EJB with some projects, we dropped it because the tediousness of typing so much code, the need to write embedded SQL or use vendor dependent features and the development cycle of using EJB, which we don't actually enjoy. We ended up using XML, and even though we can generate it from anything that we please (action classes, JSP, even EJB, if we please) we use, most of the time, stored procedures to generate it. Why? Because it's the place closest to the database, so it travels with it, you have compile-time dependencies between your code and the database schema and you have the appropriate tools to acces/manipulate the database. In case we want/need to do some special pre-/post-processing, then Java comes to the rescue and it is used to further refine the request/response. Besides, that means our business logic, based on XML, is independent of ever changing standards and interfaces. We are quite happy with it, and it has also allowed us to divide the work pretty nicely, as I have had some people working on the project, programming the business logic, who didn't know a single word about Java, HTML or the like. And our designer doesn't know what is a table, a bean, the context or anything like that. Warning!! I'm not saying that this is a universal solution and that EJB should be dropped. No. I'm just saying that they are not the only solution and that sometimes, for example in our case, using stored procedures is better for our overall development. We know we might lose some performance in some cases, but we prefer the easiness of development and the independence of our code. Just my 2c, D. PD: I follow the EJB spec anyway, and I know EJB2.0 solves partially some issues that where some of the reasons why we dropped it, but I for us it's still too little to late.
Re: Orion and JMS: javax.naming.NameNotFoundException]
Hi Kesav, Thank you very much for your help, it was as simple as that. Thanks again, Dan Kesav Kumar wrote: If you want to get any resource in your Servlet/jsp you got define resource-ref in your web.xml. One basic information as long as you are in the same container you don't need any parameters to JDNI context. You need jndi.properties only when you try to access from outside the container. Your servlets/jsp/ejb/applicationclient are in the same orion container so in all these components you can directly get JNDI context by Context ctx = new InitialContext(); As long as you are in the same container there is no need for jndi.properties. Regarding the JMS you got define resource-ref in your web.xml. Any container resource of ejb resource you want to use in web tier i.e in servlets/jsp you have to define resource-ref and ejb-ref correspondingly. For JMS which is a resource so you have to declare resource-ref in your web.xml like the following. resource-ref res-ref-namejms/theQueueConnectionFactory/res-ref-name res-typejavax.jms.QueueConnectionFactory/res-type res-authContainer/res-auth /resource-ref resource-ref res-ref-namejms/myQueue/res-ref-name res-typejavax.jms.Queue/res-type res-authContainer/res-auth /resource-ref Inside your servlet/jsp for connection factory lookup for jms/theQueueConnectionFactory and for queue lookup for jms/myQueue. snip...
Re: Orion and JMS: javax.naming.NameNotFoundException]
(); qConnect = null; qSession = null; qSender = null; requestQ = null; if (tConnect != null) tConnect.close(); tConnect = null; tSession = null; publisher = null; requestT = null; } catch (JMSException jex) { throw new IOException(MessageSender: writeObject: + jex.getMessage()); } } protected String queueName = null; protected transient QueueConnection qConnect = null; protected transient QueueSession qSession= null; protected transient QueueSender qSender = null; protected transient Queue requestQ = null; protected String topicName = null; protected transient TopicConnection tConnect = null; protected transient TopicSession tSession= null; protected transient TopicPublisher publisher = null; protected transient Topic requestT = null; } You will need to define the JNDINames interface with the appropriate values for its attributes. Then any class that needs to send messages can extend MessageSender and use the appropriate attributes This works for me. Let me know if you still have problems or questions Dave -Original Message- From: Kesav Kumar [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 22, 2001 3:17 PM To: Orion-Interest Subject: RE: Orion and JMS: javax.naming.NameNotFoundException] If you want to get any resource in your Servlet/jsp you got define resource-ref in your web.xml. One basic information as long as you are in the same container you don't need any parameters to JDNI context. You need jndi.properties only when you try to access from outside the container. Your servlets/jsp/ejb/applicationclient are in the same orion container so in all these components you can directly get JNDI context by Context ctx = new InitialContext(); As long as you are in the same container there is no need for jndi.properties. Regarding the JMS you got define resource-ref in your web.xml. Any container resource of ejb resource you want to use in web tier i.e in servlets/jsp you have to define resource-ref and ejb-ref correspondingly. For JMS which is a resource so you have to declare resource-ref