JBoss EAP 6 FAQ

1. Jboss EAP 6 配置 URI_ENCODING

In order to set UTF-8 for URI encoding you have to edit the JBOSS_HOME/standalone/configuration/standalone.xml file and add a system property named org.apache.catalina.connector.URI_ENCODING,(with value set to UTF-8) to the system-properties element.
Below is the code that needs to be added to the configuration file you use:

<system-properties>
    <property name="org.apache.catalina.connector.URI_ENCODING" value="UTF-8"/>
    <property name="org.apache.catalina.connector.USE_BODY_ENCODING_FOR_QUERY_STRING" value="true"/>
</system-properties>

Please note that the system-properties node has to be placed directly under the extensions node, in standalone.xml file, or you will get parse errors.

 

You can go to the jboss maven repository to download the jbossweb source code (org/jboss/web/jbossweb/) and view the code of org.apache.catalina.connector.Connector (jboss module: org\jboss\as\web\main\jbossweb-vesionxx.jar )

 

There is also an encoding-related parameter file.encoding, which can be configured in JAVA_OPTS of standalone.conf/standalone.conf.bat:

set "JAVA_OPTS=%JAVA_OPTS% -Dfile.encoding=UTF-8

 

2. javax.xml.transform.TransformerConfigurationException: Translet class loaded, but unable to create translet instance

The same ear package is normal when deployed in EAP 6. When deployed in wildfly 8, the above error is reported. The reason is that I use opensaml, and the version is inconsistent with that provided by wildfly itself, resulting in a conflict of related xml jars. Change to the same version and restore it Normal (it is recommended to use the package that comes with jboss).

 

3. Driver's Blob representation is of an unsupported type: oracle.sql.BLOB

Delete the Oracle driver package in the classpath and configure it in the JBoss module instead.

 

4. JBoss EAP 6 as RHEL 7 service

The default startup timeout for the service is 1min 30s. You can add the following configuration to the service configuration to extend the timeout:

TimeoutStartSec=10min

For more Service parameters, please refer to systemd.service — Service unit configuration

 

5. TransactionReaper check timeout for TX

Things timed out, modify the timeout in EAP 6 standalone.xml

<subsystem xmlns="urn:jboss:domain:transactions:1.5">
            <core-environment>
                <process-id>
                    <uuid/>
                </process-id>
            </core-environment>
            <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
            <coordinator-environment default-timeout="1800"/>
</subsystem>

 

6. Ldap configuration example

<security-domain name="web-security" cache-type="default">
    <authentication>
        <login-module code="Ldap" flag="required">
            <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
            <module-option name="java.naming.provider.url" value="ldap://boms-prod-file.iata-asd.com:389/"/>
            <module-option name="java.naming.security.authentication" value="simple"/>
            <module-option name="principalDNPrefix" value="uid="/>
            <module-option name="principalDNSuffix" value=",ou=People,dc=bjs,dc=iata,dc=org"/>
            <module-option name="rolesCtxDN" value="ou=Roles,dc=bjs,dc=iata,dc=org"/>
            <module-option name="uidAttributeID" value="uniquemember"/>
            <module-option name="matchOnUserDN" value="true"/>
            <module-option name="roleAttributeID" value="cn"/>
            <module-option name="roleAttributeIsDN" value="false"/>
        </login-module>
    </authentication>
</security-domain>

Attachment: Display the log when starting ldap, execute the following command:
/usr/local/libexec/slapd -d -1

 

7. Encrypt database password

1) Setup a Java Keystore to store key for password encryption

利用java keytool执行以下命令：
keytool -genseckey -alias vault -storetype jceks -keyalg AES -keysize 128 -storepass vault22 -keypass vault22 -validity 730 –keystore EAP_HOME/vault/vault.keystore
2) Initialize the Password Vault and store password in the Password Vault
EAP_HOME/bin/vault.sh --keystore EAP_HOME/vault/vault.keystore --keystore-password vault22 --alias vault --vault-block ds_boms --attribute password --sec-attr test --enc-dir EAP_HOME/vault/ --iteration 120 --salt 1234abcd
3) Configure JBoss EAP 6 to use the Password Vault

