Skip to first unread message
César Arratia
Jul 8, 2014, 1:11:12 PM7/8/14
to vcap...@cloudfoundry.org
Hello everyone.
I'm trying to deploy a Java application that uses JAAS (Java Authentication and Authorization Service) in a Tomcat container.
There are three things that are not easy for a newbe like me.
1) Change server.xml to add the JAAS Realm and the name of the two classes (users and roles) -> Done with a fork of the buildpack where i've changed the server.xml
2) Add the two classes referenced before to the tomcat_home/lib directory.
3) Add a custom argument to the java virtual machine start command to reference the jaas.config file (-Djava.security.auth.login.config="/PATH/jaas.config"
I suppose this is not difficult but the java buildpack in ruby is a bit overwhelming for me.
Thanks for your help
I'm trying to deploy a Java application that uses JAAS (Java Authentication and Authorization Service) in a Tomcat container.
There are three things that are not easy for a newbe like me.
1) Change server.xml to add the JAAS Realm and the name of the two classes (users and roles) -> Done with a fork of the buildpack where i've changed the server.xml
2) Add the two classes referenced before to the tomcat_home/lib directory.
3) Add a custom argument to the java virtual machine start command to reference the jaas.config file (-Djava.security.auth.login.config="/PATH/jaas.config"
I suppose this is not difficult but the java buildpack in ruby is a bit overwhelming for me.
Thanks for your help
Sabha
Jul 8, 2014, 1:49:34 PM7/8/14
to vcap...@cloudfoundry.org
You would have to tweak the server classpath to load your classes ahead of tomcat's libs/jars.
cf set-env app JAVA_OPTS " -Djava.security.auth.login.config='/PATH/jaas.config'... "
cf push app
-Sabha
César Arratia
Jul 8, 2014, 2:57:44 PM7/8/14
to vcap...@cloudfoundry.org
First of all, thanks very much for your answer.
I've tried the jaas.config part and it works (i don't know how to use the HOME variable there but its Ok i set the full path)
I don't know how to tweak the classpath. In what file is it? How can i add a jar file outside my web-app and how can i reference it in the classpath?
I'm feeling a little dumb with these questions but all is new for me.
Thanks
I've tried the jaas.config part and it works (i don't know how to use the HOME variable there but its Ok i set the full path)
I don't know how to tweak the classpath. In what file is it? How can i add a jar file outside my web-app and how can i reference it in the classpath?
I'm feeling a little dumb with these questions but all is new for me.
Thanks
Sabha
Jul 9, 2014, 10:47:36 AM7/9/14
to vcap...@cloudfoundry.org
By default, the HOME variable would be /home/vcap in the runtime container.
You can either create a link or copy the jar file from your webapp to another location and refer to it ahead of the tomcat classes. This would be lot more work.
Or
you can include the env variable JAVA_ENDORSED_DIRS to have additional setting that would point to your jar file (i believe endorsed would get loaded ahead of the classpath setting).
By default, tomcat setclasspath.sh script sets the endorsed dirs to be :
JAVA_ENDORSED_DIRS="$CATALINA_HOME"/endorsed
You can set it to be:
JAVA_ENDORSED_DIRS="$HOME/app/WEB-INF/lib/myUtility.jar:$HOME/app/.java-buildpack/tomcat/endorsed"
and call set-env just like for JAVA_OPTS
cf set-env app JAVA_OPTS " -Djava.security.auth.login.config='/PATH/jaas.config'... "
cf set-env app JAVA_ENDORSED_DIRS "$HOME/app/WEB-INF/lib/myUtility.jar:$HOME/app/.java-buildpack/tomcat/endorsed"
and then re-push the app.
-Sabha
César Arratia
Jul 9, 2014, 1:40:27 PM7/9/14
to vcap...@cloudfoundry.org
Thank you Sabha for your elaborated answer!
I tried the second aproximation becouse it looks easier and... IT WORKS!
