TomEE is a simple but great container.
Recently was added a SSH connector to be able to get container information easily.
The proposed module uses JAAS for the authentication.
This article proposes you to install the ssh connector and to see what it can do to ease your work.
Note: this article is done with the snapshot of TomEE
Configure JAAS
First let’s configure JAAS.
We need to create a file in <tomee>/conf/login.config.
Then add to your tomee opts (CATALINA_OPTS) the system property:
-Djava.security.auth.login.config=$CATALINA_BASE/conf/login.config
Note:the used path should be an absolute path
Now we need to configure TomEE/Tomcat to use JAAS Realm. It can be done in the server.xml of TomEE (conf folder):
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.tomee.catalina.ServerListener" />
<Listener className="org.apache.catalina.security.SecurityListener" />
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<!-- here is the magic -->
<Realm className="org.apache.catalina.realm.JAASRealm" appName="PropertiesLoginModule"
userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User"
roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group">
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true" />
</Engine>
</Service>
</Server>
Now simply configure this module (properties login module) in loging.config:
PropertiesLoginModule {
org.apache.openejb.core.security.jaas.PropertiesLoginModule required
Debug=false
UsersFile="users.properties"
GroupsFile="groups.properties";
};
This login module simply takes the the users in the file <tomee>/conf/users.properties and the groups in <tomee>/conf/groups.properties.
The user file contains the list of users as keys and their password as values. The group file container the list of group names as key and the list of users in this group as values.
Sample users.properties:
rmannibucau=secret romain=password
Sample groups.properties:
admin=rmannibucau writers=rmannibucau,romain
Add SSH connector
To add SSH features extract openejb-ssh.zip in tomee libs. It can be done manually downloading openejb-ssh zip in apache repository (openejb-ssh) or automatically adding a file <tomee>/conf/provisioning.properties containing the line:
zip=http://.../ destination=lib
For instance:
zip=https://repository.apache.org/content/repositories/snapshots/org/apache/openejb/openejb-ssh/4.0.0-beta-3-SNAPSHOT/openejb-ssh-4.0.0-beta-3-20120509.112538-134.zip destination=lib
Note: the link can change depending on version, nexus updates.
Once TomEE started/restarted you should normally be able to connect to the container on port 4222 by default (see <tomee>/conf/conf.d/ssh.properties to customize it).
ssh <user>@localhost -p 4222
Providing your password you should access the command line prompt:
To get available commands simply type “help”:
So now you can deploy/undeploy applications from ssh, call some mbean, list jar/paths in classloaders, invoke ejb/cdi bean using scripting (by default only javascript is registered since it is in the vm but adding groovy-all jar or any implementation of the JSR 223 supporting the multithreading you can use some other language).
Here some screenshots:
Another blog post about commands will come soon.
New posts here >>> rmannibucau.metawerx.net 