Friday Mar 11, 2011

GlassFish 3.1 SOTD #11 - Change Master Password

In this eleventh post of the SOTD (Screencast Of The Day) series following the release of GlassFish 3.1, here is Bhakti's Change Master Password.

This 5-minute demo discusses how to change the master password used to encrypt the DAS en instances keystores from it default value to something more secure. Bhakti has all more in this detailed blog entry.

This screencast is hosted on the GlassFish YouTube Channel.

Sunday Oct 17, 2010

GlassFish Tips and Links #12: Maven on Helios, Basic Authentication, Jersey 1.4, Bye AMX, JavaSE 6u22...

Recent Tips and News on Java EE 6 & GlassFish:

Informational Sign

Tips

Maven troubles on Eclipse Helios causes problem deploying app to GlassFish
• ... but see Harald's tutorial
Basic Authentication in GlassFish 3 (Maksim Sorokim)
Jersey 1.4 was released on September 11th (Paul)
More on Web Sockets and HTML5 in Glassfish - covers using the SQL API (Santiago)
Update to deploying webservices on Glassfish 3.1 cluster (Bhakti)
Spring vs. Java EE and Why I Don't Care (Eberhard Wolff)

GlassFish 3.1

Admin UI is now 100% based on REST; no more AMX (ludo)
Progress in moving GlassFish to Kenai infrastructure (eduardo)

Links and News

eApps Cloud Release notes v .99.2 - Beta will include Liferay on GlassFish
Habari OpenMQ Client (library for Delphi and Free Pascal to access OpenMQ)

From Oracle

• Countdown to decommissioning SunSolve "later this year"
   Goodbye SunSolve, Helloooo MOS!, SunSolve Retirement Notice - Oct'10 and FAQ
• Sun GlassFish Enterprise Server 2.1.1 p8 now available.
• JavaSE 6u22 is out with security bugs - Release Notes, twitter @rolilad
• Oracle's October Critical Patch Update at eSecurityPlanet.

En Español

Control del nivel de aislamiento transaccional en JPA
EJB 3.1 en Porlets de Liferay (Apuntes de Java)

Event News

Reports
Slides and Trip Report for SVCP 2010:
   [1], [2], [3], [4], [5], [6].
This Week's Events
• Oct 19th, YaJUG, Luxembourg (details)
   Java EE 6 + GlassFish, Alexis MP
• Oct 20th: eBig Java SIG, Oakland/CA (details)
   Java EE 6 = Less Code + More Power, Arun Gupta
New Events
• Dec 6-Dec 8: NYC - Marakana, (details)
   JSF 2.0 Training Course, Kito Mann
• Dec 13-Dec 17: NYC (details)
   Programming with Java and Java EE 6, Yakov Fain, Farata Systems

Sunday Jul 25, 2010

Closed Networks and the GlassFish Update Center

One of the best features about all the versions of GlassFish 3 is how easy it is to update it through the IPS-based Update Center. The same GUI and CLI tools can be used to upgrade from 3.0 to 3.0.1, to Add or Remove components and to switch from the Open Source to the Oracle's Commercial release.

The same machinery is also used to install Commercial Patches, where it provides an experience that is much easier than in v2. With the transition to Oracle it's taken a bit to get the v3 patch pipeline, but eventually you will see the same frequency as with the v2 patches.

This all normally works through the standard repositories at Oracle but sometimes your computer has limited internet connectivity, so, what do you do? The solution is to create a local repository. This is actually Very Easy to Do (tm). And a local repository is also useful for many other things.

As you noticed if you followed the links, all these topics are now described in the, recently updated, Administration Guide; check out the Extending and Updating the GlassFish Server.

Saturday Apr 24, 2010

Fundamo, OSGi, iPad.. and More GlassFish News - April 24rd, 2010

Financial services on the go - GlassFish for Fundamo and profit
Alexis recently published a new Adoption Story on how Fundamo uses GlassFish v2 and OpenMQ for its Enterprise Platform. Overview at stories entry, details in questionnaire, and an overview in this earlier short video interview.
We are always interested in more GlassFish adoption stories, both from (non-paying) users and from (paying) customers.   Stories come from all industries and around the world, the last few entries are PSA Peugeot Citroën (France/Auto), iVox (Belgium/Print), NHIH (US/Gov-Health Care) and Suncorp (Australia/Finantial).

OSGi/JMS/MDB Example
Sahoo's latest post describes a hybrid OSGi/JavaEE example that uses JMS and Message Driven Beans and leverages GlassFish v3.  Post includes source code and detailed description.

