Sun Microsystems GLASSFISH ENTERPRISE 820433510 User Manual

Sun GlassFish Enterprise Server

2.1 Administration Guide

Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A.

Part No: 820–4335–10 December 2008

Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more U.S. patents or pending patent applications in the U.S. and in other countries.

U.S. Government Rights – Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements.

This distribution may include materials developed by third parties.

Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd.

Sun, Sun Microsystems, the Sun logo, the Solaris logo, the Java Coee Cup logo, docs.sun.com, Java, and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the U.S. and other countries. All SPARCtrademarks are used under license and are trademarks or registered trademarks of SPARCInternational, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc.

The OPEN LOOK and Sun of Xerox in researching and developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to the Xerox Graphical User Interface, which license also covers Sun's licensees who implement OPEN LOOK GUIs and otherwise comply with Sun's written license agreements.

Products covered by and information contained in this publication are controlled by U.S. Export Control laws and may be subject to the export or import laws in other countries. Nuclear, missile, chemical or biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited. Export or reexport to countries subject to U.S. embargo or to entities identied on U.S. export exclusion lists, including, but not limited to, the denied persons and specially designated nationals lists is strictly prohibited.

DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDINGANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THATSUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.

Graphical User Interface was developed by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges the pioneering eorts

Sun Microsystems, Inc. détient les droits de propriété intellectuelle relatifs à la technologie incorporée dans le produit qui est décrit dans ce document. En particulier, et ce sans limitation, ces droits de propriété intellectuelle peuvent inclure un ou plusieurs brevets américains ou des applications de brevet en attente aux Etats-Unis et dans d'autres pays.

Cette distribution peut comprendre des composants développés par des tierces personnes.

Certaines composants de ce produit peuvent être dérivées du logiciel Berkeley BSD,licenciés par l'Université de Californie. UNIX est une marque déposée aux Etats-Unis et dans d'autres pays; elle est licenciée exclusivement par X/Open Company, Ltd.

Sun, Sun Microsystems, le logo Sun, le logo Solaris, le logo Java Coee Cup, docs.sun.com, Java et Solaris sont des marques de fabrique ou des marques déposées de Sun Microsystems, Inc., ou ses liales, aux Etats-Unis et dans d'autres pays. Toutes les marques SPARC sont utilisées sous licence et sont des marques de fabrique ou des marques déposées de SPARC International, Inc. aux Etats-Unis et dans d'autres pays. Les produits portant les marques SPARCsont basés sur une architecture développée par Sun Microsystems, Inc.

L'interface d'utilisation graphique OPEN LOOK et Sun a été développée par Sun Microsystems, Inc. pour ses utilisateurs et licenciés. Sun reconnaît les eorts de pionniers de Xerox pour la recherche et le développement du concept des interfaces d'utilisation visuelle ou graphique pour l'industrie de l'informatique. Sun détient une licence non exclusive de Xerox sur l'interface d'utilisation graphique Xerox, cette licence couvrant également les licenciés de Sun qui mettent en place l'interface d'utilisation graphique OPEN LOOK et qui, en outre, se conforment aux licences écrites de Sun.

Les produits qui font l'objet de cette publication et les informations qu'il contient sont régis par la legislation américaine en matière de contrôle des exportations et peuvent être soumis au droit d'autres pays dans le domaine des exportations et importations. Les utilisations nales, ou utilisateurs naux, pour des armes nucléaires, des missiles, des armes chimiques ou biologiques ou pour le nucléaire maritime, directement ou indirectement, sont strictement interdites. Les exportations ou réexportations vers des pays sous embargo des Etats-Unis, ou vers des entités gurant sur les listes d'exclusion d'exportation américaines, y compris, mais de manière non exclusive, la liste de personnes qui font objet d'un ordre de ne pas participer, d'une façon directe ou indirecte, aux exportations des produits ou des services qui sont régis par la legislation américaine en matière de contrôle des exportations et la liste de ressortissants spéciquement designés, sont rigoureusement interdites.

LA DOCUMENTATIONEST FOURNIE "EN L'ETAT"ET TOUTES AUTRESCONDITIONS, DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENT EXCLUES, DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, Y COMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A L'APTITUDE A UNE UTILISATIONPARTICULIERE OU A L'ABSENCE DE CONTREFACON.

090122@21808

Contents

Preface ...................................................................................................................................................19

1 Enterprise Server Overview ...............................................................................................................23

Enterprise Server Overview and Concepts ....................................................................................... 23

Enterprise Server Overview ........................................................................................................23

Tools for Administration ............................................................................................................ 24

Enterprise Server Concepts ................................................................................................................ 26

Domain ......................................................................................................................................... 26

Domain Administration Server (DAS) ..................................................................................... 26

Usage Proles ............................................................................................................................... 27

Cluster ........................................................................................................................................... 28

Node Agent ................................................................................................................................... 28

Server Instance ............................................................................................................................. 29

Basic Enterprise Server Commands .................................................................................................. 31

Creating a Domain ....................................................................................................................... 31

Deleting a Domain ....................................................................................................................... 32

Listing Domains ........................................................................................................................... 32

Starting the Domain .................................................................................................................... 32

Starting the Default Domain on Windows ............................................................................... 33

Stopping the Domain .................................................................................................................. 33

Stopping the Default Domain on Windows ............................................................................. 33

Restarting the Domain ................................................................................................................ 33

Creating a Cluster ........................................................................................................................ 33

Starting a Cluster .......................................................................................................................... 34

Stopping a Cluster ........................................................................................................................ 34

Creating a Node Agent ................................................................................................................ 34

