Wildfly 22.0.1 Fails to deploy EAR with a MariaDB datasource - mariadb

I have installed Wildfly 22.0.1.
I added a MariaDB connector and a datasource in the standalone.xml:
<datasource jndi-name="java:jboss/datasources/BeckDS" pool-name="BeckDB">
<connection-url>jdbc:mariadb://localhost/tube</connection-url>
<driver-class>org.mariadb.jdbc.Driver</driver-class>
<driver>mariadb</driver>
<security>
<user-name>username</user-name>
<password>redacted</password>
</security>
<validation>
<valid-connection-checker
class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLValidConnectionChecker"/>
<validate-on-match>true</validate-on-match>
<background-validation>false</background-validation>
<exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter"/>
</validation>
</datasource>
Which I connects just fine when I test it in the HAL Management Console.
The problem occurs when I try deploying my EAR with the following persistence.xml file in the EJB jar file.:
<persistence version="2.2"
xmlns="http://java.sun.com/xml/ns/persistence"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_2.xsd">
<persistence-unit name="BeckPU">
<provider>org.hibernate.jpa.HibernatePersistenceProvider</provider>
<jta-data-source>java:jboss/datasources/BeckDS</jta-data-source>
<properties>
<property name="hibernate.dialect" value="org.hibernate.dialect.MariaDB53Dialect"/>
<property name="hibernate.show_sql" value="true" />
<property name="hibernate.connection.maxIdleTime" value="60"/>
<property name="hibernate.archive.autodetection" value="class, hbm"/>
<property name="hibernate.dbcp.maxActive" value="8" />
<property name="hibernate.dbcp.maxIdle" value="8" />
<property name="hibernate.dbcp.maxWait" value="-1" />
<property name="hibernate.dbcp.whenExhaustedAction" value="1" />
<property name="hibernate.dbcp.testOnBorrow" value="true" />
<property name="hibernate.dbcp.testOnReturn" value="true" />
<property name="hibernate.dbcp.validationQuery" value="SELECT 1" />
</properties>
</persistence-unit>
</persistence>
The following error is reported on deployment:
WFLYSRV0027: Starting deployment of "beck-ear.ear" (runtime-name: "beck-ear.ear")
WFLYSRV0207: Starting subdeployment (runtime-name: "beck-war.war")
WFLYSRV0207: Starting subdeployment (runtime-name: "beck-ejbs.jar")
WFLYJPA0002: Read persistence.xml for BeckPU
JIPIORMV53020253: Second level cache enabled for beck-ear.ear/beck-ejbs.jar#BeckPU
WFLYJPA0010: Starting Persistence Unit (phase 1 of 2) Service 'beck-ear.ear/beck-ejbs.jar#BeckPU'
HHH000204: Processing PersistenceUnitInfo [
name: BeckPU
...]
Operation ("full-replace-deployment") failed - address: ([]) - failure description: {
"WFLYCTL0412: Required services that are not installed:" => [
"jboss.deployment.subunit.\"beck-ear.ear\".\"beck-ejbs.jar\".deploymentCompleteService",
"jboss.persistenceunit.\"beck-ear.ear/beck-ejbs.jar#BeckPU\""
],
"WFLYCTL0180: Services with missing/unavailable dependencies" => [
"jboss.deployment.subunit.\"beck-ear.ear\".\"beck-war.war\".component.\"jakarta.servlet.jsp.jstl.tlv.ScriptFreeTLV\".START is missing [jboss.persistenceunit.\"beck-ear.ear/beck-ejbs.jar#BeckPU\"]",
"jboss.deployment.unit.\"beck-ear.ear\".deploymentCompleteService is missing [jboss.deployment.subunit.\"beck-ear.ear\".\"beck-ejbs.jar\".deploymentCompleteService]",
"jboss.deployment.subunit.\"beck-ear.ear\".\"beck-war.war\".component.\"jakarta.servlet.jsp.jstl.tlv.PermittedTaglibsTLV\".START is missing [jboss.persistence unit.\"beck-ear.ear/beck-ejbs.jar#BeckPU\"]"
]
}
As always, many thanks for any help offered.
Dobbo

Related

No Persistence provider for EntityManager named?