in your web.xml like the following. resource-ref res-ref-namejms/theQueueConnectionFactory/res-ref-name res-typejavax.jms.QueueConnectionFactory/res-type res-authContainer/res-auth /resource-ref resource-ref res-ref-namejms/myQueue/res-ref-name res-typejavax.jms.Queue/res-type res-authContainer/res-auth /resource-ref Inside your servlet/jsp for connection factory lookup for jms/theQueueConnectionFactory and for queue lookup for jms/myQueue. - Original Message - From: Daniel Lopez [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Wednesday, August 22, 2001 8:48 AM Subject: [Fwd: Re: Orion and JMS: javax.naming.NameNotFoundException] Hi (third try to the list, first ones didn't make it), I haven't got a single answer, so I'm wondering if nobody is using Orion JMS or this mailing list is playing funny with me. Has anybody configured and used Orion JMS? Could somebody please elaborate on the steps necessary to get this thing working? Thanks in advance, D. Daniel López wrote: Hi, I know this topic has been discussed a lot in here, but I haven't been able to find the answer in the archive or in the documentation. The problem is: I decided to have a go with JMS but I can't even start to play with it, as all I get is javax.naming.NameNotFoundException. These are the steps I have followed: .- Configure server.xml with the following line: ... jms-config path=./jms.xml / ... .- Configure jms.xml with this content: jms-server port=9127 host=localhost queue-connection-factory location=jms/QueueConnectionFactory/ queue name=Demo Queue location=jms/demoQueue descriptionA dummy queue/description /queue log file path=../logs/jms.log / /log /jms-server .- Add jndi.properties to my application's classes(WEB-INF
Re: Orion and JMS: javax.naming.NameNotFoundException]
Hi Michael, I apologize if any of the facts that I exposed on my mail seemed to you to be a complain. My intention was to explain that I had sent two messages to the list that I had not seen, just to warn people so if they got too copies, they would know it was not intentional. And the second part to let people know that I was not sure whether nobody was reading my messages, or no one was actually using Orion JMS. I the way I expressed it offended you, I apologize but I don't think it deserved such a harsh response. regards, D. Michael J. Cannon wrote: What browser/MTA? Alos check the Oracle knowledge bank on OTN.oracle.com The server is up, the server is down...so what? Your messages eventually make it here and you eventually get an answer. You didn't pay anything for your answer, so quit complaining, or go to a support company (or switch and get a slower server or pay upwards of USD$6000 minimum for it. Your problem is that JMS and the agents for it aren't yet mature and, besides commercial ISVs, few use the libs. Try the Sun and usenet lists, If you're having probs w/ Orion's JMS, perhaps you should try JBoss (slower) or Jakarta's or the Sun RI. Michael J. Cannon
Orion and JMS: javax.naming.NameNotFoundException
Hi, I know this topic has been discussed a lot in here, but I haven't been able to find the answer in the archive or in the documentation. The problem is: I decided to have a go with JMS but I can't even start to play with it, as all I get is javax.naming.NameNotFoundException. These are the steps I have followed: .- Configure server.xml with the following line: ... jms-config path=./jms.xml / ... .- Configure jms.xml with this content: jms-server port=9127 host=localhost queue-connection-factory location=jms/QueueConnectionFactory/ queue name=Demo Queue location=jms/demoQueue descriptionA dummy queue/description /queue log file path=../logs/jms.log / /log /jms-server .- Add jndi.properties to my application's classes(WEB-INF/classes), with the following content: java.naming.factory.initial=com.evermind.server.ApplicationClientInitialContextFactory java.naming.provider.url=ormi://localhost/ java.naming.security.principal=admin .- Then in my servlet, I just try to see if the objects are there: ... Context ctx = new InitialContext(); QueueConnectionFactory queueConnectionFactory = (QueueConnectionFactory) ctx.lookup(java:comp/env/jms/QueueConnectionFactory); // Exception is thrown in the line above ... The facts: .- JMS Server seems to have been started, as I can see the jms.log file and reads (Date 1.4.5 Started) .- I have tried with various names, with and without java:comp/env, and with various methods (list, listBindings...) with no look. I cannot get a single object to be looked up. .- Platform is WinNt 4.0, JDK1.3.0-c hotspot, Orion 1.4.5 (I also tried 1.5.2 with the same results) So, what have I forgotten to do? It seems like I just forgot to do some essential step. I tried to find the JMS how to by Kesav Kumar but I couldn't find it. Anybody, please? Thank you in advance, D. PD: On a side note, I have seen man people trying to use external JMS providers with Orion, is that so because Orion JMS is buggy? Would it be better to use some external tool like OpenJMS or so? I had thought it would be nice to have everything in the same place, this way you just have to take care of one server. Comments? -- --- Daniel Lopez Janariz ([EMAIL PROTECTED]) Web Services Computer Center Balearic Islands University ---
Re: multiple instances of a servlet?
