JBOSS Topic  - Understanding datasource subsystem


1) types of data source xa & non-xa
2) in our environment we are using both xa & non-xa

How to create a datasource:

Three ways

1) Admin console
2) Using CLI
3) Direct edit of standalone.xml in case of standalone mode
domain.xml/host.xml in case of domain mode


==> Using Admin console
Just show how we can do it.

==> Using CLI(command line interface) mode:
First need to add the module
module add --name=com.oracle.jdbc --resources=/path/to/ojdbc6.jar --dependencies=javax.api,javax.transaction.api
Second define the driver as below
/subsystem=datasources/jdbc-driver=oracle:add(driver-module-name=com.oracle.jdbc,driver-name=oracle,driver-xa-datasource-class-name=oracle.jdbc.xa.client.OracleXADataSource)
Third create a datasource
/subsystem=datasources/data-source=OracleDS:add(jndi-name="java:jboss/datasources/oracleDS",connection-url="jdbc:oracle:thin:@oraclehost:1521:SID",driver-name=oracle,user-name=scott,password=tiger)
Fourth enable the datasource
/subsystem=datasources/data-source=OracleDS:enable(persistent=true)
Fifth To check if your datasource is working correctly, use one of these:
/subsystem=datasources/data-source=OracleDS:test-connection-in-pool

==> Using Direct edit of standalone.xml file

INSTALLING ORACLE JDBC-DRIVER ON WILDFLY / JBOSS
Download the driver: ojdbc[VERSION].jar
Create subfolders [EAP_HOME]/modules/system/layers/base/com/oracle/main/
Copy the downloaded ojdbc[VERSION].jar into the freshly created folder
Create a file module.xml, in the same folder as above, with the contents:

<module xmlns="urn:jboss:module:1.1" name="com.oracle">
  <resources>
    <resource-root path="ojdbc[VERSION].jar"/>
  </resources>
  <dependencies>
    <module name="javax.api"/>
    <module name="javax.transaction.api"/>
  </dependencies>
</module>

In the configuration file standalone.xml add the entry:

<driver name="oracle" module="com.oracle">
 <driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
</driver>

within the <drivers> tag.
Add a datasource definition within the <datasources> tag (next to ExampleDS):

<datasource jndi-name="java:/[NAME]" pool-name="OracleDS" enabled="true">
 <connection-url>jdbc:oracle:thin:@[HOST_NAME]:1521:[SID]</connection-url>
  <driver>oracle[has to match the driver name]</driver>
  <pool>
   <min-pool-size>1</min-pool-size>
   <max-pool-size>5</max-pool-size>
   <prefill>true</prefill>
  </pool>
  <security>
   <user-name>[USER]</user-name>
   <password>[PWD]</password>
  </security>
</datasource>

Create a postgres datasource using jboss CLI:

Create a file called my-script.cli

contents of my-script.cli file:

embed-server 
/system-property=my.config.property:add(value="dev") 
 
module add --name=org.postgresql --resources=~/Downloads/postgresql-9.4-1203.jdbc42.jar --dependencies=javax.api,javax.transaction.api 
 
batch 
/subsystem=datasources/jdbc-driver=org.postgresql:add(driver-name=org.postgresql, driver-module-name=org.postgresql, driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource) 
/subsystem=datasources/data-source=postgresql:add(driver-name=org.postgresql, jndi-name="java:/jdbc/PostgresDS", enabled=true, connection-url="jdbc:postgresql://localhost/test") 
run-batch 
 
 
stop-embedded-server 


Then you'd just run it like

$JBOSS_HOME/bin/jboss-cli.sh --file=my-script.cli

Create a Datasource using CLI mode:

$JBOSS_HOME/bin/jboss-cli.sh --controller=localhost:19990 --connect --file=/u01/app/redhat/config/domains/dev_domain/configuration/create_datasource.cli --properties=/u01/app/redhat/config/domains/dev_domain/configuration/db-config.properties

contents of create_datasource.cli file:
set jdbcUrl=${jdbcUrl}
set username=${username}
set password=${password}
set driver=${driver}
set module=${module}
set resource=${resource}
set jndiname=${jndiname}
set name=${name}
set resource=${resource}


module add --name=$module --resources=$resource --dependencies=javax.api,javax.transaction.api

