geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v2.2 > DataCDInfo -- A sample about Struts1+EJB+JPA+JTA+Security Annotations
Date Wed, 03 Feb 2010 07:07:00 GMT
<html>
<head>
    <base href="http://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1519/1/1/_/styles/combined.css?spaceKey=GMOxDOC22&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background-color: white" bgcolor="white">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
     <h2><a href="http://cwiki.apache.org/confluence/pages/viewpage.action?pageId=12845504">DataCDInfo
-- A sample about Struts1+EJB+JPA+JTA+Security Annotations</a></h2>
     <h4>Page <b>edited</b> by             <a href="http://cwiki.apache.org/confluence/display/~xiaming">Forrest
Xia</a>
    </h4>
     
          <br/>
     <div class="notificationGreySide">
         <style type='text/css'>/*<![CDATA[*/
table.ScrollbarTable  {border: none;padding: 3px;width: 100%;padding: 3px;margin: 0px;background-color:
#f0f0f0}
table.ScrollbarTable td.ScrollbarPrevIcon {text-align: center;width: 16px;border: none;}
table.ScrollbarTable td.ScrollbarPrevName {text-align: left;border: none;}
table.ScrollbarTable td.ScrollbarParent {text-align: center;border: none;}
table.ScrollbarTable td.ScrollbarNextName {text-align: right;border: none;}
table.ScrollbarTable td.ScrollbarNextIcon {text-align: center;width: 16px;border: none;}

/*]]>*/</style><div class="Scrollbar"><table class='ScrollbarTable'><tr><td
class='ScrollbarPrevIcon'><a href="/confluence/display/GMOxDOC22/Customer+Simple+ejb+application+with+a+JPA+entity"><img
border='0' align='middle' src='/confluence/images/icons/back_16.gif' width='16' height='16'></a></td><td
width='33%' class='ScrollbarPrevName'><a href="/confluence/display/GMOxDOC22/Customer+Simple+ejb+application+with+a+JPA+entity">Customer
Simple ejb application with a JPA entity</a>&nbsp;</td><td width='33%'
class='ScrollbarParent'><sup><a href="/confluence/display/GMOxDOC22/Sample+applications"><img
border='0' align='middle' src='/confluence/images/icons/up_16.gif' width='8' height='8'></a></sup><a
href="/confluence/display/GMOxDOC22/Sample+applications">Sample applications</a></td><td
width='33%' class='ScrollbarNextName'>&nbsp;<a href="/confluence/display/GMOxDOC22/daytrader+-+a+more+complex+application">daytrader
- a more complex application</a></td><td class='ScrollbarNextIcon'><a
href="/confluence/display/GMOxDOC22/daytrader+-+a+more+complex+application"><img border='0'
align='middle' src='/confluence/images/icons/forwd_16.gif' width='16' height='16'></a></td></tr></table></div>

<p>This article describes about how to develop a Struts1 web application for Geronimo.
Besides Struts1 technology, you also can find some sample code about JPA and Security annotation.</p>

<div class='panelMacro'><table class='noteMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/warning.gif" width="16" height="16"
align="absmiddle" alt="" border="0"></td><td><p>Because of the <a
href="https://issues.apache.org/jira/browse/GERONIMO-5020" rel="nofollow">JIRA</a>,
the sample is not available as a geronimo plugin at the written time.</p>

<p>This article won't serve as a tutorial of developing a Struts1 application. For more
information about Struts1 development, refer to <a href="http://struts.apache.org/1.3.10/index.html"
rel="nofollow">Struts1 web site</a>.</p></td></tr></table></div>

<p>This article is organized into the following sections.</p>
<div>
<ul>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-Applicationoverview'>Application
overview</a></li>
<ul>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-Applicationcontents'>Application
contents</a></li>
<ul>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-TheEJBmodule'>The
EJB module</a></li>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-TheWebModule'>The
Web Module</a></li>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-TheEARmodule'>The
EAR module</a></li>
</ul>
</ul>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-RunApplication'>Run
Application</a></li>
<ul>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-Usinggeronimoadminconsoletodeploytheapplication.'>Using
geronimo admin console to deploy the application.</a></li>
    <li><a href='#DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-RunningDataCDInfo'>Running
DataCDInfo</a></li>
</ul>
</ul></div>


<h1><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-Applicationoverview"></a>Application
overview</h1>

<p>Assuming you have accumulated lot of archival data CDs from your computer, each of
them includes rich of information you ever collected. The collection of the archived CDs is
your valuable knowledge asset, so you want to manage them carefully and organizedly for future
easy references. The DataCDInfo is an application to assist you to manage the information
of your archival data CDs. </p>

