mardi mars 24, 2009

GlassFish Tools for Eclipse are available

Sun is making available GlassFish Tools for Eclipse (v0.9, final version to be release soon).  This is a pre-configured package containing Eclipse 3.4.1 alongside with GlassFish v2.1 and GlassFish v3 prelude and the required Eclipse plugins to effectively manage and deploy applications to GlassFish right from the IDE.

Q: Who is the target for this offering?
A: Developers or organizations that have already standardized on or prefer Eclipse over NetBeans.

Q: Why has Sun created this offering?
A: Sun has created a strong preference for GlassFish among NetBeans users. However, a large community of developers have chosen Eclipse as their IDE of choice.  Today those developers have to download open source products from multiple locations and configure them to work together (error prone), increasing the barrier to entry. This offering creates a positive feature-rich out-of-the-box experience for Eclipse developers. In additional, developers can now leverage the open source plugins created by competitive frameworks (Spring, SEAM, Hibernate, etc) within a GlassFish-focused IDE. This bundle will also improve the relationship between the community of Eclipse developers and Sun.

Q: Is Sun moving away from Netbeans towards Eclipse?
A: No. Sun is expanding its reach by embracing not just the NetBeans developer community, but also the Eclipse community. This is a consistent with Sun's strategy of using open source to "lower the barrier to entry" - in this case to a large developer community.

lundi janv. 19, 2009

JavaFX asynchronous communication with JSON and REST based web services

While writing Rich Internet Application with JavaFX is relatively easy and well documented, fetching data from remote sources seemed more obscure to me. The documentation is minimal and I did not found any good tutorial describing the various techniques available to connect to a remote web service and how to parse the results.

While this blog entry do not aim at being such a tutorial, I will just give an example I developed over the week end to integrate a JSon based REST web service from a JavaFX application.

(For those of you interested in database access, my colleague Octavian just published a blog entry on the subject).

Let's first start with the REST web service. Once you have installed the appropriate plugin into NetBeans, it is as simple as creating a web application, then creating a REST based web service.

I used the supplied JSon Java classes to create the output message.

The web service I created just return 4 random values, between 0 and 100. The syntax of the returned message is

{“Values”: 21, 35, 76, 82}

And the code is as follow :

public class ValuesResource {

    Random rand = new Random(new java.util.Date().getTime());

    public String getValues() {
      String result;
      try {
         result = new JSONStringer()
      catch (JSONException e) {
         result = "{ \\"error\\" : \\"" +e.getLocalizedMessage() + "\\" }";
      return result;

I deployed this on GlassFish v3 and tested from command line with curl :

marsu:~ sst$ curl http://localhost:8080/WebApplication1/resources/values

In my JavaFX application, I want to call this web service on a regular basis. I therefore choose to use the Timer and TimerTask Java classes to wrap the calling code and execute it on a regular time-based interval.

The first piece of code is a custom TimerTask. It wraps the JavaFX provided RemoteTextDocument, a very easy to use class that wraps the HTTP communication.

var values : Number[];
class Task extends TimerTask {
   override function run() {
      var request : RemoteTextDocument = RemoteTextDocument {
         url: "http://localhost:8080/WebApplication1/resources/values";
      var returnValue: String = bind request.document on replace {
         if (request.done) {         
            var data : JSONArray = new JSONObject(returnValue).getJSONArray("Values");
            for (i in [ - 1]) {
               insert data.getDouble(i)into values;

The RemoteTextDocument as three useful attributes :

  • url, the URL to connect to ;

  • done, a flag indicating that the connection is completed ;

  • document, the text returned by the URL connection

The URL connection is made automatically when creating an instance of the class.

To get access to the document in an asynchronous way, I am using the bind and on replace capabilities provided by JavaFX.

My returnValue variable is bound to request.document, meaning that every time request.document is modified, returnValue is updated to reflect the new value.

The on replace trigger, allows to execute some code when the value of returnValue is changing, basically, it parses the resulting String with the Java based JSon classes and create an array of Number.

Easy to write, to read and very efficient !

The last step is to create a Java Timer to trigger the TimerTask on a regular basis. I want this process to start as soon as the JavaFX application starts. JavaFX does provide a run() function for this purpose.

function run( args : String[] ) {

   def timer : Timer = new Timer("TimerThread");
   def task  : Task = new Task();  
   //run the TimerTask immediately and every 5 secs
   timer.schedule(task, 0, 5000);

   //more JavaFX line of code, notably create the Stage and Scene etc ...

