RE: How to get the RoleManager
Uh, try using the shared session attribute (orion-web.xml) + the same realm name for the login config (web.xml) HTH, JP > -Original Message- > From: David Potts [mailto:[EMAIL PROTECTED]] > Sent: Miércoles, 10 de Octubre de 2001 8:02 > To: Orion-Interest > Subject: RE: How to get the RoleManager > > > > > > -Original Message- > > From: Mike Cannon-Brookes [mailto:[EMAIL PROTECTED]] > > > > I have a feeling if you made app2 the parent app of app1 it > might work > > (they'd probably be the same RoleManager - can't confirm that > > though). > > Thanks for the suggestion. We tried it, but it doesn't work. > When we go to > the second app the login form comes up again. > > > This > > is a non-standard solution (if a solution at all! ;)), then > > again if you're > > using RoleManager you're already using Orion specific code so > > you probably > > don't mind too much. > > > > At the moment we are looking for *any* solution that will do > form-based > single signon across two apps on Orion. What is the standard? > > Cheers, > > Dave. >
RE: What's in 1.5.3?
Orion 1.5.3? Yeah? Where? Usually alongside the .jar there's a changes.txt describing... err... the _changes_. Still, the current bleeding edge version is 1.5.2 > -Original Message- > From: Brendan McKenna [mailto:[EMAIL PROTECTED]] > Sent: Martes, 09 de Octubre de 2001 6:47 > To: Orion-Interest > Subject: What's in 1.5.3? > > > Hi, > > Since 1.5.3 is in beta, is there anywhere where we can find a > list of the changes that will be present in 1.5.3? In > particular, will > the changes that have recently been made by Oracle in their > version of > Orion be rolled into 1.5.3? > > > Thanks, > Brendan > -- > Brendan McKenna Email: > [EMAIL PROTECTED] > Development Strategist Phone: +353-61-338177 > Taringold Ltd. Fax: +353-61-338065 > > >
RE: Displaying errors in JSP
BTW, if you use IE, disable 'friendly HTTP error messages'. This option, in
its active state will prevent the error page to display in the browser.
JP
> -Original Message-
> From: The elephantwalker [mailto:[EMAIL PROTECTED]]
> Sent: Miércoles, 03 de Octubre de 2001 13:21
> To: Orion-Interest
> Subject: RE: Displaying errors in JSP
>
>
> for the terminal, you can use
> System.out.println(e.getMessage()) in the
> catch phrase
>
> for the jsp, you will need to initialize some string variable
> in the catch
> block and then use in the html ...
>
> <%
>String error = "";
>try {
>
>}
>
> catch (Exception e){
> error = e.getMessage();
> }
> %>
>
> ...html stuff
> <%=error%>
>
> But this isn't really always necessary. Orion will spit out
> the error in the
> jsp if you don't catch it...since there is a try/catch built
> around every
> jsp page. Try it...do something silly in the jsp page to create a Null
> Pointer Error, and watch the fireworks in the browser. As
> long as you don't
> have a 500 error page, your jsp Null Pointer Error will be in
> the browser.
>
> regards,
>
> the elephantwalker
> www.elephantwalker.com
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of EXT-Vaze,
> Vinay G
> Sent: Wednesday, October 03, 2001 9:09 AM
> To: Orion-Interest
> Subject: Displaying errors in JSP
>
>
> If I have a code block such as
>
>
> <%
> try {
>
>
> }
> catch (Exception e) {
>
> }
> %>
>
>
> inside a JSP, how do I output error to either the browser or
> to the server console ?
>
> --
> Vinay Vaze
>
> M/S : 7H-80
> Phone : (425)-865-2929
> Email : [EMAIL PROTECTED]
>
>
>
>
>
RE: New Release????
no new release... always check out http://www.orionserver.com/orion/changes.txt also, you can download orion.jar from http://www.orionserver.com/orion/orion.jar (that's what autoupdate does, BTW) No new release or further comments from magnus yet. > -Original Message- > From: Stephen Davidson [mailto:[EMAIL PROTECTED]] > Sent: Miércoles, 03 de Octubre de 2001 10:22 > To: Orion-Interest > Subject: New Release > > > My original post never appeared, so I am reposting... > > -Steve >
RE: Newbie classpath problem - please help
Derek, the -jar option should be the last option: java -cp %CLASSPATH% -jar orion.jar also, you may want to try simply: java -jar orion.jar HTH JP > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 27 de Septiembre de 2001 5:48 > To: Orion-Interest > Subject: Newbie classpath problem - please help > > > > > > I've installed Orion 1.5.2 on my Windows NT4 development machine. > > I have a system classpath that points to lots of standard classes, for > utilities, etc. > > If I start Orion with the command "java -jar orion.jar" then > it doesn't pick > anything up from the classpath, > if on the otherhand I start Orion with the command "java -jar > -cp %CLASSPATH% > orion.jar" then I get a java.util.zip.ZipException error > with the following message "The filename, directory name, or > volume label syntax > is incorrect" > > Do I need to set the classpath elsewhere? > > Thanks > > > > > > ** > ** > > E-mail communication is not secure and may be intercepted by > a third party. This > message is confidential to the intended addressee. If you are > not the intended > addressee, please inform us immediately and then delete this > message. Virgin > Direct does not accept responsibility for changes made to > this message after it > was sent. Although Virgin Direct believes this e-mail is free > of any virus or other > defect which may affect a computer, it is the responsibility > of the recipient to ensure > that it is virus free and Virgin Direct does not accept any > responsibility for any loss > or damage arising in any way from it's use. > > Virgin Direct Personal Financial Service Ltd is regulated by > the Personal > Investment Authority for life insurance, pension and unit > trust business and > represents only the Virgin Direct marketing group. Registered > office: Discovery > House, Whiting Road, Norwich NR4 6EJ, UK. Registered in > England No. 3072766. > > The Virgin One account is a secured personal bank account > with The Royal Bank > of Scotland plc. It is provided by Virgin Direct Personal > Finance Ltd which is > a representative only of Virgin Direct Personal Financial > Service Ltd. > Registered office: Waterhouse Square, 138-142 Holborn, London > EC1N 2TH, UK. > Registered in England no 3414708. > > The Virgin Deposit Account is a personal deposit account with > The Royal Bank of > Scotland plc administered by Virgin Direct Personal Financial > Service Ltd. > > All telephone calls are recorded and may be monitored. > > > ** > ** >
RE: Microsoft releases SQL Server 2000 JDBC driver
Here! I evaluated Merant's drivers 'bout a year ago and they were... err... not as good as I expected(hadn to go for I-Net's ones). They couldda improve a lot in a year, tough. JP > -Original Message- > From: Darren Gibbons [mailto:[EMAIL PROTECTED]] > Sent: Martes, 25 de Septiembre de 2001 14:45 > To: Orion-Interest > Subject: Microsoft releases SQL Server 2000 JDBC driver > > > Microsoft just announced that they are releasing a Type 4 > JDBC driver for > SQL Server 2000. It's based on code licensed from Merant. > > http://www.microsoft.com/presspass/press/2001/Sep01/09-25MerantPR.asp > > Download the beta here: > > http://www.microsoft.com/sql/downloads/default.asp > > Haven't tested it yet, but will soon. I'm glad that > Microsoft has done this > as I know a fair number of people using SQL Server to back their Java > applications. > > Does anyone have any experience with Merant's drivers? > > Darren. > > -- > Darren Gibbons[EMAIL PROTECTED] > OpenRoad Communications ph: 604.681.0516 > Internet Application Development fax: 604.681.0916 > Vancouver, B.C. http://www.openroad.ca > >
RE: questions on legacy transaction support
Knowing how the legacy handles transactions would help. Particulary interested if rollbacks are accomplished by 'compensating' transactions, which would make the whole process straightforward. JP > -Original Message- > From: Reason [mailto:[EMAIL PROTECTED]] > Sent: Lunes, 24 de Septiembre de 2001 20:23 > To: Orion-Interest > Subject: questions on legacy transaction support > > > > I'm attempting to use Orion pretty much for the easy custom > authentication/user management and very little else. That all > works pretty well -- as an ex-JBoss user, let me say that I > like the straightforward approach. > > So I have a bunch of BMP beans that wrap some legacy > software. The legacy software comes complete with legacy > transactions and I'm trying to figure out the best way to > deal with this such that: > > 1) I can reliably pick up the right legacy transaction at the > right time in my bean methods > > 2) a given user can have more than one transaction on the go > at once in separate threads > > Now, I can write any old middle layer I choose to associate > specific legacy transactions with some object/value/concept > from the EJB layer (in a hashtable, for example), but I don't > have a good enough grasp on the Orion container to figure out > which of the following items are going to be constants > between different threads or method calls to the server: > > a) EJBContext (EntityContext, SessionContext): these would > seem to be out of consideration, as they are reused between > beans and threads, and a transaction might extend throughout > several method calls in both session and entity beans. > > b) UserTransaction: I could associate a UserTransaction > instance with a legacy transaction instance. If I start a > transaction in a session bean, which then calls entity bean > methods, is the same UserTransaction instance going to result > from calls to context.getUserTransaction() in the contexts > for the various beans? > > c) Principal name: I could associate a legacy transaction > with a principal name if not for wanting to allow each > principal the option of multiple concurrent transactions in > different threads. > > d) Thread: a legacy transaction could be associated with a > specific server thread. Is this going to work? Are > UserTransactions associated with a specific thread throughout > their lifetime? Is this thread the same thread that is used > for separate method calls that fall within the transaction? > > So, any suggestions or ideas from the list on this one? > > Reason > http://www.exratio.com/ > >
RE: Newbie needs some help
I presume you _have_ built a .war file, therefore just add a reference to it in default-web-site.xml, like this: it'll be accesible at http://localhost/sarasa if you download the documentation from orionserver.com, you'll find a complete reference to these files under docs/web-site.xml.html HTH, JP > -Original Message- > From: Peter Åslund [mailto:[EMAIL PROTECTED]] > Sent: Martes, 25 de Septiembre de 2001 5:46 > To: Orion-Interest > Subject: Newbie needs some help > > > Hi Group, > > I am new to Orionserver and EJB in general so I hope I can > get some tips > from you guys and girls out there! :) > > I tried out the hello-planet example at Orion Primer and that > worked okay. > Then I wanted to try an example with a EJB, Servlet and a > simple html page > from one of the tutorials from sun. (It is the calculator > example if anyone > done it) > > I built it with ant and veything compiles. It seems to deploy > "halfway" as I > don't get any problem until I want to call the html page of > my app. Then is > find the servlet which of course gives me nullpointer as I > haven't given it > some values to work with. > > 1. Where to put the html file? > 2. How to configure orion to find my html page? (which xml-file) > > > Would very much appreciate any hints as I can't seem to find > it either on > Orion Primer or on orionserver.com > > > Thanx in advance! > > .peter >
RE: Transaction question ?
No-- they're invoked in different transactions. Transactional activity maps directly to threads-- that is, the thread's id is the transaction id (so to speak). HTH, JP > -Original Message- > From: Stephen Davidson [mailto:[EMAIL PROTECTED]] > Sent: Martes, 18 de Septiembre de 2001 13:32 > To: Orion-Interest > Subject: Re: Transaction question ? > > > Eddie wrote: > > > > Hellu, > > > > Please some help on the following transaction scenario ?: > > > > I am receing some information through a HTTP post method. > The servlet, > > running as part of a J2EE application, calls a EJB method > A. The EJB method > > does some little processing. After this, it checks some > conditions, and > > might do some more processing in an other EJB method B > depending on the > > conditions (in the same method still). I want to call > method B in a thread, > > such that the client, performing the HTTP request, isn't > waiting too long. > > So I want to start method B in a thread, such that the > initial EJB method A > > returns. How does the transacion model looks like in this > case and it is > > wise to do it like this ? (My transaction attribute is set > to Required and I > > am using CMP). > > I mean, is EJB method B, that runs in the thread executed in a new > > transaction, as the initial EJB method A returns, or does > it run in the same > > db transaction as method A ? > > > > Eddie > > Hi Eddie. > > Launching threads in an EJB is against spec, as you may have noticed. > > What you may want to consider is using JMS. > > You would want to set up the EJB as a MessageDrivenBean, and then > have the onMessage call method B. > > My understanding is that you can preserve the transaction/across > through a message. > > > -Steve > -- > Stephen Davidson > Java Consultant > Delphi Consultants, LLC > http://www.delphis.com > Phone: 214-696-6224 x208 >
RE: Questions about Orion
all inline > -Original Message- > From: Vlad Vinogradsky [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 20 de Septiembre de 2001 23:22 > To: Orion-Interest > Subject: Questions about Orion > > > I am evaluating the Orion server for use in a production web > site which > would be hosted by a hosting services provider. It would run on a > Windows 2000 box alongside other web sites serviced by IIS and will > manage data in SQL Server 2000 database. I have a few > questions I wasn't > able to find answers to and I wonder if you can help me with them. > > 1. I wonder if anybody had any negative experience using > Orion server on > Windows 2000 or with SQL Server 2000? I-Net jdbc products are going to > be used. I'm using W2k. Runs neat. SQL Server 2000, I used I-Net's drivers and everything worked fast and smooth. However I haven't used it intensly. > > 2. Any comments on performance, scalability and availability of the > Orion server on Windows 2000? As with any W2k, use the lastest SP and hotfixes. The maximun number of _true_ threads W2k manages is 250 (1 uP, 1 GB RAM); about 75 are used by services, and if you'll have IIS there, you can't have more than 75-100 threads running without severe problems. Of course, If you'd ever have 100 concurrent users on a single orion, you'd be using a cluster(won't ya?). > > 3. What VM is best to use to run Orion server? For W2k, Sun's latest is the fastest. Have proof (and an NDA, so I can't reveal it). You can test, the results are almost humanly measurable. It's amazing how much Sun's VM has changed since 1.2.2. > > 4. Does it have auto start and restart features? Do you have > to have an > interactive logon session to start it? There are some utilities that allow you to run orion(or any java app) as a service. Search the list archives. > > 5. What security context does it run in? I think the elephantwalker covered that. You can implement your own UserManager; if you're thinking of auth against the PDC, yes, it can be done. You'd have to write your own UserManager, and then use JNI or J-Integra to call upon ADSI objects. > > 6. What is Orion server security track record? Has it ever been > compromised or taken out by DOS attacks? There were fixed bugs. Also, dropped connections on long-execution pages do not kill the webserver thread, so there may be DOS vulnerabilities. even so, it's a whole lot better than IIS. And bugs don't have the same amount of press. > > 7. Any comments on IronFlare's technical support? It looks > like there is > no live tech support - just email. > > All input is welcome. > > Thanks, > > Vlad HT, JP
RE: HELP !!! SECURITY
lo que? the orionconsole is run with: $orion# java -jar orionconsole.jar HTH, JP PS: mail me (in Spanish if you like) if that's not what you're looking for. An extended explanation would be appreciated -Original Message-From: David Bonilla [mailto:[EMAIL PROTECTED]]Sent: Viernes, 21 de Septiembre de 2001 11:23To: Orion-InterestSubject: HELP !!! SECURITY Ok... I have understand all about security but know, how and where can I activate a option to use a Orion-Based console or something else to control de User Name and Password ? __David Bonilla FuertesTHE BIT BANG NETWORKhttp://www.bit-bang.comProfesor Waksman, 8, 6º B28036 MadridSPAINTel.: (+34) 914 577 747Móvil: 656 62 83 92Fax: (+34) 914 586 176__
RE: Using NT Authentication
You could also use JIntegra or JNI to access ADSI objects. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Sent: Viernes, 14 de Septiembre de 2001 8:44To: Orion-InterestSubject: Re: Using NT AuthenticationI've seen it down by asking for a FTP connection to the server and using the password. If it goes through then the password it good. It is clunky but it works. Jonathan BrickerLilly Research LabsJava ATG [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 09/14/01 04:08 AM Please respond to Orion-Interest To: Orion-Interest <[EMAIL PROTECTED]> cc: Subject: Using NT Authentication Hi, I am developing an intranet EJB application and am interested in using the users NT authentication as a means for user authentication. I know it is possible to do this in IIS, but has anyone ever tried doing it with a Java Web App? Any advice or suggestions would be appreciated. Regards, Johnny
RE: Stored procedures and J2EE
I (empirically) reached the same conclusion; but instead of dropping CMP, we provided performance improvements ON TOP of the EJB's (VO's and VO caches). Thank god we did it this way, because the DB can't scale as easily as the app-server cluster. My 2c, JP -Original Message-From: Rian Schmidt [mailto:[EMAIL PROTECTED]]Sent: Jueves, 06 de Septiembre de 2001 12:51To: Orion-InterestSubject: Re: Stored procedures and J2EE I'm interested as to how you can say this... we just did a series of tests here to see what the effect of pulling out some fairly complex stored procedures into CMP beans, and the performance impact was enormous. We've actually gone the other way, that is, developing stored procedures for each anticipated database. The fallback is that the logic is done in the beans, but that is a worst-case scenario. Now, I realize that this would be considered such bad form in a Sun-controlled world of pure J2EE that I hesitate to even mention it... but in the real world, any significant hit on performance is enough to convince us to denormalize a bit, so to speak. I don't think that you can say "there's absolutely no hit on performance" not to use stored procedures, particularly if that procedure requires repeated queries of the data in a pseudo-recursive way. Do you really think that any performance hit that we've seen is a result of poor design? I'm really interested in your reasoning. Rian - Original Message - From: The elephantwalker To: Orion-Interest Sent: Thursday, September 06, 2001 2:23 AM Subject: RE: Stored procedures and J2EE As for distributing your business logic between the datastore and middle tier...aren't you making your life more complex than it needs to be? There is absolutely no hit on performance if you pull out all of your business logic into a slsb or cmp...there's just no need to use store procedures any more.
RE: Shared SB reference in Web tier business delegate??
all inline > -Original Message- > From: Curt Smith [mailto:[EMAIL PROTECTED]] > Sent: Martes, 04 de Septiembre de 2001 10:08 > To: Orion-Interest > Subject: RE: Shared SB reference in Web tier business delegate?? > > > I didn't clearly state my architectural question: > > What's the view on sharing a single remote SB interface among > all servlet threads? I.E. a single Business Delegate in the > ServletContext (as apposed to bloating out the Session). Would work but... (continues below) > > I've not read clear EJB spec / book statements regarding > sharing SB or > Entity remote interfaces? It's the container resposability to do it. I can (as will you) enumerate a number of reasons why not taking into your own hands somebody's else job. > > For SB's this should be perfectly ok since the container delagates > methods to bean instances, it should not mater whether it's via a > single remote interface or separate? Shouldn't, specially in a pure Java App server (and that's one of the things I like 'bout orion you can tweak it) > > Threaded access to a single Entity might be a problem if reentrant > is set to false. I would still believe that the container should > simply queue methods against the Entity in that case. And here's the main reason for my objections. The server does queue transactions fired upon the same stub. Clearly, this is very bad if you have a SFSB, but even in the SLSB case, it will _eventually_ clog up the server in a domino effect. Two requests arrive, only the first is attended: R1--->--->SLSB R2--->blocks Now, the server serves R2, which was blocked, but in the mean time, two more requests arrive. R1: Finished. R2--->--->SLSB R3--->blocks R4--->blocks If stressed, the server eventually comes to a halt. What happens if you let the container manage the instances? Let's suppose you set the pool size to 1. R1--->--->SLSB1 (pool instance) R2--->--->SLSB2 (new instance) and then, SLSB1--->pool SLSB1--->gc R1: Finished R2: Finished. R1--->--->SLSB1 (pool instance) R2--->--->SLSB3 (new instance) And there starts the deployer's job, tweaking the pool size for maximun performance. > > Thanks for you opinions on the shared reference issue. Just my 2c, Juan Pablo
RE: Additional invocations to the UserManager
all inline. > -Original Message- > From: Curt Smith [mailto:[EMAIL PROTECTED]] > Sent: Lunes, 03 de Septiembre de 2001 9:31 > To: Orion-Interest > Subject: RE: Additional invocations to the UserManager > > > I bounced the client, deleted cache/cookies and still saw the > auto-login > behavior on every request to my UserManager without seeing the login > dialogue > the 2nd--Nth time. So how could the client be silently supplying the > user/pass on every request??? Still looks like the container > is calling > UserManager with it's cached copy of user/passwd The browser chaches it. Read RFC 1945 (HTTP 1.0), section 11. Here are some quotes: The domain over which credentials can be automatically applied by a user agent is determined by the protection space. If a prior request has been authorized, the same credentials may be reused for all other requests within that protection space for a period of time determined by the authentication scheme, parameters, and/or user preference. Unless otherwise defined by the authentication scheme, a single protection space cannot extend outside the scope of its server. So, with BASIC Auth, regardless if the server challenges the user _everytime_ for its username and password, given a realm, the browser sends its authentication. This goes back to the time where the was no session support on web servers(it was 4 or 5 years ago, not THAT long). Instead of asking the user for its username and password everytime, the browser caches a successful user/passwd pair and resends them (provided the challenge comes from the same 'realm'). This is 'legacy' behavior of the browser. And the spec accepts it. > > I could have run my client through a logging proxy to > tattle-tail whether > the container was issuing an HTTP challenge on every get/post or not?? Of course, check for WWW-Authenticate; if the server challenges every time, then it should be a part of the response. This is, however, unlikely-- orion must be reading the headers, and reauthenticating the user every time, regardless of challenges. > > Given that I bounced my client and deleted cookies/cache I'm still > mystified about HTTP challenge issues??? Regardless I've moved on to > FORM authentication and folks on this list find value in the > current HTTP > challenge behavior for their development cycle not pestering them for > re-login :-/ Yap, and that's the main use I given to BASIC, it speeds up the devel cycle, no matter how many times you restart the server. > > curt > > > >Nope. This is browser, not orion behavior. It complies to > the HTTP specs. > > >>> > > > > I saw this too and went to FORM authentication and don't see this > > anymore. > > > > I still use UserManager to receive the user/passwd from the FORM > > via the Container, but I don't see the UserManager calls on every > > request. > > > > Based on this, I feel it's a bug in orion that BASIC behaves this > > way. > > > > curt > > > >
RE: Additional invocations to the UserManager
Nope. This is browser, not orion behavior. It complies to the HTTP specs. > -Original Message- > From: Curt Smith [mailto:[EMAIL PROTECTED]] > Sent: Sábado, 01 de Septiembre de 2001 10:43 > To: Orion-Interest > Subject: RE: Additional invocations to the UserManager > > > I saw this too and went to FORM authentication and don't see this > anymore. > > I still use UserManager to receive the user/passwd from the FORM > via the Container, but I don't see the UserManager calls on every > request. > > Based on this, I feel it's a bug in orion that BASIC behaves this > way. > > curt > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Trujillo, Kris > Sent: Friday, August 31, 2001 6:11 PM > To: Orion-Interest > Subject: Additional invocations to the UserManager > > > > I have written a custom UserManager and have setup > security-constraints > against several JSPs in my application...everything works > great..almost. > I'm noticing that after the user has successfully been > authenticated that my > UserManager is being recalled for every page request made by > the user. The > difference being that the user is not reprompted to enter a > username and > password. The problem with this is that it causes a lot of additional > overhead because the user is reauthenticated and has the > group checking > revalidated for every request. Is it possible to setup Orion > so it won't > behave this way? It seems like once the user has been > authenticated once > that they should not be reauthenticated until their session > has expired. > > Thanks > >
RE: Additional invocations to the UserManager
sound a lot like BASIC authentication. If so, then Orion's behavior is as defined by the spec, and presents the same behavior than IIS, Apache and Netscape Enterprise > -Original Message- > From: Trujillo, Kris [mailto:[EMAIL PROTECTED]] > Sent: Viernes, 31 de Agosto de 2001 18:11 > To: Orion-Interest > Subject: Additional invocations to the UserManager > > > > I have written a custom UserManager and have setup > security-constraints > against several JSPs in my application...everything works > great..almost. > I'm noticing that after the user has successfully been > authenticated that my > UserManager is being recalled for every page request made by > the user. The > difference being that the user is not reprompted to enter a > username and > password. The problem with this is that it causes a lot of additional > overhead because the user is reauthenticated and has the > group checking > revalidated for every request. Is it possible to setup Orion > so it won't > behave this way? It seems like once the user has been > authenticated once > that they should not be reauthenticated until their session > has expired. > > Thanks >
RE: Clustering in Orion
Title: Clustering in Orion Really? Could you share the source (of the rumor)? -Original Message-From: Aaron Tavistock [mailto:[EMAIL PROTECTED]]Sent: Viernes, 31 de Agosto de 2001 16:39To: Orion-InterestSubject: RE: Clustering in Orion As I understand it clustering of session EJBs will soon be available. But thats just the rumor. -Original Message-From: GUNDA, Satish / RSAIFS - IOM [mailto:[EMAIL PROTECTED]]Sent: Friday, August 31, 2001 7:52 AMTo: Orion-InterestSubject: Clustering in Orion Hi all, What is the clustering support provided by Orion? Will my EJBs be replicated across the cluster? The documentation states the following. The HttpSession data (as long as it is Serializable or an EJB reference). Note that if the EJBs are located on a server that fails, the references might become invalid. The ServletContext data. Does it mean EJBs are not replicated acorss a cluster? I don't know how just replication at HTTPSession level can help a production site which requires 99.99 uptime. Any idea when (if) Orion is coming up with this support? Thanks, Satish
RE: Shared SB reference in Web tier business delegate??