<p>With this application, you can register a user, and then login to add records for
your archived CDs. You can record detail information that is not suitable to label on CD surface,
such as detailed list of data CD content, archival date, and CD size. </p>

<p>This application set some admin roles to be able to view overall recorded CDs and
help retrieve user's password if there is a forgotten.</p>

<p>In a short summary, DataCDInfo is a simple CRUD(Create, Retrieve, Update and Delete)
application, which adopts Struts1, JPA, JTA, and security annotation techniques.</p>

<h2><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-Applicationcontents"></a>Application
contents</h2>
<p>DataCDInfo uses the typical Java EE application structure: an EJB module, an Web
module, and an EAR module.</p>

<h3><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-TheEJBmodule"></a>The
EJB module</h3>

<p>The EJB module includes the major business logic of this application. It consists
of JPA entity beans, a stateless session bean, a stateful session bean and some exception
clasess.</p>

<ul>
	<li>Two JPA entity beans: DataCDBean and OwnerBean, represents Data CD records and
Owner records respectively. The relation bewteen OwnerBean and DataCDBean is 1...&#42;,
one owner could have multiple Data CDs.</li>
	<li>The DataCDInfoJTAImpl is a stateless session bean which implements the business
logic of DataCDInfo application, including login, registration/unregistration of owner, and
add/update/remove data CD records.  DataCDInfoLocal and DataCDInfoRemote is the local and
remote business interface respectively.</li>
	<li>The DataCDInfoAdmin is a stateful session, in which there is an EXTENDED persistence
context. By default, a container-managed persistence context is of type TRANSACTION. The EXTENDED
persistence context can only be initiated within a scope of a stateful session bean.</li>
	<li>The DataCDInfoAdmin defines two roles "superadmin" and "admin" with security annotation
@RolesAllowed. In the code, role "superadmin" can access all of three methods, while role
"admin" can only access "listOwners" method. Another way to define the access is via EJB deployment
descriptor "ejb-jar.mxl". The definition in ejb-jar.xml overrides the one in code.<br/>
As the definition of "ejb-jar.xml" below, the role "admin" also has access to method "listAllDataCDs"
besides the method "listOwners" defined in the code.
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>ejb-jar.xml</b></div><div
class="codeContent panelContent">
<pre class="code-xml">
<span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span>
encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
&lt;!--
    Licensed to the Apache Software Foundation (ASF) under one or more
    contributor license agreements.  See the NOTICE file distributed with
    this work for additional information regarding copyright ownership.
    The ASF licenses this file to You under the Apache License, Version 2.0
    (the <span class="code-quote">"License"</span>); you may not use this file
except in compliance with
    the License.  You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

    Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an <span class="code-quote">"AS
IS"</span> BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
--&gt;
&lt;ejb-jar version=<span class="code-quote">"3.0"</span>
    xmlns=<span class="code-quote">"http://java.sun.com/xml/ns/javaee"</span>
    <span class="code-keyword">xmlns:xsi</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span>

    xsi:schemaLocation=<span class="code-quote">"http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd"</span>&gt;

    <span class="code-tag">&lt;display-name&gt;</span>DataCDInfo Enterprise
Bean Definitions<span class="code-tag">&lt;/display-name&gt;</span>
    
    <span class="code-tag">&lt;enterprise-beans&gt;</span>
	<span class="code-tag">&lt;session&gt;</span>
		<span class="code-tag">&lt;ejb-name&gt;</span>ejb/DataCDInfoJTAImpl<span
class="code-tag">&lt;/ejb-name&gt;</span>
		<span class="code-tag">&lt;business-local&gt;</span>org.apache.geronimo.samples.datacdinfo.core.DataCDInfoLocal<span
class="code-tag">&lt;/business-local&gt;</span>
		<span class="code-tag">&lt;business-remote&gt;</span>org.apache.geronimo.samples.datacdinfo.core.DataCDInfoRemote<span
class="code-tag">&lt;/business-remote&gt;</span>
		<span class="code-tag">&lt;ejb-class&gt;</span>org.apache.geronimo.samples.datacdinfo.core.DataCDInfoJTAImpl<span
class="code-tag">&lt;/ejb-class&gt;</span>
                <span class="code-tag"><span class="code-comment">&lt;!--
Stateful|Stateless --&gt;</span></span>
		<span class="code-tag">&lt;session-type&gt;</span>Stateless<span
class="code-tag">&lt;/session-type&gt;</span>
                <span class="code-tag"><span class="code-comment">&lt;!--
Who manages transanction? Bean|Container --&gt;</span></span>
		<span class="code-tag">&lt;transaction-type&gt;</span>Container<span
class="code-tag">&lt;/transaction-type&gt;</span>
	<span class="code-tag">&lt;/session&gt;</span>
	<span class="code-tag">&lt;session&gt;</span>
		<span class="code-tag">&lt;ejb-name&gt;</span>ejb/DataCDInfoAdmin<span
class="code-tag">&lt;/ejb-name&gt;</span>
		<span class="code-tag">&lt;business-local&gt;</span>org.apache.geronimo.samples.datacdinfo.core.DataCDInfoAdminLocal<span
class="code-tag">&lt;/business-local&gt;</span>
		<span class="code-tag">&lt;ejb-class&gt;</span>org.apache.geronimo.samples.datacdinfo.core.DataCDInfoAdmin<span
class="code-tag">&lt;/ejb-class&gt;</span>
                <span class="code-tag"><span class="code-comment">&lt;!--
Stateful|Stateless --&gt;</span></span>
	        <span class="code-tag">&lt;session-type&gt;</span>Stateful<span
class="code-tag">&lt;/session-type&gt;</span>
                <span class="code-tag"><span class="code-comment">&lt;!--
Who manages transanction? Bean|Container --&gt;</span></span>
		<span class="code-tag">&lt;transaction-type&gt;</span>Container<span
class="code-tag">&lt;/transaction-type&gt;</span>
	<span class="code-tag">&lt;/session&gt;</span>		
    <span class="code-tag">&lt;/enterprise-beans&gt;</span>	

