Subscribe: Enter The JBoss Matrix
http://blogs.jboss.com/blog/?flavor=rss2
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
authentication  blog  ejb  elytron  hat  java  jboss  red hat  red  security domain  security  server  subsystem  week  wildfly 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Enter The JBoss Matrix

JBoss Community Blogs



A syndication feed of all the blogs on this system



Published: 2017-10-12T18:40:13Z

Updated: 2017-10-12T18:40:13Z

 



This Week in JBoss (12th October 2017) : Sunshine in the Clouds

2017-10-12T17:08:59Z

2017-10-12T17:08:59Z

Running software in the clouds have been an essential topic of our industry for almost a decade now. While it used to be reserved to the cutting-edge, experimental and adventurous projects, it has been, in the last years, adopted largely by the industry. In this context, it is quite exciting to see all the news of last weeks surrounding the topic within the JBoss Community...10 Steps to Cloud Happiness If you have lived under a rock for the past decade, you may have no idea about cloud infrastructure - or maybe you never ended up using one. This editorial focuses a lot on cloud, so maybe you can take a look, at first, at the 10 steps tutorial started by Eric D.Schabell last week ? 10 Steps to Cloud Happiness: Step 1 - Get a Cloud10 Steps to Cloud Happiness: Step 2 - Use a Service Catalog Best way into the Clouds - OpenShiftWell, this might only be my opinion - so feel free to disagree - but I do think OpenShift is one of the best ways to get into a cloud infrastructure. And there was quite a lot of nifty informations about it released last week. First of all this pretty interesting article on JBoss A-MQ on OpenShift Cheat Sheet, will certainly help you manage your favorite MoM on a OpenShift container.To go further down the road, you may even want to explore how to properly maintain your own images in OpenShift, than this first installment of a series of articles on Container Images for OpenShift (Part 1: Objectives) will certainly reveals itself to be an excellent starting point. Last, but certainly not the least, an announcement from Red Hat and Alibaba, just yesterday, shows how much traction Cloud is having in our industry : Red Hat and Alibaba Cloud Join Forces to Bring Increased Flexibility with Open Source.Eclipse - Java Tooling for the Sky As much as cloud infrastructure is bringing easiness of deployment and scalable performance to your (Java) application, one still needs to write and design a resilient and robust application, not to mention the increasing need for the app to be as secure as possible against the many hacking threats out there.Fortunately, the Eclipse project keeps enhancing the IDE, enabling us, developers, to write better apps. If you doubt, just take an eye at this article on Java code coverage in Eclipse! I'm pretty sure you never thought of using code coverage this way.... It is also nice to see the integration of Fuse technologies within Eclipse is making progress as shown by the following article: Fuse development environment with Development Suite installer.If you are excited by the new evolution or the future of the IDE, you should definitely join other members of the JBoss community, along with some Red Hat Developers at EclipseCon Europe on the 24th and 25th of October in Ludwigsburg, near Stuttgart, in Germany. Hibernation season has started Despite the actual meaning of its name, the Hibernate community has also been very active and keeping up with what is happening within the projects. It would require a separate article to cover it all! Fortunately, last week saw the release of the Hibernate Community Newsletter 19/2017 , so you just this need to check this out to get updated, and to make your user experience even smoother, the Hibernate websites get a facelift! Techbytes Of course, not everything things is about cloud. As always, the JBoss community having been working on numerous projects and keep offering improvements of all sort to their users. For instance, Apache Camel fans will be very happy to read (more) about Apache Camel route coverage tooling on the way. Or maybe you would like to learn how to set up Hawkular Alerts in ManageIQ? Or rather how to Run an Embedded WildFly Host Controller in the CLI? See, plenty of advanced materials there, but maybe you crave learning new things, rather than delve into complex topics. So, what about Getting started with workbench and KIE server on 7.3 (and onwards)? Also, any Java developer will be interested in knowing what is coming with the JDK 9 release, so let's take a look at th[...]



This Week in JBoss (10 October 2017)