> -Original Message- > From: Curt Smith [mailto:[EMAIL PROTECTED]] > Sent: Viernes, 31 de Agosto de 2001 9:27 > To: Orion-Interest > Subject: Shared SB reference in Web tier business delegate?? > > > Greetings, > > My app is a thick client replacement with J2EE web-ified functionality > where 3000+ clients will login and stay logged in all day. > > I'm wanting to reduce the number of session objects as a result of so > many concurrent sessions. I plan on keeping a per session business > deligate manager, but make the DAO instances static thus shared amoung > all sessions since my DAO's are re-entrant. > > I'm concerned about sharing a single SB remote interface amoung all > sessions (Threads)??? Why not let the container manage the actual number of instances created? That would lead to 3000 proxy instances, but just a handful of SLSB. > > Of course SSB remote interfaces will need to be tied to that session!! I can't quite follow you here. Do you meaqn the http session? > > What about the few Entities that might be accessed from the web tier? > vs not reentrant Entities?? Entities that are reentrant, by the EJB 1.1 spec (section 9.1.12), are those that can be called in a loopback WITHIN the same transaction. Different transactional contexts calling the same Entity(by this I mean an entity with equal PK) are not reentrant calls. Basically, this allows for loopbacks in a call thread, but its use is discouraged by the spec. > > I wish the EJB spec was clearer about reentrancy of the remote > interface or maybe someone can shed some light?? Again, check out the same section on the spec; transactional context (sometimes called activity) plays an important role in determining if a call is reentrant. > > Thanks alot to the orion mail list. > > curt > > > Curt Smith > [EMAIL PROTECTED] > (w) 404-463-0973 > (h) 404-294-6686 >
RE: Class Reloading
switch to BASIC auth for development only. it's easy to do, just change FORM to BASIC (don't even have to remove the form-login and form-login-error tags). The browser caches any auth that fulfills the Web server's challenge. Therefore, it auto-logins you every-time the web server challenges for auth. It's made my life easier HTH, Juan Pablo > -Original Message- > From: Teddy Rice [mailto:[EMAIL PROTECTED]] > Sent: Miércoles, 29 de Agosto de 2001 1:31 > To: Orion-Interest > Subject: Class Reloading > > > i have read, and re-read, all > of the postings on class > (re)loading in relation to deployed > applications inside orion. yet, i still > have some unanswered questions. > > in my past experience, compiling classes > to the ./WEB-INF/classes directory and > touching either the web.xml or application.xml > file will cause the new classes to be > picked up and used. all objects that are > in session are serialized and available > after the application is re-deployed without > having to re-start orion. > > however, i am now experiencing a situation > wherein i'm losing my session information and > being forced to re-login to my application to > continue development. > > is there a set of criteria or implemenation details > i'm missing. all objects are obviously serializable > or they would not be able to be stored in a session. > yet, my latest encounters with class reloading makes > me doubt this assertion. > > any ideas/paths i can explore to making my > development life less hell-like? > > thanks, > > ted rice > >
RE: UserManager / BASIC auth; orion caching username/password ????
inline > -Original Message- > From: Curt Smith [mailto:[EMAIL PROTECTED]] > Sent: Martes, 28 de Agosto de 2001 18:04 > To: Orion-Interest > Subject: UserManager / BASIC auth; orion caching > username/password > > > I've got a confusing issue that I'm observing: > > I'm using BASIC authorization and installed my subclass of > AbstractUserManger into > orion-application.xml. > > I get the HTTP challeng login dialogue the first time, and > get into the protected site > when my um.checkPassword ( user, pw ) returns true. > > Problems are: > > - After 3 failures I get sent to the 401 screen. I'd like > to loop forever in the > login dialog. non standard, check HTTP RFC > > ??? > > - The Security context seems to be cached and survives > re-starts of orion ?? The browser does that; once a basic auth works, the same browser process will keep sending the same auth to the server for each auth challenge. > > I see the um.checkPassword () method being called with the > successful username > password in my log4j logs. Is the container supplying the > user/passwd without challenging > client This works for both IE and NS and I've turned > the auto-loggin features off for > IE. > >On one hand this is great for resilience, especially if > the session object is serialized too. >I haven't found any files that might be performing this > feature though??? > >On the down side, I can't force a session / Security > Context invalidation to force a new >login for debugging purposes. Stopping IE / NS and > restarting the client even jumps >back into the session without a HTTP challeng ??? I've > never seen this before? > > Why can't I find how to flush cookies in IE and NS... ;< > but this appears to be solely > an orion behavior and not using cookies to persist the > Security context??? > > > Anybody have an explanation of what's going on with this appearance of > auto-login behavior via my UserManager.checkPassword() method? > > very confused, > > curt > > >
RE: State Replication
Only a part of the heap is serialized in an Entity Bean(the public non-transient non-static non-final fields) for every reference to a bean in a TX, a ejbStore is executed. That is, you'll have a transactional state replication. -Original Message-From: Matthew Pullen [mailto:[EMAIL PROTECTED]]Sent: Martes, 28 de Agosto de 2001 10:04To: Orion-InterestSubject: RE: State Replication I appriciate your response. Is there a discussion anywhere about Orion replication and clustering? Is the integration only via a persistent store? What I have is a need to have an object replicated between mulitple instances in a cluster environment. It can be an EntityBean, but I would like to know more about how it is done. If only the heap can be serialized and sent between different participants of a cluster (not the execution stack), I am interested in finding out how to ensure object state gets replicated accurately. Thank you, Matthew Pullen UIN 352700 -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Lorandi (Chile)Sent: Monday, August 27, 2001 3:35 PMTo: Orion-InterestSubject: RE: State Replication I don't think there is replication of SFSB's in orion. All replication I'm aware of is http-session's; you could achieve similar (but not identical) behavior by storing the SFSB's handle in the session object(provided you enabled http-session replication). However, this would achieve scalability, not reliability. My 2c, Juan Pablo -Original Message-From: Matthew Pullen [mailto:[EMAIL PROTECTED]]Sent: Lunes, 27 de Agosto de 2001 14:48To: Orion-InterestSubject: State Replication Hola, I sent a question to the mailing-list last week, but I did not see it sent back to me from the list, nor any responses, so I am assuming it didn't make it. This is the re-transmittal: I am trying to get replication of a Sate-full SessionBean across a replicated cluster. The loadbalancer is working well, and when one server is shut down, the balancer does direct the requests to another back-end server. However, session state is not being replicated between the two back-end orion instances. If it is not intended to work in this fashion, what is the intended functionality of "replication"? Are there any white papers or detailed documentation of the intended behavior? Thank you, Matthew Pullen
RE: State Replication
I don't think there is replication of SFSB's in orion. All replication I'm aware of is http-session's; you could achieve similar (but not identical) behavior by storing the SFSB's handle in the session object(provided you enabled http-session replication). However, this would achieve scalability, not reliability. My 2c, Juan Pablo -Original Message-From: Matthew Pullen [mailto:[EMAIL PROTECTED]]Sent: Lunes, 27 de Agosto de 2001 14:48To: Orion-InterestSubject: State Replication Hola, I sent a question to the mailing-list last week, but I did not see it sent back to me from the list, nor any responses, so I am assuming it didn't make it. This is the re-transmittal: I am trying to get replication of a Sate-full SessionBean across a replicated cluster. The loadbalancer is working well, and when one server is shut down, the balancer does direct the requests to another back-end server. However, session state is not being replicated between the two back-end orion instances. If it is not intended to work in this fashion, what is the intended functionality of "replication"? Are there any white papers or detailed documentation of the intended behavior? Thank you, Matthew Pullen
RE: List rant (was RE: Virtual DirecTory --> Help)
Hani is in PST time zone too? Maybe it took 11 minutes tu be delivered (pretty fast for an email in a list). BTW Hani, you're posting to orion-interest Sunday at 6 am? I'm getting REALLY worried. Juan Pablo. > -Original Message- > From: Alex Paransky [mailto:[EMAIL PROTECTED]] > Sent: Domingo, 26 de Agosto de 2001 11:28 > To: Orion-Interest > Subject: RE: List rant (was RE: Virtual DirecTory --> Help) > > > You are missing the point. The list is broken most of the > time. You send > your message at 6:21am, I get it at 7:32am. More than 1 hour later. > Sometimes, I get at 2 hours later, 20 hours later, 24 hours > later. Many > times I don't get it at all. What good is it to have a list > that you cannot > rely on. If you have a problem which needs addressing fast, > you don't want > to wait for 24 or 48 hours while the list sends the question > to all the > people. Sometimes, it does not send at all. So many of us > have been making > 1, 2, 3, or more postings to the list, just to PUSH the damn message > through. > > Furthermore, I hate having to type a long detailed response, > only to not > have it go through on the list. It's a waste of my time. > > So, I think, this list should be closed, and people > redirected to the Yahoo > list. > > By the way, I just posted to the Yahoo list and I see the > message in my mail > box 3 minutes later. That's response time! > > -AP_ > > PS: Let's see how long it takes this message to get propagated. It's > Sunday, August 26th, 2001 8:28am PST. > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Hani Suleiman > Sent: Sunday, August 26, 2001 6:21 AM > To: Orion-Interest > Subject: List rant (was RE: Virtual DirecTory --> Help) > > > I have to add my voice to this. This is just an example of > the problems > that can happen when a lot of well meaning and eager people > do what seems > to be a good idea, yet turns out to do nothing beyond make the problem > they're trying to fix even worse. > > The people who end up suffering are those who need actual > help with Orion, > as every new mailing list further dilutes the pool of competent > knowledgable people present on any given resource that can > provide help. > > I for one will NOT be joining any orion related mailing lists > other o-i, > and I would go so far as asking you all to likewise resist > the temptation > of 'encouraging' these other lists, for the following reasons: > > - Any individual list is 'worth less', as it's only a subset of the > community. > > - The barrier of entry to Orion is higher (who wants to join 4 mailing > lists just to ask a simple question?) > > - Bias that is very likely to occur (MY support site/list/whatever is > cooler/better/richer than yours!) > > - Turf issues. (don't crosspost to our list! Go away and ask *that* > list! Oh now you come to us after you failed on *that* list?) > > - Same old same old. Does anyone truly think the rash of 'is Orion > dead/gone/sold out' and 'have Magnus/Karl given up/died/become > hermits/taken up fishing/sold out' questions that pop up > every couple of > months iks going to dimish? On the contrary, now you get per-list > threads about the exact same thing! Wheee! > > Of course, feel free to ignore all this and join six orion > related lists > and sign up with four orion support websites. More power to you. > > Hani > > On Sun, 26 Aug 2001, Mike Cannon-Brookes wrote: > > > Guys, > > > > I'm both for and against this new Orion list, but surely > we're solving > > NOTHING other than creating more email if we send support > messages to both > > lists? (Meaning everyone subscribes to both lists, everyone get's > everything > > twice) > > > > Is there a sensible way we can resolve this? Personally I'd > say use o-i > when > > it's up, only use the egroups list when there's a problem. > > > > -mike > > > > > > Mike Cannon-Brookes :: [EMAIL PROTECTED] > > > > Atlassian :: http://www.atlassian.com > > Supporting YOUR J2EE World > > > > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]]On Behalf Of Daniele > > > Arduini > > > Sent: Sunday, August 26, 2001 7:14 PM > > > To: Orion-Interest > > > Subject: Re: Virtual DirecTory --> Help > > > > > > > > > Eddie Post wrote: > > > > Hellu, > > > > > > > > I am trying to exculde my JSP files from the war file, > such that the > > > > designer can easily change them without my help > (withoud deployment, > > > > etc...). > > > > > > > > Anyone any idea/advice how to do that as I tried many > things, but > > > > appearantly am not able to succeed ? > > > > > > > > > > 1. create an "orion" user and an "orion" group. > > > 2. chown -R orion:orion /opt/orion > > > 3. Run Orion as "orion" user from a shell script: > > > ... > > > umask 002 # IMPORTANT! > > > cd /opt/orion > > > java -jar orion.jar $@ > > > ... > > >
RE: Ant to compile and deploy one file
Title: Ant to compile and deploy one file I have ant and it recompiles only modified .java files (only one). Are you using the latest ant(I think it's 1.3)?. -Original Message-From: Nusairat, Joseph F. [mailto:[EMAIL PROTECTED]]Sent: Jueves, 23 de Agosto de 2001 13:35To: Orion-InterestSubject: Ant to compile and deploy one file Hey if i have one file to update is there an easier way to compile it and re jar it??? I am using ant ... and if i have one i can only seem to recompile them alll which takes some time. Joseph Faisal Nusairat, Sr. Project Manager WorldCom tel: 614-723-4232 pager: 888-452-0399 textmsg: [EMAIL PROTECTED]
RE: j_security_check not redirecting
yes, I get that too. Solved by removing "j_security_check" from the login page's action, leaving it empty. Regrettably, that's outside of the spec. Also, since that began to happen, whenever there's a failed login, instead of showing the login-error-page, the login-page is shown again. I think one of the guys down here added the bug in bugzilla a month ago. Juan Pablo > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Miércoles, 22 de Agosto de 2001 10:17 > To: Orion-Interest > Subject: j_security_check not redirecting > > > Hi, > > I have a problem with securing our web application. > I have followed the steps as described in the several > documents (like orion security primer). Everything works > fine: I enter the URL, the login servlet is called and > displays the login web page. > > However, after entering the login information the real > servlet is executed (i see it in the logs) but the browser > displays an empty page with the url: > http://server/application/j_security_check > > Two problems here: > > a) the browser is not redirected to the real page > b) the servlets output never finds its way back it seems > > Question is, does it have to do with our servlet structure. We > have a central servlet dispatcher that calls the actual servlet > using getNamedDispatcher()... and returns XML data that then is > transformed using an XSLTFilter > > Leo. > > -- > neotis wissensmanagement GmbH > EMail : [EMAIL PROTECTED] > Telefon: +49 (30) 6392 3591 > Telefax: +49 (30) 6392 3595 > >
RE: PrOperTies ??
Title: SV: Roll-BACK question. env entries in the ejb-jar.xml, web.xml; also, you could create a "load-on-startup" servlet, which is allowed to access disk, to create, say, a singleton which in its constructor opens and loads the properties files. Therefore, you will be paying once per JVM for the initialization, and have it your way. HTH Juan Pablo -Original Message-From: Eddie Post [mailto:[EMAIL PROTECTED]]Sent: Miércoles, 22 de Agosto de 2001 6:32To: Orion-InterestSubject: Re: PrOperTies ?? Noc noc, Can someone please still have some advice on the question I posted below ?? Eddie - Original Message - From: Eddie Post To: Orion-Interest Sent: Tuesday, August 14, 2001 9:18 AM Subject: PrOperTies ?? Hellu, Where do you define your properties/constants which you want to use in your ejb's and servlets (I am using CMP) ?? I am wandering if, putting it all in a property file is the best way to do it (the EJB spec don't 'allow' it), concerning performance and the xml files to store properties. How can you define constants in a xml file that are both seen by the servlets and ejb's ?? Some advice on this issue please ? Eddie
RE: Invoke a method on myself in a Stateful Session Bean.
Neat. I've been having similar problems trying to execute a findByPrimaryKey
in the ejbCreate method of a bean. Errors, however, just come and go away
randomly.
> -Original Message-
> From: Mikael Ståldal [mailto:[EMAIL PROTECTED]]
> Sent: Miércoles, 22 de Agosto de 2001 3:34
> To: Orion-Interest
> Subject: Invoke a method on myself in a Stateful Session Bean.
>
>
> When I try to do like the code below, I get this error:
>
> com.evermind[Orion/1.5.2 (build
> 10460)].server.rmi.OrionRemoteException:
> Recursive call to non-reentrant bean
>
> Is there any other way to do this? I don't want to invoke the methods
> directly, since I want to make use of container managed transactions.
>
>
> /**
> * @ejb:ejb-name Foo
> * @ejb:stateful-session
> */
> public class FooBean extends SessionBean
> {
> private Foo me;
>
> /**
>* @ejb:create-method
>*/
> public void ejbCreate()
> {
> me = (Foo)PortableRemoteObject.narrow(
> sessionContext.getEJBObject(),
> Foo.class);
> }
>
>
> /**
>* @ejb:remote-method
>*/
> public void foo()
> {
> // do something interesting
> me.bar();
> // do something interesting
> }
>
>
> /**
>* @ejb:remote-method
>*/
> public void bar()
> {
> // do something interesting
> }
> }
>
RE: When user hits STOP..any way to trap that and terminate an ongoin g request..
Title: Ayuda Kevin, tough I value the trouble you've been taking to hack around this orion bug, it is a BUG, and therefore should be corrected. AFAIK, this is the only exploit that orion exposes, and it is VERY problematic. DoS attacks are very easy to perform... just pick any "heavy" page on a site, open a socket, send a very short HTTP header, then drop the connection. Do it quickly and orion will choke up. Most IDS and Firewalls can't block this kind of attack with their default settings, and when programmed to block, they cannot be efficient. -Original Message-From: Duffey, Kevin [mailto:[EMAIL PROTECTED]]Sent: Lunes, 13 de Agosto de 2001 16:23To: Orion-InterestSubject: When user hits STOP..any way to trap that and terminate an ongoin g request.. Hi al, I am almost positive the answer is no, but I thought I'd see if anyone has come up with a solution. All too often, we have some users that submit a large query, then hit the STOP button on the browser, then change something and submit again. In the meantime, their original query is still executing on the server-side. Sure..Orion throws an exception when it tries to send the response back and the connection to the browser is gone. But I am wondering if there is any way at all to just kill that particular request. Like..is there some way the app server or web server can send pings every say, 100ms to the browser to make sure its connection is still alive..and if not, just kill the request in some manner. Perhaps by having a special interface that an application can implement, so that a particular method can be called if the server detects that the connection to the browser is dead before the response has gone back. In this way, that method call can get ahold of the session, and perhaps get ahold of a connection being used, close it, etc. Ofcourse, you can use some client-side javascript to "disable" a button after its been clicked. We have done this, and we also inserted a "transition" page in particular areas where long queries might occur. In this case, the user sees an animated gif and a message that tells them not to hit stop or back. Ofcourse..you're still going to get those users that do this. My personal opinion is that if they call in, we tell them they are stupid, they should unplug their computer and quit their job because they can't follow instructions. Ofcourse..that wont fly, especially if they are a big money client. Besides, its ethically wrong to screw your clients over. ;) So, one possible idea I have had is to do the following. Each user has a session when they log in. Upon any request, a "flag" is set in the session of that user, indicating a transaction is starting. If the user hits STOP, then submits while that transaction is still going on, the server will see the flag is set, and send back a response indicating that a transaction is currently happening and they have to wait for it to be done before another submit can occur. There is a plus side to this..it prevents any user to doing more than one thing. The down side is, it is possible using the File -> New -> Window to open up another window with the same cookie/sessionID and the user could actually go to a different module and do MORE work at the same time. This would allow, for example a large query to be performing in one module and they could go do some work in another module. My method of a flag would prevent this type of multiple-module capability. The solution, ofcourse is to allow one flag per module, thus only one transaction per module could be performed, which is what I intend to implement to at least keep the user experience at a satisfactory level while preventing tons of form submissions from inundating the server. So anyone had this experience and resolve it in some manner? Thanks.
