jboss enterprise portal platform 5.1 installation guide
TRANSCRIPT
JBoss EnterprisePortal Platform 5.1
Installation GuideAn Installation Guide for JBoss Enterprise Portal Platform 5.1.1
Installation Guide
JBoss Enterprise Portal Platform 5.1 Installation GuideAn Installation Guide for JBoss Enterprise Portal Platform 5.1.1Edition 2
Editor Scott MumfordEditor Luc TexierEditor Thomas HeuteEditor Ben Clare
Copyright © 2011 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative CommonsAttribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is availableat http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute thisdocument or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert,Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the InfinityLogo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United Statesand/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and othercountries.
All other trademarks are the property of their respective owners.
This book provides information about obtaining, installing and running JBoss Enterprise PortalPlatform. It forms part of the complete document suite along with the User Guide and ReferenceGuide available at http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Portal_Platform/index.html.
iii
Preface v1. Document Conventions ................................................................................................... v
1.1. Typographic Conventions ...................................................................................... v1.2. Pull-quote Conventions ........................................................................................ vi1.3. Notes and Warnings ............................................................................................ vii
2. Getting Help and Giving Feedback ................................................................................. vii2.1. Do You Need Help? ............................................................................................ vii2.2. Give us Feedback .............................................................................................. viii
1. Introduction 11.1. Other Manuals ............................................................................................................. 1
2. Getting Started 32.1. Upgrading and Add-ons ................................................................................................ 32.2. Pre-Requisites .............................................................................................................. 3
2.2.1. Enterprise Application Platform ........................................................................... 32.2.2. System Requirements ........................................................................................ 42.2.3. Configuring Your Java Environment .................................................................... 6
2.3. Recommended Practices .............................................................................................. 9
3. Installation 113.1. Downloading .............................................................................................................. 113.2. Installing .................................................................................................................... 113.3. Choosing a server configuration .................................................................................. 11
4. Post Installation Configuration 134.1. Set JBOSS_HOME Environment Variable ................................................................... 134.2. Adjust memory settings .............................................................................................. 134.3. Post Installation Security Configuration ....................................................................... 134.4. Disabling Authentication .............................................................................................. 15
5. Configuration 195.1. Database Configuration .............................................................................................. 19
5.1.1. Overview ......................................................................................................... 195.1.2. Configuring the database datasource for JCR .................................................... 195.1.3. Configuring the database datasource for the default identity store ....................... 205.1.4. Example with MySQL Server 5.1 ...................................................................... 21
5.2. E-Mail Service Configuration ....................................................................................... 245.2.1. Overview ......................................................................................................... 245.2.2. Configuring the outgoing e-mail account ............................................................ 24
5.3. Clustering Configuration .............................................................................................. 245.3.1. Overview ......................................................................................................... 245.3.2. Prerequisites ................................................................................................... 255.3.3. configuration.properties .................................................................................... 255.3.4. Running with the cluster profile ......................................................................... 25
5.4. HTTPS Configuration .................................................................................................. 265.4.1. Overview ......................................................................................................... 265.4.2. Generate your key ........................................................................................... 265.4.3. Setup JBoss configuration to use your key ........................................................ 265.4.4. Restart ........................................................................................................... 27
5.5. Gadget Proxy Configuration ........................................................................................ 275.5.1. Overview ......................................................................................................... 275.5.2. Setup the Filter ................................................................................................ 27
6. Installing Add-ons 29
7. Test your Installation 31
Installation Guide
iv
8. Uninstall JBoss Enterprise Portal Platform 33
A. Revision History 35
Index 37
v
Preface
1. Document ConventionsThis manual uses several conventions to highlight certain words and phrases and draw attention tospecific pieces of information.
In PDF and paper editions, this manual uses typefaces drawn from the Liberation Fonts1 set. TheLiberation Fonts set is also used in HTML editions if the set is installed on your system. If not,alternative but equivalent typefaces are displayed. Note: Red Hat Enterprise Linux 5 and later includesthe Liberation Fonts set by default.
1.1. Typographic ConventionsFour typographic conventions are used to call attention to specific words and phrases. Theseconventions, and the circumstances they apply to, are as follows.
Mono-spaced Bold
Used to highlight system input, including shell commands, file names and paths. Also used to highlightkeycaps and key combinations. For example:
To see the contents of the file my_next_bestselling_novel in your currentworking directory, enter the cat my_next_bestselling_novel command at theshell prompt and press Enter to execute the command.
The above includes a file name, a shell command and a keycap, all presented in mono-spaced boldand all distinguishable thanks to context.
Key combinations can be distinguished from keycaps by the hyphen connecting each part of a keycombination. For example:
Press Enter to execute the command.
Press Ctrl+Alt+F2 to switch to the first virtual terminal. Press Ctrl+Alt+F1 toreturn to your X-Windows session.
The first paragraph highlights the particular keycap to press. The second highlights two keycombinations (each a set of three keycaps with each set pressed simultaneously).
If source code is discussed, class names, methods, functions, variable names and returned valuesmentioned within a paragraph will be presented as above, in mono-spaced bold. For example:
File-related classes include filesystem for file systems, file for files, and dir fordirectories. Each class has its own associated set of permissions.
Proportional Bold
This denotes words or phrases encountered on a system, including application names; dialog box text;labeled buttons; check-box and radio button labels; menu titles and sub-menu titles. For example:
Choose System → Preferences → Mouse from the main menu bar to launch MousePreferences. In the Buttons tab, click the Left-handed mouse check box and click
1 https://fedorahosted.org/liberation-fonts/
Preface
vi
Close to switch the primary mouse button from the left to the right (making the mousesuitable for use in the left hand).
To insert a special character into a gedit file, choose Applications → Accessories→ Character Map from the main menu bar. Next, choose Search → Find… from theCharacter Map menu bar, type the name of the character in the Search field and clickNext. The character you sought will be highlighted in the Character Table. Double-click this highlighted character to place it in the Text to copy field and then click the
Copy button. Now switch back to your document and choose Edit → Paste from thegedit menu bar.
The above text includes application names; system-wide menu names and items; application-specificmenu names; and buttons and text found within a GUI interface, all presented in proportional bold andall distinguishable by context.
Mono-spaced Bold Italic or Proportional Bold Italic
Whether mono-spaced bold or proportional bold, the addition of italics indicates replaceable orvariable text. Italics denotes text you do not input literally or displayed text that changes depending oncircumstance. For example:
To connect to a remote machine using ssh, type ssh [email protected] ata shell prompt. If the remote machine is example.com and your username on thatmachine is john, type ssh [email protected].
The mount -o remount file-system command remounts the named filesystem. For example, to remount the /home file system, the command is mount -oremount /home.