    <span class="code-tag">&lt;assembly-descriptor&gt;</span>
	<span class="code-tag">&lt;method-permission&gt;</span>
	    <span class="code-tag">&lt;role-name&gt;</span>superadmin<span
class="code-tag">&lt;/role-name&gt;</span>
	    <span class="code-tag">&lt;method&gt;</span>
		<span class="code-tag">&lt;ejb-name&gt;</span>ejb/DataCDInfoAdmin<span
class="code-tag">&lt;/ejb-name&gt;</span>
		<span class="code-tag">&lt;method-name&gt;</span>*<span class="code-tag">&lt;/method-name&gt;</span>
	    <span class="code-tag">&lt;/method&gt;</span>
	<span class="code-tag">&lt;/method-permission&gt;</span>
		&lt;!-- In code, role <span class="code-quote">"admin"</span> only has right
to access listOwners method
		but via this xml definition, the role could also access listAllDataCDs method --&gt;
	<span class="code-tag">&lt;method-permission&gt;</span>
	    <span class="code-tag">&lt;role-name&gt;</span>admin<span class="code-tag">&lt;/role-name&gt;</span>
		<span class="code-tag">&lt;method&gt;</span>
	 	    <span class="code-tag">&lt;ejb-name&gt;</span>ejb/DataCDInfoAdmin<span
class="code-tag">&lt;/ejb-name&gt;</span>
		    <span class="code-tag">&lt;method-name&gt;</span>listAllDataCDs<span
class="code-tag">&lt;/method-name&gt;</span>					
		<span class="code-tag">&lt;/method&gt;</span>
	<span class="code-tag">&lt;/method-permission&gt;</span>
    <span class="code-tag">&lt;/assembly-descriptor&gt;</span>     
<span class="code-tag">&lt;/ejb-jar&gt;</span>
</pre>
</div></div></li>
</ul>


<ul>
	<li>A persistence unit is defined via META-INF/persistence.xml as shown below.
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>persistence.xml</b></div><div
class="codeContent panelContent">
<pre class="code-xml">
<span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span>
encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
&lt;!--
    Licensed to the Apache Software Foundation (ASF) under one or more
    contributor license agreements.  See the NOTICE file distributed with
    this work for additional information regarding copyright ownership.
    The ASF licenses this file to You under the Apache License, Version 2.0
    (the <span class="code-quote">"License"</span>); you may not use this file
except in compliance with
    the License.  You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

    Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an <span class="code-quote">"AS
IS"</span> BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
--&gt;
<span class="code-tag">&lt;persistence xmlns=<span class="code-quote">"http://java.sun.com/xml/ns/persistence"</span>
version=<span class="code-quote">"1.0"</span>&gt;</span>
  <span class="code-tag">&lt;persistence-unit name=<span class="code-quote">"DataCDInfoUnit"</span>
transaction-type=<span class="code-quote">"JTA"</span>&gt;</span>
    <span class="code-tag">&lt;description&gt;</span>DataCDInfo Persistence
Unit Definition<span class="code-tag">&lt;/description&gt;</span>
    <span class="code-tag">&lt;jta-data-source&gt;</span>jdbc/DataCDInfoDS<span
class="code-tag">&lt;/jta-data-source&gt;</span>
    <span class="code-tag">&lt;non-jta-data-source&gt;</span>jdbc/NoTxDataCDInfoDS<span
class="code-tag">&lt;/non-jta-data-source&gt;</span>	
    <span class="code-tag">&lt;class&gt;</span>org.apache.geronimo.samples.datacdinfo.beans.OwnerBean<span
class="code-tag">&lt;/class&gt;</span>
    <span class="code-tag">&lt;class&gt;</span>org.apache.geronimo.samples.datacdinfo.beans.DataCDBean<span
class="code-tag">&lt;/class&gt;</span>
    <span class="code-tag">&lt;exclude-unlisted-classes&gt;</span>true<span
class="code-tag">&lt;/exclude-unlisted-classes&gt;</span>
    <span class="code-tag">&lt;properties&gt;</span>      
      <span class="code-tag">&lt;property name=<span class="code-quote">"openjpa.Sequence"</span>
value=<span class="code-quote">"table(Table=OPENJPASEQ, Increment=1)"</span>/&gt;</span>
      
