Sun GlassFish Enterprise Server 2.1 Administration Guide
Sun Microsystems, Inc Network Circle Santa Clara, CA
090122@21808
Contents
Java Business Integration
Jdbc Resources
Accessing Remote Servers
Configuring JMS Provider Properties
IBM Informix Type 4 Driver CloudScape 5.1 Type 4 Driver
Foreign JMS Providers
Configuring Security
Web and EJB Containers
127
141
149
Virtual Servers 149 Http Listeners 150
153
What is the ORB? 162 Iiop Listeners
158
161
163
About Management Rules 215 Configuring Management Rules 216
Tuning the JVM Settings 219
215
219
Asadmin Utility
Profiler and SSL Commands
231
244
Page
Figures
Page
Tables
JVM Statistics for Java SE Runtime 189
Remote Commands Required Options 234
Server Lifecycle Commands 237
List and Status Commands 238
Deployment Commands 239
Examples
Page
Table P-1Books in the Enterprise Server Documentation Set
Preface
Sun GlassFish Enterprise Server Documentation Set
Default Paths and File Names
Table P-2Default Paths and File Names
Symbol Conventions
Symbol Conventions
Typographic Conventions
Table P-3Typographic Conventions
Sun Welcomes Your Comments
Documentation, Support, and Training
Third-Party Web Site References
Enterprise Server Overview
Enterprise Server Overview and Concepts
Enterprise Server Overview
This section contains the following topics
Tools for Administration
Admin Console
For example
Http//hostnameport
JConsole
Command-line Interface asadmin Utility
To list the commands available within asadmin
Domain
Domain Administration Server DAS
Enterprise Server Concepts
1Features Available for Each Profile
Usage Profiles
Node Agent
Features Available for Each Profile
Cluster
Server Instance
1Enterprise Server Instance
Ports in the Enterprise Server
2Enterprise Server Listeners that Use Ports
Http//hostname5000
Basic Enterprise Server Commands
Creating a Domain
Starting the Domain
Deleting a Domain
Listing Domains
Starting the Default Domain on Windows
Stopping the Default Domain on Windows
Stopping the Domain
Restarting the Domain
Starting a Cluster
Stopping a Cluster
Creating a Node Agent
Starting a Node Agent
Stopping a Node Agent
Starting an Instance
Stopping an Instance
Restarting an Instance
Recreating the Domain Administration Server
To migrate the DAS
Change
Page
Service Engines
Java Business Integration
JBI Environment
JBI Components
Binding Components
JBI Component Loggers
Service Assemblies
Shared Libraries
JBI Descriptors
Jdbc Resources
Jdbc Resources
Jdbc Connection Pools
How Jdbc Resources and Connection Pools Work Together
Setting Up Database Access
Working with Jdbc Connection Pools
Creating a Jdbc Connection Pool
Click OK
Change connection validation settings
Editing a Jdbc Connection Pool
By calling the con.getAutoCommit and con.getMetaData methods
Editing Jdbc Connection Pool Advanced Attributes
Creation Retry Attempts is greater than
Configurations for Specific Jdbc Drivers
Configurations for Specific Jdbc Drivers
Java DB Type 4 Driver
DataSource Classname Specify one of the following
Sun GlassFish Jdbc Driver for DB2 Databases
DataSource Classname com.sun.sql.jdbcx.db2.DB2DataSource
Sun GlassFish Jdbc Driver for Microsoft SQL Server Databases
IBM DB2 8.1 Type 2 Driver
DataSource Classname com.ibm.db2.jcc.DB2SimpleDataSource
DeferPrepares Set to false
DataSource ClassnameSpecify one of the following
Com.mysql.jdbc.jdbc2.optional.MysqlDataSource
MySQL Type 4 Driver
Inet Oraxo Jdbc Driver for Oracle 8.1.7 and 9.x Databases
Inet Merlia Jdbc Driver for Microsoft SQL Server Databases
DataSource Classname com.inet.ora.OraDataSource
DataSource Classname com.inet.tds.TdsDataSource
Jdbcinetoralocalhost1521payrolldb
Inet Sybelux Jdbc Driver for Sybase Databases
DataSource Classname com.inet.syb.SybDataSource
Jdbcoracleoci@localhost1521customerdb
OCI Oracle Type 2 Driver for Oracle 8.1.7 Databases
Jdbcoraclethin@localhost1521customerdb
DataSource Classname com.ibm.db2.jcc.DB2DataSource
IBM Informix Type 4 Driver
CloudScape 5.1 Type 4 Driver
Page
Configuring Java Message Service Resources
JMS Resources
Relationship Between JMS Resources and Connector Resources
JMS Physical Destinations
JMS Connection Factories
JMS Destination Resources
Configuring JMS Provider Properties
Accessing Remote Servers
Foreign JMS Providers
Configuring the Generic Resource Adapter