登录Jboss CLI执行以下命令：
/core-service=vault:add(vault-options=[("KEYSTORE_URL" => "EAP_HOME/vault/vault.keystore"), ("KEYSTORE_PASSWORD" => "MASK-5dOaAVafCSd"), ("KEYSTORE_ALIAS" => "vault"), ("SALT" => "1234abcd"),("ITERATION_COUNT" => "120"), ("ENC_FILE_DIR" => "EAP_HOME/vault/")])
4) Datasource Definition Using a Password in Masked Form
<password>${VAULT::ds_boms::password::1}</password>

For more information see: Password Vaults for Sensitive Strings

 

8, Set the log time zone

When using %z, be sure to put it before %d:

%z{GMT+8}%d{HH:mm:ss,SSS}

 

9. Configure HTTPS

<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https">
   <ssl name="https" key-alias="alias" password="12345678" certificate-key-file="${jboss.server.config.dir}\keystore.jks"/>
</connector>

 

10. Automatically delete JSP compiled classes

By default, the lib under vfs will be automatically deleted when undeploy, but the files in the work directory will not be deleted, and JSP will not be recompiled when deploying. Increase the system parameter org.jboss.as.web.deployment.DELETE_WORK_DIR_ONCONTEXTDESTROY=true, then restart Jboss, it will be automatically deleted next time undeploy.

 

11. java.sql.SQLException: javax.resource.ResourceException: IJ000457: Unchecked throwable in managedConnectionReconnected

Use xa datasource, and add the following parameters:

<xa-pool>
   <is-same-rm-override>false</is-same-rm-override>
   <no-tx-separate-pools/>
/xa-pool>

 

12. Remove x-powered-by header

Add jsp-configuration to domain:web

<subsystem xmlns="urn:jboss:domain:web:2.2" default-virtual-server="default-host" native="false">
    <configuration>
        <jsp-configuration x-powered-by="false"/>
    </configuration>
</subsystem>

 If using JSF, add in web.xml:

<context-param>
        <param-name>com.sun.faces.sendPoweredByHeader</param-name>
        <param-value>false</param-value>
</context-param>

 

13. JNDI Datasource placement

 This method is not used much. Generally, the JPA method is used, which may be used to upgrade the old system.

1) Add the following configuration to jboss-web.xml 

<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
       <resource-ref>
        <res-ref-name>jdbc/ExampleDS</res-ref-name>
        <res-type>javax.sql.DataSource</res-type>
        <jndi-name>java:jboss/datasources/ExampleDS</jndi-name>
    </resource-ref>
</jboss-web>

2) Add the following configuration to web.xml

<resource-ref>
  <res-ref-name>jdbc/ExampleDS</res-ref-name>
  <res-type>javax.sql.DataSource</res-type>
  <res-auth>Container</res-auth>
</resource-ref>

3) Java code

Context ctx = new InitialContext();
DataSource ds = (javax.sql.DataSource) ctx.lookup("java:comp/env/jdbc/ExampleDS");

Note: J2EE specification, JDBC DataSource must use java:comp/env/jdbc subcontext.

 

Jboss EAP 6.4 Administration and Configuration Guide

Jboss EAP 6.4 Development Guide

Control the order of Deployed Applications on JBoss EAP 6

Running Multiple JBoss EAP Standalone Servers on a Single Machine

Replace the Default Welcome Web Application

Setting up an SSL/TLS Connector

Ldap Login Module

JBoss EAP 6 Performance Tuning

JBoss EAP 6 Temporary Queues and Runtime Queues

Jboss Web System Properties

Patching JBoss EAP 6

J2EE and JNDI - The Application Component Environment