Subscribe: Enter The JBoss Matrix
http://blogs.jboss.com/blog/?flavor=rdf
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
authentication  blog  cloud  configuration  elytron  hat  java  jboss  new  red hat  red  release  server  week  wildfly 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Enter The JBoss Matrix

JBoss Community Blogs



A syndication feed of all the blogs on this system



Published: 2017-11-18T00:25:32Z

Updated: 2017-11-18T00:25:32Z

 



This week in JBoss (10 November 2017)

2017-11-18T00:25:00Z

2017-11-18T00:25:00Z

Welcome back to another edition of JBoss Weekly! We’re excited to bring to you news from across the net relating to JBoss Middleware. Those of you who attended Devoxx Belgium, we hope you had the opportunity to speak with our engineers there!Releases We’ll kick off the editorial with the releases made in Middleware this past week:Arquillian Cube 1.9.2Shrinkwrap Resolver 3.0.0Arquillian Drone 2.4.4Arquillian Drone 2.4.5Arquillian Smart Testing 0.0.4Arquillian Core 1.1.4As you can see, the Arquillian team has been on a roll this past week! Congratulations to the team and all those who helped to make it happen.Keycloak 3.4.0.FinalJBossWS 5.2.0.FinalInfinispan 9.2.0.Beta1 and 9.1.3.FinalDebezium 0.6.2Hibernate Validator 6.0.5.FinalReleases aplenty this past week! A job well done to all our engineers and community contributors, thanks for all the help!Blog Highlights Those of you getting started with Docker and Java, you’ll want to check out Amit Nijhawan’s post about how to deploy Java applications with Docker. It’s a great primer.React is a great thing, and becoming very popular. Samuel Mendenhall shares a plenitude of advice from rebuilding an Angular app to a React app. It’s a longer post, but if you’re getting started with React, or experiencing some difficulties you’ll want to read it.If you’re at the point of embracing Java 9 and the new modules system, you’ll be thrilled to know that starting with Red Hat JBoss Developer Studio 11.1 supports Java 9! Eclipse doesn’t have to be running on Java 9, but a Java 9 JDK must be on the build path for the project. JBDS 11.1 offers help to convert to Java modules as well. Read Jeff Maury’s post about the Java 9 support for full details.Lastly, the Red Hat Developer Program has rolled out a new topic about secure programming. We all know security isn’t something to be taken lightly, however, it isn’t always the easiest of things to understand and get right. Lucy Kerner details the current tools on the website. Be sure to read both and get a good idea of what’s being offered and how it can help! Thanks everyone for another amazing week! We hope you’re prepared for the year-end holidays and hope you have a fantastic week.[...]



RESTEasy 4.0.0.Beta1, JAX-RS 2.1 and more

2017-11-13T10:50:00Z

2017-11-13T10:50:00Z

Back at the end of July I mentioned that the team would have focussed on JSR-370... and here I am few months later, happy to announce that the first Beta release of RESTEasy 4 has been tagged over the weekend and it features JAX-RS 2.1 implementation.

However this beta comes with more additions... besides for the implementation of the latest specification for RESTful webservices in Java, here is a brief list of what's new:

The full release notes are available on jira, the artifacts are built and published on Maven repositories and the sources are on GitHub as usual ;-)

Please consider trying the latest release and providing feedback!

Thanks




The Week in JBoss (2017-11-09)

2017-11-09T11:06:31Z

2017-11-09T11:06:31Z

Modern Transaction Programming TechniquesThis week Tom Jenkinson blogged about recent standardisation effort in the Microservices arena. This standard allows highly concurrent environments to gain many of the benefits of a traditional transaction, with a reduced impact on throughput.In addition, Michael Musgrove blogged about Narayana's Software Transactional Memory (STM) implementation. In particular he showed how it can be used with the actor model features of Vert.x and the scaling features of OpenShift. 5 Pillars of a Successful Java Web ApplicationIn this series of posts Eder Ignatowicz describes the 5 pillars that have allowed his team to successfully keep a 7+ year-old Java application up-to-date, whilst combining modern techniques with a legacy codebase of more than 1 million LOC, using an agile, sustainable, and evolutionary web approach. Read the series here: part 1, part 2, part 3. Other NewsEric Schabell continues his blog series on 10 Steps to Cloud Happiness. In this post he focuses on the Human Aspect.Vlad Mihalcea presents this weeks Hibernate Community Newsletter.Jeff Maury announces JUnit 5 support in Red Hat JBoss Developer Studio 11.1.Julien Viet publicises his InfoQ podcast, in which he talks about the recent Eclipse Vert.x 3.5 release and its killer features, Reactive Programming and on what might be the future of the project.ReleasesKeycloak 3.4.0.CR1WildFly Swarm 2017.11.0Errai 4.1.0.FinalTeiid 9.2.7Graphene 2.3.2Arquillian Drone Extension 2.4.3Teiid 10.0.0.FinalRed Hat Developer Studio 11.1.0.GAJBoss Tools 4.5.1.Final[...]