Resource Adapter Properties
False
Foreign JMS Providers
ManagedConnectionFactory Properties
Administered Object Resource Properties
Activation Spec Properties
Configuring Java Message Service Resources
Message causes a runtime exception
Configuring JavaMail Resources
Creating a JavaMail Session
Creating a JavaMail Session
Java EE Naming Services
Jndi Resources
Naming References and Binding Information
1JNDI Lookups and Their Associated References
Using Custom Resources
Using External Jndi Repositories and Resources
Using External Jndi Repositories and Resources
Connector Resources
An Overview of Connectors
Specify this name when creating a connector resource
Managing Connector Connection Pools
To Create a Connector Connection Pool
To Edit a Connector Connection Pool
Create-connector-connection-pool
Same transaction level as that specified in resource
To Edit Connector Connection Pool Advanced Attributes
Pool. Default value is false
To Delete a Connector Connection Pool
To create security maps for connector connection pools
To Edit Security Maps for Connector Connection Pools
To Edit Connection Pool Properties
Managing Connector Resources
To Set Up EIS Access
To Create a Connector Resource
Delete-connector-connection-pool
Create-connector-resource
To Edit a Connector Resource
To Delete a Connector Resource
Delete-connector-resource
Managing Administered Object Resources
To Configure the Connector Service
To Create an Administered Object Resource
To Edit an Administered Object Resource
To Delete an Administered Object Resource
Create-admin-object
Delete-admin-object
Web and EJB Containers
SIP Servlet Container
Editing SIP Container Session Properties
Editing the Properties of the SIP Container
Editing SIP Container General Attributes
Editing SIP Container Session Manager Properties
Web Container
EJB Container
Page
Configuring Security
Understanding Application and System Security
Tools for Managing Security
Managing Security of Passwords
Encrypting a Password in the domain.xml File
Asadmin create-password-alias --user admin alias-name
Asadmin create-password-alias --user admin jms-password
Protecting Files with Encoded Passwords
Changing the Master Password
Restart the Enterprise Server for the relevant domain
Restart the Enterprise Server
Changing the Admin Password
Working with the Master Password and Keystores
1Enterprise Server Authentication Methods
About Authentication and Authorization
Authenticating Entities
Verifying Single Sign-On
Authorizing Users
Specifying Jacc Providers
Configuring Message Security
Understanding Users, Groups, Roles, and Realms
Users
Groups
Roles
Realms
To Configure a Jdbc Realm for a Web, EJB Application
Create a Jdbc realm
Following topics are discussed in this section
Introduction to Certificates and SSL
About Digital Certificates
About Secure Sockets Layer
About Certificate Chains
Using Name-based Virtual Hosts
About Ciphers
About Firewalls
About Certificate Files
Changing the Location of Certificate Files
Using Java Secure Socket Extension Jsse Tools
Using the keytool Utility
Display certificate information from a keystore of type JKS
Delete a certificate from a keystore of type JKS
Generating a Certificate Using thekeytool Utility
Deleting a Certificate Using thekeytool Utility
Certificate was added to keystore Saving cacerts.jks
Keytool -delete
Using Network Security Services NSS Tools
Storepass password
Using the certutil Utility
Verify the certificates generated in the previous bullet
Display available certificates
Certutil -L -d $CERTDBDIR
Delete a certificate from an NSS certificate database
Move a certificate from an NSS database to JKS format
Modutil -list -dbdir $admin.domain.dir/$admin.domain/config
Add a new PKCS11 module or token
Delete a PKCS11 module from an NSS store
List available token modules in an NSS store
Using Hardware Crypto Accelerator With Enterprise Server
About Configuring Hardware Crypto Accelerators
Modutil -list -dbdir Asnssdb
Configuring PKCS#11 Tokens
Standard output will look similar to the following
Managing Keys And Certificates
This section describes the following topics
Listing Keys and Certificates
Standard output will be similar to the following
Working With Private Keys and Certificates
Configuring J2SE 5.0 PKCS#11 Providers
Configuration for the SCA 1000 hardware accelerator