Siebel CRM Support for the iPad
Oracle shows how to use their server-side REST APIs and the iPad SDK to provide access to Siebel CRM from the iPad.   Devices like the iPad (and the iPhone) seem a very good match for the Oracle Fusion Applications

Innovating at Warp-Speed: Monitis Announces Java Monitoring from the Cloud
Monitis announces Java Application Monitoring, a cloud-based monitoring solution for JMX-based applications, including GlassFish containers.  More details in announcement and product page.

EJB 3.1 Asynchronous Session Beans
From Paris, with love... Patrick Champion provides a short example of using EJB 3.1's @Asynchronous annotation.  More benefits of JavaEE 6!

Alfresco community 3.3 installation on Glassfish
A short but detailed description of how to install Alfresco Community 3.3 with GlassFish v2.1 and MySQL.

Getting started with Glassfish V3 and SSL
The JavaDude provides a tutorial on how to use GlassFish v3 with SSL.

Sunday Apr 04, 2010

Leveraging Servlet 3.0 - Authentication without Forms using GlassFish v3 and Vaadin

The new Servlet 3.0 specification in JavaEE 6 (JSR website, JavaOne Session, VC podcast) packs many new features, including Annotations, Dynamic Registration, Pluggability and Asynchronous Support.

Servlet 3.0 also includes quite a number of security improvements, as described by Kumar a couple of months ago in a Summary of new Security Features in Servlet 3.0. As Ron explains, one of the themes is that Java EE 6 and Servlet 3.0 Converge on Container Security Functionality, another is extra functionality, as explained by Nithya's 3 recent posts ([1], [2], [3]) covering http-method-omission element in web.xml, and the authenticate and login methods of HttpServletRequest.

ALT DESCR

A great example of the new functionality is Bobby's Authentication Without the Form where he modifies the RIA app in Creating Secure Vaadin Applications using JavaEE 6 to use the new login machinery and thus remove the need for extraneous JSP files.

Bobby's very complete post includes full source code and a nice Screencast; note it requires a recent build of GlassFish 3.0.1 due to a bug in 3fcs.

You may also want to refer to the JavaEE 6 javadocs (e.g. HttpServletRequest) and to the JavaEE 6 Tutorial: Part I (e.g. see Web Application Security) and Part II (requires free registration).

I had not noticed Vaadin previously but it seems to be gaining some popularity; its programming model is strongly server-centric and generates client-code via GWT. You can see a Online Sampler and it recently deployed a Component Directory; its KB has a number of articles on how to use it with GlassFish Server. They also announced deals recently with BlackBelt Factory and with our old Liferay friends.

While chasing the sources for this spotlight I bumped into a number of other Java-based RIA frameworks including: Echo and ZK as well as frameworks like Flex/BlazeDS, GWT, and the JSF-based frameworks we know.

Monday Jan 18, 2010

Expired Certificate in GlassFish Keystore

RIP

One of the authority certificates in the Glassfish truststore expired on Jan 7, 2010. This is generating a (verbose and somewhat scary) error message on startup. You can just ignore the message, wait - the expired root was removed in update 18 of Java SE 6 and will be removed in later patches of GlassFish Server - or...

..you can eliminate the error message now by removing the expired certificate from the keystore. Kalpana has a concise recipe on how to do this while Ron goes into more details. Original thread is here; the bug report is 6852796.

Expanded from @glassfish.

Saturday Dec 12, 2009

GlassFish v3 Resources and Links - Part 1

This is one of a series of resources and links related to the new GlassFish v3 release. Each entry starts with a section with key links; the resources are then grouped into categories.

ALT DESCR

Key links
  • Sun Press Releases: Java EE 6 and GlassFish v3
  • JavaEE 6 Web Hub, and JavaEE 6 Downloads
  • Sun GlassFish v3 Product Page

Events
  • See you at Virtual Conference on Dec 15th, and in one of our Community Parties.

Real-Time News
  • Follow GlassFish at Twitter via @glassfish and #glassfish.