Starting a Node Agent .................................................................................................................. 34

Stopping a Node Agent ................................................................................................................ 35

Contents

Starting an Instance ..................................................................................................................... 35

Stopping an Instance ................................................................................................................... 35

Restarting an Instance ................................................................................................................. 35

Recreating the Domain Administration Server ........................................................................ 36

2 Java Business Integration ..................................................................................................................39

JBI Environment .................................................................................................................................. 39

JBI Components ........................................................................................................................... 39

Service Assemblies ....................................................................................................................... 41

Shared Libraries ........................................................................................................................... 42

JBI Descriptors ............................................................................................................................. 42

3 JDBC Resources ....................................................................................................................................43

JDBC Resources ................................................................................................................................... 43

JDBC Connection Pools ..................................................................................................................... 44

How JDBC Resources and Connection Pools Work Together ...................................................... 44

Setting Up Database Access ................................................................................................................ 45

Working with JDBC Connection Pools ............................................................................................ 46

Creating a JDBC Connection Pool ............................................................................................. 46

Editing a JDBC Connection Pool ............................................................................................... 48

Editing JDBC Connection Pool Advanced Attributes ............................................................. 50

Congurations for Specic JDBC Drivers ........................................................................................ 52

Java DB Type 4 Driver ................................................................................................................. 53

Sun GlassFish JDBC Driver for DB2 Databases ....................................................................... 54

Sun GlassFish JDBC Driver for Oracle 8.1.7 and 9.x Databases ............................................. 54

Sun GlassFish JDBC Driver for Microsoft SQL Server Databases ......................................... 55

Sun GlassFish JDBC Driver for Sybase Databases ................................................................... 55

IBM DB2 8.1 Type 2 Driver ........................................................................................................ 56

JConnect Type 4 Driver for Sybase ASE 12.5 Databases ......................................................... 56

MySQL Type 4 Driver .................................................................................................................. 57

Inet Oraxo JDBC Driver for Oracle 8.1.7 and 9.x Databases .................................................. 57

Inet Merlia JDBC Driver for Microsoft SQL Server Databases .............................................. 58

Inet Sybelux JDBC Driver for Sybase Databases ...................................................................... 59

Oracle Thin Type 4 Driver for Oracle 8.1.7 and 9.x Databases ............................................... 59

OCI Oracle Type 2 Driver for Oracle 8.1.7 and 9.x Databases ............................................... 60

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 20084

Contents

IBM Informix Type 4 Driver ...................................................................................................... 61

CloudScape 5.1 Type 4 Driver .................................................................................................... 61

4 Conguring Java Message Service Resources ................................................................................ 63

JMS Resources ...................................................................................................................................... 63

The Relationship Between JMS Resources and Connector Resources ......................................... 64

JMS Connection Factories .................................................................................................................. 65

JMS Destination Resources ................................................................................................................ 65

JMS Physical Destinations .................................................................................................................. 65

Conguring JMS Provider Properties ............................................................................................... 66

Accessing Remote Servers ........................................................................................................... 67

Foreign JMS Providers ........................................................................................................................ 67

Conguring the Generic Resource Adapter for JMS ............................................................... 67

Resource Adapter Properties ...................................................................................................... 68

ManagedConnectionFactory Properties .................................................................................. 71

Administered Object Resource Properties ................................................................................ 72

Activation Spec Properties .......................................................................................................... 72

5 Conguring JavaMail Resources .......................................................................................................75

Creating a JavaMail Session ................................................................................................................ 75

6 JNDI Resources .....................................................................................................................................77

Java EE Naming Services .................................................................................................................... 77

Naming References and Binding Information ................................................................................. 78

Using Custom Resources .................................................................................................................... 79

Using External JNDI Repositories and Resources ........................................................................... 79

7 Connector Resources ..........................................................................................................................81

An Overview of Connectors ............................................................................................................... 81

Managing Connector Connection Pools .......................................................................................... 82

▼ To Create a Connector Connection Pool .................................................................................. 82

▼ To Edit a Connector Connection Pool ...................................................................................... 83

▼ To Edit Connector Connection Pool Advanced Attributes .................................................... 85

▼ To Edit Connection Pool Properties .......................................................................................... 87

Contents

Managing Security Maps ............................................................................................................. 87

▼ To Delete a Connector Connection Pool .................................................................................. 87

▼ To Set Up EIS Access ................................................................................................................... 88

Managing Connector Resources ....................................................................................................... 88

▼ To Create a Connector Resource ............................................................................................... 88

▼ To Edit a Connector Resource .................................................................................................... 89

▼ To Delete a Connector Resource ................................................................................................ 89

▼ To Congure the Connector Service ......................................................................................... 90

Managing Administered Object Resources ...................................................................................... 90

▼ To Create an Administered Object Resource ........................................................................... 91

▼ To Edit an Administered Object Resource ............................................................................... 92

▼ To Delete an Administered Object Resource ........................................................................... 92

8 Weband EJB Containers ..................................................................................................................... 93

The SIP Servlet Container .................................................................................................................. 93

Editing the Properties of the SIP Container .............................................................................. 94

The Web Container ............................................................................................................................. 95

The EJB Container .............................................................................................................................. 95

9 Conguring Security ...........................................................................................................................97

Understanding Application and System Security ............................................................................ 97

Tools for Managing Security .............................................................................................................. 98

Managing Security of Passwords ....................................................................................................... 99

Encrypting a Password in the domain.xml File ........................................................................ 99

Protecting Files with Encoded Passwords ............................................................................... 100

Changing the Master Password ................................................................................................ 100

Working with the Master Password and Keystores ............................................................... 101