2017-10-06T23:18:00Z

2017-10-06T23:18:00Z

Welcome back to another weekly editorial! Those of you catching up from JavaOne, we hope you found time to visit the booth and try out OpenShift.io! There are a number of posts to cover this week, so, let’s get started.Releases We’ll start out with releases this time. There’s only three of them this week, but that doesn’t mean we’ve slacked off.Hibernate Search 5.8.1.Final released a couple of days ago. There are many fixes for ElasticSearch in this maintenance release.Wildfly Swarm 2017.10.0 also released two days ago.The first of the Infinispan 9.2.0 branch released today, check it out!Announcements By far the biggest announcement in the Java EE space happened earlier in the week with the announcement of EE4J! Our very own Mark Little blogged about it. If this is the first you’re seeing of it, be sure to read Mark’s blog and check out the charter. Everyone is welcome to participate. Please sign up for the mailing list and help us all move Enterprise Java forward!If you’re running on RHEL, you may be excited for the next couple of blogs from Mike Guerette. Earlier in the week, Red Hat announced the availability of Red Hat Developer Toolset 7.0 Beta. This beta brings updates to GCC (7.2) and adds Clang/LLVM 4.0.1, Go 1.8.3, and Rust 1.2.0 to the list of supported compilers! In addition to those, Mike also announced Red Hat Software Collections 3.0 Beta which includes other updates and also new additions.Blog Highlights To round out the week, there are a number of blog posts we’d like to highlight.WildflyWildfly 11 will bring with it a number of changes. Among those changes is integration with Apache ActiveMQ Artemis. Be sure to read the blog for changes and new features available. There’s also support for OpenSSL. The post details setup, security realms, and Elytron all with OpenSSL support! Lastly, Wildfly 11 improves the existing referential integrity found in Wildfly 10.Spring Boot on KubernetesKamesh Sampath has done a series of posts over on the Red Hat Developer blog detailing configuring Spring Boot on Kubernetes. The introduction of the series covers the initial idea of using Kubernetes for configuration of a Spring Boot application. Part I covers using ConfigMaps for configuration. Part II details the use of Secrets for sensitive information. These are great alternatives to the Spring Config server.OpenSlavaLastly, Eric Schabell was at OpenSlava this past week. All of his talks and slides are available on his blog and SlideShare! Thank you, everyone! We hope you’ve had a great week![...]



EE4J - Life Beyond Java EE Begins Today!

2017-09-30T12:54:00Z

2017-09-30T12:54:00Z

I already wrote about the work we, IBM and Oracle have been doing together to move Java EE to a foundation. At the time I couldn't say which foundation but now we know it's Eclipse and that the project will be called Eclipse Enterprise For Java (EE4J). There's a draft charter and it's vitally important that interested people read it and give feedback on the mailing list. There's a lot of pent-up passion and energy around Java EE and it would be so much better if individuals focussed that on the charter at this point than complaining about the name. Yes, I understand that some people feel the name is important to the success of this effort but I can tell you all that there's a lot more to choosing a name for a foundation or massively successful project than just ... choosing the name. Having done this when we renamed JBossAS to WildFly, you've got to do trademark searches, domain checks, legal verifications etc. and of course that the name or acronym doesn't mean something inappropriate in a different language. So getting to a name like EE4J isn't easy and changing it now is simply not going to be possible. Plus you can never please everyone all of the time.

 

There's a lot to do over the coming weeks and months. Moving the TCKs, specs and sources to the Eclipse Foundation is probably the easiest of the tasks, which isn't to suggest it's going to be easy. We've got to figure out the processes around which EE4J evolves, who leads the specifications, what about compatibility, evangelism, how does the JCP fit in, etc? And it's going to succeed or fail based upon the engagement of the entire Java (EE) communities. If you're invested in Java EE or anything related to it (yes, including Eclipse MicroProfile) then it's a great opportunity to step up and help drive this in an open manner. Gone are the cries of "this is dominated by Sun/Oracle" and "it's not open source". This is now an Eclipse Foundation effort and the best way to ensure this evolves in a direction with which you agree is to join and get involved!

 

I want to take a moment to thank everyone who has helped so far, obviously including Oracle and IBM. We've just completed the JCP Executive Committee F2F which always precedes JavaOne and the feedback from there when EE4J was presented was positive. Yes there are still a lot of unknowns, many of which I've mentioned above. But generally everyone thought this was a good thing!

 

Onward!




This week in JBoss (28 Sept 2017) - To bodly go where to JavaOne has (not) gone before...