Press

Overviews, Appreciation, Analysis

Non-English Posts

Technical Posts (Formatting needs some improvements)

Performance
JeanFrancois Putting GlassFish v3 in Production: Essential Surviving Guide
Scott First Look at v3 Performance
Quality
Judy GlassFish v3 FishCAT Survey Results
Judy Meet the FishCAT Team
Judy FishCAT Testing for v3.
Monitoring
Prashanth Making your Application monitorable in GlassFish V3
Prashanth Adhoc Monitoring with Scripting-Client in GlassFish v3
Prashanth Advanced Monitoring in GlassFish v3
Prashanth Top Ten features of Monitoring
Byron Mort Learns How To Use Monitoring in a WebApp
Sreeni Monitoring in GlassFih v3 - It's Different and Cool!
Sreeni How to use GlassFish v3 DTrace probes on Solaris
Jen Easy 1-2-3 Monitoring in v3
Jen v3 Monitoring with Admin Console
Lloyd 'mx' - JMX command line especially for GlassFish V3
Lloyd Navigating the GlassFish V3 MBean hierarchy using 'mx' command line
Lloyd GlassFish V3 management and monitoring MBeans, 'mx'
John Enterprise Manager DTrace Monitoring 3.0 Beta (tweet, download)
Management
Anissa Ten New Features in Admin Console
Anissa trivia quizz
Anissa Launching Admin Console for GlassFish v3 RI
Anissa Launching Admin Console for GlassFish v3 RI
Ken P The AJAX Experiment(s) with improving the Admin Console.
Rajeshwar GF REST Interface for Management
EJBs
Ken S Final EJB 3.1 Specification and GlassFish v3 Now Available
Servlets
Rajiv Servlet 3.0 specification and GlassFish v3 now available
Ron Java EE 6 and Servlet 3.0 Converge on Container Security Functionality
Binod V3, Java EE 6 and SIP Servlets
SOAP and REST Web Services
Paul GlassFish v3 is a Go - includes
Fabian Runtime Configuration Management
Kumar Summary of Proprietary Features in SAAJ RI 1.3.4
Connectors
Jagadish Java EE Connector Architecture 1.6 Reference Implementation
Sivakumar Java EE Connector Architecture 1.6 Specification approved!
Podcasts
Alexis Interview of Roberto Chinnici (podcast)
Alexis Interview of Ludo Champenois
Alexis JSF 2.0 discussion with Ed Burns and Roger Kitain (podcast)
Dynamic Languages
Vivek New GF Gem Features (tweet, History.txt@RubyForge).
Eileen JRuby Performance on Glassfish V3 -- Part 1
Others
Sreeni Java EE 6 Samples for GlassFish Project
Tim App Client Container features in GlassFish v3
Shalini JDBC in GlassFish v3
Hong Glassfish v3 and deployment

Wednesday Dec 09, 2009

GlassFish v3 is Now Available!

Note I have split the resources and news links off from this GlassFish v3 Announcement into the first of one of a series of resources and links entries. The new arrangement is more manageable and also simplifies the creation of additional entries as more resources and news are posted on the release.

It has been 4 and a half years since we announced GlassFish during JavaOne 2005 (PR) and today we are making available our most important release: GlassFish v3 is now available for download!

Our first release was during JavaOne 2006, we released GlassFish v1, the first Java EE 5 compliant App Server (family overview) and the second generation of GlassFish came out in September 2007 (family overview). While still based on JavaEE 5, GFv2 leveraged on Sun's (too) long history of App Servers to add the benefits of an enterprise product (quality, performance, scalability) to those of an open source community (agility, ease of use, supportive teams, pricing).

While the transition between GlassFish v1 and v2 was evolutionary, the transition from v2 to v3 is a major change that includes a whole new set of JCP specifications, JavaEE 6, and a new modular, OSGi-based, architecture that expands significantly the applicability of GlassFish.

ALT DESCR

Key links available now:

• GlassFish v3 Main Product Page
JavaEE 6 Hub
• JavaEE 6 Downloads (multiple bundles)
Java EE 6 Feature Article (also see Overview White Paper).

We are hosting several events in the next few days; we hope to see many of you at our Virtual Conference on Dec 15th, and in one of our Community Parties.

Below are lists of posts relevant to the launch and the release; they will be updated through the day to incorporate news as they happen. Updates will also be posted to @glassfish at Twitter. If you use Twitter we recommend you to use #glassfish to facilitate discovery. Some level of geotagging would help visualize the spread of the community.

Announcements

Monday Aug 17, 2009

Recent user blog entries - security, realm, and encoding

While the GlassFish Forum is a great place to ask all sorts of questions, it's nice to see users taking the time to document their findings on their blogs. Some recent examples include :

ALT DESCR

"JAVA Security Provider Error" from Marc on getting the proper security provider when porting an application from JBoss to GlassFish.
"JEE Security - How to setup authentication on Glassfish and Netbeans", from Jair about Java EE security applied to GlassFish administration.
"Glassfish uriEncoding UTF-8" from Baiyun on encoding GET and POST parameters in GlassFish (either in domain.xml or in sun-web.xml).

Now I need to make sure this is all integrated into the GlassFish Wiki if not already covered. A centralized place for how-to's in addition to the GlassFish Documentation sounds like a reasonable thing to avoid relying on the accuracy of search engines.