Property name=mytoken value=&InstallDir/mypkcs11.cfg
Name=HW1000 Library=/opt/SUNWconn/crypto/lib/libpkcs11.so
126
Configuring Message Security
Overview of Message Security
Assigning Message Security Responsibilities
System Administrator
Understanding Message Security in the Enterprise Server
About Username Tokens
Application Deployer
Application Developer
About Message Protection Policies
About Digital Signatures
About Encryption
Glossary of Message Security Terminology
Response Policy
Securing a Web Service
Securing the Sample Application
Configuring the Enterprise Server for Message Security
Configuring Application-Specific Web Services Security
Actions of Request and Response Policy Configurations
After You Finish
Configuring Other Security Facilities
Configuring a JCE Provider
Save and close the file
Security.provider.1=sun.security.provider.Sun
Message Security Setup
Enabling Providers for Message Security
To specify the default client provider
Configuring the Message Security Provider
To specify the default server provider
Creating a Message Security Provider
Enabling Message Security for Application Clients
Further Information
Response-policy
Diagnostic Service Framework
Configuring the Diagnostic Service
What is the Diagnostic Framework?
Generating a Diagnostic Report
About Transactions
What is a Transaction?
Transactions
What is a Transaction? on Configuring Transactions on
Transactions in Java EE Technology
Admin Console Tasks for Transactions
Configuring Transactions
This section explains how to configure transaction settings
Workarounds for Specific Databases
To set a transaction timeout value
Set any needed properties
To set the location of the transaction logs
Default value is
To set the keypoint interval
Configuring the Http Service
Virtual Servers
Http Listeners
Configuring the Http Service 151
152
Managing Web Services
Overview of Web Services
Web Services Standards
Java EE Web Service Standards
Deploying and Testing Web Services
Deploying Web Services
Using Web Services Registries
Viewing Deployed Web Services
Testing Web Services
Web Services Security
Publishing a Web Service to a Registry
Adding a Registry
Monitoring Web Services
Transforming Messages with Xslt Filters
Viewing Web Service Statistics
Monitoring Web Service Messages
160
Configuring the Object Request Broker
An Overview of the Object Request Broker
Configuring the ORB
What is the ORB?
Managing Iiop Listeners
Iiop Listeners
Thread Pools
Working with Thread Pools
Log Records
Configuring Logging
About Logging
Logger Namespace Hierarchy
1Enterprise Server Logger Namespaces
Enterprise Server Logger Namespaces
JTS
Configuring Log Levels
Configuring Logging
Configuring General Logging Settings
Details
Viewing Server Logs
171000.000
ThreadID=13
Monitoring in the Enterprise Server
Monitoring Components and Services
About Monitoring
Overview of Monitoring
About the Tree Structure of Monitorable Objects
Applications Tree
Following sections describe these sub-trees
Http Service Tree
Resources Tree
Connector Service Tree
JMS Service Tree
About Statistics for Monitored Components and Services
ORB Tree
Thread Pool Tree
Orb Connection-managers Connection-manager-1
EJB Container Statistics
1EJB Statistics
2EJB Method Statistics
3EJB Session Store Statistics
EJB Session Store Statistics
4EJB Pool Statistics
5EJB Cache Statistics
7Web Container Servlet Statistics
6Timer Statistics
Web Container Statistics
Http Service Statistics
8Web Container Web Module Statistics
9HTTP Service Statistics Developer Profile
Jdbc Connection Pools Statistics
10JDBC Connection Pool Statistics
JMS/Connector Service Statistics
11Connector Connection Pool Statistics
13Connection Manager in an ORB Statistics
12Connector Work Management Statistics
Statistics for Connection Managers in an ORB
Transaction Service Statistics
15Transaction Service Statistics
Thread Pools Statistics
14Thread Pool Statistics
15 Transaction Service Statistics
Java Virtual Machine JVM Statistics
JVM Statistics
17JVM Statistics for Java SE- Class Loading
20JVM Statistics for Java SE- Memory
18JVM Statistics for Java SE- Compilation
19JVM Statistics for Java SE- Garbage Collection
22JVM Statistics for Java SE Runtime
Following table
21JVM Statistics for Java SE Operating System