2017-09-29T08:33:25Z

2017-09-29T08:33:25Z

With the release of the new Start Trek TV series, I hope the reader will pardon me for this (not so) inspired title... Nevertheless, JavaOne is coming up and the JBoss Community is getting ready for it !!! JavaOneAs you are certainly aware, JavaOne is coming up soon and, of course, many member of the JBoss community are participating to the event. Namely, this week, some of them start announcing their presence, like Narayana team at JavaOne or Clément Escoffier teaser for his presentation on The Reactive Landscape. Pimp your JBoss Developer Studio - and then explore BPM & Rules !Last week, Eric D. Schabell took the time to make a coupl of blog entries regarding the JBoss Developer Studio (an Eclipse based IDE). Especially he focused on how to set up tooling for some important project of the community within the IDE:How To Setup Integration & SOA Tooling For JBoss Developer Studio 11 How To Setup BPM and Rules Tooling For JBoss Developer Studio 11  Once you have those tool properly installed, you will be all set to follow the 4 hours presentation, from last week, on Processes, Rules and Events: Watch Drools, jBPM and Optaplanner Day LIVE (Sept 26)  !Expanding your Horizon An Open Source community as thriving as the one of JBoss produces a lot of software, tool, and products to learn and try out. And when I mean a lot, I mean, like, a LOT.  It may be difficult to explore, follow and learn all of them, and this is why, I'm happy to see that many things happened last week to help one exactly do that. So, first, and this is a great news, the Camel in Action 2nd edition goes into production phase ! The announcement also includes some preview on the book content, so go check it out. Then comes Hibernate, that has become its own community of project within JBoss. Which makes it obviously a bit challenging to follow. Thankfully,  last week was released the Hibernate Community Newsletter 18/2017  which will caught you up on anything you may have missed ! Of course, there is almost no better way to learn than to be teached by the greatest. Especially when the greatest happens to be also an excellent teacher like Bela Ban. Indeed, Bela has announced a new series of JGroups workshops in Rome and Berlin in November. Having personally attendedhis workshop a couple of times, I can but only strongly recommend it. You will learn everything you ever wanted to know about JGroups - and more ! Techbytes After all this learning, and the all the upcoming exciting content coming up with JavaOne, you may want to scratch a (technical) hitch and play with some new tech. No worries, an Eclipse Vert.x Gradle Plugin tutorial might be just the fix you need. If not, take a look at how to Add Kerberos Authentication To Existing Web Application. Releases, releases, releases... Smart Testing 0.0.2 Released (Arqualian)Narayana 5.7.0.Final Released Decaf' Enough is enough ! You don't want to fire Eclipse, neither to debug some Java program, you need something else for a change ? You might be just in luck, because last week was released a very nice article on Ansible - A handy tool for people that might not need it. And being a big fan of Ansible, I can but only advise one to go read it... Hopefully, you have found something in this week's editorial to pique your interest and give you something to explore while waiting for next week's installment. Join us here next week for more news from the JBoss Community.[...]



How to use an Elytron SASL mechanism that supports channel binding

2017-09-28T16:07:25Z

2017-09-28T16:07:25Z

Some SASL mechanisms support channel binding to external secure channels like TLS. The name of a SASL mechanism tells us if channel binding is supported. In particular, SASL mechanisms that support the optional use of channel binding have two SASL mechanism names - one name that includes the “-PLUS” suffix, which implies that channel binding is supported, and one name without the “-PLUS” suffix, which implies that channel binding is not supported (e.g., GS2-KRB5 and GS2-KRB5-PLUS, SCRAM-SHA-256 and SCRAM-SHA-256-PLUS, etc.). Whether or not channel binding is used is determined during SASL mechanism negotiation. This blog post is going to show the server and client configuration needed to connect to the JBoss CLI using the SCRAM-SHA-256-PLUS mechanism, one of the SASL PLUS mechanisms provided by Elytron. Prerequisite configuration First, add a management user for the server - this is the user that we’re going to use later on when attempting to connect to the CLI. For this example, we’re going to create a filesystem-based identity store and add a user named “bob” with password “pAssw0rd” using the following CLI commands: /subsystem=elytron/filesystem-realm=exampleRealm:add(path=fs-realm-users,relative-to=jboss.server.config.dir) /subsystem=elytron/filesystem-realm=exampleRealm:add-identity(identity=bob) /subsystem=elytron/filesystem-realm=exampleRealm:set-password(identity=bob,clear={password=pAssw0rd})  Now, we’re going to add the filesystem-realm that we just created to the “ManagementDomain” security domain that is already defined in the default Elytron subsystem configuration and we’re going to make this the default security realm for this security domain: /subsystem=elytron/security-domain=ManagementDomain:list-add(name=realms, value={realm=exampleRealm}) /subsystem=elytron/security-domain=ManagementDomain:write-attribute(name=default-realm, value=exampleRealm)  Next, use the following commands to secure the management interface using Elytron: /core-service=management/management-interface=http-interface:write-attribute(name=http-upgrade,value={enabled=true, sasl-authentication-factory=management-sasl-authentication}) /core-service=management/management-interface=http-interface:write-attribute(name=http-authentication-factory,value=management-http-authentication) /core-service=management/management-interface=http-interface:undefine-attribute(name=security-realm)  Finally, generate a server keystore and a client truststore using the keytool command, as shown below. We’re going to use these to enable one-way SSL/TLS for the management interface. Generate the server keystore:keytool -genkeypair -alias localhost -keyalg RSA -keysize 1024 -validity 365 -keystore server.keystore.jks -dname "CN=localhost" -keypass secret -storepass secret  Export the server certificate:keytool -exportcert  -keystore server.keystore.jks -alias localhost -keypass secret -storepass secret -file server.cer  Import the server certificate into the client’s truststore:keytool -importcert -keystore client.truststore.jks -storepass secret -alias localhost -trustcacerts -file server.cer  Now we’re ready to proceed with the server and client configuration needed to use the SCRAM-SHA-256-PLUS mechanism. Configuring the server First, configure a key-store, key-manager, and server-ssl-context in the Elytron subsystem using the server keystore that we just created (the following commands assume the server.keystore.jks file is located in the $WILDFLY_HOME/standalone/configuration directory): /subsystem=elytron/key-store=exampleKS:add(path=server.keystore.jks, relative-to=jboss.server.config.dir, credential-reference={clear-text=secret}, type=JKS) /subsystem=elytron/key-manager=exampleKM:add(key-store=exampleKS, credential-reference={clear-text=secret})  /subsys[...]