This week in JBoss (2nd November 2017) - Time to meet Debezium

2017-11-02T18:06:29Z

2017-11-02T18:06:29Z

As always, last week have seen its fair share of action in the JBoss Community, with multiples releases and many interesting (and technical) content being released, but especially the Debezium project has been going the extra mile to allow to discover their product, crafting a nice tutorial and even providing OpenShift and Docker files to help play with it... So go check it out ! Change data capture with Debezium (and even on OpenShift!) The Debezium team just released version 0.6.1 of their change data capturing (CDC) tool for MySQL, Postgres and MongoDB (support for further databases is coming soon).  For those eager to try out CDC themselves, there's a tutorial running you through the set-up of Debezium and its required services like Apache Kafka. There are now Docker Compose files for all the supported databases, which make it a breeze to start the infrastructure used in the tutorial and see Debezium in action. You would like to set up Debezium on OpenShift? Then we got good news for you, too; There are detailed instructions on how to do that available on the Debezium website now. And using Minishift, you can easily try this out on an OpenShift cluster running on your local machine. Development of Debezium is in full swing, enabling many use cases such as data replication, data synchronization between different microservices or updating full-text search indexes. If you got any input or questions on Debezium, the development team is looking forward to hearing from you in the Debezium discussion group. Building and consuming Virtual Microdatabase Teiid - on which the Red Hat product JBoss Data Virtualization is based on, is rather powerful and interesting tool, that is (to my experience) yet to be well spread and understand. So I'm very happy about this new walk through released last week, presenting, in detail, how one set up and consume, in just a few click, a virtual database. On top of this tutorial, a rather intriguing article on Low-risk Monolith to Microservice Evolution has been released last week, and will certainly allow to go even deeper and farther with Teiid. Fun with SSL (and Kafka) In the last few years, with security becoming more and more of concerns (as it should!), setting up Java solution to directly use SSL have been  an increasing practise (oppose to the days when this was delegated to the load-balancer in front of them). In this context, it is nice to have a tutorial, such as this one released last week on Kafka with OpenSSL. But it is even more appreciable to have also an article on how to test SSL set up (and how): SSL Testing Tool. So no more excuse to run insecure services ! Techbytes If your technical thirst for technical exploration or learning is still not quenched by all of those articles, there still a couple more thing you can explore. First, if you are hookup on Drools and the related jBPM ecosystem, you checkout the Improved KIE Server documentation along with this article on Sub cases for case instance and ... process instance (jBPM). And maybe simply explore the Bean Validation benchmark revisited ? Evangelist's Corner Eric D. Schabell's 10 Steps to Cloud Happiness series is still ongoing and last week saw the release of Step 5 - Real Process Improvement - certainly a teasing title, isn't it ! Go check it out ! (or catch up on the series by starting with Step 1 - Get a Cloud. Also, if you are happen to be an Infinispan fan (or just interested by it), see if you can join the upcoming event featuring talks about it: Infinispan coming to Duchess France and Devoxx Belgium ! Releases, releases, releases... Keycloak 3.3.0.Final releasedInfinispan 9.2.0.Alpha2 & 9.1.2.Final releasedDebezium 0.6.1 is ReleasedBugfix releases for Hibernate Search 5.6, 5.7 and 5.8 - Please note this releases includes fixes for CVE-2017-12629 ! Decaf' Enough of Java coding, GC and other JVM madness ? TIme for a break ? Have somethi[...]



The Week in JBoss - WildFly 11 Final is here!