To see the version of a currently installed package, use the rpm -q packagecommand. It will return a result as follows: package-version-release.
Note the words in bold italics above — username, domain.name, file-system, package, version andrelease. Each word is a placeholder, either for text you enter when issuing a command or for textdisplayed by the system.
Aside from standard usage for presenting the title of a work, italics denotes the first use of a new andimportant term. For example:
Publican is a DocBook publishing system.
1.2. Pull-quote ConventionsTerminal output and source code listings are set off visually from the surrounding text.
Output sent to a terminal is set in mono-spaced roman and presented thus:
books Desktop documentation drafts mss photos stuff svnbooks_tests Desktop1 downloads images notes scripts svgs
Source-code listings are also set in mono-spaced roman but add syntax highlighting as follows:
package org.jboss.book.jca.ex1;
import javax.naming.InitialContext;
Notes and Warnings
vii
public class ExClient{ public static void main(String args[]) throws Exception { InitialContext iniCtx = new InitialContext(); Object ref = iniCtx.lookup("EchoBean"); EchoHome home = (EchoHome) ref; Echo echo = home.create();
System.out.println("Created Echo");
System.out.println("Echo.echo('Hello') = " + echo.echo("Hello")); }}
1.3. Notes and WarningsFinally, we use three visual styles to draw attention to information that might otherwise be overlooked.
Note
Notes are tips, shortcuts or alternative approaches to the task at hand. Ignoring a note shouldhave no negative consequences, but you might miss out on a trick that makes your life easier.
Important
Important boxes detail things that are easily missed: configuration changes that only apply tothe current session, or services that need restarting before an update will apply. Ignoring a boxlabeled 'Important' will not cause data loss but may cause irritation and frustration.
Warning
Warnings should not be ignored. Ignoring warnings will most likely cause data loss.
2. Getting Help and Giving Feedback
2.1. Do You Need Help?
If you experience difficulty with a procedure described in this documentation, visit the Red HatCustomer Portal at http://access.redhat.com. Through the customer portal, you can:
• search or browse through a knowledgebase of technical support articles about Red Hat products.
• submit a support case to Red Hat Global Support Services (GSS).
Preface
viii
• access other product documentation.
Red Hat also hosts a large number of electronic mailing lists for discussion of Red Hat software andtechnology. You can find a list of publicly available mailing lists at https://www.redhat.com/mailman/listinfo. Click on the name of any mailing list to subscribe to that list or to access the list archives.
2.2. Give us Feedback
If you find a typographical error, or know how this guide can be improved, we would love to hear fromyou. Submit a report in Bugzilla against the product JBoss Enterprise Portal Platform 5and the component docs-Installation_Guide. The following link will take you to a pre-filled bugreport for this product: http://bugzilla.redhat.com/2.
Fill out the following template in Bugzilla's Description field. Be as specific as possible whendescribing the issue; this will help ensure that we can fix it quickly.
Document URL:
Section Number and Name:
Describe the issue:
Suggestions for improvement:
Additional information:
Be sure to give us your name so that you can receive full credit for reporting the issue.
2 https://bugzilla.redhat.com/enter_bug.cgi?product=JBoss%20Enterprise%20Portal%20Platform%205&component=docs-Installation_Guide&version=5.1
Chapter 1.
1
IntroductionJBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of servicesand Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offeringsfor enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middlewarecomponents that have been tested and certified together to provide an integrated experience. Its easy-to-use server architecture and high flexibility makes JBoss the ideal choice for users just starting outwith J2EE, as well as senior architects looking for a customizable middleware platform.
Because it is Java-based, JBoss Enterprise Portal Platform is cross-platform and easy to install anduse on any operating system that supports Java.
Installing JBoss Enterprise Portal Platform is simple and easy. In this guide you will learn how toinstall, configure and secure JBoss Enterprise Portal Platform.
1.1. Other ManualsIf you are looking for detailed information about other JBoss Middleware products such as JBossEnterprise Applications Platform please refer to the manuals available online at http://docs.redhat.com/docs/en-US/index.html.
2
Chapter 2.
3
Getting Started
2.1. Upgrading and Add-onsIf you currently have an installation of JBoss Enterprise Portal Platform in operation, you should readthe notes below to ensure you choose the correct installation/migration path for your circumstances.
Upgrading JBoss Enterprise Portal Platform
It is possible to upgrade from JBoss Enterprise Portal Platform version 5.0 or 5.1.0 to JBossEnterprise Portal Platform 5.1.1.
To upgrade, copy any customized configuration files and database settings from your existingJBoss Enterprise Portal Platform installation to the corresponding location of the 5.1.1 installation.
Add-ons
The Site Publisher add-on that is part of the 5.1.1 release can only be installed into a cleaninstallation of JBoss Enterprise Portal Platform version 5.1 or later.
• It cannot be installed into a pre-existing and configured JBoss Enterprise Portal Platforminstallation (that is; a deployment that contains configuration settings or data that is notstandard in the release).
• Likewise, Site Publisher cannot be installed onto JBoss Enterprise Portal Platform 5.0 or 5.0.1versions (including installations that include the technical preview release of the Site Publisherextension).
You must deploy a new instance of JBoss Enterprise Portal Platform 5.1.1 in order to use theSite Publisher add-on.
2.2. Pre-RequisitesYou must have adequate disk space to install a JDK and JBoss Enterprise Portal Platform (about550MB) while also allowing enough space for your applications. Before installing JBoss EnterprisePortal Platform you must have a working installation of Java. Since JBoss is 100% pure Java you canhave it working on any Operating System / Platform that supports Java.
2.2.1. Enterprise Application PlatformJBoss Enterprise Portal Platform is built upon JBoss Enterprise Application Platform. For moredetails about the underlying platform please refer to the EAP installation guide available at: http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/index.html
Chapter 2. Getting Started
4
2.2.2. System Requirements
Minimum Installation RequirementsThe minimum hard disk space required to support the installation of the JBoss Enterprise PortalPlatform is about 550MB. Additional space is required for the installation of the JDK upon which theJBoss Application Server depends. The JDK installation size is currently up to 150MB.
Minimum Operational RequirementsThe minimum hardware required to support an operational JBoss Application Server varies dependingon the following:
• The size and complexity of the applications being served;
• The demand placed on the server by the number and frequency of client requests;
• The server configuration including the selected log files, their designated size and general servertuning.
The following discussion relates to the deployment of a simple application on a server experiencingminimal demand. In view of this, the absolute minimum requirements for an operational server are:
• Disk Space: 1.5 GB
• The default server log file storage configuration is 500MB.
• The remaining 500 MB is allocated to the server installation (240 MB), the required JDK (150 MB)and some additional space for applications (110 MB).