Changing the Admin Password ................................................................................................ 101

About Authentication and Authorization ...................................................................................... 102

Authenticating Entities ............................................................................................................. 102

Authorizing Users ...................................................................................................................... 103

Specifying JACC Providers ....................................................................................................... 103

Auditing Authenticationand Authorization Decisions ........................................................ 103

Conguring Message Security .................................................................................................. 104

Understanding Users, Groups, Roles, and Realms ........................................................................ 104

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 20086

Contents

Users ............................................................................................................................................ 105

Groups ......................................................................................................................................... 105

Roles ............................................................................................................................................ 106

Realms ......................................................................................................................................... 106

Introduction to Certicates and SSL ............................................................................................... 108

About Digital Certicates ......................................................................................................... 108

About Secure Sockets Layer ...................................................................................................... 109

About Firewalls .................................................................................................................................. 111

About Certicate Files ....................................................................................................................... 111

Changing the Location of Certicate Files .............................................................................. 112

Using Java Secure Socket Extension (JSSE) Tools ......................................................................... 112

Using the keytool Utility ........................................................................................................... 112

Generating a Certicate Using the keytool Utility ............................................................... 114

Signing a Digital Certicate Using the keytool Utility ......................................................... 115

Deleting a Certicate Using the keytool Utility .................................................................... 115

Using Network Security Services (NSS) Tools ............................................................................... 116

Using the certutil Utility ....................................................................................................... 117

Importing and Exporting Certicates Using the pk12util Utility ...................................... 118

Adding and Deleting PKCS11 Modules using modutil ........................................................ 119

Using Hardware Crypto Accelerator With Enterprise Server ..................................................... 120

About Conguring Hardware Crypto Accelerators .............................................................. 120

Conguring PKCS#11 Tokens ................................................................................................. 121

Managing Keys And Certicates .............................................................................................. 122

Conguring J2SE 5.0 PKCS#11 Providers .............................................................................. 124

10 Conguring Message Security ........................................................................................................127

Overview of Message Security .......................................................................................................... 127

Understanding Message Security in the Enterprise Server .......................................................... 128

Assigning Message Security Responsibilities .......................................................................... 128

About Security Tokens and Security Mechanisms ................................................................. 129

Glossary of Message Security Terminology ............................................................................ 131

Securing a Web Service ..................................................................................................................... 132

Conguring Application-Specic Web Services Security ..................................................... 133

Securing the Sample Application ..................................................................................................... 133

Conguring the Enterprise Server for Message Security .............................................................. 133

Contents

Actions of Request and Response Policy Congurations ...................................................... 134

Conguring Other Security Facilities ...................................................................................... 135

Conguring a JCE Provider ...................................................................................................... 135

Message Security Setup ..................................................................................................................... 137

Enabling Providers for Message Security ................................................................................ 137

Conguring the Message Security Provider ........................................................................... 138

Creating a Message Security Provider ..................................................................................... 139

Enabling Message Security for Application Clients ............................................................... 139

Setting the Request and Response Policy for the Application Client Conguration ......... 139

Further Information .................................................................................................................. 140

11 Conguring the Diagnostic Service ................................................................................................ 141

What is the Diagnostic Framework? ............................................................................................... 141

Diagnostic Service Framework ........................................................................................................ 141

Generating a Diagnostic Report ............................................................................................... 142

12 Transactions ...................................................................................................................................... 143

About Transactions ........................................................................................................................... 143

What is a Transaction? .............................................................................................................. 143

Transactions in Java EE Technology .......................................................................................144

Workarounds for Specic Databases ....................................................................................... 145

Admin Console Tasks for Transactions ......................................................................................... 145

Conguring Transactions ......................................................................................................... 145

13 Conguring the HTTP Service .........................................................................................................149

Virtual Servers ................................................................................................................................... 149

HTTP Listeners .................................................................................................................................. 150

14 Managing Web Services ...................................................................................................................153

Overview of Web Services ................................................................................................................ 153

Web Services Standards ............................................................................................................ 154

Java EE Web Service Standards ................................................................................................ 154

Deploying and Testing Web Services .............................................................................................. 155

Deploying Web Services ............................................................................................................ 155

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 20088

Contents

Viewing Deployed Web Services ............................................................................................. 156

Testing Web Services ................................................................................................................. 156

Web Services Security ................................................................................................................ 156

Using Web Services Registries ......................................................................................................... 156

Adding a Registry ....................................................................................................................... 157

Publishing a Web Service to a Registry .................................................................................... 157

Transforming Messages with XSLT Filters ..................................................................................... 158

Monitoring Web Services ................................................................................................................. 158

Viewing Web Service Statistics ................................................................................................. 159

Monitoring Web Service Messages .......................................................................................... 159

15 Conguring the Object Request Broker ........................................................................................ 161

An Overview of the Object Request Broker ................................................................................... 161

CORBA ........................................................................................................................................ 161

What is the ORB? ....................................................................................................................... 162

IIOP Listeners ............................................................................................................................. 162

Conguring the ORB ........................................................................................................................ 162

Managing IIOP Listeners .................................................................................................................. 162

16 Thread Pools .......................................................................................................................................163

Working with Thread Pools ............................................................................................................. 164

17 Conguring Logging .........................................................................................................................165

About Logging ................................................................................................................................... 165

Log Records ................................................................................................................................ 165

The Logger Namespace Hierarchy ........................................................................................... 166

Conguring Logging ......................................................................................................................... 168

Conguring General Logging Settings .................................................................................... 168

Conguring Log Levels ............................................................................................................. 168