when I try to create a bean entityManager, I get the error No Persistence provider for EntityManager named DB
My persistence.xml
<?xml version="1.0" encoding="UTF-8"?>
<persistence xmlns="http://xmlns.jcp.org/xml/ns/persistence"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/persistence
http://xmlns.jcp.org/xml/ns/persistence/persistence_2_1.xsd"
version="2.1">
<persistence-unit name="DB">
<provider>org.hibernate.jpa.HibernatePersistenceProvider</provider>
<properties>
<property name="javax.persistence.jdbc.url" value="jdbc:postgresql://localhost:5432/bot" />
<property name="javax.persistence.jdbc.user" value="postgres" />
<property name="javax.persistence.jdbc.password" value="1006" />
<property name="javax.persistence.jdbc.driver" value="org.postgresql.Driver" />
<property name="hibernate.show_sql" value="true" />
<property name="hibernate.format_sql" value="true" />
</properties>
</persistence-unit>
</persistence>
path persistence.xml:
scr
main
java
com.org.ru
META-INF
persistence.xml

Switch on/off IBM MQ listener based on flag from DB

This is an existing monolith app and fix is required without a drastic change of the setup.
Project setup:
project 1 (config) - > where all mq-xml files are present (e.g - ibm_mq_config.xml)
e.g - content of dev_bm_mq.xml
${hname}
${port}
${qmgr}
1
<!-- JMS Queue Connection Factory -->
<bean id="jmsQueueIdsConnectionFactory"
class="org.springframework.jms.connection.SingleConnectionFactory">
<property name="targetConnectionFactory">
<ref bean="mqIdsConnectionFactory" />
</property>
</bean>
<!-- JMS Destination Resolver -->
<bean id="jmsDestinationResolver"
class="org.springframework.jms.support.destination.DynamicDestinationResolver">
</bean>
<!-- JMS Queue Template -->
<bean id="jmsQueueIdsTemplate" class="org.springframework.jms.core.JmsTemplate">
<property name="connectionFactory">
<ref bean="jmsQueueIdsConnectionFactory" />
</property>
<property name="defaultDestinationName">
<value>${myQUEUE}</value>
</property>
<property name="pubSubDomain">
<value>false</value>
</property>
<property name="receiveTimeout">
<value>20000</value>
</property>
</bean>
<bean id="jmsContainer"
class="org.springframework.jms.listener.DefaultMessageListenerContainer">
<property name="connectionFactory" ref="jmsQueueConnectionFactory" />
<property name="destinationName">
<value>${myQUEUE}</value>
</property>
<property name="messageListener" ref="simpleMessageListener" />
<property name="concurrentConsumers" value="2" />
<property name="maxConcurrentConsumers" value="3" />
<property name="idleTaskExecutionLimit" value="4" />
<property name="maxMessagesPerTask" value="4" />
<property name="receiveTimeout" value="5000" />
<property name="recoveryInterval" value="5000" />
<property name="sessionTransacted" value="true" />
</bean>
****Project B (App)****
loads the spring xml from project config as below:
WebContent/WEB-INF/spring/sprint-context.xm
<import resource="classpath*:com/my/package/${config.env}-${config-broker}.mq.xml"
public class TestMessageListener implements MessageListener {
public void onMessage(Message message) {
//process the message
}
}
When the server starts up, it's able to start the server and setup the listener without any issues.
Issue with the above setup : When we scale the app horizontally (add few nodes ), it's gives max channel issues which I am trying to solve.
Requirement:
based on a DB table I want to turn off the mq listener on few nodes on the fly. or when I horizontally scale the app.
e.g -
Table:mq-config
|host|broker|flag
-----------------------------
|qa5|ibm|false
|qa2|ibm|true
So, I want mq listener on qa5 not to start and qa2 to start and listen to the Queue. Also, I want to stop/start listener on the fly (just by updating the DB)
Question - Any thoughts on how do I achieve the above use case without re-writing the entire setup.

Inject the listener container (e.g. #Autowired).
Then
jmsContainer.stop();
jmsContainer.shutdown();
...
jmsContainer.initialize();
jmsContainer.start();
You can also set the autoStartup property to false to prevent the container from starting during application initialization (but don't call initialize() before the first start() - only after calling shutdown().