• CPU: Intel Pentium Processor @ 1GHz
• Core 2 Duo, Core 2 Quad and Intel Xeon chips will improve the performance of servers whichexperience high demand.
• RAM: 1.5 GB
• RAM installations of 2 GB or more will be required to run a server upon which small to mediumapplications are deployed. 4 GB or more is preferable for larger applications or to run a GUIserver interface.
Important
A server's performance must be viewed in light of the applications deployed on the server, thedemand placed on the server by client requests and any post-installation server configuration ortuning.
Supported InstallationsFor the latest information on supported Operating System / JVM combinations and supportedDatabase platforms, please always refer to http://www.jboss.com/products/platforms/portals/testedconfigurations/.
The following is a list of certified operating systems and JVM version combinations:
System Requirements
5
Table 2.1. Supported Operating System / JVM Combinations.
Operating System JVM Version
Red Hat Enterprise Linux 5 x86 Sun JVM 1.6 Update 15
Red Hat Enterprise Linux 5 x86 OpenJDK 1.6.0-b09
Red Hat Enterprise Linux 5 x86 IBM JDK 1.6.0 SR5
Red Hat Enterprise Linux 5 x86_64 Sun JVM 1.6 Update 15
Red Hat Enterprise Linux 5 x86_64 OpenJDK 1.6.0-b09
Red Hat Enterprise Linux 5 x86_64 IBM JDK 1.6.0 SR5
Microsoft Windows 2008 x86 Sun JVM 1.6 Update 15
Microsoft Windows 2008 x86_64 Sun JVM 1.6 Update 15
Solaris 10 Sun JVM 1.6 Update 15
The following is a cumulative table of supported databases and JDBC drivers.
Entries shown for each release are supported in addition to those in previous releases:
Table 2.2. Supported Database and JDBC driver Combinations
Database Database driver
JBoss Enterprise Portal Platform 5.0
MySQL 5.1 MySQL Connector/J 5.1.8
Oracle 10g R2 10g R2
Oracle 11g R1 (Supported) 11g R1
Oracle 11g RAC (Supported) 11g R1
Microsoft SQL Server 2005 SP3 Microsoft JDBC Driver 2.0
Microsoft SQL Server 2008 SP1 Microsoft JDBC Driver 2.0
PostgresSQL 8.3.7 PostgresSQL Driver JDBC4, 8.3-605
PostgresSQL 8.2.4 (Supported) PostgresSQL Driver JDBC4, 8.2-510
DB2 9.7 IBM Data Server Driver for JDBC and SQLJ(JCC Driver) Version: 9.1 (fixpack 3a)
Sybase 15.0.2 JConnect v6.0.5
JBoss Enterprise Portal Platform 5.1
Oracle 11g R2 11g R2
Oracle 11g R2 RAC 11g R2 RAC
The following is a list of supported directory servers:
Table 2.3. Supported and Certified directory servers
Directory Server Version
OpenDS 1.2
OpenDS 2.0
Chapter 2. Getting Started
6
Directory Server Version
OpenLDAP 2.4
Red Hat Directory Server 7.1
MS Active Directory Windows Server 2008
2.2.3. Configuring Your Java EnvironmentYou must have a working installation of JDK 1.6 before you install JBoss Enterprise Portal Platform.You can install the 32-bit or 64-bit JVM as per your requirements. In this guide we will show you how toinstall a 32-bit Sun JDK 6.0 using RHN, on a generic Linux Platform and Microsoft Windows Platform.But before we do that let's take a look at some of the benefits of using a 64-bit JVM.
Benefits of 64-bit JVM on 64-bit OS and Hardware:• Wider datapath: The pipe between RAM and CPU is doubled, which improves the performance of
memory-bound applications.
• 64-bit memory addressing gives virtually unlimited (1 exabyte) heap allocation. However largeheaps affect garbage collection.
• Applications that run with more than 1.5 GB of RAM (including free space for garbage collectionoptimization) should utilize the 64-bit JVM.
Note
Applications that run on a 32-bit JVM and do not require more than minimal heap sizes will gainnothing from a 64-bit JVM. Barring memory issues, 64-bit hardware with the same relative clockspeed and architecture is not likely to run Java applications faster than their 32-bit cousin.
Installing and Configuring JDK 6.0 using RHN• Java SDKs are provided by the Red Hat Enterprise Linux 5 Base and Supplementary channels
for your Linux variant and architecture. The available JDKs corresponding to each channel andarchitecture are listed below:
Red Hat Enterprise Linux 5 Java SDKs Channel: rhel-<arch>-server-5
java-1.6.0-openjdk
Channel: rhel-<arch>-server-supplementary-5java-1.6.0-sun (Sun)
java-1.6.0-ibm (IBM)
Ensure that the -devel packages are also installed.
• Selecting alternatives for java, javac and java_sdk_1.6.0 (setting java_sdk_1.6.0 isoptional).
This is only needed if you want to use the SysV service script and/or want this installed SDK tobe the default java and javac in the system. This choice can often be overridden by setting theJAVA_HOME environment variable.
Configuring Your Java Environment
7
The alternatives system allows different versions of Java, from different sources, to co-exist onyour system. You should make sure the desired one is selected so that the service script uses theone you want.
As root, issue the following command:
/usr/sbin/alternatives --config java
and make sure the desired one is selected (marked with a '+'), or select it by entering its number asprompted.
Make sure you do the same for javac and java_sdk_1.6.0. We recommend that all point to thesame manufacturer and version.
Installing and Configuring JDK 6.0 on a generic Linux platform• Download the Java 2 Platform, Standard Edition (J2SE) Development Kit (JDK) 6.0 from Sun's
website: http://java.sun.com/javase/downloads/index.jsp#need.
• From this page, select the latest update under the Java Platform, Standard Editionheading. Alternatively, this page can be accessed directly at http://java.sun.com/javase/downloads/widget/jdk6.jsp.
• Follow the instructions presented on this page including selecting the appropriate platform andarchitecture.
• Clicking the Continue button will display the download options (depending on whether the userchooses to register):
• jdk-6u<update number>-linux-<arch>-rpm.bin or;
• jdk-6u<update number>-linux-<arch>.bin
If installing the JDK on Red Hat Enterprise Linux, Fedora, or another RPM-based Linux system, itis recommended that the self-extracting file containing the RPM package is selected. This optionwill set up and use the SysV service scripts in addition to installing the JDK. The RPM option is alsorecommended if the JBoss Enterprise Portal Platform is being set up in a production environment.
• Create an environment variable that points to the JDK installation directory and call it JAVA_HOME.Add $JAVA_HOME/bin to the system path to be able to run java from the command line. You cando this by adding the following lines to the .bashrc file in your home directory.