23JVM Statistics for Java SE Thread Info
Enabling and Disabling Monitoring
24JVM Statistics for Java SE Threads
Returns
Configuring Monitoring Levels Using the Admin Console
To Configure Monitoring Levels Using asadmin
Viewing Monitoring Data in the Admin Console
Viewing Monitoring Data With the asadmin Tool
To Use the asadmin monitor Command to View Monitoring Data
Viewing Monitoring Data
531628032 45940736
Command returns the following attributes and data
Asadmin get --user adminuser --monitor server.jvm
Server.http-service
Understanding and Specifying Dotted Names
Examples of the list and get Commands
Server.applications.petstore
Examples for the list --user admin-user --monitor Command
Examples for the get --user admin-user --monitor Command
Asadmin list --user admin-user--monitor server
Asadmin list --user admin-user--monitor server.applications
Asadmin get --user admin-user--monitor server.jvm
Attempt to get all attributes from a Java EE application
Asadmin get --user admin-user--monitor server.jvm.badname
To Use the PetStore Example
Attempt to get a specific attribute from a subsystem
Returns output will be similar to
Returns with dotted name removed for space considerations
Server.http-service Server.resources Server.thread-pools
Asadmin list -m server.applications.petstore.signon-ejbjar
Monitoring Components and Services 201
Expected Output for list and get Commands at All Levels
Top Level
Applications Level
Application has been deployed. It is not applicable if a
Monitoring Components and Services 205
List -m Server.applications.app1
28HTTP-Service Level
29Thread-Pools Level
ORB Level
31Transaction-Service Level
Resources Level
JVM Level
Using JConsole
Level
Securing JConsole to Application Server Connection
Prerequisites for Connecting JConsole to Application Server
Connecting JConsole to Application Server
Connecting JConsole Securely to Application Server
Monitoring Components and Services 213
214
Configuring Management Rules
About Management Rules
Configuring Management Rules
Configuring Management Rules 217
218
Java Virtual Machine and Advanced Settings
Tuning the JVM Settings
Configuring Advanced Settings
This Appendix contains the following topics
Automatically Restarting a Domain or Node Agent
Restarting Automatically on Solaris
Restarting Automatically on Solaris
Creating a Windows Service
Restarting Automatically on the Microsoft Windows Platform
Start= auto DisplayName= display-name
Jvm-options-Xrs/jvm-options
Process name=as-service-name Sysproperty key=-Xrs
Security for Automatic Restarts
226
Dotted Name Attributes for domain.xml
Top Level Elements
Top Level Elements
Elements Not Aliased
Elements Not Aliased
230
Asadmin Utility
Asadmin Utility
Appendix C The asadmin Utility 233
Common Options for Remote Commands
Table C-1Remote Commands Required Options
Multimode Command
Prefix followed by the password name in uppercase letters
Get, Set, and List Commands
Server Lifecycle Commands
Table C-2Server Lifecycle Commands
Table C-3List and Status Commands
List and Status Commands
Table C-2 Server Lifecycle Commands
Deployment Commands
Table C-4Deployment Commands
Version Commands
Message Queue Administration Commands
Table C-5Version Commands
Table C-6Message Queue Commands
Resource Management Commands
Table C-7Resource Management Commands
Table C-7 Resource Management Commands
Configuration Commands
Http and Iiop Listener Commands
Lifecycle and Audit Module Commands
Table C-8IIOP Listener Commands
Profiler and SSL Commands
JVM Options and Virtual Server Commands
Table C-9Lifecycle Module Commands
Table C-10Profiler and SSL Commands
Threadpool and Auth-Realm Commands
Transaction and Timer Commands
Table C-11JVM Options and Virtual Server Commands
Table C-12Threadpool and Auth-Realm Commands
User Management Commands
Registry Commands
Table C-13Transaction Commands
Table C-14Transaction Commands
Table C-16Rules and Monitoring Commands
Rules and Monitoring Commands
Database Commands
Diagnostic and Logging Commands
Web Service Commands
Table C-17Database Commands
Table C-18Diagnostic and Logging Commands
Security Service Commands
Table C-20Security Commands
Password Commands
Table C-21Password Commands
Service Command
Verify Command
Custom MBean Commands
Property Command
Table C-25Property Command
Index
ACC
JMS
Logging ORB
256
