1. Jboss EAP 6 配置 URI_ENCODING
In order to set UTF-8 for URI encoding you have to edit the JBOSS_HOME/standalone/configuration/standalone.xml file and add a system property named org.apache.catalina.connector.URI_ENCODING,(with value set to UTF-8) to the system-properties element.
Below is the code that needs to be added to the configuration file you use:
<system-properties> <property name="org.apache.catalina.connector.URI_ENCODING" value="UTF-8"/> <property name="org.apache.catalina.connector.USE_BODY_ENCODING_FOR_QUERY_STRING" value="true"/> </system-properties>
Please note that the system-properties node has to be placed directly under the extensions node, in standalone.xml file, or you will get parse errors.
You can go to the jboss maven repository to download the jbossweb source code (org/jboss/web/jbossweb/) and view the code of org.apache.catalina.connector.Connector (jboss module: org\jboss\as\web\main\jbossweb-vesionxx.jar )
There is also an encoding-related parameter file.encoding, which can be configured in JAVA_OPTS of standalone.conf/standalone.conf.bat:
set "JAVA_OPTS=%JAVA_OPTS% -Dfile.encoding=UTF-8
2. javax.xml.transform.TransformerConfigurationException: Translet class loaded, but unable to create translet instance
The same ear package is normal when deployed in EAP 6. When deployed in wildfly 8, the above error is reported. The reason is that I use opensaml, and the version is inconsistent with that provided by wildfly itself, resulting in a conflict of related xml jars. Change to the same version and restore it Normal (it is recommended to use the package that comes with jboss).
3. Driver's Blob representation is of an unsupported type: oracle.sql.BLOB
Delete the Oracle driver package in the classpath and configure it in the JBoss module instead.
4. JBoss EAP 6 as RHEL 7 service
The default startup timeout for the service is 1min 30s. You can add the following configuration to the service configuration to extend the timeout:
TimeoutStartSec=10min
For more Service parameters, please refer to systemd.service — Service unit configuration
5. TransactionReaper check timeout for TX
Things timed out, modify the timeout in EAP 6 standalone.xml
<subsystem xmlns="urn:jboss:domain:transactions:1.5">
<core-environment>
<process-id>
<uuid/>
</process-id>
</core-environment>
<recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
<coordinator-environment default-timeout="1800"/>
</subsystem>
6. Ldap configuration example
<security-domain name="web-security" cache-type="default">
<authentication>
<login-module code="Ldap" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://boms-prod-file.iata-asd.com:389/"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="principalDNPrefix" value="uid="/>
<module-option name="principalDNSuffix" value=",ou=People,dc=bjs,dc=iata,dc=org"/>
<module-option name="rolesCtxDN" value="ou=Roles,dc=bjs,dc=iata,dc=org"/>
<module-option name="uidAttributeID" value="uniquemember"/>
<module-option name="matchOnUserDN" value="true"/>
<module-option name="roleAttributeID" value="cn"/>
<module-option name="roleAttributeIsDN" value="false"/>
</login-module>
</authentication>
</security-domain>
Attachment: Display the log when starting ldap, execute the following command:
/usr/local/libexec/slapd -d -1
7. Encrypt database password
1) Setup a Java Keystore to store key for password encryption
利用java keytool执行以下命令:
keytool -genseckey -alias vault -storetype jceks -keyalg AES -keysize 128 -storepass vault22 -keypass vault22 -validity 730 –keystore EAP_HOME/vault/vault.keystore
2) Initialize the Password Vault and store password in the Password Vault
EAP_HOME/bin/vault.sh --keystore EAP_HOME/vault/vault.keystore --keystore-password vault22 --alias vault --vault-block ds_boms --attribute password --sec-attr test --enc-dir EAP_HOME/vault/ --iteration 120 --salt 1234abcd
3) Configure JBoss EAP 6 to use the Password Vault
登录Jboss CLI执行以下命令:
/core-service=vault:add(vault-options=[("KEYSTORE_URL" => "EAP_HOME/vault/vault.keystore"), ("KEYSTORE_PASSWORD" => "MASK-5dOaAVafCSd"), ("KEYSTORE_ALIAS" => "vault"), ("SALT" => "1234abcd"),("ITERATION_COUNT" => "120"), ("ENC_FILE_DIR" => "EAP_HOME/vault/")])
4) Datasource Definition Using a Password in Masked Form
<password>${VAULT::ds_boms::password::1}</password>
For more information see: Password Vaults for Sensitive Strings
8, Set the log time zone
When using %z, be sure to put it before %d:
%z{GMT+8}%d{HH:mm:ss,SSS}
9. Configure HTTPS
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https"> <ssl name="https" key-alias="alias" password="12345678" certificate-key-file="${jboss.server.config.dir}\keystore.jks"/> </connector>
10. Automatically delete JSP compiled classes
By default, the lib under vfs will be automatically deleted when undeploy, but the files in the work directory will not be deleted, and JSP will not be recompiled when deploying. Increase the system parameter org.jboss.as.web.deployment.DELETE_WORK_DIR_ONCONTEXTDESTROY=true, then restart Jboss, it will be automatically deleted next time undeploy.
11. java.sql.SQLException: javax.resource.ResourceException: IJ000457: Unchecked throwable in managedConnectionReconnected
Use xa datasource, and add the following parameters:
<xa-pool>
<is-same-rm-override>false</is-same-rm-override>
<no-tx-separate-pools/>
/xa-pool>
12. Remove x-powered-by header
Add jsp-configuration to domain:web
<subsystem xmlns="urn:jboss:domain:web:2.2" default-virtual-server="default-host" native="false"> <configuration> <jsp-configuration x-powered-by="false"/> </configuration> </subsystem>If using JSF, add in web.xml:
<context-param> <param-name>com.sun.faces.sendPoweredByHeader</param-name> <param-value>false</param-value> </context-param>
13. JNDI Datasource placement
This method is not used much. Generally, the JPA method is used, which may be used to upgrade the old system.
1) Add the following configuration to jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?> <jboss-web> <resource-ref> <res-ref-name>jdbc/ExampleDS</res-ref-name> <res-type>javax.sql.DataSource</res-type> <jndi-name>java:jboss/datasources/ExampleDS</jndi-name> </resource-ref> </jboss-web>
2) Add the following configuration to web.xml
<resource-ref> <res-ref-name>jdbc/ExampleDS</res-ref-name> <res-type>javax.sql.DataSource</res-type> <res-auth>Container</res-auth> </resource-ref>
3) Java code
Context ctx = new InitialContext(); DataSource ds = (javax.sql.DataSource) ctx.lookup("java:comp/env/jdbc/ExampleDS");
Note: J2EE specification, JDBC DataSource must use java:comp/env/jdbc subcontext.
Jboss EAP 6.4 Administration and Configuration Guide
Jboss EAP 6.4 Development Guide
Control the order of Deployed Applications on JBoss EAP 6
Running Multiple JBoss EAP Standalone Servers on a Single Machine
Replace the Default Welcome Web Application
Setting up an SSL/TLS Connector
JBoss EAP 6 Performance Tuning