      <span class="code-tag"><span class="code-comment">&lt;!--&lt;property
name=<span class="code-quote">"openjpa.jdbc.SynchronizeMappings"</span> value=<span
class="code-quote">"buildSchema(ForeignKeys=true)"</span>/&gt;</span>--&gt;</span>
      <span class="code-tag"><span class="code-comment">&lt;!--&lt;property
name=<span class="code-quote">"openjpa.Log"</span> value=<span class="code-quote">"DefaultLevel=WARN,
Tool=INFO"</span>/&gt;</span>--&gt;</span>
      <span class="code-tag">&lt;property name=<span class="code-quote">"openjpa.Log"</span>
value=<span class="code-quote">"File=/tmp/org.apache.openjpa.log, DefaultLevel=WARN,
Tool=INFO, Runtime=TRACE, SQL=TRACE"</span>/&gt;</span>
    <span class="code-tag">&lt;/properties&gt;</span>
  <span class="code-tag">&lt;/persistence-unit&gt;</span>
<span class="code-tag">&lt;/persistence&gt;</span>
</pre>
</div></div></li>
</ul>


<div class='panelMacro'><table class='noteMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/warning.gif" width="16" height="16"
align="absmiddle" alt="" border="0"></td><td><p>If the persistence context
requires some non-transactional operations, such as table sequence generation, you need to
define a non-jta-data-source as well. Otherwise, you will encounter an exception like "org.apache.openjpa.persistence.RollbackException:
The transaction has been rolled back."</p></td></tr></table></div>

<p>The maven project layout of the EJB module as follows:</p>
<div class="preformatted panel" style="background-color: #FFFFFF;border-color: #FFFFFF;border-style:
solid;border-width: 1px;"><div class="preformattedContent panelContent" style="background-color:
#FFFFFF;">
<pre>|-- pom.xml
`-- src
    `-- main
        |-- java
        |   `-- org
        |       `-- apache
        |           `-- geronimo
        |               `-- samples
        |                   `-- datacdinfo
        |                       |-- beans
        |                       |   |-- DataCDBean.java
        |                       |   `-- OwnerBean.java
        |                       |-- core
        |                       |   |-- DataCDInfoAdmin.java
        |                       |   |-- DataCDInfoAdminLocal.java
        |                       |   |-- DataCDInfoJTAImpl.java
        |                       |   |-- DataCDInfoLocal.java
        |                       |   `-- DataCDInfoRemote.java
        |                       `-- exceptions
        |                           |-- DuplicatedDataCDException.java
        |                           |-- IncorrectPasswordException.java
        |                           |-- InvalidOwnerException.java
        |                           `-- InvalidPasswordException.java
        `-- resources
            `-- META-INF
                |-- ejb-jar.xml
                |-- openejb-jar.xml
                `-- persistence.xml
</pre>
</div></div>

<h3><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-TheWebModule"></a>The
Web Module</h3>

<p>All Struts1 objects are in the Web module. A typical Struts1 web application uses
a configuration file to initialize its resources. The resources include ActionForms to collect
input from users, ActionMappings  to direct input to server-side  Actions,  and ActionForwards
to select output pages.(Quoted from Struts1 documentation).</p>

<p>The DataCDInfo application web module consists of:</p>
<ul>
	<li>Struts1 ActionForm: DataCDForm and OwnerForm.
	<ul>
		<li>The two ActionForm extends Struts1 ValidatorForm in order to utilize the convenient
validation feature provided by Struts1.</li>
		<li>You may find these two classes are very similar with the JPA entity beans. This
kind of design is a demand of Struts1, so that view model is separated from the backend business
model. To convey data between Struts1 form bean and business logic bean, you can use org.apache.commons.beanutils.PropertyUtils.</li>
	</ul>
	</li>
</ul>