Hi Ville, Do you, by any chance, have different names defined for your controller servlet in the web.xml file? I also have my own ControllerServlet framework and I just have a single instance, unless I define more than one name for the same servlet. If you define different web applications you would also have different instances, even if you use the same name, so have a look at your web.xml files to see if the problem is in there. Just my 2ec, D. Ville Rinne wrote: Kevin, let me know how your tests came out. I did some more testing myself and I found it strange that when I created a specific simple test-servlet for this case I didn't manage to get more than one instance of it created. I'll do some more testing tomorrow but there is definitely something strange going on. Obviously the amount my testservlet takes to complete a request is smaller than the amount of time my request-controller takes but at this point I honestly don't have a clue :P Anyhow, since servlets aren't synchronized in any way by default, how would it increase performance even if there was more than one instance of them in existance? cheers, Ville Rinne Of course it isn't a huge problem On Tue, 7 Aug 2001, Duffey, Kevin wrote: Keep in mind that every app server is allowed to implement the spec in their own manner. It does sound peculiar, but it is very possible that Orion gets its performance by pooling a few servlet instances even without the single threaded model. I don't know for sure, but that seems logical. By having even two or three instances, it could increase the ability to handle ore requests..although myself I thought that a single instance would be plenty fast to have literally thousands of requests per second hit it. Each time a request comes in, the container should create a new thread for that request then send it on its way to the servlet instance. A PIII600 system can run over 1billion instructions per second. Figure that with the JVM interpreter, your code and any resources, you should still be able to iterate thousands of requests per second, unless object creation in a servlet (and depending on what it is doing) slows things down. The one factor I am not sure of is how many threads a JVM can handle at one time. I have heard of single servers handling 1000's of hits per second, and if each request goes to a JSP or servlet, that should equate to one new thread per request..even if the session id is the same (for example, the user somehow opened a new window from the browser window..and could possibly submit two (or more) requests at the same time). At any rate, it sounds to me like perhaps either there is a bug, or that Orion is doing this pooling automatically to increase performance. Interesting though..I will now check out to see if my MVC framework does the same thing. -Original Message- From: Ville Rinne [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 07, 2001 7:59 AM To: Orion-Interest Subject: multiple instances of a servlet? We've implemented the request-controller pattern using a servlet as the entry-point of all our jsp-pages. For some reason Orion creates multiple instances of this servlet even though it isn't implementing SingleThreadModel and there isn't anything peculiar about it. I have the servlet printing to System.out every time init() is run and every time it receives a request, it also prints the memory address of the instance that's handling it. For some reason with this servlet there are multiple instances (up to 3 so far) that handle these requests. There doesn't seem to be any larger logic in which instance gets to handle the request. It's not a problem per se but I just find it rather strange since I assumed that only one instance of a servlet would be created. Anyone else ran into this ? cheers, Ville Rinne
Re: getRemoteAddr() - APACHE as proxy !! HMMMMM
Hi Eddie, It works for me because I'm not replacing the original address. As I have my own authentication routines, I check the X-FORWARDED-FOR header when it is available, else the usual one. So I never tried to do what you are trying to do, hence I can't help you much, I'm sorry about that. On the other hand, you might try to get in touch with the author of the module, Ask Bjoern Hansen([EMAIL PROTECTED]). He was the one who kindly pointed me to the URL I gave you and he was quite helpful. But if you are trying to do what I think, you might have run out of luck. If you change the original IP inside Apache with mod_perl, or any other module, this doesn't mean that the Orion server will use it when creating the request object. Orion has its own way of constructing the request and it probably uses the IP of the originating call to it, the proxy in this case. To be able to change the way the request is constructed, you should have access to the orion source, as somebody else pointed out, or you might ask the Ironflare guys to add this feature. From the Java point of view, somebody has to read the X-FORWARDED-FOR header IN THE ORION SIDE and take into account, because from the Apache side, you cannot influence the way the Java requests are built on the orion side. If you could modify the request somehow, this would be a nice job for a JSDK2.3 filter. Good luck, D. Eddie wrote: Daniel, Thanks for you solutionit almost works... ;) I installed the module and indeed I do get the X-FORWARDED-FOR name as header with the client's ip address. --- HEADER NAME: X-FORWARDED-FOR HEADER value: 10.0.0.62 I only have problem using a perl handler to replace the ip address that java reads (in the header) with the above header (Until now I only did simple things with mod_perl). I tried it like the example in the source code of the mod_proxy_add_forward suggested: including a subroutine in the startup.pl script and calling it with an PerlPostReadRequestHandler.. Hoewer this doesn't work. I tried some other stuff but... no luck.. Can you tell me who you did this ?? what did you put in you httpd.conf ?, what script did you use ? and where did you put it ? Thanks, Eddie - Original Message - From: Daniel López [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Wednesday, June 06, 2001 7:49 AM Subject: Re: getRemoteAddr() - APACHE as proxy !! Well, I have some partially good news: There is a way around that using Apache. I'm also using it as a proxy, to concentrate all the services on the standard HTTP port while keeping different Orion instances running, and as some of our security requirements take into account the IP from the client, so I run onto the same problem. I queried the mod_proxy list and I got a patch that includes, as an extra HTTP header, the client original IP. This solves the problem for our own custom authentication, as we check first if this header is available or not, if it is, then we check the IP agains this value. The problem here would be if you use some authentication mechanism that you cannot modify so it checks for this extra header. Here it is, the URL I was given and from where you can download the patch: http://develooper.com/code/mpaf/ I hope this helps, D. elephantwalker wrote: Andre, Sorry, but the loadbalancer.jar has the same problem. For example, the access logs for the various orion servers only report the ip of the loadbalancer...not very interesting. Regards, the elephantwalker -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Andre Vanha Sent: Tuesday, June 05, 2001 12:55 PM To: Orion-Interest Subject: RE: getRemoteAddr() - APACHE as proxy !! I've run into the same problem. I don't think there is any way around this, since the Apache module is a simple proxy. It would be necessary to improve the Apache plugin to send some extra headers, and then have orion interpret them. However without an open API through which to construct the HTTP requests coming into orion, you would have to interpret these headers in your own code. One possible avanue is Orion's load balancer. I haven't had a chance to test it, but does it suffer from the same problem? It may already have an API that allows it to pass through the original IP address (and other info) to the actual server, which could be emulated by a web server plugin. Andre -Original Message- From: Eddie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 05, 2001 10:30 AM To: Orion-Interest Subject: Re: getRemoteAddr() - APACHE as proxy !! OK, In the meantime I found out what is wrong: I am using apache as a proxy server, and therefore I do get the IP address of the server. How can I overcome this ?? Such that getRemoteAddr() does return the client's IP
Re: getRemoteAddr() - APACHE as proxy !!