Unable to connect Orbeon Remote Server using Orbeon-Auth + Tomcat 8

I want to connect to the Orbeon Remote Server which runs on Tomcat 8, using orbeon-auth application which was provided by Orbeon.
I have created the users and roles in remote server
tomcat-users.xml.
Having default realm in server.xml.
Added below properties in properties-local.xml.
<!-- Security Settings -->
<property as="xs:string" name="oxf.fr.authentication.method" value="container" />
<property as="xs:string" name="oxf.fr.authentication.container.roles" value="orbeon-service" />
<property as="xs:anyURI" processor-name="oxf:page-flow" name="authorizer" value="/orbeon-auth" />
<property as="xs:string" name="oxf.http.state" value="none" />
<property as="xs:string" name="oxf.http.forward-headers" value="Cookie" />
<property as="xs:string" name="oxf.http.forward-cookies" value=" JSESSIONID
iPlanetDirectoryPro" />
<property as="xs:integer" name="oxf.http.so-timeout" value="0" />
<property as="xs:boolean" name="oxf.http.exceptions" value="true" />
<property as="xs:string" processor-name="oxf:page-flow" name="page-public-methods" value="GET HEAD POST PUT DELETE" />
<property as="xs:string" processor-name="oxf:page-flow" name="service-public-methods" value="GET HEAD POST PUT DELETE" />
<property as="xs:anyURI" name="oxf.url-rewriting.service.base-uri" value="http://localhost:8080/forms" />
<property as="xs:anyURI" name="oxf.fr.persistence.exist.uri" value="http://localhost:8080/forms/fr/service/exist" />
<property as="xs:anyURI" name="oxf.fr.persistence.exist.exist-uri" value="http://localhost:8080/forms/exist/rest/db/orbeon/fr" />
And my web.xml contains BASIC authentication with role based configurations.
<security-constraint>
<display-name>No Restriction</display-name>
<web-resource-collection>
<url-pattern>/fr/service/*</url-pattern>
<url-pattern>/fr/style/*</url-pattern>
<url-pattern>/fr/login</url-pattern>
<url-pattern>/xforms-server</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
</security-constraint>
<security-constraint>
<display-name>With Restriction</display-name>
<web-resource-collection>
<web-resource-name>Portal</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>orbeon-service</role-name>
</auth-constraint>
</security-constraint>
But, with all these configurations, when I try to give the orbeon-admin credentials in the local server, it's unable to authenticate, instead provides this log.
xf:submission for submission id: fr-default-submission, error code received when submitting instance: 401
PageFlowControllerProcessor - unauthorized {controller: "oxf:/apps/fr/page-flow.xml", method: "GET", path: "/fr/service/persistence/form", status-code: "401"}
Can any one please help me to fix this issue?

In sbt, how can I publish to a resolver defined in an external ivy settings file?

We have numerous ant-based projects which depend on a single ivysettings.xml where our ivy resolvers are defined. I'm creating a new sbt-based project, and according to the DRY principle, I'd like for sbt to also depend on this same ivysettings.xml file (rather than attempting to re-defining the resolvers within the sbt script). This turned out to be really easy, using externalIvySettings() -- at least, for resolving dependencies.
However, we also need to publish to one of the resolvers defined in the file. In ant, this is really easy: <ivy:publish resolver="..." />", however with sbt I'm stumped. Sbt has a publishTo setting which can be used to define a resolver to publish to, but I don't want to define a new resolver. Instead, I want to pull a resolver out of the settings loaded by externalIvySettings(), and pass this to publishTo. Is this possible?
Edit:
Here is the ivysettings.xml file as requested. We want to publish to the "modules" resolver.
<ivysettings>
<properties file="${ivy.settings.dir}/ivysettings.properties" />
<settings defaultResolver="default" defaultResolveMode="dynamic"/>
<property name="x1.resolver" value="x1-fs" override="false"/>
<property name="x2.resolver" value="x2-fs" override="false"/>
<property name="x1.ivy.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<property name="x1.artifact.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<property name="x2.ivy.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<property name="x2.artifact.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<property name="local.root" value="${ivy.default.ivy.user.dir}/x1-local" override="true"/>
<property name="local.ivy.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<property name="local.artifact.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<property name="modules.root" value="${ivy.settings.dir}/ivy/published" override="true"/>
<property name="modules.ivy.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<property name="modules.artifact.pattern" value="[organisation]/[module]/[revision]/[type]s/[artifact].[ext]" override="true"/>
<!-- some default values for paths to the x2 and x1 repositories; these should be overridden in ivysettings.properties -->
<property name="x2.fs.root" value="${ivy.settings.dir}/ivy/x2root" override="false"/>
<property name="x1.fs.root" value="${ivy.settings.dir}/ivy/x1root" override="false"/>
<property name="ivy.cache.dir" value="${ivy.settings.dir}/ivy/cache"/>
<caches defaultCacheDir="${ivy.cache.dir}"/>
<resolvers>
<filesystem name="x1-fs">
<ivy pattern="${x1.fs.root}/${x1.ivy.pattern}" />
<artifact pattern="${x1.fs.root}/${x1.artifact.pattern}" />
</filesystem>
<filesystem name="x2-fs">
<ivy pattern="${x2.fs.root}/${x2.ivy.pattern}" />
<artifact pattern="${x2.fs.root}/${x2.artifact.pattern}" />
</filesystem>
<chain name="x1">
<resolver ref="${x1.resolver}"/>
</chain>
<chain name="x2">
<resolver ref="${x2.resolver}"/>
</chain>
<filesystem name="local">
<ivy pattern="${local.root}/${local.ivy.pattern}" />
<artifact pattern="${local.root}/${local.artifact.pattern}" />
</filesystem>
<filesystem name="modules" checkmodified="true" changingPattern="*" changingMatcher="glob">
<ivy pattern="${modules.root}/${modules.ivy.pattern}" />
<artifact pattern="${modules.root}/${modules.artifact.pattern}" />
</filesystem>
<chain name="main" dual="true">
<resolver ref="modules"/>
<resolver ref="x1"/>
<resolver ref="x2"/>
</chain>
<chain name="default" returnFirst="true">
<resolver ref="local"/>
<resolver ref="main"/>
</chain>
</resolvers>
</ivysettings>