2017-10-26T10:09:32Z

2017-10-26T10:09:32Z

The big news this week is... WildFly 11 Final was released this week. As you would expect for a major WildFly release, it comes with many significant improvements. Including: Elytron - New Security Infrastructure. The biggest change in WildFly 11 is unification on a new common security framework across the full application server.Simplified EJB / Naming Proxies. JNDI and EJB invocation have both been simplified and enhanced in WildFly 11.Request oriented EJB/JNDI over HTTP.WildFly OpenSSL & HTTP/2. WildFly 11 now provides a JSSE provider that can offload TLS handling from the JVM’s internal implementation to an OpenSSL library on your system, typically improving TLS performance.New Load-Balancer Configs. In order to simplify the setup of WildFly as an HTTP load-balancer, there is an additional standalone-load-balancer.xml configuration in the distribution, which is an instance slimmed to just running the load balancing services.Graceful Shutdown/Startup Improvements. Distributed transactions are now handled by the graceful shutdown mechanism.Web Console Improvements. A number of Web Console improvements are included in WildFly 11, including the ability to see recent configuration changes, to manage active JMS transactions, manage active batch jobs, manage Undertow filters, and test data-sources during creation.Management and Configuration Improvements. WildFly 11 now supports remote managed exploded deployments, which allows remote management clients the ability to update content within the deployment, such as html and jsp files without requiring a full redeployment. Read more here. Microservices & Microprofile It's been a busy week for Microservices content. Christian Posta continues his series on Low-risk Monolith to Microservice Evolution, which looks to be a great writeup for those planning a migration to a Microservices architecture. Ken Finnigan provides a step-by-step guide to setting up data streaming with WildFly Swarm and Apache Kafka. Cesar Saavedra continues his guide on setting up a MicroProfile-based microservice on OpenShift Container Platform. Finally, Heiko Rupp explains how to monitor an Eclipse MicroProfile 1.2 server with Prometheus.Other NewsElvadas Nono provides a tutorial on building and consuming virtual Microdatabases with JBoss Data Virtualization.Eric Schabell continues his blog series on 10 Steps to Cloud Happiness. In this post he focuses on Centralising Business Logic.Vlad Mihalcea interviews Lukas Eder, a Java Champion, SQL aficionado, and data access framework developer.Claus Ibsen explains how to work with large messages using Apache Camel and ActiveMQ Artemis.ReleasesWildFly 11 FinalTeiid 10.0.0.CR2Hibernate Validator 6.0.4.FinalSmart Testing 0.0.3Teiid 9.3.4JGroups 4.0.8[...]



This week in JBoss (20th October 2017): Microservices and more

2017-10-21T02:19:26Z

2017-10-21T02:19:26Z

Welcome to another edition of the JBoss Weekly Editorial, our regular visit to the JBoss Communities in search of all that is new and interesting Monitoring Microservices The Eclipse MicroProfile 1.2 release introduces a number of aspects which enable monitoring of microservices, two of which are health checks and metrics.  These features are simple to enable within a microservice written to the specification, more details on how this can be achieved can be found in Heiko's article on the subject. Integrating a MicroService with JBoss Data Grid In the third part of his tutorial series covering the development of a microservice running on OpenShift Cesar describes how to deploy and configure an instance of JBoss Data Grid before covering the necessary changes to invoke the service from his existing microservice. Evolving a Monolithic Application into Microservices Having set the context in the first article of his series describing how to transition a monolithic application over to a microservices architecture Christian shows how to decompose his example monolothic application into individual services while retaining the same functionality. WildFly and Elytron Jan Kalina has written two articles discussing aspects of the new Elytron security subsystem being introduced in the upcoming WildFly 11 release.  In his first article Jan shows how we can configure the Elytron subsystem to secure the server side portion of an SSL exchange and in his second article he shows how we can extend the configuration to enforce verification of the client certificates. OpenID Connect Identity Brokering using Red Hat Single Sign-On Red Hat Single Sign-On (RH-SSO) supports identity federation based on a number of specifications including OpenID Connect, if you are interested in this capability then take a look at Tom's tutorial where he explains the concepts behind identity federation and shows how this can be enabled through RH-SSO. 10 Steps to Cloud Happiness In the next article of his Cloud Happiness series, Eric Schabell introduces us to his third step towards happiness and shows how we can enhance our existing cloud and include a unified management and operations environment through the installation of Red Hat CloudForms. Container Images for OpenShift At this year's EMEA Red Hat Tech Exchange 2017 Frédéric Giloux gave a presentation discussing good practices for creating images running within OpenShift, in the last two sections covering his session Frédéric discusses how to make your images easier to consume and the aspects of cloud ready applications and their consequences for container image design. Installing Red Hat Mobile on OpenShift If you are interested in trying out the Red Hat Mobile Application Platform (RHMAP) then Brian's article will be of interest to you.  Starting from scratch Brian will take you through all the steps necessary to deploy a demonstration environment on an AWS OpenShift environment, leaving you with a sandboxed environment to explore the platform. Infinispan Cache Store Batch Operations Infinispan 9.1.x introduces the ability to batch write and delete operations on a cache store, significantly improving the performance of write-behind cache stores.  There are some minor configuration changes associated with this new feature along with two additional methods you should implement on your cache store. Data Authorisation in Case Management In his next article discussing jBPM's Case Management feature Maciej Swiderski covers some recent additions adding support for case file authorisation, case comment authorisation, closing cases with comments and indexing case file items for searching. Meeting Rafael Ponte In the next article of his community interview series Vlad introduces us to Rafael Ponte, a software developer, conf[...]