Well, I have some partially good news: There is a way around that using Apache. I'm also using it as a proxy, to concentrate all the services on the standard HTTP port while keeping different Orion instances running, and as some of our security requirements take into account the IP from the client, so I run onto the same problem. I queried the mod_proxy list and I got a patch that includes, as an extra HTTP header, the client original IP. This solves the problem for our own custom authentication, as we check first if this header is available or not, if it is, then we check the IP agains this value. The problem here would be if you use some authentication mechanism that you cannot modify so it checks for this extra header. Here it is, the URL I was given and from where you can download the patch: http://develooper.com/code/mpaf/ I hope this helps, D. elephantwalker wrote: Andre, Sorry, but the loadbalancer.jar has the same problem. For example, the access logs for the various orion servers only report the ip of the loadbalancer...not very interesting. Regards, the elephantwalker -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Andre Vanha Sent: Tuesday, June 05, 2001 12:55 PM To: Orion-Interest Subject: RE: getRemoteAddr() - APACHE as proxy !! I've run into the same problem. I don't think there is any way around this, since the Apache module is a simple proxy. It would be necessary to improve the Apache plugin to send some extra headers, and then have orion interpret them. However without an open API through which to construct the HTTP requests coming into orion, you would have to interpret these headers in your own code. One possible avanue is Orion's load balancer. I haven't had a chance to test it, but does it suffer from the same problem? It may already have an API that allows it to pass through the original IP address (and other info) to the actual server, which could be emulated by a web server plugin. Andre -Original Message- From: Eddie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 05, 2001 10:30 AM To: Orion-Interest Subject: Re: getRemoteAddr() - APACHE as proxy !! OK, In the meantime I found out what is wrong: I am using apache as a proxy server, and therefore I do get the IP address of the server. How can I overcome this ?? Such that getRemoteAddr() does return the client's IP address in my servlets. Eddie - Original Message - From: Eddie mailto:[EMAIL PROTECTED] To: Orion-Interest mailto:[EMAIL PROTECTED] Sent: Tuesday, June 05, 2001 2:12 PM Subject: getRemoteAddr() Hellu there, If I use getRemoteAddr() to get the IP address of the client the makes the servlet requests it return the IP address of the server ?? (also getRemoteHost() returns the server name). Any idea how come ?? I am running jdk 1.3 and the servlets run on the application server Orion 1.5.1 (OS: Linux redhat 7.0) (I can remember that a JSP on JSERv on apache didn't had this problem, so I quess it's Orion .. not ??) Eddie
Using JAAS for authentication (Was: bugs in @page extends=...)
Hi Joni, That sounds pretty interesting, however, I still have some doubts. Let's see: .- Where do you get the user from (the one you use with user.getSubject()). Can these users be specified dynamically through a standard interface? Or do they have to be specified in a container specific way? .- Can the policy file be specified on a per web application basis or does it just exist one policy file for the whole system? This way I could specify the security of my applications independendently. And could this information be extracted from a database/URL instead of a system file? Just curious to see how I could use this standard API without losing all the flexibility and dynamicity that I've already accomplished with my own implementation. Regards and thanks for the info, D. Joni Suominen wrote: Hi Daniel, JAAS is not necessarily tied to the OS user. Actually you can tie it to the OS user by using proper login modules which can authenticate if a user is already logged into an OS. However, in a true Java spirit, JAAS is much more generic. In fact it is just a framework to implement versatile authentication and authorization schemes. For instance, I authenticate user's against a relational database (some might use LDAP). The JAAS provides abstractions to represent user's identity and permissions. It also provides algortihms to check if configured security policy implies certain permission. Some sample code: PagePermission pagePermission = new PagePermission(admin); PermissionCollection pc = Policy.getPolicy().getPermissions(user.getSubject(), null); if (pc.implies(pagePermission)) { // authorization succeeded... } else { // authorization failed, the current user don't have a permission to view a page on this domain. } Then on policy file I might have: grant Principal org.shiftctrl.framework.security.SCGroupPrincipal admin { permission org.shiftctrl.framework.security.permissions.PagePermission admin; }; This way it is easy to implement multiuser Java applications where accesses are controlled on per-user or per-group level. JAAS is also integrated to the JDK 1.4, like the new logging API you mentioned. -- Joni [EMAIL PROTECTED] snipped...