RE: Ayuda
Title: Ayuda tenés que ir a www.orionserver.com, ir a mailing list, ingresar tu email y presionar el botón Unsubscribe HTH Juan Pablo -Original Message-From: "Rodriguez Muñoz, Rosana" [mailto:[EMAIL PROTECTED]]Sent: Viernes, 10 de Agosto de 2001 2:37To: Orion-InterestSubject: Ayuda Hola atod@s, necesito que alguien me explique como borrarme de esta lista de distribución. Lo he intentado varias veces y me ha sido imposible. Muchísimas gracias a tod@s. -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- Rosana Rodríguez Muñoz GRUPO IBERMÁTICA Outsourcing Multisectorial Pº Mikeletegi, 5. 20009 San Sebastián (Spain) Phone: (+34) 943 413500 - Fax: (+34) 943 426393 mailto:[EMAIL PROTECTED] http://www.ibermatica.com -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
RE: increasing JVM's memory limit
I'm sorry... but... Are you really Bill Clinton? I need help with my RESIDENT VISA. > -Original Message- > From: Bill Clinton [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 26 de Julio de 2001 11:47 > To: Orion-Interest > Subject: Re: increasing JVM's memory limit > > > hm, the answer to your question has been answered > repeatedly in the > last few days. Most recently, it was answered in a post > submitted less > than an hour before yours > > Check out the thread entitled "Re: Orion Performance Testing" > > > Peter Peltonen wrote: > > > With jserv I can configure the maximum memory that the JVM > can use with this > > kind of line in jserv.properties file: > > > > wrapper.bin.parameters=-mx128m > > > > How do I achieve the same with Orion? > > > > Regards, > > Peter > >
RE: Transaction question
Bottom line... you can't do that. J2EE doesn't support nested transactions. However, this may work in orion. for info on the descriptors, check out Sun's EJB spec and orion documentation and DTD's. This is a rough draft of how it would have to look like: Transaction-handling for the SmsManager nl.unwired.sgs.sms.SmsManager Remote * Required Transaction-handling for the SmsManager nl.unwired.sgs.sms.SmsManager Remote [YOUR_METHOD_HERE] RequiresNew therefore, all methods are marked as 'Required' but [YOUR_METHOD_HERE], which is marked as 'RequiresNew' > -Original Message- > From: Eddie [mailto:[EMAIL PROTECTED]] > Sent: Martes, 24 de Julio de 2001 4:47 > To: Orion-Interest > Subject: Transaction question > > > Hellu, > > I don't know how to configure the following transaction > scenario with CMP. > Please some help or maybe a little example: > I have two bean methods: A and B. > A calls B and I want that when B throws a RemoteException > that A intercepts, > that B performs a rollback and A not ! > I know how to do that in the code (I think): A just catches the > remoteException of B and doesn't throw it outside his method. > > However how do I configure this in the xml file ?? > I now have the following in my ejb-jar.xml, which mean that > all the methods > execute in the same transaction: > > > > Transaction-handling for the > SmsManager > nl.unwired.sgs.sms.SmsManager > Remote > * > > Required > > > > As far as I understand it, I have to configure that method B has > "RequiresNew set, but how do I configure this in the xml > file, such that the > rest still use "Required" ?? > And is this the correct way to do it ?? > > Please some help as I can't find anything on the Internet > (mail-archive > etc..), > Eddie > >
RE: communication among ejbs in different applications
this is what I have in mind yourapp.ear | +yourejb1.jar +yourejb2.jar If 's are defined correctly, everything should work (works for me) > -Original Message- > From: Robert Ren [mailto:[EMAIL PROTECTED]] > Sent: Martes, 10 de Julio de 2001 18:05 > To: Orion-Interest > Subject: RE: communication among ejbs in different applications > > > Hi, Juan: > Thank for your help. > In fact, recently, we tested several combinations of App a and App b. > ( Becasue the parent attribute is only for Orion, we gave it > up.) And, also > we tested the context solution by using JNDI. > The results are : > Senario 1: > If we put the appA.jar in the classPath of appB, and put the > appB.jar in the > classpath of appA, we can pass the compiling sucessfully, but > got Class not > defined error when we tried to initialize a context in one > EJB in App A to > look up the EJB in App B; > If we forced the App A to jar with App B, so the appA-ejb.jar > file contains > both App A classes and App B classes. In this way, we did see > the all ejbs > in App B via context, but when we cast it, we got CastException error > message. > Still the old question, can we make this kind call? > > Thanks! > > Rob > > > -----Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Lorandi > (Chile) > Sent: Monday, July 09, 2001 2:20 PM > To: Orion-Interest > Subject: RE: communication among ejbs in different applications > > > first, let's get one thing out of the way: > > 'parent' attribute is a JNDI facility, no more, no less. > > there still are separate "containers" for each app (this may > not be useful > in all apps, specially since transactions may not function as > expected) > it allows for JNDI properties to propagate BOTH ways (they > always propagate > from father to son, default father being the "default-app") > > Now, this is where I was aiming to: > > have apps A, B deployed; do not use "parent" attribute. > > connect A & B apps using JNDI parameterized contexts (see > connecting from > applet, application in www.orionsupport.com) > > Pray for correct transaction enroling/2PC. > > Juan Pablo > > PS: Are you sure these errors you get are provoked by each > App correctly > 'seeing' the other? > the dump looks like a bug in orion's JMS implementation > > > -Original Message- > > From: Robert Ren [mailto:[EMAIL PROTECTED]] > > Sent: Lunes, 09 de Julio de 2001 13:47 > > To: Orion-Interest > > Subject: RE: communication among ejbs in different applications > > > > > > Hi,Juan: > > Thank you for your suggestion. > > Do you think this kind of calls will violate any J2EE specs? > > I mean that one > > ejb in parent application should have one container, and the > > ejbs in child > > app should have thire own container. So, the question: does > > this kind call > > violate any container specs? > > It's pretty interesting, in one ejb of the parent app, when a > > new context > > initialized, I already saw the all ejbs in child app, but > if I try to > > instance one of them, the ejb got removed, and the server > > complained that > > the class is not defined, although, I put the .jar file > > including all class > > in the classpath and import the ejb's remote and home > > interface also. The > > error is following: > > > > The lookup is=com.evermind.naming.MapNamingEnumeration@28c19b > > the Name is =com.qmarkets.mas.commerce.ejb.CommerceService > > > > the Name is =com.qmarkets.mas.attachments.ejb.AttachmentService > > > > the Name is =com.qmarkets.mas.product.ejb.ProductService > > > > the Name is =com.qmarkets.mas.user.ejb.UserService > > > > the Name is =com.qmarkets.mas.contact.ejb.ContactService > > > > the Name is =com.qmarkets.mas.deliveryorder.ejb.DeliveryOrderService > > > > the Name is =com.qmarkets.mas.mlcaller.ejb.MLCaller > > > > the Name is =java:comp > > > > the Name is =com.qmarkets.mas.subscriber.ejb.SubscriberService > > > > the Name is =com.qmarkets.mas.object.ejb.ObjectService > > > > the Name is =com.qmarkets.mas.permissions.ejb.PermissionService > > > > the ref object is > > Call MLQListenerBean.ejbRemove() > > MsgReceiverStartup.onMessage: RemoteException was thrown > > com.evermind.server.rmi.OrionRemoteException: Transaction was > > rolled back: > > java. > > lang.N
RE: communication among ejbs in different applications
first, let's get one thing out of the way: 'parent' attribute is a JNDI facility, no more, no less. there still are separate "containers" for each app (this may not be useful in all apps, specially since transactions may not function as expected) it allows for JNDI properties to propagate BOTH ways (they always propagate from father to son, default father being the "default-app") Now, this is where I was aiming to: have apps A, B deployed; do not use "parent" attribute. connect A & B apps using JNDI parameterized contexts (see connecting from applet, application in www.orionsupport.com) Pray for correct transaction enroling/2PC. Juan Pablo PS: Are you sure these errors you get are provoked by each App correctly 'seeing' the other? the dump looks like a bug in orion's JMS implementation > -Original Message- > From: Robert Ren [mailto:[EMAIL PROTECTED]] > Sent: Lunes, 09 de Julio de 2001 13:47 > To: Orion-Interest > Subject: RE: communication among ejbs in different applications > > > Hi,Juan: > Thank you for your suggestion. > Do you think this kind of calls will violate any J2EE specs? > I mean that one > ejb in parent application should have one container, and the > ejbs in child > app should have thire own container. So, the question: does > this kind call > violate any container specs? > It's pretty interesting, in one ejb of the parent app, when a > new context > initialized, I already saw the all ejbs in child app, but if I try to > instance one of them, the ejb got removed, and the server > complained that > the class is not defined, although, I put the .jar file > including all class > in the classpath and import the ejb's remote and home > interface also. The > error is following: > > The lookup is=com.evermind.naming.MapNamingEnumeration@28c19b > the Name is =com.qmarkets.mas.commerce.ejb.CommerceService > > the Name is =com.qmarkets.mas.attachments.ejb.AttachmentService > > the Name is =com.qmarkets.mas.product.ejb.ProductService > > the Name is =com.qmarkets.mas.user.ejb.UserService > > the Name is =com.qmarkets.mas.contact.ejb.ContactService > > the Name is =com.qmarkets.mas.deliveryorder.ejb.DeliveryOrderService > > the Name is =com.qmarkets.mas.mlcaller.ejb.MLCaller > > the Name is =java:comp > > the Name is =com.qmarkets.mas.subscriber.ejb.SubscriberService > > the Name is =com.qmarkets.mas.object.ejb.ObjectService > > the Name is =com.qmarkets.mas.permissions.ejb.PermissionService > > the ref object is > Call MLQListenerBean.ejbRemove() > MsgReceiverStartup.onMessage: RemoteException was thrown > com.evermind.server.rmi.OrionRemoteException: Transaction was > rolled back: > java. > lang.NoClassDefFoundError: com.qmarkets.mas.user.ejb.UserServiceHome > at > MLQListener_StatelessSessionBeanWrapper2.onMessage(MLQListener_Statel > essSessionBeanWrapper2.java:83) > at > com.qmarkets.ml.qlistener.client.QListenerClient.onMessage(QListenerC > lient.java:103) > at > progress.message.jclient.Session.ew_(progress/message/jclient/Session > .java:1313) > at > progress.message.jclient.QueueSession.run(progress/message/jclient/Qu > eueSession.java:623) > at > progress.message.jclient.sl.run(progress/message/jclient/Session$Sess > ionThread.java:1240) > > Nested exception is: > java.lang.NoClassDefFoundError: > com.qmarkets.mas.user.ejb.UserServiceHome > at > com.qmarkets.ml.qlistener.ejb.MLQListenerBean.class$(MLQListenerBean. > java:23) > at > com.qmarkets.ml.qlistener.ejb.MLQListenerBean.onMessage(MLQListenerBe > an.java:89) > at > MLQListener_StatelessSessionBeanWrapper2.onMessage(MLQListener_Statel > essSessionBeanWrapper2.java:53) > at > com.qmarkets.ml.qlistener.client.QListenerClient.onMessage(QListenerC > lient.java:103) > at > progress.message.jclient.Session.ew_(progress/message/jclient/Session > .java:1313) > at > progress.message.jclient.QueueSession.run(progress/message/jclient/Qu > eueSession.java:623) > at > progress.message.jclient.sl.run(progress/message/jclient/Session$Sess > ionThread.java:1240) > > Thanks! > > Rob > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Lorandi > (Chile) > Sent: Friday, July 06, 2001 12:43 PM > To: Orion-Interest > Subject: RE: communication among ejbs in different applications > > > Robert, the parent attribute is only available in Orion AFAIK. > > All you need is to setup wire protocols properly. Most are > RMI based (like > JRMP), and
RE: communication among ejbs in different applications
Robert, the parent attribute is only available in Orion AFAIK. All you need is to setup wire protocols properly. Most are RMI based (like JRMP), and also, each app server uses its own (ORMI, for instance). Similary, IIOP may be available. HTH JP > -Original Message- > From: Robert Ren [mailto:[EMAIL PROTECTED]] > Sent: Viernes, 06 de Julio de 2001 13:43 > To: [EMAIL PROTECTED] > Subject: communication among ejbs in different applications > > > Hi, > Is there anybody had the experience to use EJB A in App 1 to > call EJB B in App 2, as long as EJB C in App 2 to call EJB D > in App 1. The half of the solution is to use the parent > attribute in application tag ( one-way), but I also need > another half to form a two-way communication. > I tried to parent each other, but failed. I tried to use RMI, > but it did not work either. > Any suggestion will be highly appreciated! > > Have a nice weekend! > > Robert Ren > > == > = > To unsubscribe, send email to [EMAIL PROTECTED] and > include in the body > of the message "signoff EJB-INTEREST". For general help, > send email to > [EMAIL PROTECTED] and include in the body of the message "help". > > > __ > __ > For your protection, this e-mail message has been scanned for Viruses. > Visit us at http://www.neoris.com/ >
RE: Data source for Sybase with Jconnect 5.2
datasource:
sample of use:
java.sql.Connection conn=null;
try {
javax.naming.Context ic = new javax.naming.InitialContext();
javax.sql.DataSource ds = (javax.sql.DataSource)
ic.lookup("java:comp/env/jdbc/SybasePDS");
//acquire conn
if (conn==null) conn = ds.getConnection();
...
//use connection
...
} catch (Exception e) {
//handle error
...
} finally {
//close conn
if (conn!=null) conn.close();
conn = null;
}
The try-catch-finally is there to ensure errors don't leave connections
hanging loose(they would not be returned to the pool, but finally fail due
to timeout)
HTH
JP
> -Original Message-
> From: Boris Erukhimov [mailto:[EMAIL PROTECTED]]
> Sent: Miércoles, 04 de Julio de 2001 3:51
> To: Orion-Interest
> Subject: Data source for Sybase with Jconnect 5.2
>
>
> I'm trying to ask it second time.
>
> Does anyone use Jconnect 5.2 ?
> If so could you please share your data-source.xml and access code.
> I'm particularly interested to see how "pooled-location" works, not
> "ejb-location".
>
> Thanks
> ~boris
>
RE: Simple Clustering Question
you need a switch which has multicast enabled; (most ethernet switchs have this capability, some just don't have it enabled) > -Original Message- > From: Oisin Kim [mailto:[EMAIL PROTECTED]] > Sent: Sábado, 09 de Junio de 2001 10:11 > To: Orion-Interest > Subject: Simple Clustering Question > > > Hi, > > I've spent the last while trying to get clustering to work > with orion server > 1.5.2 without success. First I tried to follow the instructions at > http-clustering-howto.html from the documentation, it said: > Setting up the server > > 1. Install orion and start it. > > 2. Edit the > orion/application-deployments/default/defaultWebApp/orion-web.xml > file and add: > > > 3. Repeat 1 and 2 for another (or more) box(es). > > But when I tried to connect to the server, the server let me > know that the > file /orion/default-web-app/WEB-INF/web.xml hadn't got the tag > in it. > > I then added this tag to all servers > /orion/default-web-app/WEB-INF/web.xml > file in the cluster, and tried again, this time they actually ran the > SessionServlet but as if they were being run individually, > i.e. the session > wasn't shared as it was supposed to be, I did remember to append > ;jsessionid= > to it and tried both leaving the angle brackets in and out. > > I know I must be doing some thing wrong but I can't find it, > I'd really > appreciate some help. > > I noticed in the http-clustering.html that in the clustering > it mentions the > default for multicast host/ip to transmit and receive cluster > data on is > 230.0.0.1, port number 9127, does this mean I have to have a > network card > listening on this IP/port? > > What exactly is a network with operational multicast > facilities, is plain > 100Mbs ethernet running on linux OK? > > Thanks, > Oisin >
RE: java.lang.OutOfMemoryError;
inline > -Original Message- > From: Puthezhath, Rajeev (TWII Boston) [mailto:[EMAIL PROTECTED]] > Sent: Viernes, 08 de Junio de 2001 14:42 > To: Orion-Interest > Subject: java.lang.OutOfMemoryError; > > > Hi , > > We get java.lang.OutOfMemoryError; on production server > frequetly.I > know this problem was discussed in this list before. I > implemented all the > sugestions in this mailing list but still the error keeps on > coming .I would > like to know the following > > 1) As an answer to the above mentioned problem I saw a > sugestion in > this mailing list to limit the # of instances by adding max-instances > attribute to orion-ejb-jar.xml which would force orion to > passivate less > used beans.I downloaded orion 1.5.2 and set the same.But observed that > passivation is never called. Is there a way to make sure that orion > passivates beans which are not used . > > 2) Some people have mentioned increasing the memory. > Has any body > tried this solution and i would like to know whether the problem got > solved.How can I increase the memory ? first, by hardware (buy some chips), secondly, by specifying a minimun/maximun heap size of the JVM when you invoke it these are the ones I use (W2K, Sun's JVM 1.3.0) -Xms128m (minimun heap size 128 MB) -Xmx320m (maximun heap size 320 MB) > > 3)Has anybody solved this problem ? No. There´s always a limit to the amount of memory available on any given system ;-) Let's hope that(buggy orion code) gets fixed soon- don't forget to cast your vote on Bugzilla, that is, if vote casting is finally enabled > > Any sugestions > > Thanks in advance > > Regards > > Rajeev >
RE: proxying orion with IIS or iPlanet Web Server
then again, you could build your own ISAPI filter -Original Message-From: Lachezar Dobrev [mailto:[EMAIL PROTECTED]]Sent: Miércoles, 30 de Mayo de 2001 6:36To: Orion-InterestSubject: Re: proxying orion with IIS or iPlanet Web Server Frankly? Apache is better connected to Tomcat... Faster, and there is no need for those... URL rewrites and so on... Also... I can have the users authenticated at the apache side. I get the username and security things from the apache directly. Quite handy you know... Orion is not so good at handling Apache requests. and if you plan to use prive IPs (like having Apache run on the firewall machine...) than you'll be very sorry... Like I was, because there is a SIGNIFICANT delay while Apache servers the requests, I'm not sure why. I guess it's something to do with the DNS resolving... However... Having Win2k as a firewall/router/Apache server is not the best solution... Believe me. If it was to me... I'll get a SlackWare to do the server job... But it's not up to me... :( Tomcat uses some different protocol to serve requests to Apache (APJ). Well... You can still use Tomcat as HTTP request server, but... Better not :) same goes to Orion. May the shade of the tree strengthen you. Sincerely yours: Lachezar - Original Message - From: Patrik Andersson To: Orion-Interest Sent: Wednesday, May 30, 2001 10:32 AM Subject: SV: proxying orion with IIS or iPlanet Web Server Just for the sake of asking, why do you have tomcat serving jsp/servlets and orion serving ejbs if they're both running on the same machine? For me, that sounds like asking for extra maintenance trouble. And another thing, from having one "single point of failure" you now have 3. If either one if these three applications decide to call it a day your whole application dies and that goes for having two machines running different software aswell. Why not use two or three machines all running orion and having them split the workload by clustering them? regards, Patrik -Ursprungligt meddelande-Från: Lachezar Dobrev [mailto:[EMAIL PROTECTED]]Skickat: den 30 maj 2001 08:50Till: Orion-InterestÄmne: Re: proxying orion with IIS or iPlanet Web Server Hya... Got a reply for you :). I use Apache as a front-end server. I use Orion to store my EJBs, and I use Jakarta-Tomcat to deploy servlets and JSPs. Just put the Tomcat and Orion on one and the same machine, start tomcat with a classpath, that includes the jars of the Orion server. Put a jndi.properties file somewhere (probably the web-inf/classes directory) and specify the jndi properties as for a remote application: java.naming.factory.initial=com.evermind.server.rmi.RMIInitialContextFactory java.naming.provider.url=ormi://127.0.0.1/ java.naming.security.principal= java.naming.security.credentials= Than you can safely read the Apache-Tomcat connectivity issues. I have used this with IAS instead of orion also. It worked. Apache and Tomcat are "cheaper" than other web servers :) May the shade of the tree strengthen you. Lachezar - Original Message - From: "Andrew Diederich" <[EMAIL PROTECTED]> To: "Orion-Interest" <[EMAIL PROTECTED]> Sent: Wednesday, May 30, 2001 12:46 AM Subject: RE: proxying orion with IIS or iPlanet Web Server > I was afraid of that -- ISA is a minimum of $1,500. An expense for the free> webserver. I'll look into, iWS, but since iPlanet sells a proxy server,> too, I bet their webserver won't do it be default, either. Ah, well. > > Does this mean folks using Orion on NT/Win2k put Orion in their DMZ?> > --> Andrew> > -Original Message-> From: Juan Lorandi (Chile) [mailto:[EMAIL PROTECTED]]> Sent: Monday, May 28, 2001 13:40> To: Orion-Interest> Subject: RE: proxying orion with IIS or iPlanet Web Server> > > Dig into ISA server, It's the M$ reversed proxy solution. Or else, go into> the ISAPI filter world (best of luck)> > JP> >
RE: bugs in <@page extends="...."> in Orion implementation?
take a look at the generated .java file created with your servlet template(JSP) you'll see that many of the features orion implements (session, page, context var) is made at this time. what you propose is walking around the spec, so your jsp pages will depend on how orion translates them into a servlet, thus rendering them not portable across web servers. Anything you can accomplish by using this new base class, can be accomplished by either using filters or by implementing your own security and session management thru Orion UserManager and HTTPSessionManager. Tough the earlier can be plugged in seamlessly, the latter doesn't have a configuration tag that allows it. The interface, however, is available since version 1.4.5 at least, and Orion uses it internally with two implementations, normal session and clustered sessions. I agree with you that the feature should be there, but it would be necessary only to work around (transient) web server limitations, and render the code unportable. It should be in orion, but must be used wisely. JP > -Original Message- > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > Sent: Miércoles, 30 de Mayo de 2001 3:29 > To: Orion-Interest > Subject: RE: bugs in <@page extends=""> in Orion implementation? > > > Hi Juan > > I get your point about multiple inheritance, but say the web > server would > like all JSP pages to extend from class WebServerXYZPage, > then one could > just create a class which extends this web server class so that > > The JSP page EXTENDS MyClass which EXTENDS WebServerXYZPage > > This way, the web server has got room for its callbacks. Of > course, this > gives you a very tight coupling to the web server product > (wherefore I for > one would not use it), but I still don't see why this is not > possible with > Orion - I have been told that other EJB servers support this. > > > Yours > Randahl > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Lorandi > (Chile) > Sent: 29. maj 2001 22:45 > To: Orion-Interest > Subject: RE: bugs in <@page extends=""> in Orion implementation? > > > I believe this could be better modeled differently, because > it leaves no > room for the web server to implement its callbacks and java > doesn't support > multiple inheritance. > > > -Original Message- > > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > > Sent: Martes, 29 de Mayo de 2001 3:01 > > To: Orion-Interest > > Subject: RE: bugs in <@page extends=""> in Orion implementation? > > > > > > Well, can anyone confirm that JSP pages can extend your own > > class when using > > Orion??? Or has noone been able to use "@page extends"? > > > > I see many good reasons for implementing your own super class > > for your JSP > > pages. For instance, such a superclass could do logging of > all client > > activities or it could do security checking. > > > > > > Randahl > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of Robert > > Nicholson > > Sent: 25. maj 2001 21:15 > > To: Orion-Interest > > Subject: RE: bugs in <@page extends=""> in Orion implementation? > > > > > > It's doing you a favour.Please elaborate on why you want to extend > > that class. > > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > Jiuyun Wang > > > Sent: Friday, May 25, 2001 9:20 AM > > > To: Orion-Interest > > > Subject: Re: bugs in <@page extends=""> in Orion > implementation? > > > > > > > > > It doesnot work, not matter which one (servlet/jspbase) I > extends my > > > jsp, orion jsp compiler just don't support extends > > > > > > -Jiuyun > > > --- SCOTT FARQUHAR <[EMAIL PROTECTED]> wrote: > > > > It looks like your page should extend servlet and not jsppage. > > > > > > > > Just change JSPBase to extend servlet (and make the required > > > > changes). > > > > > > > > I haven't read the spec, but I imagine that extending > > > > OrionHttpJspPage is proprietary, and would not be part of > > the spec. > > > > > > > > Scott > > > > > > > > >>> [EMAIL PROTECTED] 05/23/01 05:42am >>> > > > > I create a class cal
RE: bugs in <@page extends="...."> in Orion implementation?