Just to learn a little more:
How can i tweak a file that is not in the java buildpack? Can i copy it in the resources folder (ava-buildpack/resources/tomcat/ )and it gets copied when i push the app? I tell it becouse you say that i can change the catalina.sh and setclasspath.sh files but i can't see them. The java buildpack downloads Tomcat from the download.pivotal... repo and i can't change those files.
And another little question is, why the home variable points to "HOME=/home/vcap/app" when i execute "cf files app logs/env.log" but i must set the paths supposing that the HOME variable points to "/home/vcap"? I've tried with HOME=/home/vcap/app and it doesn't work
Thank you again
I tried the second aproximation becouse it looks easier and... IT WORKS!
Just to learn a little more:
How can i tweak a file that is not in the java buildpack? Can i copy it in the resources folder (ava-buildpack/resources/tomcat/ )and it gets copied when i push the app? I tell it becouse you say that i can change the catalina.sh and setclasspath.sh files but i can't see them. The java buildpack downloads Tomcat from the download.pivotal... repo and i can't change those files.
And another little question is, why the home variable points to "HOME=/home/vcap/app" when i execute "cf files app logs/env.log" but i must set the paths supposing that the HOME variable points to "/home/vcap"? I've tried with HOME=/home/vcap/app and it doesn't work
Thank you again
César Arratia
Jul 9, 2014, 1:51:11 PM7/9/14
to vcap...@cloudfoundry.org
Just to clarify the second question:
when i wirte "cf files app logs/env.log" i get HOME=/home/vcap/app
but to get a working environment i must set the variables:
JAVA_ENDORSED_DIRS: $HOME/.java-buildpack/tomcat/webapps/ROOT/WEB-INF/lib:$HOME/.java-buildpack/tomcat/endorsed
JAVA_OPTS: -Djava.security.auth.login.config='$HOME/app/.java-buildpack/tomcat/webapps/ROOT/WEB-INF/jaas.config'
It is strange that form JAVA_ENDORSED $HOME is /home/vcap/app and form JAVA_OPTS is /home/vcap
when i wirte "cf files app logs/env.log" i get HOME=/home/vcap/app
but to get a working environment i must set the variables:
JAVA_ENDORSED_DIRS: $HOME/.java-buildpack/tomcat/webapps/ROOT/WEB-INF/lib:$HOME/.java-buildpack/tomcat/endorsed
JAVA_OPTS: -Djava.security.auth.login.config='$HOME/app/.java-buildpack/tomcat/webapps/ROOT/WEB-INF/jaas.config'
It is strange that form JAVA_ENDORSED $HOME is /home/vcap/app and form JAVA_OPTS is /home/vcap
Sabha
Jul 9, 2014, 2:04:57 PM7/9/14
to vcap...@cloudfoundry.org
Hi Cesar,
Glad the env-variable approach works.
I am sorry for the confusion regarding the $HOME variable - should have verified it.
Probably safer for you to just point to the full path /home/vcap/app/.java... rather than depending on variable names.
Wrt to the JAVA_OPTS using a different $HOME vs external env, I dont know if the container variable is differently populated but safer to just go with /home/vcap/.. whatever path you want.
Yes, wrt to the tomcat libs, you dont have the option to update the jars directly as they get downloaded from the pivotal s3 bucket, unless you fork the buildpack and add steps to either update the jar file yourself (after it got downloaded) as part of the compile step or add additional stuff as part of the classpath setup.
Probably you are better off with the set-env variable for now.
-Sabha
César Arratia
Jul 9, 2014, 2:09:57 PM7/9/14
to vcap...@cloudfoundry.org
Yes. I would love to understand the JavaBuildPack better but it takes a lot of time. I stay with your approach but it would be superb to customize Tomcat server easily just like you do it locally.
Thanks Sabha
Thanks Sabha
Reply all
Reply to author
Forward
0 new messages