Re: Setting up a new web-application
Hi Kevin, Kevin Jones wrote: I'm using Xalan 2 in my framework and I've had the same problem with pretty much all the containers that I've tried playing with. With Orion, substituting xalan.jar and xerces.jar in the Orion directory did the trick for me in 1.4.*. This is an ugly hack though :-) If another app using the same server and relies on Xalan-1 functionality, they're screwed. I know, I know, and it also breaks our application atomicity as it is not enough to pack our applications in .ear files, we also have to make sure Xalan 2 is manually installed in the container :(. But we jumped to JAPX as soon as it implemented the TRaX API to finally become independent of the XSLT processor and as all our applications use the same XML/XSLT framework, based in JAXP and TRaX... We've run into some troubles with some external applications but in this case, I'd rather have another orion instance with another classpath than downgrading my whole framework to become parser-dependent again. I hope JSDK2.3 allows us to get rid of this ugliness with Resin and I never tried with Tomcat. Tomcat 4 fixes this (mostly) Mostly? That sounds scary! ;) (Warning! Warning! that was meant to be a joke ;) ) The problem seems to be something like the first XML library to be used is the one to be used for everything and as all the containers have nowadays XML configuration files and use an XML parser as soon as they start up, then the XML library that is used is the one that the container uses, Yes, sort of. The problem is that the same classloader used by your web-app can also 'see' the global 'classpath ' set by Orion, and, as classloaders delegate, when the web-app CL tries to use an XML parser, or Xalan or something that is shared then the 'global' one gets used first. I see. I guess that's the reason why the 2.3 spec says talks about application classpath taking precedence over the global one. hence the need to put your desired library in the global CLASSPATH. This can lead to problems that can't be solved, if the container and your application can only use incompatible versions of a parser. As somebody mentioned, That was me I think JSDK 2.3 tries to solve this, specifically, Point SRV.9.7.2 Web Application Classloader (Page 63 JSDK2.3 PFD2) states: ... It is recommended, however, that the application classloader be implemented so that classes and resources packaged within the WAR are loaded in preference to classes and resources residing in container-wide library JARs. Yes, we put this in because of these sorts of problems. Oh, so you are one of them ;). You can bet everybody will appreciate it if you can specify things so this issue is solved. From my experience, this is number one source of problems when using todays containers (not talking about code bugs or similar problems). Now that we are at it. Have you thought about improving security so the mappings are a bit more dynamic and that user-role mapping is not container-dependent? These are the reasons that lead us to develop our own library but I would have lived happier if I needn't have to do it. Thanks for your comments, D. --- Daniel Lopez Janariz ([EMAIL PROTECTED]) Web Services Computer Center Balearic Islands University --- Kevin Jones DevelopMentor www.develop.com
Re: SV: SV: proxying orion with IIS or iPlanet Web Server
Hi Patrick, We thought about that and that is a possibility but we haven't got yet to the failover setup. The possibility we are studying is to cluster the application servers behind the proxy and let the proxy be as simple as possible. The failover would be in this case, transparent. Another possibility would be to let the SSI script issue a redirect to another place, but this would mean an external redirect (not transparent to the user). If you want this thing to be transparent, you would have to modify the Apache configuration to modify your proxy settings to point to the new location. I haven't tried but I'm not sure this can be done dynamically . That's what we do manually when we modify an application server location but I wouldn't call this failover ;). In the end, you would be kind of replicating, through Apache and SSI, what container-clustering is already supposed to give you so... why? Next step I want to try is to use the proxy also as a cache for static content, hence improving the speed of the content that doesn't need to be dynamically generated. I already tried but I have to find the proper settings as it is caching more than what I need. Then we would just have the extra trip for the dinamically generated content. Dan Patrik Andersson wrote: Ok, very interesting to hear ways to setup large applications. But in other words, the SSI script that shows the For maintenence reasons... message could also be used as some kind of fail over? Patrik -Ursprungligt meddelande- Från: Daniel López [mailto:[EMAIL PROTECTED]] Skickat: den 30 maj 2001 15:15 Till: Orion-Interest Ämne: Re: SV: proxying orion with IIS or iPlanet Web Server Hi Patrick, I agree with you, in our case we are using Apache as a proxy for other reasons. One reason is that the Apache SSL certificate that we have doesn't work with Orion (quite easy to fix) but the main reason is that we use several instances of Orion, one per set of related applications, and we use the proxy to concentrate/redirect the traffic from the port 80 to the appropriate application port. This way we have one single point of failure, the proxy, but orion instances are independent of each other and we can start/stop/move them without bothering the other applications. Besides, we also have an SSI script inside the proxy that, in case an application server is down, redirects the request to the appropriate For maintenance reasons... page. Right now the proxy and the orion instances are, some of them, in the same host, but in the future I guess they won't be as next step for us is clustering. Anyway, no Tomcat anywhere and no plans for it, at least as it is now. We are quite happy with this set up, but we are in a situation were our main worry is not speed, so we don't care about the small extra trip between the proxy and the orion instance, but the number of applications. With hot deployment you are supposed not to have to stop the orion server but sometimes... Just my 2ec, D. --- Daniel Lopez Janariz ([EMAIL PROTECTED]) Web Services Computer Center Balearic Islands University --- Patrik Andersson wrote: Just for the sake of asking, why do you have tomcat serving jsp/servlets and orion serving ejbs if they're both running on the same machine? For me, that sounds like asking for extra maintenance trouble. And another thing, from having one single point of failure you now have 3. If either one if these three applications decide to call it a day your whole application dies and that goes for having two machines running different software aswell. Why not use two or three machines all running orion and having them split the workload by clustering them? regards, Patrik snipped for brevity
Re: bugs in @page extends=.... in Orion implementation?