Viewing Server Logs .................................................................................................................. 169

18 Monitoring Components and Services .......................................................................................... 171

About Monitoring ............................................................................................................................. 171

Monitoring in the Enterprise Server ........................................................................................ 171

Contents

Overview of Monitoring ........................................................................................................... 172

About the Tree Structure of Monitorable Objects .................................................................172

About Statistics for Monitored Components and Services ................................................... 175

Enabling and Disabling Monitoring ............................................................................................... 191

Conguring Monitoring Levels Using the Admin Console ................................................. 192

▼ To Congure Monitoring Levels Using asadmin .................................................................. 192

Viewing Monitoring Data ................................................................................................................ 193

Viewing Monitoring Data in the Admin Console .................................................................. 193

Viewing Monitoring Data With the asadmin Tool ................................................................ 193

Using JConsole .................................................................................................................................. 209

Securing JConsole to Application Server Connection ........................................................... 210

Prerequisites for Connecting JConsole to Application Server ............................................. 211

▼ Connecting JConsole to Application Server ........................................................................... 211

▼ Connecting JConsole Securely to Application Server ........................................................... 212

19 Conguring Management Rules .....................................................................................................215

About Management Rules ................................................................................................................ 215

Conguring Management Rules ..................................................................................................... 216

20 JavaVirtual Machine and Advanced Settings .............................................................................. 219

Tuning the JVM Settings .................................................................................................................. 219

Conguring Advanced Settings ....................................................................................................... 220

A Automatically Restarting a Domain or Node Agent .................................................................... 221

Restarting Automatically on Solaris 10 ........................................................................................... 221

Restarting Automatically Using inittab on Solaris 9 and Linux Platforms ................................. 223

Restarting Automatically on the Microsoft Windows Platform .................................................. 223

Creating a Windows Service ..................................................................................................... 223

Preventing the Service From Shutting Down When a User Logs Out ................................. 225

Security for Automatic Restarts ....................................................................................................... 225

B Dotted Name Attributes for domain.xml ...................................................................................... 227

Top Level Elements ........................................................................................................................... 227

Elements Not Aliased ........................................................................................................................ 229

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200810

Contents

CTheasadmin Utility ............................................................................................................................231

The asadmin Utility ........................................................................................................................... 232

Common Options for Remote Commands ................................................................................... 234

The Multimode Command .............................................................................................................. 235

The Get, Set, and List Commands ................................................................................................... 236

Server Lifecycle Commands ............................................................................................................. 237

List and Status Commands ............................................................................................................... 238

Deployment Commands .................................................................................................................. 239

Version Commands .......................................................................................................................... 240

Message Queue Administration Commands ................................................................................. 240

Resource Management Commands ................................................................................................ 241

Conguration Commands ............................................................................................................... 243

HTTP and IIOP Listener Commands ..................................................................................... 243

Lifecycle and Audit Module Commands ................................................................................ 243

Proler and SSL Commands ..................................................................................................... 244

JVM Options and Virtual Server Commands ........................................................................ 244

Threadpool and Auth-Realm Commands .............................................................................. 245

Transaction and Timer Commands ........................................................................................ 245

Registry Commands .................................................................................................................. 246

User Management Commands ........................................................................................................ 246

Rules and Monitoring Commands .................................................................................................. 247

Database Commands ........................................................................................................................ 247

Diagnostic and Logging Commands .............................................................................................. 248

Web Service Commands .................................................................................................................. 248

Security Service Commands ............................................................................................................ 249

Password Commands ....................................................................................................................... 250

Verify Command ............................................................................................................................... 251

Custom MBean Commands ............................................................................................................ 251

Service Command ............................................................................................................................. 251

Property Command .......................................................................................................................... 252

Index ................................................................................................................................................... 253

Figures

FIGURE 1–1 Enterprise Server Instance ........................................................................................29

FIGURE 9–1 Role Mapping ...........................................................................................................105

Tables

TABLE 1–1 Features Available for Each Prole .......................................................................... 27

TABLE 1–2 Enterprise Server Listeners that Use Ports ............................................................. 30

TABLE 6–1 JNDI Lookups and Their Associated References ................................................... 79

TABLE 9–1 Enterprise Server AuthenticationMethods ..........................................................102

TABLE 10–1 Messageprotection policy to WS-Security SOAP message security operation

mapping ................................................................................................................... 134

TABLE 17–1 EnterpriseServer Logger Namespaces .................................................................. 166

TABLE 18–1 EJB Statistics .............................................................................................................176

TABLE 18–2 EJB Method Statistics ..............................................................................................177

TABLE 18–3 EJB Session Store Statistics ..................................................................................... 177

TABLE 18–4 EJB PoolStatistics ....................................................................................................179

TABLE 18–5 EJB Cache Statistics ................................................................................................. 179

TABLE 18–6 Timer Statistics ........................................................................................................ 180

TABLE 18–7 Web Container (Servlet) Statistics ........................................................................ 180

TABLE 18–8 Web Container (Web Module) Statistics ............................................................. 181

TABLE 18–9 HTTP Service Statistics (Developer Prole) ........................................................ 182

TABLE 18–10 JDBC Connection Pool Statistics ...........................................................................183

TABLE 18–11 Connector Connection Pool Statistics .................................................................. 184

TABLE 18–12 Connector Work Management Statistics ............................................................. 185

TABLE 18–13 Connection Manager (in an ORB) Statistics ........................................................ 185

TABLE 18–14 Thread PoolStatistics ..............................................................................................186

TABLE 18–15 Transaction Service Statistics ................................................................................. 186

TABLE 18–16 JVMStatistics ........................................................................................................... 187