I believe this could be better modeled differently, because it leaves no room for the web server to implement its callbacks and java doesn't support multiple inheritance. > -Original Message- > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > Sent: Martes, 29 de Mayo de 2001 3:01 > To: Orion-Interest > Subject: RE: bugs in <@page extends=""> in Orion implementation? > > > Well, can anyone confirm that JSP pages can extend your own > class when using > Orion??? Or has noone been able to use "@page extends"? > > I see many good reasons for implementing your own super class > for your JSP > pages. For instance, such a superclass could do logging of all client > activities or it could do security checking. > > > Randahl > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Robert > Nicholson > Sent: 25. maj 2001 21:15 > To: Orion-Interest > Subject: RE: bugs in <@page extends=""> in Orion implementation? > > > It's doing you a favour.Please elaborate on why you want to extend > that class. > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > Jiuyun Wang > > Sent: Friday, May 25, 2001 9:20 AM > > To: Orion-Interest > > Subject: Re: bugs in <@page extends=""> in Orion implementation? > > > > > > It doesnot work, not matter which one (servlet/jspbase) I extends my > > jsp, orion jsp compiler just don't support extends > > > > -Jiuyun > > --- SCOTT FARQUHAR <[EMAIL PROTECTED]> wrote: > > > It looks like your page should extend servlet and not jsppage. > > > > > > Just change JSPBase to extend servlet (and make the required > > > changes). > > > > > > I haven't read the spec, but I imagine that extending > > > OrionHttpJspPage is proprietary, and would not be part of > the spec. > > > > > > Scott > > > > > > >>> [EMAIL PROTECTED] 05/23/01 05:42am >>> > > > I create a class called JSPBase class which extends > OrionHttpJspPage, > > > and I put the <@ page extends="packagename.JSPBase"> in > my JSP file. > > > however, orion give the following error: > > > > > > Superclass of the JSP page does not implement > Servlet, invalid > > > extends attribute. > > > > > > Does orion implement <@page extends> correctly? > > > > > > Any clarification? > > > > > > -Jiuyun > > > > > > > > > __ > > > Do You Yahoo!? > > > Yahoo! Auctions - buy the things you want at great prices > > > http://auctions.yahoo.com/ > > > > > > > > > > > > > > > = > > Jiuyun Wang M.Sc. of Computer Sciences > > Sun Certified Programmer for Java 2 Platform > > IBM Certified Solution & Enterprise Developer > > Phone: 919-696-0419(cel) > > Email: [EMAIL PROTECTED] > > > > __ > > Do You Yahoo!? > > Yahoo! Auctions - buy the things you want at great prices > > http://auctions.yahoo.com/ > > > >
RE: proxying orion with IIS or iPlanet Web Server
Dig into ISA server, It's the M$ reversed proxy solution. Or else, go into the ISAPI filter world (best of luck) JP > -Original Message- > From: Andrew Diederich [mailto:[EMAIL PROTECTED]] > Sent: Viernes, 25 de Mayo de 2001 16:37 > To: Orion-Interest > Subject: proxying orion with IIS or iPlanet Web Server > > > Folks, > > I've been able to make proxying work with apache, but I > wanted to know if > you could do the same thing with either IIS or iWS 4.1. I was fooling > around with redirects in IIS, but they seem to be truly > redirects, and not > proxy passthroughs. Has anyone accomplished this successfully? > > -- > Andrew Diederich >
RE: Serious problem with Orion transaction processing: multiple c onnecti
This is most likely caused by Orion not recognizing transaction affinity. CMP connections are taken from ejb-location, and the other connections you're using are from either the non transactional pool (location) or XA (xa-location). These pools are unaware of each other. Also, TX affinity is handled on a per thread basis, so issuing JDBC commands directly from the Web Server won't enrole these within the same transaction as the ones fired from the app-server. Eduardo, if you can ellaborate further, we can provide more assistance (and gain some know how in the process ;-) JP > -Original Message- > From: Andre Vanha [mailto:[EMAIL PROTECTED]] > Sent: Viernes, 25 de Mayo de 2001 14:15 > To: Orion-Interest > Subject: RE: Serious problem with Orion transaction > processing: multiple > c onnecti > > > Interesting problem. It could be that there is a bug in > orion, but since > this problem is so likely to happen anytime you use multiple > connections I > would suspect the problem was taken care of. > > A couple of hints: > > From which context are you executing your JDBC calls? > Servlet or EJB? How > are you retrieving the connection? Dirver Manager or JNDI? > You should be > using JNDI, and if you are, you should be using the > EJBPooled location, to > ensure transactional integrity with CMP transactions. Also if you are > executing JDBC calls from EJB, you should be defining and > using a resource > reference in your assembly descriptor. > > Andre > > > > -Original Message- > From: Eduardo Estefano [mailto:[EMAIL PROTECTED]] > Sent: Friday, May 25, 2001 9:49 AM > To: Orion-Interest > Cc: Orion-Interest (E-mail) > Subject: SV: Serious problem with Orion transaction > processing: multiple > c onnecti > > > Using 1.4.5 with Oracle 8i and jdk1.3.1 > > The problem we are finding is that when orion starts a > transaction, it does > not necessarily executes all DB commands within the same database > transaction. > > The end result is a deadlock in the database. > > I'm having a problem executing a delete command that does a > delete on child > tables using JDBC and finally, a delete in the parent table using > entityBean.remove(). > > I tested the code two ways. > > The first, with no constraints on the database and the delete > works fine. > > The second, with foreign key constraings, causes a deadlock, where the > parent delete is waiting on the child deletes to commit. But > this commit > will not happen until the parent is deleted. > > I was able to duplicate the problem manually, opening two > connections to the > database and issuing SQL statements. Off course, if I was doing this > manually, I would put both statements in the same transaction. > > Here are my questions now: > - Is it not allowed in EJB to mix JDBC and CMP Entity calls in the > same transaction? > >
RE: Orion 1.5.0? Where do you download it from?
anyway, you can download the latest orion.jar from http://www.orionserver.com/orion/orion.jar > -Original Message- > From: Ganasen Gounden [mailto:[EMAIL PROTECTED]] > Sent: Miércoles, 23 de Mayo de 2001 7:59 > To: Orion-Interest > Subject: Re: Orion 1.5.0? Where do you download it from? > > > Thanks for all many response. What a great community!!! > > Unfortunately for me "java -jar autoupdate.jar" does not > work because I am behind a firewall. > Orionsupport.com says that if you're behind a proxy, as many > users are, you'll need to specify some extra parameters, as so: > > java -DproxyHost=[proxy name] -DproxyPort=[proxy port] -jar > autoupdate.jar > > My firewall address in ie5.5 is http://firewall:8000/proxy.pac. > However I am not quite sure of how to specify the [proxname] > and [proxy port]. > > I tried a few commands as follows but failed. > java -DproxyHost=http://firewall:8000/proxy.pac > -DproxyPort=8000 -jar autoupdate.jar > java -DproxyHost=[http://firewall:8000/proxy.pac] > -DproxyPort=[8000] -jar autoupdate.jar > java -DproxyHost=[http://firewall:8000/proxy.pac] > -DproxyPort=[80] -jar autoupdate.jar > java -DproxyHost=http:firewall -DproxyPort=8000 -jar autoupdate.jar > java -DproxyHost=firewall -DproxyPort=80 -jar autoupdate.jar > etc > > Could someone please give me the correct format. > > Many thanks > > > > Gan Gounden > City of Cape Town > Ph (021) 400-2174 > Fax (021) 425-1096 > Cell 083-63-59-268 > e-mail: [EMAIL PROTECTED] > > > > > ** > Any unauthorized use and interception of this e-mail is illegal. > If this e-mail is not intended for you, you may not copy, > distribute or disclose the contents to anyone. This e-mail > does not give rise to any binding legal obligations upon the > City of Cape Town unless the City of Cape Town subsequently > confirms the content in writing non-electronically. This e-mail > may be confidential, legally privileged or otherwise protected > by law. Unauthorised disclosure or copying of any or all of it > may be unlawful. If you receive this e-mail in error please notify > the sender and delete the message > > ** >
RE: PetStore - Session State in a Cluster
FACT: Orion's HTTP clustering won't work unless the web site is default-web-site. also, session replication in orion(at least, 1.4.7, which is the version I've used) does survive well server crashes, but not server restarts. I'll explain Environment with a redirector (R) and two orion boxes (A & B) session values are replicated. server B goes down server A performs (session values are used) server B goes live again sessions on server A aren't replicated in server B. However, any attributes set in A(setAttribute() ), will be replicated to B in realtime. So, there's an amount of time, when crashed servers go back online, in which they have partial or no session status replication. This is observable when using any tipe of redirector, either software(LoadBalancer) or hardware(Cisco Redirector, Foundry Iron). This could be solved(not easily tough) with a synchronization instance in which server B should get a the bulk of all session state in server A, then proceed normally. Along this line, but diverting, the logged user is replicated only when the user logs in, so sessions in B after the restart have no identity information, which will eventually trigger a login page to be displayed. These issues tend to get worse as the island size(box count) increases. Orion does have a HTTPSessionManager interface exposed as public. It allows Orion to implement a 'normal' HTTPSession and a ClusteredHTTPSession transparently, and is used internally when some attributes are on appropiate xml files (ref: ); I'd wish there was a tag on orion-application.xml that could allow a personalized class which implements HTTPSessionManager to be used, a la UserManager, so some of these problems (and others that arise with mixed sites that use non secure and secure portions) could be worked around without giving up many of orion's session managing abilities(URL rewriting, Management of sessions with the console and so on) My 2c, JP PS: I'm forwarding this to Karl to be entered in the wishlist. > -Original Message- > From: Marcel Schutte [mailto:[EMAIL PROTECTED]] > Sent: Lunes, 21 de Mayo de 2001 5:48 > To: Orion-Interest > Subject: RE: PetStore - Session State in a Cluster > > > My guess is you stumbled upon a mismatch between the servlet and jsp > specifications: a container needs some way to decide when to > replicate a > session to a cluster. In Orion and Weblogic this is done when > session.setAttribute() is called. This works fine for things like the > SessionServlet. > > In jsp's with the tag, > setAttribute is > only called upon creation of the bean class. Modifications to > the session > state are done through calls on the bean class. This doesn't > trigger session > replication because the container doesn't know about the change. > > Marcel > > > Hi, > > > > I have the (J2EE Blueprint) PetStore application clustered on > > two Orion > > instances running on the same machine. > > > > When I connect through the LoadBalancer, I can see my session > > state get > > replicated across the two nodes. When I kill the primary > > node, the load > > balancer automatically connects me to the secondary node > and takes me > > through the rest of the shopping cart experience, however any > > items I had in > > my cart (ie. Session state!) aren't there anymore. > > > > I know that for clustering to work, objects should be > > Serializable AND > > placed in the session/servlet context for it to be > > replicated. So my *real* > > questions are: > > > > 1) I haven't dived into the PetStore code - but is this a > > design issue with > > the PetStore or do I need some configuration pointers? > > > > 2) Has ANYBODY got PetStore working properly in a Clustered > > environment > > where you can kill the primary server and continue shopping > > (with your > > existing cart) on the secondary node? > > > > My Environment:Win2K, JDK 1.3, PetStore 1.1.2, Orion 1.4.5 > > > > NB: The SessionServlet example works FINE for me. When the > > primary goes > > down, the secondary node picks up with the same counter > > number as before the > > failure. > > > > __ > > ___ > > Get Your Private, Free E-mail from MSN Hotmail at > http://www.hotmail.com. > > >
RE: ssl and recent posts
inline > -Original Message- > From: elephantwalker [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 18, 2001 2:11 PM > To: Orion-Interest > Subject: ssl and recent posts > > > Group, > > Calm down everybody. We all have the same interests here...we > use orion, a > great j2ee server, and we use the latest j2ee technologies. > Nobody believes > that national origin has anything to do with anything, except > where we pay > our taxes. > > There may have been a post by somebody, who jokingly said something or > other...but nobody really believes that they REALLY believe that. > > I have a two questions: > > 1. If you have a website with SSL, you will necessarily have > different urls > for the secure part of the site. Is it better to run the ssl > on a separate > machine, or should we use a virtual host for the separate url > on the same > machine, and let the load balancer take care pushing the > requests around? > No, SSL requires a different HTTP Listener; you'll have to add a new web-site.xml listening on port 443, and make a reference to it on server.xml; I suggest you go to orionsupport.com and check out their HOW-TO on the subject > 2. So far I have only seen two places to get CA certificates > for the secure > site, Verisign and Tharwte. Are there other alternatives in > the states for > strong ssl certificates? If you are using Internet Explorer, try Tools|Internet Options, select the Content tab, then click on the Certificates button. It'll show you all the Root CA certificates it trusts; I don't remember Netscape's shortcut, but it has similar functionality (or even better; they came up with SSL in the first place). I see GlobalSign, GTE, SecureNet, UTN, along the more familiar ones. > > Regards, > > The elephantwalker > >
RE: How to enable UserManager support for arbitrary user...
As noted in previous posts, You wouldn't need to make a lot of what you write. The User field of HTTPSessions is undocumented BECAUSE it should(as per the spec) be transparent. Orion usually creates a session implicitly, that is, a session exists even if you still haven't authenticated. However, resource constraints require authentication, and that auth is stored for convenience reasons into HTTP sessions. SOAP is really a good option. Apache's SOAP is based on soap4j, originally made in IBM by the same guy that did XML-RPC; Don Box, the ultimate COM evangelizer is behind it, it is a IETF controlled protocol (so there's less vendor lockout liability than with J2EE itself, as it's all the time under Sun's control). Anyway, I'd go for it if services to be provided are really complicated (number of services and parameters in them), and, SOAP or not, you'd be better off constructing some proof of concept samples. Here's what I'd do: 1. A initiate.jsp with two purposes: a. Obtain a session id b. Set a user's identity (a) is accomplished by orion automatically. In every JSP page, there's a 'session' variable wich holds a javax.servlet.http.HTTPSession instance (it may be an simple implementation or a clustered one, with all of orion's http session clustering features built in) (b) is accomplished by using RoleManager.login(username, password) method sample of invocation: HTTP GET: GET /[YOURAPPPATHHERE]/initiate.jsp?username=JPLorandi&password=rambalanga on the response header you'd get a cookie(it wouldn't disable them) Set-Cookie: JSESSIONID=JGASDHUIGSAIAIHBH (or something along these lines) from here on, every request posted should either (a) contain on its header a cookie field: Cookie: JSESSIONID=JGASDHUIGSAIAIHBH (b) be URL rewritted (postfix to the URL): ;jsession=JGASDHUIGSAIAIHBH example: http://[YOURHOST]/[YOURAPPPATHHERE]/[a-given-action-page]?param1=somevalue;j sessionid=JGASDHUIGSAIAIHBH No need to set form auth, but even if you want to do it, just leave initiate.jsp unprotected(i.e.: not in any resource collection), both (browser based form auth & VB client auth) will work just fine. I hope this, altough may not solve Alex's at-hand problem, will help someone. I sure would have liked someone gave this explanation to me instead of having to decompile all orion to find out how the GHU"$%"@ it works. Regards, JP > -Original Message- > From: Alex Paransky [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 16, 2001 4:47 PM > To: Orion-Interest > Subject: RE: How to enable UserManager support for arbitrary user... > > > I belive we *are* using Orion/J2EE sessions. We are not > doing any of our > own session management stuff. All our HTTP session is done > through standard > J2EE interfaces. > > You mentioned that there is a field in the HTTPSession that > we can set to > tell Orion what user is using this session? Is this > documented anywhere on > the Orion site? If not, can you give a little more detail on > this field. > What type of object should be stored into this attribute. As > I understand > it, after an object is stored into this "user" attribute in > the session, > Orion will use a UserManager to validate and retrieve group/rights > information about this user for every HTTP call. So all I > would have to do > then, is write my own custom, UserManager and tell Orion to use it. > > Thanks for your help, I think I am getting closer, here is > what I plan to > do: > > 1. Create a specific login .JSP page which will: >a. validate the user >b. create a session >c. configure the "user" attribute to the user object >d. return session id to the client > > 2. Client passes the session id on every call as a part of the url > > Again, the only part of the above which I am not sure about is 1c... > > Thanks. > -AP_ > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Lorandi > (Chile) > Sent: Monday, April 16, 2001 11:26 AM > To: Orion-Interest > Subject: RE: How to enable UserManager support for arbitrary user... > > > Alex, I have a few questions and comments, > > 1. Which HTTPSession are you using? Orion's or your own? I recommend > Orion's, tough one on the developments here uses a home-brewn session > management. This forces us to include a few lines of code > (with a taglib) in > almost every page. Also, this renders Orion's J2EE security > useless (Orion's > HTTPSession has a User field where it stores either null (not > authenticated) > or a User reference to know the session Identity. > 2. How are you authenticating a us
RE: How to enable UserManager support for arbitrary user...
Alex, I have a few questions and comments, 1. Which HTTPSession are you using? Orion's or your own? I recommend Orion's, tough one on the developments here uses a home-brewn session management. This forces us to include a few lines of code (with a taglib) in almost every page. Also, this renders Orion's J2EE security useless (Orion's HTTPSession has a User field where it stores either null (not authenticated) or a User reference to know the session Identity. 2. How are you authenticating a user? I presume you aren't right now. I would go with this: a. A Custom UserManager(for DB persistence, kinda like DataSourceUserManager, but yours) b. No custom SessionManager. (Orion has this declared as a public interface, but has no means to know which is the desired implementation; pity, session management,URL rewriting, and session + auth integration is not complaint to standards but purely propietary) c. a custom login action jsp/servlet. It takes username and password paramters and returns a session ID; this might be a cookie or URL rewriting (you can disable cookies in orion-web.xml) d. every new call has either a cookie field set on the HTTP header or a URL rewrite in the form of: http://somehost/somepath/somepage.jsp?a_Whole_Lotta_Params;jsessionid=SOMESE SSIONID That's it. 3. Are the client and the server in a LAN? Why not using JIntegra, J2EE CAS or SOAP4j + SOAP Toolkit to integrate them? I think basically your problem is that your HTTP Session is propietary and not seamlessly integrated with Orion. All we all would need to implement a SessionManager of our own without recompiling Orion is a SessionManager tag much like the UserManager tag in orion-application.xml. Then whenever a custom SessionManager is needed(in our case, to share sessions between Orion and IIS) would benefit of many neat things orion does, such as automatic URL rewriting, transparent session management(the session object available in JSP) and declarative security, to name a few. My 2c, JP > -Original Message- > From: Alex Paransky [mailto:[EMAIL PROTECTED]] > Sent: Sunday, April 15, 2001 1:03 AM > To: Orion-Interest > Subject: RE: How to enable UserManager support for arbitrary user... > > > Here is the problem that I am not sure how to really fix. > > Our EJB application is wrapped with a number of "command" > URL's which return > XML results. For example: > http://localhost/getAccountInformation.jsp?account=2234 would > return an XML > representation of an account. An > http://localhost/addUserToAccount?account=2234&userName=test.. > . would add a > user to a particular account. A Visual Basic client, then uses these > "command" URLs and resulting XML to present a user interface. > > Given the above scenario, what would be your recommendation for > authenticating the user starting right after I accept the > user/password from > the VB form (I don't much care for VB specifics, just the > part which deals > with EJB/JSP/J2EE security). > > After accepting user authentication information from a VB dialog, what > should I do next. How do I get this information "registered" > with Orion or > any j2ee application server so that the deployment descriptor > information > works correctly. > > Is this the way J2EE security was meant to be used. A non super-user > account, cannot execute a setSuperuser(boolean) function on > the User bean. > Is this how I should be controlling this? Is this the proper > method? I was > reading the J2EE EJB spec which states that coding security > should be the > last resort. > > I am not clear on how to execute the above scenario. > > Thanks to all the people who have already posted in regards > to this issue. > > -AP_ > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Jeff Schnitzer > Sent: Friday, April 13, 2001 10:09 PM > To: Orion-Interest > Subject: RE: How to enable UserManager support for arbitrary user... > > > I suggest using an MVC (aka "Model 2") approach, separating your view > from your controller. One of the controller's responsibilities can be > to check for authentication and provide to the user either > the requested > page or the login page. > > If you use a dispatcher-servlet-action framework for your controller, > you typically will only need to put the authentication > checking code in > a base action class from which all protected action classes > derive. If > you use JSPs as controllers you'll need some sort of code in every one > (you can use @include for this). > > You will be much happer if you use an MVC appraoch, trust me. > The J2EE > automatic form-based authentication is very crude and fails to > accomodate simple use cases like automatically logging in new users. > > You might want to look at WebWork: > http://www.sourceforge.net/projects/webwork. > > BTW, if you use the Orion UserManager (and RoleManager), you > should not > do your o
RE: Usage of the Service console...
