Kalpana Karunamurthi

Here is an update on the JSR196/JSR115 agent.

 Due to various factors, the official release of JSR196/JSR115 based agent for Glassfish is being postponed. But the code has been committed to opensso project and anyone interested would have access to the agent.

The code is present at https://opensso.dev.java.net/source/browse/opensso/products/j2eeagents/jsr196/

The targets required to build the agent is integrated to the build system. One can use the following command to build the agent :

opensso/products/j2eeagents > ant jsr196_jsr115

From the time I joined the GF team, I see a lot of confusion prevailing around the product name Sun Glassfish Enterprise Server v2.1. Now with v2.1.1 release coming up, there may be a lot of additional confusions.

I am trying my hand in clearing some confusion (or may be add ;( ...)

Let us get one thing straight,

9.1, 9.1 UR1,  9.1UR2, v2.1, v2.1.1 are all essentially the same product and follow the same code line.

Mapping of these versions are :

SGES v2.1 <===> SJSAS 9.1UR2 patch 6

SGES v2.1.1 <===> SGES v2.1 patch 6 <===> SJSAS 9.1 UR2 patch 12

The most easiest way to  find the version you are using is by executing the following command:

<AS_INSTALL>/bin/asadmin version --verbose=true

Being in the Unix, I usually find hiccups when left to work on Windows.

Recently, I had to change the TCP/IP socket time_wait settings. After some search, I found this tip and it worked. Sharing it here ..

Use the Registry Editor and edit the following property. If the property is not present already, create one.

System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
Value Name: TcpTimedWaitDelay
Data Type: REG_DWORD (DWORD Value)
Value Data: 30-300 seconds (decimal)

    Before I move and start blogging about my current assignment, I thought it would be a good idea to dedicate some posts to my previous assignment. Just before moving to Glassfish sustaining, I was involved in developing a new OpenSSO Agent which would be based on JSR196 and JSR115 specifications for performing authentication and authorization respectively. The experience on working on this agent was mind-blowing.

    Implementing the JSR196 provider was little straight forward with the help of this blog. But JSR115 provider posed a real challenge. When I started off, there was not much documentation about building a new JSR115 provider except for the specification. Trust me, the specification was very complicated. Now that I have crossed all the hurdles, there exists a JSR115 provider which stores all the security constraints declared in web.xml in the OpenSSO Policy Store. The policies follow the OpenSSO Policy format. The provider authorizes against the OpenSSO Enterprise.

      So what does this agent do ?. The Agent protects the application from the unauthorized intrusions. The authenication and authorization for the entry happens against the OpenSSO Enterprise Framework. The important advantage of the agent would be, this agent can work with any container as long as the container supports the specifications. (I have to add, currently some tweaking is required in the provider code to make this happen, since the agent's installer and configurator is written for Glassfish 2.1. Also, the admin apps of Glassfish uses its own default provider). It has also improvised a lot of usability from earlier Agent frameworks.

       Usecase of the agent is something like this : When an application is deployed, the J2EE policies declared in the web.xml is captured by the JSR115 provider. They are converted into OpenSSO policy format and stored in OpenSSO policy store. When a protected resource is accessed, the JSR196 provider comes into action. It redirects to the OpenSSO for performing authentication. Once authenticated by the OpenSSO, the JSR115 provider takes over to perform authorization of the access. The JSR115 provider depends on the OpenSSO policy engine to evaluate the policies and allow/deny the authenicated user for access of the protected resource.

Check-in of this code would be done in couple of days .. so all those interested can try out this agent and i'll be extremely interested to hear your feedback.

After 8-9 years of working on various J2EE Applications, content management and identity management , I am moving into another domain of  sustaining application container ...I am entering with lot anxiety and eagerness .

Let me see what future holds for me :)

For the past few months I had to work remotely quite often. My work sometimes requires me to download huge files hosted over the web. Since I work on my laptop, I used to download the files on my local machine and then transfer it back to my office machine. It was hogging the bandwidth and takes a lot of time too :(.

Thats when I got to know about this utility wget . Its very helpful in downloading files via HTTP and FTP.

These days I just  telnet to my machine and do a /usr/sfw/bin/wget URL. Saves a lot of time :) If you need more info about wget , just do wget --help

If you are behind proxy, you may need to export http_proxy=PROXYNAME:PROXYPORT to download files over the internet

I have been hesitating to get into official blogOworld, for the kind of addiction it offers :).

Finally gave up and here I am !!.

My plan is to write about work, tit-bits, and personal happenings (I have my personal blog and it needs its own share too ..)

Keep watching this space for more updates ...