This Week in JBoss (12th October 2017) : Sunshine in the Clouds

2017-10-12T17:08:59Z

2017-10-12T17:08:59Z

Running software in the clouds have been an essential topic of our industry for almost a decade now. While it used to be reserved to the cutting-edge, experimental and adventurous projects, it has been, in the last years, adopted largely by the industry. In this context, it is quite exciting to see all the news of last weeks surrounding the topic within the JBoss Community...10 Steps to Cloud Happiness If you have lived under a rock for the past decade, you may have no idea about cloud infrastructure - or maybe you never ended up using one. This editorial focuses a lot on cloud, so maybe you can take a look, at first, at the 10 steps tutorial started by Eric D.Schabell last week ? 10 Steps to Cloud Happiness: Step 1 - Get a Cloud10 Steps to Cloud Happiness: Step 2 - Use a Service Catalog Best way into the Clouds - OpenShiftWell, this might only be my opinion - so feel free to disagree - but I do think OpenShift is one of the best ways to get into a cloud infrastructure. And there was quite a lot of nifty informations about it released last week. First of all this pretty interesting article on JBoss A-MQ on OpenShift Cheat Sheet, will certainly help you manage your favorite MoM on a OpenShift container.To go further down the road, you may even want to explore how to properly maintain your own images in OpenShift, than this first installment of a series of articles on Container Images for OpenShift (Part 1: Objectives) will certainly reveals itself to be an excellent starting point. Last, but certainly not the least, an announcement from Red Hat and Alibaba, just yesterday, shows how much traction Cloud is having in our industry : Red Hat and Alibaba Cloud Join Forces to Bring Increased Flexibility with Open Source.Eclipse - Java Tooling for the Sky As much as cloud infrastructure is bringing easiness of deployment and scalable performance to your (Java) application, one still needs to write and design a resilient and robust application, not to mention the increasing need for the app to be as secure as possible against the many hacking threats out there.Fortunately, the Eclipse project keeps enhancing the IDE, enabling us, developers, to write better apps. If you doubt, just take an eye at this article on Java code coverage in Eclipse! I'm pretty sure you never thought of using code coverage this way.... It is also nice to see the integration of Fuse technologies within Eclipse is making progress as shown by the following article: Fuse development environment with Development Suite installer.If you are excited by the new evolution or the future of the IDE, you should definitely join other members of the JBoss community, along with some Red Hat Developers at EclipseCon Europe on the 24th and 25th of October in Ludwigsburg, near Stuttgart, in Germany. Hibernation season has started Despite the actual meaning of its name, the Hibernate community has also been very active and keeping up with what is happening within the projects. It would require a separate article to cover it all! Fortunately, last week saw the release of the Hibernate Community Newsletter 19/2017 , so you just this need to check this out to get updated, and to make your user experience even smoother, the Hibernate websites get a facelift! Techbytes Of course, not everything things is about cloud. As always, the JBoss community having been working on numerous projects and keep offering improvements of all sort to their users. For instance, Apache Camel fans will be very happy to read (more) about Apache Camel route coverage tooling on the way. Or maybe you would like to learn how to set up Hawkular Alerts in ManageIQ? Or rather how to Run an Embedded WildFly Host Controller in the CLI? See, plenty of advanced materials there, but maybe you crave learning new things, rather than delve into complex topics. So, what about Getting started with workbenc[...]



This Week in JBoss (10 October 2017)

2017-10-06T23:18:00Z

2017-10-06T23:18:00Z

Welcome back to another weekly editorial! Those of you catching up from JavaOne, we hope you found time to visit the booth and try out OpenShift.io! There are a number of posts to cover this week, so, let’s get started.Releases We’ll start out with releases this time. There’s only three of them this week, but that doesn’t mean we’ve slacked off.Hibernate Search 5.8.1.Final released a couple of days ago. There are many fixes for ElasticSearch in this maintenance release.Wildfly Swarm 2017.10.0 also released two days ago.The first of the Infinispan 9.2.0 branch released today, check it out!Announcements By far the biggest announcement in the Java EE space happened earlier in the week with the announcement of EE4J! Our very own Mark Little blogged about it. If this is the first you’re seeing of it, be sure to read Mark’s blog and check out the charter. Everyone is welcome to participate. Please sign up for the mailing list and help us all move Enterprise Java forward!If you’re running on RHEL, you may be excited for the next couple of blogs from Mike Guerette. Earlier in the week, Red Hat announced the availability of Red Hat Developer Toolset 7.0 Beta. This beta brings updates to GCC (7.2) and adds Clang/LLVM 4.0.1, Go 1.8.3, and Rust 1.2.0 to the list of supported compilers! In addition to those, Mike also announced Red Hat Software Collections 3.0 Beta which includes other updates and also new additions.Blog Highlights To round out the week, there are a number of blog posts we’d like to highlight.WildflyWildfly 11 will bring with it a number of changes. Among those changes is integration with Apache ActiveMQ Artemis. Be sure to read the blog for changes and new features available. There’s also support for OpenSSL. The post details setup, security realms, and Elytron all with OpenSSL support! Lastly, Wildfly 11 improves the existing referential integrity found in Wildfly 10.Spring Boot on KubernetesKamesh Sampath has done a series of posts over on the Red Hat Developer blog detailing configuring Spring Boot on Kubernetes. The introduction of the series covers the initial idea of using Kubernetes for configuration of a Spring Boot application. Part I covers using ConfigMaps for configuration. Part II details the use of Secrets for sensitive information. These are great alternatives to the Spring Config server.OpenSlavaLastly, Eric Schabell was at OpenSlava this past week. All of his talks and slides are available on his blog and SlideShare! Thank you, everyone! We hope you’ve had a great week![...]