This week in JBoss (21 Sept 2017)

2017-09-21T21:45:00Z

2017-09-21T21:45:00Z

Happy Java 9 day! Hope everyone is enjoying a new version of Java and getting used to Jigsaw. Sorry, we missed last week, but we’ll get you all caught up here. Again, our hearts go out to those affected by the natural disasters of the past couple of weeks. We hope you and your loved ones are all safe. Project blogs A number of blogs went out over the past two weeks. Let’s start off by connecting Hawkular services over SSL at the Hawkular blog. We all know microservices are the rage right now. Are you considering breaking up your monolith application into microservices? Christian Posta offers his low-risk migration ideas in a multi-part blog post. JBoss Developer Studio 11 will be releasing sometime in the future, and what better way to get started than by learning how to set up all those services that aren’t installed out of the box? Infinispan blog. You can also get this going on OpenShift!Travels, Videos, and Presentations We’re fast approaching the conference season for the year! JavaOne is happening at the start of October, JAX London the following week, Devoxx Belgium the first part of November, with QCon San Francisco shortly after that. If you’re attending any of those conferences, be sure to look out for Red Hat! Coming up next week, if you’re a developer using or even trying out Drools, jBPM, or Optaplanner, be sure to put September 26th on your calendar. Drools Days in NYC is happening that day. You can also catch the live stream as well. Two days after that in Washington D.C. will be another event. Lastly, a couple of weeks ago Galder was talking about Big Data with Infinispan. You catch the recording over at YouTube in case you missed it.Releases We’ve gone full throttle on the release train over the past couple of weeks. Here’s a list of all the releases:Teiid 9.2.6Teiid 9.3.3Teiid 10.0.0.Beta2Keycloak 3.3.0.CR2Windup 4.0.0.Beta4Hibernate OGM 5.2.Alpha1Hibernate ORM 5.2.11.FinalHibernate Search 5.8.0.FinalArquillian Smart Testing 0.0.1Arquillian Cube 1.9.0Infinispan 9.1.1Debezium 0.6Thanks for staying with us![...]



Windup 4.0.0.Beta4 is out!

2017-09-12T12:30:10Z

2017-09-12T12:30:10Z

Windup is changing the face and content in parallel, so if you know about or not we have now Red Hat Migration Toolkit presentation on Red Hat Application Migration Toolkit Overview | Red Hat Developers  site which is the new face for the bundle. We use RHAMT acronym or shortcut for that, but inside it is still the tuned Windup .

 

Current 6+ months of team work resulted in 4.0.0.Beta4 containing new cloud-readiness rules which helps to identify if you application can run in cloud environment smoothly or if it needs some love to modernize it for cloud world. We also enhanced and fixed some issues in existing rulesets.

 

What is more important our Eclipse RHAMT plugin is adding more features to assist user who migrates or just analyze future migration on existing project sources. Let me say that there is ruleset editor in early stage and some small but important fixes/enhancements in RHAMT perspective layout.

 

Not to forget on our new child - RHAMT Web Console which embeds core functionality into Angular 4 based front end UI application. The Web console is able to be deployable into cloud environment Openshift v3 and have all functionality like RHAMT command line tool. The Web Console allows to work on your migration analysis toolkit into team collaboration.

 

Please get it while it is hot and let us know what you like/dislike in RHAMT.

