5 Replies Latest reply on Apr 16, 2010 4:40 PM by dsteinwe

Implementing Deployment Bootstrap

dsteinwe Mar 24, 2006 5:49 AM

How do I implement a bootstrap that is executed after the archive is deployed? IFAIK even EJB3 specs doesn't define such a mechanism.

Therefore I think, I have only the option to choose an application server specific implementation. In the case using jboss, I think about using a mbean defining a dependency on the corresponding archive. But if the EJBs are secured via JAAS I get a authentication problem.

I'm very frustrated! Do you have better idea? How to avoid authentication problems?

Thanks,
Dieter

1. Re: Implementing Deployment Bootstrap

starksm64 Mar 25, 2006 8:13 AM (in response to dsteinwe)

The same as any client trying to access a secured ejb. Do a jaas login to set the caller identity.
Actions
2. Re: Implementing Deployment Bootstrap

dsteinwe Mar 25, 2006 8:50 AM (in response to dsteinwe)

Sorry for my inaccurate problem description. My problem isn't to write a client authentication. You can find a lot of examples for this topic. I'm very interessed in the point to make a client authentication without storing any informations of it together with the other authentication data in the database. The "real" user authentication data shouldn't be soiled by the one of the bootstrap. In the case the database doesn't contain any data (first installation i.e.) the deployment bootstrap *requires* a database aware authentication.
Actions
3. Re: Implementing Deployment Bootstrap

starksm64 Mar 28, 2006 1:06 PM (in response to dsteinwe)

That still does not describe what you are trying to do adequately. It sounds like a chicken or the egg problem where you want to access a secured ejb before the security database is setup.
Actions
4. Re: Implementing Deployment Bootstrap

dsteinwe Mar 29, 2006 5:15 PM (in response to dsteinwe)

Yes indeed, it sounds like the chicken and egg problem. But the fowl problem isn't unsolvable: First, there was a chicken like creature that lays the egg. Not a really surprising answer thinking about evolution, or? Let's go a step ahead: If the chicken and egg problem is solvable, why should the deployment bootstrap problem not be solvable? Ok, this line of argument may assailable.

But seriously, why do you secure your server-app? In my opinion you secure it against clients. Is the deployment of your server-app a server or a client operation? I would answer: "A server-sided operation". Furthermore, if I write the bootstrap and deploy it together with the server-application, shouldn't the container trust the code of the bootstrap if I do?

Second thought: One very important feature of j2ee is the abstraction layer accessing databases. By this, you can really write a server application sql-aware and independent from database vendors. But why must I use a sql script and care about the differences between vendors when I initialize the database? Why can't I use consequently use the abstraction layer even when I initialize the database? Would you like buy a Porsche 911 without keys (if you had the money to buy one)? Would you really like to short-circuit you own 911? I don't! I would ask for the keys!
Actions
5. Re: Implementing Deployment Bootstrap

dsteinwe Apr 16, 2010 4:40 PM (in response to dsteinwe)

Finally found a solution:
1.) Switch to sequential deployment in the deployment descriptor.
2.) Define an archive with local scoped ejbs inside the ear. It should even contains the o/r mapping.
3.) Define an archive with mbeans. The mbeans do the bootstrapping.
4.) Define an archive for remote scoped ejbs.
5.) Ensure the order of these archives equal to this enumation in the deployment descriptor.

Define dependencies and barriers correctly or the deployment order will change!
Actions

Go to original post