<ul>
	<li>Struts1 Action: DataCDActions and OwnerActions
	<ul>
		<li>The two Action classes extend Struts1 MappingDispatchAction, so that business
related actions could be in the same Action class. For details, check the API doc of MappingDispatchAction.</li>
		<li>The two Action classes wrap form data and call the corresponding business operations
to persist the data into database.</li>
	</ul>
	</li>
</ul>


<ul>
	<li>Struts1 resource files: DataCDInfoResource.properties and several DataCDInfoResources_LANG.properties
	<ul>
		<li>Struts1 uses standard globalization way that Java language provides to present
messages for different locale.</li>
		<li>At the release time, the sample includes message resources for locale en_US and
zh_CN. You can easily extends the locale support by adding additional locale resource file
to the resources directory, and then make a new build to deploy.</li>
	</ul>
	</li>
</ul>


<ul>
	<li>Struts1 configuration file: struts-config.xml and validation.xml
	<ul>
		<li>The file "struts-config.xml" is the main configuration file of Struts1 application.
Struts1 artifacts, such as ActionForm, Actions, ActionMapping, and Validator, are all defined
here.</li>
		<li>The file "validation.xml" defines the validation rules used by the application.
Struts1 provides simple validator for number and date verification.</li>
	</ul>
	</li>
</ul>


<ul>
	<li>Struts1 view JSPs: view/jsp/*.jsp
	<ul>
		<li>The common Struts1 taglibs are used in those JSPs. They are part of standard Struts1
view technologies. Struts1 supports several different view technologies, for example, Velocity,
Tiles, and etc.</li>
	</ul>
	</li>
</ul>


<p>Besides the artifacts of Struts1, there are some other artifacts used to DataCDInfo
admin logic operations:</p>
<ul>
	<li>DataCDInfoAdminServlet &#8211; A servlet used to call security-controlled business
methods defined in DataCDInfoAdmin stateful session bean.</li>
	<li>admin/<b>.</b> &#8211; The presentation files of DataCDInfo admin
operations</li>
	<li>auth/<b>.</b> &#8211; The files used to FORM authentication. By
default, the DataCDInfo application uses BASIC authentication. If you want to see what FORM
authentication looks like, you can modify web.xml as follows:
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>part
of web.xml</b></div><div class="codeContent panelContent">
<pre class="code-xml">
 ...
 <span class="code-tag">&lt;login-config&gt;</span>
    <span class="code-tag">&lt;auth-method&gt;</span>FORM<span class="code-tag">&lt;/auth-method&gt;</span>
    <span class="code-tag">&lt;realm-name&gt;</span>geronimo-admin<span
class="code-tag">&lt;/realm-name&gt;</span>
    <span class="code-tag">&lt;form-login-config&gt;</span>
         <span class="code-tag">&lt;form-login-page&gt;</span>/auth/logon.html<span
class="code-tag">&lt;/form-login-page&gt;</span>
         <span class="code-tag">&lt;form-error-page&gt;</span>/auth/logonError.html<span
class="code-tag">&lt;/form-error-page&gt;</span>
    <span class="code-tag">&lt;/form-login-config&gt;</span>
 <span class="code-tag">&lt;/login-config&gt;</span>
 &lt;!--
 <span class="code-tag">&lt;login-config&gt;</span>

	<span class="code-tag">&lt;auth-method&gt;</span>BASIC<span class="code-tag">&lt;/auth-method&gt;</span>

	<span class="code-tag">&lt;realm-name&gt;</span>geronimo-admin<span
class="code-tag">&lt;/realm-name&gt;</span>

 <span class="code-tag">&lt;/login-config&gt;</span>
 --&gt;
...
</pre>
</div></div></li>
</ul>



<p>The maven project layout of the Web module as follows:</p>
<div class="preformatted panel" style="background-color: #FFFFFF;border-color: #FFFFFF;border-style:
solid;border-width: 1px;"><div class="preformattedContent panelContent" style="background-color:
#FFFFFF;">
<pre>|-- pom.xml
`-- src
    `-- main
        |-- java
        |   `-- org
        |       `-- apache
        |           `-- geronimo
        |               `-- samples
        |                   `-- datacdinfo
        |                       `-- web
        |                           |-- DataCDInfoAdminServlet.java
        |                           |-- ListOwnerServlet.java
        |                           `-- struts1
        |                               |-- DataCDActions.java
        |                               |-- DataCDForm.java
        |                               |-- DataCDInfoContextListener.java
        |                               |-- OwnerActions.java
        |                               `-- OwnerForm.java
        |-- resources
        |   |-- DataCDInfoResources.properties
        |   |-- DataCDInfoResources_en_US.properties
        |   |-- DataCDInfoResources_zh.properties.template
        |   `-- DataCDInfoResources_zh_CN.properties
        `-- webapp
            |-- META-INF
            |   |-- LICENSE
            |   |-- MANIFEST.MF
            |   `-- NOTICE
            |-- WEB-INF
            |   |-- geronimo-web.xml
            |   |-- struts-config.xml
            |   |-- validation.xml
            |   `-- web.xml
            |-- admin
            |   |-- adminhome.html
            |   |-- showCDs.jsp
            |   |-- showOwners.jsp
            |   `-- showPasswd.jsp
            |-- auth
            |   |-- logon.html
            |   `-- logonError.html
            |-- header.html
            |-- index.html
            `-- view
                `-- jsp
                    |-- AddCD.jsp
                    |-- ListCDs.jsp
                    |-- Logon.jsp
                    |-- Logout.jsp
                    |-- Register.jsp
                    |-- RemoveCD.jsp
                    `-- UpdateCD.jsp
</pre>
</div></div>