I use the console for remote monitoring, and shutdown. I also use the console to remote monitoring of sessions. DB support is now available (I'm using Orion 1.4.7) so I touch records if needed. Editing user profiles is built in, also, but relatively buggy. It's helpful, if you don't get your hopes too high. JP > -Original Message- > From: Jeff Schnitzer [mailto:[EMAIL PROTECTED]] > Sent: Saturday, April 14, 2001 1:32 AM > To: Orion-Interest > Subject: RE: Usage of the Service console... > > > My advice is to ignore all the GUI tools that come with Orion > and stick > to Ant as a build-and-deploy tool. > > It is my strong suspicion that nobody is using, testing, or actively > developing the GUI tools. It is my personal opinion > (probably shared by > many on this list) that this is a good thing. I would rather see the > Orion team's limited resources focused on the server core. > > Not that I think pretty GUI tools don't have a place, but there really > is no limit to the amount of time one can sink into getting a GUI app > working properly. Ant works just fine. > > Jeff > > >-Original Message- > >From: Chaya Ramanujam [mailto:[EMAIL PROTECTED]] > >Sent: Thursday, April 12, 2001 12:10 PM > >To: Orion-Interest > >Subject: Usage of the Service console... > > > > > >I've been playing with the Service console. It took me way > longer to > >create, install and deploy a J2ee app using the console than > >it did when I > >did everything myself on the command line (creating the directory > >structures, creating very simple deployment descriptors, > >creating the jar > >and war files and finally editing the server.xml and > >default-web-site.xml > >files). > > > >I know the console is said to be "alpha" quality - but was > >just curious - is > >any one out there using the console on a regular basis? Do > >you find it > >really useful? In what scenarios do you find this more > useful - while > >creating and deploying apps or for monitoring or for > redeploying apps? > > > >There seems to be a great deal of functionality in the > >console, however the > >lack of documentation/help is a big drawback. > > > >--Chaya. > >_ > >Get your FREE download of MSN Explorer at http://explorer.msn.com > > > > > > >
RE: Friendly error messages from Microsoft get in the way (was Error pages defined in web.xml not found / activated)
the error code is sent on the very first line of the response header-- and orion doesn't allow you to control that > -Original Message- > From: Frank Eggink [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 02, 2001 3:56 AM > To: Orion-Interest > Subject: Friendly error messages from Microsoft get in the way (was > Error pages defined in web.xml not found / activated) > > > Well ... > > How can you spend your weekend?!? > > > The problem I described looks to be caused by wat's called > 'friendly error > messages' from the Internet Explorer. All runs fine with Netscape. > Microsoft replaces standard 404 'can not find page' errors > with their own > page, which is considered (by them) to be more user friendly. > > Still I do not understand how the Explorer gets the > information there is a > 404 error. Could this be somewhat less wanted feature of > Orion? I certainly > would like to have control over this error message. > > FE > > On Friday, March 30, 2001 5:48 PM, Frank Eggink > [SMTP:[EMAIL PROTECTED]] wrote: > > Hi, > > > > I'm having a problem. I have defined error pages in my web.xml > > > > I've defined: > > > > > > 404 > > /errors/error404.jsp > > > > > > Now I expect to see the error page when I request a non > existing page > like > > http://localhost/my-app/non-existing-page.html, which does > not happen. > I'm > > obviously overlooking something, but what?? > > > > [When I define the error page in a jsp page with <%@ > > errorpage=/errors/error404.jsp %> it does work. So it can > find the page, > > which gives me the impression I've setup something wrong. What?? > > > > > > FE > > > > Frank Eggink > > Swift Applications > > [EMAIL PROTECTED] > > +31 6 28847325 (voice) > > +31 33 4532464 (fax) > > > > >
RE: Paged search results
With all browsers, session cookies are usually shared within a OS process The default IE behavior is to share the process whenver new windows are opened with CTRL-N. If you execute a shortcut to IE, it will open a window attached to a different process. Netscape 4.x in both Windows and Linux always runs different windows within the same process. Changing this behavior needs a rebuild in Linux. I don't know how Netscape 6 behaves. Opera is a MDI application, and also, session cookies are always shared within an Opera instance. Corollary: If a user logs off in a browser window, he'll be logged off in (practically) every other browser window. P.S. : this stands only for FORM based auth. Basic Auth is sent by the browser as needed and doesn't require http session capabilities on the server side. > -Original Message- > From: Trevor Squires [mailto:[EMAIL PROTECTED]] > Sent: Thursday, March 29, 2001 12:49 PM > To: Orion-Interest > Subject: Re: Paged search results > > > On Wed, 28 Mar 2001, Gary Shea wrote: > > > It seems to me that if you have multiple browsers open and they're > > sharing an application like Netscape does, they will all have the > > same session unless you're using URL rewriting. My experience with > > Netscape and Konqueror (sorry I don't know anything about IE) is > > that once a cookie is established on any one browser, all the rest > > will begin submitting it. As a result, if you're using cookie-based > > sessions, then your browsers are all in the same session. If you're > > using URL rewriting they'll all have independent sessions. > > In IE (perhaps only on NT, dunno) you can configure it so > that all browser > windows are in a separate process space. This means that > non-persistent > cookies are *not* shared between windows AFAIK. > > Trevor > > > >
RE: Who's wrong?
ciao
ingenieri,
<%=
%> is the jsp literal, it shows an expression; if it ends with a semicolon
(";"), then it is a statement
HTH
JP
-Original Message-From: Ing. Nicola Folino
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, March 28, 2001
12:19 PMTo: Orion-InterestSubject: Who's
wrong?
Orion don't agree on this line of code in a jsp
page:
<%=variable;%>
The semicolon is an error? But JRun accepts it!
Who's wrong?
Thanx...
RE: Removing SBs when expiring HttpSessions ... the challenge continues.
Just a tought: impersonate a role within the SB's method remove instead of
reliying on interactive login:
public void remove() {
//get UserManager
UserManager um = ic.lookup("java:comp/UserManager");
um.login("mySecuritySafeUser","thePassWd");
this.myejbref.remove();
}
I haven't tried this, but I guess it should work, specially if auto-sessions
are on...
HTH,
JP
> -Original Message-
> From: Gerald Gutierrez [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, March 22, 2001 3:05 PM
> To: Orion-Interest
> Subject: Removing SBs when expiring HttpSessions ... the challenge
> continues.
>
>
>
> When an HttpSession expires, it calls valueUnbound() on all
> session-bound
> variables that implement the HttpSessionBindingListener
> interface. So this
> provides a way for expiring HTTP sessions to remove session
> beans that would
> otherwise stay active and eventually consume all resources
> and cause the
> server to crash.
>
> The reasonable thing to do is to call ejb.remove() (and whatever other
> methods) within the valueUnbound() method so that the SB can
> clean up and be
> removed on the event.
>
> HOWEVER, if the SB is protected by security constraints,
> calling methods on
> the SB causes either NullPointerExceptions, or SecurityExceptions.
>
> In my case, I have a HttpSession which has bound an SB, which
> in turn has a
> reference to an EB. When the session expires, I need to
> remove the SB, which
> in turn must call a method on the EB. If I attempt to just
> call sb.remove(),
> the ejbRemove() method is called but a NullPointerException
> is thrown in the
> EB's wrapper. If I call getCallerPrincipal() in the SB first
> (which returns
> me the "guest" user), then call the EB, a SecurityException is thrown.
> Ignoring the fact that the different exceptions may be an
> Orion bug, the
> fact still remains that the "guest" user is calling the SB
> when calling
> through the valueUnbound() method.
>
> SO, the question, once again, is: When an HttpSession
> expires, what's the
> proper way to cleanup and remove the EJBs that are bound to
> that session?
>
>
>
> Gerald.
>
>
RE: can you have multiple load balancers
> -Original Message- > From: calvin matthews [mailto:[EMAIL PROTECTED]] > Sent: Thursday, March 22, 2001 1:32 PM > To: Orion-Interest > Subject: can you have multiple load balancers > > > Hi, > > Our site must be able to cope a large number of concurrent > users. I have > been able to setup the loadbalancer and clustering on Orion, > but have a few > questions. > > a) Can you replace the loadbalancer application transparently with a > hardware load balancer such as cisco local director? yes > > b) Does Orion support the use of multiple load balancers to > avoid single > point of failure? usage of multiple lb's is up to you. orion doesn't support them nor prevent its use > > c) Can you SSL HTTPS load balance? No. You'll be switching servers. I would only advice this for reliability, not scaling (config your director to be SSL Session Sticky) HTH JP
RE: Off topic : Conversion HTML to a plain text
yap, I've done it with regular expressions. Check out
http://jakarta.apache.org for regexp and ORO
the regexp scriptlet is:
String myHTML="Bold";
RE r = new RE("<[^>]+>");
String cleanText = r.subst(myHTML,"");
cleanText.equals("Bold") should return true
HTH
JP
> -Original Message-
> From: Boris Erukhimov [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, March 21, 2001 6:23 AM
> To: Orion-Interest
> Subject: Off topic : Conversion HTML to a plain text
>
>
> Hello everybody,
>
> My aplication produces HTML e-mail attachment, but because of
> some e-mail client hassle I need to duplicate the content as
> a plain text placed in the message body.
> To do this I need some quick and dirty solution to present
> HTML file (which is built already) as a plain text simular to
> what browser does when asked "Save as plain text". I can
> probably develop something like that using
> javax.swing.text.html but I hoped somebody did it already (?)
>
> Thanks
>
>
>
RE: Why Entity EJBs?
somebody suscribed a whole lotta of criticalmass people to this list; can't we have a subscribe/unsubscribe confirmation?? JP > -Original Message- > From: Carla Marcyniuk [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 20, 2001 5:53 PM > To: Orion-Interest > Subject: RE: Why Entity EJBs? > > > Please take me off this list as I have no interest in this > conversation. > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Lorandi > (Chile) > Sent: Tuesday, March 20, 2001 12:11 PM > To: Orion-Interest > Subject: RE: Why Entity EJBs? > > > I'm using EJB 1.1 CMP; It gives me as much DB independence as > I need. I have > to rewrite some finders when porting from DB to DB; hopefully EQL will > remove this burden too. Orion performs caching of instances, check out > exclusive-write-access and validity-timeout atrributes for > entity-deployment > tag in orion-ejb-jar.xml. > > However, if you have a distributed environment, cache's like > the one in > Orion are a threat to data integrity-- so they *must* be deactivated. > > Also, an orion-dependant feature, the boolean isModified(), > which in WLS is > called boolean isDirty(), plus a correct use of declarative > transactions > allow to minimize the impact on the DB. > > I believe CMP is the way to go, but it is very much > server-dependant. The > (apparent) poor performance of CMP is due to the need for > this solution to > address many things we all want from the server, such as data > integrity, > distribution across hosts of the business logic, declarative > transactions > and security. There's a price inherent to all this features, > and the larger > the spec, the higher the price we all must pay, basically, by > leveling down. > MS's single vendor approach actually levels up, but when they > don't have the > answers pre-packaged, all crumbles down and somehow we(as > developers) must > pay for the loses. > > Eventually, the servers *will* perform as expected, but until the spec > matures, we will be stuck with some minor problems. I'm now > living in Chile, > and the budgets are pretty tight here, but still, the > customer'd rather pay > for an extra box to scale up than to pay extra to the > programmers to do a > more optimized job and scale out. I'm aware that this is > vastly simplifying > the issue, but the point still stands. > > Perhaps the true problem is that we, all the J2EE developer > community, are > pushing it too far *and* too broad. This is what happened with CORBA, > leaving us with very little common ground. Some servers > implement mor of the > spec, some less. Some scale(but forbid Singleton's, for > instance) and some > don't. And there is no single way of making two OTS from two different > vendors to cooperate. CORBA was even taller than the Everest, > so nobody > climbed it. > > Of course, I also have those rush moments where I wonder why > I quitted my > older job, but that's definitely not the time to contribute > to anything. > > My 2c, > > JP > > > > -Original Message- > > From: Jeff Schnitzer [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, March 20, 2001 1:31 PM > > To: Orion-Interest > > Subject: RE: Why Entity EJBs? > > > > > > I also am questioning entity beans, after 5 months of intensive > > development with them. If you run Hypersonic in server > mode and watch > > the sql output to the console, it should be readily apparent > > why... CMP > > produces *WAY* too many queries for fine-grained entity beans. > > > > The biggest problem is finder methods. Since all beans are > > lazy-loaded, > > iterating through the finder results of 1000 beans will > > produce 1001 SQL > > calls. There isn't any reason specwise that beans cannot be > > eager-loaded, but few (if any) appservers seem to support this. > > > > Does anyone know if there is any support for eager-loading of finder > > results in Orion? There doesn't appear to be from the > documentation. > > > > > > I'm really disappointed in the entity bean concept. CMP > > should give us > > faster development times, faster code (with caching), and database > > independence, but at the moment we get *none* of the above. > > By stating > > in the blueprints that entity beans should only model course-grained > > objects and _not_ "one row of the table" they are effectively > > saying DO > > NOT USE CMP, because what is a CMP bean if not one row of a > ta
RE: Why Entity EJBs?
I'm using EJB 1.1 CMP; It gives me as much DB independence as I need. I have to rewrite some finders when porting from DB to DB; hopefully EQL will remove this burden too. Orion performs caching of instances, check out exclusive-write-access and validity-timeout atrributes for entity-deployment tag in orion-ejb-jar.xml. However, if you have a distributed environment, cache's like the one in Orion are a threat to data integrity-- so they *must* be deactivated. Also, an orion-dependant feature, the boolean isModified(), which in WLS is called boolean isDirty(), plus a correct use of declarative transactions allow to minimize the impact on the DB. I believe CMP is the way to go, but it is very much server-dependant. The (apparent) poor performance of CMP is due to the need for this solution to address many things we all want from the server, such as data integrity, distribution across hosts of the business logic, declarative transactions and security. There's a price inherent to all this features, and the larger the spec, the higher the price we all must pay, basically, by leveling down. MS's single vendor approach actually levels up, but when they don't have the answers pre-packaged, all crumbles down and somehow we(as developers) must pay for the loses. Eventually, the servers *will* perform as expected, but until the spec matures, we will be stuck with some minor problems. I'm now living in Chile, and the budgets are pretty tight here, but still, the customer'd rather pay for an extra box to scale up than to pay extra to the programmers to do a more optimized job and scale out. I'm aware that this is vastly simplifying the issue, but the point still stands. Perhaps the true problem is that we, all the J2EE developer community, are pushing it too far *and* too broad. This is what happened with CORBA, leaving us with very little common ground. Some servers implement mor of the spec, some less. Some scale(but forbid Singleton's, for instance) and some don't. And there is no single way of making two OTS from two different vendors to cooperate. CORBA was even taller than the Everest, so nobody climbed it. Of course, I also have those rush moments where I wonder why I quitted my older job, but that's definitely not the time to contribute to anything. My 2c, JP > -Original Message- > From: Jeff Schnitzer [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 20, 2001 1:31 PM > To: Orion-Interest > Subject: RE: Why Entity EJBs? > > > I also am questioning entity beans, after 5 months of intensive > development with them. If you run Hypersonic in server mode and watch > the sql output to the console, it should be readily apparent > why... CMP > produces *WAY* too many queries for fine-grained entity beans. > > The biggest problem is finder methods. Since all beans are > lazy-loaded, > iterating through the finder results of 1000 beans will > produce 1001 SQL > calls. There isn't any reason specwise that beans cannot be > eager-loaded, but few (if any) appservers seem to support this. > > Does anyone know if there is any support for eager-loading of finder > results in Orion? There doesn't appear to be from the documentation. > > > I'm really disappointed in the entity bean concept. CMP > should give us > faster development times, faster code (with caching), and database > independence, but at the moment we get *none* of the above. > By stating > in the blueprints that entity beans should only model course-grained > objects and _not_ "one row of the table" they are effectively > saying DO > NOT USE CMP, because what is a CMP bean if not one row of a table? I > noticed that most of the new J2EE patterns Sun recently > posted are aimed > at BMP. Sun's schizophrenia on this really pisses me off; > with one face > they like to show off entity beans and CMP because MS doesn't have it, > with another they tell us to go back to the bronze age of handwritten > SQL because the technology doesn't work. Gr. > > Jeff > > > >-Original Message- > >From: Dan North [mailto:[EMAIL PROTECTED]] > >Sent: Tuesday, March 20, 2001 4:41 AM > >To: Orion-Interest > >Subject: Fwd: Why Entity EJBs? > > > > > >Hi Johan. > > > > > > > >I've been developing EJBs in a very (a) intensive and (b) > >short development > >cycle for about 5 months now. I've found that my methodology > >has leant > >towards what the JRF guys are talking about, but in a less > formal way. > > > > From the backend forwards: I tend to use entity beans for > >storing/retrieving and most manipulation of data - ie. I have > >quite "fat" > >beans rather than just purely getters and setters. I then > use session > >beans for workflow that doesn't seem to belong with any > >particular single > >bean, such as generating reports or anything that requires a > few home > >interfaces' finders. I also use session beans for their > transactional > >integrity when populating new beans from an HTML (JSP) form, > >especially > >when several beans will
RE: Customizing the web authentication service
Title: Customizing the web authentication service Sun specifically leaves security mapping to each vendor/platform. The only thing that's specified is roles, but how do they map really it's up to the vendor and more than often is platform dependant (especially with Windows Auth) HTH JP -Original Message-From: elephantwalker [mailto:[EMAIL PROTECTED]]Sent: Monday, March 19, 2001 11:49 PMTo: Orion-InterestSubject: RE: Customizing the web authentication service Ben, Sun has specified the way security should behave, but not the implementation. Each j2ee vendor has chosen a different method, so it is truly one pain in the "arse" (forgive my old english). Regards, Elephantwalker -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ben WarnerSent: Monday, March 19, 2001 6:41 PMTo: Orion-InterestSubject: RE: Customizing the web authentication service Thanks, my passwords in the database are encrypted by a one way hash algorithm so I don't think this DataSourceUserManager will do all that I want. I have found and read the thread on "Custom UserManager" in this list and have deciphered the hard truth that I will have to implement my own UserManager... RoleManager... User etc From this and other threads on similar topics I have also concluded that there is no J2EE standard for defining and using your own Authentication module. Is someone able to confirm this for me with certainty? regards, bw. -Original Message-From: Magnus Rydin [mailto:[EMAIL PROTECTED]]Sent: Monday, March 19, 2001 5:51 PMTo: Orion-InterestSubject: SV: Customizing the web authentication service Take a look at http://www.orionsupport.com/articles/datasourceusermanager.html WR -Ursprungligt meddelande-Från: Ben Warner [mailto:[EMAIL PROTECTED]]Skickat: den 18 mars 2001 20:00Till: Orion-InterestÄmne: Customizing the web authentication service Hi, I'm trying to do something simple but I'm frustrated by my lack of success in finding information about it. I have scoured the list, the web, J2EE doco and would appreciate any information that may help me. Thanks in advance. I'm running a J2EE application in orion using form based authentication. The problem is that users are authenticated by the webserver according to the contents of the principals.xml file for my application. In my application users (including username & password) are stored in the database and I don't want to use the principals.xml file to store all my user logins. What I want is for the webserver to call my own custom authentication method to authenticate the user and let me decide if the login is valid or not and set the appropriate user principal in the session if it is valid. I'm sure this has been done a million times... I must be looking in the wrong places... Thanks again, bw.
RE: Custom UserManager.
I have a fully functional home-brewn imp. of UserManager and I do nothing in the setParent method. Just for you to know, HTH JP > -Original Message- > From: Michael Gantz [mailto:[EMAIL PROTECTED]] > Sent: Friday, March 16, 2001 9:24 AM > To: Orion-Interest > Subject: Re: Custom UserManager. > > > Slight progress update. I'm convinced now I don't have something > configured correctly. In my UserManager, when setParent is > called I did > a setParent(this) on the parent that was passed in. After that, my > manager started receiving method calls to things like > getUser. I also > noticed that my setParent was being called with an > XMLUserManager as it's > parameter. Hopefully somebody can shine some light on this > situation for me. > > Thanks... > > >> Original Message << > > On 3/16/01, 12:40:06 AM, Michael Gantz <[EMAIL PROTECTED]> wrote > regarding Custom UserManager.: > > > > Server : Orion-1.4.5 > > > I've created a custom UserManager and referenced it in > application.xml, > > I've taken out the principal tags in all the other files. > Here is my > > problem: my custom user manager loads up and the init > method gets called > > but that's it. The server never calls getUser on my user > manager. I'm > > very sure I'm missing something really silly and simple but > I can't find > > it due to the complete lack of adequate documentation. > > > Thanks in advance. > > > Michael L. Gantz >
RE: Stateless Session Bean Initialization Pattern
Inside the servlet, declare a public static synchronized (uf) field. Then
declare a public static method, to retrieve the field
public static MessageBundle ms;
public static synchronized getMS() {
return ms;
}
then inside your SLSB:
private MessageBundle ms; //it could even be static??
public void ejbCreate() {
if (ms==null) ms = MyServley.getMS();
}
HTH
JP
> -Original Message-
> From: Neal Kaiser [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, March 11, 2001 9:25 PM
> To: Orion-Interest
> Subject: Stateless Session Bean Initialization Pattern
>
>
> Hi. I have a framework as follows:
>
> A startup servlet reads in an XML file and creates a message
> bundle. This
> message bundle will be used by Servlets and EJBs to pull
> resources from it.
>
> I somehow need a way to initialize the stateless session bean
> by passing the
> message bundle to it. When the startup servlet starts, I get
> a reference to
> the session bean and call init(MessageBundle).
>
> However, this does not work because other instances of the
> session bean will
> not be initialized. I need some sort of static variable, or
> environment, or
> some way I can get the original MessageBundle passed in from
> the startup
> servlet.
>
> Any suggestions on how I should handle this? I suppose one
> solution would
> be to use JNDI and store the object in there. Are there any
> Orion examples
> of how to do this?