found the answer in this link https://github.com/sbt/sbt/issues/1999
But the answer is to just reference the resolver by name. In your situation it would be
publishTo := Some(Resolver.file("modules"))
since you want to publish using the "modules" resolver

Shiro with Spring MVC Wildcard permissions not working

I have couple of permissions as:
inventory:po:view
inventory:po:create
inventory:po:update
In the JSP, below works:
<shiro:hasPermission name="inventory:po:create">
<li><a href='<c:url value="/inventory/document/viewDocument?doctype=2" />'>Purchase Order</a></li>
</shiro:hasPermission>
However, below doesn't.
<shiro:hasPermission name="inventory:po:*">
</shiro:hasPermission>
Shiro Version is 1.2.1. I also tried using the subject.isPermitted() call in and that doesn't work too.
I'm sure this is supposed to be pretty straight forward, but is there anything I miss in the configuration to enable wildcard support ? Please advice.
Shiro Configuration:
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
<!-- Security Manager -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="jdbcRealm" />
<property name="cacheManager" ref="cacheManager"/>
</bean>
<!-- Caching -->
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManager" ref="ehCacheManager" />
</bean>
<bean id="ehCacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
<bean id="sessionDAO"
class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO" />
<bean id="sessionManager"
class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO" />
</bean>
<!-- JDBC Realm Settings -->
<bean id="jdbcRealm" class="org.apache.shiro.realm.jdbc.JdbcRealm">
<property name="name" value="jdbcRealm" />
<property name="dataSource" ref="dataSource" />
<property name="authenticationQuery"
value="SELECT password FROM system_user_accounts WHERE username=? and status=10" />
<property name="userRolesQuery"
value="SELECT role_code FROM system_roles r, system_user_accounts u, system_user_roles ur WHERE u.user_id=ur.user_id AND r.role_id=ur.role_id AND u.username=?" />
<property name="permissionsQuery"
value="SELECT code FROM system_roles r, system_permissions p, system_role_permission rp WHERE r.role_id=rp.role_id AND p.permission_id=rp.permission_id AND r.role_code=?" />
<property name="permissionsLookupEnabled" value="true"></property>
<property name="cachingEnabled" value="true" />
</bean>
<!-- Spring Integration -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<!-- Enable Shiro Annotations for Spring-configured beans. Only run after
the lifecycleBeanProcessor has run: -->
<bean id="annotationProxy"
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor" />
<bean id="authorizationAttributeSourceAdvisor"
class="org.apache.shiro.sprinemphasized textg.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager" />
</bean>
<!-- Secure Spring remoting: Ensure any Spring Remoting method invocations
can be associated with a Subject for security checks. -->
<bean id="secureRemoteInvocationExecutor"
class="org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor">
<property name="securityManager" ref="securityManager" />
</bean>
<!-- Passthrough for Login page -->
<bean id="passThruLogin" class="org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter">
<property name="loginUrl" value="/login" />
</bean>
<!-- Shiro filter -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/login" />
<property name="successUrl" value="/dashboard" />
<property name="unauthorizedUrl" value="/error" />
<property name="filters">
<map>
<entry key="authc" value-ref="passThruLogin" />
</map>
</property>
<property name="filterChainDefinitions">
<value>
<!-- !!! Order matters !!! -->
/authenticate = anon
/login = anon
/logout = anon
/error = anon
/static/** = anon
/** = authc
</value>
</property>
</bean>

The " * " isn't a wildcard in shiro's permission checking, on the contrary it means "requires all values".
You should assert a wildcard right of your own (read is usually a good default wildcard permission) and be explicit on the permission check.
On the contrary '*' means 'GRANT the user all rights', which got you confused with imho.
From Check Permissions part of shiro's documentation about permission
if ( SecurityUtils.getSubject().isPermitted("printer:print") ) {
//print the document
}
Therefore, this is an incorrect check. What if the current user does not have the ability to print to any printer, but they do have the ability to print to say, the lp7200 and epsoncolor printers. Then the 2nd example above would never allow them to print to the lp7200 printer even though they have been granted that ability!

Resources