Redhat(Linux)上的JBoss管理配置
版权声明:原创作品,如需转载,请与作者联系。否则将追究法律责任。 |
1 JBoss设置
使用的省略词含义 命令 操作的含义 JBOSS_HOME JBoss的安装路径 YOURAPP 应用程序包名称 JAVA_HOME JDK安装路径 APACHE_HOME Apache软件的安装路径 YOURCONDIF JBoss的服务模式(默认有3种:all,default, minimal) 1.1 JBoss安全设置1.1.1 jmx-console安全设置1.1.1.1 编辑jboss-web.xml文件u 编辑jmx-console.war/WEB-INF/jboss-web.xml文件:
[jboss@node1 ~]$ cd JBOSS_HOME/server/default/deploy
[jboss@node1 deploy]$ vi jmx-console.war/WEB-INF/jboss-web.xml <!--将--> <jboss-web> <!-- Uncomment the security-domain to enable security. You will need to edit the htmladaptor login configuration to setup the login modules used to authentication users. <security-domain>java:/jaas/jmx-console</security-domain> --> </jboss-web> <!--修改为--> <jboss-web> <!-- Uncomment the security-domain to enable security. You will need to edit the htmladaptor login configuration to setup the login modules used to authentication users. --> <security-domain>java:/jaas/jmx-console</security-domain> </jboss-web> 1.1.1.2 编辑web.xml文件u
[jboss@node1 ~]$ cd JBOSS_HOME/server/default/deploy [jboss@node1 deploy]$ vi jmx-console.war/WEB-INF/web.xml <!--将--> <?xml version="1.0"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> ...... <!-- A security constraint that restricts access to the HTML JMX console to users with the role JBossAdmin. Edit the roles to what you want and uncomment the WEB-INF/jboss-web.xml/security-domain element to enable secured access to the HTML JMX console. <security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint> </security-constraint> --> <login-config> <auth-method>BASIC</auth-method> <realm-name>JBoss JMX Console</realm-name> </login-config> <security-role> <role-name>JBossAdmin</role-name> </security-role> </web-app> <!--修改为--> <?xml version="1.0"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> ...... <!-- A security constraint that restricts access to the HTML JMX console to users with the role JBossAdmin. Edit the roles to what you want and uncomment the WEB-INF/jboss-web.xml/security-domain element to enable secured access to the HTML JMX console.--> <security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>JBoss JMX Console</realm-name> </login-config> <security-role> <role-name>JBossAdmin</role-name> </security-role> </web-app> 1.1.2 web-console 安全设置1.1.2.1 编辑jboss-web.xml文件u
[jboss@node1 ~]$ cd JBOSS_HOME/server/default/deploy/management/console-mgr.sar/web-console.war [jboss@node1 web-console.war]$ vi WEB-INF/jboss-web.xml <!--将--> <jboss-web> <!-- Uncomment the security-domain to enable security. You will need to edit the htmladaptor login nfiguration to setup thelogin modules used to authentication users. <security-domain>java:/jaas/web-console</security-domain> --> <!-- The war depends on the --> <depends>jboss.admin:service=PluginManager</depends> </jboss-web> <!--修改为--> <jboss-web> <!-- Uncomment the security-domain to enable security. You will need to edit the htmladaptor login configuration to setup the login modules used to authentication users. --> <security-domain>java:/jaas/web-console</security-domain> <!-- The war depends on the --> <depends>jboss.admin:service=PluginManager</depends> </jboss-web> 1.1.2.2 编辑web.xml文件u