 

Download RHAMT distributions from Red Hat Application Migration Toolkit Download | Red Hat Developers

Changes in 4.0.0.Beta4 are listed in JIRA Release Notes - JBoss Issue Tracker and at Release Notes - JBoss Issue Tracker

See important Release Notes article at Red Hat Application Migration Toolkit 4.0 Beta4 Release Notes - Red Hat Customer Portal too as that summarizes the important things.

Documentation is published at Red Hat Application Migration Toolkit Docs-and-apis | Red Hat Developers

 

Feedback is more than welcome via:

Email -- windup-users@lists.jboss.org

IRC -- freenode #windup

JIRA -- https://issues.jboss.org/browse/WINDUP

 

Many thanks to everyone who contributed to the release!

 

On behalf of the whole Windup team




This week in JBoss (08 Sept 2017)

2017-09-08T23:14:00Z

2017-09-08T23:14:00Z

Welcome everyone, to another edition of JBoss Weekly! We have some great news to share with you all this week. I hope you’ve stayed current with other happenings out in the Java world over the past couple of weeks, including Mark Reinhold’s blog post about moving Java faster. If you missed that, you can read the whole blog post at https://mreinhold.org/blog/forward-faster.  People Joining the TeamThe Hibernate team had two new additions to the team this past week: Arnold Galovics and Jakub Kubrynski! Welcome to team guys!  Project blogsOut in the blogosphere, we have two great blog posts about Keycloak and Hawkular. Keycloak in version 3.3.0.CR1 added support for cross-site replication. More information about this feature and an example of how it is used can be found at the Keycloak blog.The Hawklar blog discussed alerts and OpenTracing earlier this week. It’s a great read and has an example to follow along with as well. A number of blogs about WildFly went out this week. The first talks about FIPS-compliant credential stores within Wildfly. If you’re storing credentials, it’s certainly worth looking into and making sure you’re compliant with FIPS if you need to be. The next three blog posts talk about the WildFly Elytron project, which is the underlying security subsystem in WildFly 11. Farah Juma discusses using EJBs with Elytron in a two part blog series. Both blog posts have information about getting started started and contain code snippets. Continuing with the Elyton theme, Darran Lofthouse explored using Elytron with Undertow standalone for those times you need something really lightweight. A couple of blogs about jBPM and Drools were released over the past week as well. Tihomir discussed the idea of integrating systems with processes. He talks about how processes are usually done in multiple steps and often require multiple systems. jBPM is a wonderful way to integrate these systems and control the whole process. Read Tihomir’s blog for more information. Next up, Mark Proctor ponders the question of whether optimization is Artificial Intelligence (AI) or Operations Research (OR) in his blog post titled Is Optimization AI or OR?For anyone interested in the field of AI, it’s a very good read with some great references to go even deeper. Travels, Videos, and PresentationsPresentations this past week have been a little slow, but we’re gearing up for JavaOne happening in San Francisco at the start of October. Still, Eric Schabell was out at the Red Hat Forum in Finland earlier in the week. Catch up on his talk and see the slides over on his blog.Claus Ibsen may have already finished his APAC tour last month, but if you missed him, you can at least see his talk from Melbourne over on his blog. Lastly, if you happened to miss week’s DevNation Live this past week, Galder Zamarreño was presenting about Infinispan. Check it out at the DevNation Live page. While you’re there, sign up to be notified of other DevNation Live events!We’d also like to share an interview done back in April with Eric at Red Hat Summit: allowfullscreen="allowfullscreen" frameborder="0" height="330" scrolling="no" src="https://www.youtube.com/embed/Wt3Jy0uo1dA" title="Red Hat Developers - Eric Schabell - YouTube" width="440"> ReleasesLastly, what would a week at Red Hat Middleware be without some releases? We have you covered, don’t you worry! Arquillian released Universe 1.1.13.7 earlier this week. Read more about the release on the Arquillian website. There’s also a new Drone release: 2.4.2! Again, read all about it on the release page. Wildfly Swarm released version 2017.9.4, yep, you read that right. There were some issues with the releases this time around and they had to burn x.9.0-x.9.3. Regardless, it’s a new releas[...]