Hi Robert, Let's see, we follow two different aproaches to get to the XML. If we are using Oracle, we pretty much always do, we produce XML directly from PLSQL using some sentences like that: ... for v_user in cursor_users(condition) loop XMP.P('USER'); XMP.P(' CODE=' || v_user.Code || ''); XMP.P(' NAME=' || v_user.Name || ''); XMP.P('/'); end loop; ... The result is then forwarded to an XSLT processor (TRaX API compatible) that produces the HTML. Precompiled XSLT sheets are cached so performance is greatly improved. If we are not using Oracle, or we need to use some Java, then we format the XML using JSPs like that: %@ taglib uri=/leafTag.jar prefix=leaf % leaf:XSLEval xsltSheetName=%= getXSLTName() % ... % for(int i = 0; i users.length; i++) { % USER CODE=%= users[i].getCode()% NAME=%= users[i].getName()% / % } % ... /leaf:XSLEval After the XML has been produced, the XSLEval tag passes its body to the same XSLT processor as above and then result is substituted by the HTML result. PLSQL-generated XML can be also included inside the JSPs with another tag, in case of need. As it uses the same XSLT processing facilities, PLSQL-generated XML and JSP-generated share the XSLT cache. That's basically how we do it. We are not using EJB as programming/mantaining the database code in PLSQL is like heaven, compared to programming it with Java. We might get to use them but if we do, we will format them with JSPs or pseudo-generate it with introspection. It's not perfect and not every like it but we are quite happy with it and we have implemented around a dozen applications with the system so far. If your question was specifically about the HTML produced from the XML, it's exactly the same that it would be produced with a JSP, or by hand. The result is exactly the same. It's the way to accomplish it that is different. We though that, instead of creating a huge library of taglibs that perform loops, conditionals, basic operations..., it would be much simpler to use XSLT that already has all these features and allows you to easily reuse them. And it is also a standard with several implementations available so... regards, D. Robert Nicholson wrote: Can you elaborate on how you are using XSL and XSLT ... I assume you're using Tag libraries but can you show an example of HTML markup derived from XML? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Daniel Lopez Sent: Wednesday, May 30, 2001 6:05 AM To: Orion-Interest Subject: Re: bugs in @page extends= in Orion implementation? Hi, I've also used filters, but in this case to filter requests by IP, as I don't want certain IP's to be able to access certain URLs. On the other hand, I implemented security, logging and other features inside my own servlet Controller, following a Model 2 approach. I thought about externalizing this services as filters, but that would mean that the web.xml file will grow too much and that I would have to put too much things in the request object each time. It's not that I've discarded the idea, but I don't see any compelling reason to implement everything as filters. We don't use servlets, but ONE controller servlet and action classes and we use JSP as view-only, creatures (actually, we seldom use them as we use XML/XSLT), so as anyway all the requests go through my controller servlet... We implemented IP filtering as a filter because we also wanted to use it in other applications, as well as with static content. Just my 2c, D. --- Daniel Lopez Janariz ([EMAIL PROTECTED]) Web Services Computer Center Balearic Islands University --- Marcel Schutte wrote: Hi Randahl, I've used a filter to do gzip encoding for specific file types. Starting with the tutorial at http://www.orionserver.com/tutorials/filters/lesson5/, I've changed some things to get the hang of it and also to reduce the amount of buffering used. It works fine, haven't had a problem with this (intranet)site. The beauty of filters is that they are completely independent from your application, just edit your web.xml and you are set. Let me know if you wnat some more info. Marcel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Randahl Fink Isaksen Sent: Wednesday, May 30, 2001 9:39 AM To: Orion-Interest Subject: RE: bugs in @page extends= in Orion implementation? Hi Marcel I looked it up, and I definately see your point about the filter mechanism. Have you any experience with this on Orion? Does it work well? And what have you used it for? Of course if anyone else have tried it out, I would very much like to hear from you too. Yours Randahl -Original Message-
Re: bugs in @page extends=.... in Orion implementation?
Hi Joni, I agree it can be done. My situation is that I just don't log requests but I can log everything that happens in the environment, security settings, internationalization issues, XML/XSLT performance... so my logging code is tightly integrated with the framework and I can control it from a single point. I could use a filter to check things before the request is served, but as the rest of the parts are going to use it, what do I win by externalising it. Anyway, I hope to be able to discard this part of the environment as soon as JDK1.4 logging features become a reality. With security is more or less the same, we implemented our own security library because we are not satisfied with the standard and we don't want to get container specific. I agree I could externalise this as a filter but I wouldn't really win much, as it is also quite tightly integrated with the rest of the things. IMO, things that are standard and can be switched on/off and replaced with another implementation without a hitch are candidates to be externalised, otherwise, it's not that it cannot be done with filters, it's that I don't see a big win in doing so. Of course, that's my situation because I can control the MVC 2 implementation and I can tightly integrate these parts. Just a question. I thought JAAS was used to control if the OS user that was executing the Java code was/was not allowed to perform such execution. If the OS user that executes the servlet code is supposedly always the same, how is this thing related to the application user that performs the request? I didn't think this standard could be used for that, if it is, I might go for it ;). regards, Dan Joni Suominen wrote: Hi! I have implemented these features as externalized filters. The reason for this was that I use a MVC 2 product which is developed independently (Jakarta Struts http://jakarta.apache.org/struts/). Like Marcel said the beauty of filters is that they are independent from the rest of the application. The filters allow me to plug in these services to the application without any integration code. So, I have a LogFilter which logs the requests using log4j (http://jakarta.apache.org/log4j/). After that there's an AuthorizationFilter which checks if the current user has priviledges to execute the request. AuthorizationFilter utilizes the forthcoming Java Authentication and Authorization service (http://java.sun.com/products/jaas/). All in all, I have a pretty flexible system with a very little own code. Joni [EMAIL PROTECTED] Daniel López wrote: Hi, I've also used filters, but in this case to filter requests by IP, as I don't want certain IP's to be able to access certain URLs. On the other hand, I implemented security, logging and other features inside my own servlet Controller, following a Model 2 approach. I thought about externalizing this services as filters, but that would mean that the web.xml file will grow too much and that I would have to put too much things in the request object each time. It's not that I've discarded the idea, but I don't see any compelling reason to implement everything as filters. We don't use servlets, but ONE controller servlet and action classes and we use JSP as view-only, creatures (actually, we seldom use them as we use XML/XSLT), so as anyway all the requests go through my controller servlet... We implemented IP filtering as a filter because we also wanted to use it in other applications, as well as with static content. Just my 2c, D. --- Daniel Lopez Janariz ([EMAIL PROTECTED]) Web Services Computer Center Balearic Islands University --- Marcel Schutte wrote: Hi Randahl, I've used a filter to do gzip encoding for specific file types. Starting with the tutorial at http://www.orionserver.com/tutorials/filters/lesson5/, I've changed some things to get the hang of it and also to reduce the amount of buffering used. It works fine, haven't had a problem with this (intranet)site. The beauty of filters is that they are completely independent from your application, just edit your web.xml and you are set. Let me know if you wnat some more info. Marcel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Randahl Fink Isaksen Sent: Wednesday, May 30, 2001 9:39 AM To: Orion-Interest Subject: RE: bugs in @page extends= in Orion implementation? Hi Marcel I looked it up, and I definately see your point about the filter mechanism. Have you any experience with this on Orion? Does it work well? And what have you used it for? Of course if anyone else have tried it out, I would very much like to hear from you too. Yours Randahl -Original Message- From: [EMAIL PROTECTED
Re: Setting up a new web-application
Hi Kevin, I'm using Xalan 2 in my framework and I've had the same problem with pretty much all the containers that I've tried playing with. With Orion, substituting xalan.jar and xerces.jar in the orion directory did the trick for me in 1.4.*. I think I remember I had to do something similar with Resin and I never tried with Tomcat. The problem seems to be something like the first XML library to be used is the one to be used for everything and as all the containers have nowadays XML configuration files and use an XML parser as soon as they start up, then the XML library that is used is the one that the container uses, hence the need to put your desired library in the global CLASSPATH. This can lead to problems that can't be solved, if the container and your application can only use incompatible versions of a parser. As somebody mentioned, I think JSDK 2.3 tries to solve this, specifically, Point SRV.9.7.2 Web Application Classloader (Page 63 JSDK2.3 PFD2) states: ... It is recommended, however, that the application classloader be implemented so that classes and resources packaged within the WAR are loaded in preference to classes and resources residing in container-wide library JARs. That should mean that the parser installed in the application classpath should be used in your applications over the one installed in the global classpath, but unfortunately it is just a recommendation so who knows what will happen :). Just my 2c, D. Kevin Jones wrote: and the point is that I shouldn't need to put the classes/jar in the Orion lib. I should be free to put whatever classes/jars I need in my own application. The only thing about this is that it is not an easy problem to solve (ask the Jakarta/Tomcat team), and for some reason it always seems to happen with XML/XSLT processors :-( Kevin Jones DevelopMentor www.develop.com snip...
Re: bugs in @page extends=.... in Orion implementation?
Hi, I've also used filters, but in this case to filter requests by IP, as I don't want certain IP's to be able to access certain URLs. On the other hand, I implemented security, logging and other features inside my own servlet Controller, following a Model 2 approach. I thought about externalizing this services as filters, but that would mean that the web.xml file will grow too much and that I would have to put too much things in the request object each time. It's not that I've discarded the idea, but I don't see any compelling reason to implement everything as filters. We don't use servlets, but ONE controller servlet and action classes and we use JSP as view-only, creatures (actually, we seldom use them as we use XML/XSLT), so as anyway all the requests go through my controller servlet... We implemented IP filtering as a filter because we also wanted to use it in other applications, as well as with static content. Just my 2c, D. --- Daniel Lopez Janariz ([EMAIL PROTECTED]) Web Services Computer Center Balearic Islands University --- Marcel Schutte wrote: Hi Randahl, I've used a filter to do gzip encoding for specific file types. Starting with the tutorial at http://www.orionserver.com/tutorials/filters/lesson5/, I've changed some things to get the hang of it and also to reduce the amount of buffering used. It works fine, haven't had a problem with this (intranet)site. The beauty of filters is that they are completely independent from your application, just edit your web.xml and you are set. Let me know if you wnat some more info. Marcel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Randahl Fink Isaksen Sent: Wednesday, May 30, 2001 9:39 AM To: Orion-Interest Subject: RE: bugs in @page extends= in