EE4J - Life Beyond Java EE Begins Today!

2017-09-30T12:54:00Z

2017-09-30T12:54:00Z

I already wrote about the work we, IBM and Oracle have been doing together to move Java EE to a foundation. At the time I couldn't say which foundation but now we know it's Eclipse and that the project will be called Eclipse Enterprise For Java (EE4J). There's a draft charter and it's vitally important that interested people read it and give feedback on the mailing list. There's a lot of pent-up passion and energy around Java EE and it would be so much better if individuals focussed that on the charter at this point than complaining about the name. Yes, I understand that some people feel the name is important to the success of this effort but I can tell you all that there's a lot more to choosing a name for a foundation or massively successful project than just ... choosing the name. Having done this when we renamed JBossAS to WildFly, you've got to do trademark searches, domain checks, legal verifications etc. and of course that the name or acronym doesn't mean something inappropriate in a different language. So getting to a name like EE4J isn't easy and changing it now is simply not going to be possible. Plus you can never please everyone all of the time.

 

There's a lot to do over the coming weeks and months. Moving the TCKs, specs and sources to the Eclipse Foundation is probably the easiest of the tasks, which isn't to suggest it's going to be easy. We've got to figure out the processes around which EE4J evolves, who leads the specifications, what about compatibility, evangelism, how does the JCP fit in, etc? And it's going to succeed or fail based upon the engagement of the entire Java (EE) communities. If you're invested in Java EE or anything related to it (yes, including Eclipse MicroProfile) then it's a great opportunity to step up and help drive this in an open manner. Gone are the cries of "this is dominated by Sun/Oracle" and "it's not open source". This is now an Eclipse Foundation effort and the best way to ensure this evolves in a direction with which you agree is to join and get involved!

 

I want to take a moment to thank everyone who has helped so far, obviously including Oracle and IBM. We've just completed the JCP Executive Committee F2F which always precedes JavaOne and the feedback from there when EE4J was presented was positive. Yes there are still a lot of unknowns, many of which I've mentioned above. But generally everyone thought this was a good thing!

 

Onward!




This week in JBoss (28 Sept 2017) - To bodly go where to JavaOne has (not) gone before...

2017-09-29T08:33:25Z

2017-09-29T08:33:25Z

With the release of the new Start Trek TV series, I hope the reader will pardon me for this (not so) inspired title... Nevertheless, JavaOne is coming up and the JBoss Community is getting ready for it !!! JavaOneAs you are certainly aware, JavaOne is coming up soon and, of course, many member of the JBoss community are participating to the event. Namely, this week, some of them start announcing their presence, like Narayana team at JavaOne or Clément Escoffier teaser for his presentation on The Reactive Landscape. Pimp your JBoss Developer Studio - and then explore BPM & Rules !Last week, Eric D. Schabell took the time to make a coupl of blog entries regarding the JBoss Developer Studio (an Eclipse based IDE). Especially he focused on how to set up tooling for some important project of the community within the IDE:How To Setup Integration & SOA Tooling For JBoss Developer Studio 11 How To Setup BPM and Rules Tooling For JBoss Developer Studio 11  Once you have those tool properly installed, you will be all set to follow the 4 hours presentation, from last week, on Processes, Rules and Events: Watch Drools, jBPM and Optaplanner Day LIVE (Sept 26)  !Expanding your Horizon An Open Source community as thriving as the one of JBoss produces a lot of software, tool, and products to learn and try out. And when I mean a lot, I mean, like, a LOT.  It may be difficult to explore, follow and learn all of them, and this is why, I'm happy to see that many things happened last week to help one exactly do that. So, first, and this is a great news, the Camel in Action 2nd edition goes into production phase ! The announcement also includes some preview on the book content, so go check it out. Then comes Hibernate, that has become its own community of project within JBoss. Which makes it obviously a bit challenging to follow. Thankfully,  last week was released the Hibernate Community Newsletter 18/2017  which will caught you up on anything you may have missed ! Of course, there is almost no better way to learn than to be teached by the greatest. Especially when the greatest happens to be also an excellent teacher like Bela Ban. Indeed, Bela has announced a new series of JGroups workshops in Rome and Berlin in November. Having personally attendedhis workshop a couple of times, I can but only strongly recommend it. You will learn everything you ever wanted to know about JGroups - and more ! Techbytes After all this learning, and the all the upcoming exciting content coming up with JavaOne, you may want to scratch a (technical) hitch and play with some new tech. No worries, an Eclipse Vert.x Gradle Plugin tutorial might be just the fix you need. If not, take a look at how to Add Kerberos Authentication To Existing Web Application. Releases, releases, releases... Smart Testing 0.0.2 Released (Arqualian)Narayana 5.7.0.Final Released Decaf' Enough is enough ! You don't want to fire Eclipse, neither to debug some Java program, you need something else for a change ? You might be just in luck, because last week was released a very nice article on Ansible - A handy tool for people that might not need it. And being a big fan of Ansible, I can but only advise one to go read it... Hopefully, you have found something in this week's editorial to pique your interest and give you something to explore while waiting for next week's installment. Join us here next week for more news from the JBoss Community.[...]