Getting started with EJBs and Elytron Part 2: EJB invocations from remote servers

2017-09-08T17:38:22Z

2017-09-08T17:38:22Z

My previous blog post described how to secure EJBs deployed to WildFly 11 using Elytron and how to invoke them from a standalone remote client. This post describes how to invoke EJBs deployed on a WildFly server instance from another WildFly server instance using Elytron. We’ll refer to the server instance on which the EJBs are deployed as the destination server and we’ll refer to the server instance from which the EJB invocation takes place as the client server. Configuring the client serverAs in previous WildFly releases, to be able to invoke EJBs deployed on the destination server, you can add configuration to the Remoting subsystem on the client server to specify the information needed for the outbound connection to the destination server. In WildFly 11, a remote outbound connection can now be specified by two things: an Elytron authentication context and an outbound socket binding. Creating an authentication contextThe authentication context provides all of the security information that’s needed to connect to the destination server. For example, if you would like to use a user named “ejbUser” with password “secret” when connecting to the destination server, the following CLI commands can be used to create an appropriate authentication context: /subsystem=elytron/authentication-configuration=ejb-auth-config:add(authentication-name=ejbUser, credential-reference={clear-text="secret"}) /subsystem=elytron/authentication-context=ejb-auth-context:add(match-rules=[{authentication-configuration=ejb-outbound-config}])  The above commands result in the following configuration in the Elytron subsystem on the client server:  ...                                                                 ...  Creating an outbound socket bindingAs before, the outbound socket binding points to the destination server’s host and port for the connection. For example, if the destination server’s host is 10.20.30.40 and its port is 8080, the following CLI command can be used to create an outbound socket binding: /socket-binding-group=standard-sockets/remote-destination-outbound-socket-binding=remote-ejb:add(host=10.20.30.40, port=8080)  Creating a remote outbound connectionFinally, you can create a remote-outbound-connection that references your newly created authentication context and outbound socket binding as follows: /subsystem=remoting/remote-outbound-connection=remote-ejb-connection:add(authentication-context=ejb-auth-context, outbound-socket-binding-ref=remote-ejb)  The above command results in the following configuration in the Remoting subsystem on the client server:  ...                 ...



Getting started with EJBs and Elytron Part 1: Securing EJBs and invoking them from remote clients

2017-09-08T17:37:54Z

2017-09-08T17:37:54Z

This blog post describes how to secure EJBs deployed to WildFly 11 using Elytron and how to invoke them from a standalone remote client. If you haven’t already, take a look at the Elytron documentation  on how to create security realms, security domains, and authentication factories. In this post, we’ll make use of a security domain (“ApplicationDomain”) and a SASL authentication factory (“application-sasl-authentication”) that are already defined in the default WildFly configuration file in the Elytron subsystem configuration. To start the server, use the following command:$WILDFLY_HOME/bin/standalone.sh  To connect to the running server to execute CLI commands, use:$WILDFLY_HOME/bin/jboss-cli.sh --connect  Securing EJBs with ElytronBy default, security for EJBs deployed to WildFly 11 will continue to be handled by the legacy security subsystem. To indicate that security for an EJB should be handled by the Elytron subsystem instead, you need to add some configuration to the EJB subsystem to map the security domain name that’s configured for an EJB in a deployment to the Elytron security domain that you would like to use. For example, if “other” is the security domain name that is configured for an EJB (e.g., via a @SecurityDomain annotation or in a jboss-ejb3.xml deployment descriptor) and “ApplicationDomain” is the Elytron security domain that you would like to use, the following CLI command can be used to add the required mapping: /subsystem=ejb3/application-security-domain=other:add(security-domain=ApplicationDomain)  The above command results in the following configuration in the EJB subsystem:  ...                 ...  Notice that an application-security-domain mapping has two main attributes:name - the name of the security domain as specified in a deploymentsecurity-domain - a reference to the Elytron security domain that should be used Next, update the http-remoting-connector in the Remoting subsystem to reference the SASL authentication factory that is backed by your Elytron security domain: /subsystem=remoting/http-connector=http-remoting-connector:write-attribute(name=sasl-authentication-factory, value=application-sasl-authentication) /subsystem=remoting/http-connector=http-remoting-connector:undefine-attribute(name=security-realm)  The latter command above just clears the legacy security-realm attribute since it is no longer needed. Finally, reload the server using the :reload command. Invoking EJBs from a standalone remote clientPrior to WildFly 11, many WildFly client libraries used different configuration strategies. WildFly 11 introduces a new wildfly-config.xml file which unifies all client configuration in a single place. EJBs deployed to WildFly 11 can still be invoked using existing standalone remote clients that make use of the legacy naming and EJB client libraries from previous WildFly releases. This section walks through an example of how to migrate a remote client to make use of the new WildFly Naming Client and EJB Client libraries. Consider a legacy client application that has a jboss-ejb-client.properties configuration file and looks up an EJB deployed on a remote server using JNDI, as follows: jboss-ejb-client.propertiesremote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false remote.connections=default remote.connection.default.host=10.20.30.40 remote.connection.default.port=8080 remote.connection.defaul[...]