TABLE 18–17 JVM Statistics for Java SE- Class Loading ............................................................. 187

TABLE 18–18 JVM Statistics for Java SE- Compilation ............................................................... 188

TABLE 18–19 JVM Statistics for Java SE- Garbage Collection ...................................................188

TABLE 18–20 JVM Statistics for Java SE- Memory ...................................................................... 188

TABLE 18–21 JVM Statistics for Java SE - Operating System .....................................................189

TABLE 18–22 JVM Statistics for Java SE - Runtime .....................................................................189

Tables

TABLE 18–23 JVM Statistics for Java SE - Thread Info ............................................................... 190

TABLE 18–24 JVM Statistics for Java SE - Threads ...................................................................... 191

TABLE 18–25 TopLevel .................................................................................................................. 203

TABLE 18–26 ApplicationsLevel ................................................................................................... 203

TABLE 18–27 Applications - Enterprise Applicationsand Standalone Modules .....................204

TABLE 18–28 HTTP-Service Level ................................................................................................207

TABLE 18–29 Thread-PoolsLevel ..................................................................................................207

TABLE 18–30 ResourcesLevel ........................................................................................................208

TABLE 18–31 Transaction-ServiceLevel ......................................................................................208

TABLE 18–32 ORBLevel ................................................................................................................. 208

TABLE 18–33 JVMLevel .................................................................................................................209

TABLE C–1 Remote Commands Required Options ................................................................234

TABLE C–2 ServerLifecycle Commands ...................................................................................237

TABLE C–3 List and Status Commands .....................................................................................238

TABLE C–4 DeploymentCommands ........................................................................................239

TABLE C–5 VersionCommands ................................................................................................ 240

TABLE C–6 MessageQueue Commands ...................................................................................240

TABLE C–7 ResourceManagement Commands ...................................................................... 241

TABLE C–8 IIOPListener Commands ...................................................................................... 243

TABLE C–9 LifecycleModule Commands ................................................................................244

TABLE C–10 Proler and SSL Commands .................................................................................. 244

TABLE C–11 JVM Options and Virtual Server Commands ......................................................245

TABLE C–12 Threadpool and Auth-RealmCommands ........................................................... 245

TABLE C–13 TransactionCommands ......................................................................................... 246

TABLE C–14 TransactionCommands ......................................................................................... 246

TABLE C–15 User ManagementCommands ..............................................................................246

TABLE C–16 Rules and MonitoringCommands ........................................................................ 247

TABLE C–17 Database Commands ..............................................................................................248

TABLE C–18 Diagnostic and Logging Commands .................................................................... 248

TABLE C–19 Web Service Commands ........................................................................................ 248

TABLE C–20 SecurityCommands ................................................................................................ 249

TABLE C–21 PasswordCommands ............................................................................................. 250

TABLE C–22 VerifyCommand ..................................................................................................... 251

TABLE C–23 Custom MBean Commands .................................................................................. 251

TABLE C–24 ServiceCommand ................................................................................................... 251

TABLE C–25 PropertyCommand ................................................................................................ 252

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200816

Examples

EXAMPLE 18–1 ApplicationsNode Tree Structure ......................................................................... 173

EXAMPLE 18–2 HTTP Service Schematic (DeveloperProle Version) ........................................ 173

EXAMPLE 18–3 HTTP Service Schematic (Cluster and Enterprise Prole Version) ..................174

EXAMPLE 18–4 ResourcesSchematic ............................................................................................... 174

EXAMPLE 18–5 Connector Service Schematic ................................................................................174

EXAMPLE 18–6 JMS Service Schematic ............................................................................................ 175

EXAMPLE 18–7 ORBSchematic ........................................................................................................175

EXAMPLE 18–8 Thread PoolSchematic ...........................................................................................175

EXAMPLE C–1 Passwordlecontents .............................................................................................. 233

Preface

The Administration guide describes the administrative tasks of the Enterprise Server.

This preface contains information about and conventions for the entire Sun GlassFish

Enterprise Server documentation set.

Sun GlassFish Enterprise Server Documentation Set

TABLE P–1 Books in the Enterprise Server Documentation Set

Book Title Description

Documentation Center Enterprise Server documentation topics organized by task and subject.

Release Notes Late-breaking information about the software and the documentation. Includes a

comprehensive, table-based summary of the supported hardware, operating system, Java Development Kit (JDKTM), and database drivers.

Quick Start Guide How to get started with the Enterprise Server product.

Installation Guide Installing the software and its components.

Application Deployment Guide Deployment of applications and application components to the Enterprise Server. Includes

information about deployment descriptors.

Developer’s Guide Creating and implementing Java Platform, Enterprise Edition (Java EE platform) applications

intended to run on the Enterprise Server that follow the open Java standards model for Java EE components and APIs. Includes information about developer tools, security, debugging, and creating lifecycle modules.

Java EE 5 Tutorial Using Java EE 5 platform technologies and APIs to develop Java EE applications.

Java WSIT Tutorial Developing web applications using the Web Service Interoperability Technologies (WSIT).

Describes how, when, and why to use the WSIT technologies and the features and options that each technology supports.

Administration Guide System administration for the Enterprise Server, including conguration, monitoring,

security, resource management, and web services management.

Preface

TABLE P–1 Books in the Enterprise Server Documentation Set (Continued)

Book Title Description

High Availability Administration Guide

Administration Reference Editing the Enterprise Server conguration le, domain.xml.

Performance Tuning Guide Tuning the Enterprise Server to improve performance.