<h3><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-TheEARmodule"></a>The
EAR module</h3>

<p>The EAR module contains database creation scripts and the application deployment
plan. The application deployment plan will override the same configurations defined in the
EJB module and Web module.</p>

<p>In the application deployment plan, there are definitions about the web module context
root and the security realm used to authenticate the admin operations.</p>
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>Web
module definition in geronimo-application.xml</b></div><div class="codeContent
panelContent">
<pre class="code-xml">
...
<span class="code-tag">&lt;module&gt;</span>
    <span class="code-tag">&lt;web&gt;</span>DataCDInfo-JTA-war.war<span
class="code-tag">&lt;/web&gt;</span>
    <span class="code-tag">&lt;web-app xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1"</span>&gt;</span>
	<span class="code-tag">&lt;context-root&gt;</span>/DataCDInfo<span
class="code-tag">&lt;/context-root&gt;</span>
	<span class="code-tag">&lt;security-realm-name&gt;</span>geronimo-admin<span
class="code-tag">&lt;/security-realm-name&gt;</span>
    <span class="code-tag">&lt;/web-app&gt;</span>
<span class="code-tag">&lt;/module&gt;</span>
...
</pre>
</div></div>

<p>The DataCDInfo application uses the default geronimo security realm "geronimo-admin",
which is a file properties realm. To enable "superadmin" role used by this application, these
files shall be modified before starting Geronimo server:</p>
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>Add
a new group in &lt;geronimo_home&gt;/var/security/groups.properties</b></div><div
class="codeContent panelContent">
<pre class="code-xml">
...
superadmin=superman
...
</pre>
</div></div>

<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>Set
the password for the new user in &lt;geronimo_home&gt;/var/security/users.properties</b></div><div
class="codeContent panelContent">
<pre class="code-xml">
...
superman=password
...
</pre>
</div></div>

<div class='panelMacro'><table class='noteMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/warning.gif" width="16" height="16"
align="absmiddle" alt="" border="0"></td><td><p>The plain text password
will be encrypted when the geronimo server restarts.</p></td></tr></table></div>