#In this example /usr/java/jdk1.6.0_19 is the JDK installation directory.export JAVA_HOME=/usr/java/jdk1.6.0_19export PATH=$PATH:$JAVA_HOME/bin
Set this variable for the user account performing the installation and also for the user account thatwill run the server.
• If you have more than one version of JVM installed in your machine, make sure you are using theJDK1.6 installation as the default java and javac. You can do this using the alternatives system.The alternatives system allows different versions of Java, from different sources to co-exist on yoursystem.
Chapter 2. Getting Started
8
Note
Selecting alternatives as decribed below can be avoided by setting the JAVA_HOMEenvironment variable as explained in the previous step.
Select alternatives for java, javac and java_sdk_1.6.0• As root, type the following command at the shell prompt and you should see something like this:
[root@vsr ~]$ /usr/sbin/alternatives --config javaThere are 2 programs which provide 'java'.Selection Command----------------------------------------------- 1 /usr/lib/jvm/jre-1.4.2-gcj/bin/java*+ 2 /usr/lib/jvm/jre-1.6.0-sun/bin/javaEnter to keep the current selection[+], or type selection number:
Make sure the Sun version - jre-1.6.0-sun in this case - is selected (marked with a '+' in theoutput), or select it by entering its number as prompted.
• Repeat the same for javac and java_sdk_1.6.0.
[root@vsr ~]$ /usr/sbin/alternatives --config javacThere are 1 programs which provide 'javac'. Selection Command-----------------------------------------------*+ 1 /usr/lib/jvm/java-1.6.0-sun/bin/javacEnter to keep the current selection[+], or type selection number:
[root@vsr ~]$ /usr/sbin/alternatives --config java_sdk_1.6.0There are 1 programs which provide 'java_sdk_1.6.0'. Selection Command-----------------------------------------------*+ 1 /usr/lib/jvm/java-1.6.0-sunEnter to keep the current selection[+], or type selection number:
You should verify that java, javac and java_sdk_1.6.0 all point to the same manufacturer andversion.
• Make sure that the java executable is in your path and that you are using an appropriate version.To verify your Java environment, type java -version at the shell prompt and you should seesomething like this:
[root@vsr ~]$ java -versionjava version "1.6.0_19"Java(TM) SE Runtime Environment (build 1.6.0_19-b01)Java HotSpot(TM) Server VM (build 14.2-b01, mixed mode)
Recommended Practices
9
Installing and Configuring JDK 6.0 on Microsoft Windows• Download the Java 2 Platform, Standard Edition (J2SE) Development Kit (JDK) 6.0 from Sun's
website: http://java.sun.com/javase/downloads/index.jsp#need.
• From this page, select the latest update under the Java Platform, Standard Editionheading. Alternatively, this page can be accessed directly at http://java.sun.com/javase/downloads/widget/jdk6.jsp.
• Follow the instructions presented on this page including selecting the appropriate platform andarchitecture.
• Clicking the Continue button will display the download option (depending on whether the userchooses to register):
• jdk-6u<update number>-windows-<arch>.exe
• Create an environment variable called JAVA_HOME that points to the JDK installation directory, forexample: C:\Program Files\Java\jdk1.6.0_19\.
• In order to run java from the command line add the jre\bin directory to your path, for example:C:\Program Files\Java\jdk1.6.0_19\jre\bin. You may set these variables by going tothe System Properties window then select the Advanced tab and finally click on the EnvironmentVariables button.
2.3. Recommended PracticesJBoss Enterprise Portal Platform includes four pre-configured user accounts for testing and evaluationpurposes. These accounts can be used for direct access to the portal.
For security reasons, before going in production, you should restrict the access to the login servlet toPOST.
To do so, edit the file JBOSS_HOME/server/<PROFILE>/deploy/gatein.ear/02portal.war/WEB-INF/web.xml and add:
<security-constraint> <web-resource-collection> <web-resource-name>login</web-resource-name> <url-pattern>/login</url-pattern> <http-method>GET</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> <http-method>HEAD</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> </web-resource-collection> <auth-constraint/></security-constraint>
Doing this will render the login links provided on the front page inactive.
10
Chapter 3.
11
Installation
3.1. DownloadingThe officially supported versions are available from the JBoss Customer Support Portal (CSP) locatedat https://access.redhat.com/home. Platforms including in your Support subscription are listed in theSoftware section.
3.2. InstallingTo install from a zip file, simply unzip the downloaded file to a directory of your choice.• Unzip jboss-epp-<release>.zip to extract the archive contents into the location of your choice.
You can do this using the JDK jar tool (or any other ZIP extraction tool).
[vsr]$ cd jbeppinstallationdir[vsr]$ jar -xvf jboss-epp-<release>.zip
• You are done with the installation! You should now have a directory called jboss-epp-<release>.
Server Configurations
Six types of server configurations will be included in your installation: minimal, default,production, all, standard and web.
The JBoss Enterprise Application Platform Getting Started Guide1 explains in detail the differentserver configuration file sets.
3.3. Choosing a server configurationThe important differences between the Portal and JBoss Enterprise Application Platform serverconfigurations are:• the minimal, web and standard server configurations do not contain any Portal relevant
components. These directories exist for the sake of consistency with JBoss Enterprise ApplicationPlatform
• the default server configuration includes non-clustered Portal components. This is the serverconfiguration that is started when no other configuration is specified.
• the all server configuration includes the Portal and services used for running on a cluster.
• the production server configuration includes Portal components and clustering services. It is pre-configured with default settings which would be more accurate for a production environment.
1 http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/index.html
Chapter 3. Installation
12
gatein.ear Archive
The gatein.ear archive, which contains the Portal components, is located in the deploy folder ofthe default, all and production server configurations.
Chapter 4.
13
Post Installation Configuration
4.1. Set JBOSS_HOME Environment Variable
On a Linux PlatformCreate an environment variable that points to the installation directory (<JBOSS_DIST>/jboss-as)and call it JBOSS_HOME. Add $JBOSS_HOME/bin to the system path to be able to run the server fromthe command line. You can do this by adding the following lines to the .bashrc file in your homedirectory.
#In this example /home/user/jboss-epp-<VERS>/jboss-as is the installation directory. export JBOSS_HOME=/home/user/jboss-epp-<VERS>/jboss-as export PATH=$PATH:$JBOSS_HOME/bin
Set this variable for the user account(s) that will run the server.
On Microsoft WindowsCreate an environment variable called JBOSS_HOME that points to the installation directory, forexample: C:\jboss-epp-<VERS>\jboss-as\.
In order to run the server from the command line add the bin directory to your path, for example: C:\jboss-epp-<VERS>\jboss-as\bin.
You may set these variables by going to the System Properties window then select the Advanced taband finally click on the Environment Variables button.