Reference Manual Utility commands available with the Enterprise Server; written in man page style. Includes

Setting up clusters, working with node agents, and using load balancers.

the asadmin command line interface.

Default Paths and File Names

The following table describes the default paths and le names that are used in this book.

TABLE P–2 Default Pathsand File Names

Placeholder Description Default Value

as-install Represents the base installation directory for

Enterprise Server.

SolarisTMand Linux installations, non-root user:

user’s-home-directory/SUNWappserver

Solaris and Linux installations, root user:

/opt/SUNWappserver

Windows, all installations:

SystemDrive:\Sun\AppServer

domain-root-dir Represents the directory containing all

domains.

domain-dir Represents the directory for a domain.

In conguration les, you might see domain-dir represented as follows:

${com.sun.aas.instanceRoot}

instance-dir Represents the directory for a server instance. domain-dir/instance-dir

samples-dir Represents the directory containing sample

applications.

docs-dir Represents the directory containing

documentation.

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200820

All installations:

as-install/domains/

domain-root-dir/domain-dir

as-install/samples

as-install/docs

Typographic Conventions

The following table describes the typographic changes that are used in this book.

TABLE P–3 TypographicConventions

Typeface Meaning Example

Preface

AaBbCc123 Thenames of commands, les, and

directories, and onscreen computer output

AaBbCc123 Whatyou type, contrasted with onscreen

computer output

AaBbCc123 A placeholder to be replaced with a real

name or value

AaBbCc123 Book titles, new terms, and terms to be

emphasized (note that some emphasized items appear bold online)

Symbol Conventions

The following table explains symbols that might be used in this book.

TABLE P–4 SymbolConventions

Symbol Description Example Meaning

[] Contains optional arguments

and command options.

Edit your .login le.

Use ls -a to list all les.

machine_name% you have mail.

machine_name% su

Password:

The command to remove a le is rm lename.

Read Chapter 6 in the User's Guide.

A cache is a copy that is stored locally.

Do not save the le.

ls [-l] The -l option is not required.

{|} Contains a set of choices for a

required command option.

${ } Indicates a variable

reference.

- Joins simultaneous multiple keystrokes.

+ Joins consecutive multiple

keystrokes.

-d {y|n} The -d option requires that you use either the y argument or the n argument.

${com.sun.javaRoot} References the value of the

com.sun.javaRoot variable.

Control-A Press the Control key while you press

the A key.

Ctrl+A+N Press the Control key, release it, and

then press the subsequent keys.

Preface

TABLE P–4 SymbolConventions (Continued)

Symbol Description Example Meaning

→ Indicates menu item

selection in a graphical user interface.

File → New → Templates From the File menu, choose New.

Documentation, Support, andTraining

The Sun web site provides information about the following additional resources:

■

Documentation (http://www.sun.com/documentation/)

■

Support (http://www.sun.com/support/)

■

Training (http://www.sun.com/training/)

Third-PartyWeb Site References

Third-party URLs are referenced in this document and provide additional, related information.

Note – Sun is not responsible for the availability of third-party web sites mentioned in this

document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through such sites or resources.

From the New submenu, choose Templates.

Sun WelcomesYour Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions.

To share your comments, go to provide the document title and part number. The part number is a seven-digit or nine-digit number that can be found on the title page of the book or at the top of the document.

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200822

http://docs.sun.com and click Feedback. In the online form,

CHAPTER 1

Enterprise Server Overview

Sun GlassFish Enterprise Server administration includes many tasks such as deploying applications, creating and conguring domains, server instances and resources; controlling (starting and stopping) domains and server instances, managing proles and clusters, monitoring and managing performance, and diagnosing and troubleshooting problems.

Enterprise Server provides a Java EE compatible server for the development and deployment of Java EE applications and Java Web Services. Key features include scalable transaction management, container-managed persistence runtime, performant web services, clustering, high availability, security, and integration capabilities.

Enterprise Server Overview and Concepts

This section contains the following topics:

■

“Enterprise Server Overview” on page 23

■

“Tools for Administration” on page 24

Enterprise Server Overview

You can congure and monitor Enterprise Server instances and clusters securely and remotely, from a web-based central administration console. The command line interface (CLI) can be used to script and automate processes. A stable JMX API is made available to programmatically monitor the server, query conguration and change conguration data. Monitoring is supported through JMX and SNMP interfaces. Monitoring level may be varied dynamically from OFF to LOW and high, changing the amount of information that is collected.

You can congure and optimize Enterprise Server for a particular type of use by specifying the appropriate prole when you create the application server domain.

Enterprise Server Overview and Concepts

Enterprise Server includes the Metro web services stack (http://metro.dev.java.net). Metro implements important WS-* standards and WS-I standardized interoperability proles in order to assure interoperability between Java and .NET web services.

Enterprise Server includes the implementation of Java Business Integration (JBI) specications. JBI is a Java standard for structuring business systems according to a Service-Oriented Architecture (SOA).

Tools for Administration

The Enterprise Server provides the following administration tools and APIs:

■

“Admin Console” on page 24

■

“Command-line Interface (asadmin Utility)” on page 25

■

“JConsole” on page 25

Admin Console

The Admin Console is a browser-based tool that features an easy-to-navigate interface and online help. The administration server (also called the Domain Administration Server or DAS) must be running to use the Admin Console. To, launch the Administration Console, you must know the administration server hostname and port number. When the Enterprise Server was installed, you chose a port number for the server, or used the default port of 4848. You also specied a user name and master password.

To start the Admin Console, in a web browser type:

http://hostname:port

For example:

http://kindness.sun.com:4848

If the Admin Console is running on the machine on which the Enterprise Server was installed, specify localhost for the host name.