Et voila ... the JavaFX application will start polling the REST web service every 5 secs.

I further bounded the array of Number prepared by the TimerTask to a PieChart component. The net result is a self-refreshing pie chart as shown below.

The PieChart JavaFX component will be described in a later blog entry.

lundi nov. 17, 2008

Platform Popularity and Job Posting

One of the interesting way to mesure the popularity of a software platform or framework is to capture the number of job posting requiring experience with the platform or the framework.

This is the type of search allows to conduct.  And guess what ?  GlassFish experience appearing in job postings increased ~700% during the last two quarters !  More than 6 times the growth of popularity of the other application servers.

Stil looking for evidences of GlassFish adoption ?

lundi sept. 15, 2008

Open Source Distribution and Support - the best of both worlds

Many customers are asking for the latest and greatest features from our development trees, while asking at the same time for the security of a support contract.

Developers wants to work with the latest stable builds, Managers wants the security of 24/7 support and legal indemnifications.

Until today, customers had either to download the latest stable build from our open source and community web sites (such as OpenSSO, OpenESB), either to subscribe to the commercial equivalent of these tools (Access Manager, Java CAPS) .

Once again, Sun is changing the rules.

GlassFishESB will be the officially supported version of the community open source project OpenESB, with stable releases on a more frequent basis than the commercial equivalent Java CAPS, also based on OpenESB.

GlassFishESB is the fourth release vehicle for Java CAPS, the others being ESB Suite, MDM Suite and, the full Java CAPS. Confused ?  Check this table to compare our four offerings.

But we don't want to leave our Java CAPS customers behind, therefore the components that are being released with GlassFish ESB are targeted for use by Java CAPS customers as well. The objective being that Java CAPS or ESB Suite customers can use all of the capabilities released with GlassFish ESB at the time they are available.

Further, going forward, customers who buy the higher levels Suites should not be "disadvantaged" in terms of either not having access to new components and also having access to them at the same time.  In other words, we want customers of the "suites" to have the benefits and flexibility of the community approach as well

Similarly, OpenSSO Express is the supported version of OpenSSO, available to Access Manager customers. Access Manager releases are published every 12-15 months, while OpenSSO Express releases are planed every 3 months.

Can we get the best of both worlds ?  You bet !

jeudi août 02, 2007

Implementing Fine Grained Access Control with OpenSSO

I tried to implement the concept presented in this excellent article from my colleagues Robert Skoczylas and Marina Sum.  Their article is quite well detailed.  I thought the implementation would be painless and that I should have a demo to show to partners and customers in a couple of minutes.

Actually, it was a little more complex than I originally anticipated and I would like to share and describe my experience with you.  Reading the above-mentioned article is a prerequisite to understand or implement the project described here under.

The objective is to create a web application that will leverage OpenSSO (or Access Manager) for

  • user authentication - with the help of the Policy Agent
  • user authorization - with the help of the Policy Agent for URL authorization and a Custom Policy Service and the AM Client SDK for fine grained authorization.

The NetBeans project and some other supporting file needed to compile and run this example are also available

To implement the concept presented in the above mentioned article, you have to 

#1 Download & Install NetBeans 6.0

At the time of this writing, the latest beta version of NetBeans is 6.0 M10. Install it using a full option installation : this will install Glassfish, OpenSSO, JBI, ...

The NetBeans 6.0 installer will take care of installing and configuring Glassfish and OpenSSO for you.  However, you will need to change one OpenSSO configuration parameter, as the default value is incorrectly set by the installer (See CR110896).

  1. Open the file :  <glassfish root>/domains/domain1/config/amflatfiledir/
  2. Change to

#2 Add AM Admin Tools

Access Manager comes with a set of command line tools allowing you to manage the server, add or modify services etc ...  Unfortunately, the OpenSSO implementation bundled with NetBeans 6M10 does not include these command line tools.  You will need these tools to install a Custom Policy Service, as described below.

To get these tools, you must download the complete Access Manager 7.1 package from Sun's web site, then follow these instructions to install them.

