Tuesday Jun 09, 2009

Stop asadm to ask for master password

Sun Java Application Server 9.x or glassfish command asadm asks for master password during execution. At SJAS 8.x era, asadm only asked for one password, AS_ADMIN_PASSWORD, and you can save "AS_ADMIN_PASSWORD=" into a file and supply this file as the value of parameter "--passwordfile". Now newer version asks for master password. It might be a security improvement, but it is inconvenient for developers.

Someone told me to set envt variable AS_ADMIN_MASTERPASSWORD. This does not help. However, the solution is simple. You can use the same password file, but add one more line "AS_ADMIN_MASTERPASSWORD=". Actually you can even use a --savemasterpassword flag when executing asadm command with subcommand create-domain, create-node-agent, and change-master-password. An encrypted master-password file will be created under the home directory. And this will stop prompting for master password.

Monday Nov 05, 2007

Configure Session Failover on Access Manager 6.3

When testing AM6.3 patch12, session failover feature was reported not working. There is a NPE when checking whether a server instance is up or not. The amsessiondb process never received any READ requests. After some debugging, it appeared that the server ID of the Load Balancer (03, suppose 2 AM servers 01 and 02 in the cluster) have to be added to make it working.

However, in Deployment Planing Guide of AM6.3, it clearly states "Do not include the server ID of load balancer." in "Session Cluster Server List".

The root cause is that the person who set up the environment modified the value of "com.iplanet.am.localserver.host" in configure file AMConfig.properties when changing other properties "com.iplanet.am.server.host", "com.iplanet.am.console.host", "com.iplanet.am.profile.host" and "com.iplanet.am.naming.url". Properties "com.iplanet.am.localserver.xxx" should never change unless you have to modify the host name of the box.

Actually with localserver.host changed to the host name of LB, adding server ID of LB to the "Session Cluster Server List" could help session failover to work, but it may cause some performance issue, some unnecessary internal session routings.

About

gc

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today