This week in JBoss (31st August 2017) - The Times They Are A Changin'

2017-08-31T10:48:00Z

2017-08-31T10:48:00Z

For those who don't recognise it, the title is a reference to that Nobel Prize winner Bob Dylan and his song, but it really is quite apt at the moment. First let's look at some monumental news which is hopefully not so new now: Java EE is moving to a new home, an as-yet undisclosed open source foundation and to presumably a governance model which puts much more power into the hands of the community! This is pretty significant for the wider enterprise Java community, whether you use a full-blown application server or just some of the components that have been defined over the years within the JCP process; now you will have more ability to help influence the direction of the specifications, code etc. just as you might if you were to participate in any open source project. I'm also hoping that the work we are doing with Eclipse MicroProfile will help influence the next releases of Java EE, or whatever it might be called, since that has always been our intent.

 

OK so on to the next bit of news: www.jboss.org is moving too! Although not quite on the same scale as moving Java EE and not really a move per se, it's important that anyone involved in our upstream communities and products take note because you can really help influence the future of the site. As I mention in my blog on the topic, the changes we have in mind aren't going to happen overnight so there is time to comment or use your clicks to let us know how you use the current site.

 

A few other changes this week include the fact you can now get NoSQL support in jBPM, and as Maciej also describes, through this there's now an option to use ElasticSearch as a data store. Since we're talking about things Maciej has been writing about this week, he's been busy also by writing about how jBPM 7 can be used in cloud environments.

 

Just time for a few more announcements. There's an article on how to use MQTT with Vert.x, WildFly 11 CR1 has been released, and of course there have been a number of other projects doing releases so go check out the blog feed. OK that's it for this week (surely that's enough?!) See you next time.




We are moving ...

2017-08-31T10:09:34Z

2017-08-31T10:09:34Z

JBoss and Fuse has always been about developer focus. Whether you're someone who builds applications with our projects and products, or someone who contributes to the construction of those projects, or a combination of the two, over the years we've been pretty successful at appealing to the Java and JVM communities. With initiatives like JBoss Everywhere, acquisitions such as FuseSource or FeedHenry, we've constantly grown our developer footprint and appeal. How we reach those developers, educate them on what we're doing, how we need their help etc. has always been a multi-faceted effort with JBoss.org playing a central role. If you've been with us long enough then you'll remember that JBoss.org has had a number of personality changes, going from driving interest in JBossAS as a project and other commercial activities, through the introduction of JBoss.com and making JBoss.org a purely project oriented site with focus on our many upstream projects and JBoss Labs, and then back to a more product focus coinciding with our move to give developers free access to our products, and more recently once again adding in more community efforts. In the past few years we introduced the Red Hat Developer Program which is meant to appeal to a wider community of developers than just JBoss or Fuse. The long term aim has always been to cater to contributor developers (those who help us build our projects) and user/builder developers (those who use our projects and products to build their own applications). Slowly but surely we have moved closer towards that plan and now we are at a point where we have to consider how JBoss.org and developers.redhat.com can work better together. If you hadn't noticed, much of the JBoss developer work had moved to the developer.jboss.org location, leaving the main www.jboss.org page to focus on products (of course there are exceptions, including the various microsites like our research or IoT pages). The eventual plan is to fold the JBoss developer content into appropriate pages within the main Red Hat developer site; that's going to take a while though due to the other services and sites which are hosted from that site. But for now the product-oriented pages need to move over to developers.redhat.com and we are left with a question of where does www.jboss.org point to? There are two obvious options: It points to developer.jboss.org and in essence returns www.jboss.org to the community focus it had a few years ago.It points to developers.redhat.com, giving www.jboss.org a feel closer to that which existed at the start of the JBoss adventure. Throughout our history JBoss and Red Hat have had an enviable track record of looking for input from our wider communities on a wide range of things we are contemplating. For example, probably one of the biggest I can recall in recent years was the JBossAS rename. It's for that reason I'm writing this blog entry, to inform our communities that we're going to be making a change. I value your input and although I and the team have our own thoughts on the right answer, I don't want to just drop this on everyone without some consultation. After all, www.jboss.org is not a site used only by Red Hat employees! One easy way for us to determine is from tracking your usage and for that reason www.jboss.org will soon show two options and when you land on the homepage you'll be able to either go to developers.redhat.com and find information on product downloads, tutorials etc. or continue to developer.jboss.org and locate your favourite community project and associated information. Let's see how this works and then we'll report back after a meaningful period of time. Onward![...]