The only parameter that you will need to know to install the tools is the full path to your AM Config directory :

<glassfish root>/domains/domain1/config/amflatfiledir 

This step is not necessary if you are implementing this sample with Access Manager 7.1, as the command line tools are installed by default. 

#3 Create an AS domain to host you own application

OpenSSO is installed in the default domain, created when you installed NetBeans 6 and Glassfish.  Although it is officially possible to deploy a Policy Agent on the same instance as Access Manager, I do not like the idea and prefer to keep things clearly separate.  Therefore, I would advise to create a second instance of Glassfish, separate from the one hosting Access Manager, dedicated to host your home-made applications.

To create a second domain, type the following command :

<glassfish root>/bin/asadmin create-domain --user admin --adminport 14848 --domaindir <glassfish root>/domains --instanceport 18080 --savemasterpassword=true --savelogin=true webdomain 

You will need to change <glassfish_root> to your Glassfish installation directory.

#4 Download and Install Policy Agent

Now that your second instance is ready to deploy your applications, you must download and install the OpenSSO policy agent.  I used the nightly builds from OpenSSO and the docs from Access Manager.

The state file containing all the answers I gave for my installation is available for you to download.  Do not forget to create a Policy Agent profile in OpenSSO Console before installing the agent.

#5 Create a web application to test Policy Agent installation

Next step is to create a simple web application, protect it with the policy agent to test your installation.

  1. Use NetBeans to craete a HelloWorld-complexity web application (or use the FineGrainedSample application I do provide with this blog)
  2. Modify web.xml to add the <filter> element that will enable the Policy Agent as described in the documentation.  (you can also have a look at my web.xml in the NetBeans project provided with this blog entry)
  3. Deploy the application
  4. Create a user in OpenSSO console
  5. Create a URL Policy to authorize your user to access your application
  6. Access and test your application

#6 Create a custom policy service and import it to OpenSSO

Now, it is time to create a custom policy service to be used with your application.  The process and concepts are clearly explained in the article I mentioned above.

I slightly changed the Service description XML file :

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE ServicesConfiguration PUBLIC "=//iPlanet//Service Management Services (SMS) 1.0 DTD//EN""jar://com/sun/identity/sm/sms.dtd">
    <Service name="CustomPolicyService" version="1.0">
            i18nFileName="CustomPolicyService " 
                <AttributeSchema name="serviceObjectClasses" type="list" syntax="string"  i18nKey="CustomPolicyService"/>
                <AttributeSchema name="bank_account_permission"
                                 i18nKey="Choose Bank Account Access">
                        <ChoiceValue i18nKey="All">ALL</ChoiceValue>
                        <ChoiceValue i18nKey="Read Only">READONLY</ChoiceValue>
                        <ChoiceValue i18nKey="Hidden">HIDDEN</ChoiceValue>

and I used this command to load the file into OpenSSO


$AM_TOOLS_BASE/bin/amadmin --verbose --runasdn $AM_ADMIN --password $ADMIN_PWD --schema $POLICY_FILE

#7 Call The Custom Policy service from your code

The next steps involve modifying  the code in a web application to call the OpenSSO Custom Policy Service we just created.

The Java code is explained in Robert and Marina's article. You will find it also in the NetBeans project I do provide with this blog entry.

You will need to change the NetBeans project classpath to compile it because the code refers to classes provided by the AM Client SDK.  Strictly speaking, it is not necessary to install the AM Client SDK because all the required jar files and config files are already installed as part of the OpenSSO and Policy Agent installation.

I choose to use the files provided by the Policy Agent.  the files you need to add to your project classpath are :

  1. <policy agent root>/Agent_001/config
  2. <policy agent root>/locale
  3. <policy agent root>/lib/amclientsdk.jar

#8 Create users, roles and policies with OpenSSO console

 I created three users and three roles.

Then I created three policies, each one giving an access level (Hidden, Read Only, Full) to each role.

#9 Deploy, Test the application and have fun ! 

Depending on the user you authenticate with, you will have partial or full access to all attributes on the screen.

Should you have comments, remarks about missing pieces or errors in this short tutorial, do not hesitate to leave your comments.


Sébastien Stormacq is a Senior Software Architect at Sun Microsystems. He uses his 15+ years of professional experience to design large scale, secured and highly transactional architectures based on Sun's middleware solutions.


« juillet 2016