4.2. Adjust memory settingsIf the server is running out of memory, you may adjust the memory settings before deploying theapplications. You can do this by updating JAVA_OPTS settings in the file JBOSS_HOME/jboss-as/bin/run.conf on Linux or JBOSS_HOME/jboss-as/bin/run.conf.bat on Windows. Thedefault values don't take into account the memory requirements of your applications:
-Xms1303m -Xmx1303m -XX:MaxPermSize=256m ....
4.3. Post Installation Security ConfigurationWhen installed from the zip archive, authentication is required to access the majority of JBossservices, including administrative services. User accounts have not been set up to eliminate thepossibility of default username/password based attacks.
Chapter 4. Post Installation Configuration
14
Default Admin User Configuration
It is recommended that the admin=admin username and password configuration, which iscommented out by default, not be used for a production server. The admin user is included as anexample of the username/password definition format only.
JBOSS_HOME and <PROFILE>
JBOSS_HOME is the jboss-as directory, a level above the bin directory. <PROFILE> is thechosen server profile: all, default, minimal production, standard or web.
Set up the jmx-console users and rolesEdit the jmx-console-users.properties file located in the JBOSS_HOME/server/<PROFILE>/conf/props/ directory defining the username and password:
user=password
Edit the jmx-console-roles.properties file located in the JBOSS_HOME/server/<PROFILE>/conf/props/ directory to define the user's roles:
user=JBossAdmin,HttpInvoker
Set up the admin-console users and rolesEdit the web-console-users.properties file located in the JBOSS_HOME/server/<PROFILE>/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/ directory:
user=password
Edit the web-console-roles.properties file located in the JBOSS_HOME/server/<PROFILE>/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/ directory:
user=JBossAdmin,HttpInvoker
Important
Login credentials for the admin-console are the same as those used for the JMX console.
SuckerPassword for JBoss Messaging:JBoss Messaging makes internal connections between nodes in order to redistribute messagesbetween clustered destinations. These connections are made with the user name of a specialreserved user whose password is specified by the suckerPassword attribute in the Server Peer
Disabling Authentication
15
configuration file: JBOSS_HOME/server/<PROFILE>/deploy/messaging/messaging-jboss-beans.xml.
Procedure 4.1. Set suckerPassword for JBoss Messaging1. Edit the JBOSS_HOME/server/<PROFILE>/deploy/messaging/messaging-jboss-
beans.xml file and change the suckerPassword value from "CHANGE ME!!" to a plain textpassword:
<property name="suckerPassword">CHANGE ME!!</property>
2. Insert the same password you stored in the messaging-jboss-beans.xml file into thefollowing command:
JAVA_HOME/bin/java -cp JBOSS_HOME/client/jboss-messaging-client.jar org.jboss.messaging.util.SecurityUtil PLAIN_TEXT_PASSWORD
3. Copy the encrypted password generated by the above command into the SuckerPasswordattribute of the JBOSS_HOME/server/<PROFILE>/deploy/messaging/messaging-service.xml file:
<attribute name="SuckerPassword">ENCRYPTED_PASSWORD</attribute>
The suckerpassword in the messaging-service.xml file is for "client side" configuration and is used toinitiate a connection, while the suckerpassword in messaging-jboss-beans.xml is part of the "serverside" configuration and is used to authenticate incoming connection request.
4.4. Disabling AuthenticationIt is possible to disable authentication for specific services by following the instructions in this section.
Disabling Authentication for JXM Console:To disable authentication for the JMX console, edit the JBOSS_HOME/server/<PROFILE>/deploy/jmx-console.war/WEB-INF/web.xml file and comment out the security-constraint section:
<security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allowsusers with therole JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint></security-constraint>
Disabling Authentication for Web Console:To disable authentication for the Web console, edit the JBOSS_HOME/server/<PROFILE>/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml file to comment out thesecurity-constraint section:
Chapter 4. Post Installation Configuration
16
<security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allowsusers with the role JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint></security-constraint>
Disabling Authentication for HTTP Invoker:To disable authentication for the http invoker, JNDIFactory, EJBInvokerServlet, andJMXInvokerServlet need to be removed from the security realm in the JBOSS_HOME/server/<PROFILE>/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml file:
<security-constraint> <web-resource-collection> <web-resource-name>HttpInvokers</web-resource-name> <description>An example security config that only allows users with the role HttpInvoker to access the HTTP invoker servlets </description> <url-pattern>/restricted/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>HttpInvoker</role-name> </auth-constraint> </security-constraint>
Disabling Authentication for JMX Invoker:To disable authentication for the JMX invoker, edit the JBOSS_HOME/server/<PROFILE>/deploy/management/console-mgr.sar/web-console.war/WEB-INF/web.xml/deploy/httpha-invoker.sar/invoker.war/WEB-INF/web.xml/deploy/jmx-invoker-service.xml file tocomment out the security interceptor passthrough:
Locate the mbean section with the classorg.jboss.jmx.connector.invoker.InvokerAdaptorService. In that section comment outthe line that relates to authenticated users:
<descriptors> <interceptors> <!-- Uncomment to require authenticated users --> <interceptor code="org.jboss.jmx.connector.invoker.AuthenticationInterceptor" securityDomain="java:/jaas/jmx-console"/> <!-- Interceptor that deals with non-serializable results --> <interceptor code="org.jboss.jmx.connector.invoker.SerializableInterceptor" policyClass="StripModelMBeanInfoPolicy"/> </interceptors>
Disabling Authentication
17
</descriptors>
Disabling Pre-configured AccountsJBoss Enterprise Portal Platform includes four pre-configured user accounts for testing and evaluationpurposes. These accounts can be used for direct access to the portal.
For security reasons, before going in production, you should restrict the access to the login servlet toPOST.
To do so, edit the file JBOSS_HOME/server/<PROFILE>/gatein.ear/02portal.war/WEB-INF/web.xml and add:
<security-constraint> <web-resource-collection> <web-resource-name>login</web-resource-name> <url-pattern>/login</url-pattern> <http-method>GET</http-method> <http-method>PUT</http-method> <http-method>DELETE</http-method> <http-method>HEAD</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> </web-resource-collection> <auth-constraint/></security-constraint>
Doing this will render the login links provided on the front page inactive.
18
Chapter 5.
19
Configuration
5.1. Database Configuration
5.1.1. OverviewA Java Database Connectivity (JDBC) connector/driver is required for JBoss Enterprise PortalPlatform to communicate with a relational database management system (RDBMS). JBoss EnterprisePortal Platform comes bundled with the Hypersonic SQL (HSQL) database in order for users to getup and running quickly without having to initially set up a database and the server. However, HSQLshould not be used in a production environment and Red Hat does not offer ANY support for it.Therefore we recommend to setup a RDBMS and JBoss Enterprise Portal Platform connect to it asfollows:
JBoss Enterprise Portal Platform has two different database dependencies. One is the identity serviceconfiguration, which depends on Hibernate. The other database dependency is the Java ContentRepository (JCR) service, which depends on the native JDBC API. JCR has the capability to integratewith any existing datasource implementation.