This week in JBoss (17th August 2017)

2017-08-18T10:35:02Z

2017-08-18T10:35:02Z

Interview with Brian Leathem & Leslie Hinson from the PartternFly Project

 

allowfullscreen="allowfullscreen" frameborder="0" height="330" scrolling="no" src="https://www.youtube.com/embed/Mx7F2xPvxkE" title="Red Hat Developers - Brian Leathem & Leslie Hinson - YouTube" width="440">

 

In this interview, Jason Porter interviews Brian Leathem & Leslie Hinson from the PaternFly project. PatternFly is a community project that promotes design commonality and improved user experience. Its offerings include open source code, patterns, style guides and an active community that helps support it all. Watch the video to learn more!

 

Other News

 

 

 

New Releases

 

  • Hibernate Search 5.8.0 RC1. This is hoped to be the last release before 5.8.0 becomes final. So this will be the last opportunity for the community to test it and report bugs before the final release.
  • Vert.x 3.5.0.Beta1. This release comes with an implementation of the RxJava2 API, an MQTT client implementation and lots more.



Java EE and open source

2017-08-18T09:51:00Z

2017-08-18T09:51:00Z

By now I'm hoping that most people will have seen the announcement from Oracle around Java EE and possible moves towards open source foundations. Of course there are a few media articles on the topic now because if this does happen it's pretty significant. I haven't got much more I can add at this time from Red Hat that hasn't been said by John Clingan but I did want to echo the sentiments: I think this is a very positive thing to do and likely sits up there alongside Sun's open sourcing of Java as one of the most significant events to happen to the wider Java ecosystem. Of course the devil's in the detail and those details are few and far between at this time, but Red Hat is very happy to support this effort in whatever we we can to help ensure a positive outcome and future for Java EE and its enterprise components. Clearly I also see this as beneficial to our collective MicroProfile efforts and we will have to see how both of these things will evolve over time. Onward!!




This week in JBoss (10th August 2017): Rules and Microservices plus much more

2017-08-13T02:35:30Z

2017-08-13T02:35:30Z

I enjoy reading about and being involved with different organizations that help young men and women get more involved in technology and the sciences.  I like to help with codecamps but a part of my background is around security with Operating Systems and Middleware. Recently I found a US organization, AFA CyberPatriot, that helps youth learn more about finding vulnerabilities and hardening systems through competitions.  Teams compete locally as well as the state level, and then move on to a national competition to compete for the national recognition and scholarship money.  We all get busy in our endeavours, but finding a organization to help our youth, regardless of location in the world, has such an awesome reward. Now on to the happenings in our open source community!  The Past couple of Weeks HighlightsAndrea Cosentino discussed Infinispan-Kafka, connect your Kafka cluster with InfinispanEric Schabell discussed How to optimize Existing IT by Modernizing Travel processesChristina Lin shared Organizing Microservices - Modern IntegrationJohn Mazzitelli provided a demo on the Hawkular Alerts 2.0 UI and detail on Hawkular Alerts with Prometheus, ElasticSearch, KafkaMaciej Swiderski provided insight on Managed KIE Server getting ready for the cloudChristian Posta discussed Application Network Functions with ESBs, API Management, and Now...Service Mesh?Kris Verlaenen touched on Drools, jBPM and Optaplanner switching to agile deliveryMario Fusco discussed the Drools Canonical Model - Pure Java RulesEdson Tirelli provided the talk on Rules Engines at Software Engineering Radio  The Past couple of Weeks Meetups and ConferencesKris Verlaenen and Edson Tirelli shared Drools, jBPMS and Optaplanner Day which is taking place September 26 in New York and September 28 in Washington, DCClaus Ibsen, the Camel guy, described his agenda for the APAC tour this month  The Past couple of Weeks ReleasesSteven Hawkins shared that Teiid 9.2.5 was released with 6 issues addressed and Teiid 9.3.2 was releasedThe Arquillian Team provided the details on the Graphene 2.3.1 ReleaseThe Wildfly Swarm Team provided the details on Wildfly Swarm 2017.8.1Jason Greene provided the release information for Wildfly 11 Beta1The Arquillian team shared the details on the Arquillian Transaction Extension 1.0.5 Release and Arquillian Cube Extension 1.8.0 ReleaseGunnar Morling shared the details on the Bean Validation 2.0 SpecGuillaume Smet discussed the Hibernate Validator 6.0 Final with Bean Validation 2.0 SupportKris Verlaenen highlighted the jBPM 7.1 ReleaseThe Vert.x Community shared the Vert.x 3.5.0.Beta1 detail Thanks for being a part of the JBoss Community and stay tuned for the next Weekly Editorial! Kenneth PeeplesVice President of Engineering,Enterprise Services Practice, ISC-CG, Federalkenneth.peeples@isc-cg.comOpen Source Solutions Director, Shadow-Soft, Commercialkpeeples@shadow-soft.com[...]