How to use an Elytron SASL mechanism that supports channel binding

2017-09-28T16:07:25Z

2017-09-28T16:07:25Z

Some SASL mechanisms support channel binding to external secure channels like TLS. The name of a SASL mechanism tells us if channel binding is supported. In particular, SASL mechanisms that support the optional use of channel binding have two SASL mechanism names - one name that includes the “-PLUS” suffix, which implies that channel binding is supported, and one name without the “-PLUS” suffix, which implies that channel binding is not supported (e.g., GS2-KRB5 and GS2-KRB5-PLUS, SCRAM-SHA-256 and SCRAM-SHA-256-PLUS, etc.). Whether or not channel binding is used is determined during SASL mechanism negotiation. This blog post is going to show the server and client configuration needed to connect to the JBoss CLI using the SCRAM-SHA-256-PLUS mechanism, one of the SASL PLUS mechanisms provided by Elytron. Prerequisite configuration First, add a management user for the server - this is the user that we’re going to use later on when attempting to connect to the CLI. For this example, we’re going to create a filesystem-based identity store and add a user named “bob” with password “pAssw0rd” using the following CLI commands: /subsystem=elytron/filesystem-realm=exampleRealm:add(path=fs-realm-users,relative-to=jboss.server.config.dir) /subsystem=elytron/filesystem-realm=exampleRealm:add-identity(identity=bob) /subsystem=elytron/filesystem-realm=exampleRealm:set-password(identity=bob,clear={password=pAssw0rd})  Now, we’re going to add the filesystem-realm that we just created to the “ManagementDomain” security domain that is already defined in the default Elytron subsystem configuration and we’re going to make this the default security realm for this security domain: /subsystem=elytron/security-domain=ManagementDomain:list-add(name=realms, value={realm=exampleRealm}) /subsystem=elytron/security-domain=ManagementDomain:write-attribute(name=default-realm, value=exampleRealm)  Next, use the following commands to secure the management interface using Elytron: /core-service=management/management-interface=http-interface:write-attribute(name=http-upgrade,value={enabled=true, sasl-authentication-factory=management-sasl-authentication}) /core-service=management/management-interface=http-interface:write-attribute(name=http-authentication-factory,value=management-http-authentication) /core-service=management/management-interface=http-interface:undefine-attribute(name=security-realm)  Finally, generate a server keystore and a client truststore using the keytool command, as shown below. We’re going to use these to enable one-way SSL/TLS for the management interface. Generate the server keystore:keytool -genkeypair -alias localhost -keyalg RSA -keysize 1024 -validity 365 -keystore server.keystore.jks -dname "CN=localhost" -keypass secret -storepass secret  Export the server certificate:keytool -exportcert  -keystore server.keystore.jks -alias localhost -keypass secret -storepass secret -file server.cer  Import the server certificate into the client’s truststore:keytool -importcert -keystore client.truststore.jks -storepass secret -alias localhost -trustcacerts -file server.cer  Now we’re ready to proceed with the server and client configuration needed to use the SCRAM-SHA-256-PLUS mechanism. Configuring the server First, configure a key-store, key-manager, and server-ssl-context in the Elytron subsystem using the server keystore that we just created (the following commands assume the server.keystore.jks file is located in the $WILDFLY_HOME/standalone/configuration directory): /subsystem=elytron/key-store=exampleKS:add(path=server.keystore.jks, relative-to=jboss.server.config.dir, credential[...]



