geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: Automatically updating a DB pool
Date Sat, 22 Aug 2009 08:01:11 GMT

On Aug 21, 2009, at 2:18 PM, David Jencks wrote:

>
> On Aug 21, 2009, at 10:59 AM, ericp56 wrote:
>
>>
>> I have some DB Pools I need to change the password every two months.
>>
>> 18 pools * 10 servers = the need for automation.
>>
>> On a Geronimo 2.1.3 server:
>>
>> for server in server1 server2 server3 server4 etc
>> do
>>       echo "Updating $server "
>>       $JAVA_HOME/bin/java -jar bin/deployer.jar -host $server -u  
>> $GER_USER
>> -p $GER_PWD redeploy $DEPLOYMENT
>> _PLAN
>> repository/org/tranql/tranql-connector-ra/1.4/tranql-connector- 
>> ra-1.4.rar
>> done
>>
>> When I run this, the applications that have dependencies on these  
>> pools
>> stop.
>>
>> What's the best way to go from here?
>>
>> I'll eventually be using gsh instead of deployer.jar, if that  
>> matters.
>>
>> Should I just add steps to start all the apps that stop?
>
> no :-)
>
> There are a couple of ways to proceed here.
>
> 1. direct configuration (probably simpler).  For each pool, get a  
> bit into var/config/config.xml that overrides the password from the  
> deployed connector.  I would actually recommend using a substitution  
> variable and keeping the value in var/config/config- 
> substitutions.properties.  In 2.2 and trunk these passwords will get  
> obscured with encryption at least in the config.xml file: I'm not so  
> sure about config-substitutions.properties or 2.1.x.

I left something out here.... you then need to restart the connector  
plugin(s).  Unlike redeploy, this keeps track of what got stopped and  
restarts it again.


>
> 2. configuration from your security realm.  It's also possible to  
> have your securiy relam add PasswordCredentials to each logged in  
> Subject that are named for the managed connection factory and supply  
> the credentials for the MCF (ie your pool connections).  You could  
> set this up to read the passwords from wherever you want, possibly a  
> server-independent location, maybe ldap.
>
This way would probably also involve restarting the connector plugins.

thanks
david jencks

> this is only a sketch of what is possible... feel free to ask for  
> more details if you like.
>
> thanks
> david jencks
>
>>
>> Should I report it to JIRA?  I would have expected all the  
>> dependent apps to
>> reload, too.
>>
>>
>> -- 
>> View this message in context: http://www.nabble.com/Automatically-updating-a-DB-pool-tp25084631s134p25084631.html
>> Sent from the Apache Geronimo - Users mailing list archive at  
>> Nabble.com.
>>
>


Mime
View raw message