Friday Feb 27, 2009

Towards Metro 2.0 - JAX-WS 2.2 Update

This week Harold gave the Metro Webinar, which is a good oppty to catch up with Metro news. There are two release families: GlassFish v2 and GF v3prelude uses the Metro 1.x releases while GlassFish v3 (post-prelude) will use Metro 2.0.

ALT DESCR

The latest 1.x release is Metro 1.4, out last Fall (see Jitu's Summary and GFv3 Prelude note). Jiandong recently published several notes explaining how to use it in STS (Security Token Service) scenarios: [1], [2], [3]; note that Jiandong reports a new 1.5 is being tested.

The Metro 2.x family is still evolving; its first delivery will be in GFv3 and will implement JAX-WS 2.2 (see Rama's post), which includes support for WS-Addressing - Metadata using Policy project. Metro 2.0 can also used on Java SE, see Fabian's note. Full details on Metro 2.0 in its OnePagers; also see the Roadmap, with the usual warning about dates!

Wednesday Dec 10, 2008

Taking a closer look at SailFin (Part 1) : Authenticated Identity Management

Sailfin logo

Venu has blogged about RFC 4474 support in SailFin. This feature introduces a mechanism for securely identifying originators of SIP messages. A lot more information about this feature is available here and here.

It is also worthwhile to look at the following blogs to know more about security in SailFin.
 1. Authentication of SIP Servlet Resources (I, II, III)
 2. RunAS and P-Asserted-Identity

Next week, I will post an entry on how SailFin handles some of the spec related issues in RFC 3261 and JSR 289.

Sunday Sep 21, 2008

... Rails vs Merb, Securing WebApps, Fast Deployments, Compass 2.1, Localizing WebSynergy, IM and Cisco and CDN and Amazon

A compilation of today's news of interest:

Radio Receiver Icon

At MindBucket Paul provides a comparison of the (single-client) performance of Rails vs Merb. Rails is the incumbent in Ruby frameworks; Merb is a very interesting newcomer. Merb is thread-safe, and so will be Rails 2.0, but the comparison does not consider concurrency so that should be a key issue. The comparison includes numbers on GlassFish Server (and stay tuned for more fine-tuning for that case).

From the NetBeans team, a Tutorial on Securing WebApps using Role-Based authentication. The tutorial has detailed step-by-step instructions using NetBeans 6.5 and GlassFish Server.

Ludo addresses Rapid Deployment of Apps on GlassFish in a thread at the GlassFish Users Forum Also hints at future improvements (teaser!).

Shay reports that Compass 2.1 M3 is now available with improved GlassFish support.

From Mahipalsinh an explanation of how to Localize WebSynergy, so you can do it for your favorite language.

And, on the section of important Industry News, Cisco buys Jabber, which should provide integrated IM in their offerings, and Amazon launches CDN service, a la Akamai, LimeLight and others. One of the nice things of working in this industry, it is never boring!

Wednesday Apr 30, 2008

Latest Enterprise Tech Tip focuses on Java EE security and JSR 196

SPNEGO logo

The latest Enterprise Tech Tip is written by Ron Monzillo and covers JSR 196, Java Authentication Service Provider Interface for Containers. The document goes thru detailed steps on how to write, install, and configure a simple SAM (server authentication module) but also how to have your application bind to it.

GlassFish v2 already supports the Servlet Container Profile for this JSR and community member Greg Luck has written (with the help of others) the Spnego implementation for SPNEGO and Kerberos to be used in GlassFish.

Friday Mar 28, 2008

Tech Tip: Secure Conversations for Web Services With Metro

Not so secure image

A new Tech Tip written by Jiandong Guo of the Application Server Web Services Security team was just posted. Read the tip and learn the basics of WS-SecureConversation. Also see an example that demonstrates how to enable secure conversations for a web service through the WS-SecureConversation support in Metro. You can find the tip here.

Setting up the infrastructure can be tricky, so if you're getting started with WS-SecureConv, this is a good document to read.

You can get to all the Tech Tips from this site or this blog.

Tuesday Feb 26, 2008

SOAP Security in GlassFish's Metro

Map of Beijing Metro

Does GlassFish support REST or SOAP Web Services? Both! REST through Jersey and SOAP through Metro (Jersey will be included in a future Metro release, see Roadmap).

Security is very important for SOAP Web Services and Jiandong has a set of notes describing how Metro supports WS-SX (OASIS Web Services Security Exchange). Check out the Overview, How to Issue SAML Tokens and a description of a Scenario based on WS-SX.