On Windows, start the Enterprise Server Admin Console from the Start menu.

The installation program creates the default administrative domain (named domain1) with the default port number 4848, as well as an instance separate from the domain administration server (DAS). After installation, additional administration domains can be created. Each domain has its own domain administration server, which has a unique port number. When specifying the URL for the Admin Console, be sure to use the port number for the domain to be administered.

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200824

Enterprise Server Overview and Concepts

If your conguration includes remote server instances, create node agents to manage and facilitate remote server instances. It is the responsibility of the node agent to create, start, stop, and delete a server instance. Use the command line interface (CLI) commands to set up node agents.

Command-line Interface (asadmin Utility)

The asadmin utility is a command-line interface for the Sun GlassFish Enterprise Server. Use the asadmin utility and the commands associated with it to perform the same set of administrative tasks oered by the Admin Console. The default installation root directory on Solaris is /opt/SUNWappserver.

To start the asadmin utility, go to the as-install/bin directory and enter:

$ ./asadmin

To list the commands available within asadmin:

asadmin> help

It is also possible to issue an asadmin command at the shell’s command prompt:

$ asadmin help

To view a command’s syntax and examples, type help followed by the command name. For example:

asadmin> help create-jdbc-resource

The asadmin help information for a given command displays the UNIX man page of the command. These man pages are also available in HTML and PDF format in the

Enterprise Server 2.1 Reference Manual

Sun GlassFish

JConsole

JConsole is used to monitor the Sun GlassFish Enterprise Server. You can use either the JConsole remote tab, or the advanced tab to connect to the Enterprise Server.

■

Remote Tab: identify the username, password, administration server host, and JMS port number (8686 by default), and select Connect.

■

Advanced Tab: identify the JMXServiceURL as service:jmx:rmi:///jndi/rmi://host:jms-port/jmxrmi and select Connect. The JMXServerURL is printed in the server.log le as well as output in the command window of the domain creation command.

Chapter 1 • Enterprise Server Overview 25

Enterprise Server Concepts

The Enterprise Server consists of one or more domains. A domain is an administrative boundary or context. Each domain has an administration server (also called Domain Administration Server or DAS) associated with it and consists of zero or more standalone instances and/or clusters. Each cluster has one or more homogeneous server instances. A server instance is a single Java Virtual Machine (JVM) that runs the Application Server on a single physical machine. Server instances (whether standalone or clustered) in a domain can run on dierent physical hosts.

This section contains the following topics:

■

“Domain” on page 26

■

“Domain Administration Server (DAS)” on page 26

■

“Usage Proles” on page 27

■

“Cluster” on page 28

■

“Node Agent” on page 28

■

“Server Instance” on page 29

Domain

A domain is a group of instances that are administered together. However, an application server instance can belong to just one domain. In addition to the administration boundary, a domain provides the basic security structure whereby dierent administrators can administer specic groups (domains) of application server instances. By grouping the server instances into separate domains, dierent organizations and administrators can share a single Enterprise Server installation. Each domain has its own conguration, log les, and application deployment areas that are independent of other domains. If the conguration is changed for one domain, the congurations of other domains are not aected.

The Sun GlassFish Enterprise Server installer creates the default administrative domain (named domain1). It also creates an associated domain administration server (named server). You must provide the administration server port number. The default administration server port is

4848. The installer also queries for the administration username and master password. After installation, additional administration domains can be created.

Domain Administration Server (DAS)

Each domain has its own Domain Administration Server (DAS) with a unique port number. The Admin Console communicates with a specic DAS to administer the associated domain. Each Admin Console session allows you to congure and manage the specic domain.

The Domain Administration Server (DAS), is a specially-designated application server instance that hosts the administrative applications. The DAS authenticates the administrator, accepts requests from administration tools, and communicates with server instances in the domain to

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200826

Enterprise Server Concepts

carry out the requests. The DAS is sometimes referred to as the admin server or default server. It is referred to as the default server because it is the only server instance that gets created on Sun GlassFish Enterprise Server installation and can be used for deployments. The DAS is simply a server instance with additional administration capabilities.

Each Admin Console session allows you to congure and manage a single domain. If you created multiple domains, you must start an additional Admin Console session to manage the other domains. When specifying the URL for the Admin Console, be sure to use the port number of the DAS associated with the domain to be administered.

Usage Proles

Every administrative domain is associated with a usage prole, which identies the capabilities of that domain. Enterprise Server provides the following proles:

■

Developer: Use this prole if you are running your domain in a development environment and if your applications do not need the NSS keystore or clustering features, such as load balancing, and session persistence.

■

Cluster: Use this prole if you need to create clusters but do not require the high-availability database (HADB) or the NSS keystore.

■

Enterprise:: Use this prole if you need HADB and NSS. This prole is usable only if you install HADB and NSS separately or if you install Enterprise Server as part of enterprise oerings, such as Java Enterprise System (JES). For information on how you can use the enterprise prole with Enterprise Server, see Using the Enterprise Prole

The domain provides a precongured runtime for the user applications. Usage proles facilitates the distinction between the Application Server binaries and the runtime conguration. Proles enable you to use the same installation of Enterprise Server to create dierent domains with proles that suit specic needs. For example, a developer may want to use the Enterprise Server to get to know the latest Java EE specications. This developer does not need stringent security settings. Another user who wants to deploy applications in a production environment needs an inherently secure environment.