>
>
RE: Session cookie and https. PLEASE HELP!!!!
basically, cookies are URL spec (as per the spec, check it out in Netscape Central) URL dependant; if you send a cookie for a URL http://www.yahoo.com then that cookie is valid for that URL only; that cookie won't show up for URL https://www.yahoo.com (note the different protocol, https, instead of http); there's a way to make a cookie public for all URL's, but of course, that might compromise security; that's what orion does when you set 'shared="true"'. A good log would surely help (may I suggest log4j, http://jakarta.apache.org) HTH JP > -Original Message- > From: Sergio Socarras [mailto:[EMAIL PROTECTED]] > Sent: Friday, March 09, 2001 2:59 PM > To: Orion-Interest; [EMAIL PROTECTED] > Subject: RE: Session cookie and https. PLEASE HELP > > > Juan, > > Thanks for responding to my email! Yes sessions > working correctly is truly critical to our app. > Basically we have about 14 machines running in our > environment behind an alteon. The alteon selects a > machine the first a person comes in, a session is > created, and that person is made sticky to that > machine because we are not currently replicating > sessions. On and off we have reports of sessions being > lost. I'm not sure if operations is making a mistake > in regards to the stickiness or if I'm dealing with > another issue here. What I have noticed is what I > mention in my previous email, that under https I never > see the cookie get set and sometimes and only > sometimes URLs get rewritten. > > Someone in another email suggested I use the > shared=true setting in the secure-site.xml but I'm not > sure how this would help. The documentation is rather > vague in this area so any help would be appreciated. > > Thanks for all your help! > > Sergio > > in our application it is truely critical that > > > --- "Juan Lorandi (Chile)" <[EMAIL PROTECTED]> > wrote: > > Under SSL, the (preferred) method for > > session-tracking is SSL session id. I > > think orion tries this, and falls back to URL > > rewriting if needed. > > > > HTH > > > > JP > > > > PS: Is this truly critical to your app? We are > > implementing our own Session > > Management here and perhaps we'll run into the same > > problems you will? > > > > > -Original Message- > > > From: Sergio Socarras [mailto:[EMAIL PROTECTED]] > > > Sent: Wednesday, March 07, 2001 5:01 AM > > > To: Orion-Interest > > > Subject: Session cookie and https. PLEASE HELP > > > > > > > > > Hi > > > I'm running into some strange behavior with > > sessions > > > when running under https. I notice that when I set > > my > > > browser to prompt me when a cookie is to be set > > and > > > hit my application with regular http, I get a > > prompt > > > for the session cookie. If I hit the same page > > running > > > a secure connection I'm never prompted. I also > > notice > > > that under the secure connection some of my URLs > > get > > > rewritten. Interesting enough the first page, > > which is > > > where I initially create the session, doesn't have > > any > > > of its URLs rewritten. However, the second, third, > > and > > > forth pages do. Can someone please explain what's > > > going on. Does the setting of the session cookie > > not > > > work under secure connections? > > > > > > PLEASE PLEASE HELP!!! > > > > > > Thanks > > > Sergio > > > > > > __ > > > Do You Yahoo!? > > > Get email at your own domain with Yahoo! Mail. > > > http://personal.mail.yahoo.com/ > > > > > > > > __ > Do You Yahoo!? > Yahoo! Auctions - Buy the things you want at great prices. > http://auctions.yahoo.com/ >
RE: Using Orion with Apache...
basically, Apache will handle all SSL; orion won't notice SSL is being used(which IMHO is really not good). HTH JP > -Original Message- > From: Alex Paransky [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 07, 2001 11:32 PM > To: Orion-Interest > Subject: RE: Using Orion with Apache... > > > I am trying to put a together a proposal for a client using > OrionServer, and > not sure about how SSL will work. The client is already > running Apache and > would like to continue using it. Is it Apache, that's going to > encode/decode the SSL communication, or is it still the job > of Orion do > this? > > Thanks for your help. > -AP_ > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Alex Paransky > Sent: Wednesday, March 07, 2001 12:10 AM > To: Orion-Interest > Subject: Using Orion with Apache... > > > If I follow the documentation on http://orionsupport.com and configure > Apache as reverse proxy, how do I deal with SSL? In other > words, if user is > trying to access https://www.bigcorp.com/myapp/index.jsp > which is configured > to proxy to ORION, do I still need to install the SSL on the > Orion server, > or would Apache handle the SSL encryption when it forwards > the request to > Orion? > > Thanks. > -AP_ > > >
RE: Orion 1.4.7?
also for those with complicated proxies, try http://www.orionserver.com/orion/orion.jar > -Original Message- > From: Robert Krueger [mailto:[EMAIL PROTECTED]] > Sent: Friday, March 09, 2001 8:18 AM > To: Orion-Interest > Subject: Re: Orion 1.4.7? > > > At 15:50 09.03.2001 , you wrote: > >Hello > > > >Anyone could tell me where I can download Orion 1.4.7 > > > > java -jar autoupdate.jar > > >Thanks in advance > > (-) Robert Krüger > (-) SIGNAL 7 Gesellschaft für Informationstechnologie mbH > (-) Brüder-Knauß-Str. 79 - 64285 Darmstadt, > (-) Tel: 06151 665401, Fax: 06151 665373 > (-) [EMAIL PROTECTED], www.signal7.de > >
RE: Session cookie and https. PLEASE HELP!!!!
Under SSL, the (preferred) method for session-tracking is SSL session id. I think orion tries this, and falls back to URL rewriting if needed. HTH JP PS: Is this truly critical to your app? We are implementing our own Session Management here and perhaps we'll run into the same problems you will? > -Original Message- > From: Sergio Socarras [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 07, 2001 5:01 AM > To: Orion-Interest > Subject: Session cookie and https. PLEASE HELP > > > Hi > I'm running into some strange behavior with sessions > when running under https. I notice that when I set my > browser to prompt me when a cookie is to be set and > hit my application with regular http, I get a prompt > for the session cookie. If I hit the same page running > a secure connection I'm never prompted. I also notice > that under the secure connection some of my URLs get > rewritten. Interesting enough the first page, which is > where I initially create the session, doesn't have any > of its URLs rewritten. However, the second, third, and > forth pages do. Can someone please explain what's > going on. Does the setting of the session cookie not > work under secure connections? > > PLEASE PLEASE HELP!!! > > Thanks > Sergio > > __ > Do You Yahoo!? > Get email at your own domain with Yahoo! Mail. > http://personal.mail.yahoo.com/ >
RE: How to set orion to perform a timely task.. (CRON???)
you can use wget in some *nix'es I have a java based tool that does basically the same work that wget does; I'll post it tomorrow > -Original Message- > From: Joseph B. Ottinger [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 06, 2001 3:40 PM > To: Orion-Interest > Subject: Re: How to set orion to perform a timely task.. (CRON???) > > > Sure you can. > > * * * * * lynx --dump http://myhost/hiteveryminute.jsp > /dev/null > > This submits something to hiteveryminute.jsp every, um, minute. > > On Tue, 6 Mar 2001, Robert S. Sfeir wrote: > > > Someone suggesting hitting a JSP with a cron... how can > you hit a URL with > > a CRON or AT command, I didn't think you could do that! Perhaps I > > misunderstood the explanation? > > > > R > > > > > > Robert S. Sfeir > > Director of Software Development > > PERCEPTICON corporation > > San Francisco, CA 94123 > > w - http://www.percepticon.com/ > > e- [EMAIL PROTECTED] > > t - (415) 749-2900 x205 > > > > > > --- > Joseph B. Ottinger [EMAIL PROTECTED] > http://epesh.com/ IT Consultant > >
RE: JSP Session setting
tags in web.xml should do it... HTH JP > -Original Message- > From: Jim Carroll [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 06, 2001 12:44 PM > To: Orion-Interest > Subject: JSP Session setting > > > I'm not sure if this is the correct place to ask this > question but is there > a way to turn off the session tracking in the jsp compiling in orion? > Currently, no matter how you set the tag in the > configuration, when jsps are compiled the following line are > ALWAYS there: > > HttpSession session; > session = request.getSession(true); > > It seems that this will hinder performance in a clustered > environment where > only some of the applications require sessions. > > Is there a way to turn this off at a page or application level? > > Thanks > Jim > >
RE: SV: How to set orion to perform a timely task..
geez, you're right... I have built a java based equivalent of wget(comes with debian), which you could use to hit the jsp... I'll post it in my site tomorrow JP > -Original Message- > From: Jesse Schoch [mailto:[EMAIL PROTECTED]] > Sent: Monday, March 05, 2001 9:31 PM > To: Orion-Interest > Subject: Re: SV: How to set orion to perform a timely task.. > > > a simple jsp that activated your functions activated by a > cron script (or > at on NT) would work great, and you wouldn't have to write a schedler > > -jesse schoch > > > On Mon, 5 Mar 2001, Magnus Rydin wrote: > > > how about an client-application that does some operation on > scheudled hours? > > WR > > > > > -Ursprungligt meddelande- > > > Fran: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > > Skickat: den 3 mars 2001 09:44 > > > Till: Orion-Interest > > > Amne: How to set orion to perform a timely task.. > > > > > > > > > Hello, > > > I need to have my EJB perform some DB operation at > midnight everyday. > > > How do I do that? > > > In PC, I could create a timer object to do that with > VC++, but in Java > > > it does not seem to have such a functionality. And I > think it's ideal > > > to handle it in the server side rather than play with Java. > > > In other words, orion may have such a cron function built in to do > > > something in a timely manner. > > > If anyone has any experience with this, please tell me how. > > > Thank you very much in advance. > > > > > > > > > Simon > > > > > > > > > >
RE: Has anyone written an EJBDoclet impl for Orion?
Rickard Oberg wrote one that should work with any app server... HTH, otherwise, go right ahead! JP > -Original Message- > From: Michael A Third [mailto:[EMAIL PROTECTED]] > Sent: Monday, March 05, 2001 2:49 PM > To: Orion-Interest > Subject: Has anyone written an EJBDoclet impl for Orion? > > > > If not, I'm probably going to write one. > > Thanks, > > Michael >
RE: How to set orion to perform a timely task..
Or you could start a daemon thread in a servlet to perform as cron; we do that to initialize services we need. Flux is great too, but it's out of my budget... ;-) > -Original Message- > From: Mike Sick [mailto:[EMAIL PROTECTED]] > Sent: Saturday, March 03, 2001 3:19 PM > To: Orion-Interest > Subject: Re: How to set orion to perform a timely task.. > > > We use Flux. It was easy to integrate and it's reliable. > > see: > http://www.simscomputing.com/ > http://www.simscomputing.com/products/ > > > - Original Message - > From: <[EMAIL PROTECTED]> > To: "Orion-Interest" <[EMAIL PROTECTED]> > Sent: Saturday, March 03, 2001 12:43 PM > Subject: How to set orion to perform a timely task.. > > > > Hello, > > I need to have my EJB perform some DB operation at midnight > everyday. > > How do I do that? > > In PC, I could create a timer object to do that with VC++, > but in Java > > it does not seem to have such a functionality. And I think > it's ideal > > to handle it in the server side rather than play with Java. > > In other words, orion may have such a cron function built in to do > > something in a timely manner. > > If anyone has any experience with this, please tell me how. > > Thank you very much in advance. > > > > > > Simon > > > > > > > >
RE: orion.jar needed for JNDI-lookup??
inline > -Original Message- > From: Stefan Wendel [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 28, 2001 3:17 PM > To: Orion-Interest > Subject: Re: orion.jar needed for JNDI-lookup?? > > > Hi Ernst, > > there is no superclass since InitialContextFactory is an > interface which is > implemented > by ApplicationClientInitialContextFactory directly (so every > vendor provides > his > own InitialContextFactoryClass...) > > It should work like this: when the class is needed it should > be loaded by > the class > loader over the net (this is a basic principle of JNDI: load > the "driver" > which is > needed for current application, if not already installed on > the client). Do you mean RMI??? > > To be more specific with my error: I get an error from the > java.net.URLClassLoader which > says he(she...?) can't find the specific class > (ClassNotFoundException). > > Did I miss some setup somewhere ... ? > > Greetings, Stefan > > > - Original Message - > From: "Ernst de Haan" <[EMAIL PROTECTED]> > To: "Orion-Interest" <[EMAIL PROTECTED]> > Sent: Wednesday, February 28, 2001 3:54 PM > Subject: Re: orion.jar needed for JNDI-lookup?? > > > > Hi Stefan, > > > > > we are running a Swing-application accessing via HTTP/RMI > > > to an EJB-server. To do the JNDI-lookup class > "com.evermind.server.ApplicationClientInitialContextFactory" > > > is used as describes in the orion-doc. > > > > Do you *need* to downcast to > ApplicationClientInitialContextFactory, or > can > > you perhaps use a superclass (InitialContextFactory) ? If > so, then you > only > > need the JNDI libraries. > > > > -- > > Ernst > > > >
RE: Clustering and Multicasting
are you connecting everything to the same switch (hub)??? multicasting in a LAN is usually done by the switches, so hooking into a different hub may be problematic with some switches HTH JP > -Original Message- > From: Jesse Schoch [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, February 28, 2001 7:32 PM > To: Orion-Interest > Subject: Clustering and Multicasting > > > I have installed a 3 node orion cluster(2 on windows2k and 1 > on linux) and > have it working just dandy, the replication seems to work and > so does the > loadbalancer but... > > I also have a bsdi box, and recently upgraded to the 4.2 > version which has a > JDK and JVM on which orion runs fine, but when I try to put > into the cluster > orion will not start and complains that it can't bind to the multicast > address. any ideas why this is happening? > >
RE: ResultSet chaching
resultset or entity? if entity caching is troubling you, de-activate entity caching by setting the entity-deployment attribute exclusive-write-access to true. HTH JP PS: ResultSet caching is done with RowSet's persistance (serializable RowSet's) -Original Message-From: Luis Javier Beltran [mailto:[EMAIL PROTECTED]]Sent: Friday, March 02, 2001 6:12 PMTo: Orion-InterestSubject: ResultSet chaching Hi, Does Orion do resultset caching? because althought the database data has changed it still shows me the same data it showed before adding information to the db... If it does, how can I disable it? thanks a lot! Luis Javier
RE: signoff EJB-INTEREST
should you use the form in http://archives.java.sun.com ??? if you wnat to unsubscribe from EJB-INTEREST, that is > -Original Message- > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > Sent: Thursday, March 01, 2001 5:53 AM > To: Orion-Interest > Subject: RE: signoff EJB-INTEREST > > > Please use the form at www.orionserver.com > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Lu, Michael > Sent: 28. februar 2001 20:47 > To: Orion-Interest > Subject: signoff EJB-INTEREST > > > signoff EJB-INTEREST > >
RE: login security include file
and closes the outputstream too -Original Message-From: Manne Fagerlind [mailto:[EMAIL PROTECTED]]Sent: Thursday, March 01, 2001 6:20 AMTo: Orion-InterestSubject: RE: login security include file Strangely enough, always flushes the writer - i.e. the flush="false" is ignored. This is in the JSP 1.1 spec. Don't ask me why... /Manne -Original Message-From: Vaskin Kissoyan [mailto:[EMAIL PROTECTED]]Sent: 28 February 2001 22:36To: Orion-InterestSubject: login security include file I'm trying to do a response.sendRedirect() from an include file and wanted to avoid doing a directive.include (preparser), I keep getting "Response has already been committed, be sure not to write to the OutputStream or to trigger a commit due to any other action before calling this method." I have been very careful as to put this include at the very top of the file, and to specify autoFlush=false and flush=false on the include tag. Again, the intention of this include file would be to be place at the top of the jsp file to secure it by redirecting to a login page if credentials in a session based UserBean do not allow access to the page for some reason. -Vaskin
RE: Servlet Cache - How do I purge it
$orion\application-deployments\YOUREAR\YOURWAR\persistance kill every file, the orion will recompile HTH, JP > -Original Message- > From: Paul G. Markovich [mailto:[EMAIL PROTECTED]] > Sent: Sunday, February 25, 2001 11:07 PM > To: Orion-Interest > Subject: Servlet Cache - How do I purge it > > > Hi, > > I am using servlets in the orion default web app. > > My dir: > Orion/defaul-web-app/Web-inf/classes/(and then my files) > > I have the output of my compiler set to the same directory. > > I start orion like: > java -jar orion.jar > > and I stop orion with a ctrl C > > I have reloaded my class files and I can't ever get the > new files to load. > > I am working on NT4, jdk1.3, orion 1.4.5 > > Should I start stop differently??? > > Is there a physical location and file that I can > delete that is storing this information??? > > Help, > > Paul >
RE: Orion FORM based authentication Configuraton problem
please make a report in bugzilla JP > -Original Message- > From: cybermaster [mailto:[EMAIL PROTECTED]] > Sent: Domingo, 25 de Febrero de 2001 19:55 > To: Orion-Interest > Subject: Orion FORM based authentication Configuraton problem > > > When I use % authentication (1.4.5, W2K Server, jdk1.3), I've > got a couple > of problems: > (1) Basic setup is: /Home.jsp, link to /secure/loginDummy.jsp > (2) User tries to get to /secure/loginDummy.jsp - Orion redirects to > /login.jsp > (3) login correct works fine with /login.jsp - (browser shows > /secure/dummyLogin as URL) > (4a) browser displays /secure/loginDummy.jsp - OK, but: - > (browser shows > /secure/j_security_check as URL) > BUT > (4b) if first login incorrect, Orion redirects to > /loginError.jsp - (browser > shows /secure/j_security_check as URL) > (5a) error again, page stays at /loginError.jsp jsp - (browser shows > /secure/j_security_check as URL) > (5b) user enteres correct passwd - "ERROR 404 Not Found - Resource > /formAuth/secure/j_security_check not found on this server" > somehow Orion forgets the correct URL (it shouldn't show > j_security_check in > the first place, I guess). The user is actually logged in, > and can go to the > /secure/* pages at this time. > Peter Saurugger > Everest eCommerce > [EMAIL PROTECTED] > > >
RE: Any way to "forward" to j_security_check?
that's what I've been doing... whenever there's a sec-constraint, orion forwards to my login page; when I want login without securing, I simple use the login form(or some other functionally equal) and then login the user programatically (by changing the action field of the form) It works, just like MCB said. JP > -Original Message- > From: Mike Cannon-Brookes [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 22 de Febrero de 2001 11:23 > To: Orion-Interest > Subject: RE: Any way to "forward" to j_security_check? > > > This is very simple to do. > > Just grab the RoleManager from java:comp/env/RoleManager I > think and then > the method if just RoleManager.login(username, password) - > see the Orion API > docs for more info. > > Alas there is no standard way to do this defined in the spec. > > -mike > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > [EMAIL PROTECTED] > > Sent: Thursday, February 22, 2001 11:27 PM > > To: Orion-Interest > > Subject: Any way to "forward" to j_security_check? > > > > > > Does anyone know a way to "forward" to the j_security_check > processing in > > Orion ? We use form-based login but have our own processing to do > > ahead of the > > standard j_security_check. > > > > On J2EE Reference Implementation (and e.g. Weblogic) we post the > > form to our > > own servlet instead of j_security_check, then forward from this to > > j_security_check. This doesn't seem to work on Orion i.e. > j_security_check > > doesn't seem to be something one can get a request dispatcher for. > > > > Of course, the servlet spec doesn't mandate anything about > how the server > > should implement the j_security_check mechanism, so > potentially it doesn't > > have to have anything that can be referenced and invoked > from application > > code. But it would be useful to be able to. > > > > I've also thought about programmatically simulating a post to > > j_security_check > > instead of trying to forward to it, but doesn't look simple and > > not sure this > > would work on Orion either. Might be helped by Servlet 2.3 but > > can't move to > > that yet. > > > > Am I just missing some trick to this, or is it not possible on > > Orion? Or is it > > related to a bug somewhere ? (n.b. even a normal post to > j_security_check > > seems to fail, and to get sign-on to work I have to use Orion's > > non-standard > > feature of leaving the action unspecified). > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > *** > > NIG > > The National Insurance & > > Guarantee Corporation PLC > > > > Reg. Office : > > Crown House > > 145 City Road > > London > > EC1V 1LP > > > > Registered in England & Wales No : 42133 > > *** > > Legal disclaimer : > > This message is confidential and for use by the addressee > only. If the > > message is received by anyone other than the addressee, > please return > > the message to the sender by replying to it and then delete > the message > > from your computer. > > > > NIG does not accept responsibility for changes made to this message > > after it was sent. > > > > > > > >
RE: Customer User Manager problems
ok. Some pointers:
1. I have my own imp. of UserManager and it's deliciously good
2. No need for principals.xml at this stage
3. When you add a security constraint, some pages require something 'extra'
to be seen, in the case, this extra is that the user login'd belongs to a
group sr_guest
[Excerpt from your mail]
> >
> >
> > Main
> > /*
> > /list.jsp
> >
> >
> >
> > sr_guest
> >
> >
if the user tries to get some pages (in this case, ALL), then it must belong
to a group sr_guest.
Does the user you login with belong to the group user? (and I don't mean the
DB... if you issue a
UserImp.isMemberOf(UserManagerImp.getGroup("sr_guest")
does it return true? If not, then something is not quite right).
If I'd was to test this, I would try the following:
create a user; say, 'jlorandi'
then, try some (pseudo) code:
User usr = UserManagerImp.getUser("jlorandi");
System.out.println("User:"+usr.getName);
Group grp = UserManagerImp.getGroup("sr_guest");
System.out.println("Group:"+grp.getName);
System.out.println("isMember?"+usr.isMemberOf(grp));
let me see how it comes
JP
> -Original Message-
> From: Ernie Phelps [mailto:[EMAIL PROTECTED]]
> Sent: Jueves, 22 de Febrero de 2001 15:51
> To: 'Juan Lorandi (Chile)'; 'Orion-Interest'
> Subject: RE: Customer User Manager problems
>
>
> Juan,
>
> I have tried putting the user into the principals.xml file,
> although the
> eventual goal is to not use this file at all (provide custom
> groups from the
> database via our UserManager). This does not seem to have any
> effect. I am
> not currently using a login error page, but I am not that
> worried about the
> login repetition for failure at the moment.
>
> My main concern is what is failing in the process, since
> authenticate is
> returning true from TMUser. There is presumably other code
> that I have to
> modify to get this to work, any idea's would be appreciated. Thanks.
>
> - Ernie
>
> -Original Message-
> From: Juan Lorandi (Chile) [mailto:[EMAIL PROTECTED]]
> Subject: RE: Customer User Manager problems
>
> have you got a login error page? that's why the three times,
> also, if a user doesn't belong to a sr_guest group, you won't
> have access
>
> > -Original Message-
> > From: Ernie Phelps [mailto:[EMAIL PROTECTED]]
> > Subject: Customer User Manager problems
> >
> > I am having difficulties getting a custom user manager to
> > work. Here are the
> > steps I have taken:
> >
> > Implemented User (as TMUser)
> > Implemented Group (as TMGroup)
> > Extended AbstractUserManager (as TMUserManager)
> >
> > Added the following to orion-application.xml:
> >
> >
> >
> >
> >
> >
> > > name="<jndi-user-role>">
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > > name="<jndi-user-role>">
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > Added the following to web.xml:
> >
> >
> >
> > Main
> > /*
> > /list.jsp
> >
> >
> >
> > sr_guest
> >
> >
> >
> >
> > BASIC
> > TM
> >
> >
> >
> > sr_guest
> >
> >
> > Here is the result:
> >
> > 1. I start Orion. It calls TMUserManager Init.
> > 2. I start the browser, direct it to my controller. It pops
> the basic
> > authentication dialog. I enter username and password.
> > TMUserManager.getUser
> > is called.
> > TMUser.authenticate is called and returns true.
> > 3. The basic authentication dialog pops again. This happens 3
> > times then
> > fails.
> >
> > Any idea what I am missing here? I feel I have missed
> > something basic, but
> > can't put
> > my finger on it. TIA,
> >
> > - Ernie
>
RE: Customer User Manager problems
have you got a login error page? that's why the three times, also, if a user doesn't belong to a sr_guest group, you won't have access > -Original Message- > From: Ernie Phelps [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 22 de Febrero de 2001 12:36 > To: Orion-Interest > Subject: Customer User Manager problems > > > I am having difficulties getting a custom user manager to > work. Here are the > steps I have taken: > > Implemented User (as TMUser) > Implemented Group (as TMGroup) > Extended AbstractUserManager (as TMUserManager) > > Added the following to orion-application.xml: > > > > > > >name=""> > > > > > > > > > >name=" "> > > > > > > > > > > Added the following to web.xml: > > > > Main > /* > /list.jsp > > > > sr_guest > > > > > BASIC > TM > > > > sr_guest > > > Here is the result: > > 1. I start Orion. It calls TMUserManager Init. > 2. I start the browser, direct it to my controller. It pops the basic > authentication dialog. I enter username and password. > TMUserManager.getUser > is called. > TMUser.authenticate is called and returns true. > 3. The basic authentication dialog pops again. This happens 3 > times then > fails. > > Any idea what I am missing here? I feel I have missed > something basic, but > can't put > my finger on it. TIA, > > - Ernie > >
RE: Got SecurityException, bu shouldn't it be NamingException?
you're right... please report this to bugzilla in www.orionserver.com
TIA
JP
> -Original Message-
> From: Eduardo Estefano [mailto:[EMAIL PROTECTED]]
> Sent: Miércoles, 21 de Febrero de 2001 13:57
> To: Orion-Interest
> Subject: Got SecurityException, bu shouldn't it be NamingException?