<p>Two datasources are defined in the deployment plan. The "jdbc/DataCDInfoDS" is for
JTA use, the "jdbc/NoTxDataCDInfoDS" is for non-JTA use.</p>
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>Datasources
in geronimo-application.xml</b></div><div class="codeContent panelContent">
<pre class="code-xml">
...
<span class="code-tag">&lt;ext-module&gt;</span>
    <span class="code-tag">&lt;connector&gt;</span>DataCDInfoDataSource<span
class="code-tag">&lt;/connector&gt;</span>
    <span class="code-tag">&lt;external-path <span class="code-keyword">xmlns:dep</span>=<span
class="code-quote">"http://geronimo.apache.org/xml/ns/deployment-1.2"</span>&gt;</span>
	<span class="code-tag">&lt;dep:groupId&gt;</span>org.tranql<span class="code-tag">&lt;/dep:groupId&gt;</span>
	<span class="code-tag">&lt;dep:artifactId&gt;</span>tranql-connector-derby-embed-xa<span
class="code-tag">&lt;/dep:artifactId&gt;</span>
	<span class="code-tag">&lt;dep:type&gt;</span>rar<span class="code-tag">&lt;/dep:type&gt;</span>
    <span class="code-tag">&lt;/external-path&gt;</span>
    <span class="code-tag">&lt;connector xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/connector-1.2"</span>&gt;</span>
	<span class="code-tag">&lt;resourceadapter&gt;</span>
	    <span class="code-tag">&lt;outbound-resourceadapter&gt;</span>
		<span class="code-tag">&lt;connection-definition&gt;</span>
	  	    <span class="code-tag">&lt;connectionfactory-interface&gt;</span>javax.sql.DataSource<span
class="code-tag">&lt;/connectionfactory-interface&gt;</span>
		    <span class="code-tag">&lt;connectiondefinition-instance&gt;</span>
			<span class="code-tag">&lt;name&gt;</span>jdbc/DataCDInfoDS<span
class="code-tag">&lt;/name&gt;</span>
			<span class="code-tag">&lt;config-property-setting name=<span class="code-quote">"UserName"</span>&gt;</span><span
class="code-tag">&lt;/config-property-setting&gt;</span>
                        <span class="code-tag">&lt;config-property-setting name=<span
class="code-quote">"Password"</span>&gt;</span><span class="code-tag">&lt;/config-property-setting&gt;</span>
                        <span class="code-tag">&lt;config-property-setting name=<span
class="code-quote">"DatabaseName"</span>&gt;</span>cdinfodb<span class="code-tag">&lt;/config-property-setting&gt;</span>
                        <span class="code-tag">&lt;config-property-setting name=<span
class="code-quote">"CreateDatabase"</span>&gt;</span>true<span class="code-tag">&lt;/config-property-setting&gt;</span>
		    <span class="code-tag">&lt;connectionmanager&gt;</span>
			<span class="code-tag">&lt;xa-transaction&gt;</span>
		  	    <span class="code-tag">&lt;transaction-caching /&gt;</span>
			<span class="code-tag">&lt;/xa-transaction&gt;</span>
			<span class="code-tag">&lt;single-pool&gt;</span>
			    <span class="code-tag">&lt;max-size&gt;</span>100<span class="code-tag">&lt;/max-size&gt;</span>
			    <span class="code-tag">&lt;min-size&gt;</span>0<span class="code-tag">&lt;/min-size&gt;</span>
			    <span class="code-tag">&lt;blocking-timeout-milliseconds&gt;</span>5000<span
class="code-tag">&lt;/blocking-timeout-milliseconds&gt;</span>
			    <span class="code-tag">&lt;idle-timeout-minutes&gt;</span>30<span
class="code-tag">&lt;/idle-timeout-minutes&gt;</span>
			    <span class="code-tag">&lt;match-one /&gt;</span>
			<span class="code-tag">&lt;/single-pool&gt;</span>
		    <span class="code-tag">&lt;/connectionmanager&gt;</span>
		<span class="code-tag">&lt;/connectiondefinition-instance&gt;</span>
		&lt;!-- This non-transaction data source is for sequence generation use. Without it,
		the geronimo will throw exception when persisting entities which require sequence
		generation. --&gt;
		<span class="code-tag">&lt;connectiondefinition-instance&gt;</span>
                    <span class="code-tag">&lt;name&gt;</span>jdbc/NoTxDataCDInfoDS<span
class="code-tag">&lt;/name&gt;</span>
                    <span class="code-tag">&lt;config-property-setting name=<span
class="code-quote">"UserName"</span>&gt;</span><span class="code-tag">&lt;/config-property-setting&gt;</span>
                    <span class="code-tag">&lt;config-property-setting name=<span
class="code-quote">"Password"</span>&gt;</span><span class="code-tag">&lt;/config-property-setting&gt;</span>
                    <span class="code-tag">&lt;config-property-setting name=<span
class="code-quote">"DatabaseName"</span>&gt;</span>cdinfodb<span class="code-tag">&lt;/config-property-setting&gt;</span>
                    <span class="code-tag">&lt;config-property-setting name=<span
class="code-quote">"CreateDatabase"</span>&gt;</span>true<span class="code-tag">&lt;/config-property-setting&gt;</span>
                         <span class="code-tag">&lt;connectionmanager&gt;</span>
                             <span class="code-tag">&lt;no-transaction/&gt;</span>
                             <span class="code-tag">&lt;single-pool&gt;</span>
                                 <span class="code-tag">&lt;max-size&gt;</span>10<span
class="code-tag">&lt;/max-size&gt;</span>
                                 <span class="code-tag">&lt;min-size&gt;</span>0<span
class="code-tag">&lt;/min-size&gt;</span>
                                 <span class="code-tag">&lt;blocking-timeout-milliseconds&gt;</span>5000<span
class="code-tag">&lt;/blocking-timeout-milliseconds&gt;</span>
                                 <span class="code-tag">&lt;idle-timeout-minutes&gt;</span>30<span
class="code-tag">&lt;/idle-timeout-minutes&gt;</span>
                                 <span class="code-tag">&lt;match-one/&gt;</span>
                             <span class="code-tag">&lt;/single-pool&gt;</span>
                         <span class="code-tag">&lt;/connectionmanager&gt;</span>
               <span class="code-tag">&lt;/connectiondefinition-instance&gt;</span>
	     <span class="code-tag">&lt;/connection-definition&gt;</span>
          <span class="code-tag">&lt;/outbound-resourceadapter&gt;</span>
        <span class="code-tag">&lt;/resourceadapter&gt;</span>
    <span class="code-tag">&lt;/connector&gt;</span>
<span class="code-tag">&lt;/ext-module&gt;</span>
...
</pre>
</div></div>