Table 1–1 lists the features available with each prole:

TABLE 1–1 Features Available for Each Prole

Enterprise Prole (not

Feature Developer Prole Cluster Prole

Security store JKS JKS NSS

Clustering/Standalone instances Not available Available Available

Chapter 1 • Enterprise Server Overview 27

available with Sun GlassFish Communications Server)

Enterprise Server Concepts

TABLE 1–1 Features Available for Each Prole (Continued)

Enterprise Prole (not

Feature Developer Prole Cluster Prole

Security Manager Disabled Enabled Enabled

HADB Not available Not available Available

Load balancing Not available Available Available

Node agents Not available Available Available

available with Sun GlassFish Communications Server)

Cluster

A cluster is a named collection of server instances sharing the same set of applications, resources, and conguration information. A server instance can belong to exactly one cluster. A cluster facilitates server instance load-balancing through distribution of a load across multiple machines. A cluster facilitates high availability through instance-level failover. From an administrative perspective, a cluster represents a virtualized entity in which operations on a cluster (e.g. deployment of an application) act on all instances that make up the cluster.

Horizontal scaling is achieved by adding Enterprise Server instances to a cluster, thereby increasing the capacity of the system. It is possible to add Enterprise Server instances to a cluster without disrupting service. The HTTP, RMI/IIOP, and JMS load balancing systems distribute requests to healthy Enterprise Server instances in the cluster.

High Availability - Availability allows for failover protection of Enterprise Server instances in a cluster. If one application server instance goes down, another Enterprise Server instance takes over the sessions that were assigned to the unavailable server. Session information is stored using the session replication feature or by using the high-availability database (HADB). HADB supports the persistence of HTTP sessions and stateful session beans.

Node Agent

A lightweight agent (e.g. hosting a JMX runtime only) is required on each node in the domain to facilitate remote lifecycle management of instances. Its primary purpose is to start, stop, and create server instances as instructed by the DAS. The Node Agent also acts as a watchdog and restarts failed processes. Like the DAS, the Node Agent should only be required for certain administrative operations and should not be expected to be highly available. However, the Node Agent is an “always on” component, and must be congured to be started by the native O/S node bootstrap (e.g. Solaris/Linux inetd, or as a Windows service). A Node Agent is not required for the DAS.

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200828

Enterprise Server Concepts

Server Instance

The server instance is a single Java EE compatible Java Virtual Machine hosting an Enterprise Server on a single node. Each server instance has a unique name in the domain. A clustered server instance is a member of a cluster and receives all of its applications, resources, and conguration from its parent cluster; ensuring that all instances in the cluster are homogeneous. An unclustered server instance does not belong to a cluster and as such has an independent set of applications, resources, and conguration. The following gure shows an application server instance in detail. The application server instance is a building block in the clustering, load balancing, and session persistence features of the Enterprise Server.

FIGURE 1–1 Enterprise Server Instance

The Sun GlassFish Enterprise Server creates one application server instance, called server,at the time of installation. For many users, one application server instance meets their needs. However, depending upon your environment, you might want to create one or more additional application server instances. For example, in a development environment you can use dierent application server instances to test dierent Enterprise Server congurations, or to compare and test dierent application deployments. Because you can easily add or delete an application server instance, you can use them to create temporary sandbox area for experimentation purposes.

In addition, for each application server instance, you can also create virtual servers. Within a single installed application server instance you can oer companies or individuals domain

Chapter 1 • Enterprise Server Overview 29

Enterprise Server Concepts

names, IP Addresses, and some administration capabilities. For the users, it is almost as if they have their own web server, without the hardware and basic server maintenance. These virtual servers do not span application server instances. For more information about virtual servers,

Chapter 13, “Conguring the HTTP Service.”

see

In operational deployments, for many purposes you can use virtual servers instead of multiple application server instances. However, if virtual servers do not meet your needs, you can also use multiple application server instances. On stopping, application server instance stops accepting new connections, then waits for all outstanding connections to complete. If your machine crashes or is taken oine, the server quits and any requests it was servicing may be lost.

Ports in the Enterprise Server

The following table describes the port listeners of the Enterprise Server.

TABLE 1–2 Enterprise Server Listeners that Use Ports

Listener Default Port Number Description

Administrative server

HTTP 8080 The server listens for HTTP requests on a port. To access deployed Web applications and

HTTPS 8181 Web applications congured for secure communications listen on a separate port.

IIOP 3700 Remote clients of enterprise beans (EJB components) access the beans through the IIOP

IIOP, SSL 3820 Another port is used by the IIOP listener congured for secure communications.

IIOP, SSL and mutual authentication

SIP 5060 The server listens for SIP requests on a port.

SIPS 5061 SIP/converged applications congured for secure communications listen on a separate port.

JMX_ADMIN 8686

JMS 7676

4848 A domain’s administrative server is accessed by the Admin Console and the asadmin utility.

For the Admin Console, specify the port number in the URL of the browser. When executing an asadmin command remotely, specify the port number with the --port option.

services, clients connect to this port.

listener.

3920 Another port is used by the IIOP listener congured for mutual (client and server)

authentication.

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 200830

+ 226 hidden pages

Sun Microsystems GLASSFISH ENTERPRISE 820433510 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Preface

Sun GlassFish Enterprise Server Documentation Set

Default Paths and File Names

Typographic Conventions

Symbol Conventions

Documentation, Support, andTraining

Third-PartyWeb Site References

Sun WelcomesYour Comments

Enterprise Server Overview

Enterprise Server Overview and Concepts

Enterprise Server Overview

Tools for Administration

Admin Console

Command-line Interface (asadmin Utility)

JConsole

Enterprise Server Concepts

Domain

Domain Administration Server (DAS)

Cluster

Node Agent

Server Instance

Ports in the Enterprise Server