This week in JBoss (21 Sept 2017)

2017-09-21T21:45:00Z

2017-09-21T21:45:00Z

Happy Java 9 day! Hope everyone is enjoying a new version of Java and getting used to Jigsaw. Sorry, we missed last week, but we’ll get you all caught up here. Again, our hearts go out to those affected by the natural disasters of the past couple of weeks. We hope you and your loved ones are all safe. Project blogs A number of blogs went out over the past two weeks. Let’s start off by connecting Hawkular services over SSL at the Hawkular blog. We all know microservices are the rage right now. Are you considering breaking up your monolith application into microservices? Christian Posta offers his low-risk migration ideas in a multi-part blog post. JBoss Developer Studio 11 will be releasing sometime in the future, and what better way to get started than by learning how to set up all those services that aren’t installed out of the box? Infinispan blog. You can also get this going on OpenShift!Travels, Videos, and Presentations We’re fast approaching the conference season for the year! JavaOne is happening at the start of October, JAX London the following week, Devoxx Belgium the first part of November, with QCon San Francisco shortly after that. If you’re attending any of those conferences, be sure to look out for Red Hat! Coming up next week, if you’re a developer using or even trying out Drools, jBPM, or Optaplanner, be sure to put September 26th on your calendar. Drools Days in NYC is happening that day. You can also catch the live stream as well. Two days after that in Washington D.C. will be another event. Lastly, a couple of weeks ago Galder was talking about Big Data with Infinispan. You catch the recording over at YouTube in case you missed it.Releases We’ve gone full throttle on the release train over the past couple of weeks. Here’s a list of all the releases:Teiid 9.2.6Teiid 9.3.3Teiid 10.0.0.Beta2Keycloak 3.3.0.CR2Windup 4.0.0.Beta4Hibernate OGM 5.2.Alpha1Hibernate ORM 5.2.11.FinalHibernate Search 5.8.0.FinalArquillian Smart Testing 0.0.1Arquillian Cube 1.9.0Infinispan 9.1.1Debezium 0.6Thanks for staying with us![...]



Windup 4.0.0.Beta4 is out!

2017-09-12T12:30:10Z

2017-09-12T12:30:10Z

Windup is changing the face and content in parallel, so if you know about or not we have now Red Hat Migration Toolkit presentation on Red Hat Application Migration Toolkit Overview | Red Hat Developers  site which is the new face for the bundle. We use RHAMT acronym or shortcut for that, but inside it is still the tuned Windup . Current 6+ months of team work resulted in 4.0.0.Beta4 containing new cloud-readiness rules which helps to identify if you application can run in cloud environment smoothly or if it needs some love to modernize it for cloud world. We also enhanced and fixed some issues in existing rulesets. What is more important our Eclipse RHAMT plugin is adding more features to assist user who migrates or just analyze future migration on existing project sources. Let me say that there is ruleset editor in early stage and some small but important fixes/enhancements in RHAMT perspective layout. Not to forget on our new child - RHAMT Web Console which embeds core functionality into Angular 4 based front end UI application. The Web console is able to be deployable into cloud environment Openshift v3 and have all functionality like RHAMT command line tool. The Web Console allows to work on your migration analysis toolkit into team collaboration. Please get it while it is hot and let us know what you like/dislike in RHAMT. Download RHAMT distributions from Red Hat Application Migration Toolkit Download | Red Hat DevelopersChanges in 4.0.0.Beta4 are listed in JIRA Release Notes - JBoss Issue Tracker and at Release Notes - JBoss Issue TrackerSee important Release Notes article at Red Hat Application Migration Toolkit 4.0 Beta4 Release Notes - Red Hat Customer Portal too as that summarizes the important things.Documentation is published at Red Hat Application Migration Toolkit Docs-and-apis | Red Hat Developers Feedback is more than welcome via:Email -- windup-users@lists.jboss.orgIRC -- freenode #windupJIRA -- https://issues.jboss.org/browse/WINDUP Many thanks to everyone who contributed to the release! On behalf of the whole Windup team[...]