<p>To map the application security roles to geronimo security roles, the deployment
plan includes as below:</p>
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>Security
Roles Mapping in geronimo-application.xml</b></div><div class="codeContent
panelContent">
<pre class="code-xml">
...
  <span class="code-tag">&lt;security <span class="code-keyword">xmlns:sec</span>=<span
class="code-quote">"http://geronimo.apache.org/xml/ns/security-2.0"</span>&gt;</span>
    <span class="code-tag">&lt;sec:default-principal&gt;</span>
      <span class="code-tag">&lt;sec:principal class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"</span>
name=<span class="code-quote">"anonymous"</span>/&gt;</span>
    <span class="code-tag">&lt;/sec:default-principal&gt;</span>
    <span class="code-tag">&lt;sec:role-mappings&gt;</span>
      <span class="code-tag">&lt;sec:role role-name=<span class="code-quote">"admin"</span>&gt;</span>
        <span class="code-tag">&lt;sec:principal class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>
name=<span class="code-quote">"admin"</span>/&gt;</span>
        <span class="code-tag">&lt;sec:principal class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"</span>
name=<span class="code-quote">"system"</span>/&gt;</span>
      <span class="code-tag">&lt;/sec:role&gt;</span>
      <span class="code-tag">&lt;sec:role role-name=<span class="code-quote">"superadmin"</span>&gt;</span>
        <span class="code-tag">&lt;sec:principal class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>
name=<span class="code-quote">"superadmin"</span>/&gt;</span>
        <span class="code-tag">&lt;sec:principal class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"</span>
name=<span class="code-quote">"superman"</span>/&gt;</span>
      <span class="code-tag">&lt;/sec:role&gt;</span>
    <span class="code-tag">&lt;/sec:role-mappings&gt;</span>
  <span class="code-tag">&lt;/security&gt;</span>
...
</pre>
</div></div>

<p>Besides the default deployment plan, there is another plan for MySQL database. You
can use it like this:</p>
<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>Deploy
DataCDInfo with MySQL database</b></div><div class="codeContent panelContent">
<pre class="code-java">
&lt;geronimo_home&gt;/bin/deploy.sh|bat deploy &lt;samples_home&gt;/samples/DataCDInfo/DataCDInfo-JTA-ear/target/DataCDInfo-JTA-ear-2.2.ear
&lt;samples_home&gt;/samples/DataCDInfo/DataCDInfo-JTA-ear/target/DataCDInfo-JTA-ear-2.2/META-INF/geronimo-application-mysql.xml
</pre>
</div></div>

<div class='panelMacro'><table class='noteMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/warning.gif" width="16" height="16"
align="absmiddle" alt="" border="0"></td><td><p>You need to install proper
mysql jdbc driver into geronimo repository first before deploying DataCDInfo with MySQL deployment
plan.</p></td></tr></table></div>

<p>The maven project layout of the EAR module as follows:</p>
<div class="preformatted panel" style="background-color: #FFFFFF;border-color: #FFFFFF;border-style:
solid;border-width: 1px;"><div class="preformattedContent panelContent" style="background-color:
#FFFFFF;">
<pre>|-- pom.xml
`-- src
    `-- main
        `-- resources
            |-- DataCDInfo_tables_derby.sql
            |-- DataCDInfo_tables_mysql.sql
            `-- META-INF
                |-- application.xml
                |-- geronimo-application-mysql.xml
                `-- geronimo-application.xml
</pre>
</div></div>

<h1><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-RunApplication"></a>Run
Application</h1>

<h2><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-Usinggeronimoadminconsoletodeploytheapplication."></a>Using
geronimo admin console to deploy the application.</h2>


<h2><a name="DataCDInfo--AsampleaboutStruts1%2BEJB%2BJPA%2BJTA%2BSecurityAnnotations-RunningDataCDInfo"></a>Running
DataCDInfo</h2>

<p>If you just use "admin" role(for example, use "system" account defined in the geronimo-admin
realm) to pass the authentication of DataCDInfo Admin resources, you will see an exception
like this when trying to view owner's password.</p>
     </div>
     <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href="http://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
       </div>

       <a href="http://cwiki.apache.org/confluence/pages/viewpage.action?pageId=12845504">View
Online</a>
       |
       <a href="http://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=12845504&revisedVersion=5&originalVersion=4">View
Change</a>
              |
       <a href="http://cwiki.apache.org/confluence/pages/viewpage.action?pageId=12845504&showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message