5 Replies Latest reply on Apr 16, 2010 4:40 PM by Dieter Steinwedel

    Implementing Deployment Bootstrap

    Dieter Steinwedel Newbie

      How do I implement a bootstrap that is executed after the archive is deployed? IFAIK even EJB3 specs doesn't define such a mechanism.

      Therefore I think, I have only the option to choose an application server specific implementation. In the case using jboss, I think about using a mbean defining a dependency on the corresponding archive. But if the EJBs are secured via JAAS I get a authentication problem.

      I'm very frustrated! Do you have better idea? How to avoid authentication problems?


        • 1. Re: Implementing Deployment Bootstrap
          Scott Stark Master

          The same as any client trying to access a secured ejb. Do a jaas login to set the caller identity.

          • 2. Re: Implementing Deployment Bootstrap
            Dieter Steinwedel Newbie

            Sorry for my inaccurate problem description. My problem isn't to write a client authentication. You can find a lot of examples for this topic. I'm very interessed in the point to make a client authentication without storing any informations of it together with the other authentication data in the database. The "real" user authentication data shouldn't be soiled by the one of the bootstrap. In the case the database doesn't contain any data (first installation i.e.) the deployment bootstrap *requires* a database aware authentication.

            • 3. Re: Implementing Deployment Bootstrap
              Scott Stark Master

              That still does not describe what you are trying to do adequately. It sounds like a chicken or the egg problem where you want to access a secured ejb before the security database is setup.

              • 4. Re: Implementing Deployment Bootstrap
                Dieter Steinwedel Newbie

                Yes indeed, it sounds like the chicken and egg problem. But the fowl problem isn't unsolvable: First, there was a chicken like creature that lays the egg. Not a really surprising answer thinking about evolution, or? Let's go a step ahead: If the chicken and egg problem is solvable, why should the deployment bootstrap problem not be solvable? Ok, this line of argument may assailable.

                But seriously, why do you secure your server-app? In my opinion you secure it against clients. Is the deployment of your server-app a server or a client operation? I would answer: "A server-sided operation". Furthermore, if I write the bootstrap and deploy it together with the server-application, shouldn't the container trust the code of the bootstrap if I do?

                Second thought: One very important feature of j2ee is the abstraction layer accessing databases. By this, you can really write a server application sql-aware and independent from database vendors. But why must I use a sql script and care about the differences between vendors when I initialize the database? Why can't I use consequently use the abstraction layer even when I initialize the database? Would you like buy a Porsche 911 without keys (if you had the money to buy one)? Would you really like to short-circuit you own 911? I don't! I would ask for the keys!

                • 5. Re: Implementing Deployment Bootstrap
                  Dieter Steinwedel Newbie

                  Finally found a solution: 
                  1.) Switch to sequential deployment in the deployment descriptor.
                  2.) Define an archive with local scoped ejbs inside the ear. It should even contains the o/r mapping.
                  3.) Define an archive with mbeans. The mbeans do the bootstrapping.
                  4.) Define an archive for remote scoped ejbs.
                  5.) Ensure the order of these archives equal to this enumation in the deployment descriptor.


                  Define dependencies and barriers correctly or the deployment order will change!