When you start the portal for the first time, it will automatically create the proper schema (assumingthat the database user has the appropriate permissions).
Note
JBoss Enterprise Portal Platform assumes the default encoding for your database is latin1.
5.1.2. Configuring the database datasource for JCRTo configure the database datasource used by JCR you will need to edit the datasource descriptorlocated at JBOSS_HOME/server/<PROFILE>/deploy/gatein-ds.xml:
<no-tx-datasource> <jndi-name>gatein-jcr</jndi-name> <connection-url> jdbc:hsqldb:${jboss.server.data.dir}${/}gatein${/}hypersonic${/}gatein-jcr-localDB </connection-url> <driver-class>org.hsqldb.jdbcDriver</driver-class> <user-name>sa</user-name> <password></password>
<min-pool-size>5</min-pool-size> <max-pool-size>20</max-pool-size> <idle-timeout-minutes>0</idle-timeout-minutes> <prepared-statement-cache-size>32</prepared-statement-cache-size></no-tx-datasource>
Edit the values of driver-class, connection-url, user-name and password to match the specific valuesfor your database (Please refer to your database JDBC driver documentation for more informationabout these attributes).
Chapter 5. Configuration
20
In the case of HSQL, the databases are created automatically. For any other database you will need tofirstly create the database.
Make sure the user has rights to create tables on the database and to update them as, during the firststart up, they will be automatically created.
Add the JDBC driver to the classpath, by copying the relevant JAR file to the JBOSS_HOME/server/<PROFILE>/lib directory.
5.1.3. Configuring the database datasource for the default identitystoreTo configure the database datasource used by IDM you will need to edit the datasource descriptorlocated at JBOSS_HOME/server/<PROFILE>/deploy/gatein-ds.xml:
<no-tx-datasource> <jndi-name>gatein-idm</jndi-name> <connection-url> jdbc:hsqldb:${jboss.server.data.dir}${/}gatein${/}hypersonic${/}gatein-idm-localDB </connection-url> <driver-class>org.hsqldb.jdbcDriver</driver-class> <user-name>sa</user-name> <password></password>
<min-pool-size>5</min-pool-size> <max-pool-size>20</max-pool-size> <idle-timeout-minutes>0</idle-timeout-minutes> <prepared-statement-cache-size>32</prepared-statement-cache-size></no-tx-datasource>
More information about setting up datasources can be found in the Enterprise Application Platformdocumentation.
Using Sybase
Sybase requires a particular configuration of JBoss Enterprise Portal Platform, to switch on thatconfiguration, it is mandatory to run the portal with the extra sybase profile. This would mean torun the application server with sh run.sh -Dexo.profiles=sybase in a single node and shrun.sh -Dexo.profiles=sybase,cluster for a cluster node.
Example with MySQL Server 5.1
21
Do not delete JBOSS_HOME/server/<PROFILE>/data
The JCR can store information both in a database and on the file system depending on theconfiguration of the value storage. Refer to the JBoss Enterprise Portal Platform Reference Guidefor more information.
By default, the portal will store information required to run the portal in JBOSS_HOME/server/<PROFILE>/data/gatein/jcr/values/.
You can change this directory location by editing the JBOSS_HOME/server/<PROFILE>/conf/gatein/configuration.properties file, the name of the property being:gatein.jcr.storage.data.dir
5.1.4. Example with MySQL Server 5.1
Installing the MySQL JDBC connectorThe MySQL JDBC connector is required for EPP to use a MySQL database:
The mysql-java-connector package is available through Red Hat Network1. This is therecommended installation method.
For users who are not able to access the Red Hat Network, MySQL is available directly from http://www.mysql.com2. You should download a version listed in the Certified Configurations table availableon the JBoss Enterprise Portal Platform3 JBoss website.
Creating a MySQL DatabaseIf you have just installed MySQL, make sure the MySQL server is running, and then run the followingcommand to set the root user password:
mysqladmin -u root password 'new-root-user-password'
1. Run the following command to log in to MySQL. Enter the root user password when prompted:
mysql -u root -p
2. Use the CREATE DATABASE command to create a new gateinjcr database.
1 https://www.redhat.com/wapps/sso/rhn/login.html?redirect=http%3A%2F%2Frhn.redhat.com%2Frhn%2FYourRhn.do2 http://www.mysql.com/downloads/connector/j/3 http://www.jboss.com/products/platforms/portals/testedconfigurations/
Chapter 5. Configuration
22
Note: Database names
The remainder of this guide, and the configuration examples that follow assume the databasenames to be gateinjcr and gateinidm. If you change the database names, please updategatein-ds.xml accordingly (for each server configuration used).
mysql> CREATE DATABASE gateinjcr;
The output should be similar to the following:
Query OK, 1 row affected (0.00 sec)
Then repeat with:
mysql> CREATE DATABASE gateinidm;
At this point, the SHOW DATABASES; command should display the gatein databases:
mysql> SHOW DATABASES;+--------------------+| Database |+--------------------+| information_schema | | gateinjcr | | gateinidm | | mysql | +--------------------+4 rows in set (0.00 sec)
It is safe to ignore the other databases.
3. Add a new user and give that user access to the gatein databases. The following example addsa new user named gateinuser, with the password gateinpassword. It is recommended thatyou choose a different password to the one supplied here by changing gateinpassword to someother password:
CREATE USER 'gateinuser'@'localhost' IDENTIFIED BY 'gateinpassword';
4. Grant the necessary privileges to the user:
mysql> GRANT ALL PRIVILEGES ON gateinjcr.* TO 'gateinuser'@'localhost' IDENTIFIED BY 'gateinpassword' WITH GRANT OPTION;
mysql> GRANT ALL PRIVILEGES ON gateinidm.* TO 'gateinuser'@'localhost' IDENTIFIED BY 'gateinpassword' WITH GRANT OPTION;
Example with MySQL Server 5.1
23
MySQL Datasource DescriptorWe now need to change the portal database descriptor
1. Edit the file located at JBOSS_HOME/server/<PROFILE>/deploy/gatein-ds.xml.
2. Update the following lines in the Datasource descriptor to reflect the correct database, usernameand password respectively:• <connection-url>jdbc:mysql://mysql-hostname:3306/DATABASE</connection-url>;• In this example the database name is gateinjcr for the first datasource listed in gatein-ds.xml.
• The database name for the second datasource is gateinidm. See the example gatein-ds.xml file provided.
• <user-name>USER-NAME</user-name>;• The user-name for this example is gateinuser.