/subsystem=datasources/jdbc-driver=$driver:add(driver-name=$driver,driver-module-name=$module)

data-source add --jndi-name=$jndiname --name=$name --connection-url=$jdbcUrl --driver-name=$driver --user-name=$username --password=$password

contents of db_config.properties file:

jdbcUrl=jdbc:oracle:thin:@xxx.example.com:1521:DB11gR2

username=system

password=weblogic1

driver=oracle

module=com.oracle

resource=/media/sf_D_DRIVE/shared-files/JBOSS/ojdbc7.jar

name=OraclePool

jndiname=java:/OracleDS

Creating DB vault & Test the connection:

Using CLI commands

Standalone:

/core-service=vault:add(vault-options=[("KEYSTORE_URL" => "PATH_TO_KEYSTORE"), ("KEYSTORE_PASSWORD" => "MASKED_PASSWORD"), ("KEYSTORE_ALIAS" => "ALIAS"), ("SALT" => "SALT"),("ITERATION_COUNT" => "ITERATION_COUNT"), ("ENC_FILE_DIR" => "ENC_FILE_DIR")])

The following is an example of the command with hypothetical values:
/core-service=vault:add(vault-options=[("KEYSTORE_URL" => "/home/user/vault/vault.keystore"), ("KEYSTORE_PASSWORD" => "MASK-3y28rCZlcKR"), ("KEYSTORE_ALIAS" => "vault"), ("SALT" => "12438567"),("ITERATION_COUNT" => "50"), ("ENC_FILE_DIR" => "/home/user/vault/")])

https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform/6.1/html/security_guide/generate_a_ssl_encryption_key_and_certificate

Secure management interfaces in EAP using one way SSL

1 ) Create a keystore to secure the management interfaces.

example:
$ keytool -genkeypair -alias appserver -storetype jks -keyalg RSA -keysize 2048 -keypass password1 -keystore EAP_HOME/standalone/configuration/identity.jks -storepass password1 -dname "CN=appserver,OU=Sales,O=Systems Inc,L=Raleigh,ST=NC,C=US" -validity 730 -v

[jbossuser@redhat keystore]$ keytool -genkeypair -alias appserver -storetype jks -keyalg RSA -keysize 2048 -keypass password1 -keystore $JBOSS_HOME/standalone/configuration/identity.jks -storepass password1 -dname "CN=appserver,OU=Sales,O=Systems Inc,L=Raleigh,ST=NC,C=US" -validity 730 -v Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 730 days for: CN=appserver, OU=Sales, O=Systems Inc, L=Raleigh, ST=NC, C=US [Storing /home/jbossuser/Redhat_EAP-7.1.0/standalone/configuration/identity.jks] Warning: The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /home/jbossuser/Redhat_EAP-7.1.0/standalone/configuration/identity.jks -destkeystore /home/jbossuser/Redhat_EAP-7.1.0/standalone/configuration/identity.jks -deststoretype pkcs12".

NOTE: This keystore must be in JKS format as the management interfaces are not compatible with keystores in JCEKS format.

2) Bind management interface to https.

example:
/core-service=management/management-interface=http-interface:write-attribute(name=secure-socket-binding, value=management-https) /core-service=management/management-interface=http-interface:undefine-attribute(name=socket-binding)

Starting/stopping JBoss from command line when OS reboot

Before this step JBoss should be installed and configured properly.

Linux:
On server (also on developer machine):

Open command prompt
Obtain root privileges: sudo su
Starting JBoss: /etc/init.d/jboss start
Stopping JBoss: /etc/init.d/jboss stop

On developer machine:
Open command prompt
Go to $JBOSS_HOME/bin.
Starting JBoss: run.sh at the command prompt
Stopping JBoss: hit Ctrl+C at the command prompt

Windows:
Open command prompt
Go to $JBOSS_HOME\bin.
Starting JBoss: run.bat at the command prompt
Stopping JBoss: hit Ctrl+C at the command prompt

JBOSS CLI online:

Connect to a standalone instance in online mode as below

$JBOSS_HOME/bin/jboss-cli.sh --controller=remote+http://localhost:19990 --connect

(or)

$JBOSS_HOME/bin/jboss-cli.sh --controller=localhost:19990 --connect

(or)

[jbossuser@redhat bin]$ $JBOSS_HOME/bin/jboss-cli.sh --controller=localhost:19990
You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands.
[disconnected /] connect
[standalone@localhost:19990 /]