>
>
> I was looking up a bean using:
>
> JndiContext.lookup("ContactManager");
>
> And I was getting a security exception: User Admin does not
> have permissions
> to ContactManager.
>
> However, there is no ContactManager in the jndi tree. The
> bean name in the
> tree was ContactManagerHome.
>
> I changed it and it worked fine.
>
> The question is: Shouldn't I get a NamingException instead of a
> SecurityException?
>
> -
> Eduardo Estefano
> Integrated Information Systems
> 480.317.8549
>
>
RE: Orion Server compared to Oracle AS
OAS only supports Session Beans (Stateless and Stateful) OAS has reached it's end of life. It's no longer a product. It has been superceeded by IAS. IAS only supports Session Beans (Stateless and Stateful). *AS functionality is replicated by the DB engine (arghhh) If you have a Oracle *i db (8.1.5 and above), you have app server capabilities; Oracle 9i supports entity beans (they may solely run in the db) So, oracle's solution looks like this nowadays Apache <---> IAS (BL only) <---> Oracle 9i (DB, Entities) How all of this works together is still very obscure even inside Oracle. The entity facility inside the DB, on the other hand, is very nice. It should surpass any isolation/locking problems by making the db the bottle neck (as usual). Still, it would require some fooling around to see if it really works. JP > -Original Message- > From: Bernard Sauterel [mailto:[EMAIL PROTECTED]] > Sent: Sábado, 10 de Febrero de 2001 15:23 > To: Orion-Interest > Subject: RE: Orion Server compared to Oracle AS > > > could you explain more on this ? > > On Sat, Feb 10, 2001, Juan Lorandi (Chile) > <[EMAIL PROTECTED]> wrote: > > >well, I can tell you that if you need entity beans OAS won't > help you. > > > >I've had to evaluate OAS 6 months ago and it sure is a total > waste of time > > > >JP > > > >> -Original Message- > >> From: John Hogan [mailto:[EMAIL PROTECTED]] > >> Sent: Viernes, 09 de Febrero de 2001 1:12 > >> To: Orion-Interest > >> Subject: Orion Server compared to Oracle AS > >> > >> > >> Has anyone done/know of a comarison of these two products? > >> > >> I know Oracle sits on Apache and JServ, and that bench > marks on the > >> Orion site show that Orion has some clear advantages vs > Apache. I'm > >> hoping someone has some first experiences they can share. TIA. > >> > >> JohnH > >> > >> _ > >> > >> Get your free E-mail at http://www.ireland.com > >> > > > > +--++ > | Bernard Sauterel | sauterel.net | > +--++ > email | [EMAIL PROTECTED] >
RE: Orion Server compared to Oracle AS
well, I can tell you that if you need entity beans OAS won't help you. I've had to evaluate OAS 6 months ago and it sure is a total waste of time JP > -Original Message- > From: John Hogan [mailto:[EMAIL PROTECTED]] > Sent: Viernes, 09 de Febrero de 2001 1:12 > To: Orion-Interest > Subject: Orion Server compared to Oracle AS > > > Has anyone done/know of a comarison of these two products? > > I know Oracle sits on Apache and JServ, and that bench marks on the > Orion site show that Orion has some clear advantages vs Apache. I'm > hoping someone has some first experiences they can share. TIA. > > JohnH > > _ > > Get your free E-mail at http://www.ireland.com >
RE: Client site HttpSession simulating
Inline > -Original Message- > From: Boris Erukhimov [mailto:[EMAIL PROTECTED]] > Sent: Martes, 06 de Febrero de 2001 15:41 > To: Orion-Interest > Subject: Re: Client site HttpSession simulating > > > Thanks a lot Juan, it's working. > Is it possible for https session ? Uh, I don't know, but I'd guess not. SSL has it's own kind of session tracking that is very similar to a cookie. This is the preferred way of doing it; and it will work on browsers that don't accept cookies > I've also found out that URL rewriting syntax is server > specific, which > means it's not part of the spec ? it isn't part of the spec, but I think tomcat perfoms equal than orion. > > > "Juan Lorandi (Chile)" wrote: > > > you have to postfix any URL with ";JSESSIONID=" > > > > NOTE THE SEMICOLON > > > > JP > > > > > -Original Message- > > > From: Boris Erukhimov [mailto:[EMAIL PROTECTED]] > > > Sent: Lunes, 05 de Febrero de 2001 10:45 > > > To: Orion-Interest > > > Subject: Client site HttpSession simulating > > > > > > > > > I have a site which stores user profile in HttpSession after > > > user gets in > > > supplying user id and password. > > > I need to provide some client site batch operation on the > > > site using standalone > > > java client. > > > I remember old servlet spec which allowed you to embed > > > session ID into URL if > > > there is no way to use cookies to handle HttpSession. > > > > > > The scenario is: > > > > > > 1. My client java program creates HttpURLConnection for the > > > site login response > > > URL with valid user ID and password. > > > > > > 2. Then client gets HTML response proving successful login. > > > According to the > > > application logic a new session has been created and > client receives > > > "Set-Cookie" response header with some value like > > > "JSESSIONID=BGDBPNFMPDGO; Path=/". > > > > > > 3. Assuming JSESSIONID is a name Orion wants to identify > > > session id I include > > > JSESSIONID=BGDBPNFMPDGO into query string for my next > client request. > > > > > > 4. Client gets HTML response such as in case session was not > > > established yet - > > > new session has been created. > > > > > > So, Orion does not recognize "JSESSIONID=BGDBPNFMPDGO" in > > > request pointing to > > > existing HttpSession. > > > > > > Am I missing something obvious ? Or it might be some > > > time/racing issues ? > > > > > > I need thins functionality very much. Any help would be > > > greatly appreciated > > > Thanks > > > > > > ~boris > > > > > > > > > > > > > >
RE: Too much caching? - the database has changed
I think I have explained this for Eric Hodges here or in EJB-INTEREST Danut, can you check the archives, please? Also, on the same line in my previous responses to Eric, I agree with Robert. read the spec (no offense intended) JP > -Original Message- > From: Robert Krueger [mailto:[EMAIL PROTECTED]] > Sent: Martes, 06 de Febrero de 2001 14:16 > To: Orion-Interest > Subject: Re: Too much caching? - the database has changed > > > At 10:29 06.02.2001 , you wrote: > >Thanks for the help Tim. > >I am not sure I like this solution. Why do I have to go and > change this in > >the application-deployments folder? The same question > applies to the table > >name for the CMP Beans. How do I choose a table name > different than the > >default one without touvhign the application-deployments folder? > > > >Wouldn't make more sense if I can change these things in the > "ejb-jar.xml" > >that is part of the EJB package? > > please do some spec reading and find out about separation of > responsibilities and roles and the general ejb/j2ee > deployment concept. > that will answer your questions. it doesn't make much sense > to work with a > product like orion not having understood those fundamental > concepts. this > not meant as a flame but advice (as many of orion oldtimers > will confirm I > hope). > > regards, > > robert > > >Danut > > > >At 08:55 PM 2/5/2001 -0500, Tim Endres wrote: > >>Check the docs. There is a flag that you need to set to tell Orion > >>that is does not have "exclusive" access to the database, and that > >>it needs to recognize when a record is updated by a program other > >>than Orion. > >> > >>I believe you need to look at the "exclusive-write-access" attribute > >>of the element in orion-ejb-jar.xml. > >> > >>tim. > >> > >> > Two more things. > >> > > >> > 1. On the server side I get the following > >> > > >> > CMPSelectTestEJB() > >> > setEntityContext > >> > ejbCreate( 10, Name 10, Address 10 ) > >> > Entity 10 passivated > >> > java.lang.Throwable > >> > at com.evermind.server.ejb.EntityEJBHome.ail(JAX) > >> > at > com.evermind.server.ejb.EntityEJBObject.releaseContext(JAX) > >> > at > >> > > CMPSelectTestHome_EntityHomeWrapper19.create(CMPSelectTestHome_Entity > >> > HomeWrapper19.java:377) > >> > at java.lang.reflect.Method.invoke(Native Method) > >> > at com.evermind.server.rmi.bc.do(JAX) > >> > at com.evermind.util.f.run(JAX) > >> > ejbPassivate( 10, Name 10, Address 10 ) > >> > > >> > There is no record with ID = 10, name = "Name 10" and address = > >> "Address 10". > >> > > >> > 2. The exactly same code for EJB, client and the same > database work > >> fine on > >> > WebLogic. > >> > > >> > I am using Orion 1.4.5. > >> > > >> > Danut > >> > > >> > ===> >> > I am having a problem. > >> > I am creating some records using some BMP and CMP EJBs. > While Orion is > >> > still running I am deleting the records using a simple > JDBC client. > >> > > >> > When I try to ccreate the same records again I get an > exception that says > >> > javax.ejb.DuplicateKeyException: Entity already exists > >> > at com.evermind.server.rmi.ba.invokeMethod(JAX) > >> > at com.evermind.server.rmi.a1.invoke(JAX) > >> > at com.evermind.server.rmi.a2.invoke(JAX) > >> > at __Proxy1.create(Unknown Source) > >> > at > SelectTestClient.CreateRecords(SelectTestClient.java:102) > >> > at SelectTestClient.TestOrion(SelectTestClient.java:264) > >> > at SelectTestClient.main(SelectTestClient.java:319) > >> > > >> > How can I make Orion aware that the database has changed? > >> > > >> > Thank you, > >> > Danut > >> > > >> > > >> > _ > >> > Do You Yahoo!? > >> > Get your free @yahoo.com address at http://mail.yahoo.com > >> > > >> > > > > > > >_ > >Do You Yahoo!? > >Get your free @yahoo.com address at http://mail.yahoo.com > > > > > > (-) Robert Krüger > (-) SIGNAL 7 Gesellschaft für Informationstechnologie mbH > (-) Brüder-Knauß-Str. 79 - 64285 Darmstadt, > (-) Tel: 06151 665401, Fax: 06151 665373 > (-) [EMAIL PROTECTED], www.signal7.de > >
RE: Client site HttpSession simulating
you have to postfix any URL with ";JSESSIONID=" NOTE THE SEMICOLON JP > -Original Message- > From: Boris Erukhimov [mailto:[EMAIL PROTECTED]] > Sent: Lunes, 05 de Febrero de 2001 10:45 > To: Orion-Interest > Subject: Client site HttpSession simulating > > > I have a site which stores user profile in HttpSession after > user gets in > supplying user id and password. > I need to provide some client site batch operation on the > site using standalone > java client. > I remember old servlet spec which allowed you to embed > session ID into URL if > there is no way to use cookies to handle HttpSession. > > The scenario is: > > 1. My client java program creates HttpURLConnection for the > site login response > URL with valid user ID and password. > > 2. Then client gets HTML response proving successful login. > According to the > application logic a new session has been created and client receives > "Set-Cookie" response header with some value like > "JSESSIONID=BGDBPNFMPDGO; Path=/". > > 3. Assuming JSESSIONID is a name Orion wants to identify > session id I include > JSESSIONID=BGDBPNFMPDGO into query string for my next client request. > > 4. Client gets HTML response such as in case session was not > established yet - > new session has been created. > > So, Orion does not recognize "JSESSIONID=BGDBPNFMPDGO" in > request pointing to > existing HttpSession. > > Am I missing something obvious ? Or it might be some > time/racing issues ? > > I need thins functionality very much. Any help would be > greatly appreciated > Thanks > > ~boris > > > >
RE: Form-based authentication not working right
gerald, I have a configuration matching yours and it's working;
May I suggest a test?
If you will, add a user called 'jlorandi' and make it part of group
'myuser', and add an user 'dummy' but DON'T make him part of group 'myuser'
,then, could you please edit SecuredPage.jsp so it executes these printouts:
System.out.println("User:" + request.getRemoteUser() );
System.out.println("Role OK:" + request.isUserInRole("myuser") );
then browse your app:
open browser, login as 'jlorandi', note results, close browser
open browser, login as 'dummy', note results, close browser
open browser, login INCORRECTLY, note results, close browser
JP
> -Original Message-
> From: Gerald Gutierrez [mailto:[EMAIL PROTECTED]]
> Sent: Lunes, 05 de Febrero de 2001 20:52
> To: Orion-Interest
> Cc: [EMAIL PROTECTED]
> Subject: Form-based authentication not working right
>
>
>
> Recently I asked about form-based authentication. I
> appreciate the help
> several people gave, but from the responses I got it seems
> that I might
> have miscommunicated somehow. I'm going to try again, this
> time explaining
> myself better.
>
> I'm using Orion 1.4.5 on Windows 2000. The same thing happens
> on Orion 1.3.8.
> I have a number of JSP pages in the directory /app:
>
> MainMenu.jsp -- the main menu
> SecuredPage.jsp -- a secured page, see only when authenticated
> LoginForm.jsp -- form for logging in
> LoginError.jsp-- form displayed when there's an error
>
> The user goes to MainMenu.jsp, where there is a link to
> SecuredPage.jsp. To
> view this page, the user must be authenticated. The authenticated is
> form-based.
>
> This is what should (CORRECTLY) happen:
>
> 1) User goes to MainMenu.jsp.
> 2) User clicks on link to SecuredPage.jsp.
> 3) User is presented with LoginForm.jsp.
> 4) User types in username and password.
> 5a) Login succeeds and SecuredPage.jsp is shown to user.
> 5b) Login fails and LoginError.jsp is shown to user.
>
> HOWEVER, this is the (INCORRECT) sequence of events that I
> actually get:
>
> 1) -- as before --
> 2) -- as before --
> 3) -- as before --
> 4) -- as before --
> 5a) Login succeeds and directory contents is shown to user.
> 5b) Login fails and directory contents is shown to user.
>
> Note the same (WRONG) thing happens whether or not the user
> authenticates
> properly. The directory contents is the list of JSP files
> that I have in /app.
>
>
> So ... what's wrong here? It redirects to my login form
> correctly. It just
> doesn't behave properly when I actually do the login (hit
> "j_security_check" with "j_username" and "j_password"). This is the
> relevant section of my web.xml file:
>
>
>
> LoginTrigger
> LoginTrigger
> /SecuredPage.jsp
> GET
> POST
>
>
> myuser
>
>
>
>
> FORM
>
> LoginForm.jsp
> LoginError.jsp
>
>
>
>
> myuser
>
>
>
>
RE: Download Orion version 1.4.7
autoupdate.jar looks for orion in http://www.orionserver.com/orion/orion.jar that URL sure is handy if you don't know what your proxy is JP > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Martes, 06 de Febrero de 2001 8:38 > To: Orion-Interest > Subject: RE: Download Orion version 1.4.7 > > > To anyone trying to autoupdate trought proxy, use: > > > java -DproxySet=true -DproxyHost=myProxyHostIP > -DproxyPort=myProxyPort -jar autoupdate.jar > > Obvious, you need to be in /orion folder... > > > My2c > > > Edson Richter > >
RE: Secured Page?
That depends more on your app design than nothing else; both ways are pretty much costless (in orion). JP > -Original Message- > From: Korosh Afshar [mailto:[EMAIL PROTECTED]] > Sent: Lunes, 05 de Febrero de 2001 18:08 > To: Orion-Interest > Subject: RE: Secured Page? > > > > which one would be a viable option for a client base of > 3000-4000 users? > > can declaritive security be used in this fashion? > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Loftis > Sent: Monday, February 05, 2001 12:07 PM > To: Orion-Interest > Subject: RE: Secured Page? > > > There are two ways to handle this login solution: programatic and > declarative security. > > With programatic security you could have your welcome.jsp > check to see if a > user variable (such as a username) has been set on the > session object for a > client, if it hasn't (i.e is null) then forward them to the > login page. > (you could also stick the string welcome.jsp into the session > as the referer > so you can redirect the login page back it after a successful login). > > With declarative security you can specify which pages are > secure in your > deployment descriptor for the application, and access to the pages, in > relation to security, will be handled at container rather > than application > (as above) level. check the orion reference docs for how to do this. > > Hope this moves you in the right direction :) > > Steve > > -Original Message- > From: Roland Dong [mailto:[EMAIL PROTECTED]] > Sent: 05 February 2001 10:36 > To: Orion-Interest > Subject: RE: Secured Page? > > > > I remember someone posted Login-related question recently. I > have a newbie > question on this. > > In my web application, I have login1.jsp which calls > login2.jsp to handle > the actual login process. I use JDBC-ODBC-Oracle to handle > the database > connection. If successfully logged in, the user will be > "forwarded" to a > welcome.jsp. > > I am wondering how could I secure welcome.jsp so that a user > can ONLY access > welcome.jsp by a successful login? I mean a user could just type in > http://localhost:8080/examples/jsp/welcom.jsp, for example, > to access it. > > Someone has metioned the secured page. Could someone explain? > Where can I > get the information or code example? > > Thanks a lot, > > Roland > > ** > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this email in error please notify > the system manager. > > This footnote also confirms that this email message has been swept by > MIMEsweeper for the presence of computer viruses. > > www.mimesweeper.com > ** > > >
RE: Anyone know how to def Data-type in cmp-field???
Quick and dirty...
create your own class String (say ar.com.rifleman.String)
package ar.com.rifleman
public class String extends java.lang.String {}
then map it to a varchar(30)...
that should do it (but again, it's quick and dirty)
JP
PS: Saludos de Claudio Paul Cannigia ;)
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Lunes, 05 de Febrero de 2001 9:58
> To: Orion-Interest
> Subject: Anyone know how to def Data-type in cmp-field???
>
>
> > Hi!
> Hi people aroud the world!!!
>
> I've found info about what I need to run Orion EJB 2.0 sample
> with Interbase inside our Orion-list.
>
> But for now, I'm having following trouble: primary keys, in
> Interbase, allow only 254 bytes in length. If I configure my
> datasource to use Interbase, and set schema="interbase.xml",
> and then mapping Strings to VARCHAR(255), I get errors in
> deployment time (primary key too long, or something like
> this). To turn things bad, I want to use all Interbase power,
> and map Strings to VARCHAR(8000)... How can I configure my
> primary-keys to use a max of varchar(30), or something like
> this? And, how I define the datasource that shold be used for
> deployment (not after deployment)?
>
> See, I need to configure inside ejb-jar.xml file the datatype
> of my cmp-field (not in orion-ejb-jar.xml, because when Orion
> create orion-ejb-jar.xml tables are created too - so my
> database will be incorrect -> of course, I'll get app not
> deployed, because interbase will refuse the primary key with
> more than 254 bytes).
>
> Anyone know how to do this???
>
>
> Thanks
>
RE: Error messages from Orion have invalid XML format - bug?
about the error codes... have you defined an error page? that is a page that is executed to show a bug, and the StackTrace are generated by the default error page JP > -Original Message- > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > Sent: Lunes, 05 de Febrero de 2001 4:40 > To: Orion-Interest > Subject: RE: Error messages from Orion have invalid XML format - bug? > > > Thanks for your reply JP. I am aware of this possibility, and > I am certain > that using Orion this way speeds up development. I guess my > focusing on > finding out about the deployment features has gotten me to > this point where > I prefer to _deploy_ my application during my development. Is > this not what > the IDE's would do too? Maybe it is a matter of taste, but it > seems a little > less elegant to me to develop my JSPs directly in the middle > of Orions file > tree. Actually I thought most people had their files in a > development file > tree and then debugged by either moving the files to Orion > through packaging > and deployment or through simple file copying. > > > Randahl > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Lorandi > (Chile) > Sent: 4. februar 2001 20:02 > To: Orion-Interest > Subject: RE: Error messages from Orion have invalid XML format - bug? > > > Randahl look in $orion\applications\YOUREAR\YOURWAR\yourpage.jsp > > if you edit a .jsp in that dir and browse it, orion will > recon the change, > recompile for you, voila! > > no need to rebuild anything > > > JP > > > -Original Message- > > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > > Sent: Sábado, 03 de Febrero de 2001 8:05 > > To: Orion-Interest > > Subject: Error messages from Orion have invalid XML format - bug? > > > > > > My JSPs return XML which is transformed using XSL. When Orion > > locates syntax > > errors or encounters Exceptions it produces som HTML which > > contains the > > error message AND some HTML markup which presents the error message. > > This Orion markup happens to contain standalone tags. In > > case of an > > exception it looks like this: > > > > > > at com.evermind.server.http.d3.sw(JAX) > > at com.evermind.server.http.d3.su(JAX) > > at com.evermind.server.http.ef.s1(JAX) > > at com.evermind.server.http.ef.do(JAX) > > at com.evermind.util.f.run(JAX) > > > > > > As everybody knows, using standalone tags compromises > > XML syntax - XML > > would expect either or . > > Unfortunately this forces you to follow this debugging process: > > > > 1. Remove the lines in the JSP which links it to the stylesheet: > > > > > > 2. Rebuild the web application > > 3. Have Orion deploy the new build > > 4. Invoke the JSP and read the error > > 5. Correct the error in the JSP > > 6. Rebuild and redeploy > > 7. Check the error was corrected > > 8. Reinsert the line in the JSP which links it to the stylesheet. > > > > A rather long way to go, I think. This raises the question of > > whether this > > could be made easier. I have a feeling, I am not the only > > developer using > > XML, so maybe it would be a great idea if Orion Server > > presented Exceptions > > using tags which are valid in both HTML and XML. If the tag was > > replaced with , errors would be visible in both > HTML and XML > > results. Moreover, if the whole error was enclosed in a valid > > XML tag you > > can have your XSL deliver the error as output. For instance > > > > > > > >at com.evermind.server.http.d3.sw(JAX) > >at com.evermind.server.http.d3.su(JAX) > >at com.evermind.server.http.ef.s1(JAX) > >at com.evermind.server.http.ef.do(JAX) > >at com.evermind.util.f.run(JAX) > > > > > > > > This is valid HTML and one can easily write XSL which checks for the > > occurance of this error and produces a result which can be > seen in the > > output to the browser. This is just one quick idea of how to > > accomplish both > > valid HTML and valid XML - there are probably many other ways > > to accomplish > > this aswell. > > > > Of course, there might be a good reason why things are the > > way they are, but > > any comments to these thoughts would be welcomed. And > should anyone at > > Ironflare have the time to comment on this too, I would be > > very grateful. &g
RE: Error messages from Orion have invalid XML format - bug?