• <password>PASSWORD</password>;• This example uses the gateinpassword password. Enter this or the password chosen at
Creating a MySQL Database.
gatein-ds.xml will then look like:
<datasources> <no-tx-datasource> <jndi-name>gatein-idm</jndi-name> <connection-url>jdbc:mysql://mysql-hostname:3306/gateinidm</connection-url> <driver-class>com.mysql.jdbc.Driver</driver-class> <user-name>gateinuser</user-name> <password>gateinpassword</password>
<min-pool-size>5</min-pool-size> <max-pool-size>20</max-pool-size> <idle-timeout-minutes>0</idle-timeout-minutes> <prepared-statement-cache-size>32</prepared-statement-cache-size> </no-tx-datasource> <no-tx-datasource> <jndi-name>gatein-jcr</jndi-name> <connection-url>jdbc:mysql://mysql-hostname:3306/gateinjcr</connection-url> <driver-class>com.mysql.jdbc.Driver</driver-class> <user-name>gateinuser</user-name> <password>gateinpassword</password>
<min-pool-size>5</min-pool-size> <max-pool-size>20</max-pool-size> <idle-timeout-minutes>0</idle-timeout-minutes> <prepared-statement-cache-size>32</prepared-statement-cache-size> </no-tx-datasource></datasources>
Chapter 5. Configuration
24
Important
Some underlying JBoss Enterprise Application Platform services might still be using Hypersonicwhich is an in-VM database server loaded in the same memory space. To connect these servicesto another RDBMS or disable them please refer to the EAP documentation or simply contactJBoss Support for assistance.
5.2. E-Mail Service Configuration
5.2.1. OverviewJBoss Enterprise Portal Platform includes an e-mail sending service that needs to be configuredbefore it can function properly. This service, for instance, is used to send e-mails to users who forgottheir password or username.
5.2.2. Configuring the outgoing e-mail accountThe e-mail service can use any SMTP account configured in JBOSS_HOME/server/<PROFILE>/conf/gatein/configuration.properties
The relevant section looks like:
# EMailgatein.email.smtp.username=gatein.email.smtp.password=gatein.email.smtp.host=smtp.gmail.comgatein.email.smtp.port=465gatein.email.smtp.starttls.enable=truegatein.email.smtp.auth=truegatein.email.smtp.socketFactory.port=465gatein.email.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory
The email service is pre-configured for GMail, so that any GMail account can be used with minimalconfiguration. Simply enter the full GMail address as the username and fill in the correspondingpassword.
In corporate environments you will want to use your corporate SMTP gateway. When using it overSSL, such as in the default configuration, you may need to configure a certificate truststore containingyour SMTP server's public certificate. Depending on the key sizes, you may then also need to installJava Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your Java RuntimeEnvironment.
5.3. Clustering Configuration
5.3.1. OverviewJBoss Enterprise Portal Platform has been developed to support high availability and high horizontaland vertical scalability. The setup instructions have been kept to a minimum, however, a goodunderstanding of clustering services in JBoss Enterprise Application Platform and JBoss Cache wouldbe required in order to configure the optimal settings.
Prerequisites
25
5.3.2. PrerequisitesThe clustering services are available only in the all and production server configurations.Additionally the following prerequisites should be met:
• a rapid shared file system is required such as a Storage Area Network (SAN) and;
• databases should be shared among the various nodes of the cluster and configured to point to thesame instances.
5.3.3. configuration.propertiesEdit the following entries in the JBOSS_HOME/jboss-as/server/<PROFILE>/conf/gatein/configuration.properties file:
• gatein.jcr.storage.data.dir;• To specify the location of the "value storage". This folder must not be deleted as it contains
data required for the portal to run. For more details about "value storage" please refer to theJCR configuration in the JBoss Enterprise Portal Platform Reference Guide available at http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Portal_Platform/index.html
• gatein.jcr.index.data.dir;• To specify the location on a shared file system to store the JCR index. If the directory is deleted,
the JCR will recreate the indexes on next start of the server. (This operation may take a very longtime, depending on the size of the data stored in the JCR).
• gatein.jcr.index.changefilterclass;• This must be changed toorg.exoplatform.services.jcr.impl.core.query.jbosscache.JBossCacheIndexChangesFilter.
• gatein.jcr.config.type;• This must be changed to cluster.
The default property file would look like the following:
# Datagatein.data.dir=/mnt/shared/mylocation
# DBgatein.db.data.dir=${gatein.data.dir}/db
# JCRgatein.jcr.config.type=clustergatein.jcr.datasource.name=java:gatein-jcrgatein.jcr.datasource.dialect=auto
gatein.jcr.data.dir=${gatein.data.dir}/jcrgatein.jcr.storage.data.dir=${gatein.jcr.data.dir}/valuesgatein.jcr.index.data.dir=${gatein.jcr.data.dir}/lucenegatein.jcr.index.changefilterclass=org.exoplatform.services.jcr.impl.core.query.jbosscache.JBossCacheIndexChangesFilter
[...]
5.3.4. Running with the cluster profileTo run the portal in high-availability mode, you would need to start all nodes with an extra profileconfiguration as follows:
Chapter 5. Configuration
26
In Linux
run.sh -c all -Dexo.profiles=cluster
In Windows
run.bat -c all -Dexo.profiles=cluster
5.4. HTTPS Configuration
5.4.1. OverviewJBoss Enterprise Portal Platform runs, by default, in HTTP mode. However, for security purposes,you can configure it to run in HTTPS mode. This section explains how to run JBoss Enterprise PortalPlatform in HTTPS mode.
5.4.2. Generate your keyIf you haven't a X.509 certificate, you can make a simple certificate using the keytool command:
Procedure 5.1. 1. Change the variables in the following command to suit your circumstances then run it a terminal:
keytool -genkey -alias serverkeys -keyalg RSA -keystore server.keystore -storepass 123456 -keypass 123456 -dname "CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY"
Your key will be stored in server.keystore
2. Import your key into the Sun JDK keystore (this is required to help running gadget features) withthe following command:
keytool -importkeystore -srckeystore server.keystore -destkeystore $JAVA_HOME/jre/lib/security/cacerts
5.4.3. Setup JBoss configuration to use your keyTo set the JBoss configuration to use the new key:
Procedure 5.2. 1. Comment the following lines in JBOSS_HOME/server/<PROFILE>/deploy/jbossweb.sar/
server.xml:
<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}" connectionTimeout="20000" redirectPort="8443" >
2. Uncomment the following lines...
<Connector protocol="HTTP/1.1" SSLEnabled="true" port="8443" address="${jboss.bind.address}" scheme="https" secure="true" clientAuth="false"
Restart
27
keystoreFile="$JAVA_HOME/jre/lib/security/cacerts" keystorePass="123456" sslProtocol = "TLS" />
...and change the values of keystoreFile and keystorePass to values of your key.