[jboss@node1 web-console.war]$ vi WEB-INF/jboss-web.xml <!--将--> <?xml version="1.0"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> ...... <!-- A security constraint that restricts access to the HTML JMX console to users with the role JBossAdmin. Edit the roles to what you want and uncomment the WEB-INF/jboss-web.xml/security-domain element to enable secured access to the HTML JMX console. <security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint> </security-constraint> --> <login-config> <auth-method>BASIC</auth-method> <realm-name>JBoss WEB Console</realm-name> </login-config> <security-role> <role-name>JBossAdmin</role-name> </security-role> </web-app> <!--修改为--> <?xml version="1.0"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> ...... <!-- A security constraint that restricts access to the HTML JMX console to users with the role JBossAdmin. Edit the roles to what you want and uncomment the WEB-INF/jboss-web.xml/security-domain element to enable secured access to the HTML JMX console.--> <security-constraint> <web-resource-collection> <web-resource-name>HtmlAdaptor</web-resource-name> <description>An example security config that only allows users with the role JBossAdmin to access the HTML JMX console web application </description> <url-pattern>/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>JBossAdmin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>JBoss WEB Console</realm-name> </login-config> <security-role> <role-name>JBossAdmin</role-name> </security-role> </web-app> [jboss@node1 ~]$ cd JBOSS_HOME/server/default/conf/props
[jboss@node1 props]$ ls jmx*
jmx-console-roles.properties jmx-console-users.properties 其中的jmx-console-roles.properties 是用户角色配置,而jmx-console-users.properties则是用户密码配置。
u 增加一个用户: [jboss@node1 props]$ vi jmx-console-roles.properties #将
# A sample roles.properties file for use with the UsersRolesLoginModule
admin=JBossAdmin,HttpInvoker #修改为
admin=JBossAdmin,HttpInvoker
jboss=JBossAdmin,HttpInvoker 注意:配置文件里面左面的是用户,右面对应的是角色
u 为新增的用户设置密码:
[jboss@node1 props]$ vi jmx-console-users.properties #将
# A sample users.properties file for use with the UsersRolesLoginModule
admin=admin #修改为
admin=admin
jboss=jboss 注意:配置文件里面左面的是用户,右面对应的是密码
1.1.4 设置web-console帐户密码 web-console的用户、角色、密码的设置与上面的jmx-console一致,只是配置文件web-console-roles.properties和web-console-users.properties的位置没有在上面的目录里,而是在JBOSS_HOME/server/default/deploy/management/
console-mgr.sar/web-console.war/WEB-INF/classes的目录里。 所以这里就不再重复上面的步骤,请读者自己进行操作。
1.2 JBoss其他重要的一些设置1.2.1 JBoss集群名称修改同一个网段内可能会有多个集群,所以要以集群的名字来区分它们。按照下面的方法修改JBoss集群的名字,使同一网段内的多个JBoss集群区分开来。
编辑JBOSS_HOME/server/YOURCONDIF/deploy/cluster-service.xml文件:
[jboss@node1 ~]$ vi JBOSS_HOME/server/YOURCONDIF /deploy/cluster-service.xml <!--将--> <mbean code="org.jboss.ha.framework.server.ClusterPartition" name="jboss:service=${jboss.partition.name:DefaultPartition}"> <!-- Name of the partition being built --> <attribute name="PartitionName"> ${jboss.partition.name:DefaultPartition}</attribute> ...... <depends>jboss:service=Naming</depends> </mbean> <!--修改为--> <mbean code="org.jboss.ha.framework.server.ClusterPartition" name="jboss:service=${jboss.partition.name:DefaultPartition}"> <!-- Name of the partition being built --> <attribute name="PartitionName">你的集群的名字</attribute> ...... <depends>jboss:service=Naming</depends> </mbean> 1.2.2 JBoss群集通讯协议大型的JBoss集群使用UDP协议更好,可以减少网络流量。而对于小型的JBoss集群,使用TCP协议比较好,也比较安全。
编辑JBOSS_HOME/server/YOURCONDIF/deploy/cluster-service.xml文件:
[jboss@node1 ~]$ vi JBOSS_HOME/server/YOURCONDIF /deploy/cluster-service.xml <!--查找-->
<mbean code="org.jboss.ha.framework.server.ClusterPartition" name="jboss:service=${jboss.partition.name:DefaultPartition}"> ...... <Config> <UDP mcast_addr="${jboss.partition.udpGroup:228.1.2.3}" mcast_port="45566" ip_ttl="${jgroups.mcast.ip_ttl:8}" ip_mcast="true" mcast_recv_buf_size="2000000" mcast_send_buf_size="640000" ucast_recv_buf_size="2000000" ucast_send_buf_size="640000" loopback="false"/> ...... </Config> </mbean> <!--修改为--> <mbean code="org.jboss.ha.framework.server.ClusterPartition" name="jboss:service=${jboss.partition.name:DefaultPartition}"> ...... <!-- <Config> <UDP mcast_addr="${jboss.partition.udpGroup:228.1.2.3}" mcast_port="45566" ip_ttl="${jgroups.mcast.ip_ttl:8}" ip_mcast="true" mcast_recv_buf_size="2000000" mcast_send_buf_size="640000" ucast_recv_buf_size="2000000" ucast_send_buf_size="640000" loopback="false"/> ...... </Config> --> </mbean> <!--查找--> <mbean code="org.jboss.ha.framework.server.ClusterPartition" name="jboss:service=${jboss.partition.name:DefaultPartition}"> ...... <!-- <Config> <TCP bind_addr="thishost" start_port="7800" loopback="true" recv_buf_size="2000000" send_buf_size="640000" tcp_nodelay="true" up_thread="false" down_thread="false"/> <TCPPING initial_hosts="thishost[7800],otherhost[7800]" port_range="3" timeout="3500" num_initial_members="3" up_thread="false" down_thread="false"/> ...... </Config> --> </mbean> <!--修改为--> <mbean code="org.jboss.ha.framework.server.ClusterPartition" name="jboss:service=${jboss.partition.name:DefaultPartition}"> ...... <Config> <TCP bind_addr="thishost" start_port="7800" loopback="true" recv_buf_size="2000000" send_buf_size="640000" tcp_nodelay="true" up_thread="false" down_thread="false"/> <TCPPING initial_hosts="thishost[7800],otherhost[7800]" port_range="3" timeout="3500" num_initial_members="3" up_thread="false" down_thread="false"/> ...... </Config> </mbean> 同时,将“thishost”换成本机IP,“otherhost”换成另一台JBoss集群节点的IP。例如:
<Config> <TCP bind_addr="192.168.200.12" start_port="7800" loopback="true" recv_buf_size="2000000" send_buf_size="640000" tcp_nodelay="true" up_thread="false" down_thread="false"/> <TCPPING initial_hosts="192.168.200.12 [7800], 192.168.200.13 [7800]" port_range="3" timeout="3500" num_initial_members="3" up_thread="false" down_thread="false"/> ...... </Config> 1.2.3 JBoss字符集设置
JBoss启动时默认使用的是系统字符集,而某些应用程序对于系统默认的字符集会出现不兼容的情况,如:打印出来的数据都是乱码。对于这种情况,可以在JBoss启动时定制应用程序使用自己的字符集。
[jboss@node1 ~]$ vi JBOSS_HOME/bin/run.conf #在文件的上部加入字符集(红色字体部分)
## -*- shell-script -*- ######################################################
## ## ## JBoss Bootstrap Script Configuration ## ## ## ############################################################################## ### $Id: run.conf 62747 2007-05-02 17:43:36Z dimitris@jboss.org $ # # This file is optional; it may be removed if not needed. # # # Specify the maximum file descriptor limit, use "max" or "maximum" to use # the default, as queried by the system. # # Defaults to "maximum" # #MAX_FD="maximum" export LANG="zh_CN.GBK" # # Specify the profiler configuration file to load. # # Default is to not load profiler configuration file. # #PROFILER="" ...... u 重新运行JBoss,乱码问题就可以解决了。
注意:上面的操作只是举个例子,字符集的修改需要根据实际情况而定。 本文出自 “我的技术Blog” 博客,转载请与作者联系! 本文出自 51CTO.COM技术博客 |
xudayu
博客统计信息
热门文章
最新评论
友情链接