This week in JBoss (08 Sept 2017)

2017-09-08T23:14:00Z

2017-09-08T23:14:00Z

Welcome everyone, to another edition of JBoss Weekly! We have some great news to share with you all this week. I hope you’ve stayed current with other happenings out in the Java world over the past couple of weeks, including Mark Reinhold’s blog post about moving Java faster. If you missed that, you can read the whole blog post at https://mreinhold.org/blog/forward-faster.  People Joining the TeamThe Hibernate team had two new additions to the team this past week: Arnold Galovics and Jakub Kubrynski! Welcome to team guys!  Project blogsOut in the blogosphere, we have two great blog posts about Keycloak and Hawkular. Keycloak in version 3.3.0.CR1 added support for cross-site replication. More information about this feature and an example of how it is used can be found at the Keycloak blog.The Hawklar blog discussed alerts and OpenTracing earlier this week. It’s a great read and has an example to follow along with as well. A number of blogs about WildFly went out this week. The first talks about FIPS-compliant credential stores within Wildfly. If you’re storing credentials, it’s certainly worth looking into and making sure you’re compliant with FIPS if you need to be. The next three blog posts talk about the WildFly Elytron project, which is the underlying security subsystem in WildFly 11. Farah Juma discusses using EJBs with Elytron in a two part blog series. Both blog posts have information about getting started started and contain code snippets. Continuing with the Elyton theme, Darran Lofthouse explored using Elytron with Undertow standalone for those times you need something really lightweight. A couple of blogs about jBPM and Drools were released over the past week as well. Tihomir discussed the idea of integrating systems with processes. He talks about how processes are usually done in multiple steps and often require multiple systems. jBPM is a wonderful way to integrate these systems and control the whole process. Read Tihomir’s blog for more information. Next up, Mark Proctor ponders the question of whether optimization is Artificial Intelligence (AI) or Operations Research (OR) in his blog post titled Is Optimization AI or OR?For anyone interested in the field of AI, it’s a very good read with some great references to go even deeper. Travels, Videos, and PresentationsPresentations this past week have been a little slow, but we’re gearing up for JavaOne happening in San Francisco at the start of October. Still, Eric Schabell was out at the Red Hat Forum in Finland earlier in the week. Catch up on his talk and see the slides over on his blog.Claus Ibsen may have already finished his APAC tour last month, but if you missed him, you can at least see his talk from Melbourne over on his blog. Lastly, if you happened to miss week’s DevNation Live this past week, Galder Zamarreño was presenting about Infinispan. Check it out at the DevNation Live page. While you’re there, sign up to be notified of other DevNation Live events!We’d also like to share an interview done back in April with Eric at Red Hat Summit: allowfullscreen="allowfullscreen" frameborder="0" height="330" scrolling="no" src="https://www.youtube.com/embed/Wt3Jy0uo1dA" title="Red Hat Developers - Eric Schabell - YouTube" width="440"> ReleasesLastly, what would a week at Red Hat Middleware be without some releases? We have you covered, don’t you worry! Arquillian released Universe 1.1.13.7 earlier this week. Read more about the release on the Arquillian website. There’s also a new Drone release: 2.4.2! Again, read all about it on the release page. Wildfly Swarm released version [...]



Getting started with EJBs and Elytron Part 2: EJB invocations from remote servers

2017-09-08T17:38:22Z

2017-09-08T17:38:22Z

My previous blog post described how to secure EJBs deployed to WildFly 11 using Elytron and how to invoke them from a standalone remote client. This post describes how to invoke EJBs deployed on a WildFly server instance from another WildFly server instance using Elytron. We’ll refer to the server instance on which the EJBs are deployed as the destination server and we’ll refer to the server instance from which the EJB invocation takes place as the client server. Configuring the client serverAs in previous WildFly releases, to be able to invoke EJBs deployed on the destination server, you can add configuration to the Remoting subsystem on the client server to specify the information needed for the outbound connection to the destination server. In WildFly 11, a remote outbound connection can now be specified by two things: an Elytron authentication context and an outbound socket binding. Creating an authentication contextThe authentication context provides all of the security information that’s needed to connect to the destination server. For example, if you would like to use a user named “ejbUser” with password “secret” when connecting to the destination server, the following CLI commands can be used to create an appropriate authentication context: /subsystem=elytron/authentication-configuration=ejb-auth-config:add(authentication-name=ejbUser, credential-reference={clear-text="secret"}) /subsystem=elytron/authentication-context=ejb-auth-context:add(match-rules=[{authentication-configuration=ejb-outbound-config}])  The above commands result in the following configuration in the Elytron subsystem on the client server:  ...                                                                 ...  Creating an outbound socket bindingAs before, the outbound socket binding points to the destination server’s host and port for the connection. For example, if the destination server’s host is 10.20.30.40 and its port is 8080, the following CLI command can be used to create an outbound socket binding: /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=remote-ejb:add(host=10.20.30.40, port=8080)  Creating a remote outbound connectionFinally, you can create a remote-outbound-connection that references your newly created authentication context and outbound socket binding as follows: /subsystem=remoting/remote-outbound-connection=remote-ejb-connection:add(authentication-context=ejb-auth-context, outbound-socket-binding-ref=remote-ejb)  The above command results in the following configuration in the Remoting subsystem on the client server:  ...            

Comments (0) - Read and Add your own Comments