Orion implementation? Hi Marcel I looked it up, and I definately see your point about the filter mechanism. Have you any experience with this on Orion? Does it work well? And what have you used it for? Of course if anyone else have tried it out, I would very much like to hear from you too. Yours Randahl -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Marcel Schutte Sent: 30. maj 2001 00:22 To: Orion-Interest Subject: Re: bugs in @page extends= in Orion implementation? That's right, the two examples Randahl gives can be easily solved using the servlet2.3 filter mechanism, giving a very loose coupling of these features with your actual application. Marcel - Original Message - From: Juan Lorandi (Chile) [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Tuesday, May 29, 2001 10:45 PM Subject: RE: bugs in @page extends= in Orion implementation? I believe this could be better modeled differently, because it leaves no room for the web server to implement its callbacks and java doesn't support multiple inheritance. -Original Message- From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] Sent: Martes, 29 de Mayo de 2001 3:01 To: Orion-Interest Subject: RE: bugs in @page extends= in Orion implementation? Well, can anyone confirm that JSP pages can extend your own class when using Orion??? Or has noone been able to use @page extends? I see many good reasons for implementing your own super class for your JSP pages. For instance, such a superclass could do logging of all client activities or it could do security checking. Randahl -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Robert Nicholson Sent: 25. maj 2001 21:15 To: Orion-Interest Subject: RE: bugs in @page extends= in Orion implementation? It's doing you a favour.Please elaborate on why you want to extend that class. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jiuyun Wang Sent: Friday, May 25, 2001 9:20 AM To: Orion-Interest Subject: Re: bugs in @page extends= in Orion implementation? It doesnot work, not matter which one (servlet/jspbase) I extends my jsp, orion jsp compiler just don't support extends -Jiuyun --- SCOTT FARQUHAR [EMAIL PROTECTED] wrote: It looks like your page should extend servlet and not jsppage. Just change JSPBase to extend servlet (and make the required changes). I haven't read the spec, but I imagine that extending OrionHttpJspPage is proprietary, and would not be part of the spec. Scott [EMAIL PROTECTED] 05/23/01 05:42am I create a class called JSPBase class which extends OrionHttpJspPage, and I put the @ page
Re: SV: proxying orion with IIS or iPlanet Web Server
Hi Patrick, I agree with you, in our case we are using Apache as a proxy for other reasons. One reason is that the Apache SSL certificate that we have doesn't work with Orion (quite easy to fix) but the main reason is that we use several instances of Orion, one per set of related applications, and we use the proxy to concentrate/redirect the traffic from the port 80 to the appropriate application port. This way we have one single point of failure, the proxy, but orion instances are independent of each other and we can start/stop/move them without bothering the other applications. Besides, we also have an SSI script inside the proxy that, in case an application server is down, redirects the request to the appropriate For maintenance reasons... page. Right now the proxy and the orion instances are, some of them, in the same host, but in the future I guess they won't be as next step for us is clustering. Anyway, no Tomcat anywhere and no plans for it, at least as it is now. We are quite happy with this set up, but we are in a situation were our main worry is not speed, so we don't care about the small extra trip between the proxy and the orion instance, but the number of applications. With hot deployment you are supposed not to have to stop the orion server but sometimes... Just my 2ec, D. --- Daniel Lopez Janariz ([EMAIL PROTECTED]) Web Services Computer Center Balearic Islands University --- Patrik Andersson wrote: Just for the sake of asking, why do you have tomcat serving jsp/servlets and orion serving ejbs if they're both running on the same machine? For me, that sounds like asking for extra maintenance trouble. And another thing, from having one single point of failure you now have 3. If either one if these three applications decide to call it a day your whole application dies and that goes for having two machines running different software aswell. Why not use two or three machines all running orion and having them split the workload by clustering them? regards, Patrik -Ursprungligt meddelande- Från: Lachezar Dobrev [mailto:[EMAIL PROTECTED]] Skickat: den 30 maj 2001 08:50 Till: Orion-Interest Ämne: Re: proxying orion with IIS or iPlanet Web Server Hya... Got a reply for you :). I use Apache as a front-end server. I use Orion to store my EJBs, and I use Jakarta-Tomcat to deploy servlets and JSPs. Just put the Tomcat and Orion on one and the same machine, start tomcat with a classpath, that includes the jars of the Orion server. Put a jndi.properties file somewhere (probably the web-inf/classes directory) and specify the jndi properties as for a remote application: java.naming.factory.initial=com.evermind.server.rmi.RMIInitialContextFactory java.naming.provider.url=ormi://127.0.0.1/your application java.naming.security.principal=admin user java.naming.security.credentials=admin pass Than you can safely read the Apache-Tomcat connectivity issues. I have used this with IAS instead of orion also. It worked. Apache and Tomcat are cheaper than other web servers :) May the shade of the tree strengthen you. Lachezar - Original Message - From: Andrew Diederich [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Wednesday, May 30, 2001 12:46 AM Subject: RE: proxying orion with IIS or iPlanet Web Server I was afraid of that -- ISA is a minimum of $1,500. An expense for the free webserver. I'll look into, iWS, but since iPlanet sells a proxy server, too, I bet their webserver won't do it be default, either. Ah, well. Does this mean folks using Orion on NT/Win2k put Orion in their DMZ? -- Andrew -Original Message- From: Juan Lorandi (Chile) [mailto:[EMAIL PROTECTED]] Sent: Monday, May 28, 2001 13:40 To: Orion-Interest Subject: RE: proxying orion with IIS or iPlanet Web Server Dig into ISA server, It's the M$ reversed proxy solution. Or else, go into the ISAPI filter world (best of luck) JP