5.4.4. RestartOnce you have configured your environment, restart your JBoss Enterprise Portal Platform instance.
You can now access the portal via address: https://<ServerAddress>:8443/portal
5.5. Gadget Proxy Configuration
5.5.1. OverviewGadget consumption requires a local anonymous proxy to route access to elements used by thegadgets.
This must be done to work around web-browser security mechanisms.
5.5.2. Setup the FilterThe anonymous proxy can be setup to accept or refuse certain hosts.
By default, the proxy is closed to any host except the domain on which the gadget server is installed.
To modify the filtering of domain names, modify: JBOSS_HOME/server/<PROFILE>/deploy/gatein.ear/02portal.war/WEB-INF/conf/common/common-configuration.xml
Example 5.1. common-configuration.xml
<component> <key>org.exoplatform.web.security.proxy.ProxyFilterService</key> <type>org.exoplatform.web.security.proxy.ProxyFilterService</type> <init-params> <values-param> <!-- The white list --> <name>white-list</name> <value></value> </values-param> <values-param> <name>black-list</name> <value></value> </values-param> </init-params> </component>
The proxy will deny access to a resource that is on the blacklist. If the domain name does not matchany of the blacklist, the proxy filter will verify if the domain name is on the white list.
If the domain name is not defined in either the white list or black list, access will be denied.
Multiple values can be added for each list and wildcards can also be used.
Below is an example of a valid configuration:
Chapter 5. Configuration
28
Example 5.2. Valid Proxy Configuration
<component> <key>org.exoplatform.web.security.proxy.ProxyFilterService</key> <type>org.exoplatform.web.security.proxy.ProxyFilterService</type> <init-params> <values-param> <!-- The white list --> <name>white-list</name> <value>*.example.com</value> <value>www.example.net</value> </values-param> <values-param> <name>black-list</name> <value>evil.example.com</value> </values-param> </init-params> </component>
Chapter 6.
29
Installing Add-onsImportant
Do not read further in this guide if you intend to install the JBoss Site Publisher add-on.
At this point you should refer to the JBoss Site Publisher Installation Guide available at http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Portal_Platform/index.html and install the add-on.
Once you have completed the installation for the JBoss Site Publisher extension, you should return tothis document and continue this process.
30
Chapter 7.
31
Test your InstallationAfter you have installed the JBoss Enterprise Portal Platform, it is wise to perform a simple start uptest to validate that there are no major problems with your Java VM/operating system combination.Make sure you have set the JBOSS_HOME environment variables as explained in Chapter 4, PostInstallation Configuration.
To test your installation:• move to the JBOSS_HOME/bin directory;
• execute the run.bat (for Windows) or run.sh (for Linux) script, as appropriate for your operatingsystem;• Ensure that you run the configuration corresponding to the JBOSS_HOME/server/<PROFILE>/
chosen in Creating a MySQL Database
The example below uses the production configuration. Your output should look like the following(accounting for installation directory differences and version numbers) and should not contain anyerror or exception messages:
[user@localhost bin]$ ./run.sh -c production=========================================================================
JBoss Bootstrap Environment
JBOSS_HOME: /home/user/jboss-epp-5.0/jboss-as
JAVA: /usr/java/jdk1.6.0_16/bin/java
JAVA_OPTS: -Dprogram.name=run.sh -server -Xms1303m -Xmx1303m -XX:MaxPermSize=256m -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Dsun.lang.ClassLoader.allowArraySyntax=true -Dexo.conf.dir.name=gatein -Djava.net.preferIPv4Stack=true
CLASSPATH: /home/user/jboss-epp-5.0/jboss-as/bin/run.jar/usr/java/jdk1.6.0_16/lib/tools.jar
=========================================================================
16:59:41,401 INFO [ServerImpl] Starting JBoss (Microcontainer)...16:59:41,401 INFO [ServerImpl] Release ID: JBoss [EAP] 5.0.0.GA (build: SVNTag=JBPAPP_5_0_0_GA date=200910202128)16:59:41,402 INFO [ServerImpl] Bootstrap URL: null16:59:41,402 INFO [ServerImpl] Home Dir: /home/user/jboss-epp-5.0/jboss-as16:59:41,402 INFO [ServerImpl] Home URL: file:/home/user/jboss-epp-5.0/jboss-as/16:59:41,402 INFO [ServerImpl] Library URL: file:/home/user/jboss-epp-5.0/jboss-as/lib/16:59:41,403 INFO [ServerImpl] Patch URL: null16:59:41,403 INFO [ServerImpl] Common Base URL: file:/home/user/jboss-epp-5.0/jboss-as/common/16:59:41,404 INFO [ServerImpl] Common Library URL: file:/home/user/jboss-epp-5.0/jboss-as/common/lib/16:59:41,404 INFO [ServerImpl] Server Name: production......16:59:44,345 INFO [JMXKernel] Legacy JMX core initialized
Chapter 7. Test your Installation
32
Note: Production server log file
There is no "Server Started" message shown at the console when the server is started usingthe production profile. This message may be observed in the server.log file located in theJBOSS_HOME/server/production/log subdirectory.
Ensure that port 8080 is not already in use and open http://localhost:8080/portal in yourweb browser.
Note
On some machines, the name localhost won’t resolve properly and you should use the localloopback address 127.0.0.1 instead.
The contents of your page should look similar to this: Figure 7.1, “Test your Installation”.
Figure 7.1. Test your Installation
You are now ready to use JBoss Enterprise Portal Platform. Refer to the User Guide and ReferenceGuide for more information about the product's feature set and example applications showcasingJBoss Enterprise Portal Platform in action.
Chapter 8.
33
Uninstall JBoss Enterprise PortalPlatformAs JBoss Enterprise Portal Platform was installed from a zip file, you may uninstall it by simplydeleting the JBoss Enterprise Portal Platform directory installed on your system.
34
35
Appendix A. Revision HistoryRevision2-5.1.4
Fri Jul 15 2011 Scott Mumford
Updated for 5.1.1 Release.
Revision 1-5.2 Wed June 22 2011 Scott Mumford [email protected] new Bugzilla feedback link.Corrected minor typographical errors.
Revision 1-1.1 Tue Nov 24 2009 Scott Mumford [email protected] creation of book in Publican
36
37
Index
CClustering
Configuration, 24Configuration
Clustering, 24Database, 19MySQL, 21
DDatabase
Configuration, 19MySQL, 21System Requirements, 5
Ffeedback
contact information for this manual, viii
Hhelp
getting help, vii
MMySQL, 21
SSystem Requirements
Database, 5Directory server, 5OS/JVM, 5
38