Randahl look in $orion\applications\YOUREAR\YOURWAR\yourpage.jsp if you edit a .jsp in that dir and browse it, orion will recon the change, recompile for you, voila! no need to rebuild anything JP > -Original Message- > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > Sent: Sábado, 03 de Febrero de 2001 8:05 > To: Orion-Interest > Subject: Error messages from Orion have invalid XML format - bug? > > > My JSPs return XML which is transformed using XSL. When Orion > locates syntax > errors or encounters Exceptions it produces som HTML which > contains the > error message AND some HTML markup which presents the error message. > This Orion markup happens to contain standalone tags. In > case of an > exception it looks like this: > > > at com.evermind.server.http.d3.sw(JAX) > at com.evermind.server.http.d3.su(JAX) > at com.evermind.server.http.ef.s1(JAX) > at com.evermind.server.http.ef.do(JAX) > at com.evermind.util.f.run(JAX) > > > As everybody knows, using standalone tags compromises > XML syntax - XML > would expect either or . > Unfortunately this forces you to follow this debugging process: > > 1. Remove the lines in the JSP which links it to the stylesheet: > > > 2. Rebuild the web application > 3. Have Orion deploy the new build > 4. Invoke the JSP and read the error > 5. Correct the error in the JSP > 6. Rebuild and redeploy > 7. Check the error was corrected > 8. Reinsert the line in the JSP which links it to the stylesheet. > > A rather long way to go, I think. This raises the question of > whether this > could be made easier. I have a feeling, I am not the only > developer using > XML, so maybe it would be a great idea if Orion Server > presented Exceptions > using tags which are valid in both HTML and XML. If the tag was > replaced with , errors would be visible in both HTML and XML > results. Moreover, if the whole error was enclosed in a valid > XML tag you > can have your XSL deliver the error as output. For instance > > > > at com.evermind.server.http.d3.sw(JAX) > at com.evermind.server.http.d3.su(JAX) > at com.evermind.server.http.ef.s1(JAX) > at com.evermind.server.http.ef.do(JAX) > at com.evermind.util.f.run(JAX) > > > > This is valid HTML and one can easily write XSL which checks for the > occurance of this error and produces a result which can be seen in the > output to the browser. This is just one quick idea of how to > accomplish both > valid HTML and valid XML - there are probably many other ways > to accomplish > this aswell. > > Of course, there might be a good reason why things are the > way they are, but > any comments to these thoughts would be welcomed. And should anyone at > Ironflare have the time to comment on this too, I would be > very grateful. > > > Thanks > Randahl > > > > > -Original Message- > From: Randahl Fink Isaksen [mailto:[EMAIL PROTECTED]] > Sent: 2. februar 2001 11:32 > To: Orion-Interest > Subject: Source XML Error: Expected "" to terminate element > starting on line 51. > > > Occasionally I get a strange result when there are syntax > errors in my JSPs. > If I have a JSP that works fine I can make Orion return a > weird result by > introducing a line like the following into the JSP: > > <% rubishrubishrubish %> > > I would expect Orion to compile the JSP and give me back a > syntax error > somewhere. Instead I get the following in my browser when I > invoke the JSP: > > Source XML Error: Expected "" to terminate element > starting on line 51. > > > I know this sounds weird - that is exactly why I am asking: > Has this occured > to anyone else on the list? - Do you know why this happens? > > > In hopes it is not my inner CPU which has some kind of bug... > > R. > >
RE: Questions about running an EJB client
sorry for the delay, I'll try and explain it again: let's say I (Juan) am a bean developer. Let's say you (Eric) are the application assembler, and let's say Lauren Commons is the deployer. I build a bean. I package the bean in a jar, then pass it on to you. It has some(but not all) of the info needed in ejb-jar.xml . So far it's completly portable across servers. You pick up my bean, add a few of your own, and repackage the .jar . You touch ejb-jar.xml to match your assembly needs(As an example, you want to mark some methods as TX_MANDATORY). You put the .jar in an .ear with the rest of the application modules, and application.xml. This is still PORTABLE across servers (As all in the spec). Now... deployment. A: simple deployment Lauren takes your ear and uses a deploy tool to install the app on a given server. She defines ejb-ref bindings runs required SQL scripts in the DB, maps the security to a given domain etc. To store all of these data(which is server DEPENDANT), the app server creates some files. The app is deployed. B: pre-deployment Deployment is in the corporate HQ of HAL, Inc. If you fuck up there, you're toast. Lauren works with a sturdy, fast server called orion. Regretably, it doesn't include a deploy tool (no, deploytool doesn't work... yet), so she wants to pre-deploy as much as possible about this app in order to have less work to do in the final deployment. So she deploys her app in a test machine. orion-xx.xml files are created. How does she use these files? She REPACKAGES the App, storing the new files alongside its counter-part (orion-application.xml and application.xml go in the same dir), except in the case of ejb-jar.xml, which goes in an orion directory inside the ejb jar. This app is still portable across servers, but it contains now some information on how to deploy on orion-servers. The same process could be done for J2EERI and WLS 6.0, making the actual deployment very accesible. When Lauren deploys this modified .ear, orion will find the orion-xxx files inside the ear, and instead of creating deployment files from scratch, using defaults, it will use the in-ear files to create the actual, $orion\application-deployment resident, orion-xx.xml files. I sure do hope this helps... JP PS: Lauren... may I stick my tongue in your ear? > -Original Message- > From: Eric Hodges [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 01 de Febrero de 2001 19:20 > To: Orion-Interest > Subject: Re: Questions about running an EJB client > > > > - Original Message - > From: "Juan Lorandi (Chile)" <[EMAIL PROTECTED]> > To: "Orion-Interest" <[EMAIL PROTECTED]> > Sent: Thursday, February 01, 2001 3:33 PM > Subject: RE: Questions about running an EJB client > > > > Read the j2ee spec again. > > > > orion-x.xml files are deployment info; deployment info is server > > dependant (in contrast to bean developer info & assembly > info); deployment > > info may override & complete > > for j2eeri, files are named j2eeri-.xml > > > > basically, there's one of these per every .xml in the specs: > > > > SPEC file Orion file packageplace > > application.xml orion-application.xml \YOURAPP.ear\META-INF\ > > ejb-jar.xml orion-ejb-jar.xml > > \YOURAPP.ear\YOUREJB.jar\orion > > web.xml orion-web.xml \YOURAPP.ear\YOURWAR.war\WEB-INF\ > > I don't really understand what you just typed. > > So orion-application.xml gets its info from application.xml? > If so, do I > just stick this namespace stuff in application.xml? > > > >
RE: HttpSession question
there was something like that in the original servlet spec, but it's deprecated now; however, i think the (undocumented?) Administrator object(orionconsole says it's in 'java:comp/Administrator') can do that. -Original Message-From: Reid Hartenbower [mailto:[EMAIL PROTECTED]]Sent: Domingo, 04 de Febrero de 2001 3:10To: Orion-InterestSubject: HttpSession question Is there a way, from a client, to iterate through all the open sessions in a web server? I'm looking for something like Context.listBindings(), but for sessions. I have the feeling that this would be an unacceptable security hole and so is not possible, but figured someone in 'the constellation' might have the definitive answer. Thanks Reid
RE: RE : JSP TagLibs and UTF8 Encoding -> Further Info
aren't cp1252 and UTF-8 actually the same?
> -Original Message-
> From: Ted Rice [mailto:[EMAIL PROTECTED]]
> Sent: Jueves, 01 de Febrero de 2001 8:23
> To: Orion-Interest
> Subject: RE : JSP TagLibs and UTF8 Encoding -> Further Info
>
>
>
>
> ---
> Ted Rice
> APAMA Ltd, 17 Millers Yard, Mill Lane
> Cambridge CB2 1RQ, United Kingdom
> Email: [EMAIL PROTECTED]
> Mobile: +44 (0)7899 876489
> Phone: +44 (0)1223 257973 [Histon Office]
> Fax:+44 (0)1223 51885> A little further information on my encoding
> problem
> > with the JSP Tags and XML translation.
> >
> > When I remove the JSP BodyTag wrapper around the
> > JSP code producing XML, the XML is shown in the
> > browser and all the UTF8 characters are displayed
> > properly. Meaning that in the processing of the
> > JSP the encoding is being preserved.
> >
> > However, in the JSP Tag Code, I have done the
> > following test:
> >
> > public int doAfterBody() throws JspException {
> > // _xmlContent is a member variable instance
> >
> > if (bodyContent == null){
> > _xmlContent = "";
> > }
> > else{
> > _xmlReader = (InputStreamReader) bodyContent.getReader();
> >
> > logger.debug("Reader Encoding [ " +
> > _xmlReader.getEncoding() + " ]");
> > }
> >
> > return SKIP_BODY;
> > }
> >
> > In my log file I see the following line:
> >
> > 2001-02-01 10:12:28,902 [ApplicationServerThread] DEBUG Reader
> > Encoding [ Cp1252 ]
> >
> > Meaning the encoding of the bodyContent reader is where the
> > munging is occurring. Is there a way I can force the
> > reader to use UTF8 encoding?
>
> I have circumvented the problem of encoding being
> lost via a hack. The code was:
>
> byte[] utf8Bytes =
> bodyContent.getString().trim().getBytes("Cp1252");
> ByteArrayInputStream stream = new
> ByteArrayInputStream(utf8Bytes);
> _xmlReader = new InputStreamReader(stream, "UTF-8");
>
> This is going to be slow! I guess the real problem lies that
> the Reader of the bodyContent is reading in Cp1252. How can
> i force the Tag to read in UTF8?
>
> Thanks.
>
> ---
> Ted Rice
> APAMA Ltd, 17 Millers Yard, Mill Lane
> Cambridge CB2 1RQ, United Kingdom
> Email: [EMAIL PROTECTED]
> Mobile: +44 (0)7899 876489
> Phone: +44 (0)1223 257973 [Histon Office]
> Fax:+44 (0)1223 5188599
>
>
RE: Questions about running an EJB client
Read the j2ee spec again. orion-x.xml files are deployment info; deployment info is server dependant (in contrast to bean developer info & assembly info); deployment info may override & complete for j2eeri, files are named j2eeri-.xml basically, there's one of these per every .xml in the specs: SPEC file Orion file packageplace application.xml orion-application.xml \YOURAPP.ear\META-INF\ ejb-jar.xml orion-ejb-jar.xml \YOURAPP.ear\YOUREJB.jar\orion web.xml orion-web.xml \YOURAPP.ear\YOURWAR.war\WEB-INF\ At deployment time, orion creates a counter-part of your SPEC files in $orion\application-deployments\ for this it may use templates bundled in your package (if found in packageplace) HTH JP > -Original Message- > From: Eric Hodges [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 01 de Febrero de 2001 15:50 > To: Orion-Interest > Subject: Re: Questions about running an EJB client > > > Where did this file come from? I didn't put it in my EJB jar > or my EAR > file. It doesn't look like yours (there's no name attribute on the > security-role-mapping tag), so once I edit it how will I > stick it back in my > EAR? > > That sounds odd, doesn't it? > > Thanks for the help. > > > - Original Message - > From: "Juan Lorandi (Chile)" <[EMAIL PROTECTED]> > To: "Orion-Interest" <[EMAIL PROTECTED]> > Sent: Thursday, February 01, 2001 11:51 AM > Subject: RE: Questions about running an EJB client > > > > in orion-application.xml (you can find it in > > $orion\application-deployments\YOURAPP\) > > > > there should be a namespace tag; below is mine's form an app: > > > > > > > > > name="<jndi-user-role>"> > > > > > > > > > > > > > > > > > > then, whenever the current user belongs to group admin, you > have read > access > > for ALL resources. > > I believe that something on the line of > > > > > > > > would grant everybody read access; > > > > AFAIK Orion's JNDI imp. doesn't support writing, so the > write-access part > is > > irrelevant > > > > > > HTH > > > > JP > > > > > -Original Message- > > > From: Eric Hodges [mailto:[EMAIL PROTECTED]] > > > Sent: Miércoles, 31 de Enero de 2001 20:14 > > > To: Orion-Interest > > > Subject: Questions about running an EJB client > > > > > > > > > > > > I'm trying to set up an EJB (my first time) on Orion. I have > > > the .EAR file > > > running, I just need to get the client to test it. When I > > > try to run the > > > client, it fails on the constructor for InitialContext(). > > > Here's the error: > > > > > > java.lang.SecurityException: Not allowed to look up > > > java:comp/ResourceFinder, check the namespace-access tag > setting in > > > orion-application.xml for details > > > at com.evermind.server.rmi.bb.f_(JAX) > > > at com.evermind.server.rmi.RMIServer.f_(JAX) > > > at com.evermind.server.rmi.RMIContext.lookup(JAX) > > > at com.evermind.server.administration.LazyResourceFinder.f_(JAX) > > > at > > > > com.evermind.server.administration.LazyResourceFinder.getEJBHome(JAX) > > > at com.evermind.server.Application.ap7(JAX) > > > at > > > com.evermind.server.ApplicationClientInitialContextFactory.get > > > InitialContext > > > (JAX) > > > at > > > javax.naming.spi.NamingManager.getInitialContext(NamingManager > > > .java:668) > > > at > > > > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:246) > > > at javax.naming.InitialContext.init(InitialContext.java:222) > > > at javax.naming.InitialContext.(InitialContext.java:198) > > > at > > > com.mongoosetech.agent.AgentBase.registerWithServer(AgentBase. > > > java:100) > > > at com.mongoosetech.agent.AgentBase.register(AgentBase.java:71) > > > at com.mongoosetech.agent.AgentBase.(AgentBase.java:58) > > > at > > > > com.mongoosetech.agent.jdbcagent.JDBCAgent.(JDBCAgent.java:81) > > > at > > > com.mongoosetech.agent.jdbcagent.JDBCFramgent.(JDBCFramg > > > ent.java:21) > > > at > > > com.mongoosetech.agent.jdbcagent.JDBCFramgent.main(JDBCFramgen > > > t.java:73) > > > > > > The problem is that I don't have a file called > > > "orion-application.xml". > > > From the docs, I get the impression this is an Orion specific > > > version of > > > application.xml. I have that, but I don't see a way to make > > > it let me look > > > up java:comp/ResourceFinder. > > > > > > Any clues? > > > > > > > > > > > > >
RE: Questions about running an EJB client
in orion-application.xml (you can find it in $orion\application-deployments\YOURAPP\) there should be a namespace tag; below is mine's form an app: then, whenever the current user belongs to group admin, you have read access for ALL resources. I believe that something on the line of would grant everybody read access; AFAIK Orion's JNDI imp. doesn't support writing, so the write-access part is irrelevant HTH JP > -Original Message- > From: Eric Hodges [mailto:[EMAIL PROTECTED]] > Sent: Miércoles, 31 de Enero de 2001 20:14 > To: Orion-Interest > Subject: Questions about running an EJB client > > > > I'm trying to set up an EJB (my first time) on Orion. I have > the .EAR file > running, I just need to get the client to test it. When I > try to run the > client, it fails on the constructor for InitialContext(). > Here's the error: > > java.lang.SecurityException: Not allowed to look up > java:comp/ResourceFinder, check the namespace-access tag setting in > orion-application.xml for details > at com.evermind.server.rmi.bb.f_(JAX) > at com.evermind.server.rmi.RMIServer.f_(JAX) > at com.evermind.server.rmi.RMIContext.lookup(JAX) > at com.evermind.server.administration.LazyResourceFinder.f_(JAX) > at > com.evermind.server.administration.LazyResourceFinder.getEJBHome(JAX) > at com.evermind.server.Application.ap7(JAX) > at > com.evermind.server.ApplicationClientInitialContextFactory.get > InitialContext > (JAX) > at > javax.naming.spi.NamingManager.getInitialContext(NamingManager > .java:668) > at > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:246) > at javax.naming.InitialContext.init(InitialContext.java:222) > at javax.naming.InitialContext.(InitialContext.java:198) > at > com.mongoosetech.agent.AgentBase.registerWithServer(AgentBase. > java:100) > at com.mongoosetech.agent.AgentBase.register(AgentBase.java:71) > at com.mongoosetech.agent.AgentBase.(AgentBase.java:58) > at > com.mongoosetech.agent.jdbcagent.JDBCAgent.(JDBCAgent.java:81) > at > com.mongoosetech.agent.jdbcagent.JDBCFramgent.(JDBCFramg > ent.java:21) > at > com.mongoosetech.agent.jdbcagent.JDBCFramgent.main(JDBCFramgen > t.java:73) > > The problem is that I don't have a file called > "orion-application.xml". > From the docs, I get the impression this is an Orion specific > version of > application.xml. I have that, but I don't see a way to make > it let me look > up java:comp/ResourceFinder. > > Any clues? > > >
RE: Security...
what you should do is implement UserManager with native code that access OS security credentials. In windows, you should implement UserManager and, using JNI or JIntegra, call ADSI methods to retrieve OS users/groups. HTH JP > -Original Message- > From: Christian Sell [mailto:[EMAIL PROTECTED]] > Sent: Jueves, 01 de Febrero de 2001 10:34 > To: Orion-Interest > Subject: Re: Security... > > > > Hi, > > > > My question also relates to security. > > How can we map OS level usergroups to J2EE security roles? > In the XML > > descriptors, we can only map roles to methods, EJBs, etc. > But how to map > > real users to roles? (Please let me know your answers for > both Windows and > > Solaris platforms!) > > > > Thanks, > > > > Tibor > > user to role mapping is done in XML descriptors as well. > Heres an excerpt > from my orion-application.xml: > > > > > > > > > in this case, the role names and the user/group names are > identical. The > group/user is the entity that is verified by the user > management, which can > be configured in the same file with the > element. The default > user management goes to the file principals.xml. > > HTH > >
RE: Session EJB Accessibility
It's tough for container providers to provide Singleton behavior when more than one JVM is involved; I can trace this back to CORBA. That's why it's not in the spec. JP > -Original Message- > From: Jeff Schnitzer [mailto:[EMAIL PROTECTED]] > Sent: Martes, 30 de Enero de 2001 20:29 > To: Orion-Interest > Subject: RE: Session EJB Accessibility > > > I'm confused by your comments; does it need to manage state, > or doesn't > it? I'm assuming it does, otherwise you would just use a stateless > session bean. > > Here's some fodder for conversation: > > I don't think there is an EJB facility which will help you. SLSBs are > pooled and can timeout, SFSBs have no lookup mechanism, can > timeout, and > aren't reentrant (although Orion, despite the spec, serializes calls, > which is good), and entity beans will get all wacky because of the > multiple instances you will get from an optimistic concurrency model. > > It seems like what you want is either a SLSB which never times out and > is guaranteed to only have one instance in the pool, or a BMP entity > bean with a guarantee of serialized transactions. > > Is it possible to make Orion do either of these? And what > would happen > in a clustered solution? > > I propose that the only server-independent way to do what you > want is to > use an RMI server. The EJB specification really needs a > "SingletonBean", preferrably one which allows concurrent > calls (and thus > reasonable performance). > > Comments? > > Jeff > > > >-Original Message- > >From: Mark Bernardinis [mailto:[EMAIL PROTECTED]] > >Sent: Tuesday, January 30, 2001 12:18 AM > >To: Orion-Interest > >Subject: Re: Session EJB Accessibility > > > > > >I don't want to do any database activity. I just want this > >Java Object to be > >accessible as an EJB accessible by many different clients > hosted by an > >Application Server. The object doesn't have to be stateful either. > > > >> It sounds like you're describing an entity bean more than a session > >> bean. An entity bean can be called by many clients although > >access is > >> serialized. And certainly the role of an entity bean is to > >> encapsulate data in a > >apparently-storage-mechanism-independent manner, > >> from the client's perspective... > >> > >> How does the notion of a session play into what you want the bean > >> to do? > >> > >>Gary > >> > >> Mark Bernardinis ([EMAIL PROTECTED]) wrote: > >>> > >>> Requirements: > >>> An EJB to be Stateful > >>> Accessible by more than client > >>> Share the same data object and information > >>> > >>> Summarising the above information, I would like to have > an EJB that > >>> can be called by many clients yet share the same underlying data > >>> within the bean. These clients may be another application running > >>> under Orion or a stand-alone application. > >>> > >>> Is this possible, and if it is, what special requirements > >do I need to > >>> meet. I have looked at SessionContext but does this have > anything to > >>> do with it? > >>> > >>> Thanks in advance. > >>> > >>> Mark > > > > > > > > >
RE: Session EJB Accessibility
nope, shouldn't serve multiple clients concurrently... however, most servers use it (kinda) statically, but won't be true in a cluster JP > -Original Message- > From: Luong, Tony S322 [mailto:[EMAIL PROTECTED]] > Sent: Martes, 30 de Enero de 2001 15:23 > To: Orion-Interest > Subject: RE: Session EJB Accessibility > > > use stateless session bean, it can serve multiple clients > concurrently. > > > -Original Message- > > From: Mark Bernardinis [SMTP:[EMAIL PROTECTED]] > > Sent: Tuesday, January 30, 2001 3:18 AM > > To: Orion-Interest > > Subject:Re: Session EJB Accessibility > > > > I don't want to do any database activity. I just want this > Java Object to > > be > > accessible as an EJB accessible by many different clients > hosted by an > > Application Server. The object doesn't have to be stateful either. > > > > > It sounds like you're describing an entity bean more than > a session > > > bean. An entity bean can be called by many clients > although access is > > > serialized. And certainly the role of an entity bean is to > > > encapsulate data in a > apparently-storage-mechanism-independent manner, > > > from the client's perspective... > > > > > > How does the notion of a session play into what you want the bean > > > to do? > > > > > > Gary > > > > > > Mark Bernardinis ([EMAIL PROTECTED]) wrote: > > >> > > >> Requirements: > > >> An EJB to be Stateful > > >> Accessible by more than client > > >> Share the same data object and information > > >> > > >> Summarising the above information, I would like to have > an EJB that > > >> can be called by many clients yet share the same underlying data > > >> within the bean. These clients may be another application running > > >> under Orion or a stand-alone application. > > >> > > >> Is this possible, and if it is, what special > requirements do I need to > > >> meet. I have looked at SessionContext but does this have > anything to > > >> do with it? > > >> > > >> Thanks in advance. > > >> > > >> Mark > > > > > > > > -- > > CONFIDENTIALITY NOTICE: If you have received this e-mail in > error, please immediately notify the sender by e-mail at the > address shown. This e-mail transmission may contain > confidential information. This information is intended only > for the use of the individual(s) or entity to whom it is > intended even if addressed incorrectly. Please delete it > from your files if you are not the intended recipient. Thank > you for your compliance. > > > >
RE: orion and mysql?
not to mention the total lack of transaction support which makes it impossible to be used with CMP AFAIK JP -Original Message- From: Arno Grbac [mailto:[EMAIL PROTECTED]] Sent: Martes, 30 de Enero de 2001 15:08 To: Orion-Interest Subject: RE: orion and mysql? This doesn't answer your question, but take a serious look at InterBase 6 (IT IS FREE AND OPEN SOURCE!!!). mySQL doesn't have a good locking mechanism yet, ..as well as some missing data types (last time I checked). Good luck, -arno -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Marc Linke Sent: Tuesday, January 30, 2001 11:21 AM To: Orion-Interest Subject: orion and mysql? Hi, is there any simple how-to for setting up mysql with orion available? Or can someone explain me how to do it? thanks
